56 Commits (e548c4e531a9e465647ace70787a540b3d4e050c)

Author SHA1 Message Date
bors[bot] d3a5c70589 Merge #907
907: Don't generate the clamav configuration if ANTIVIRUS is none. r=mergify[bot] a=mvaled

## What type of PR?

bug-fix

## What does this PR do?

Avoid rspamd to try to connect to clamav if you choose ANTIVIRUS="none".  Otherwise the rspamd will try to connect to none, timing out several times and leading to poor performance.

I have a server without CLAMAV; and I'm getting times up to 45s:

```
$ grep 'CLAMAV' ~/downloads/logs-from-antispam-in-mailu-security-5d75fb987-kv958.txt | grep -o 'time: [^m]*'
time: 45011.089
time: 45126.002
time: 45002.024
time: 45037.436
time: 45006.775
...
```

Mails for which clamav is not used range from a tens of miliseconds to a few hundred.


## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.


Co-authored-by: Manuel Vázquez Acosta <manuel@merchise.org>
7 years ago
bors[bot] 86b4242f82 Merge #886
886: Ipv6 support r=mergify[bot] a=muhlemmer

## What type of PR?

(Feature, enhancement, bug-fix, documentation) -> A bit of everything

## What does this PR do?

Document how to use ipv6nat. This, however triggers some kind of flaky behavior with the Docker DNS resolver, resulting in lookup failures between containers.  So all resolving needs to be done during container startup/configuration.

In order not to pollute every single start.py file, we've created a small library called [Mailu/MailuStart](https://github.com/Mailu/MailuStart). As an addition, this library also defines the template generation function, including its logging facility.

Note: `docker-compose.yml` downgrade is necessary, as IPv6 settings are not supported by the Docker Compose file format 3 😞  

### Related issue(s)
Supersedes  PR #844
- Fixes #827 
- Hopefully helps with #829 and #834

## No backport yet

This PR directly imports MailuStart from git. This makes it a bit more simple to implement on the short term an do some testing and probably some future improvements. When everything is proved stable, we will create a proper PyPi package with versioning and consider back porting.

## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.


Co-authored-by: Ionut Filip <ionut.philip@gmail.com>
Co-authored-by: Tim Möhlmann <muhlemmer@gmail.com>
7 years ago
Manuel Vázquez Acosta 611363cbe4
Don't generate the clamav configuration if ANTIVIRUS is none.
Otherwise the rspamd will try to connect to none, timing out several times and
leading to poor performance.
7 years ago
Ionut Filip 004a431e97
Change to mailustart functions 7 years ago
Ionut Filip 9684ebf33f Use mailustart package from git 7 years ago
Thomas Sänger f50995b5e6
unbound: drop privileges after binding to port 7 years ago
Tim Möhlmann 049ca9941f
Cleanup syntax and fix typo 7 years ago
Tim Möhlmann 7d01bb2a4d
LOG_LEVEL docs and changelog entry 7 years ago
Tim Möhlmann b04a9d1c28
Implement debug logging for template rendering 7 years ago
Tim Möhlmann b9313488dd
Add logging for tenacity.retry
In the process we found that the previous way of tenacity syntax caused it not to honor any args.
In this commit we've refactored to use the @decorator syntax, in which tenacity seems to behave better.
7 years ago
Tim Möhlmann 8172f3eab8
Move the Mailu Docker network to a fixed subnet.
This will make network configuration and host based authentication
more robust, across different deployment platforms.
The options `RELAYNETS` and`POD_ADDRESS_RANGE` are kept for compatibility.
However, their usage have become optional.
7 years ago
mergify[bot] 5c24390114
Merge pull request #697 from HorayNarea/fix-missing-dkim
allow DKIM-signing if From-Header and Auth-User mismatch - fix #462
7 years ago
mergify[bot] e08f3e81d0
Merge pull request #680 from usrpro/feat-startup
Standarize images
7 years ago
Thomas Sänger 13bc6261e4
allow DKIM-signing if From-Header and Auth-User mismatch 7 years ago
Tim Möhlmann 42e2dbe35d
Standarize image by using shared / similair layers 7 years ago
Tim Möhlmann 903bb70c5b
Merge remote-tracking branch 'upstream/master' into standarize-images 7 years ago
Thomas Sänger 9ba086fcff
store rspamd history in redis 7 years ago
Tim Möhlmann bcfce27ee2
Standarize unbound, prepare for setup inclusion
- Use jinja template for configuration file (start.py)
- Limit access to the Mailu subnet
- Implement health checks
7 years ago
Ionut Filip 8a44a44688
Merge branch 'master' into feat-startup 7 years ago
Ionut Filip 1187cac5e1 Finished up switching from .sh to .py 7 years ago
Ionut Filip eb7dfb5771 Cleaning up start.py 7 years ago
Thomas Sänger 603b6e7390
Merge pull request #2 from usrpro/fix-nginx-healthcheck
Fix nginx healthcheck
7 years ago
Tim Möhlmann 81b24f61e8
Merge branch 'master' into feat-healthchecks 7 years ago
Tim Möhlmann a2fea36c79
Increase HEALTHCHECK start time for services that need to wait for host resolving during startup.
In Docker Swarm mode the services listed below can get stuck in their start script, while they
are waiting for other services become available. Now, with HEALTHCHECK enabled, docker does not resolve
names of services that not pass HEALTHCHECK yet. Meaning that if one of the depenend services is not yet
available, it will create a chain of failing services.

The services below retry to resolve 100 time, with an average of 3.5 seconds. Hence, the --start-time
flag is now set at 350 seconds.
- dovecot (imap)
- postfix (smtp)
- rspamd (antispam)
7 years ago
mergify[bot] 118ea0f3fb
Merge pull request #604 from ofthesun9/feature-swarm
Enabling swarm deployment on master branch
7 years ago
ofthesun9 86bdce8407 Explicitely specify the fuzzy worker listen address 7 years ago
ofthesun9 cec5c1b16b Merge branch 'master' into feat-fuzzyhashes 7 years ago
Thomas Sänger 39272ab05c
add healthcheck for http services 7 years ago
mergify[bot] 39f58c03ff
Merge pull request #644 from usrpro/fix-alpine-38
Move to alpine:3.8. Fixes #625 and #627
7 years ago
Tim Möhlmann 2c7a5a97e4
Move to alpine:3.8. Fixes #625 and #627 7 years ago
kaiyou 00b5ae11db
Merge branch 'master' into feat-abstract-db 7 years ago
ofthesun9 1f71d10899 Change POD_ADDRESS_RANGE introduction like it is done on deovecot-sql.conf.ext 7 years ago
ofthesun9 13146be57e Merge branch 'master' into feature-swarm 7 years ago
ofthesun9 6b34b2728e Declare fuzzy_worker port 11335 in EXPOSE section 7 years ago
ofthesun9 0eb963eb21 Merge branch 'master' into feat-fuzzyhashes 7 years ago
ofthesun9 74796201ec Merge branch 'master' into feature-swarm 7 years ago
Tim Möhlmann 0817629869
Increase attempts as it failed on fresh Swarm host 7 years ago
Tim Möhlmann 16469d7282
Upgrade to newer pip version 7 years ago
Tim Möhlmann 1bae5968ad
Import tenacy and fix syntax errors 7 years ago
Tim Möhlmann c457ccfa60
Use tenacity for resolver retries 7 years ago
Tim Möhlmann d6c386651d
Merge branch 'master' into fix-swarm-start 7 years ago
Thomas Sänger 76923d80d8
implement support for ARC 7 years ago
kaiyou 2cba045013 Explicitely declare required volumes, fixes #568 7 years ago
kaiyou f9c6c98180 Remove fetchmail dependency to the databse 7 years ago
ofthesun9 23e288aadc Enabling swarm deployment on master branch:
-Extends the usage of POD_ADDRESS_RANGE
-Provides documentation
7 years ago
Tim Möhlmann cc8e15748b Retry 10 times when resolving fails in start.py scripts 7 years ago
ofthesun9 12294a6e5a Trying to enable fuzzy hashes for rspamd 7 years ago
Pierre Jaury 52d89b2f5d Fix rspamd behavior, currently failing due to worker-fuzzy 8 years ago
Mildred Ki'Lya ae8c9f5a6b Add various environment variables to allow running outside of docker-compose 8 years ago
kaiyou d1dbba2d3a Add expose instructions in Dockerfiles, fixes #392 8 years ago