Commit Graph

318 Commits (adf9daa9b7ec757a0cdc7ed92a5ad53579c2f32c)

Author SHA1 Message Date
André Peters ff3328ea8c [SOGo] Use indigo theme, copy logo and theme.js to image 2018-02-19 12:56:45 +01:00
André Peters fc53a69a44 [Helper] Nextcloud 13; Additional header for Nextcloud site
[PHP-FPM] Build gd with TTF support
2018-02-18 20:59:32 +01:00
André Peters 280431f98d Fix conflict 2018-02-17 08:51:09 +01:00
André Peters 1f09544f32 Fix conflict 2018-02-16 22:44:02 +01:00
André Peters 2865c892a6 [Multi] Fixes #1058 by including a 'force password update' option and also introduces a attributes json object to be used for further mailbox configurations in the future 2018-02-16 22:40:51 +01:00
André Peters 9da6aebfb9 [SOGo] Fix timezone bug in previous nightly 2018-02-16 10:35:22 +01:00
André Peters 6ad9fbe436 [Compose] Add missing var 2018-02-12 21:37:18 +01:00
André Peters a3d9f5a984 [Compose] Add missing var 2018-02-12 21:36:55 +01:00
André Peters bcfd181ac3 [Compose] Add missing var 2018-02-12 21:36:10 +01:00
André Peters e85cd38945 [SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006 2018-02-12 21:34:59 +01:00
André Peters 74c804b9a3 [SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006 2018-02-12 21:32:49 +01:00
André Peters 1f98c42d4f [Compose] New images; mount Rspamd sockets; mount override.d as rw 2018-02-08 22:58:27 +01:00
andre.peters 6118085890 [Compose] Expose SQL to 13306 on 127.0.0.1 2018-02-05 21:42:13 +01:00
andre.peters cf1e46723a [Dovecot] Fixes CVE-2017-15132 - take 2 2018-02-01 23:37:10 +01:00
andre.peters ae4ccd4d17 [Dovecot] Fixes CVE-2017-15132 - take 2 2018-02-01 23:35:55 +01:00
andre.peters 6ebcd00521 [Dovecot] Fixes CVE-2017-15132 2018-02-01 22:43:28 +01:00
andre.peters c5f9b065f6 [Dovecot] Fixes CVE-2017-15132 2018-02-01 22:27:48 +01:00
andre.peters 6be0577638 [Compose] Allow to disable IPv6 2018-02-01 21:45:49 +01:00
andre.peters 631214d601 [Compose] New images 2018-02-01 18:23:05 +01:00
andre.peters fd849681cc [Compose] Rename fail2ban to netfilter; Add SNAT option; New PHP-FPM image 2018-02-01 13:33:41 +01:00
andre.peters 2c5f6bc24b [Compose] New images, disable watchdog debug 2018-01-30 08:58:41 +01:00
André Peters 001d43f993
Update docker-compose.yml 2018-01-29 14:41:09 +01:00
Michael Kuron 8f4b1244a6
[compose] add default values for IPV4_NETWORK, IPV6_NETWORK, LOG_LINES 2018-01-27 17:43:05 +01:00
andre.peters 7433b6dc91 [ClamAV] Build from source, fix bugs...
[Compose] New clamd-mailcow image
2018-01-27 10:26:12 +01:00
andre.peters b8fc27fc78 [Compose] Add net_bind_service to Postfix container caps 2018-01-25 22:45:06 +01:00
andre.peters 04f9d74339 [Web, Dovecot] Add new options to imapsync, other minor changes to forms, partly fixes #955 2018-01-24 12:59:11 +01:00
andre.peters 4f2d9bc48e [Compose] New images; Allow to set networks; mount ClamAV configs 2018-01-24 09:25:13 +01:00
andre.peters 76573da3b9 [Compose] Removed some static IPs, added local configs, pushed new images 2018-01-21 15:03:24 +01:00
andre.peters 003e6ef5cd [Web] Important fixes for quarantaine; other minor changes 2018-01-17 15:22:11 +01:00
andre.peters 09b6c20bad [DockerAPI] Hide stderr from rspamadm output 2018-01-14 18:44:06 +01:00
andre.peters 5d5d36fc60 [Dovecot] Revert to 2.2 to fix various errors 2018-01-14 10:44:06 +01:00
andre.peters 38aaeeb30b [Dovecot] Dovecot 2.3 from git for temp fixes
[ACME] Use -a switch (thanks to jas8522!)
2018-01-14 10:34:06 +01:00
andre.peters 42923698fd [Dovcot] Fixes for v2.3 2018-01-13 22:49:50 +01:00
andre.peters a495cce083 [Compose] Add debug command to watchdog 2018-01-09 11:23:54 +01:00
andre.peters 1e9cae9084 [Compose] New images with LOG_LINES
[Update] Do not add empty line in each loop
2018-01-08 22:00:54 +01:00
andre.peters 8474840926 [Compose] New SOGo and ACME images 2018-01-02 18:13:43 +01:00
andre.peters 8d56534e76 [Postfix] Don't try to authenticate to relayhosts without username, fixes #725 2017-12-25 10:18:49 +01:00
andre.peters c067e6f715 [Compose] Push dockerapi version 2017-12-20 08:59:07 +01:00
andre.peters ae56c3b59e Fix quarantaine 2017-12-11 10:44:46 +01:00
andre.peters f1d533eef6 [Compose] Add TZ for libc to containers, add Rspamd controller password file to Docker API 2017-12-11 09:42:23 +01:00
andre.peters eb08b39c0a Update images 2017-12-09 22:12:58 +01:00
andre.peters 5f5b6652a1 Remove health check 2017-12-09 13:15:39 +01:00
André ade4b9e7ae [Postfix, Web] Feature: BCC maps 2017-11-19 15:13:43 +01:00
André 5211ab10ed [ACME] Fix license issue 2017-11-16 14:57:17 +01:00
André c45ea5433f [Rspamd] Base on xenial to fix mime types problems 2017-11-15 12:29:18 +01:00
André fe845ee56d [Fail2ban] Fix fail2ban container 2017-11-14 19:50:20 +01:00
André 84a7a1a2e7 [Compose] New images, Nginx checks for SOGo before bootstrapping
[PHP-FPM] Some more modules (primarily for Horde)
[Fail2ban] Do not log matches of local and private ips
[Watchdog] Some changes in log system for further processing (wip)
[ACME] Fixes #745
2017-11-14 10:44:22 +01:00
André 60e97503f7 [Web, Dovecot] Show wether a sync job is running, validate min max input attr and validate these values 2017-11-08 11:07:32 +01:00
André 548fe979ec [Compose] add net_bind_service cap to Dovecot, new images, reduce oom_score for dockerapi 2017-11-05 12:17:37 +01:00
André bcdccf9c92 [Compose] New images, add restart to dockerapi, remove stop grace period (container now handles stop signals better) 2017-11-03 20:38:59 +01:00
André 1e9bc49f2c [Rspamd] Echo dummy for fowardingshosts map; Use higher map reading interval;
[Dockerapi] Exit on sigterm;
[Watchdog] Wait for dockerapi-mailcow to be online
2017-10-27 11:22:39 +02:00
Michael Kuron 3692fc8f32 Update rspamd 2017-10-25 19:43:44 +02:00
André 7054aa316b [Compose] New Rspamd image version; Syntax check Nginx conf before starting container; New ACME image version 2017-10-21 10:09:29 +02:00
André a35bf76154 [Compose] Remove init where possible or replace init by tini, set grace periods 2017-10-15 09:42:51 +02:00
André c3e36be576 [Compose] Start to replace init 2017-10-14 23:26:47 +02:00
Michael Kuron 331cedd12f Update rspamd 2017-10-14 13:18:44 +02:00
andryyy 77745e0f79 [Compose] Add fixed ip for watchdog, remove temp. watchdog command, push new Postfix and Dovecot versions 2017-10-11 11:18:58 +02:00
andryyy 2862b43c81 [Watchdog] Fix watchdog to fit non-exposed PHP 2017-10-09 15:54:54 +02:00
andryyy 6110ac386f [SOGo] Use official nightly; [PHP-FPM] Fix expose=off 2017-10-09 15:45:48 +02:00
andryyy 874aac3c5e [Nginx, PHP-FPM] Do not expose PHP version, example for nextcloud site, include custom locations to site (add site.something.custom to data/conf/nginx) 2017-10-08 22:57:34 +02:00
andryyy 72995ff98e [PHP-FPM] Include more modules for upcoming features and Nextcloud support, drop ro flag; [Watchdog] Some fixes and changes 2017-10-08 22:47:52 +02:00
andryyy ef9953898c [ACME, Watchdog, DockerAPI] Use only limited Docker API 2017-10-06 13:32:49 +02:00
andryyy fc18d153cd [Compose, DockerAPI, Web, Watchdog] Watchdog may send notification mails (todo: docs), DockerAPI via Flesk for limited access 2017-10-05 23:38:33 +02:00
andryyy 405c49fb0a [Postfix] Remove old socket 2017-10-04 23:15:45 +02:00
andryyy 6f91d094e2 [Compose] Update SOGo and PHP-FPM 2017-10-04 13:03:25 +02:00
andryyy 68d7fa1504 [Watchdog] Skip when use_watchdog=n 2017-10-03 12:05:38 +02:00
Michael Kuron 752a571607 Merge pull request #638 from mkuron/acme
ACME needs to wait for MySQL to be ready
2017-09-28 12:58:07 +02:00
Michael Kuron ae79445ec0 ACME needs to wait for MySQL to be ready 2017-09-27 19:48:25 +02:00
andryyy 337c9e350e [Watchdog] Reset diff, new image 2017-09-22 16:40:02 +02:00
andryyy 9a58bb1620 [Compose] New image versions due to watchdog 2017-09-21 19:23:51 +02:00
andryyy ab850dc901 [ACME] Detect and fix invalid registration 2017-09-21 09:46:09 +02:00
andryyy 38649cca3d [Compose] Remove dns_search 2017-09-20 23:22:38 +02:00
andryyy 3ec18619ee [Compose] Push new images 2017-09-20 12:56:04 +02:00
andryyy a8fb1d3f4f Add experimental watchdog 2017-09-20 10:56:49 +02:00
andryyy 1c3194910d [Compose] Rspamd fix 2017-09-16 23:28:54 +02:00
andryyy 1b974bc8d1 [Compose] New images 2017-09-16 23:05:33 +02:00
andryyy 8741b5f3b1 [Compose] Enable some minimal inits, change or remove some health checks 2017-09-16 13:17:37 +02:00
andryyy 79985ad7ed [Compose] Disable strict mode in MariaDB 10.2 (temp.), skip most DNS resolving in MariaDB, fix MariaDB healthcheck by using a valid user, set larger MariaDB packet size 2017-09-12 20:59:24 +02:00
andryyy 9a504de1f8 [ClamAV] Restart only on failure 2017-09-12 07:57:09 +02:00
andryyy 1ffed58956 [ACME] New version, better IPv4 detection 2017-09-11 21:51:17 +02:00
andryyy 2f41832e58 Cleanup 2017-09-08 18:37:28 +02:00
andryyy c5530273b0 [ACME] Push new image version 2017-09-04 20:58:49 +02:00
andryyy 008d500f4d [Compose, Dovecot] Fixed missing ltrim 2017-09-01 23:39:51 +02:00
andryyy 7351fcf1e3 [Compose, SOGo] New version, ltrim logs 2017-09-01 23:33:12 +02:00
andryyy 08d6b97ffa [Dovecot] New Dovecot and Pigeonhole versions; include delete2 option in imapsync 2017-08-31 10:36:10 +02:00
andryyy 4a0e3a433b [Fail2ban] Remove rule to detect disconnects without authentication 2017-08-30 22:27:33 +02:00
andryyy b1213c51d7 [Rspamd] Dynamic ratelimit fixed, removed async redis request; Ready to implement per-user ratelimits via UI (tbd) 2017-08-30 21:42:39 +02:00
andryyy ba13086446 [SOGo] Update to image v1.5
[Rspamd] Mount custom directory
2017-08-18 22:16:15 +02:00
André Peters 92eefc1288 Merge pull request #486 from mkuron/patch-1
Disable ClamAV phishing filter
2017-08-02 15:54:16 +02:00
Michael Kuron dec64eef32 Disable ClamAV phishing filter
ClamAV has a phishing filter built in, but it generates too many false positives. We can disable it without risk because rspamd also checks for phishing itself.
2017-08-02 14:42:53 +02:00
andryyy 2eed7c05a1 [Dovecot] Push version, fix cronjob (fixes #310) 2017-08-01 14:02:00 +02:00
andryyy 1d90702bae [MySQL] Fix max connections 2017-08-01 09:26:53 +02:00
andryyy deeeff0e01 [Dovecot] Push version 2017-07-31 08:20:03 +02:00
andryyy 33bf9f5c5d [Rspamd] Push image version 1.5, Rspamd 1.6.3 2017-07-26 23:07:01 +02:00
andryyy 5d5646df0c [Compose, SOGo] Update SOGo, give SOGo more time for a graceful restart, autorestart on any exit code 2017-07-24 22:53:23 +02:00
andryyy 83d485dd94 [Web, Postfix, Compose] Allow to add relayhosts per domain (+ plain and login authentication) 2017-07-22 20:39:54 +02:00
andryyy 4e148c7026 [Compose] Push Rspamd 1.4; Push acme 1.14; Add Dovecot ulimits 2017-07-13 12:54:29 +02:00
andryyy e6727b1fd6 [ACME] Iterate alias domains, use hostname in subject field 2017-07-13 12:51:52 +02:00
andryyy 48318a4999 [Compose] nslookup against google.com 2017-07-11 22:51:48 +02:00
andryyy 99cd459655 [Compose] Remove logging restrictions to make it easier to implement other drivers; Push new Postfix, SOGo and Dovecot images 2017-07-11 17:06:36 +02:00
andryyy 12e9620a07 [Compose] Add DOVEADM_PORT with default binding 127.0.0.1:19991 2017-07-10 21:28:24 +02:00
andryyy 51660589d4 [Rspamd] Push version 1.3 2017-07-09 22:28:36 +02:00
andryyy 86e86c7758 [Compose] Important health check fix for nginx-mailcow 2017-07-07 11:20:00 +02:00
andryyy a324b1a385 [Rspamd] Fix DKIM siging (base64 hash line folding) 2017-07-06 15:57:33 +02:00
andryyy 44d3a6eee8 [Compose] Slight changes to health checks to start a bit faster 2017-07-06 11:34:10 +02:00
andryyy e357eb1131 [SOGo] SOGo v3.2.10 (https://git.io/vQV7r) 2017-07-06 11:23:40 +02:00
andryyy 69da02c144 [Dovecot] Important fix for Pigeonhole (downgrade) 2017-07-05 19:13:07 +02:00
andryyy 2fadfee61a [SOGo] Remove thunderbird plugin generation, will move to docs 2017-07-05 10:22:48 +02:00
andryyy fa8b5c3ab1 [ACME] Version 1.12 2017-07-04 21:33:45 +02:00
andryyy dc463c3dda [Multiple] Push multiple logs to Redis channel for fail2ban-mailcow to read. Enables Fail2ban independently of used Docker logging driver. 2017-07-04 18:08:20 +02:00
andryyy a2f1c09a84 [Web] Style changes to DKIM import section, push login errors to Redis channel 2017-07-04 18:05:04 +02:00
andryyy ace247b3b9 [ACME] Unset name arrays before reusing them 2017-07-03 10:20:09 +02:00
andryyy 2cf9f71613 [ACME] Revert fix for empty additional_san, fix skip_ip_check in ACME 2017-07-02 20:18:22 +02:00
andryyy b7cb4ac9d5 [Fail2ban] Added more regex to match failed or disallowed logins to Dovecot, changed Mailcow to mailcow 2017-07-02 11:10:35 +02:00
andryyy cf594fbabd [Compose] Reduce interval of healthcheck to not wait 3 minutes for a healthy state... 2017-07-01 23:20:45 +02:00
andryyy 6853130952 [Compose] Less hammering on mailcow.email/ip.php, ability to disable IPv4 check in mailcow.conf, don't complain about missing ADDITIONAL_SAN 2017-07-01 23:13:41 +02:00
andryyy 49e72b6c72 Reduce Unbound health check, push Dovecot and ACME image versions 2017-06-30 20:31:04 +02:00
andryyy a6b60aebb8 [Fai2ban] Added auto-detection for container names; Allow multiple rules for each container; log rule id and container on match 2017-06-29 11:30:14 +02:00
andryyy 9040d456ed [acme-mailcow] Auto-detect container ids for restart; Restart containers after restore 2017-06-29 10:25:32 +02:00
andryyy 3d652dd3d0 Added more checks for acme-mailcow 2017-06-29 00:56:51 +02:00
andryyy 6d8438c01c - More checks for acme-mailcow (verify hashes)
- Autodiscover configuration file: Merge array from vars.local.inc.php
- Push acme-mailcow to 1.6
2017-06-28 23:22:51 +02:00
andryyy a58c5a3240 Push version of acme-mailcow 2017-06-27 20:16:43 +02:00
andryyy e9ea0712f2 Add SKIP_FAIL2BAN var 2017-06-27 10:26:48 +02:00
andryyy 433e0c8f9a Allow /0 to whitelist all, push f2b version in yml 2017-06-27 09:32:57 +02:00
andryyy b6bc1eaf0a Fix autodiscover, pass ports to phpfpm-mailcow for further features and autodiscover 2017-06-25 18:09:42 +02:00
andryyy 8590cc577b Move folder names to match image names 2017-06-25 00:21:24 +02:00
andryyy 47eb11338c Push fail2ban version to 1.2 2017-06-24 20:06:23 +02:00
andryyy e39615ed55 Redis as dependency for Fail2ban 2017-06-24 20:02:33 +02:00
andryyy b8e9b3d879 fail2ban:1.1, use Redis, add logging, ban time and max attempts to be configured via UI soon 2017-06-24 00:07:18 +02:00
andryyy fdc98f8418 Fixed IP for Redis, fail2ban-mailcow: pass TZ env var 2017-06-24 00:04:50 +02:00
andryyy 2104034156 cp -n is unknown 2017-06-23 14:22:54 +02:00
andryyy 0fafadb0bb Also bind to 0.0.0.0 by default 2017-06-23 10:53:44 +02:00
andryyy 59623a639e Keep key when issuing new certificate to not break TLSA records with options 3 1 1 2017-06-23 08:40:05 +02:00
Michael Kuron 1f9b5cb16e ACME: support CNAME in domain checks 2017-06-22 20:36:03 +02:00
andryyy 4066f3507c New Rspamd image, also fixes #386 2017-06-22 17:12:13 +02:00
andryyy 2c3d649f0f Skip LE with configuration parameter 2017-06-22 09:06:28 +02:00
andryyy b051870ba4 Limit log size as most information is written to Redis 2017-06-21 21:39:24 +02:00
andryyy ca917673bd Introduce image tags 2017-06-20 20:05:49 +02:00
andryyy 8eeae43824 Fixed IP for MySQL to prevent IPv6 issues 2017-06-19 10:18:16 +02:00
andryyy d720f31684 Use unbound.conf from data/conf 2017-06-18 21:03:57 +02:00
andryyy 6fa19a37d8 Unbound changes 2017-06-18 20:23:26 +02:00
andryyy 7b1eb71216 Change Unbound health check 2017-06-17 21:46:43 +02:00
andryyy ac7dc3e330 Fix alias 2017-06-17 21:41:12 +02:00
Michael Kuron 115ac81bc6 Pass hostname to SOGo Integrator build script 2017-06-17 13:59:09 +02:00
andryyy 89788340a0 Fix ActiveSync (SOGo issue 4142 and 4119) 2017-06-16 23:02:23 +02:00
Michael Kuron c739091a67 Customize the SOGo Integrator plugin for Thunderbird 2017-06-16 10:30:40 +02:00
andryyy 6d49dfb4e1 Less restarts 2017-06-13 23:38:08 +02:00
andryyy 26c7cabee5 Unbound needs to be healthy 2017-06-13 07:45:41 +02:00
andryyy b367ec0ace Add Unbound as better DNSSEC enabled resolver 2017-06-12 23:48:27 +02:00
andryyy 92e2999dc0 Remove DNS recursor 2017-06-12 09:22:02 +02:00