paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: paxton:89fdd1986d922aa7ae87d589859cd3d483beaa23
Branches Tags
paxton:master
..
compare: paxton:7df2bb28f8d7baa1bbe893bdc394262409a042a0
Branches Tags
paxton:master

No commits in common. "89fdd1986d922aa7ae87d589859cd3d483beaa23" and "7df2bb28f8d7baa1bbe893bdc394262409a042a0" have entirely different histories.
89fdd1986d ... 7df2bb28f8

38 changed files with 150 additions and 533 deletions
Show Stats Expand all files Collapse all files

5
.github/workflows/close_old_issues_and_prs.yml vendored
View File

@ -25,11 +25,10 @@ jobs:
stale-pr-message: >
This pull request has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs.
exempt-issue-labels: "pinned,security,enhancement,investigating,neverstale"
exempt-pr-labels: "pinned,security,enhancement,investigating,neverstale"
exempt-issue-labels: "pinned,security,enhancement,investigating"
exempt-pr-labels: "pinned,security,enhancement,investigating"
stale-issue-label: "stale"
stale-pr-label: "stale"
exempt-draft-pr: "true"
operations-per-run: "250"
ascending: "true"
#DRY-RUN

1
.gitignore vendored
View File

@ -56,7 +56,6 @@ data/web/templates/cache/*
data/web/.well-known/acme-challenge
data/web/css/build/0081-custom-mailcow.css
data/web/inc/vars.local.inc.php
data/web/inc/app_info.inc.php
data/web/nextcloud*/
data/web/rc*/
docker-compose.override.yml

3
README.md
View File

@ -1,6 +1,5 @@
# mailcow: dockerized - 🐮 + 🐋 = 💕
[![master build status](https://img.shields.io/drone/build/mailcow/mailcow-dockerized/master?label=master%20build&server=https%3A%2F%2Fdrone.mailcow.email)](https://drone.mailcow.email/mailcow/mailcow-dockerized) [![staging build status](https://img.shields.io/drone/build/mailcow/mailcow-dockerized/staging?label=staging%20build&server=https%3A%2F%2Fdrone.mailcow.email)](https://drone.mailcow.email/mailcow/mailcow-dockerized) [![Translation status](https://translate.mailcow.email/widgets/mailcow-dockerized/-/translation/svg-badge.svg)](https://translate.mailcow.email/engage/mailcow-dockerized/)
[![Twitter URL](https://img.shields.io/twitter/url/https/twitter.com/mailcow_email.svg?style=social&label=Follow%20%40mailcow_email)](https://twitter.com/mailcow_email)
## Want to support mailcow?
@ -24,8 +23,6 @@ Please see [the official documentation](https://mailcow.github.io/mailcow-docker
[Telegram mailcow Off-Topic channel](https://t.me/mailcowOfftopic)
[Official Twitter Account](https://twitter.com/mailcow_email)
Telegram desktop clients are available for [multiple platforms](https://desktop.telegram.org). You can search the groups history for keywords.
## Misc

2
data/Dockerfiles/acme/Dockerfile
View File

@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.14
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

2
data/Dockerfiles/acme/obtain-certificate.sh
View File

@ -80,7 +80,7 @@ fi
printf "[SAN]\nsubjectAltName=" > /tmp/_SAN
printf "DNS:%s," "${CERT_DOMAINS[@]}" >> /tmp/_SAN
sed -i '$s/,$//' /tmp/_SAN
openssl req -new -sha256 -key ${KEY} -subj "/" -reqexts SAN -config <(cat "$(openssl version -d | sed 's/.*"\(.*\)"/\1/g')/openssl.cnf" /tmp/_SAN) > ${CSR}
openssl req -new -sha256 -key ${KEY} -subj "/" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf /tmp/_SAN) > ${CSR}
# acme-tiny writes info to stderr and ceritifcate to stdout
# The redirects will do the following:

6
data/Dockerfiles/clamd/Dockerfile
View File

@ -1,8 +1,8 @@
FROM debian:bullseye-slim
FROM debian:buster-slim
LABEL maintainer "André Peters <andre.peters@servercow.de>"
ARG CLAMAV=0.103.5
ARG CLAMAV=0.103.4
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \
zlib1g-dev \
@ -23,7 +23,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
dos2unix \
netcat \
&& rm -rf /var/lib/apt/lists/* \
&& wget -O - https://www.clamav.net/downloads/production/clamav-${CLAMAV}.tar.gz | tar xfvz - \
&& wget -O - https://fossies.org/linux/misc/clamav-${CLAMAV}.tar.gz | tar xfvz - \
&& cd clamav-${CLAMAV} \
&& ./configure \
--prefix=/usr \

2
data/Dockerfiles/dockerapi/Dockerfile
View File

@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.14
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

2
data/Dockerfiles/dovecot/Dockerfile
View File

@ -2,7 +2,7 @@ FROM debian:buster-slim
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ARG DEBIAN_FRONTEND=noninteractive
ARG DOVECOT=2.3.17.1
ARG DOVECOT=2.3.17
ENV LC_ALL C
ENV GOSU_VERSION 1.12

5
data/Dockerfiles/netfilter/Dockerfile
View File

@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.14
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ENV XTABLES_LIBDIR /usr/lib/xtables
@ -13,11 +13,10 @@ RUN apk add --virtual .build-deps \
&& apk add -U python3 \
iptables \
ip6tables \
xtables-addons \
tzdata \
py3-pip \
musl-dev \
&& pip3 install --ignore-installed --upgrade pip \
&& pip3 install --upgrade pip \
python-iptables \
redis \
ipaddress \

4
data/Dockerfiles/olefy/Dockerfile
View File

@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.14
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
WORKDIR /app
@ -12,7 +12,7 @@ RUN apk add --virtual .build-deps gcc musl-dev python3-dev libffi-dev openssl-de
&& apk del .build-deps
# && sed -i 's/decompress_stream(bytearray(compressed_code))/bytes2str(decompress_stream(bytearray(compressed_code)))/g' /usr/lib/python3.8/site-packages/oletools/olevba.py
ADD olefy.py /app/
ADD https://raw.githubusercontent.com/HeinleinSupport/olefy/master/olefy.py /app/
RUN chown -R nobody:nobody /app /tmp

220
data/Dockerfiles/olefy/olefy.py
View File

@ -1,220 +0,0 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# Copyright (c) 2020, Dennis Kalbhen <d.kalbhen@heinlein-support.de>
# Copyright (c) 2020, Carsten Rosenberg <c.rosenberg@heinlein-support.de>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
###
#
# olefy is a little helper socket to use oletools with rspamd. (https://rspamd.com)
# Please find updates and issues here: https://github.com/HeinleinSupport/olefy
#
###
from subprocess import Popen, PIPE
import sys
import os
import logging
import asyncio
import time
import magic
import re
# merge variables from /etc/olefy.conf and the defaults
olefy_listen_addr_string = os.getenv('OLEFY_BINDADDRESS', '127.0.0.1,::1')
olefy_listen_port = int(os.getenv('OLEFY_BINDPORT', '10050'))
olefy_tmp_dir = os.getenv('OLEFY_TMPDIR', '/tmp')
olefy_python_path = os.getenv('OLEFY_PYTHON_PATH', '/usr/bin/python3')
olefy_olevba_path = os.getenv('OLEFY_OLEVBA_PATH', '/usr/local/bin/olevba3')
# 10:DEBUG, 20:INFO, 30:WARNING, 40:ERROR, 50:CRITICAL
olefy_loglvl = int(os.getenv('OLEFY_LOGLVL', 20))
olefy_min_length = int(os.getenv('OLEFY_MINLENGTH', 500))
olefy_del_tmp = int(os.getenv('OLEFY_DEL_TMP', 1))
olefy_del_tmp_failed = int(os.getenv('OLEFY_DEL_TMP_FAILED', 1))
# internal used variables
request_time = '0000000000.000000'
olefy_protocol = 'OLEFY'
olefy_ping = 'PING'
olefy_protocol_sep = '\n\n'
olefy_headers = {}
# init logging
logger = logging.getLogger('olefy')
logging.basicConfig(stream=sys.stdout, level=olefy_loglvl, format='olefy %(levelname)s %(funcName)s %(message)s')
logger.debug('olefy listen address string: {} (type {})'.format(olefy_listen_addr_string, type(olefy_listen_addr_string)))
if not olefy_listen_addr_string:
olefy_listen_addr = ""
else:
addr_re = re.compile('[\[" \]]')
olefy_listen_addr = addr_re.sub('', olefy_listen_addr_string.replace("'", "")).split(',')
# log runtime variables
logger.info('olefy listen address: {} (type: {})'.format(olefy_listen_addr, type(olefy_listen_addr)))
logger.info('olefy listen port: {}'.format(olefy_listen_port))
logger.info('olefy tmp dir: {}'.format(olefy_tmp_dir))
logger.info('olefy python path: {}'.format(olefy_python_path))
logger.info('olefy olvba path: {}'.format(olefy_olevba_path))
logger.info('olefy log level: {}'.format(olefy_loglvl))
logger.info('olefy min file length: {}'.format(olefy_min_length))
logger.info('olefy delete tmp file: {}'.format(olefy_del_tmp))
logger.info('olefy delete tmp file when failed: {}'.format(olefy_del_tmp_failed))
if not os.path.isfile(olefy_python_path):
logger.critical('python path not found: {}'.format(olefy_python_path))
exit(1)
if not os.path.isfile(olefy_olevba_path):
logger.critical('olevba path not found: {}'.format(olefy_olevba_path))
exit(1)
# olefy protocol function
def protocol_split( olefy_line ):
header_lines = olefy_line.split('\n')
for line in header_lines:
if line == 'OLEFY/1.0':
olefy_headers['olefy'] = line
elif line != '':
kv = line.split(': ')
if kv[0] != '' and kv[1] != '':
olefy_headers[kv[0]] = kv[1]
logger.debug('olefy_headers: {}'.format(olefy_headers))
# calling oletools
def oletools( stream, tmp_file_name, lid ):
if olefy_min_length > stream.__len__():
logger.error('{} {} bytes (Not Scanning! File smaller than {!r})'.format(lid, stream.__len__(), olefy_min_length))
out = b'[ { "error": "File too small" } ]'
else:
tmp_file = open(tmp_file_name, 'wb')
tmp_file.write(stream)
tmp_file.close()
file_magic = magic.Magic(mime=True, uncompress=True)
file_mime = file_magic.from_file(tmp_file_name)
logger.info('{} {} (libmagic output)'.format(lid, file_mime))
# do the olefy
cmd_tmp = Popen([olefy_python_path, olefy_olevba_path, '-a', '-j' , '-l', 'error', tmp_file_name], stdout=PIPE, stderr=PIPE)
out, err = cmd_tmp.communicate()
out = bytes(out.decode('utf-8', 'ignore').replace(' ', ' ').replace('\t', '').replace('\n', '').replace('XLMMacroDeobfuscator: pywin32 is not installed (only is required if you want to use MS Excel)', ''), encoding="utf-8")
failed = False
if out.__len__() < 30:
logger.error('{} olevba returned <30 chars - rc: {!r}, response: {!r}, error: {!r}'.format(lid,cmd_tmp.returncode,
out.decode('utf-8', 'ignore'), err.decode('utf-8', 'ignore')))
out = b'[ { "error": "Unhandled error - too short olevba response" } ]'
failed = True
elif err.__len__() > 10 and cmd_tmp.returncode == 9:
logger.error("{} olevba stderr >10 chars - rc: {!r}, response: {!r}".format(lid, cmd_tmp.returncode, err.decode("utf-8", "ignore")))
out = b'[ { "error": "Decrypt failed" } ]'
failed = True
elif err.__len__() > 10 and cmd_tmp.returncode > 9:
logger.error('{} olevba stderr >10 chars - rc: {!r}, response: {!r}'.format(lid, cmd_tmp.returncode, err.decode('utf-8', 'ignore')))
out = b'[ { "error": "Unhandled oletools error" } ]'
failed = True
elif cmd_tmp.returncode != 0:
logger.error('{} olevba exited with code {!r}; err: {!r}'.format(lid, cmd_tmp.returncode, err.decode('utf-8', 'ignore')))
failed = True
if failed and olefy_del_tmp_failed == 0:
logger.debug('{} {} FAILED: not deleting tmp file'.format(lid, tmp_file_name))
elif olefy_del_tmp == 1:
logger.debug('{} {} deleting tmp file'.format(lid, tmp_file_name))
os.remove(tmp_file_name)
logger.debug('{} response: {}'.format(lid, out.decode('utf-8', 'ignore')))
return out + b'\t\n\n\t'
# Asyncio data handling, default AIO-Functions
class AIO(asyncio.Protocol):
def __init__(self):
self.extra = bytearray()
def connection_made(self, transport):
global request_time
peer = transport.get_extra_info('peername')
logger.debug('{} new connection was made'.format(peer))
self.transport = transport
request_time = str(time.time())
def data_received(self, request, msgid=1):
peer = self.transport.get_extra_info('peername')
logger.debug('{} data received from new connection'.format(peer))
self.extra.extend(request)
def eof_received(self):
peer = self.transport.get_extra_info('peername')
olefy_protocol_err = False
proto_ck = self.extra[0:2000].decode('utf-8', 'ignore')
headers = proto_ck[0:proto_ck.find(olefy_protocol_sep)]
if olefy_protocol == headers[0:5]:
self.extra = bytearray(self.extra[len(headers)+2:len(self.extra)])
protocol_split(headers)
else:
olefy_protocol_err = True
if olefy_ping == headers[0:4]:
is_ping = True
else:
is_ping = False
rspamd_id = olefy_headers['Rspamd-ID'][:6] or ''
lid = 'Rspamd-ID' in olefy_headers and '<'+rspamd_id+'>'
tmp_file_name = olefy_tmp_dir+'/'+request_time+'.'+str(peer[1])+'.'+rspamd_id
logger.debug('{} {} choosen as tmp filename'.format(lid, tmp_file_name))
if not is_ping or olefy_loglvl == 10:
logger.info('{} {} bytes (stream size)'.format(lid, self.extra.__len__()))
if olefy_ping == headers[0:4]:
logger.debug('{} PING request'.format(peer))
out = b'PONG'
elif olefy_protocol_err == True or olefy_headers['olefy'] != 'OLEFY/1.0':
logger.error('{} Protocol ERROR: no OLEFY/1.0 found'.format(lid))
out = b'[ { "error": "Protocol error" } ]'
elif 'Method' in olefy_headers:
if olefy_headers['Method'] == 'oletools':
out = oletools(self.extra, tmp_file_name, lid)
else:
logger.error('Protocol ERROR: Method header not found')
out = b'[ { "error": "Protocol error: Method header not found" } ]'
self.transport.write(out)
if not is_ping or olefy_loglvl == 10:
logger.info('{} {} response send: {!r}'.format(lid, peer, out))
self.transport.close()
# start the listeners
loop = asyncio.get_event_loop()
# each client connection will create a new protocol instance
coro = loop.create_server(AIO, olefy_listen_addr, olefy_listen_port)
server = loop.run_until_complete(coro)
for sockets in server.sockets:
logger.info('serving on {}'.format(sockets.getsockname()))
# XXX serve requests until KeyboardInterrupt, not needed for production
try:
loop.run_forever()
except KeyboardInterrupt:
pass
# graceful shutdown/reload
server.close()
loop.run_until_complete(server.wait_closed())
loop.close()
logger.info('stopped serving')

2
data/Dockerfiles/sogo/syslog-ng-redis_slave.conf
View File

@ -1,4 +1,4 @@
@version: 3.28
@version: 3.19
@include "scl.conf"
options {
chain_hostnames(off);

2
data/Dockerfiles/sogo/syslog-ng.conf
View File

@ -1,4 +1,4 @@
@version: 3.28
@version: 3.19
@include "scl.conf"
options {
chain_hostnames(off);

5
data/Dockerfiles/solr/Dockerfile
View File

@ -16,15 +16,10 @@ RUN dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
tzdata \
curl \
bash \
zip \
&& apt-get autoclean \
&& rm -rf /var/lib/apt/lists/* \
&& chmod +x /solr.sh \
&& sync \
&& bash /solr.sh --bootstrap
RUN zip -q -d /opt/solr/server/lib/ext/log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class
RUN apt remove zip -y
CMD ["/solr.sh"]

2
data/Dockerfiles/unbound/Dockerfile
View File

@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.14
LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

2
data/Dockerfiles/watchdog/Dockerfile
View File

@ -1,4 +1,4 @@
FROM alpine:3.15
FROM alpine:3.14
LABEL maintainer "André Peters <andre.peters@servercow.de>"
# Installation

5
data/web/_status.502.html
View File

@ -16,9 +16,8 @@
<pre>docker-compose logs --tail=200 php-fpm-mailcow nginx-mailcow</pre>
<p>Make sure your SQL credentials in mailcow.conf (a link to .env) do fit your initialized SQL volume. If you see an access denied, you might have the wrong mailcow.conf:</p>
<pre>source mailcow.conf ; docker-compose exec mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME}</pre>
<p>In case of a previous failed installation, create a backup of your existing data, followed by removing all volumes and starting over (<b>NEVER</b> do this with a production system, it will remove <b>ALL</b> data):</p>
<pre>BACKUP_LOCATION=/tmp/ ./helper-scripts/backup_and_restore.sh backup all</pre>
<pre>docker-compose down --volumes ; docker-compose up -d</pre>
<p>In case of a previous failed installation, remove all volumes and start over (<b>NEVER</b> do this with a production system, it will remove <b>ALL</b> data):</p>
<pre>docker-compose down -v ; docker-compose up -d</pre>
<p>Make sure your timezone is correct. Use "America/New_York" for example, do not use spaces. Check <a href="https://en.wikipedia.org/wiki/List_of_tz_database_time_zones">here</a> for a list.</p>
<br>Click to learn more about <a style="color:red;text-decoration:none;" href="https://mailcow.github.io/mailcow-dockerized-docs/#get-support" target="_blank">getting support.</a>
</body>

8
data/web/api/openapi.yaml
View File

@ -4805,7 +4805,7 @@ paths:
schema:
example:
attr:
rl_value: "10"
rl_vlaue: "10"
rl_frame: "h"
items:
- info@domain.tld
@ -4815,7 +4815,7 @@ paths:
rl_frame:
description: contains the frame for the ratelimit h,s,m
type: string
rl_value:
rl_vlaue:
description: contains the rate for the ratelimit 10,20,50,1
type: number
type: object
@ -4876,7 +4876,7 @@ paths:
schema:
example:
attr:
rl_value: "10"
rl_vlaue: "10"
rl_frame: "h"
items:
- domain.tld
@ -4886,7 +4886,7 @@ paths:
rl_frame:
description: contains the frame for the ratelimit h,s,m
type: string
rl_value:
rl_vlaue:
description: contains the rate for the ratelimit 10,20,50,1
type: number
type: object

5
data/web/css/build/008-mailcow.css
View File

@ -202,11 +202,6 @@ legend {
margin-top: 27px;
margin-bottom: 20px;
color: #959595;
display: flex;
flex-direction: column;
}
.footer .version {
margin-left: auto;
}
.slave-info {
padding: 15px 0px 15px 15px;

5
data/web/inc/footer.inc.php
View File

@ -23,12 +23,7 @@ if (is_array($alertbox_log_parser)) {
unset($_SESSION['return']);
}
// globals
$globalVariables = [
'mailcow_info' => array(
'version_tag' => $GLOBALS['MAILCOW_GIT_VERSION'],
'git_project_url' => $GLOBALS['MAILCOW_GIT_URL']
),
'js_path' => '/cache/'.basename($JSPath),
'pending_tfa_method' => @$_SESSION['pending_tfa_method'],
'pending_mailcow_cc_username' => @$_SESSION['pending_mailcow_cc_username'],

8
data/web/inc/prerequisites.inc.php
View File

@ -10,17 +10,11 @@ $DEV_MODE = (getenv('DEV_MODE') == 'y');
}*/
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/vars.inc.php';
$default_autodiscover_config = $autodiscover_config;
if (file_exists($_SERVER['DOCUMENT_ROOT'] . '/inc/vars.local.inc.php')) {
include_once $_SERVER['DOCUMENT_ROOT'] . '/inc/vars.local.inc.php';
}
// auto-generated by generate-config.sh and update.sh
if (file_exists($_SERVER['DOCUMENT_ROOT'] . '/inc/app_info.inc.php')) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/app_info.inc.php';
}
unset($https_port);
$autodiscover_config = array_merge($default_autodiscover_config, $autodiscover_config);
@ -69,7 +63,7 @@ $tfa = new RobThree\Auth\TwoFactorAuth($OTP_LABEL, 6, 30, 'sha1', $qrprovider);
$formats = $GLOBALS['FIDO2_FORMATS'];
$WebAuthn = new lbuchs\WebAuthn\WebAuthn('WebAuthn Library', $_SERVER['HTTP_HOST'], $formats);
// only include root ca's when needed
if (getenv('WEBAUTHN_ONLY_TRUSTED_VENDORS') == 'y') $WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates');
if (getenv('WEBAUTHN_RESPECT_ROOTCA') == 'y') $WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates');
// Redis
$redis = new Redis();

3
data/web/inc/vars.inc.php
View File

@ -175,9 +175,6 @@ $MAILBOX_DEFAULT_ATTRIBUTES['pop3_access'] = true;
// Mailbox has SMTP access by default
$MAILBOX_DEFAULT_ATTRIBUTES['smtp_access'] = true;
// Mailbox has sieve access by default
$MAILBOX_DEFAULT_ATTRIBUTES['sieve_access'] = true;
// Mailbox receives notifications about...
// "add_header" - mail that was put into the Junk folder
// "reject" - mail that was rejected

16
data/web/json_api.php
View File

@ -409,14 +409,16 @@ if (isset($_GET['query'])) {
break;
case "fido2-get-args":
header('Content-Type: application/json');
// Login without username, no ids!
// $ids = fido2(array("action" => "get_all_cids"));
// if (count($ids) == 0) {
// return;
// }
$ids = NULL;
// fetch allowed credentialIds
$cids = fido2(array("action" => "get_all_cids"));
if (count($cids) == 0) {
print(json_encode(array(
'type' => 'error',
'msg' => 'Cannot find matching credentialIds'
)));
}
$getArgs = $WebAuthn->getGetArgs($ids, 30, true, true, true, true, $GLOBALS['FIDO2_UV_FLAG_LOGIN']);
$getArgs = $WebAuthn->getGetArgs($cids, 30, true, true, true, true, $GLOBALS['FIDO2_UV_FLAG_LOGIN']);
print(json_encode($getArgs));
$_SESSION['challenge'] = $WebAuthn->getChallenge();
return;

2
data/web/lang/lang.cs.json
View File

@ -467,7 +467,7 @@
"chart_this_server": "Graf (tento server)",
"containers_info": "Informace o kontejnerech",
"disk_usage": "Využití disku",
"docs": "Dokumentů",
"docs": "Dokumentace",
"external_logs": "Externí logy",
"history_all_servers": "Záznam (všechny servery)",
"in_memory_logs": "Logy v paměti",

2
data/web/lang/lang.de.json
View File

@ -86,7 +86,7 @@
"public_comment": "Öffentlicher Kommentar",
"quota_mb": "Speicherplatz (MiB)",
"relay_all": "Alle Empfänger-Adressen relayen",
"relay_all_info": "↪ Wenn <b>nicht</b> alle Empfänger-Adressen relayt werden sollen, müssen \"blinde\" Mailboxen für jede Adresse, die relayt werden soll, erstellt werden.",
"relay_all_info": "↪ Wenn <b>nicht</b> alle Empfänger-Adressen relayt werden sollen, müssen \"blinde\" Mailboxen für jede Adresse, die relayt werden soll, erstellen werden.",
"relay_domain": "Diese Domain relayen",
"relay_transport_info": "<div class=\"label label-info\">Info</div> Transport-Maps können erstellt werden, um individuelle Ziele für eine Relay-Domain zu definieren.",
"relay_unknown_only": "Nur nicht-lokale Mailboxen relayen. Existente Mailboxen werden weiterhin lokal zugestellt.",

8
data/web/lang/lang.fr.json
View File

@ -259,7 +259,7 @@
"recipients": "Destinataires",
"refresh": "Rafraîchir",
"regen_api_key": "Regénérer la clé API",
"regex_maps": "Cartes Regex (expression régulière)",
"regex_maps": "Cartes Regex (Regex = expression régulière)",
"relay_from": "\"De:\" adresse",
"relay_run": "Lancer le test",
"relayhosts": "Transports de lexpéditeur",
@ -699,7 +699,7 @@
"private_comment": "Commentaire privé",
"public_comment": "Commentaire public",
"q_add_header": "Courriers indésirables",
"q_all": " quand déplacé dans le dossier spam ou rejeté",
"q_all": "Toutes les catégories",
"q_reject": "Rejecté",
"quarantine_notification": "Avis de quarantaine",
"quarantine_category": "Catégorie de la notification de quarantaine",
@ -729,7 +729,7 @@
"sogo_visible": "Alias visible dans SOGo",
"sogo_visible_n": "Masquer alias dans SOGo",
"sogo_visible_y": "Afficher alias dans SOGo",
"spam_aliases": "Alias temporaire",
"spam_aliases": "Alias temp.",
"stats": "Statistiques",
"status": "Statut",
"sync_jobs": "Tâches de synchronisation",
@ -1070,7 +1070,7 @@
"warning": {
"cannot_delete_self": "Impossible de supprimer lutilisateur connecté",
"domain_added_sogo_failed": "Ajout dun domaine mais échec du redémarrage de Sogo, veuillez vérifier les journaux de votre serveur.",
"dovecot_restart_failed": "Dovecot na pas pu redémarrer, veuillez vérifier les journaux",
"dovecot_restart_failed": "Dovecot na pas pu redémarrer, veuillez vérifier les journaux de votre serveur.",
"fuzzy_learn_error": "Erreur dapprentissage du hachage flou: %s",
"hash_not_found": "Hachage non trouvé ou déjà supprimé",
"ip_invalid": "IP non valide ignorée: %s",

87
data/web/lang/lang.it.json
View File

@ -18,8 +18,8 @@
"quarantine_attachments": "Allegati in quarantena",
"quarantine_category": "Modifica la categoria delle notifiche di quarantena",
"quarantine_notification": "Modifica notifiche quarantena",
"ratelimit": "Limite di invio",
"recipient_maps": "Mappe dei destinatari",
"ratelimit": "Rate limit",
"recipient_maps": "Recipient maps",
"smtp_ip_access": "Modifica gli host consentiti per SMTP",
"sogo_access": "Consenti la gestione dell'accesso SOGo",
"sogo_profile_reset": "Ripristina profilo SOGo",
@ -27,7 +27,7 @@
"spam_policy": "Blacklist/Whitelist",
"spam_score": "Punteggio SPAM",
"syncjobs": "Processi di sync",
"tls_policy": "Politica TLS",
"tls_policy": "TLS policy",
"unlimited_quota": "Spazio illimitato per le caselle di posta"
},
"add": {
@ -102,11 +102,10 @@
"target_domain": "Dominio di destinazione",
"timeout1": "Timeout per la connessione all'host remoto",
"timeout2": "Timeout per la connessione all'host locale",
"username": "Nome utente",
"username": "Username",
"validate": "Convalida",
"validation_success": "Convalidato con successo",
"bcc_dest_format": "Il destinatario in copia nascosta deve essere un singolo indirizzo email.<br>Se si vuole spedire una copia del messaggio a più destinatari, bisogna creare un alias ed utilizzarlo per questa opzione.",
"app_passwd_protocols": "Protocolli consentiti per la password dell'app"
"bcc_dest_format": "Il destinatario in copia nascosta, dev'essere un solo indirizzo email.<br>Se devi spedire una copia del messaggio a più destinatari, crea un alias ed utilizzalo per questa opzione."
},
"admin": {
"access": "Accedi",
@ -134,18 +133,18 @@
"advanced_settings": "Impostazioni avanzate",
"api_allow_from": "Allow API access from these IPs/CIDR network notations",
"api_info": "The API is a work in progress. The documentation can be found at <a href=\"/api\">/api</a>",
"api_key": "Chiave API",
"api_skip_ip_check": "Salta il controllo dell'IP per l'API",
"api_key": "API key",
"api_skip_ip_check": "Skip IP check for API",
"app_links": "App links",
"app_name": "Nome dell'app",
"apps_name": "Nome \"mailcow Apps\"",
"arrival_time": "Ora di arrivo (ora del server)",
"app_name": "App name",
"apps_name": "\"mailcow Apps\" name",
"arrival_time": "Arrival time (server time)",
"authed_user": "Auth. user",
"ays": "Sei sicuro di voler procedere?",
"ban_list_info": "See a list of banned IPs below: <b>network (remaining ban time) - [actions]</b>.<br />IPs queued to be unbanned will be removed from the active ban list within a few seconds.<br />Red labels indicate active permanent bans by blacklisting.",
"change_logo": "Cambia logo",
"configuration": "Configurazione",
"convert_html_to_text": "Converti HTML in testo semplice",
"convert_html_to_text": "Convert HTML to plain text",
"credentials_transport_warning": "<b>Warning</b>: Adding a new transport map entry will update the credentials for all entries with a matching next hop column.",
"customer_id": "ID cliente",
"customize": "Personalizzare",
@ -191,7 +190,7 @@
"forwarding_hosts_add_hint": "È possibile specificare indirizzi IPv4 / IPv6, reti nella notazione CIDR, nomi host (che verranno risolti in indirizzi IP) o nomi di dominio (che verranno risolti agli indirizzi IP richiamando i record SPF o, in assenza, i record MX) .",
"forwarding_hosts_hint": "I messaggi in entrata sono accettati in maniera incondizionata da tutti gli host qui elencati. Questi host sono quindi non controllati tramite DNSBL o sottoposti a greylisting. Lo spam ricevuto da questi host non viene mai rifiutato, ma potrebbe essere archiviato nella cartella Posta indesiderata. L'utilizzo più comune è quello di specificare i server di posta elettronica su cui è stata impostata una regola che inoltra le email in arrivo al server mailcow.",
"from": "Da",
"generate": "generare",
"generate": "generate",
"guid": "GUID - ID istanza univoco",
"guid_and_license": "GUID & Licenza",
"hash_remove_info": "Removing a ratelimit hash (if still existing) will reset its counter completely.<br>\r\n Each hash is indicated by an individual color.",
@ -206,7 +205,7 @@
"include_exclude_info": "Di default - se nessuna voce viene selezionata - <b>tutte le caselle di posta</b> risultano attivate",
"includes": "Includi questi destinatari",
"is_mx_based": "Basato sul record MX",
"last_applied": "Ultima applicazione",
"last_applied": "Last applied",
"license_info": "Non è necessario essere in possesso di una licenza ma aiuta gli sviluppatori a far crescere il prodotto.<br><a href=\"https://www.servercow.de/mailcow?lang=en#sal\" target=\"_blank\" alt=\"SAL order\">Registra qui il tuo GUID </a> oppure <a href=\"https://www.servercow.de/mailcow?lang=en#support\" target=\"_blank\" alt=\"Support order\">acquista il supporto per la tua installazione di mailcow.</a>",
"link": "Link",
"loading": "Caricamento in corso...",
@ -231,7 +230,7 @@
"optional": "facoltativo",
"password": "Password",
"password_length": "Lunghezza password",
"password_policy": "Criteri della password",
"password_policy": "Password policy",
"password_policy_chars": "Deve contenere almeno un carattere alfabetico",
"password_policy_length": "La lunghezza minima della password è %d caratteri",
"password_policy_lowerupper": "Deve contenere caratteri minuscoli e maiuscoli",
@ -283,7 +282,7 @@
"remove": "Rimuovi",
"remove_row": "Elimina riga",
"reset_default": "Riporta alle condizioni di default",
"reset_limit": "Rimuovi hash",
"reset_limit": "Remove hash",
"routing": "Routing",
"rsetting_add_rule": "Aggiungi regola",
"rsetting_content": "Contenuto della regola",
@ -335,15 +334,10 @@
"unban_pending": "unban pending",
"unchanged_if_empty": "Se immutato lasciare vuoto",
"upload": "Upload",
"username": "Nome utente",
"username": "Username",
"validate_license_now": "Validate GUID against license server",
"verify": "Verifica",
"yes": "&#10003;",
"api_read_only": "Accesso in sola lettura",
"api_read_write": "Accesso in lettura-scrittura",
"oauth2_apps": "App OAuth2",
"oauth2_add_client": "Aggiungere il client OAuth2",
"rsettings_preset_4": "Disattivare Rspamd per un dominio"
"yes": "&#10003;"
},
"danger": {
"access_denied": "Accesso negato o form di login non corretto",
@ -462,7 +456,7 @@
"username_invalid": "Username %s non può essere utilizzato",
"validity_missing": "Assegnare un periodo di validità",
"value_missing": "Si prega di fornire tutti i valori",
"yotp_verification_failed": "Verifica OTP Yubico fallita: %s"
"yotp_verification_failed": "Verifica Yubico OTP fallita: %s"
},
"debug": {
"chart_this_server": "Grafico (questo server)",
@ -607,13 +601,7 @@
"title": "Modifica oggetto",
"unchanged_if_empty": "Se immutato lasciare vuoto",
"username": "Username",
"validate_save": "Convalida e salva",
"pushover": "Pushover",
"sogo_access_info": "Il single-sign-on dall'interno dell'interfaccia di posta rimane funzionante. Questa impostazione non influisce sull'accesso a tutti gli altri servizi né cancella o modifica il profilo SOGo esistente dell'utente.",
"none_inherit": "Nessuno / Eredita",
"sogo_access": "Concedere l'accesso diretto a SOGo",
"acl": "ACL (autorizzazione)",
"app_passwd_protocols": "Protocolli consentiti per la password dell'app"
"validate_save": "Convalida e salva"
},
"fido2": {
"confirm": "Confirm",
@ -627,8 +615,7 @@
"rename": "Rename",
"set_fido2": "Register FIDO2 device",
"set_fn": "Set friendly name",
"start_fido2_validation": "Start FIDO2 validation",
"set_fido2_touchid": "Registrare il Touch ID su Apple M1"
"start_fido2_validation": "Start FIDO2 validation"
},
"footer": {
"cancel": "Annulla",
@ -642,8 +629,7 @@
"restart_container_info": "<b>Importante:</b> Il completamento di un normale riavvio potrebbe richiedere diversi minuti, ti consigliamo di attendere.",
"restart_now": "Riavvia adesso",
"restarting_container": "Riavvia il container, potrebbe richiedere diversi minuti",
"hibp_check": "Verifica con haveibeenpwned.com",
"nothing_selected": "Niente di selezionato"
"hibp_check": "Verifica con haveibeenpwned.com"
},
"header": {
"administration": "Amministrazione",
@ -708,7 +694,7 @@
"bcc_to_rcpt": "Switch to recipient map type",
"bcc_to_sender": "Switch to sender map type",
"bcc_type": "BCC type",
"booking_null": "Mostra sempre come libero",
"booking_null": "Always show as free",
"booking_0_short": "Always free",
"booking_custom": "Hard-limit to a custom amount of bookings",
"booking_custom_short": "Hard limit",
@ -816,17 +802,7 @@
"goto_spam": "Apprendi come <b>spam</b>",
"open_logs": "Apri i log",
"syncjob_check_log": "Controlla il log",
"syncjob_last_run_result": "Risultato dell'ultima esecuzione",
"syncjob_EXIT_TLS_FAILURE": "Problema con la connessione criptata",
"syncjob_EXIT_AUTHENTICATION_FAILURE": "Problema di autenticazione",
"syncjob_EXIT_OVERQUOTA": "La casella di posta del destinatario ha superato la quota",
"syncjob_EXIT_CONNECTION_FAILURE_HOST1": "Impossibile connettersi al server remoto",
"syncjob_EXIT_CONNECTION_FAILURE": "Problema di connessione",
"catch_all": "Catch-All",
"sender": "Mittente",
"all_domains": "Tutti i domini",
"recipient": "Destinatario",
"syncjob_EX_OK": "Successo"
"syncjob_last_run_result": "Risultato dell'ultima esecuzione"
},
"oauth2": {
"access_denied": "Effettua il login alla casella di posta per garantire l'accesso tramite OAuth2.",
@ -1147,18 +1123,7 @@
"change_password_hint_app_passwords": "Il tuo account ha {{number_of_app_passwords}} password delle app che non verranno modificate. Per gestirle, vai alla scheda App passwords.",
"syncjob_check_log": "Controlla i log",
"syncjob_last_run_result": "Risultato dell'ultima esecuzione",
"open_logs": "Apri i log",
"apple_connection_profile_with_app_password": "Una nuova password dell'app è stata generata ed aggiunta al profilo così che non sia più necessario inserire alcuna password quando si imposta il dispositivo. Si prega di non condividere il file in quanto concede l'accesso completo alla tua casella di posta elettronica.",
"allowed_protocols": "Protocolli consentiti",
"syncjob_EX_OK": "Successo",
"syncjob_EXIT_CONNECTION_FAILURE": "Problema di connessione",
"syncjob_EXIT_TLS_FAILURE": "Problema con la connessione criptata",
"syncjob_EXIT_AUTHENTICATION_FAILURE": "Problema di autenticazione",
"syncjob_EXIT_OVERQUOTA": "La casella di posta del destinatario ha superato la quota",
"syncjob_EXIT_CONNECTION_FAILURE_HOST1": "Impossibile connettersi al server remoto",
"syncjob_EXIT_AUTHENTICATION_FAILURE_USER1": "Nome utente o password errati",
"with_app_password": "con password dell'app",
"direct_protocol_access": "Questo utente della mailbox ha <b>accesso diretto ed esterno</b> ai seguenti protocolli e applicazioni. Questa impostazione è controllata dal tuo amministratore. Le password delle applicazioni possono essere create per garantire l'accesso ai singoli protocolli e applicazioni.<br>Il pulsante \"Accedi alla webmail\" fornisce un singolo accesso a SOGo ed è sempre disponibile."
"open_logs": "Apri i log"
},
"warning": {
"cannot_delete_self": "Cannot delete logged in user",
@ -1176,8 +1141,6 @@
"ratelimit": {
"minute": "messaggi / minuto",
"disabled": "Disabilitato",
"second": "messaggi / secondo",
"hour": "messaggi / ora",
"day": "messaggi / giorno"
"second": "messaggi / secondo"
}
}

79
data/web/lang/lang.ro.json
View File

@ -42,10 +42,8 @@
"alias_domain_info": "<small>Doar nume de domenii valide (separate prin virgulă).</small>",
"app_name": "Nume aplicație",
"app_password": "Adaugă parolă aplicație",
"app_passwd_protocols": "Protocoale permise pentru parola aplicației",
"automap": "Încearcă maparea automată a folderelor (\"Obiecte trimise\", \"Trimise\" => \"Trimise\" etc.)",
"backup_mx_options": "Opțiuni backup MX",
"bcc_dest_format": "Destinația BCC trebuie să fie o singură adresă de email validă.",
"comment_info": "Un comentariu privat nu este vizibil pentru utilizator, în timp ce un comentariu public este afișat ca un tooltip când se trece peste el într-o privire de ansamblu asupra utilizatorilor",
"custom_params": "Parametri personalizați",
"custom_params_hint": "Corect: --param=xy, greşit: --param xy",
@ -135,8 +133,6 @@
"api_allow_from": "Permite accesul API de la aceste adrese IP/CIDR",
"api_info": "API-ul este în dezvoltare. Documentația se găsește la adresa: <a href=\"/api\">/api</a>",
"api_key": "Cheie API",
"api_read_only": "Acces doar pentru citire",
"api_read_write": "Acces pentru citire și scriere",
"api_skip_ip_check": "Săriți verificarea IP pentru API",
"app_links": "Linkuri aplicație",
"app_name": "Nume aplicație",
@ -224,8 +220,6 @@
"no_active_bans": "Nu există interdicții active",
"no_new_rows": "Nu există alte rânduri disponibile",
"no_record": "Nici o înregistrare",
"oauth2_apps": "Aplicații OAuth2",
"oauth2_add_client": "Adaugă client OAuth2",
"oauth2_client_id": "ID client",
"oauth2_client_secret": "Secret client",
"oauth2_info": "Implementarea OAuth2 suportă tipul de acces \"Cod de autorizare\" și emite jetoane de actualizare.<br>\r\nServerul emite automat noi jetoane de actualizare, după ce a fost folosit un jeton de actualizare.<br><br>\r\n→ Scopul implicit este <i>profil</i>. Doar utilizatorii căsuței poștale pot fi autentificați cu OAuth2. Dacă parametrul scop este omis, acesta revine la <i>profil</i>.<br>\r\n→ Parametrul <i>stare</i> trebuie să fie trimis de client ca parte a cererii de autorizare.<br><br>\r\nCăile pentru cereri către API-ul OAuth2:<br>\r\n<ul>\r\n <li>Calea de autorizare: <code>/oauth/autorize</code ></li>\r\n <li>Calea jetonului: <code>/oauth/token</code></li>\r\n <li>Calea pentru resursă: <code>/oauth/profile</code></li>\r\n</ul>\r\nRegenerarea secretului clientului nu va expira codurile de autorizare existente, dar vor eșua să-și reînnoiască jetonul.<br><br>\r\nRevocarea jetoanelor clientului va cauza încheierea imediată a tuturor sesiunilor active. Toți clienții trebuie să se autentifice din nou.",
@ -503,7 +497,6 @@
"optional": "Această înregistrare este opțională."
},
"edit": {
"acl": "ACL (Permisiune)",
"active": "Activ",
"admin": "Editează administrator",
"advanced_settings": "Setări avansate",
@ -513,10 +506,9 @@
"allowed_protocols": "Protocoale permise",
"app_name": "Nume aplicație",
"app_passwd": "Parolă apicație",
"app_passwd_protocols": "Protocoale permise pentru parola aplicației",
"automap": "Încearcă maparea automată a folderelor (\"Obiecte trimise\", \"Trimise\" => \"Trimise\" etc.)",
"backup_mx_options": "Opțiuni backup MX",
"bcc_dest_format": "Destinația BCC trebuie să fie o singură adresă de email validă.<br>Dacă trebuie să trimiteți o copie la mai multe adrese, creați un alias și utilizați-l aici.",
"bcc_dest_format": "Destinația BCC trebuie să fie o singură adresă de email validă.",
"client_id": "ID Client",
"client_secret": "Secret client",
"comment_info": "Un comentariu privat nu este vizibil pentru utilizator, în timp ce un comentariu public este afișat ca un tooltip când se trece peste el într-o privire de ansamblu asupra utilizatorilor",
@ -558,14 +550,12 @@
"mbox_rl_info": "Această limitare de rată se aplică pe numele de conectare SASL, se potrivește cu orice adresă „de la” folosită de către utilizatorul autentificat. O limitare a ratei căsuței poștale înlocuiește limitarea ratei la nivel de domeniu.",
"mins_interval": "Interval (min)",
"multiple_bookings": "Rezervări multiple",
"none_inherit": "Nici una / Moștenește",
"nexthop": "Următorul hop",
"password": "Parolă",
"password_repeat": "Confirmă parolă (repetă)",
"previous": "Pagina precedentă",
"private_comment": "Comentariu privat",
"public_comment": "Comentariu public",
"pushover": "Pushover",
"pushover_evaluate_x_prio": "Escalează e-mailurile cu prioritate înaltă [<code>X-Priority: 1</code>]",
"pushover_info": "Setările de notificare push se vor aplica tuturor e-mailurilor curate (non-spam) livrate la <b>% s </b> inclusiv aliasuri (partajate, care nu sunt partajate, etichetate).",
"pushover_only_x_prio": "Luați în considerare doar e-mailurile cu prioritate înaltă [<code>X-Priority: 1</code>]",
@ -596,8 +586,6 @@
"sieve_desc": "Descriere scurtă",
"sieve_type": "Tip filtru",
"skipcrossduplicates": "Sari peste mesajele duplicate din toate folderele (primul venit, primul servit)",
"sogo_access": "Acordați acces direct de conectare la SOGo",
"sogo_access_info": "Conectarea unică din interfața de administrare a e-mailului continuă să funcționeze. Această setare nu afectează accesul la toate celelalte servicii și nici nu șterge sau modifică profilul SOGo existent al unui utilizator.",
"sogo_visible": "Aliasul este vizibil în SOGo",
"sogo_visible_info": "Această opțiune afectează doar obiecte, care pot fi afișate în SOGo (adrese alias partajate sau ne-partajate cu cel puțin o căsuță poștală locală). Dacă este ascuns, un alias nu va apărea ca expeditor selectabil în SOGo.",
"spam_alias": "Crează sau modifică adrese alias limitate în funcție de timp",
@ -615,21 +603,6 @@
"username": "Nume de utilizator",
"validate_save": "Validează și salvează"
},
"fido2": {
"set_fn": "Setați un nume prietenos",
"fn": "Nume prietenos",
"rename": "redenumiți",
"confirm": "Confirmați",
"register_status": "Starea înregistrării",
"known_ids": "ID-uri cunoscute",
"none": "Dezactivat",
"set_fido2": "Înregistrați dispozitivul FIDO2",
"set_fido2_touchid": "Înregistrați Touch ID pe Apple M1",
"start_fido2_validation": "Începeți validarea FIDO2",
"fido2_auth": "Conectați-vă cu FIDO2",
"fido2_success": "Dispozitivul a fost înregistrat cu succes",
"fido2_validation_failed": "Validarea a eșuat"
},
"footer": {
"cancel": "Anulează",
"confirm_delete": "Confirmă ștergerea",
@ -691,7 +664,6 @@
"alias_domain_alias_hint": "Aliasurile <b>nu</b> sunt aplicate automat pe domeniile alias. O adresă alias <code>aliasul-meu@domeniu</code> <b>nu</b> acoperă adresa <code>aliasul-meu@domeniu-alias</code> (unde \"domeniu-alias\" este un domeniu alias imaginar pentru \"domeniu\").<br>Vă rugăm să utilizați un filtru sită pentru a redirecționa poșta către o căsuță poștală externă (consultați zona \"Filtre\" sau utilizați SOGo -> Redirecționare).",
"alias_domain_backupmx": "Alias domeniu inactiv pentru domeniu releu",
"aliases": "Aliasuri",
"all_domains": "Toate Domeniile",
"allow_from_smtp": "Permiteți acestor adrese IP să utilizeze numai <b>SMTP</b>",
"allow_from_smtp_info": "Lăsați gol pentru a permite tuturor expeditorilor.<br>Adrese și rețele IPv4/IPv6.",
"allowed_protocols": "Protocoale permise",
@ -715,7 +687,6 @@
"booking_custom_short": "Limită maximă",
"booking_ltnull": "Nelimitat, dar arată ca ocupat atunci când este rezervat",
"booking_lt0_short": "Limită redusă",
"catch_all": "Prinde-Tot",
"daily": "Zilnic",
"deactivate": "Deactivează",
"description": "Descriere",
@ -733,8 +704,6 @@
"filter_table": "Tabel filtre",
"filters": "Filtre",
"fname": "Nume complet",
"goto_ham": "Învață ca <b>ham</b>",
"goto_spam": "Învață ca <b>spam</b>",
"hourly": "Din oră în oră",
"in_use": "În uz (%)",
"inactive": "Inactiv",
@ -767,7 +736,6 @@
"quarantine_notification": "Notificări de carantină",
"quarantine_category": "Categoria notificărilor despre carantină",
"quick_actions": "Acţiuni",
"recipient": "Destinatar",
"recipient_map": "Hartă destinatar",
"recipient_map_info": "Hărțile destinatarilor sunt folosite pentru a înlocui adresa de destinație a unui mesaj înainte de a fi livrat.",
"recipient_map_new": "Destinatar nou",
@ -778,7 +746,6 @@
"remove": "Elimină",
"resources": "Resurse",
"running": "Rulare",
"sender": "Expeditor",
"set_postfilter": "Marchează ca postfiltru",
"set_prefilter": "Marchează ca prefiltru",
"sieve_info": "Poți stoca mai multe filtre pentru fiecare utilizator, dar numai un singur prefiltru și un singur postfiltru pot fi active în același timp.<br>\nFiecare filtru va fi procesat în ordinea descrisă. Nici un script eșuat, nici un \"keep;\" emis nu va opri procesarea altor scripturi.Modificările aduse scripturilor sită globale vor declanșa o repornire a Dovecot.<br>\nPrefilter → User scripts → Postfilter → <a href=\"https://github.com/mailcow/mailcow-dockerized/blob/master/data/conf/dovecot/sieve_after\" target=\"_blank\">global sieve postfilter</a>",
@ -798,15 +765,6 @@
"stats": "Statistici",
"status": "Stare",
"sync_jobs": "Lucrări de sincronizare",
"syncjob_check_log": "Verificați jurnalul",
"syncjob_last_run_result": "Rezultatul ultimei rulări",
"syncjob_EX_OK": "Succes",
"syncjob_EXIT_CONNECTION_FAILURE": "Problemă de conectare",
"syncjob_EXIT_TLS_FAILURE": "Problemă cu conexiunea criptată",
"syncjob_EXIT_AUTHENTICATION_FAILURE": "Problemă de autentificare",
"syncjob_EXIT_OVERQUOTA": "Cutia poștală țintă depășește cota maximă",
"syncjob_EXIT_CONNECTION_FAILURE_HOST1": "Nu se poate conecta la server",
"syncjob_EXIT_AUTHENTICATION_FAILURE_USER1": "Nume de utilizator sau parolă greșite",
"table_size": "Mărime tabel",
"table_size_show_n": "Arată %s articole",
"target_address": "Adresă goto",
@ -890,13 +848,6 @@
"text_plain_content": "Conținut (text/simplu)",
"toggle_all": "Comută toate"
},
"ratelimit": {
"disabled": "Dezactivat",
"second": "mesaje / sec",
"minute": "mesaje / min",
"hour": "mesaje / ora",
"day": "mesaje / zi"
},
"start": {
"help": "Afișează/Ascunde panoul de ajutor",
"imap_smtp_server_auth_info": "Utilizează adresa completă de email și mecanismul de autentificare SIMPLU.<br>\nDatele tale de conectare vor fi criptate prin criptarea obligatorie de la server.",
@ -1006,6 +957,20 @@
"waiting_usb_register": "<i>În așteptarea dispozitivului USB...</i><br><br>Introdu parola ta mai sus și confirmă înregistrarea ta WebAuthn atingând butonul de pe dispozitivul tău USB WebAuthn.",
"yubi_otp": "Autentificare Yubico OTP"
},
"fido2": {
"set_fn": "Setați un nume prietenos",
"fn": "Nume prietenos",
"rename": "redenumiți",
"confirm": "Confirmați",
"register_status": "Starea înregistrării",
"known_ids": "ID-uri cunoscute",
"none": "Dezactivat",
"set_fido2": "Înregistrați dispozitivul FIDO2",
"start_fido2_validation": "Începeți validarea FIDO2",
"fido2_auth": "Conectați-vă cu FIDO2",
"fido2_success": "Dispozitivul a fost înregistrat cu succes",
"fido2_validation_failed": "Validarea a esuat"
},
"user": {
"action": "Acțiune",
"active": "Activ",
@ -1022,15 +987,12 @@
"aliases_also_send_as": "De asemenea, este permis să trimită ca utilizator",
"aliases_send_as_all": "Nu se verifică accesul expeditorului pentru următorul(arele) domeniu(i) și domeniile sale alias",
"app_hint": "Parolele aplicației sunt parole alternative pentru autentificarea IMAP, SMTP, CalDAV, CardDAV și EAS. Numele de utilizator rămâne neschimbat.<br>SOGo nu este disponibil prin parolele aplicației.",
"allowed_protocols": "Protocoale permise",
"app_name": "Nume aplicație",
"app_passwds": "Parole aplicație",
"apple_connection_profile": "Profil de conexiune Apple",
"apple_connection_profile_complete": "Acest profil de conexiune include parametrii IMAP și SMTP, precum și calDAV (calendar) și carduri CardDAV (contacte) pentru dispozitivele Apple.",
"apple_connection_profile_mailonly": "Acest profil de conexiune include parametrii de configurare IMAP și SMTP pentru dispozitivele Apple.",
"apple_connection_profile_with_app_password": "O nouă parolă pentru aplicație este generată și adăugată la profil, astfel încât să nu fie necesară introducerea unei parole la configurarea dispozitivului. Vă rugăm să nu partajați fișierul, deoarece oferă acces deplin la căsuța dvs. poștală.",
"change_password": "Schimbă parola",
"change_password_hint_app_passwords": "Contul dvs. are {{number_of_app_passwords}} parole de aplicație care nu vor fi modificate. Pentru a le gestiona, accesați secțiunea Parole aplicație.",
"clear_recent_successful_connections": "Ștergeți conexiunile reușite văzute",
"client_configuration": "Afișează ghidurile de configurare pentru clienții de email și smartphone-uri",
"create_app_passwd": "Crează parola aplicației",
@ -1041,7 +1003,6 @@
"delete_ays": "Vă rugăm să confirmați stergerea.",
"direct_aliases": "Adrese alias directe",
"direct_aliases_desc": "Adresele alias directe sunt afectate de setările filtrului de spam și ale politicii TLS.",
"direct_protocol_access": "Acest utilizator are <b>acces direct, extern</b> la următoarele protocoale și aplicații. Această setare este controlată de administratorul dvs. Parolele pentru aplicații pot fi create pentru a acorda acces la protocoale și aplicații individuale.<br>Butonul \"Conectați-vă la webmail\" oferă conectare unică la SOGo și este întotdeauna disponibil.",
"eas_reset": "Resetează memoria cache a dispozitivului ActiveSync",
"eas_reset_help": "În multe cazuri, resetarea cache-ului dispozitivului va ajuta la recuperarea unui profil ActiveSync defect.<br><b>Atenţie:</b> Toate elementele vor fi descărcate din nou!",
"eas_reset_now": "Resetează acum",
@ -1135,15 +1096,6 @@
"spamfilter_yellow": "Galben: acest mesaj poate fi spam, va fi etichetat ca spam și va fi mutat în dosarul de junk",
"status": "Stare",
"sync_jobs": "Lucrări de sincronizare",
"syncjob_check_log": "Verificați jurnalul",
"syncjob_last_run_result": "Rezultatul ultimei rulări",
"syncjob_EX_OK": "Succes",
"syncjob_EXIT_CONNECTION_FAILURE": "Problemă de conectare",
"syncjob_EXIT_TLS_FAILURE": "Problemă cu conexiunea criptată",
"syncjob_EXIT_AUTHENTICATION_FAILURE": "Problemă de autentificare",
"syncjob_EXIT_OVERQUOTA": "Cutia poștală țintă depășește cota maximă",
"syncjob_EXIT_CONNECTION_FAILURE_HOST1": "Nu se poate conecta la server",
"syncjob_EXIT_AUTHENTICATION_FAILURE_USER1": "Nume de utilizator sau parolă greșite",
"tag_handling": "Setează manevrarea pentru mailurile etichetate",
"tag_help_example": "Exemplu pentru o adresă de email etichetată: me<b>+Facebook</b>@example.org",
"tag_help_explain": "În subfolder: un nou subfolder numit după etichetă va fi creat sub INBOX (\"INBOX/Facebook\").<br>\nÎn subiect: numele etichetelor va fi prefixat la subiectul mailurilor, de exemplu: \"[Facebook] My News\".",
@ -1163,7 +1115,6 @@
"week": "săptămână",
"weekly": "Săptămânal",
"weeks": "săptămâni",
"with_app_password": "cu parola aplicație",
"year": "an",
"years": "ani"
},

18
data/web/lang/lang.sk.json
View File

@ -80,7 +80,7 @@
"password": "Heslo",
"password_repeat": "Potvrdzovacie heslo (zopakovať)",
"port": "Port",
"post_domain_add": "SOGo kontajner, \"sogo-mailcow\", musí byť reštartovaný po pridaní novej domény!<br><br>Okrem toho by sa mala skontrolovať konfigurácia DNS domény. Ak je konfigurácia v poriadku, reštartujte \"acme-mailcow\", aby sa automaticky vygenerovali certifikáty pre vašu novú doménu (autoconfig.&lt;domain&gt;, autodiscover.&lt;domain&gt;).<br>Tento krok je voliteľný a bude sa opakovať každých 24 hodín.",
"post_domain_add": "SOGo kontajner, \"sogo-mailcow\", musí byť reštartovaný po pridaní novej domény!<br>",
"private_comment": "Súkromný komentár",
"public_comment": "Verejný komentár",
"quota_mb": "Kvóta (MiB)",
@ -323,7 +323,7 @@
"to_top": "Naspať navrch",
"transport_dest_format": "Regulárny výraz alebo syntax: example.org, .example.org, *, box@example.org (viacero hodnôt môžu byť oddelené čiarkou)",
"transport_maps": "Transportné Mapy",
"transport_test_rcpt_info": "&#8226; Na otestovanie odchádzajúcej pošty je možné použiť null@hosted.mailcow.de ako adresáta.",
"transport_test_rcpt_info": "&#8226; Na otestovanie odchádzajúcej pošty je možné použiť null@hosted.mailcow.de ako adresáta",
"transports_hint": "&#8226; Záznam v transportnej mape <b>prevažuje</b> nad transportnou mapou pre odosielanie</b>.<br>\r\n&#8226; Prenos na základe MX je preferovaná voľba.<br>\r\n&#8226; Nastavenie TLS pre používateľa je ignorované a môže byť vynútené TLS mapovaním.<br>\r\n&#8226; Transportná služba je definovaná vždy \"smtp:\" a použije TLS ak to bude umožnené. Wrapped TLS (SMTPS) nie je podporované.<br>\r\n&#8226; Adresy ktoré sa rovnajú hodnote \"/localhost$/\" budú vždy transportované cez \"local:\" a nebudú použité pre cieľový záznam \"*\".<br>\r\n&#8226; Po zadaní prihlasovacích údajov pre ďalší skok \"[host]:25\", Postfix <b>vždy</b> hľadá \"host\" a následne \"[host]:25\". Táto vlastnosť znemožňuje používať \"host\" a \"[host]:25\" naraz.",
"ui_footer": "Pätička (HTML povolené)",
"ui_header_announcement": "Oznámenie",
@ -394,9 +394,9 @@
"invalid_recipient_map_old": "Neplatná pôvodná mapa príjemcu: %s",
"ip_list_empty": "Zoznam povolených IP nemôže byť prázdny",
"is_alias": "%s je už používané ako alias adresa",
"is_alias_or_mailbox": "%s je už používaná ako adresa aliasu, mailovej schránky alebo aliasu odvodeného z aliasu domény.",
"is_alias_or_mailbox": "%s je už používaná ako adresa aliasu, mailovej schránky alebo aliasu odvodeného z aliasu domény",
"is_spam_alias": "%s je už používaná ako adresa dočasného aliasu (spam alias adresa)",
"last_key": "Posledný kľúč nemôže byť vymazaný, deaktivujte najprv TFA.",
"last_key": "Posledný kľúč nemôže byť vymazaný, deaktivujte najprv TFA",
"login_failed": "Prihlásenie zlyhalo",
"mailbox_defquota_exceeds_mailbox_maxquota": "Predvolená kvóta presahuje max. kvótu mailovej schránky",
"mailbox_invalid": "Meno mailovej schránky je neplatné",
@ -638,7 +638,7 @@
"restart_container": "Reštartovať kontajner",
"restart_container_info": "<b>Dôležité:</b> Reštartovanie môže trvať dlhšie, čakajte prosím ...",
"restart_now": "Reštartuj teraz",
"restarting_container": "Prebieha reštartovanie kontajnera, čakajte prosím"
"restarting_container": "Prebieha reštartovanie kontajnera, čakajte prosím ..."
},
"header": {
"administration": "Konfigurácia & Detaily",
@ -741,7 +741,7 @@
"last_run_reset": "Znovu naplánovať",
"mailbox": "Mailová schránka",
"mailbox_defaults": "Predvolené nastavenia",
"mailbox_defaults_info": "Definuje predvolené nastavenia pre nové schránky.",
"mailbox_defaults_info": "Definuje predvolené nastavenia pre nové schránky",
"mailbox_defquota": "Predvolená veľkosť schránky",
"mailbox_quota": "Max. veľkosť schránky",
"mailboxes": "Mailové schránky",
@ -815,7 +815,7 @@
"tls_map_policy": "Podmienky",
"tls_policy_maps": "Mapy TLS pravidiel",
"tls_policy_maps_enforced_tls": "Tieto politiky prepisujú používateľské nastavenia pre mailové schránky ktoré majú vynútene odchodzie TLS pripojenie. Ak nižšie nie sú uvedené žiadne pravidlá, budú použité ako východzie pravidlá <code>smtp_tls_mandatory_protocols</code> a <code>smtp_tls_mandatory_ciphers</code>.",
"tls_policy_maps_info": "Táto mapa prevažuje nad TLS pravidlami nezávisle od TLS pravidiel jednotlivých používateľov.<br>\nPre viac informácií navštívte <a href=\"http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps\" target=\"_blank\"> postfix \"smtp_tls_policy_maps\"</a>.",
"tls_policy_maps_info": "Táto mapa prevažuje nad TLS pravidlami nezávisle od TLS pravidiel jednotlivých používateľov.<br>\r\n Viac informácií navštívte <a href=\"http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps\" target=\"_blank\"> info k \"smtp_tls_policy_maps\" </a>",
"tls_policy_maps_long": "Prepisovanie TLS pravidiel pre odosielanie",
"toggle_all": "Označiť všetky",
"username": "Používateľské meno",
@ -1069,8 +1069,8 @@
"never": "Nikdy",
"new_password": "Nové heslo",
"new_password_repeat": "Potvrdiť heslo (opakovať)",
"no_active_filter": "Nie je dostupný žiadny aktívny filter",
"no_last_login": "Žiadny záznam o prihlásení cez web",
"no_active_filter": "Nie je dostupný žiadny aktívny filter.",
"no_last_login": "Žiadne informácie o UI prihlásení.",
"no_record": "Žiaden záznam",
"open_logs": "Otvoriť záznam",
"open_webmail_sso": "Prihláste sa do webmailu",

8
data/web/sogo-auth.php
View File

@ -75,12 +75,7 @@ elseif (isset($_SERVER['HTTP_X_ORIGINAL_URI']) && strcasecmp(substr($_SERVER['HT
session_start();
// extract email address from "/SOGo/so/user@domain/xy"
$url_parts = explode("/", $_SERVER['HTTP_X_ORIGINAL_URI']);
$email_list = array(
$url_parts[3], // Requested mailbox
($_SESSION['mailcow_cc_username'] ?? ''), // Current user
($_SESSION["dual-login"]["username"] ?? ''), // Dual login user
);
foreach($email_list as $email) {
$email = $url_parts[3];
// check if this email is in session allowed list
if (
!empty($email) &&
@ -95,7 +90,6 @@ elseif (isset($_SERVER['HTTP_X_ORIGINAL_URI']) && strcasecmp(substr($_SERVER['HT
header("X-Auth-Type: Basic");
exit;
}
}
}
// if username is empty, SOGo will use the normal login methods / login form

2
data/web/templates/admin.twig
View File

@ -38,7 +38,6 @@
<div class="row">
<div class="col-md-12">
<div class="tab-content" style="padding-top:20px">
{% include 'admin/tab-config-admins.twig' %}
{% include 'admin/tab-ldap.twig' %}
{% include 'admin/tab-config-oauth2.twig' %}
@ -55,7 +54,6 @@
{% include 'admin/tab-sys-mails.twig' %}
{% include 'admin/tab-mailq.twig' %}
{% include 'admin/tab-globalfilter-regex.twig' %}
</div>
</div> <!-- /col-md-12 -->
</div> <!-- /row -->

7
data/web/templates/admin/tab-config-admins.twig
View File

@ -1,4 +1,5 @@
<div role="tabpanel" class="tab-pane active" id="tab-config-admins">
<div class="tab-content" style="padding-top:20px">
<div role="tabpanel" class="tab-pane active" id="tab-config-admins">
<div class="panel panel-danger">
<div class="panel-heading xs-show">{{ lang.admin.admin_details }}</div>
<div class="panel-body">
@ -62,7 +63,6 @@
{% include 'fido2.twig' %}
</table>
</div>
</div>
<br>
</div>
</div>
@ -221,6 +221,8 @@
</div>
</div>
</div>
</div>
<div class="panel panel-default">
<div class="panel-heading xs-show">{{ lang.admin.domain_admins }}</div>
<div class="panel-body">
@ -246,4 +248,3 @@
</div>
</div>
</div>

8
data/web/templates/base.twig
View File

@ -423,14 +423,6 @@ function recursiveBase64StrToArrayBuffer(obj) {
{% if ui_texts.ui_footer %}
<hr><span class="rot-enc">{{ ui_texts.ui_footer|rot13|raw }}</span>
{% endif %}
{% if mailcow_cc_username and mailcow_info.version_tag|default %}
<span class="version">
🐮 + 🐋 = 💕
<a href="{{ mailcow_info.git_project_url }}/releases/tag/{{ mailcow_info.version_tag }}" target="_blank">
Version: {{ mailcow_info.version_tag }}
</a>
</span>
{% endif %}
</div>
</body>
</html>

2
data/web/templates/user/Pushover.twig
View File

@ -39,7 +39,7 @@
<div class="col-sm-12">
<div class="form-group">
<label for="text">{{ lang.user.pushover_sender_array|raw }}</label>
<input type="text" class="form-control" name="senders" value="{{ pushover_data.senders }}" placeholder="sender1@example.com, sender2@example.com">
<input type="text" class="form-control" name="senders" value="{{ pushover_data.token }}" placeholder="sender1@example.com, sender2@example.com">
</div>
</div>
<div class="col-sm-12">

25
docker-compose.yml
View File

@ -2,7 +2,7 @@ version: '2.1'
services:
unbound-mailcow:
image: mailcow/unbound:1.15
image: mailcow/unbound:1.14
environment:
- TZ=${TZ}
volumes:
@ -58,7 +58,7 @@ services:
- redis
clamd-mailcow:
image: mailcow/clamd:1.43
image: mailcow/clamd:1.42
restart: always
dns:
- ${IPV4_NETWORK:-172.22.1}.254
@ -157,7 +157,7 @@ services:
- ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n}
- MASTER=${MASTER:-y}
- DEV_MODE=${DEV_MODE:-n}
- WEBAUTHN_ONLY_TRUSTED_VENDORS=${WEBAUTHN_ONLY_TRUSTED_VENDORS:-n}
- WEBAUTHN_RESPECT_ROOTCA=${WEBAUTHN_RESPECT_ROOTCA:-n}
restart: always
networks:
mailcow-network:
@ -165,7 +165,7 @@ services:
- phpfpm
sogo-mailcow:
image: mailcow/sogo:1.106
image: mailcow/sogo:1.104
environment:
- DBNAME=${DBNAME}
- DBUSER=${DBUSER}
@ -200,7 +200,7 @@ services:
ofelia.job-exec.sogo_sessions.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool expire-sessions $${SOGO_EXPIRE_SESSION} || exit 0\""
ofelia.job-exec.sogo_ealarms.schedule: "@every 1m"
ofelia.job-exec.sogo_ealarms.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-ealarms-notify -p /etc/sogo/sieve.creds || exit 0\""
ofelia.job-exec.sogo_eautoreply.schedule: "@every 5m"
ofelia.job-exec.sogo_eautoreply.schedule: "@every 24h"
ofelia.job-exec.sogo_eautoreply.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool update-autoreply -p /etc/sogo/sieve.creds || exit 0\""
ofelia.job-exec.sogo_backup.schedule: "@every 24h"
ofelia.job-exec.sogo_backup.command: "/bin/bash -c \"[[ $${MASTER} == y ]] && /usr/local/bin/gosu sogo /usr/sbin/sogo-tool backup /sogo_backup ALL || exit 0\""
@ -212,7 +212,7 @@ services:
- sogo
dovecot-mailcow:
image: mailcow/dovecot:1.159
image: mailcow/dovecot:1.158
depends_on:
- mysql-mailcow
dns:
@ -385,7 +385,7 @@ services:
acme-mailcow:
depends_on:
- nginx-mailcow
image: mailcow/acme:1.81
image: mailcow/acme:1.80
dns:
- ${IPV4_NETWORK:-172.22.1}.254
environment:
@ -421,7 +421,7 @@ services:
- acme
netfilter-mailcow:
image: mailcow/netfilter:1.46
image: mailcow/netfilter:1.45
stop_grace_period: 30s
depends_on:
- dovecot-mailcow
@ -444,7 +444,7 @@ services:
- /lib/modules:/lib/modules:ro
watchdog-mailcow:
image: mailcow/watchdog:1.96
image: mailcow/watchdog:1.95
dns:
- ${IPV4_NETWORK:-172.22.1}.254
tmpfs:
@ -506,7 +506,7 @@ services:
- watchdog
dockerapi-mailcow:
image: mailcow/dockerapi:1.41
image: mailcow/dockerapi:1.40
security_opt:
- label=disable
restart: always
@ -524,7 +524,7 @@ services:
- dockerapi
solr-mailcow:
image: mailcow/solr:1.8.1
image: mailcow/solr:1.8
restart: always
volumes:
- solr-vol-1:/opt/solr/server/solr/dovecot-fts/data:Z
@ -540,7 +540,7 @@ services:
- solr
olefy-mailcow:
image: mailcow/olefy:1.8.1
image: mailcow/olefy:1.8
restart: always
environment:
- TZ=${TZ}
@ -561,7 +561,6 @@ services:
image: mcuadros/ofelia:latest
restart: always
command: daemon --docker
environment:
- TZ=${TZ}
depends_on:
- sogo-mailcow

22
generate_config.sh
View File

@ -344,10 +344,10 @@ DOVECOT_MASTER_PASS=
# https://mailcow.github.io/mailcow-dockerized-docs/debug-reset_tls/
ACME_CONTACT=
# WebAuthn device manufacturer verification
# After setting WEBAUTHN_ONLY_TRUSTED_VENDORS=y only devices from trusted manufacturers are allowed
# Enable webauthn device manufacturer verification
# After setting WEBAUTHN_RESPECT_ROOTCA=y only devices from trusted manufacturers are allowed
# root certificates can be placed for validation under mailcow-dockerized/data/web/inc/lib/WebAuthn/rootCertificates
WEBAUTHN_ONLY_TRUSTED_VENDORS=n
WEBAUTHN_RESPECT_ROOTCA=n
EOF
@ -361,19 +361,3 @@ echo "Generating snake-oil certificate..."
openssl req -x509 -newkey rsa:4096 -keyout data/assets/ssl-example/key.pem -out data/assets/ssl-example/cert.pem -days 365 -subj "/C=DE/ST=NRW/L=Willich/O=mailcow/OU=mailcow/CN=${MAILCOW_HOSTNAME}" -sha256 -nodes
echo "Copying snake-oil certificate..."
cp -n -d data/assets/ssl-example/*.pem data/assets/ssl/
# Set app_info.inc.php
mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`)
if [ $? -eq 0 ]; then
mailcow_git_url=$(git config --get remote.origin.url)
echo '<?php' > data/web/inc/app_info.inc.php
echo ' $MAILCOW_GIT_VERSION="'$mailcow_git_version'";' >> data/web/inc/app_info.inc.php
echo ' $MAILCOW_GIT_URL="'$mailcow_git_url'";' >> data/web/inc/app_info.inc.php
echo '?>' >> data/web/inc/app_info.inc.php
else
echo '<?php' > data/web/inc/app_info.inc.php
echo ' $MAILCOW_GIT_VERSION="";' >> data/web/inc/app_info.inc.php
echo ' $MAILCOW_GIT_URL="";' >> data/web/inc/app_info.inc.php
echo '?>' >> data/web/inc/app_info.inc.php
echo -e "\e[33mCannot determine current git repository version...\e[0m"
fi

26
update.sh
View File

@ -307,7 +307,7 @@ CONFIG_ARRAY=(
"ADDITIONAL_SERVER_NAMES"
"ACME_CONTACT"
"WATCHDOG_VERBOSE"
"WEBAUTHN_ONLY_TRUSTED_VENDORS"
"WEBAUTHN_RESPECT_ROOTCA"
)
sed -i --follow-symlinks '$a\' mailcow.conf
@ -515,12 +515,12 @@ for option in ${CONFIG_ARRAY[@]}; do
echo '# https://mailcow.github.io/mailcow-dockerized-docs/debug-reset-tls/' >> mailcow.conf
echo 'ACME_CONTACT=' >> mailcow.conf
fi
elif [[ ${option} == "WEBAUTHN_ONLY_TRUSTED_VENDORS" ]]; then
elif [[ ${option} == "WEBAUTHN_RESPECT_ROOTCA" ]]; then
if ! grep -q ${option} mailcow.conf; then
echo "# WebAuthn device manufacturer verification" >> mailcow.conf
echo '# After setting WEBAUTHN_ONLY_TRUSTED_VENDORS=y only devices from trusted manufacturers are allowed' >> mailcow.conf
echo "# Enable webauthn device manufacturer verification" >> mailcow.conf
echo '# After setting WEBAUTHN_RESPECT_ROOTCA=y only devices from trusted manufacturers are allowed' >> mailcow.conf
echo '# root certificates can be placed for validation under mailcow-dockerized/data/web/inc/lib/WebAuthn/rootCertificates' >> mailcow.conf
echo 'WEBAUTHN_ONLY_TRUSTED_VENDORS=n' >> mailcow.conf
echo 'WEBAUTHN_RESPECT_ROOTCA=n' >> mailcow.conf
fi
elif [[ ${option} == "WATCHDOG_VERBOSE" ]]; then
if ! grep -q ${option} mailcow.conf; then
@ -719,22 +719,6 @@ if [ -f "data/conf/rspamd/local.d/metrics.conf" ]; then
mv data/conf/rspamd/local.d/metrics.conf data/conf/rspamd/local.d/metrics.conf_deprecated
fi
# Set app_info.inc.php
mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`)
if [ $? -eq 0 ]; then
mailcow_git_url=$(git config --get remote.origin.url)
echo '<?php' > data/web/inc/app_info.inc.php
echo ' $MAILCOW_GIT_VERSION="'$mailcow_git_version'";' >> data/web/inc/app_info.inc.php
echo ' $MAILCOW_GIT_URL="'$mailcow_git_url'";' >> data/web/inc/app_info.inc.php
echo '?>' >> data/web/inc/app_info.inc.php
else
echo '<?php' > data/web/inc/app_info.inc.php
echo ' $MAILCOW_GIT_VERSION="";' >> data/web/inc/app_info.inc.php
echo ' $MAILCOW_GIT_URL="";' >> data/web/inc/app_info.inc.php
echo '?>' >> data/web/inc/app_info.inc.php
echo -e "\e[33mCannot determine current git repository version...\e[0m"
fi
if [[ ${SKIP_START} == "y" ]]; then
echo -e "\e[33mNot starting mailcow, please run \"docker-compose up -d --remove-orphans\" to start mailcow.\e[0m"
else