paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into admin-login

master
André Peters 2019-03-18 02:03:59 +01:00 committed by GitHub
parent ae19d81f2d d8e356f590
commit 3d8a46357b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 123 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
data/Dockerfiles/acme/docker-entrypoint.sh
View File

@ -42,7 +42,6 @@ mkdir -p ${ACME_BASE}/acme
[[ -f ${ACME_BASE}/acme/private/privkey.pem ]] && mv ${ACME_BASE}/acme/private/privkey.pem ${ACME_BASE}/acme/key.pem [[ -f ${ACME_BASE}/acme/private/privkey.pem ]] && mv ${ACME_BASE}/acme/private/privkey.pem ${ACME_BASE}/acme/key.pem
[[ -f ${ACME_BASE}/acme/private/account.key ]] && mv ${ACME_BASE}/acme/private/account.key ${ACME_BASE}/acme/account.pem [[ -f ${ACME_BASE}/acme/private/account.key ]] && mv ${ACME_BASE}/acme/private/account.key ${ACME_BASE}/acme/account.pem
reload_configurations(){ reload_configurations(){
# Reading container IDs # Reading container IDs
# Wrapping as array to ensure trimmed content when calling $NGINX etc. # Wrapping as array to ensure trimmed content when calling $NGINX etc.
@ -156,6 +155,7 @@ else
exec env TRIGGER_RESTART=1 $(readlink -f "$0") exec env TRIGGER_RESTART=1 $(readlink -f "$0")
fi fi
fi fi
chmod 600 ${ACME_BASE}/key.pem
log_f "Waiting for database... " no_nl log_f "Waiting for database... " no_nl
while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
@ -196,6 +196,9 @@ while true; do
log_f "Using existing Lets Encrypt account key ${ACME_BASE}/acme/account.pem" log_f "Using existing Lets Encrypt account key ${ACME_BASE}/acme/account.pem"
fi fi
chmod 600 ${ACME_BASE}/acme/key.pem
chmod 600 ${ACME_BASE}/acme/account.pem
# Skipping IP check when we like to live dangerously # Skipping IP check when we like to live dangerously
if [[ "${SKIP_IP_CHECK}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then if [[ "${SKIP_IP_CHECK}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
SKIP_IP_CHECK=y SKIP_IP_CHECK=y

35
data/Dockerfiles/phpfpm/docker-entrypoint.sh
View File

@ -25,23 +25,26 @@ CONTAINER_ID=
# Todo: Better check if upgrade failed # Todo: Better check if upgrade failed
# This can happen due to a broken sogo_view # This can happen due to a broken sogo_view
[ -s /mysql_upgrade_loop ] && SQL_LOOP_C=$(cat /mysql_upgrade_loop) [ -s /mysql_upgrade_loop ] && SQL_LOOP_C=$(cat /mysql_upgrade_loop)
CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" | jq -rc "select( .name | tostring | contains(\"mysql-mailcow\")) | .id") until [[ ! -z "${CONTAINER_ID}" ]] && [[ "${CONTAINER_ID}" =~ ^[[:alnum:]]*$ ]]; do
if [[ ! -z "${CONTAINER_ID}" ]] && [[ "${CONTAINER_ID}" =~ [^a-zA-Z0-9] ]]; then CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" 2> /dev/null | jq -rc "select( .name | tostring | contains(\"mysql-mailcow\")) | .id" 2> /dev/null)
SQL_UPGRADE_RETURN=$(curl --silent --insecure -XPOST https://dockerapi/containers/${CONTAINER_ID}/exec -d '{"cmd":"system", "task":"mysql_upgrade"}' --silent -H 'Content-type: application/json' | jq -r .type) done
if [[ ${SQL_UPGRADE_RETURN} == 'warning' ]]; then echo "MySQL @ ${CONTAINER_ID}"
if [ -z ${SQL_LOOP_C} ]; then SQL_UPGRADE_RETURN=$(curl --silent --insecure -XPOST https://dockerapi/containers/${CONTAINER_ID}/exec -d '{"cmd":"system", "task":"mysql_upgrade"}' --silent -H 'Content-type: application/json' | jq -r .type)
echo 1 > /mysql_upgrade_loop if [[ ${SQL_UPGRADE_RETURN} == 'warning' ]]; then
echo "MySQL applied an upgrade, restarting PHP-FPM..." if [ -z ${SQL_LOOP_C} ]; then
exit 1 echo 1 > /mysql_upgrade_loop
else echo "MySQL applied an upgrade, restarting PHP-FPM..."
rm /mysql_upgrade_loop exit 1
echo "MySQL was not applied previously, skipping. Restart php-fpm-mailcow to retry or run mysql_upgrade manually." else
while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do rm /mysql_upgrade_loop
echo "Waiting for SQL to return..." echo "MySQL was not applied previously, skipping. Restart php-fpm-mailcow to retry or run mysql_upgrade manually."
sleep 2 while ! mysqladmin status --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
done echo "Waiting for SQL to return..."
fi sleep 2
done
fi fi
else
echo "MySQL is up-to-date"
fi fi
# Trigger db init # Trigger db init

2
data/Dockerfiles/rspamd/Dockerfile
View File

@ -10,7 +10,7 @@ RUN apt-get update && apt-get install -y \
gnupg2 \ gnupg2 \
apt-transport-https \ apt-transport-https \
&& apt-key adv --fetch-keys https://rspamd.com/apt/gpg.key \ && apt-key adv --fetch-keys https://rspamd.com/apt/gpg.key \
&& echo "deb https://rspamd.com/apt/ bionic main" > /etc/apt/sources.list.d/rspamd.list \ && echo "deb https://rspamd.com/apt-stable/ bionic main" > /etc/apt/sources.list.d/rspamd.list \
&& apt-get update && apt-get install -y rspamd \ && apt-get update && apt-get install -y rspamd \
&& rm -rf /var/lib/apt/lists/* \ && rm -rf /var/lib/apt/lists/* \
&& apt-get autoremove --purge \ && apt-get autoremove --purge \

6
data/Dockerfiles/solr/Dockerfile
View File

@ -1,8 +1,12 @@
FROM solr:7.7-alpine FROM solr:7.7-alpine
USER root USER root
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /
COPY solr-config-7.7.0.xml /
COPY solr-schema-7.7.0.xml /
RUN apk --no-cache add su-exec curl tzdata \ RUN apk --no-cache add su-exec curl tzdata \
&& chmod +x /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh \
&& bash /docker-entrypoint.sh --bootstrap
ENTRYPOINT ["/docker-entrypoint.sh"] ENTRYPOINT ["/docker-entrypoint.sh"]

33
data/Dockerfiles/solr/docker-entrypoint.sh 100755 → 100644
View File

@ -18,16 +18,10 @@ fi
set -e set -e
# allow easier debugging with `docker run -e VERBOSE=yes`
if [[ "$VERBOSE" = "yes" ]]; then
set -x
fi
# run the optional initdb # run the optional initdb
. /opt/docker-solr/scripts/run-initdb . /opt/docker-solr/scripts/run-initdb
# fixing volume permission # fixing volume permission
[[ -d /opt/solr/server/solr/dovecot-fts/data ]] && chown -R solr:solr /opt/solr/server/solr/dovecot-fts/data [[ -d /opt/solr/server/solr/dovecot-fts/data ]] && chown -R solr:solr /opt/solr/server/solr/dovecot-fts/data
if [[ "${1}" != "--bootstrap" ]]; then if [[ "${1}" != "--bootstrap" ]]; then
sed -i '/SOLR_HEAP=/c\SOLR_HEAP="'${SOLR_HEAP:-1024}'m"' /opt/solr/bin/solr.in.sh sed -i '/SOLR_HEAP=/c\SOLR_HEAP="'${SOLR_HEAP:-1024}'m"' /opt/solr/bin/solr.in.sh
@ -35,15 +29,13 @@ else
sed -i '/SOLR_HEAP=/c\SOLR_HEAP="256m"' /opt/solr/bin/solr.in.sh sed -i '/SOLR_HEAP=/c\SOLR_HEAP="256m"' /opt/solr/bin/solr.in.sh
fi fi
# keep a sentinel file so we don't try to create the core a second time if [[ "${1}" == "--bootstrap" ]]; then
# for example when we restart a container. echo "Creating initial configuration"
# todo: check if a core exists without sentinel file echo "Modifying default config set"
cp /solr-config-7.7.0.xml /opt/solr/server/solr/configsets/_default/conf/solrconfig.xml
cp /solr-schema-7.7.0.xml /opt/solr/server/solr/configsets/_default/conf/schema.xml
rm /opt/solr/server/solr/configsets/_default/conf/managed-schema
SENTINEL=/opt/docker-solr/fts_core_created
if [[ -f ${SENTINEL} ]]; then
echo "skipping core creation"
else
echo "Starting local Solr instance to setup configuration" echo "Starting local Solr instance to setup configuration"
su-exec solr start-local-solr su-exec solr start-local-solr
@ -58,19 +50,12 @@ else
done done
echo "Created core \"dovecot-fts\"" echo "Created core \"dovecot-fts\""
touch ${SENTINEL}
echo "Stopping local Solr" echo "Stopping local Solr"
su-exec solr stop-local-solr su-exec solr stop-local-solr
exit 0
fi fi
rm -f /opt/solr/server/solr/dovecot-fts/conf/schema.xml
rm -f /opt/solr/server/solr/dovecot-fts/conf/managed-schema
rm -f /opt/solr/server/solr/dovecot-fts/conf/solrconfig.xml
cp /etc/solr/solr-config-7.7.0.xml /opt/solr/server/solr/dovecot-fts/conf/solrconfig.xml
cp /etc/solr/solr-schema-7.7.0.xml /opt/solr/server/solr/dovecot-fts/conf/schema.xml
chown -R solr:solr /opt/solr/server/solr/dovecot-fts/conf/{schema.xml,solrconfig.xml}
exec su-exec solr solr-foreground exec su-exec solr solr-foreground

0
data/conf/solr/solr-config-7.7.0.xml → data/Dockerfiles/solr/solr-config-7.7.0.xml
View File

3
data/conf/solr/solr-schema-7.7.0.xml → data/Dockerfiles/solr/solr-schema-7.7.0.xml
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<schema name="dovecot" version="2.0"> <schema name="dovecot-fts" version="2.0">
<fieldType name="string" class="solr.StrField" omitNorms="true" sortMissingLast="true"/> <fieldType name="string" class="solr.StrField" omitNorms="true" sortMissingLast="true"/>
<fieldType name="long" class="solr.LongPointField" positionIncrementGap="0"/> <fieldType name="long" class="solr.LongPointField" positionIncrementGap="0"/>
<fieldType name="boolean" class="solr.BoolField" sortMissingLast="true"/> <fieldType name="boolean" class="solr.BoolField" sortMissingLast="true"/>
@ -18,7 +18,6 @@
</analyzer> </analyzer>
<analyzer type="query"> <analyzer type="query">
<tokenizer class="solr.StandardTokenizerFactory"/> <tokenizer class="solr.StandardTokenizerFactory"/>
<filter class="solr.EdgeNGramFilterFactory" minGramSize="3" maxGramSize="20"/>
<filter class="solr.SynonymGraphFilterFactory" expand="true" ignoreCase="true" synonyms="synonyms.txt"/> <filter class="solr.SynonymGraphFilterFactory" expand="true" ignoreCase="true" synonyms="synonyms.txt"/>
<filter class="solr.FlattenGraphFilterFactory"/> <filter class="solr.FlattenGraphFilterFactory"/>
<filter class="solr.StopFilterFactory" words="stopwords.txt" ignoreCase="true"/> <filter class="solr.StopFilterFactory" words="stopwords.txt" ignoreCase="true"/>

2
data/conf/rspamd/dynmaps/settings.php
View File

@ -7,7 +7,7 @@ then any of these will trigger the rule. If a rule is triggered then no more rul
header('Content-Type: text/plain'); header('Content-Type: text/plain');
require_once "vars.inc.php"; require_once "vars.inc.php";
// Getting headers sent by the client. // Getting headers sent by the client.
$headers = apache_request_headers(); //$headers = apache_request_headers();
ini_set('error_reporting', 0); ini_set('error_reporting', 0);

3
data/conf/rspamd/meta_exporter/pipe.php
View File

@ -84,6 +84,9 @@ $rcpt_final_mailboxes = array();
// Loop through all rcpts // Loop through all rcpts
foreach (json_decode($rcpts, true) as $rcpt) { foreach (json_decode($rcpts, true) as $rcpt) {
// Remove tag
$rcpt = preg_replace('/^(.*?)\+.*(@.*)$/', '$1$2', $rcpt);
// Break rcpt into local part and domain part // Break rcpt into local part and domain part
$parsed_rcpt = parse_email($rcpt); $parsed_rcpt = parse_email($rcpt);

10
data/web/inc/functions.mailbox.inc.php
View File

@ -561,7 +561,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('is_alias_or_mailbox', htmlspecialchars($address)) 'msg' => array('is_alias_or_mailbox', htmlspecialchars($address))
); );
return false; continue;
} }
$stmt = $pdo->prepare("SELECT `domain` FROM `domain` $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
WHERE `domain`= :domain1 OR `domain` = (SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain2)"); WHERE `domain`= :domain1 OR `domain` = (SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain2)");
@ -573,7 +573,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('domain_not_found', htmlspecialchars($domain)) 'msg' => array('domain_not_found', htmlspecialchars($domain))
); );
return false; continue;
} }
$stmt = $pdo->prepare("SELECT `address` FROM `spamalias` $stmt = $pdo->prepare("SELECT `address` FROM `spamalias`
WHERE `address`= :address"); WHERE `address`= :address");
@ -585,7 +585,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('is_spam_alias', htmlspecialchars($address)) 'msg' => array('is_spam_alias', htmlspecialchars($address))
); );
return false; continue;
} }
if ((!filter_var($address, FILTER_VALIDATE_EMAIL) === true) && !empty($local_part)) { if ((!filter_var($address, FILTER_VALIDATE_EMAIL) === true) && !empty($local_part)) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
@ -593,7 +593,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'alias_invalid' 'msg' => 'alias_invalid'
); );
return false; continue;
} }
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) { if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
@ -601,7 +601,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied' 'msg' => 'access_denied'
); );
return false; continue;
} }
$stmt = $pdo->prepare("INSERT INTO `alias` (`address`, `public_comment`, `private_comment`, `goto`, `domain`, `active`) $stmt = $pdo->prepare("INSERT INTO `alias` (`address`, `public_comment`, `private_comment`, `goto`, `domain`, `active`)
VALUES (:address, :public_comment, :private_comment, :goto, :domain, :active)"); VALUES (:address, :public_comment, :private_comment, :goto, :domain, :active)");

14
data/web/js/site/mailbox.js
View File

@ -734,8 +734,18 @@ jQuery(function($){
'</div>'; '</div>';
item.chkbox = '<input type="checkbox" data-id="alias" name="multi_select" value="' + encodeURIComponent(item.id) + '" />'; item.chkbox = '<input type="checkbox" data-id="alias" name="multi_select" value="' + encodeURIComponent(item.id) + '" />';
item.goto = escapeHtml(item.goto.replace(/,/g, " ")); item.goto = escapeHtml(item.goto.replace(/,/g, " "));
item.public_comment = escapeHtml(item.public_comment); if (item.public_comment !== null) {
item.private_comment = escapeHtml(item.private_comment); item.public_comment = escapeHtml(item.public_comment);
}
else {
item.public_comment = '-';
}
if (item.private_comment !== null) {
item.private_comment = escapeHtml(item.private_comment);
}
else {
item.private_comment = '-';
}
if (item.is_catch_all == 1) { if (item.is_catch_all == 1) {
item.address = '<div class="label label-default">Catch-All</div> ' + escapeHtml(item.address); item.address = '<div class="label label-default">Catch-All</div> ' + escapeHtml(item.address);
} }

86
data/web/js/site/quarantine.js
View File

@ -1,11 +1,13 @@
// Base64 functions // Base64 functions
var Base64={_keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",encode:function(r){var t,e,o,a,h,n,c,d="",C=0;for(r=Base64._utf8_encode(r);C<r.length;)a=(t=r.charCodeAt(C++))>>2,h=(3&t)<<4|(e=r.charCodeAt(C++))>>4,n=(15&e)<<2|(o=r.charCodeAt(C++))>>6,c=63&o,isNaN(e)?n=c=64:isNaN(o)&&(c=64),d=d+this._keyStr.charAt(a)+this._keyStr.charAt(h)+this._keyStr.charAt(n)+this._keyStr.charAt(c);return d},decode:function(r){var t,e,o,a,h,n,c="",d=0;for(r=r.replace(/[^A-Za-z0-9\+\/\=]/g,"");d<r.length;)t=this._keyStr.indexOf(r.charAt(d++))<<2|(a=this._keyStr.indexOf(r.charAt(d++)))>>4,e=(15&a)<<4|(h=this._keyStr.indexOf(r.charAt(d++)))>>2,o=(3&h)<<6|(n=this._keyStr.indexOf(r.charAt(d++))),c+=String.fromCharCode(t),64!=h&&(c+=String.fromCharCode(e)),64!=n&&(c+=String.fromCharCode(o));return c=Base64._utf8_decode(c)},_utf8_encode:function(r){r=r.replace(/\r\n/g,"\n");for(var t="",e=0;e<r.length;e++){var o=r.charCodeAt(e);o<128?t+=String.fromCharCode(o):o>127&&o<2048?(t+=String.fromCharCode(o>>6|192),t+=String.fromCharCode(63&o|128)):(t+=String.fromCharCode(o>>12|224),t+=String.fromCharCode(o>>6&63|128),t+=String.fromCharCode(63&o|128))}return t},_utf8_decode:function(r){for(var t="",e=0,o=c1=c2=0;e<r.length;)(o=r.charCodeAt(e))<128?(t+=String.fromCharCode(o),e++):o>191&&o<224?(c2=r.charCodeAt(e+1),t+=String.fromCharCode((31&o)<<6|63&c2),e+=2):(c2=r.charCodeAt(e+1),c3=r.charCodeAt(e+2),t+=String.fromCharCode((15&o)<<12|(63&c2)<<6|63&c3),e+=3);return t}}; var Base64={_keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",encode:function(r){var t,e,o,a,h,n,c,d="",C=0;for(r=Base64._utf8_encode(r);C<r.length;)a=(t=r.charCodeAt(C++))>>2,h=(3&t)<<4|(e=r.charCodeAt(C++))>>4,n=(15&e)<<2|(o=r.charCodeAt(C++))>>6,c=63&o,isNaN(e)?n=c=64:isNaN(o)&&(c=64),d=d+this._keyStr.charAt(a)+this._keyStr.charAt(h)+this._keyStr.charAt(n)+this._keyStr.charAt(c);return d},decode:function(r){var t,e,o,a,h,n,c="",d=0;for(r=r.replace(/[^A-Za-z0-9\+\/\=]/g,"");d<r.length;)t=this._keyStr.indexOf(r.charAt(d++))<<2|(a=this._keyStr.indexOf(r.charAt(d++)))>>4,e=(15&a)<<4|(h=this._keyStr.indexOf(r.charAt(d++)))>>2,o=(3&h)<<6|(n=this._keyStr.indexOf(r.charAt(d++))),c+=String.fromCharCode(t),64!=h&&(c+=String.fromCharCode(e)),64!=n&&(c+=String.fromCharCode(o));return c=Base64._utf8_decode(c)},_utf8_encode:function(r){r=r.replace(/\r\n/g,"\n");for(var t="",e=0;e<r.length;e++){var o=r.charCodeAt(e);o<128?t+=String.fromCharCode(o):o>127&&o<2048?(t+=String.fromCharCode(o>>6|192),t+=String.fromCharCode(63&o|128)):(t+=String.fromCharCode(o>>12|224),t+=String.fromCharCode(o>>6&63|128),t+=String.fromCharCode(63&o|128))}return t},_utf8_decode:function(r){for(var t="",e=0,o=c1=c2=0;e<r.length;)(o=r.charCodeAt(e))<128?(t+=String.fromCharCode(o),e++):o>191&&o<224?(c2=r.charCodeAt(e+1),t+=String.fromCharCode((31&o)<<6|63&c2),e+=2):(c2=r.charCodeAt(e+1),c3=r.charCodeAt(e+2),t+=String.fromCharCode((15&o)<<12|(63&c2)<<6|63&c3),e+=3);return t}};
jQuery(function($){ jQuery(function($){
acl_data = JSON.parse(acl); acl_data = JSON.parse(acl);
// http://stackoverflow.com/questions/24816/escaping-html-strings-with-jquery // http://stackoverflow.com/questions/24816/escaping-html-strings-with-jquery
var entityMap={"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#39;","/":"&#x2F;","`":"&#x60;","=":"&#x3D;"}; var entityMap={"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#39;","/":"&#x2F;","`":"&#x60;","=":"&#x3D;"};
function escapeHtml(n){return String(n).replace(/[&<>"'`=\/]/g,function(n){return entityMap[n]})} function escapeHtml(n){return String(n).replace(/[&<>"'`=\/]/g,function(n){return entityMap[n]})}
function humanFileSize(i){if(Math.abs(i)<1024)return i+" B";var B=["KiB","MiB","GiB","TiB","PiB","EiB","ZiB","YiB"],e=-1;do{i/=1024,++e}while(Math.abs(i)>=1024&&e<B.length-1);return i.toFixed(1)+" "+B[e]} function humanFileSize(i){if(Math.abs(i)<1024)return i+" B";var B=["KiB","MiB","GiB","TiB","PiB","EiB","ZiB","YiB"],e=-1;do{i/=1024,++e}while(Math.abs(i)>=1024&&e<B.length-1);return i.toFixed(1)+" "+B[e]}
function draw_quarantine_table() { function draw_quarantine_table() {
ft_quarantinetable = FooTable.init('#quarantinetable', { ft_quarantinetable = FooTable.init('#quarantinetable', {
"columns": [ "columns": [
@ -56,54 +58,52 @@ jQuery(function($){
"empty": lang.empty, "empty": lang.empty,
"paging": {"enabled": true,"limit": 5,"size": pagination_size}, "paging": {"enabled": true,"limit": 5,"size": pagination_size},
"sorting": {"enabled": true}, "sorting": {"enabled": true},
"on": {
"ready.ft.table": btn_group_quarantine,
"after.ft.paging": btn_group_quarantine
},
"filtering": {"enabled": true,"position": "left","connectors": false,"placeholder": lang.filter_table}, "filtering": {"enabled": true,"position": "left","connectors": false,"placeholder": lang.filter_table},
}); });
} }
btn_group_quarantine = function(ev, ft){ $('body').on('click', '.show_qid_info', function (e) {
$('.show_qid_info').on('click', function (e) { e.preventDefault();
e.preventDefault(); var qitem = $(this).data('item');
var qitem = $(this).data('item'); var qError = $("#qid_error");
$('#qidDetailModal').modal('show');
$( "#qid_error" ).hide(); $('#qidDetailModal').modal('show');
$.ajax({ qError.hide();
url: '/inc/ajax/qitem_details.php',
data: { id: qitem }, $.ajax({
dataType: 'json', url: '/inc/ajax/qitem_details.php',
success: function(data){ data: { id: qitem },
if (typeof data.error !== 'undefined') { dataType: 'json',
$( "#qid_error" ).text(data.error); success: function(data){
$( "#qid_error" ).show(); if (typeof data.error !== 'undefined') {
} qError.text(data.error);
$( "li" ).each(function( index ) { qError.show();
console.log( index + ": " + $( this ).text() );
});
$('[data-id="qitems_single"]').each(function( index ) {
$(this).attr("data-item", qitem);
});
$('#qid_detail_subj').text(data.subject);
$('#qid_detail_text').text(data.text_plain);
$('#qid_detail_text_from_html').text(data.text_html);
if (typeof data.attachments !== 'undefined') {
$( "#qid_detail_atts" ).text('');
$.each(data.attachments, function( index, value ) {
$( "#qid_detail_atts" ).append(
'<p><a href="/inc/ajax/qitem_details.php?id=' + qitem + '&att=' + index + '" target="_blank">' + value[0] + '</a> (' + value[1] + ')' +
' - <small><a href="' + value[3] + '" target="_blank">' + lang.check_hash + '</a></small></p>'
);
});
}
else {
$( "#qid_detail_atts" ).text('-');
}
} }
}); $('[data-id="qitems_single"]').each(function(index) {
}) $(this).attr("data-item", qitem);
} });
$('#qid_detail_subj').text(data.subject);
$('#qid_detail_text').text(data.text_plain);
$('#qid_detail_text_from_html').text(data.text_html);
if (typeof data.attachments !== 'undefined') {
qAtts = $("#qid_detail_atts");
qAtts.text('');
$.each(data.attachments, function(index, value) {
qAtts.append(
'<p><a href="/inc/ajax/qitem_details.php?id=' + qitem + '&att=' + index + '" target="_blank">' + value[0] + '</a> (' + value[1] + ')' +
' - <small><a href="' + value[3] + '" target="_blank">' + lang.check_hash + '</a></small></p>'
);
});
}
else {
qAtts.text('-');
}
}
});
});
// Initial table drawings // Initial table drawings
draw_quarantine_table(); draw_quarantine_table();
}); });

11
docker-compose.yml
View File

@ -71,7 +71,7 @@ services:
- clamd - clamd
rspamd-mailcow: rspamd-mailcow:
image: mailcow/rspamd:1.37 image: mailcow/rspamd:1.38
build: ./data/Dockerfiles/rspamd build: ./data/Dockerfiles/rspamd
stop_grace_period: 30s stop_grace_period: 30s
depends_on: depends_on:
@ -94,7 +94,7 @@ services:
- rspamd - rspamd
php-fpm-mailcow: php-fpm-mailcow:
image: mailcow/phpfpm:1.34 image: mailcow/phpfpm:1.35
build: ./data/Dockerfiles/phpfpm build: ./data/Dockerfiles/phpfpm
command: "php-fpm -d date.timezone=${TZ} -d expose_php=0" command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
depends_on: depends_on:
@ -306,7 +306,7 @@ services:
acme-mailcow: acme-mailcow:
depends_on: depends_on:
- nginx-mailcow - nginx-mailcow
image: mailcow/acme:1.48 image: mailcow/acme:1.49
build: ./data/Dockerfiles/acme build: ./data/Dockerfiles/acme
dns: dns:
- ${IPV4_NETWORK:-172.22.1}.254 - ${IPV4_NETWORK:-172.22.1}.254
@ -405,12 +405,11 @@ services:
- dockerapi - dockerapi
solr-mailcow: solr-mailcow:
image: mailcow/solr:1.3 image: mailcow/solr:1.4
build: ./data/Dockerfiles/solr build: ./data/Dockerfiles/solr
restart: always restart: always
volumes: volumes:
- solr-vol-1:/opt/solr/server/solr/dovecot/data - solr-vol-1:/opt/solr/server/solr/dovecot-fts/data
- ./data/conf/solr:/etc/solr
dns: dns:
- ${IPV4_NETWORK:-172.22.1}.254 - ${IPV4_NETWORK:-172.22.1}.254
environment: environment:

3
generate_config.sh
View File

@ -16,6 +16,7 @@ if [ -f mailcow.conf ]; then
case $response in case $response in
[yY][eE][sS]|[yY]) [yY][eE][sS]|[yY])
mv mailcow.conf mailcow.conf_backup mv mailcow.conf mailcow.conf_backup
chmod 600 mailcow.conf_backup
;; ;;
*) *)
exit 1 exit 1
@ -241,5 +242,7 @@ EOF
mkdir -p data/assets/ssl mkdir -p data/assets/ssl
chmod 600 mailcow.conf
# copy but don't overwrite existing certificate # copy but don't overwrite existing certificate
cp -n data/assets/ssl-example/*.pem data/assets/ssl/ cp -n data/assets/ssl-example/*.pem data/assets/ssl/

8
helper-scripts/nextcloud.sh
View File

@ -76,9 +76,8 @@ elif [[ ${NC_UPDATE} == "y" ]]; then
curl -L# -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-15.tar.bz2" || { echo "Failed to download Nextcloud archive."; exit 1; } \ curl -L# -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-15.tar.bz2" || { echo "Failed to download Nextcloud archive."; exit 1; } \
&& tar -xjf nextcloud.tar.bz2 -C ./data/web/ \ && tar -xjf nextcloud.tar.bz2 -C ./data/web/ \
&& rm nextcloud.tar.bz2 \ && rm nextcloud.tar.bz2 \
&& rm -rf ./data/web/nextcloud/updater \ #&& rm -rf ./data/web/nextcloud/updater \
&& mkdir -p ./data/web/nextcloud/data \ && mkdir -p ./data/web/nextcloud/data \
&& mkdir -p ./data/web/nextcloud/custom_apps \
&& chmod +x ./data/web/nextcloud/occ && chmod +x ./data/web/nextcloud/occ
docker exec -it $(docker ps -f name=php-fpm-mailcow -q) bash -c "chown www-data:www-data -R /web/nextcloud" docker exec -it $(docker ps -f name=php-fpm-mailcow -q) bash -c "chown www-data:www-data -R /web/nextcloud"
docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "/web/nextcloud/occ --no-warnings upgrade" docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "/web/nextcloud/occ --no-warnings upgrade"
@ -106,12 +105,11 @@ elif [[ ${NC_INSTALL} == "y" ]]; then
curl -L# -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-15.tar.bz2" || { echo "Failed to download Nextcloud archive."; exit 1; } \ curl -L# -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-15.tar.bz2" || { echo "Failed to download Nextcloud archive."; exit 1; } \
&& tar -xjf nextcloud.tar.bz2 -C ./data/web/ \ && tar -xjf nextcloud.tar.bz2 -C ./data/web/ \
&& rm nextcloud.tar.bz2 \ && rm nextcloud.tar.bz2 \
&& rm -rf ./data/web/nextcloud/updater \ #&& rm -rf ./data/web/nextcloud/updater \
&& mkdir -p ./data/web/nextcloud/data \ && mkdir -p ./data/web/nextcloud/data \
&& mkdir -p ./data/web/nextcloud/custom_apps \
&& chmod +x ./data/web/nextcloud/occ && chmod +x ./data/web/nextcloud/occ
docker exec -it $(docker ps -f name=php-fpm-mailcow -q) /bin/bash -c "chown -R www-data:www-data /web/nextcloud/data /web/nextcloud/config /web/nextcloud/apps /web/nextcloud/custom_apps" docker exec -it $(docker ps -f name=php-fpm-mailcow -q) /bin/bash -c "chown -R www-data:www-data /web/nextcloud/data /web/nextcloud/config /web/nextcloud/apps"
docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) /web/nextcloud/occ --no-warnings maintenance:install \ docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) /web/nextcloud/occ --no-warnings maintenance:install \
--database mysql \ --database mysql \
--database-host mysql \ --database-host mysql \

12
update.sh
View File

@ -71,8 +71,12 @@ while (($#)); do
case "${1}" in case "${1}" in
--check|-c) --check|-c)
echo "Checking remote code for updates..." echo "Checking remote code for updates..."
git fetch origin #${BRANCH} LATEST_REV=$(git ls-remote --exit-code --refs --quiet https://github.com/mailcow/mailcow-dockerized ${BRANCH} | cut -f1)
if [[ -z $(git log HEAD --pretty=format:"%H" | grep $(git rev-parse origin/${BRANCH})) ]]; then if [ $? -ne 0 ]; then
echo "A problem occurred while trying to fetch the latest revision from github."
exit 99
fi
if [[ -z $(git log HEAD --pretty=format:"%H" | grep "${LATEST_REV}") ]]; then
echo "Updated code is available." echo "Updated code is available."
exit 0 exit 0
else else
@ -101,6 +105,7 @@ while (($#)); do
done done
[[ ! -f mailcow.conf ]] && { echo "mailcow.conf is missing"; exit 1;} [[ ! -f mailcow.conf ]] && { echo "mailcow.conf is missing"; exit 1;}
chmod 600 mailcow.conf
source mailcow.conf source mailcow.conf
DOTS=${MAILCOW_HOSTNAME//[^.]}; DOTS=${MAILCOW_HOSTNAME//[^.]};
if [ ${#DOTS} -lt 2 ]; then if [ ${#DOTS} -lt 2 ]; then
@ -355,9 +360,8 @@ if grep -q 'SYSCTL_IPV6_DISABLED=1' mailcow.conf; then
read -p "Press any key to continue..." < /dev/tty read -p "Press any key to continue..." < /dev/tty
fi fi
echo -e "Fixing project name... " # Checking for old project name bug
sed -i 's#COMPOSEPROJECT_NAME#COMPOSE_PROJECT_NAME#g' mailcow.conf sed -i 's#COMPOSEPROJECT_NAME#COMPOSE_PROJECT_NAME#g' mailcow.conf
sed -i '/COMPOSE_PROJECT_NAME=/s/-//g' mailcow.conf
echo -e "Fixing PHP-FPM worker ports for Nginx sites..." echo -e "Fixing PHP-FPM worker ports for Nginx sites..."
sed -i 's#phpfpm:9000#phpfpm:9002#g' data/conf/nginx/*.conf sed -i 's#phpfpm:9000#phpfpm:9002#g' data/conf/nginx/*.conf