From 57312ad605b1e0b2a996b07cde6280299ae8025c Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 25 Feb 2019 00:00:32 +0100 Subject: [PATCH] [Compose] Add ALLOW_ADMIN_EMAIL_LOGIN to sogo-mailcow to trigger bootstrap on change [Compose] Static IPv4 for Dovecot [SOGo] Remove SOGoIMAPServer from sogo.conf [SOGo] Add SOGoIMAPServer to bootstrap process [Nginx] Disallow editAccount for other accounts than 0 (own) --- data/Dockerfiles/sogo/bootstrap-sogo.sh | 5 +++++ data/conf/nginx/templates/sogo.auth_request.template.sh | 4 +++- data/conf/sogo/sogo.conf | 1 - docker-compose.yml | 7 +++++-- 4 files changed, 13 insertions(+), 4 deletions(-) diff --git a/data/Dockerfiles/sogo/bootstrap-sogo.sh b/data/Dockerfiles/sogo/bootstrap-sogo.sh index 5072a306..84176ebd 100755 --- a/data/Dockerfiles/sogo/bootstrap-sogo.sh +++ b/data/Dockerfiles/sogo/bootstrap-sogo.sh @@ -85,6 +85,9 @@ done mkdir -p /var/lib/sogo/GNUstep/Defaults/ +# Force-remove lines from sogo.conf +sed -i '/SOGoIMAPServer/d' /etc/sogo/sogo.conf + # Generate plist header with timezone data cat < /var/lib/sogo/GNUstep/Defaults/sogod.plist @@ -93,6 +96,8 @@ cat < /var/lib/sogo/GNUstep/Defaults/sogod.plist OCSAclURL mysql://${DBUSER}:${DBPASS}@%2Fvar%2Frun%2Fmysqld%2Fmysqld.sock/${DBNAME}/sogo_acl + SOGoIMAPServer + imap://${IPV4_NETWORK}.250:143/?tls=YES OCSCacheFolderURL mysql://${DBUSER}:${DBPASS}@%2Fvar%2Frun%2Fmysqld%2Fmysqld.sock/${DBNAME}/sogo_cache_folder OCSEMailAlarmsFolderURL diff --git a/data/conf/nginx/templates/sogo.auth_request.template.sh b/data/conf/nginx/templates/sogo.auth_request.template.sh index ae1a3879..d885d9f5 100644 --- a/data/conf/nginx/templates/sogo.auth_request.template.sh +++ b/data/conf/nginx/templates/sogo.auth_request.template.sh @@ -2,5 +2,7 @@ if printf "%s\n" "${ALLOW_ADMIN_EMAIL_LOGIN}" | grep -E '^([yY][eE][sS]|[yY])+$' echo 'auth_request /sogo-auth-verify; auth_request_set $user $upstream_http_x_username; proxy_set_header x-webobjects-remote-user $user; -' +if ($args ~* (.*)(account=(?!0))(.*)) { + return 401; +}' fi diff --git a/data/conf/sogo/sogo.conf b/data/conf/sogo/sogo.conf index a8befc2b..b115d75d 100644 --- a/data/conf/sogo/sogo.conf +++ b/data/conf/sogo/sogo.conf @@ -26,7 +26,6 @@ // (domain3.tld, domain2.tld) // ); - SOGoIMAPServer = "imap://dovecot:143/?tls=YES"; SOGoSieveServer = "sieve://dovecot:4190/?tls=YES"; SOGoSMTPServer = "postfix:588"; WOPort = "0.0.0.0:20000"; diff --git a/docker-compose.yml b/docker-compose.yml index a4a8b9be..c2394909 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -140,7 +140,7 @@ services: - phpfpm sogo-mailcow: - image: mailcow/sogo:1.52 + image: mailcow/sogo:1.53 build: ./data/Dockerfiles/sogo environment: - DBNAME=${DBNAME} @@ -150,6 +150,8 @@ services: - LOG_LINES=${LOG_LINES:-9999} - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME} - ACL_ANYONE=${ACL_ANYONE:-disallow} + - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n} + - IPV4_NETWORK=${IPV4_NETWORK:-172.22.1} volumes: - ./data/conf/sogo/:/etc/sogo/ - ./data/web/inc/init_db.inc.php:/init_db.inc.php @@ -165,7 +167,7 @@ services: - sogo dovecot-mailcow: - image: mailcow/dovecot:1.63 + image: mailcow/dovecot:1.64 build: ./data/Dockerfiles/dovecot cap_add: - NET_BIND_SERVICE @@ -210,6 +212,7 @@ services: hostname: ${MAILCOW_HOSTNAME} networks: mailcow-network: + ipv4_address: ${IPV4_NETWORK:-172.22.1}.250 aliases: - dovecot