2856 Commits (d8dc765f04220a1036e6fb1e59146343b5d378ce)
 

Author SHA1 Message Date
bors[bot] aeb4bddb30
Merge #1910
1910: Smarter default settings for rate limiting r=mergify[bot] a=Diman0

## What type of PR?

enhancement

## What does this PR do?
As discussed during the last meeting (#1582) people have issues with a too low default value for rate limiting. By default rate limiting was also enabled for the internal subnet which caused normal users to block webmail for all users after a couple of failed login attempts on webmail.

As discussed in #1867 we will make the following changes for now.
The default value for AUTH_RATELIMIT_SUBNET is set to False again. 
The default value for AUTH_RATELIMIT is increased to a higher value to prevent issues.

### Related issue(s)
- #1582
- closes #1867

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Diman0 <diman@huisman.xyz>
3 years ago
Diman0 4cfa2dbc2a Increase width of rate limiting text box. 3 years ago
Diman0 588904078e Set default of AUTH_RATELIMIT_SUBNET to False. Increase default AUTH_RATELIMIT value. 3 years ago
bors[bot] bfb2665d58
Merge #1908
1908: Optimize docs/Dockerfile r=mergify[bot] a=Erriez

- Convert .rst to .html in temporary `python:3.8-alpine3.14` build image
- Remove all unused packages
- Use `nginx:1.21-alpine` deployment image

## What type of PR?

Optimize/fix `docs/Dockerfile`

## What does this PR do?

### Related issue(s)
- Mention an issue like: #1851

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.

## Testing

The following tests has been executed locally:

```bash
export DOCKER_ORG=user
export DOCKER_PREFIX=
export MAILU_VERSION=master

cd tests
time docker-compose -f build.yml build --no-cache docs
	real	0m18.850s
	user	0m0.317s
	sys	0m0.124s

docker images
	REPOSITORY                   TAG               IMAGE ID       CREATED              SIZE
	user/docs                    master            3de6c8612cf3   19 seconds ago       38.1MB

docker run -it --rm --name mailu-docs -p 80:80 user/docs:master

Open web browser:
	Clear caches
	http://localhost:80/master
```

Co-authored-by: Erriez <Erriez@users.noreply.github.com>
3 years ago
Erriez 44e963ab1a
Merge branch 'master' into fix-docs-image 3 years ago
Erriez 98933f9478 Optimize docs/Dockerfile
- Convert .rst to .html in temporary python:3.8-alpine3.14 build image
- Remove all unused packages
- Use nginx:1.21-alpine deployment image
3 years ago
bors[bot] f9e49dc43a
Merge #1877
1877: Fix missing bullet points and styling in documentation r=nextgens a=Diman0

## What type of PR?
Bug-fix

## What does this PR do?
It brings back the bullet points and correct styling to the documentation.
Conf.py was missing an extension declaration.
The requirement docutils was missing. Currently Sphinx only supports docutils 0.16. 

To see the issue yourself compare
Ok: https://mailu.io/1.7/
Not Ok: https://mailu.io/1.8.

### Related issue(s)
- None

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Diman0 <diman@huisman.xyz>
3 years ago
Dimitri Huisman 609e0f9f7c
Env vars are not shared between jobs 3 years ago
bors[bot] a226392bf6
Merge #1851
1851: Upgrade alpine r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Upgrade all the images to alpine 3.14 and switch from libressl to openssl on the admin container to work around a bug in alpine

### Related issue(s)

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Florent Daigniere 2b63280f59 doh 3 years ago
Florent Daigniere ccb3631622 still need pip3 3 years ago
Florent Daigniere defea3258d update arm builds too 3 years ago
Florent Daigniere d44608ed04 Merge remote-tracking branch 'upstream/master' into upgrade-alpine 3 years ago
Florent Daigniere f8362d04e4 Switch to openssl to workaround alpine #12763 3 years ago
Florent Daigniere 3471ebb214 Allow specific users to send email from any address 3 years ago
bors[bot] 6ea4e3217a
Merge #1901
1901: treat localpart case insensitive again r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

fixes error introduced by #1604 where the localpart of an email address was handled case sensitive.
this screwed things up at various other places.
 
### Related issue(s)

closes #1895
closes #1900

Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3 years ago
Alexander Graf 6856c2c80f treat localpart case insensitive again
by lowercasing it where necessary
3 years ago
bors[bot] 656cf22126
Merge #1856
1856: update asset builder dependencies r=mergify[bot] a=ghostwheel42

## What type of PR?

update asset builder dependencies

## What does this PR do?

only include needed dependencies to build mailu assets with nodejs v8

### Related issue(s)

update dependencies as discussed in #1829


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3 years ago
bors[bot] 9289fa6420
Merge #1896
1896: save dkim key after creation r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

saves generated dkim key after creation vi web ui.
after the model change the domain object needs to be added and flushed via sqlalchemy.

### Related issue(s)

closes #1892


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3 years ago
bors[bot] 9a4c6385e5
Merge #1888
1888: Use threads in gunicorn rather than workers/processes r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR do?

This ensures that we share the auth-cache... will enable memory savings
and may improve performances when a higher number of cores is available

"smarter default"

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Alexander Graf 54b46a13c6 save dkim key after creation 3 years ago
bors[bot] bf65a1248f
Merge #1885
1885: fix 1884: always lookup a FQDN r=mergify[bot] a=nextgens

## What type of PR?

bugfix

## What does this PR do?

Fix bug #1884. Ensure that we avoid the musl resolver bug by always looking up a FQDN

### Related issue(s)
- closes #1884

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
bors[bot] bace7ba6e3
Merge #1890
1890: fix Email class in model.py r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

fixes class Email - keep email, localpart and domain in sync.

### Related issue(s)

closes #1878


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3 years ago
Alexander Graf ad1b036f20 fix Email class 3 years ago
bors[bot] f8db4a0531
Merge #1887
1887: Docs: Limit fail2ban matches to front container r=mergify[bot] a=networkException

## What type of PR?

documentation

## What does this PR do?

Previously fail2ban matched against all journal entries. This pull request adds a tag to the logdriver and fail2ban filter documentation that limits the matches to entries from the front container

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: networkException <git@nwex.de>
3 years ago
bors[bot] e72f2dead5
Merge #1886
1886: Fix 1294: ensure podop's socket is owned by postfix r=mergify[bot] a=nextgens

## What type of PR?

bugfix

## What does this PR do?

Ensure that the podop socket is always owned by the postfix user (wasn't the case when build using non-standard base images... typically for arm64)

### Related issue(s)
- closes #1294

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Florent Daigniere 8d9f3214cc Use threads in gunicorn rather than processes
This ensures that we share the auth-cache... will enable memory savings
and may improve performances when a higher number of cores is available

"smarter default"
3 years ago
networkException 8235085848
Docs: Limit fail2ban matches to front container
Previously fail2ban matched against all journal entries. This patch
adds a tag to the logdriver and fail2ban filter documentation that
limits the matches to entries from the front container
3 years ago
Florent Daigniere fa915d7862 Fix 1294 ensure podop's socket is owned by postfix 3 years ago
Florent Daigniere 9d2629a04e fix 1884: always lookup a FQDN 3 years ago
bors[bot] 56a6821875
Merge #1880
1880: Update jquery dependency  of setup and set pinned versions r=mergify[bot] a=Diman0

## What type of PR?

enhancement

## What does this PR do?
Update used jquery javascript files.
Also sets pinned (fixed) versions in requirements.txt. I set the same versions as used in requirements-prod.txt for the admin image. 

### Related issue(s)
- Update dependencies as discussed in #1829 
- closes #1868

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.


- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
3 years ago
Dimitri Huisman 67e00bb1e7 Add changelog 3 years ago
Dimitri Huisman b0fb9d822b Adapt requirements.txt to use pinned versions. 3 years ago
Dimitri Huisman b140fa54ac Update jquery js dependencies in setup 3 years ago
Diman0 64bf75efb1 Added missing extension in conf.py. Added missing library in requirements.txt. Sphinx is only compatible with docutils<0.17 3 years ago
Yaron Shahrabani 1aeff3b67c
Added a change note
As per https://github.com/Mailu/Mailu/pull/1873#issuecomment-882271176
3 years ago
bors[bot] 0031f262cc
Merge #1871
1871: Replace PUBLIC_HOSTNAME/IP with real data in Received headers r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

This will ensure that we don't get spam points for not respecting the RFC (gmail is notorious for not liking it)

### Related issue(s)
- close #1448
- #466
- #191

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
bors[bot] d010f1d30d
Merge #1874
1874: Remove dot in blueprint name to prevent critical flask error r=mergify[bot] a=Diman0

## What type of PR?

Bug-fix 

## What does this PR do?
Currently setup uses the version (1.7, 1.8, master) as the blueprint name for the setup flask instance. Flask introduced a breaking change that does not allow a dot in the blueprint name anymore. As a result the setup container does not start. This PR contains the bug fix for this issue.


```
stable_1       |   File "/app/server.py", line 58, in build_app
stable_1       |     prefix_bp = flask.Blueprint(version, __name__)
stable_1       |   File "/usr/local/lib/python3.9/site-packages/flask/blueprints.py", line 195, in __init__
stable_1       |     raise ValueError("'name' may not contain a dot '.' character.")
stable_1       | ValueError: 'name' may not contain a dot '.' character.
stable_1       | Traceback (most recent call last):
```

 See https://flask.palletsprojects.com/en/2.0.x/changes/
```
Show an error when a blueprint name contains a dot. The . has special meaning, it is used to separate (nested) blueprint names and the endpoint name. #4041
```

### Related issue(s)
- #1814
- Closes #1818
- Closes #1869

I will close the linked issues personally once I have made the necessary changes on the infra machine after the backported PR has been merged. 

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
3 years ago
Dimitri Huisman 2e883c7ae2 Add changelog 3 years ago
Dimitri Huisman 06019452e3 Remove dot in blueprint name to prevent critical flask initialisation error. 3 years ago
Yaron Shahrabani e0bf75ae17
Completed Hebrew translation 3 years ago
Florent Daigniere 1d65529c94 The lookup could fail; ensure we set something 3 years ago
Florent Daigniere 8bc1d6c08b Replace PUBLIC_HOSTNAME/IP in Received headers
This will ensure that we don't get spam points for not respecting the
RFC
3 years ago
bors[bot] c5ff72d657
Merge #1857
1857: disable startdate when autoreply is disabled r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

disable the reply startdate field when autoreply is disabled


Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
3 years ago
bors[bot] de0536c694
Merge #1858
1858: Docs: Replace hardcoded journald logpath with systemd backend r=mergify[bot] a=networkException

The file at /var/log/messages is not universal for every
distribution. Fail2ban can access journald logs directly
by using the systemd backend.

## What type of PR?

documentation

## What does this PR do?

The path /var/log/messages does not apply for Ubuntu 20.04 for example, because of that I have looked
at alternative ways to access journald in fail2ban. The proper way seems to be to use the systemd
backend, this patch updates the documentation accordingly.

### Related issue(s)
*none*

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: networkException <git@nwex.de>
3 years ago
bors[bot] 0147b19064
Merge #1862
1862: fix #1861: allow colons in passwords: fix the parsing of http-basic auth headers r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Fix a bug preventing colons from being used in passwords when using radicale/webdav.
Thank you to @parisni for reporting it and @ghostwheel42 for spotting it.

### Related issue(s)
- close #1861

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Florent Daigniere a0dcd46483 fix #1861: Handle colons in passwords 3 years ago
networkException a2cf13c548
Template: Update link to changelog entry documentation for pull requests 3 years ago
networkException f80e04a8c5
Docs: Replace hardcoded journald logpath with systemd backend
The file at /var/log/messages is not universal for every
distribution. Fail2ban can access journald logs directly
by using the systemd backend.
3 years ago
Alexander Graf 180026bd77 also disable startdate 3 years ago