paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1 from mailcow/admin-login 

rebase
master
Marcel 2019-02-26 08:42:32 +01:00 committed by GitHub
parent 4482aee747 57312ad605
commit 937cdadd36
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 31 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
data/Dockerfiles/clamd/bootstrap.sh
View File

@ -7,19 +7,29 @@ if [[ "${SKIP_CLAMD}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
fi fi
# Prepare whitelist # Prepare whitelist
mkdir -p /run/clamav /var/lib/clamav
if [[ -s /etc/clamav/whitelist.ign2 ]]; then if [[ -s /etc/clamav/whitelist.ign2 ]]; then
echo "Copying non-empty whitelist.ign2 to /var/lib/clamav/whitelist.ign2"
cp /etc/clamav/whitelist.ign2 /var/lib/clamav/whitelist.ign2 cp /etc/clamav/whitelist.ign2 /var/lib/clamav/whitelist.ign2
fi fi
if [[ ! -f /var/lib/clamav/whitelist.ign2 ]]; then if [[ ! -f /var/lib/clamav/whitelist.ign2 ]]; then
echo "Creating /var/lib/clamav/whitelist.ign2"
echo "Example-Signature.Ignore-1" > /var/lib/clamav/whitelist.ign2 echo "Example-Signature.Ignore-1" > /var/lib/clamav/whitelist.ign2
fi fi
chown clamav:clamav /var/lib/clamav/whitelist.ign2
mkdir -p /run/clamav /var/lib/clamav chown clamav:clamav -R /var/lib/clamav /run/clamav
chown clamav:clamav /run/clamav /var/lib/clamav
chmod 750 /run/clamav
chmod 755 /var/lib/clamav chmod 755 /var/lib/clamav
chmod 644 -R /var/lib/clamav/*
chmod 750 /run/clamav
echo "Stating whitelist.ign2"
stat /var/lib/clamav/whitelist.ign2
dos2unix /var/lib/clamav/whitelist.ign2 dos2unix /var/lib/clamav/whitelist.ign2
sed -i '/^\s*$/d' /var/lib/clamav/whitelist.ign2 sed -i '/^\s*$/d' /var/lib/clamav/whitelist.ign2
BACKGROUND_TASKS=() BACKGROUND_TASKS=()
@ -38,7 +48,7 @@ while true; do
sleep 2m sleep 2m
SANE_MIRRORS="$(dig +ignore +short rsync.sanesecurity.net)" SANE_MIRRORS="$(dig +ignore +short rsync.sanesecurity.net)"
for sane_mirror in ${SANE_MIRRORS}; do for sane_mirror in ${SANE_MIRRORS}; do
rsync -avp --chown=clamav:clamav --timeout=5 rsync://${sane_mirror}/sanesecurity/ \ rsync -avp --chown=clamav:clamav --chmod=Du=rwx,Dgo=rx,Fu=rw,Fog=r --timeout=5 rsync://${sane_mirror}/sanesecurity/ \
--include 'blurl.ndb' \ --include 'blurl.ndb' \
--include 'junk.ndb' \ --include 'junk.ndb' \
--include 'jurlbl.ndb' \ --include 'jurlbl.ndb' \

5
data/Dockerfiles/sogo/bootstrap-sogo.sh
View File

@ -85,6 +85,9 @@ done
mkdir -p /var/lib/sogo/GNUstep/Defaults/ mkdir -p /var/lib/sogo/GNUstep/Defaults/
# Force-remove lines from sogo.conf
sed -i '/SOGoIMAPServer/d' /etc/sogo/sogo.conf
# Generate plist header with timezone data # Generate plist header with timezone data
cat <<EOF > /var/lib/sogo/GNUstep/Defaults/sogod.plist cat <<EOF > /var/lib/sogo/GNUstep/Defaults/sogod.plist
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
@ -93,6 +96,8 @@ cat <<EOF > /var/lib/sogo/GNUstep/Defaults/sogod.plist
<dict> <dict>
<key>OCSAclURL</key> <key>OCSAclURL</key>
<string>mysql://${DBUSER}:${DBPASS}@%2Fvar%2Frun%2Fmysqld%2Fmysqld.sock/${DBNAME}/sogo_acl</string> <string>mysql://${DBUSER}:${DBPASS}@%2Fvar%2Frun%2Fmysqld%2Fmysqld.sock/${DBNAME}/sogo_acl</string>
<key>SOGoIMAPServer</key>
<string>imap://${IPV4_NETWORK}.250:143/?tls=YES</string>
<key>OCSCacheFolderURL</key> <key>OCSCacheFolderURL</key>
<string>mysql://${DBUSER}:${DBPASS}@%2Fvar%2Frun%2Fmysqld%2Fmysqld.sock/${DBNAME}/sogo_cache_folder</string> <string>mysql://${DBUSER}:${DBPASS}@%2Fvar%2Frun%2Fmysqld%2Fmysqld.sock/${DBNAME}/sogo_cache_folder</string>
<key>OCSEMailAlarmsFolderURL</key> <key>OCSEMailAlarmsFolderURL</key>

4
data/conf/nginx/templates/sogo.auth_request.template.sh
View File

@ -2,5 +2,7 @@ if printf "%s\n" "${ALLOW_ADMIN_EMAIL_LOGIN}" | grep -E '^([yY][eE][sS]|[yY])+$'
echo 'auth_request /sogo-auth-verify; echo 'auth_request /sogo-auth-verify;
auth_request_set $user $upstream_http_x_username; auth_request_set $user $upstream_http_x_username;
proxy_set_header x-webobjects-remote-user $user; proxy_set_header x-webobjects-remote-user $user;
' if ($args ~* (.*)(account=(?!0))(.*)) {
return 401;
}'
fi fi

2
data/conf/rspamd/dynmaps/settings.php
View File

@ -179,7 +179,7 @@ foreach (wl_by_sogo() as $user => $contacts) {
} }
?> ?>
apply "default" { apply "default" {
SOGO_CONTACT = -999.0; SOGO_CONTACT = -99.0;
} }
symbols [ symbols [
"SOGO_CONTACT" "SOGO_CONTACT"

1
data/conf/sogo/sogo.conf
View File

@ -26,7 +26,6 @@
// (domain3.tld, domain2.tld) // (domain3.tld, domain2.tld)
// ); // );
SOGoIMAPServer = "imap://dovecot:143/?tls=YES";
SOGoSieveServer = "sieve://dovecot:4190/?tls=YES"; SOGoSieveServer = "sieve://dovecot:4190/?tls=YES";
SOGoSMTPServer = "postfix:588"; SOGoSMTPServer = "postfix:588";
WOPort = "0.0.0.0:20000"; WOPort = "0.0.0.0:20000";

9
docker-compose.yml
View File

@ -55,7 +55,7 @@ services:
- redis - redis
clamd-mailcow: clamd-mailcow:
image: mailcow/clamd:1.21 image: mailcow/clamd:1.22
build: ./data/Dockerfiles/clamd build: ./data/Dockerfiles/clamd
restart: always restart: always
environment: environment:
@ -140,7 +140,7 @@ services:
- phpfpm - phpfpm
sogo-mailcow: sogo-mailcow:
image: mailcow/sogo:1.52 image: mailcow/sogo:1.53
build: ./data/Dockerfiles/sogo build: ./data/Dockerfiles/sogo
environment: environment:
- DBNAME=${DBNAME} - DBNAME=${DBNAME}
@ -150,6 +150,8 @@ services:
- LOG_LINES=${LOG_LINES:-9999} - LOG_LINES=${LOG_LINES:-9999}
- MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME} - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
- ACL_ANYONE=${ACL_ANYONE:-disallow} - ACL_ANYONE=${ACL_ANYONE:-disallow}
- ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
- IPV4_NETWORK=${IPV4_NETWORK:-172.22.1}
volumes: volumes:
- ./data/conf/sogo/:/etc/sogo/ - ./data/conf/sogo/:/etc/sogo/
- ./data/web/inc/init_db.inc.php:/init_db.inc.php - ./data/web/inc/init_db.inc.php:/init_db.inc.php
@ -165,7 +167,7 @@ services:
- sogo - sogo
dovecot-mailcow: dovecot-mailcow:
image: mailcow/dovecot:1.63 image: mailcow/dovecot:1.64
build: ./data/Dockerfiles/dovecot build: ./data/Dockerfiles/dovecot
cap_add: cap_add:
- NET_BIND_SERVICE - NET_BIND_SERVICE
@ -210,6 +212,7 @@ services:
hostname: ${MAILCOW_HOSTNAME} hostname: ${MAILCOW_HOSTNAME}
networks: networks:
mailcow-network: mailcow-network:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.250
aliases: aliases:
- dovecot - dovecot