Dimitri Huisman
fb0f005343
Get rid of complicated prefix logic. Further simplify /static handling and nginx config.
3 years ago
Dimitri Huisman
da788ddee3
Merge branch 'fix-sso-1929' of github.com:Diman0/Mailu into fix-sso-1929
3 years ago
Dimitri Huisman
bdcc183165
Redirect to configured ENV VAR for Admin/Webmail, further simplify nginx config.
3 years ago
Dimitri Huisman
f1a60aa6ea
Remove unneeded auth_request_set
3 years ago
Florent Daigniere
d3f07a0882
Simplify the handling of /static
3 years ago
Florent Daigniere
aee089f3b1
Ensure that static assets are readable
3 years ago
Dimitri Huisman
48764f0400
Ensure all requests from the page sso go through the page sso.
3 years ago
Dimitri Huisman
5232bd38fd
Simplify webmail logout.
3 years ago
Dimitri Huisman
5d81846c5d
Introduce the shared stub /static for providing all static files
3 years ago
Dimitri Huisman
eb74a72a52
Moved locations to correct area in nginx.conf.
3 years ago
Dimitri Huisman
aa7380ffba
Doh!
3 years ago
Dimitri Huisman
44d2448412
Updated SSO logic for webmails. Fixed small bug rate limiting.
3 years ago
Dimitri Huisman
ed7adf52a6
Merge branch 'master' of github.com:Diman0/Mailu into fix-sso-1929
3 years ago
Dimitri Huisman
913a6304a7
Finishing touches. Introduce /static stub for handling all static files.
3 years ago
Diman0
41f5b43b38
Set nginx logging to level info again.
3 years ago
Diman0
f4cde61148
Make header translatable. More finishing touches.
3 years ago
Diman0
9894b49cbd
Merge/Update with changes from master
3 years ago
Florent Daigniere
89ea51d570
Implement rate-limits
3 years ago
Diman0
bf0aad9820
Merge branch 'master' of github.com:Mailu/Mailu into fix-sso-1929
3 years ago
Alexander Graf
1e8b41f731
Merge remote-tracking branch 'upstream/master' into adminlte3_fixes
3 years ago
bors[bot]
d464187477
Merge #1964
...
1964: Alpine3.14.2 r=mergify[bot] a=nextgens
Upgrade to alpine 3.14.2, retry upgrading unbound & switch back to libressl
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
3 years ago
Alexander Graf
a319ecde29
also precompress static txt files
3 years ago
Alexander Graf
b445d9ddd1
set expire headers only for mailu content
...
also moved robots.txt from config to static folder.
3 years ago
Alexander Graf
698ee4e521
added tiff and webp to list of cached content
3 years ago
Florent Daigniere
72ba5ca3f9
fix 1789: ensure that nginx resolves ipv4 addresses
3 years ago
Diman0
b148e41d9b
Fix nginx config
3 years ago
Alexander Graf
f4e7ce0990
enabled caching, gzip and robots.txt
3 years ago
Alexander Graf
103918ba57
pre-compress assets (*.ico for now)
3 years ago
Alexander Graf
39d7a5c504
pngcrushed images
3 years ago
Diman0
960033525d
configure sso in nginx
3 years ago
Diman0
8868aec0dc
Merge master. Make sso login working for admin.
3 years ago
Florent Daigniere
d7c2b510c7
Give alpine 3.14.2 a shot
3 years ago
Florent Daigniere
394c2fe22c
Document REAL_IP_HEADER and REAL_IP_FROM
...
Fix a security vulnerability whereby we were not clearing other headers
3 years ago
Florent Daigniere
6bba0cecfc
Strip the Forwarded header since nothing is compatible with it yet
3 years ago
Florent Daigniere
3e676e232a
fix #1270
3 years ago
Jack Murray
dd127f8f06
Change letsencrypt timer from 1h --> 1 day
...
There's no need to be calling certbot so frequently
3 years ago
Florent Daigniere
6704cb869a
Switch to 3072bits dhparam (instead of 4096bits)
...
We aim for 128bits of security here
3 years ago
Jack Murray
e304c352a1
Change letsencrypt timer from 1h --> 1 day
...
There's no need to be calling certbot so frequently
3 years ago
Florent Daigniere
c76a76c0b0
make it optional, add a knob
3 years ago
Florent Daigniere
109a8aa000
Ensure that we always have CERT+INTERMEDIARY CA
...
Let's encrypt may change things up in the future...
3 years ago
Florent Daigniere
974bcba5ab
Restore LOGIN as tests assume it's there
3 years ago
Florent Daigniere
12c842c4b9
In fact in fullchain we want all but the last
3 years ago
Florent Daigniere
24f9bf1064
format certs for nginx
3 years ago
Florent Daigniere
98b903fe13
don't send the rootcert
3 years ago
Florent Daigniere
92ec446c20
doh
3 years ago
Florent Daigniere
f05cc99dc0
Add ECC certs for modern clients
3 years ago
Florent Daigniere
cb68cb312b
Reduce the size of the RSA key to 3072bits
...
This is already generous for certificates that have a 3month validity!
We rekey every single time.
3 years ago
Florent Daigniere
5e7d5adf17
AUTH shouldn't happen on port 25
3 years ago
Florent Daigniere
7285c6bfd9
admin won't understand LOGIN
3 years ago
bors[bot]
48f3b1fd49
Merge #1656
...
1656: Add ability to set no WEBROOT_REDIRECT to Nginx r=mergify[bot] a=DavidFair
## What type of PR?
Enhancement / Documentation
## What does this PR do?
From commit:
---
Adds a 'none' env option to WEBROOT_REDIRECT so that no `location /`
configuration is written to nginx.conf.
This is useful for setting up Mailu and Mailman where we override the
root to proxy to the mailing list server instead. Without this change
the nginx container will not start, or for 1.7 users can set their
WEBMAIL_PATH to / with no webmail to get the same results.
This fix means that future users don't have to choose between webmail
and a root override and makes the configuration intention clear.
---
I've also added bullet points to break up a long flowing sentence in `configuration.rst` - it should be a bit easier to read now
### Related issue(s)
No Related Issue - I just jumped to a PR
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
@ Maintainers - Is this worthy of the changelog, it's useful to know about but I imagine the number of people it affects is equally minimal?
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/guide.html#changelog ) entry file.
Co-authored-by: David Fairbrother <DavidFair@users.noreply.github.com>
3 years ago