Commit Graph

738 Commits (5e6a70c43894e3c1c86e3dc50407fc17ccbd548e)

Author SHA1 Message Date
André Peters 522a304181
Merge pull request #2629 from christianbur/acme_v3
acme-tiny with python3
2019-05-22 23:36:23 +02:00
Christian Burmeister a8e96c57b1
fix typo - container_post__exec__maildir__cleanup 2019-05-22 23:05:07 +02:00
André Peters 9a114845d7
[Netfilter] Reworked by @Kraeutergarten 2019-05-22 22:49:40 +02:00
Christian Burmeister cd71935001
Remove pyOpenSSL 2019-05-21 19:58:18 +02:00
Christian Burmeister 7032ea00d0
add "--virtual .build-dependencies" 2019-05-21 19:51:03 +02:00
Christian Burmeister 8327aac700
Update phpfpm baseimage from alpine 3.8 to 3.9 2019-05-20 23:23:04 +02:00
Christian Burmeister bfbd4c1240
acme-tiny with python3 2019-05-20 21:32:04 +02:00
Christian Burmeister 9afa2730ac
Update server.py 2019-05-20 21:30:40 +02:00
Christian Burmeister 07d15cf035
Update Dockerfile 2019-05-20 21:27:47 +02:00
André Peters 003b244544
Merge pull request #2623 from Arlon1/acme/cert_renewal_threshold
acme: changed the threshold for certificate renewal
2019-05-20 19:51:03 +02:00
Kraeutergarten b862ce2bfb Add hostnames for blacklist. 2019-05-20 09:02:40 +02:00
Kraeutergarten e6de9c299d Fix wrong python version. 2019-05-20 07:02:42 +02:00
Kraeutergarten 9b02c9272e clear whitelist, if it gets cleard. 2019-05-19 10:55:11 +02:00
Kraeutergarten 5af250398c Redo complete logging.
Do some other fixes caused by python3
2019-05-19 10:36:16 +02:00
Kraeutergarten d6af494789 update to python3 2019-05-19 09:55:49 +02:00
Kraeutergarten 5ed113c47f resolving whitelist every minute 2019-05-19 09:48:10 +02:00
andryyy 922a8db7a5
[Dovecot] Auto-generate shared namespace 2019-05-18 23:01:05 +02:00
andryyy 5e36018864
[Rspamd] Auto-generate SIEVE_HOST map and add dnsutils 2019-05-18 22:44:30 +02:00
Kraeutergarten 51f5f66c91 low response timeout
add ipv6 support
add multiple record support
2019-05-18 12:04:11 +02:00
Kraeutergarten 4cc63ceeb7 Allow hostnames for fail2ban whitelist. 2019-05-17 19:38:34 +02:00
andryyy 03f0bac916
[Watchdog] Change error message for acme-mailcow 2019-05-16 19:44:39 +02:00
andryyy 389317e9e4
[Dovecot] Fix memory leak when quarantine sender has non-ascii chars in mail address 2019-05-16 19:44:14 +02:00
andryyy 6a8c4e332b
[ACME] Register error when no hostname could be validated 2019-05-16 19:43:08 +02:00
Arlon1 2d5add5a13 acme: changed the threshold for certificate renewal
The threshold for certificate renewal is changed to 30 days before
expiry date (was 14 days).
fixes #2607
2019-05-16 15:31:50 +02:00
André Peters 2b6e486a11
[Dovecot] Update imapsync - thanks to @hunter-nl 2019-05-09 10:39:28 +02:00
andryyy b20ff13e40 [Rspamd] Update to 1.9.2, minor entrypoint changes
[Compose] Update Rspamd to 1.9.2
2019-05-06 12:18:41 +02:00
André Peters 6cf9a0354b
Trying to avoid non-distro packages 2019-05-05 22:30:11 +02:00
André Peters 081feca893
Replacing trim by function
https://perlmaven.com/trim
2019-05-05 22:28:55 +02:00
hunter-nl 4ebc871966
Added noreleasecheck parameter 2019-05-05 14:35:34 +02:00
hunter-nl d6833d0b29
Add extra perl modules for imapsync 2019-05-05 13:24:12 +02:00
hunter-nl 54a039fbd1
Fix: Processing result of running imapsync command
There was a possibility the status is_running never set back to 0.
Also the unlock command could be executed twice.
2019-05-05 13:15:34 +02:00
hunter-nl b7b532768c
Moved set "is_running" status
Moved set "is_running" status just before the actual execution of imapsync
2019-05-05 13:12:09 +02:00
hunter-nl fbf356d522
Update imapsync script to 1.937 2019-05-05 13:09:17 +02:00
hunter-nl d32f3e9d16
Fix processing imapsync custom parameters 2019-05-05 13:07:17 +02:00
andryyy 189ea89a71
[Dovecot] Revert to previous imapsync cron script 2019-05-04 23:08:43 +02:00
hunter-nl e59417ed78
Update imapsync_cron.pl
Second unlocking lock_file failed because it was already unlocked.
2019-05-04 13:07:23 +02:00
hunter-nl f9cd9927b1
Update imapsync_cron.pl
Moved setting "is_running" status to just before the actual execution of imapsync command.
2019-05-04 12:02:41 +02:00
hunter-nl 95fe217ce1
Update imapsync_cron.pl
Fix: Reset is_running status in case of exception occurs in running imapsync. Else it will stuck in "running" status.
2019-05-04 11:58:19 +02:00
hunter-nl 59882b443a
Update imapsync_cron.pl
Fix executing imapsync command containing quoted strings in parameters.
2019-05-04 11:45:51 +02:00
Sven Gottwald b55ac86d6b
Update Dovecot to v2.3.6 and Pigeonhole to v0.5.6 2019-05-01 20:28:11 +02:00
andryyy 60fd955def
[ACME] Add 0 byte check for cert.pem 2019-04-27 10:23:00 +02:00
andryyy 9bab6507a7
[ACME] Allow to skip all names but MAILCOW_HOSTNAME 2019-04-26 21:15:46 +02:00
andryyy 3e3e526568
[Dovecot] Update to 2.3.5.2
[Compose] Update Dovecot image
2019-04-25 18:10:28 +02:00
Ralph Paßgang 42b240c10c Updating the www.dovecot.org/releases/... url to just dovecot.org/releases/... in dovecot Dockerfile to
prevent a http redirect problem with the curl ... | tar command.
2019-04-24 17:44:15 +02:00
andryyy 5be4885c15
[Watchdog] Send mail when starting
[Compose] Update watchdog and remove oom check for compatibility
2019-04-18 22:09:26 +02:00
andryyy 794c2080ec
[ClamAV] Increase watchdog clamd-mailcow thresholds 2019-04-05 12:09:46 +02:00
andryyy a9c1b480c5
[Solr] Make entrypoint executable 2019-04-05 12:09:18 +02:00
Joshua Hesketh f8ff11a1e3
Merge branch 'master' into patch-4 2019-04-02 17:08:19 +11:00
andryyy a86f9e0120
[Compose] New Dovecot image
[Dovecot] Update Dovecot to v2.3.5.1
2019-03-31 19:07:39 +02:00
André Peters 987e884407
Merge branch 'master' into admin-login 2019-03-31 15:49:18 +02:00
andryyy b42d0df8e2
[ACME] Allow to skip http verification 2019-03-29 07:46:52 +01:00
andryyy 9378a34adb
[SOGo] Remove unnamed volume and rsync web content to named volume 2019-03-29 07:46:28 +01:00
andryyy e7d17ad1ac
[Watchdog] Check for ACME failures 2019-03-27 23:15:04 +01:00
andryyy 8b0f7fa81b
[ACME] Write redis key on non-empty exit code 2019-03-27 23:14:46 +01:00
André Peters eb2b26699c
[Dovcot] Cleanup random user maildirs 2019-03-27 16:37:15 +01:00
Marcel Hofer 7d2289c3a7 Merge branch 'master' into admin-login
# Conflicts:
#	data/web/js/site/mailbox.js
2019-03-23 21:17:02 +01:00
andryyy 22798a85e5
[Config] Add MAILDIR_SUB, "Maildir" for new setups by default
[Update] Add MAILDIR_SUB= for updated mailcows
[Dovecot] Read MAILDIR_SUB for mail_home
2019-03-18 14:09:32 +01:00
André Peters 3d8a46357b
Merge branch 'master' into admin-login 2019-03-18 02:03:59 +01:00
andryyy 9482da211f
[Rspamd] Update to 1.9 stable repository
[Compose] Update Rspamd image
2019-03-12 23:39:34 +01:00
andryyy ffed14c277
[PHP-FPM] Fix SQL upgrade script 2019-03-12 23:24:22 +01:00
andryyy c77368ee70
[ACME] Set mode 600 for key files 2019-03-12 23:24:03 +01:00
andryyy 837ee3b3b0
[Solr] Keep EdgeNGramFilterFactory out of query
[Compose] Update PHP-FPM, Solr and ACME images
2019-03-12 23:21:15 +01:00
andryyy fc63661fbd
[Solr] Change default configset before bootstrapping
[Solr] Bootstrap cannot be omitted and must occur before mounting the data directory
2019-03-12 23:15:26 +01:00
André Peters ae19d81f2d
Merge branch 'master' into admin-login 2019-03-10 10:38:42 +01:00
André Peters 216451ed43
Merge branch 'master' into admin-login 2019-03-10 09:51:12 +01:00
andryyy c7c115d63a
[Solr] Use fixed, recommended schema but add EdgeNGramFilterFactory 2019-03-10 09:40:04 +01:00
andryyy 47d4be8884
[Dovecot] v2.3.5 (PH 0.5.5)
[Dovecot] Change Solr cronjob to fit dovecot-fts
2019-03-10 09:35:26 +01:00
andryyy b6d9fbf747
[Postfix] Fix Postfix map 2019-03-09 12:30:36 +01:00
andryyy 15970ab8dc
[Postfix] Fix sasl_passwd query from alias domain, fixes #2410
[Web] Major fix, added a line break!
[Compose] Update Postfix image
2019-03-09 11:22:39 +01:00
andryyy 8e42ad4f1f
[Rspamd] Use stable unstable :) 2019-03-07 00:09:07 +01:00
andryyy d65f7a2bd4
[Watchdog] Do not hammer API too much when running Ipv6 NAT check
[Watchdog] Run IPv6 NAT check more often (300s sleep instead of 3600s)
2019-03-07 00:08:45 +01:00
andryyy e1ebacca27
[Rspamd] Drop rspamd.conf.local file 2019-03-06 15:06:51 +01:00
andryyy 5bc8289d32
[Watchdog] Minor fixes, print last log lines on error 2019-03-04 17:56:27 +01:00
tha80 d365813997
Downgraded rspamd deb repository 2019-03-04 13:59:31 +01:00
andryyy c4dfed8a96
[Compose, Rspamd] Downgrade Rspamd 2019-03-03 22:54:47 +01:00
andryyy 950ab30462
[Rspamd] Upgrade Rspamd
[Compose] New Rspamd image
2019-03-03 22:25:56 +01:00
andryyy fcbcc117d2
[Netfilter] Detect SOGo 403
[Compose] Update Netfilter
2019-02-28 20:22:16 +01:00
Marcel Hofer e2f39df7d8 remove obsolete code, use openssl instead of `cat /dev/urandom` 2019-02-26 20:44:53 +01:00
Marcel Hofer dd6d253ac0 add random masterpass for sogo admin login
add required headers for sogo proxy auth with password
add SOGoEncryptionKey
add SOGoTrustProxyAuthentication only conditionally if feature is enabled
2019-02-26 09:02:35 +01:00
andryyy 57312ad605
[Compose] Add ALLOW_ADMIN_EMAIL_LOGIN to sogo-mailcow to trigger bootstrap on change
[Compose] Static IPv4 for Dovecot
[SOGo] Remove SOGoIMAPServer from sogo.conf
[SOGo] Add SOGoIMAPServer to bootstrap process
[Nginx] Disallow editAccount for other accounts than 0 (own)
2019-02-25 00:00:32 +01:00
André Peters 298a8d24e9
Merge pull request #2360 from mhofer117/allow-admin-email-login
Allow admins to login as email user (without any password)
2019-02-24 18:49:13 +01:00
Marcel Hofer cac67db203 add config ALLOW_ADMIN_EMAIL_LOGIN and implement password-less SOGo login admins 2019-02-23 17:59:18 +01:00
andryyy db17a304b0
[ClamAV] Create directory before handling whitelist 2019-02-23 10:34:16 +01:00
andryyy 354ecd727c
[ClamAV] More checks and permission fixes 2019-02-23 10:27:13 +01:00
andryyy fe9b9f5dfa
[ClamAV] Set permission recursively
[Compose] Updaet ClamAV image
2019-02-23 10:21:13 +01:00
andryyy fe6567a3c8
[Compose] New watchdog image
[Watchdog] Use ipv6nat-mailcow instead of ipv6nat
2019-02-19 22:25:28 +01:00
andryyy 52eb6e48f2
[Compose] New Dovecot image
[Dovecot] Fix very stupid error in quarantine_notify.py - thanks to @DevTek314
2019-02-19 15:02:18 +01:00
andryyy 63752fe0f2
[Solr] Changes to schema - field types are updated 2019-02-15 20:19:50 +01:00
Joshua Hesketh 1355e993dd
Fix building solr
I kept hitting an error when building solr `/bin/sh: /docker-entrypoint.sh: Text file busy`, this is caused where the script is attempted to be ran before the previous `chmod` command has properly sync'd to disk. Adding in a sync fixes this trouble for me.
2019-02-15 17:04:53 +11:00
Aaron Larisch 5cae935485 Fix empty maildir_gc.sh 2019-02-12 17:11:04 +01:00
andryyy 99a816430b
[ACME] Wait for Nginx 2019-02-10 17:36:25 +01:00
Christian Burmeister f35ffa61d0
Update Dockerfile 2019-02-08 17:03:38 +01:00
Christian Burmeister 0e8f8ada1f
Update Dockerfile 2019-02-08 17:03:16 +01:00
andryyy 4e97da197e
[Dovecot] Fix quarantine notificatin script
[Compose] Update Dovecot image
2019-02-08 10:06:28 +01:00
andryyy 36ad9dbf78
[ACME] verify_html should accept 3** and 2** 2019-02-08 00:04:05 +01:00
andryyy c438411a3d
[Dovecot] Extend quarantine template: add score and release/delete buttons - depending on acl 2019-02-06 09:21:54 +01:00
andryyy 2a5f6413fa
[Dovecot] Derive text part in quota/quarantine notification mails from html 2019-02-05 10:38:28 +01:00
andryyy 12291436cd
Push image base to Alpine 3.9 2019-02-05 00:01:31 +01:00
andryyy c7c1422095
[Dovecot] Add quota_notify script
[Dovecot] Some minor changes to quarantine notification script to catch more errors
2019-02-05 00:00:22 +01:00
andryyy ccc61bf2dc
[PHP-FPM] PHP 7.3, mailparse from Git as long as no releas exists 2019-02-04 23:46:45 +01:00
andryyy 9f2a6f13a5
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-02-04 23:45:54 +01:00
andryyy 3bfd2c8885
[Dovecot] Once again... finally fixed? 2019-01-31 22:18:38 +01:00
andryyy dcd6b2268e
[Dovecot] Various fixes for quarantine notifications, many thanks to @DevTek314 for reporting them! 2019-01-31 21:45:58 +01:00
andryyy 3aef412669
[Dovecot] Fix type of last_notification 2019-01-31 20:53:08 +01:00
andryyy 24432b0d9d [PHP-FPM] Remove old fix 2019-01-31 17:08:03 +01:00
andryyy 6d4bcfabb1
[PHP-FPM] Fix sed command 2019-01-31 15:51:00 +01:00
andryyy 3832d04998
[PHP-FPM] Fix sed command 2019-01-31 15:49:53 +01:00
andryyy 61cd2c0353 [PHP-FPM] Patch legacy template lib of NC if exists 2019-01-31 15:44:56 +01:00
andryyy 8c433bf0da [PHP] Drop pear modules 2019-01-30 11:55:03 +01:00
andryyy c456fe12b3
[Dovecot] Fix last_notification in quarantine_notify.py 2019-01-29 12:13:26 +01:00
andryyy 07392b7437
[Watchdog] Use stackoverflow.com for DNS check
[Git] Ignore mail_plugins*
[Dovecot] Read mail_plugins from dynamically generated file
[Dovecot] Encrypt FTS
[Dovecot] Add break_imap_seach option to Solr
[Web] Add ability to send quarantine notification mails
[Web] Minor style fixes
[Web] Add new MAILBOX_DEFAULT_ATTRIBUTES (doc updates, anyone? :-( )
[Web] Use rcpt_smtp if rcpt_mime is not set
[Web] Other minor fixes
2019-01-29 00:20:39 +01:00
andryyy f493d3a957
[Dovecot] Simplify Docker image
[Dovecot] Set Dovecot plugins dynamically via file and exclude Solr if not enabled
[Dovecot] Add new quarantine notification script
2019-01-29 00:11:12 +01:00
André Peters b2bb593656
[Dovecot] imapsync: Connect to database via socket 2019-01-19 11:57:48 +01:00
Dirk Weise 23c2249fa7
Log imapsync cronjob errors
Errors from the imap sync cronbjob are currently dropped silently.
2019-01-18 18:25:43 +01:00
Dirk Weise 630bce5f29
imapsync: Connect to database via socket
Make the imapsync script connect to mysql via socket and not tcp like all other services do.

Reasoning: consistency. 🤓  And in my case the database does not listen on tcp; just on the socket.
2019-01-18 17:36:30 +01:00
andryyy d6efc2fcd3
[Rspamd] Fix metadata_exporter
[Web] Show subjet in quarantine
[Compose] Update Rspamd image
2019-01-17 22:00:18 +01:00
andryyy ae4e1358a2
[Solr] Refuse to start with RAM lt 2 GB
[Config/Update] Set limits and change descriptions for Solr
2019-01-17 20:25:38 +01:00
andryyy 5081d6d9f1
[ClamAV] Add more signatures 2019-01-16 23:41:42 +01:00
andryyy 62ccd4215e [SOGo] Allow to turn off GAL for each domain 2019-01-16 23:41:15 +01:00
andryyy 0c84b484a5
[DockerAPI] Add unused FTS endpoints... 2019-01-16 22:20:22 +01:00
André Peters f3dfe346bf [Dovecot] Allow setting ACL_ANYONE in mailcow.conf 2019-01-16 19:08:19 +01:00
andryyy 889b260b7d
[ClamAV] Set prio of clamd parent to 10, fixes #2174 2019-01-13 23:03:07 +01:00
andryyy 5619221ed0
[ClamAV] Fix whitelist permission error
[Compose] New image for ClamAV
[Git] Add ignore data/web/nextcloud*
2019-01-13 11:21:44 +01:00
andryyy ab35e1d688 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-01-10 22:14:52 +01:00
andryyy b0130c153c
[Clamd] Improve logging
[Compose] Remove tty from clamd-mailcow
2019-01-10 22:13:59 +01:00
amorfo77 9a90647709
[Clamav] Remove duplicate chown 2019-01-10 13:31:34 +01:00
andryyy e42afa39a8
[ClamAV] Update to 0.101.1 (based on Debian to fix some errors)
[ClamAV] Some config values are deprecated and were replaced
2019-01-08 12:54:33 +01:00
Markus Heberling 9750ec5bec
Merge branch 'master' into master 2019-01-01 14:20:22 +01:00
andryyy 4f278255a5
[SOGo] Fix ealarms, again, fixes #2136
[Compose] Update SOGo image
2018-12-29 21:19:25 +01:00
andryyy 3fa42ada8e [Compose] Update to Redis 5
[Compose] New images for watchdog and PHP-FPM
[Watchdog] Run IPv6 NAT check hourly
[PHP-FPM] Update PHP and libs
2018-12-27 10:47:00 +01:00
andryyy 424bc997ad [Watchdog] Add check for IPv6 NAT: Make sure IPv6 NAT container was started at least 30s after other containers
[Compose] ipv6nat depends on all containers
[Compose] Update watchdog image
2018-12-27 08:20:49 +01:00
Michael Kuron 0974a5fb60
Fix transport map authentication with multiple identical nexthops 2018-12-25 15:02:50 +01:00
andryyy 9aca90c75f [SOGo] Fix file path of sogo-full.svg
[Compose] Updated SOGo image
[Update] Add user.name and user.email for local git config if missing
2018-12-22 16:56:50 +01:00
andryyy e84dec3b56 [SOGo] Revert self-built SOGo 2018-12-21 19:54:32 +01:00
andryyy fbe46e39e5 [SOGo] Copy logo from config dir, no need to rebuild image 2018-12-20 19:02:20 +01:00
andryyy 8f686c1543 [Postfix] Split sasl passwd maps to not lookup sender_dependent_default_transport_maps auth info when querying for transport_maps 2018-12-19 09:38:56 +01:00
andryyy 29512fa4e1 [SOGo] Build stable SOGo versions
[SOGo] Remove custom colors, there were various broken styles especially for indicators of freebusy states
2018-12-19 09:34:16 +01:00
andryyy 6f1ec5acbf [Watchdog] Alert when ratelimit log changed (does NOT send one mail per triggered ratelimit) 2018-12-15 21:21:22 +01:00
andryyy 468e3dbe12 [PHP-FPM] Try SQL once, prevent loops (todo: fix view before upgrade) 2018-12-15 21:20:21 +01:00
andryyy c4446b85f1 [Rspamd] Add ratelimit.lua (to be removed from Dockerfile with next Rspamd release) 2018-12-15 21:19:35 +01:00
andryyy b7c9af5e75 [Dovecot] Give master user a uid and gid, fixes #2093 2018-12-13 19:52:50 +01:00
andryyy d8906e3d6c [Dovecot] Trim more logs 2018-12-12 22:51:55 +01:00
Markus Heberling 4755bb323b Allow setting ACL_ANYONE in the configuration 2018-12-11 11:32:36 +01:00
andryyy 5153623539 [Dovecot] Add master user to userdb (to be used in SOGo)
[SOGo] Use sieve.creds to authenticate against Dovecot and send email reminders
2018-12-10 23:23:56 +01:00
andryyy b710cb751b [Dovecot] Split imapsync cron by -- 2018-12-10 13:24:51 +01:00
andryyy 09b9055f1a [DockerAPI] Add mysql_upgrade task 2018-12-10 13:24:07 +01:00
andryyy 04b699a3c7 [PHP-FPM] Trigger mysql_upgrade 2018-12-10 13:22:25 +01:00
andryyy 2a6320b86e [Netfilter] Disable aborted login without auth as fail2ban trigger
[Dovecot] passdb query ignored active attribute in mailbox table
[PHP-FPM] Add default release format for spam
2018-12-06 16:49:28 +01:00
andryyy cfab7274b7 [Netfilter] Revert SNAT rule check, todo: check DNS with SNAT enabled 2018-12-01 23:12:27 +01:00
andryyy 45ecc26a12 [Netfilter] Do not delete SNAT rule if not on first position 2018-12-01 21:17:08 +01:00