Commit graph

2142 commits

Author SHA1 Message Date
Georg Lauterbach ede2b2394a
improvement: get rid of subshell + exec in helper-functions.sh (#2401)
* get rid of subshell + exec

The new way of executing `sha512sum` should work as well as the old way
but without the clutter and possible problems the usage of subshells +
exec incurs.

Moreover, there was a misconception about array expansion. Using `""`
around an expanding array (`${ARRAY[@]}`) is quite fine (and actually
the preffered way), not because it makes the expansion _one_ string
(this would be `${ARRAY[*]}`), but it makes sure when elements are
expanded, each element has `""` around them so to speak, i.e. there is
no re-splitting of these elements.

* removed old concerns in comments

* increase test and check for changes sleep duration
2022-02-09 11:21:45 +13:00
dependabot[bot] 7b21db77cc
chore(deps): bump docker/build-push-action from 2.8.0 to 2.9.0 (#2399)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.8.0...v2.9.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-07 16:57:22 +01:00
Georg Lauterbach 4cb617f7f9
README.md and Documentation Update (#2389)
* follow up on #2383

Fixes a documentation error by which a list would not be rendered
correctly. This has been taken care of.

* update the `README.md`

I felt the need to update the README for several reasons:

1. LDAP issues that the core maintainers team cannot really resolve
2. Cleaning up the somewhat messy structure near the end

The first point goes without explanantion. The second points includes:

2.1. The tagging convention is now easier to read and understand
2.2. Some bullut points or notes have been inlined to "stick" more to
     the content that it actually belongs to
2.3. The note about the "old" `setup.sh` for DMS `10.1.0` has been
     removed as it is obsolete now. We encourage users to upgrade to
     `10.4.0` anyways.
2.4. The markdown code highlighting is now using `CONSOLE` instead of
     `BASH` because `CONSOLE` is more appropriate.
2.5. Capitalized headings
2.6. Updated the section about `./setup.sh help` to be in one place now
     instead of two
2.7. DKIM key generation does now not interfere with user account
     creation.

* adjusted content to PR suggestions
2022-02-05 10:54:54 +01:00
schnippl0r a7ad065f73
Fixed typo in update-and-cleanup.md. (#2388) 2022-02-01 15:38:24 +01:00
github-actions[bot] 21247cb159
docs(CONTRIBUTORS): update contributors (#2387)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2022-02-01 15:36:48 +01:00
Twist235 602f6fce06
SSL documentation contains a small bug #2381 (#2383) 2022-01-31 22:12:51 +01:00
Khue Doan 16a7d90296
docs(kubernetes): fix image name in example (#2385) 2022-01-31 13:16:26 +01:00
Brennan Kinney d3b9746c6f
docs: Fail2Ban - Fix links for rootless podman (#2384)
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-01-27 18:13:10 +01:00
Georg Lauterbach ed834d50d3
fixed non-number-argument in listmailuser (#2382) 2022-01-27 14:57:40 +01:00
dependabot[bot] b2b701a478
chore(deps): bump docker/build-push-action from 2.7.0 to 2.8.0 (#2376)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-24 20:28:14 +01:00
Frederic Werner 4f6db41d03
docs(deps): bump mkdocs-material to v8.1.7 (#2374) 2022-01-20 10:45:23 +01:00
Frederic Werner c6b6f680f5
docs(deps): bump mkdocs-material to v8.1.6 (#2368) 2022-01-12 18:10:18 +01:00
Christian Raue da17e8bf0b
add env var LOGWATCH_SENDER (#2362)
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-01-10 12:29:11 +01:00
Casper 4ae04f0d06
Add tests for sedfile wrapper (#2363) 2022-01-10 01:12:07 +01:00
Casper 29c2d975ec
Fix harmless startup errors (#2357) 2022-01-08 00:25:09 +01:00
Casper 0c31f71358
Introduce DOVECOT_INET_PROTOCOLS env (#2358) 2022-01-06 00:53:18 +01:00
Casper 9d5a9a16a0
Introduce ENABLE_DNSBL env (#2342)
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-01-03 22:03:46 +01:00
github-actions[bot] f68878a2c2
docs(CONTRIBUTORS): update contributors (#2352)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-01-03 17:40:36 +01:00
Casper 9bcc3df74a
Make TLS tests more reliable (#2354)
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2022-01-01 16:20:17 +01:00
Brennan Kinney dfd649262a
tests(fix): Align with upstream testssl field name change (#2353)
The field name to check in JSON output was recently changed for the cipherlist results, causing tests to fail.
2022-01-02 02:12:24 +13:00
Semir Patel 33ebbbf2c7
Update links to dovecot docs (#2351) 2022-01-01 12:08:33 +01:00
Casper f7465a5088
Prevent race condition on supervisorctl reload (#2343)
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-12-29 17:36:29 +01:00
dependabot[bot] 014dddafbc
chore(deps): bump peterjgrainger/action-create-branch (#2345) 2021-12-27 21:54:10 +01:00
dependabot[bot] 6dd2c1d5d6
chore(deps): bump docker/login-action from 1.11.0 to 1.12.0 (#2346) 2021-12-27 21:27:02 +01:00
Georg Lauterbach 701037d3b2
added libldap-common to packages in Dockerfile (#2341) 2021-12-25 20:44:24 +01:00
Brennan Kinney 061bae6cbf
release: version v10.4.0 (#2328) 2021-12-24 11:01:38 +13:00
Casper d46e094280
Remove quotes to meet style guidelines (#2330)
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-12-21 17:01:40 +01:00
Brennan Kinney bdb770a0aa
ci(fix): Do not trust user controlled input (#2337)
The prepare workflow runs in an untrusted context already and thus should not have anything worthwhile to exploit.

However care should still be taken to avoid interpolating expressions into shell scripts directly that is data a user can control the value of. Especially to avoid any maintainer referencing an existing workflow from copying a risky snippet unaware of different security contexts for workflows.

In this case, as per Github Documentation and referenced issue comment, the PR title is user controllable data, which if directly interpolated into the shell script being run (as it previously was), allows for injecting commands to execute.
2021-12-21 21:46:09 +13:00
Georg Lauterbach 7e17b208ee
removed stats configuration for old statistics plugin (#2336) 2021-12-20 22:46:13 +01:00
dependabot[bot] ce4bc8a2bd
chore(deps): bump docker/login-action from 1.10.0 to 1.11.0 (#2335)
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-20 15:57:02 +01:00
Georg Lauterbach 99cc9fec2a
Updated ShellCheck to 0.8.0 and Hadolint to 2.8.0 (#2329)
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2021-12-19 11:56:22 +01:00
Brennan Kinney 6d06149581
fix: Restore detection of letsencrypt certificate file changes (#2326)
The `DYNAMIC_FILES` var was quote wrapped, treating all filepaths to create checksums for as a single string that would be ignored instead of processed individually.

Removed the quotes, and changed the for loop to an array which accomplishes the same goal.


* fix: Prevent unnecessary change detection event

`acme.json` change would extract new cert files, which would then be hashed after restarting services and considered a change event, running through the logic again and restarting services once more when that was not required.

The checksum entries for those cert files are now replaced with new entries containing updated checksum hashes, after `acme.json` extraction.
2021-12-19 11:25:15 +13:00
Frederic Werner 6ad9dd3063
docs(deps): bump mkdocs-material to v8.1.1 (#2324) 2021-12-14 23:10:29 +01:00
Frederic Werner 7f731ebca0
docs(deps): bump mkdocs-material to new major version 8 (#2311)
* docs(deps): bump mkdocs-material to 8.0.2

* docs(deps): bump mkdocs-material to 8.0.3

* chore: add default version of docs

* feat: add version warning

* fix: remove version warning

* docs(deps): bump mkdocs-material to 8.0.5

* added code annotation feature

We can introduce new annotation with new PRs in the future. I'd advise against overhauling all code blocks with this feature in this PR - this PR should just introduce the feature.

* docs(deps): bump mkdocs-material to 8.1.0

* fix: remove unnecessary default value

re-add if version warning gets a thing in the future. See https://github.com/docker-mailserver/docker-mailserver/pull/2311#issuecomment-991805830

Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-12-13 08:43:01 +01:00
Georg Lauterbach a4095a7d48
Disable service stats for Dovecot explicitly (#2292)
Co-authored-by: Casper <casperklein@users.noreply.github.com>

Co-authored-by: Casper <casperklein@users.noreply.github.com>
2021-12-12 12:08:34 +01:00
dependabot[bot] c568e09e60
chore(deps): bump docker/metadata-action from 3.6.1 to 3.6.2 (#2320)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-11 18:23:44 +01:00
Felix c77229d66e
Added docker to dependabot.yml config (#2316)
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-12-11 09:58:17 +01:00
Georg Lauterbach 8a47e7db11
chore(image): Update Debian base image to Debian 11 "Bullseye" (#2116) 2021-12-11 11:24:46 +13:00
dependabot[bot] e92ecd04b4
chore(deps): bump docker/metadata-action from 3.6.0 to 3.6.1 (#2314)
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/v3.6.0...v3.6.1)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-06 15:02:00 +01:00
github-actions[bot] 889ace8a64
docs(CONTRIBUTORS): update contributors (#2310) 2021-12-01 09:27:18 +01:00
Robert Schumann b11e5ffd1a
fetchmailrc split: ignore commented lines (#2305)
Co-authored-by: Robert Schumann <robert@schumann.link>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-11-29 15:24:38 +01:00
dependabot[bot] 7bf1b7eea4
chore(deps): bump actions/cache from 2.1.6 to 2.1.7 (#2309)
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.6 to 2.1.7.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2.1.6...v2.1.7)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-29 13:16:43 +01:00
Georg Lauterbach c7265450cd
corrected stale message format (#2307) 2021-11-29 12:39:27 +01:00
James Calfee caaec6f3ef
docs(fix): DockerHub link should not require login, use public URL (#2308) 2021-11-29 14:58:45 +13:00
Brennan Kinney 9cb890292f
release: version v10.3.0 (#2299) 2021-11-29 11:11:22 +13:00
Casper a8a39a0a1a
Rename function and adjust comment (#2306) 2021-11-28 17:02:07 +01:00
Mohammed Noureldin babae05d4a
Add documentation to the usage with Active Directory (#2303)
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-11-28 11:05:50 +01:00
Simon J Mudd 62c6f7659e
chore: Fix tiny typo in mailserver.env (#2304) 2021-11-22 22:24:38 +13:00
Brennan Kinney 5254f7c658
fix: check-for-changes.sh should not fall out of sync with shared logic (#2260)
Removes duplicate logic from `check-for-changes.sh` that is used/maintained elsewhere to avoid risk of problems, as this code is already starting to diverge / rot.

---

Previously the change detection support has had code added for rebuilding config upon change detection which is the same as code run during startup scripts. Unfortunately over time this has fallen out of sync. Mostly the startup scripts would get maintenance and the contributor and reviewers may not have been aware of the duplicate code handled by `check-for-changes.sh`.

That code was starting to diverge in addition to some changes in structure (_eg: relay host logic seems interleaved here vs separated out in startup scripts_). I wanted to address this before it risks becoming a much bigger headache.

Rather than bloat `helper-functions.sh` further, I've added a `helpers/` folder extracting relevant common logic between startup scripts and `changedetector`. If you want to follow that process I've kept scoped commits to make those diffs easier. Some minor changes/improvements were added but nothing significant.

---

- chore: Extract relay host logic to new `relay.sh` helper
- chore: Extract `/etc/postfix/sasl_passwd` logic to new `sasl.sh` helper
- chore: Extract `postfix-accounts.cf` logic to new `accounts.sh` helper
- chore: Extract `/etc/aliases` logic to new `aliases.sh` helper
- chore: Extract `/etc/postfix/vhost` logic to new `postfix.sh` helper

- chore: Add inline docs for Postfix configs
> These are possibly more verbose than needed and can be reduced at a later stage.
> They are helpful during this refactor process while investigating that everything is handled correctly.

`accounts.sh`: 
- Add note regarding potential bug for bare domain setups with `/etc/postfix/vhost` and `mydestination` sharing same domain value.

`relay.sh`: 
- Remove the tabs for a single space delimiter, revised associated comment.
- Add PR reference for original `_populate_relayhost_map` implementation which has some useful details.


Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2021-11-21 09:33:49 +13:00
Georg Lauterbach ae70142d8f
Housekeeping (#2302)
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2021-11-20 10:38:40 +01:00