Commit Graph

299 Commits (ae56c3b59e6c2bc2dbddedc5dbb1ec29d5643855)

Author SHA1 Message Date
andryyy 2b97305f6d [ACME] Sleep, don't exit 2017-09-16 13:17:48 +02:00
andryyy 762f18e913 [Clamd] Use Dockerds own init system 2017-09-14 23:13:24 +02:00
andryyy eeaa48a729 [PHP-FPM] Use valid user for mysqladmin ping
[SOGo] Use valid user for mysqladmin ping
2017-09-12 20:57:18 +02:00
andryyy 1ffed58956 [ACME] New version, better IPv4 detection 2017-09-11 21:51:17 +02:00
andryyy ed4e8d301c Fix tabs 2017-09-08 18:41:02 +02:00
andryyy b8c4093702 [Web] Allow a spam score up to 2000, fixes #556 2017-09-07 20:20:36 +02:00
Tobias fcd0efc265 Change primary name of SSL certificate
Hostname as primary name for the SSL certificate, all other names will
be added as SAN
2017-09-03 19:41:47 +02:00
andryyy 1f90433429 [Dovecot, Postfix, SOGo] Fix redis log cleanup, fixes #542 2017-09-03 11:57:58 +02:00
andryyy 446907944a [Postfix] Fix missing ltrim 2017-09-01 23:40:23 +02:00
andryyy 008d500f4d [Compose, Dovecot] Fixed missing ltrim 2017-09-01 23:39:51 +02:00
andryyy 7351fcf1e3 [Compose, SOGo] New version, ltrim logs 2017-09-01 23:33:12 +02:00
andryyy 4d7bb26874 [Postfix] Add null rcpt for watchdog 2017-09-01 12:22:29 +02:00
andryyy 08d6b97ffa [Dovecot] New Dovecot and Pigeonhole versions; include delete2 option in imapsync 2017-08-31 10:36:10 +02:00
andryyy 4a0e3a433b [Fail2ban] Remove rule to detect disconnects without authentication 2017-08-30 22:27:33 +02:00
andryyy b1213c51d7 [Rspamd] Dynamic ratelimit fixed, removed async redis request; Ready to implement per-user ratelimits via UI (tbd) 2017-08-30 21:42:39 +02:00
andryyy 7a2c0f2ee7 [Acme] Skip backup mx domains 2017-08-18 09:57:25 +02:00
André Peters 92eefc1288 Merge pull request #486 from mkuron/patch-1
Disable ClamAV phishing filter
2017-08-02 15:54:16 +02:00
Michael Kuron dec64eef32 Disable ClamAV phishing filter
ClamAV has a phishing filter built in, but it generates too many false positives. We can disable it without risk because rspamd also checks for phishing itself.
2017-08-02 14:42:53 +02:00
andryyy 2eed7c05a1 [Dovecot] Push version, fix cronjob (fixes #310) 2017-08-01 14:02:00 +02:00
andryyy c7484434dd [Dovecot] Remove master.pid if not running; Check for active imapsync besides lock file; Reconnect MySQL connection in imapsync_cron.pl 2017-07-31 08:19:02 +02:00
andryyy 33bf9f5c5d [Rspamd] Push image version 1.5, Rspamd 1.6.3 2017-07-26 23:07:01 +02:00
andryyy 8da02378b1 [Rspamd] Use Nginx IP in settings map 2017-07-26 23:04:49 +02:00
andryyy 03c614f749 [Postfix] Use Nginx IP in whitelist_forwardinghosts.sh 2017-07-26 23:04:27 +02:00
andryyy b629089ff8 [SOGo] Rename reconf-domains to bootstrap-sogo and exec sogod after a successful bootstrap; Wait for SOGo to die and free listener 2017-07-24 23:25:04 +02:00
andryyy 5d5646df0c [Compose, SOGo] Update SOGo, give SOGo more time for a graceful restart, autorestart on any exit code 2017-07-24 22:53:23 +02:00
andryyy 83d485dd94 [Web, Postfix, Compose] Allow to add relayhosts per domain (+ plain and login authentication) 2017-07-22 20:39:54 +02:00
andryyy ed33cb5f57 [Rspamd] ARC: Disallow login/domain mismatch 2017-07-21 11:03:35 +02:00
andryyy 5f5872f78b [Rspamd] Initial custom ratelimit support 2017-07-13 12:54:53 +02:00
andryyy e6727b1fd6 [ACME] Iterate alias domains, use hostname in subject field 2017-07-13 12:51:52 +02:00
andryyy 9e92c4a2ad [Dovecot] Do not keep persistent logs in a container 2017-07-11 17:09:31 +02:00
andryyy f8ae5158cb [Postfix] Do not keep persistent logs in a container 2017-07-11 17:09:20 +02:00
andryyy a31819fd6c [SOGo] Log to a pipe to not keep logs in a container 2017-07-11 17:08:06 +02:00
andryyy 51660589d4 [Rspamd] Push version 1.3 2017-07-09 22:28:36 +02:00
andryyy a324b1a385 [Rspamd] Fix DKIM siging (base64 hash line folding) 2017-07-06 15:57:33 +02:00
andryyy 69da02c144 [Dovecot] Important fix for Pigeonhole (downgrade) 2017-07-05 19:13:07 +02:00
andryyy 7f47af1d60 Fix destination hash 2017-07-05 12:31:52 +02:00
andryyy 87cc5f54ff [Postfix] Fix redis log destination hash 2017-07-05 12:03:12 +02:00
andryyy 2fadfee61a [SOGo] Remove thunderbird plugin generation, will move to docs 2017-07-05 10:22:48 +02:00
andryyy de14d30e6b [ACME] Fix exit command (was using echo), fix for duplicate SAN (filter) 2017-07-04 21:32:58 +02:00
andryyy dc463c3dda [Multiple] Push multiple logs to Redis channel for fail2ban-mailcow to read. Enables Fail2ban independently of used Docker logging driver. 2017-07-04 18:08:20 +02:00
andryyy ed11e7586e [Clamd] Add SKIP_CLAMD variable to disable Clamd start 2017-07-04 18:05:44 +02:00
andryyy ace247b3b9 [ACME] Unset name arrays before reusing them 2017-07-03 10:20:09 +02:00
andryyy 2cf9f71613 [ACME] Revert fix for empty additional_san, fix skip_ip_check in ACME 2017-07-02 20:18:22 +02:00
andryyy cf902854d7 Merge, conflict fixed 2017-07-02 11:22:35 +02:00
andryyy b7cb4ac9d5 [Fail2ban] Added more regex to match failed or disallowed logins to Dovecot, changed Mailcow to mailcow 2017-07-02 11:10:35 +02:00
andryyy ae5ce6568d [Dovecot] Dovecot 2.2.31, Pigeonhole 0.4.19 2017-06-30 20:30:30 +02:00
andryyy 5ab11c0c1e [ACME] Show err instead of empty var when IP lookup failed 2017-06-30 20:29:55 +02:00
andryyy d2048ccf20 [ACME] Be more verbose about IP address 2017-06-29 21:22:01 +02:00
andryyy a6b60aebb8 [Fai2ban] Added auto-detection for container names; Allow multiple rules for each container; log rule id and container on match 2017-06-29 11:30:14 +02:00
andryyy 9040d456ed [acme-mailcow] Auto-detect container ids for restart; Restart containers after restore 2017-06-29 10:25:32 +02:00
andryyy 3d652dd3d0 Added more checks for acme-mailcow 2017-06-29 00:56:51 +02:00
andryyy 6d8438c01c - More checks for acme-mailcow (verify hashes)
- Autodiscover configuration file: Merge array from vars.local.inc.php
- Push acme-mailcow to 1.6
2017-06-28 23:22:51 +02:00
andryyy b0584c3622 Use , as IFS for additional san 2017-06-28 10:50:51 +02:00
andryyy f7bce8b81a Copy dhparams if not found 2017-06-27 20:15:53 +02:00
andryyy e9ea0712f2 Add SKIP_FAIL2BAN var 2017-06-27 10:26:48 +02:00
andryyy b9ffcf2bf8 Add whitelist function to Fail2ban 2017-06-26 23:18:05 +02:00
andryyy 8590cc577b Move folder names to match image names 2017-06-25 00:21:24 +02:00
andryyy c4c1bdf477 Add a retry window for fail2ban-mailcow, add priority to logging, added window time to logging string" 2017-06-24 20:04:12 +02:00
andryyy b8e9b3d879 fail2ban:1.1, use Redis, add logging, ban time and max attempts to be configured via UI soon 2017-06-24 00:07:18 +02:00
andryyy 2104034156 cp -n is unknown 2017-06-23 14:22:54 +02:00
andryyy 59623a639e Keep key when issuing new certificate to not break TLSA records with options 3 1 1 2017-06-23 08:40:05 +02:00
andryyy 18e52ab27d More debug output, keep key for TLSA 3 1 1, other minor changes 2017-06-23 08:33:07 +02:00
andryyy 85a9239ae9 Move account key 2017-06-22 21:44:10 +02:00
andryyy 0c07ff59c3 Fix skip le test... 2017-06-22 21:31:14 +02:00
Michael Kuron 1f9b5cb16e ACME: support CNAME in domain checks 2017-06-22 20:36:03 +02:00
andryyy 4066f3507c New Rspamd image, also fixes #386 2017-06-22 17:12:13 +02:00
andryyy 856b05147c Skip LE with configuration parameter 2017-06-22 09:06:24 +02:00
NuVivo314 601f3b6947 Change select Priority
Simple change, for Select Older
2017-06-21 11:54:03 +02:00
andryyy c82c9524b0 Delete certificate if SANs were removed 2017-06-20 20:06:54 +02:00
andryyy 428140d34f Version update 2017-06-20 20:06:35 +02:00
andryyy 0e501acd7d Base on stretch 2017-06-20 20:06:24 +02:00
Markus Frosch 4be67ccd64 dovecot/imapsync_cron: Use passfiles to hide passwords from ps 2017-06-19 11:43:07 +02:00
andryyy fbf33e475a SOGo will be started after reconf script to prevent race conditions 2017-06-19 10:19:16 +02:00
andryyy 624e52e198 mysqladmin uses ping on static IPv4, supervisor does no more autostart SOGo 2017-06-19 10:18:53 +02:00
andryyy 10d83017e1 Declare correct arrays 2017-06-19 08:59:47 +02:00
andryyy 9117c499ef Do not break DNS replies.... 2017-06-18 20:57:26 +02:00
andryyy 6fa19a37d8 Unbound changes 2017-06-18 20:23:26 +02:00
andryyy 5aba885b58 Skip ACME client for other certificates than LE 2017-06-17 10:08:12 +02:00
andryyy 08edc1d1d3 Remove obsolete file, add {} 2017-06-16 23:27:16 +02:00
andryyy 812b9b617a Cannot spawn as proc in sub shell. Breaks SOGo restart. 2017-06-16 23:26:43 +02:00
Michael Kuron c739091a67 Customize the SOGo Integrator plugin for Thunderbird 2017-06-16 10:30:40 +02:00
andryyy 19325ffb2a Validate additional SAN 2017-06-14 07:24:32 +02:00
andryyy 863a0e4d06 Finally fix SOGo race condition 2017-06-13 23:38:47 +02:00
andryyy 4a0a9cbf1f Minor tweaks 2017-06-13 23:38:24 +02:00
andryyy 0fd0cff8ac Auto-sign autodiscover and autoconfig for all domains found in mailcow - only if A records exists and matches 2017-06-13 23:37:48 +02:00
andryyy 9a99975394 Fix duplicate postfix install 2017-06-13 07:45:24 +02:00
andryyy 3e09d11856 Be less verbose 2017-06-13 07:41:13 +02:00
andryyy fcfc119805 Fix race condition with workaround 2017-06-13 07:39:45 +02:00
andryyy 35a73025c7 Add until to hopefully stop race condition 2017-06-12 23:49:21 +02:00
andryyy a33aa7a2cb Fix Dockerfile 2017-06-12 23:48:56 +02:00
andryyy 261e1ad4fb Rspamd stable 2017-06-12 23:48:42 +02:00
andryyy b367ec0ace Add Unbound as better DNSSEC enabled resolver 2017-06-12 23:48:27 +02:00
Michael Kuron d6c9f96b4e Don't keep development packages in php-fpm image. 2017-06-12 17:06:57 +02:00
andryyy ef62f6b383 Acme tool checks for valid autodiscover and autoconfig A records and skips non-existing names
Todo: Add AAAA check, add check for additional_san
2017-06-12 10:45:12 +02:00
andryyy ad969d15cd Remove bind9 2017-06-12 10:43:36 +02:00
andryyy a25fc17b87 Fix permission 2017-06-12 10:43:28 +02:00
andryyy c0619a5b6b Less layers 2017-06-12 10:43:11 +02:00
andryyy 5321ebe707 Push to Dovecot 2.2.30 2017-06-12 10:42:48 +02:00
andryyy cf44745c18 Less layers 2017-06-12 10:42:33 +02:00
andryyy 02ceb6d3ef Remove obsolete files 2017-06-12 10:40:08 +02:00