Commit Graph

174 Commits (f6de2b293870569427d3d232a9b251ea52a7b3be)

Author SHA1 Message Date
Dimitri Huisman f6de2b2938 Switch from docker build to buildx for CI/CD.
- The main workflow file has been optimised and simplified.
- Images are built in parallel when building locally resulting in faster build times.
- The github action workflow is about 50% faster.
- Arm images are built as well. These images are not tested due to restrictions of github actions (no arm runners). The tags of the images have -arm appended to it.
- Arm images can also be built locally.
- Reusable workflow is introduced for building, testing and deploying the images.
  This allows the workflow to be reused for other purposes in the future.
- Workflow can be manually triggered. This allows forked Mailu projects to also use the workflow for building images.
bors[bot] e50f6c58c0
Merge
2360: roundcube: disable apache2 access log r=mergify[bot] a=pommi

## What type of PR?

bug-fix

## What does this PR do?

It disables the access log of apache2 in the roundcube webmail container. Requests are already logged by the front container. The requests logged in the roundcube container contained contained the wrong client IP: the IP address of the front container.

----

Original PR:

~~Roundcube webmail is accessed through the nginx reverse proxy in the front container. Each access logline logged by apache2 in the roundcube container did not contain the actual client IP address, but the IP address of the front container, for example:~~

```
192.168.203.3 - - [28/May/2022:12:33:52 +0000] "POST /?_task=mail&_action=refresh HTTP/1.1" 200 677 "https://[REDACTED]/roundcube/?_task=mail&_mbox=INBOX" "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0"
^
IP address of the front container
```

~~By enabling the apache2 remoteip module and configuring it to get the actual client IP address from the X-Forwarded-For header, it logs the correct client IP address to the access log.~~

### Related issue(s)
- None

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

**No changelog or documentation necessary for this minor change.**


Co-authored-by: Pim van den Berg <pim@nethuis.nl>
Pim van den Berg 6f884c6c93 roundcube: disable access log
As per discussion in : The front container (nginx reverse proxy) is
already logging all requests, disable the access logs for apache2 in the
roundcube container completely.
Eddy Vervest baea3d4086
Update Dockerfile
missed this one
Eddy Vervest c4c442d000
Update Dockerfile
apt is intended for interactive usage, for scripts use apt-get (https://manpages.debian.org/bullseye/apt/apt.8.en.html) to avoid warnings.
Pim van den Berg e8b7d6afed roundcube: log actual client ip by using apache2 remoteip
Roundcube webmail is accessed through the nginx reverse proxy in the
front container. Each access logline logged by apache2 in the roundcube
container did not contain the actual client IP address, but the IP
address of the front container, for example:

> 192.168.203.3 - - [28/May/2022:12:33:52 +0000] "POST /?_task=mail&_action=refresh HTTP/1.1" 200 677 "https://[REDACTED]/roundcube/?_task=mail&_mbox=INBOX" "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0"
  ^
  IP address of the front container

By enabling the apache2 remoteip module and configuring it to get the
actual client IP address from the X-Forwarded-For header, it logs the
correct client IP address to the access log.
the-djmaze a3c01a2bbf
Update application.ini
`contacts_autosave` is part of `[defaults]`, not `[plugins]`
bors[bot] bcecbda9de
Merge
2195: roundcube: Add /overrides directory in include r=mergify[bot] a=mnival

Added the /overrides directory in the roundcube config.inc.php file

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)
none

Co-authored-by: mnival <1595998+mnival@users.noreply.github.com>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
bors[bot] b73963aae5
Merge
2207: Update webmail container configuration to support MESSAGE_SIZE_LIMIT r=mergify[bot] a=marioja

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)
- Auto close an issue like: closes  

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Mario Jauvin <marioja@users.noreply.github.com>
Mario Jauvin 490e27e229 Start fastcgi process manager after config files updated
bors[bot] 6d348b1650
Merge
2196: roundcube-carddav : Use des_key for pwstore_scheme  r=nextgens a=mnival

roundcube-carddav: Configuring pwstore_scheme in carddav plugin with des_key because Mailu is incompatible with encrypted

https://github.com/mstilkerich/rcmcarddav/blob/master/doc/ADMIN-SETTINGS.md#password-storing-scheme

## What type of PR?

bug-fix

## What does this PR do?

### Related issue(s)
- closes 

Co-authored-by: mnival <1595998+mnival@users.noreply.github.com>
Mario Jauvin e47d9bf9be Revert "Set client_max_body_size in default nginx config file"
This reverts commit db39d6b1e2.
Mario Jauvin db39d6b1e2 Set client_max_body_size in default nginx config file
Mario Jauvin 53a8543772 update permission
Mario Jauvin 5a909bd45d Add config.py and set permissions
Mario Jauvin 7dc9802447 Added subprocess import
Mario Jauvin a9f4fc1b3c Use MESSAGE_SIZE_LIMIT in webmail container also
The webmail container should use the same value as the front container.
mnival 5695bbb0f6 Configuring pwstore_scheme in carddav plugin with des_key because Mailu is incompatible with encrypted
Eric d9ea9f7009
Update php.ini
matching rainloop php to roundcube's: timezone is a parameter in mailu.env
mnival 4b9781210f Add /overrides directory in include
Alexander Graf 37855153b8
fixed plugin path
willofr 93a94d33ce
update roundcube to 1.5.2 (security fix)
New roundcube release (1.5.2) where a XSS is addressed: https://roundcube.net/news/2021/12/30/update-1.5.2-released
bkraul d494dd7d2a Fixes
Dimitri Huisman b248026933 Fix . Gpg-agent package was missing for roundcube image.
Florent Daigniere 6d5926ef29 prettify
Dimitri Huisman 385cb28bf2 Correctly calculate and set SESSION_TIMEOUT in roundcube
Dimitri Huisman ab80316df6 Fix error in roundcube config
Florent Daigniere 3a46ee073c Make roundcube use SESSION_TIMEOUT
Alexander Graf 1a41657f90
add documentation, allow overrides, clean plugins
Alexander Graf b3d48cc20f
fixed health check
Alexander Graf e7e283663d
Merge remote-tracking branch 'upstream/master' into update_roundcube
Alexander Graf 64acfacc73
duh. typo
Alexander Graf 547ad253e1
added plugin selection, derive key, clean env
Alexander Graf 7c2c2dc65a
updated to carddav 4.3.0
Alexander Graf 1ebdb26979
updated to rc 1.5.1
Dimitri Huisman f7677543c6 Process code review remarks
- Moved run to bottom of Dockerfile to allow using unmodified / cached states.
- Simplified bash code in deploy.sh.
- Improved the large bash one-liner in CI.yml. It could not handle >9 for 1.x.
Dimitri Huisman 56dd70cf4a Implement versioning for CI/CD workflow (see ).
Alexander Graf 423b8a6b9b
Merge branch 'master' into update_roundcube
DjVinnii a6beb234ff Set timezone in roundcube.ini
DjVinnii 225160610b Set default TZ in Dockerfiles
Alexander Graf 6003e11533 duh. add timezone (again)
Alexander Graf 949efcf537 prevent endless redirect loop on nginx failure
Alexander Graf c89045ed03 duh
Alexander Graf 920ac4cd21 updated to php8. fixed login. fixed max_filesize.
Alexander Graf 46d27e48ff Merge remote-tracking branch 'upstream/master' into update_roundcube
DjVinnii a1f0c20583 Add tzdata to webmails
Alexander Graf ee45475567 updated roundcube. added cleanup run at startup
Dimitri Huisman 5232bd38fd Simplify webmail logout.
Dimitri Huisman 44d2448412 Updated SSO logic for webmails. Fixed small bug rate limiting.
Alexander Graf ef9e1ac279 remove health check from log