From c82f38a025c3e93630744ca9ab46da5a1dfbd6e4 Mon Sep 17 00:00:00 2001 From: ntimo Date: Fri, 21 Jan 2022 21:23:56 +0000 Subject: [PATCH 01/21] [API] Fix minor issue in api docs --- data/web/api/openapi.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/data/web/api/openapi.yaml b/data/web/api/openapi.yaml index 8b6558de..ef8b0bd1 100644 --- a/data/web/api/openapi.yaml +++ b/data/web/api/openapi.yaml @@ -4805,7 +4805,7 @@ paths: schema: example: attr: - rl_vlaue: "10" + rl_value: "10" rl_frame: "h" items: - info@domain.tld @@ -4815,7 +4815,7 @@ paths: rl_frame: description: contains the frame for the ratelimit h,s,m type: string - rl_vlaue: + rl_value: description: contains the rate for the ratelimit 10,20,50,1 type: number type: object @@ -4876,7 +4876,7 @@ paths: schema: example: attr: - rl_vlaue: "10" + rl_value: "10" rl_frame: "h" items: - domain.tld @@ -4886,7 +4886,7 @@ paths: rl_frame: description: contains the frame for the ratelimit h,s,m type: string - rl_vlaue: + rl_value: description: contains the rate for the ratelimit 10,20,50,1 type: number type: object From cfba96f7e0e49706cc553ec14f763d22374ff42e Mon Sep 17 00:00:00 2001 From: Peter Date: Sat, 22 Jan 2022 17:41:46 +0100 Subject: [PATCH 02/21] [GH-Actions][stale] Add neverstale label to exempt list --- .github/workflows/close_old_issues_and_prs.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/close_old_issues_and_prs.yml b/.github/workflows/close_old_issues_and_prs.yml index 045605ed..76c93159 100644 --- a/.github/workflows/close_old_issues_and_prs.yml +++ b/.github/workflows/close_old_issues_and_prs.yml @@ -25,8 +25,8 @@ jobs: stale-pr-message: > This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. - exempt-issue-labels: "pinned,security,enhancement,investigating" - exempt-pr-labels: "pinned,security,enhancement,investigating" + exempt-issue-labels: "pinned,security,enhancement,investigating,neverstale" + exempt-pr-labels: "pinned,security,enhancement,investigating,neverstale" stale-issue-label: "stale" stale-pr-label: "stale" exempt-draft-pr: "true" From bca09e3afad2b95ba58fa7e39ae5132db2d60398 Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Thu, 27 Jan 2022 08:24:28 +0100 Subject: [PATCH 03/21] [Dovecot] Rebase on Bullseye + Xapian Compile This Push adds the bullseye rebase + the compilation of the XAPIAN Core + Plugin to run with Dovecot 2.3.17 --- data/Dockerfiles/dovecot/Dockerfile | 43 +++++++++++++++++++++++++---- 1 file changed, 37 insertions(+), 6 deletions(-) diff --git a/data/Dockerfiles/dovecot/Dockerfile b/data/Dockerfiles/dovecot/Dockerfile index ee30eec8..06cc7f2c 100644 --- a/data/Dockerfiles/dovecot/Dockerfile +++ b/data/Dockerfiles/dovecot/Dockerfile @@ -1,10 +1,10 @@ -FROM debian:buster-slim +FROM debian:bullseye-slim LABEL maintainer "Andre Peters " ARG DEBIAN_FRONTEND=noninteractive ARG DOVECOT=2.3.17.1 ENV LC_ALL C -ENV GOSU_VERSION 1.12 +ENV GOSU_VERSION 1.14 # Add groups and users before installing Dovecot to not break compatibility RUN groupadd -g 5000 vmail \ @@ -84,12 +84,23 @@ RUN groupadd -g 5000 vmail \ syslog-ng-core \ syslog-ng-mod-redis \ wget \ + git \ + build-essential \ + autoconf \ + automake \ + libtool \ + make \ + libxapian-dev \ + libicu-dev \ + zlib1g-dev \ + pkg-config \ + sudo \ && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \ && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \ && chmod +x /usr/local/bin/gosu \ && gosu nobody true \ && apt-key adv --fetch-keys https://repo.dovecot.org/DOVECOT-REPO-GPG \ - && echo "deb https://repo.dovecot.org/ce-${DOVECOT}/debian/buster buster main" > /etc/apt/sources.list.d/dovecot.list \ + && echo "deb https://repo.dovecot.org/ce-${DOVECOT}/debian/bullseye bullseye main" > /etc/apt/sources.list.d/dovecot.list \ && apt-get update \ && apt-get -y --no-install-recommends install \ dovecot-lua \ @@ -101,13 +112,32 @@ RUN groupadd -g 5000 vmail \ dovecot-core \ dovecot-pop3d \ dovecot-imapd \ - dovecot-solr \ - && pip3 install mysql-connector-python html2text jinja2 redis \ + dovecot-dev + #dovecot-solr \ +RUN cd /tmp && wget https://oligarchy.co.uk/xapian/1.4.19/xapian-core-1.4.19.tar.xz && tar xf xapian-core-1.4.19.tar.xz && cd xapian-core-1.4.19 \ + && ./configure --prefix=/opt \ + && make && sudo make install + +RUN cd /tmp && git clone https://github.com/grosjo/fts-xapian && cd fts-xapian \ + && autoupdate \ + && autoreconf -vi \ + && ./configure --with-dovecot=/usr/lib/dovecot \ + && make && sudo make install + +RUN pip3 install mysql-connector-python html2text jinja2 redis \ && apt-get autoremove --purge -y \ + && apt-get purge -y \ + make \ + libxapian-dev \ + libicu-dev \ + zlib1g-dev \ + pkg-config \ + build-essential \ && apt-get autoclean \ && rm -rf /var/lib/apt/lists/* \ - && rm -rf /tmp/* /var/tmp/* /root/.cache/ + && rm -rf /tmp/* /var/tmp/* /root/.cache/ +COPY decode2text.sh /usr/local/bin/decode2text.sh COPY trim_logs.sh /usr/local/bin/trim_logs.sh COPY clean_q_aged.sh /usr/local/bin/clean_q_aged.sh COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf @@ -126,6 +156,7 @@ COPY stop-supervisor.sh /usr/local/sbin/stop-supervisor.sh COPY quarantine_notify.py /usr/local/bin/quarantine_notify.py COPY quota_notify.py /usr/local/bin/quota_notify.py COPY repl_health.sh /usr/local/bin/repl_health.sh +RUN chmod +x /usr/local/bin/decode2text.sh ENTRYPOINT ["/docker-entrypoint.sh"] CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf From 311007700bae2f83fc83c85e0cbb1f3d7f06e62b Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Thu, 27 Jan 2022 15:36:03 +0100 Subject: [PATCH 04/21] [Dovecot] Add decode2text.sh --- data/Dockerfiles/dovecot/decode2text.sh | 105 ++++++++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100644 data/Dockerfiles/dovecot/decode2text.sh diff --git a/data/Dockerfiles/dovecot/decode2text.sh b/data/Dockerfiles/dovecot/decode2text.sh new file mode 100644 index 00000000..1c881ff9 --- /dev/null +++ b/data/Dockerfiles/dovecot/decode2text.sh @@ -0,0 +1,105 @@ +#!/bin/sh + +# Example attachment decoder script. The attachment comes from stdin, and +# the script is expected to output UTF-8 data to stdout. (If the output isn't +# UTF-8, everything except valid UTF-8 sequences are dropped from it.) + +# The attachment decoding is enabled by setting: +# +# plugin { +# fts_decoder = decode2text +# } +# service decode2text { +# executable = script /usr/local/libexec/dovecot/decode2text.sh +# user = dovecot +# unix_listener decode2text { +# mode = 0666 +# } +# } + +libexec_dir=`dirname $0` +content_type=$1 + +# The second parameter is the format's filename extension, which is used when +# found from a filename of application/octet-stream. You can also add more +# extensions by giving more parameters. +formats='application/pdf pdf +application/x-pdf pdf +application/msword doc +application/mspowerpoint ppt +application/vnd.ms-powerpoint ppt +application/ms-excel xls +application/x-msexcel xls +application/vnd.ms-excel xls +application/vnd.openxmlformats-officedocument.wordprocessingml.document docx +application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx +application/vnd.openxmlformats-officedocument.presentationml.presentation pptx +application/vnd.oasis.opendocument.text odt +application/vnd.oasis.opendocument.spreadsheet ods +application/vnd.oasis.opendocument.presentation odp +' + +if [ "$content_type" = "" ]; then + echo "$formats" + exit 0 +fi + +fmt=`echo "$formats" | grep -w "^$content_type" | cut -d ' ' -f 2` +if [ "$fmt" = "" ]; then + echo "Content-Type: $content_type not supported" >&2 + exit 1 +fi + +# most decoders can't handle stdin directly, so write the attachment +# to a temp file +path=`mktemp` +trap "rm -f $path" 0 1 2 3 14 15 +cat > $path + +xmlunzip() { + name=$1 + + tempdir=`mktemp -d` + if [ "$tempdir" = "" ]; then + exit 1 + fi + trap "rm -rf $path $tempdir" 0 1 2 3 14 15 + cd $tempdir || exit 1 + unzip -q "$path" 2>/dev/null || exit 0 + find . -name "$name" -print0 | xargs -0 cat | + $libexec_dir/xml2text +} + +wait_timeout() { + childpid=$! + trap "kill -9 $childpid; rm -f $path" 1 2 3 14 15 + wait $childpid +} + +LANG=en_US.UTF-8 +export LANG +if [ $fmt = "pdf" ]; then + /usr/bin/pdftotext $path - 2>/dev/null& + wait_timeout 2>/dev/null +elif [ $fmt = "doc" ]; then + (/usr/bin/catdoc $path; true) 2>/dev/null& + wait_timeout 2>/dev/null +elif [ $fmt = "ppt" ]; then + (/usr/bin/catppt $path; true) 2>/dev/null& + wait_timeout 2>/dev/null +elif [ $fmt = "xls" ]; then + (/usr/bin/xls2csv $path; true) 2>/dev/null& + wait_timeout 2>/dev/null +elif [ $fmt = "odt" -o $fmt = "ods" -o $fmt = "odp" ]; then + xmlunzip "content.xml" +elif [ $fmt = "docx" ]; then + xmlunzip "document.xml" +elif [ $fmt = "xlsx" ]; then + xmlunzip "sharedStrings.xml" +elif [ $fmt = "pptx" ]; then + xmlunzip "slide*.xml" +else + echo "Buggy decoder script: $fmt not handled" >&2 + exit 1 +fi +exit 0 From 148b511f9d5bc080f40b3906b098541599a8166e Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 10:44:08 +0100 Subject: [PATCH 05/21] [Update.sh] Replace Solr with Xapian --- update.sh | 42 +++++++++++++++++++++++++++++------------- 1 file changed, 29 insertions(+), 13 deletions(-) diff --git a/update.sh b/update.sh index 2f03efff..8cfa210f 100755 --- a/update.sh +++ b/update.sh @@ -294,8 +294,8 @@ CONFIG_ARRAY=( "MAILDIR_GC_TIME" "MAILDIR_SUB" "ACL_ANYONE" - "SOLR_HEAP" - "SKIP_SOLR" + "XAPIAN_HEAP" + "SKIP_XAPIAN" "ENABLE_SSL_SNI" "ALLOW_ADMIN_EMAIL_LOGIN" "SKIP_HTTP_VERIFICATION" @@ -405,20 +405,20 @@ for option in ${CONFIG_ARRAY[@]}; do echo '# Otherwise a user might share data with too many other users.' >> mailcow.conf echo 'ACL_ANYONE=disallow' >> mailcow.conf fi - elif [[ ${option} == "SOLR_HEAP" ]]; then + elif [[ ${option} == "XAPIAN_HEAP" ]]; then if ! grep -q ${option} mailcow.conf; then - echo "Adding new option \"${option}\" to mailcow.conf" - echo '# Solr heap size, there is no recommendation, please see Solr docs.' >> mailcow.conf - echo '# Solr is a prone to run OOM on large systems and should be monitored. Unmonitored Solr setups are not recommended.' >> mailcow.conf - echo '# Solr will refuse to start with total system memory below or equal to 2 GB.' >> mailcow.conf - echo "SOLR_HEAP=1024" >> mailcow.conf + echo "Replacing SOLR_HEAP with \"${option}\" in mailcow.conf" + sed -i '/# Solr heap size in MB, there is no recommendation, please see Solr docs./c\# Xapian heap size in MB, there is no recommendation, please see Xapians docs.' mailcow.conf + sed -i '/# Solr is a prone to run OOM on large systems and should be monitored. Unmonitored Solr setups are not recommended./c\# Xapian is replacing solr completely. It is supposed to be much more efficient in CPU and RAM consumption.' mailcow.conf + sed -i '/SOLR_HEAP=/c\XAPIAN_HEAP=' mailcow.conf fi - elif [[ ${option} == "SKIP_SOLR" ]]; then + elif [[ ${option} == "SKIP_XAPIAN" ]]; then if ! grep -q ${option} mailcow.conf; then - echo "Adding new option \"${option}\" to mailcow.conf" - echo '# Solr is disabled by default after upgrading from non-Solr to Solr-enabled mailcows.' >> mailcow.conf - echo '# Disable Solr or if you do not want to store a readable index of your mails in solr-vol-1.' >> mailcow.conf - echo "SKIP_SOLR=y" >> mailcow.conf + echo "Replacing SKIP_SOLR with \"${option}\" in mailcow.conf" + sed -i '/# Skip Solr on low-memory systems or if you do not want to store a readable index of your mails in solr-vol-1./c\# Skip Xapian (FTS) on low-memory systems or if you do not want to store a readable index of your mails in vmail-index-vol-1.' mailcow.conf + sed -i '/SKIP_SOLR=/c\SKIP_XAPIAN=' mailcow.conf + echo "Removing Solr-Port Binding from mailcow.conf" + sed -i '/SOLR_PORT=/d' mailcow.conf fi elif [[ ${option} == "ENABLE_SSL_SNI" ]]; then if ! grep -q ${option} mailcow.conf; then @@ -719,6 +719,22 @@ if [ -f "data/conf/rspamd/local.d/metrics.conf" ]; then mv data/conf/rspamd/local.d/metrics.conf data/conf/rspamd/local.d/metrics.conf_deprecated fi +# Set app_info.inc.php +mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`) +if [ $? -eq 0 ]; then + mailcow_git_url=$(git config --get remote.origin.url) + echo ' data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_VERSION="'$mailcow_git_version'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_URL="'$mailcow_git_url'";' >> data/web/inc/app_info.inc.php + echo '?>' >> data/web/inc/app_info.inc.php +else + echo ' data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_VERSION="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_URL="";' >> data/web/inc/app_info.inc.php + echo '?>' >> data/web/inc/app_info.inc.php + echo -e "\e[33mCannot determine current git repository version...\e[0m" +fi + if [[ ${SKIP_START} == "y" ]]; then echo -e "\e[33mNot starting mailcow, please run \"docker-compose up -d --remove-orphans\" to start mailcow.\e[0m" else From 26c5ed73e23ea92759c6399050c6faa6be728a14 Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 10:45:33 +0100 Subject: [PATCH 06/21] [Config] Replace Solr with Xapian (Remove Solr Binds) --- generate_config.sh | 45 ++++++++++++++++++++++++++++++--------------- 1 file changed, 30 insertions(+), 15 deletions(-) diff --git a/generate_config.sh b/generate_config.sh index dceca957..d8397b32 100755 --- a/generate_config.sh +++ b/generate_config.sh @@ -86,23 +86,23 @@ else fi if [ ${MEM_TOTAL} -le "2097152" ]; then - echo "Disabling Solr on low-memory system." - SKIP_SOLR=y + echo "Disabling Xapian (full text search, build in Dovecot) on low-memory system." + SKIP_XAPIAN=y elif [ ${MEM_TOTAL} -le "3670016" ]; then - echo "Installed memory is <= 3.5 GiB. It is recommended to disable Solr to prevent out-of-memory situations." - echo "Solr is a prone to run OOM and should be monitored. The default Solr heap size is 1024 MiB and should be set in mailcow.conf according to your expected load." - echo "Solr can be re-enabled by setting SKIP_SOLR=n in mailcow.conf but will refuse to start with less than 2 GB total memory." - read -r -p "Do you want to disable Solr now? [Y/n] " response + echo "Installed memory is <= 3.5 GiB. We suggest you to disable Xapian (full text search, build in Dovecot) to prevent out-of-memory situations." + echo "The default Xapian heap size is 1024 MiB and should be set in mailcow.conf according to your expected load." + echo "Xapian can be re-enabled by setting SKIP_XAPIAN=n in mailcow.conf but will refuse to start with less than 2 GB total memory." + read -r -p "Do you want to disable the FTS Xapian now? [Y/n] " response case $response in [nN][oO]|[nN]) - SKIP_SOLR=n + SKIP_XAPIAN=n ;; *) - SKIP_SOLR=y + SKIP_XAPIAN=y ;; esac else - SKIP_SOLR=n + SKIP_XAPIAN=n fi [ ! -f ./data/conf/rspamd/override.d/worker-controller-password.inc ] && echo '# Placeholder' > ./data/conf/rspamd/override.d/worker-controller-password.inc @@ -169,7 +169,6 @@ POPS_PORT=995 SIEVE_PORT=4190 DOVEADM_PORT=127.0.0.1:19991 SQL_PORT=127.0.0.1:13306 -SOLR_PORT=127.0.0.1:18983 REDIS_PORT=127.0.0.1:7654 # Your timezone @@ -247,14 +246,14 @@ SKIP_CLAMD=${SKIP_CLAMD} SKIP_SOGO=n -# Skip Solr on low-memory systems or if you do not want to store a readable index of your mails in solr-vol-1. +# Skip Xapian (FTS) on low-memory systems or if you do not want to store a readable index of your mails in vmail-index-vol-1. -SKIP_SOLR=${SKIP_SOLR} +SKIP_XAPIAN=${SKIP_XAPIAN} -# Solr heap size in MB, there is no recommendation, please see Solr docs. -# Solr is a prone to run OOM and should be monitored. Unmonitored Solr setups are not recommended. +# Xapian heap size in MB, there is no recommendation, please see Xapians docs. +# Xapian is replacing solr completely. It is supposed to be much more efficient in CPU and RAM consumption. -SOLR_HEAP=1024 +XAPIAN_HEAP=${XAPIAN_HEAP} # Allow admins to log into SOGo as email user (without any password) @@ -361,3 +360,19 @@ echo "Generating snake-oil certificate..." openssl req -x509 -newkey rsa:4096 -keyout data/assets/ssl-example/key.pem -out data/assets/ssl-example/cert.pem -days 365 -subj "/C=DE/ST=NRW/L=Willich/O=mailcow/OU=mailcow/CN=${MAILCOW_HOSTNAME}" -sha256 -nodes echo "Copying snake-oil certificate..." cp -n -d data/assets/ssl-example/*.pem data/assets/ssl/ + +# Set app_info.inc.php +mailcow_git_version=$(git describe --tags `git rev-list --tags --max-count=1`) +if [ $? -eq 0 ]; then + mailcow_git_url=$(git config --get remote.origin.url) + echo ' data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_VERSION="'$mailcow_git_version'";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_URL="'$mailcow_git_url'";' >> data/web/inc/app_info.inc.php + echo '?>' >> data/web/inc/app_info.inc.php +else + echo ' data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_VERSION="";' >> data/web/inc/app_info.inc.php + echo ' $MAILCOW_GIT_URL="";' >> data/web/inc/app_info.inc.php + echo '?>' >> data/web/inc/app_info.inc.php + echo -e "\e[33mCannot determine current git repository version...\e[0m" +fi From f2e0e50f871013960b06a506dd3f60833d480619 Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 11:01:31 +0100 Subject: [PATCH 07/21] [Config] Readded default Value for Xapian Heap --- generate_config.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/generate_config.sh b/generate_config.sh index d8397b32..f08b802c 100755 --- a/generate_config.sh +++ b/generate_config.sh @@ -253,7 +253,7 @@ SKIP_XAPIAN=${SKIP_XAPIAN} # Xapian heap size in MB, there is no recommendation, please see Xapians docs. # Xapian is replacing solr completely. It is supposed to be much more efficient in CPU and RAM consumption. -XAPIAN_HEAP=${XAPIAN_HEAP} +XAPIAN_HEAP=1024 # Allow admins to log into SOGo as email user (without any password) From df2c33d323a124266ca969f43e9dfef08d67232c Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 11:19:38 +0100 Subject: [PATCH 08/21] [Compose] Replace solr to Xapian (in dovecot) First revision. Waiting on: https://github.com/grosjo/fts-xapian/issues/115 --- docker-compose.yml | 22 +++------------------- 1 file changed, 3 insertions(+), 19 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 57d07e8f..9a40ebec 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -151,7 +151,7 @@ services: - API_KEY_READ_ONLY=${API_KEY_READ_ONLY:-invalid} - API_ALLOW_FROM=${API_ALLOW_FROM:-invalid} - COMPOSE_PROJECT_NAME=${COMPOSE_PROJECT_NAME:-mailcow-dockerized} - - SKIP_SOLR=${SKIP_SOLR:-y} + - SKIP_XAPIAN=${SKIP_XAPIAN:-y} - SKIP_CLAMD=${SKIP_CLAMD:-n} - SKIP_SOGO=${SKIP_SOGO:-n} - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n} @@ -246,7 +246,8 @@ services: - ALLOW_ADMIN_EMAIL_LOGIN=${ALLOW_ADMIN_EMAIL_LOGIN:-n} - MAILDIR_GC_TIME=${MAILDIR_GC_TIME:-7200} - ACL_ANYONE=${ACL_ANYONE:-disallow} - - SKIP_SOLR=${SKIP_SOLR:-y} + - SKIP_XAPIAN=${SKIP_XAPIAN:-y} + - XAPIAN_HEAP=${XAPIAN_HEAP:-1024} - MAILDIR_SUB=${MAILDIR_SUB:-} - MASTER=${MASTER:-y} - REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-} @@ -523,22 +524,6 @@ services: aliases: - dockerapi - solr-mailcow: - image: mailcow/solr:1.8.1 - restart: always - volumes: - - solr-vol-1:/opt/solr/server/solr/dovecot-fts/data:Z - ports: - - "${SOLR_PORT:-127.0.0.1:18983}:8983" - environment: - - TZ=${TZ} - - SOLR_HEAP=${SOLR_HEAP:-1024} - - SKIP_SOLR=${SKIP_SOLR:-y} - networks: - mailcow-network: - aliases: - - solr - olefy-mailcow: image: mailcow/olefy:1.8.1 restart: always @@ -626,7 +611,6 @@ volumes: mysql-socket-vol-1: redis-vol-1: rspamd-vol-1: - solr-vol-1: postfix-vol-1: crypt-vol-1: sogo-web-vol-1: From 570170a5b1753ffa9590b6e8061b26440be70cf7 Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 12:24:51 +0100 Subject: [PATCH 09/21] [Compose] Remove solr from ipv6-nat dependencies --- docker-compose.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 9a40ebec..bc077cc7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -579,7 +579,6 @@ services: - netfilter-mailcow - watchdog-mailcow - dockerapi-mailcow - - solr-mailcow environment: - TZ=${TZ} image: robbertkl/ipv6nat From ed8941440a79a05deed876aca86135d90e3493f3 Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 12:27:57 +0100 Subject: [PATCH 10/21] [Dovecot] Added Xapian default config --- data/conf/dovecot/dovecot.conf | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf index b7aca757..6a4033f2 100644 --- a/data/conf/dovecot/dovecot.conf +++ b/data/conf/dovecot/dovecot.conf @@ -159,6 +159,21 @@ service lmtp { } user = vmail } +### FTS-XAPIAN +service indexer-worker { + # Increase vsz_limit to 2GB or above. + # Or 0 if you have rather large memory usable on your server, which is preferred for performance) + vsz_limit = 2G +} + +service decode2text { + executable = script /usr/libexec/dovecot/decode2text.sh + user = dovecot + unix_listener decode2text { + mode = 0666 + } +} + listen = *,[::] ssl_cert = Date: Fri, 28 Jan 2022 15:03:23 +0100 Subject: [PATCH 11/21] [Dovecot] Changed Xapian default to 1024m instead of 2G --- data/conf/dovecot/dovecot.conf | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf index 6a4033f2..5a7717ac 100644 --- a/data/conf/dovecot/dovecot.conf +++ b/data/conf/dovecot/dovecot.conf @@ -161,9 +161,7 @@ service lmtp { } ### FTS-XAPIAN service indexer-worker { - # Increase vsz_limit to 2GB or above. - # Or 0 if you have rather large memory usable on your server, which is preferred for performance) - vsz_limit = 2G + vsz_limit = 1024m } service decode2text { From f09ca0a36a2b9b942299d6bcbdd366610d21dc03 Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 16:48:51 +0100 Subject: [PATCH 12/21] [Dovecot] Added seperate XAPIAN Conf --- data/conf/FTS-Xapian.conf | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 data/conf/FTS-Xapian.conf diff --git a/data/conf/FTS-Xapian.conf b/data/conf/FTS-Xapian.conf new file mode 100644 index 00000000..2fefd6a0 --- /dev/null +++ b/data/conf/FTS-Xapian.conf @@ -0,0 +1,20 @@ +plugin { + fts = xapian + fts_xapian = partial=3 full=20 verbose=0 + fts_autoindex = yes + fts_enforced = yes + fts_autoindex_exclude = \Trash + fts_decoder = decode2text +} + +service indexer-worker { + vsz_limit = 1024m +} + +service decode2text { + executable = script /usr/local/bin/decode2text.sh + user = dovecot + unix_listener decode2text { + mode = 0666 + } +} From c98ef0d0c5e16580e1ef369ae1701c6de98aa62c Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 16:49:30 +0100 Subject: [PATCH 13/21] Delete FTS-Xapian.conf --- data/conf/FTS-Xapian.conf | 20 -------------------- 1 file changed, 20 deletions(-) delete mode 100644 data/conf/FTS-Xapian.conf diff --git a/data/conf/FTS-Xapian.conf b/data/conf/FTS-Xapian.conf deleted file mode 100644 index 2fefd6a0..00000000 --- a/data/conf/FTS-Xapian.conf +++ /dev/null @@ -1,20 +0,0 @@ -plugin { - fts = xapian - fts_xapian = partial=3 full=20 verbose=0 - fts_autoindex = yes - fts_enforced = yes - fts_autoindex_exclude = \Trash - fts_decoder = decode2text -} - -service indexer-worker { - vsz_limit = 1024m -} - -service decode2text { - executable = script /usr/local/bin/decode2text.sh - user = dovecot - unix_listener decode2text { - mode = 0666 - } -} From 99ea5692881b5e8d18fd2f41ee9ead710a96e18e Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 16:49:58 +0100 Subject: [PATCH 14/21] [Dovecot] Added seperate XAPIAN Conf --- data/conf/dovecot/FTS-Xapian.conf | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 data/conf/dovecot/FTS-Xapian.conf diff --git a/data/conf/dovecot/FTS-Xapian.conf b/data/conf/dovecot/FTS-Xapian.conf new file mode 100644 index 00000000..2fefd6a0 --- /dev/null +++ b/data/conf/dovecot/FTS-Xapian.conf @@ -0,0 +1,20 @@ +plugin { + fts = xapian + fts_xapian = partial=3 full=20 verbose=0 + fts_autoindex = yes + fts_enforced = yes + fts_autoindex_exclude = \Trash + fts_decoder = decode2text +} + +service indexer-worker { + vsz_limit = 1024m +} + +service decode2text { + executable = script /usr/local/bin/decode2text.sh + user = dovecot + unix_listener decode2text { + mode = 0666 + } +} From 30e2d944cd4cdba67bc47842fb06932ab60c99fc Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 16:51:33 +0100 Subject: [PATCH 15/21] [Dovecot] Removed Xapian from dovecot.conf This added a include try pointing on the file instead. --- data/conf/dovecot/dovecot.conf | 28 ++-------------------------- 1 file changed, 2 insertions(+), 26 deletions(-) diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf index 5a7717ac..2be1fff6 100644 --- a/data/conf/dovecot/dovecot.conf +++ b/data/conf/dovecot/dovecot.conf @@ -159,18 +159,6 @@ service lmtp { } user = vmail } -### FTS-XAPIAN -service indexer-worker { - vsz_limit = 1024m -} - -service decode2text { - executable = script /usr/libexec/dovecot/decode2text.sh - user = dovecot - unix_listener decode2text { - mode = 0666 - } -} listen = *,[::] ssl_cert = default_client_limit = 10400 default_vsz_limit = 1024 M From 60ddfe3be2dd94b60305dea6ef9d123d265bf3b9 Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 17:07:12 +0100 Subject: [PATCH 16/21] [Dovecot] Added Xapian include --- data/conf/dovecot/dovecot.conf | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf index 2be1fff6..cf5ad597 100644 --- a/data/conf/dovecot/dovecot.conf +++ b/data/conf/dovecot/dovecot.conf @@ -159,7 +159,6 @@ service lmtp { } user = vmail } - listen = *,[::] ssl_cert = default_client_limit = 10400 default_vsz_limit = 1024 M From 2d6ce926e18a6a0d51b1193b7a1d676653728825 Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 17:21:07 +0100 Subject: [PATCH 17/21] Update syslog-ng-redis_slave.conf --- data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf index f6905092..ea2bcfbf 100644 --- a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf +++ b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf @@ -1,4 +1,4 @@ -@version: 3.19 +@version: 3.28 @include "scl.conf" options { chain_hostnames(off); From d079ff49c6d763e2e3c49a333cde8ff5785c3eca Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Fri, 28 Jan 2022 17:21:20 +0100 Subject: [PATCH 18/21] Update syslog-ng.conf --- data/Dockerfiles/dovecot/syslog-ng.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/Dockerfiles/dovecot/syslog-ng.conf b/data/Dockerfiles/dovecot/syslog-ng.conf index bdaca9cb..2ee4f624 100644 --- a/data/Dockerfiles/dovecot/syslog-ng.conf +++ b/data/Dockerfiles/dovecot/syslog-ng.conf @@ -1,4 +1,4 @@ -@version: 3.19 +@version: 3.28 @include "scl.conf" options { chain_hostnames(off); From 3d637aca2563c31faa704db239d4e56d79208b46 Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Tue, 1 Feb 2022 14:48:46 +0100 Subject: [PATCH 19/21] [Dovecot] Added Xapian Parameters from mailcow.conf --- data/Dockerfiles/dovecot/docker-entrypoint.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/data/Dockerfiles/dovecot/docker-entrypoint.sh b/data/Dockerfiles/dovecot/docker-entrypoint.sh index 9ac2dc64..09594c0c 100755 --- a/data/Dockerfiles/dovecot/docker-entrypoint.sh +++ b/data/Dockerfiles/dovecot/docker-entrypoint.sh @@ -109,17 +109,19 @@ EOF echo -n ${ACL_ANYONE} > /etc/dovecot/acl_anyone -if [[ "${SKIP_SOLR}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then +if [[ "${SKIP_XAPIAN}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then echo -n 'quota acl zlib mail_crypt mail_crypt_acl mail_log notify listescape replication' > /etc/dovecot/mail_plugins echo -n 'quota imap_quota imap_acl acl zlib imap_zlib imap_sieve mail_crypt mail_crypt_acl notify listescape replication mail_log' > /etc/dovecot/mail_plugins_imap echo -n 'quota sieve acl zlib mail_crypt mail_crypt_acl notify listescape replication' > /etc/dovecot/mail_plugins_lmtp else -echo -n 'quota acl zlib mail_crypt mail_crypt_acl mail_log notify fts fts_solr listescape replication' > /etc/dovecot/mail_plugins -echo -n 'quota imap_quota imap_acl acl zlib imap_zlib imap_sieve mail_crypt mail_crypt_acl notify mail_log fts fts_solr listescape replication' > /etc/dovecot/mail_plugins_imap -echo -n 'quota sieve acl zlib mail_crypt mail_crypt_acl fts fts_solr notify listescape replication' > /etc/dovecot/mail_plugins_lmtp +echo -n 'quota acl zlib mail_crypt mail_crypt_acl mail_log notify fts fts_xapian listescape replication' > /etc/dovecot/mail_plugins +echo -n 'quota imap_quota imap_acl acl zlib imap_zlib imap_sieve mail_crypt mail_crypt_acl notify mail_log fts fts_xapian listescape replication' > /etc/dovecot/mail_plugins_imap +echo -n 'quota sieve acl zlib mail_crypt mail_crypt_acl fts fts_xapian notify listescape replication' > /etc/dovecot/mail_plugins_lmtp fi chmod 644 /etc/dovecot/mail_plugins /etc/dovecot/mail_plugins_imap /etc/dovecot/mail_plugins_lmtp /templates/quarantine.tpl +sed -i 's/vsz_limit.*/vsz_limit = '${XAPIAN_HEAP}m/g /etc/dovecot/FTS-Xapian.conf + cat < /etc/dovecot/sql/dovecot-dict-sql-userdb.conf # Autogenerated by mailcow driver = mysql From 28582c5842a0c22809983a4abcdf3e79fd1ab9ba Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Tue, 1 Feb 2022 14:50:19 +0100 Subject: [PATCH 20/21] [Compose] Changed Ofelia CMD for fts optimize --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index bc077cc7..46ee6159 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -278,7 +278,7 @@ services: ofelia.job-exec.dovecot_sarules.schedule: "@every 24h" ofelia.job-exec.dovecot_sarules.command: "/bin/bash -c \"/usr/local/bin/sa-rules.sh\"" ofelia.job-exec.dovecot_fts.schedule: "@every 24h" - ofelia.job-exec.dovecot_fts.command: "/usr/bin/curl http://solr:8983/solr/dovecot-fts/update?optimize=true" + ofelia.job-exec.dovecot_fts.command: "doveadm fts optimize -A" ofelia.job-exec.dovecot_repl_health.schedule: "@every 5m" ofelia.job-exec.dovecot_repl_health.command: "/bin/bash -c \"/usr/local/bin/gosu vmail /usr/local/bin/repl_health.sh\"" ulimits: From d86e9a22f4389f33c053702244d9eb63ac80320b Mon Sep 17 00:00:00 2001 From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com> Date: Mon, 7 Feb 2022 08:28:10 +0100 Subject: [PATCH 21/21] Fetch Staging from orig Repo (#3) * [Web] add github version tag * [Web] add github version tag * [Web] add github version tag * [Web] add github version tag * [Web] add github version tag * [Web] add github version tag error handling * [Web] add github version tag error handling * Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php. * [Web] add github version tag - adjust css * [Compose] Update SOGo Autoreply Schedule to 5m Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436 * [Web] add github version tag - move twig globals * [Web] add github version tag - missing * Passwordless SOGo auth: improvements for when accessing other users * [WebAuthn] fido2 passwordless auth - fix (#4440) * [WebAuthn] fido2 revert * [WebAuthn] set UV flags to 'discouraged' * [WebAuthn] revert - set UV flags to 'discouraged' * Update clamav to 0.104.2 * Update clamav to 0.104.2 * Update dovecot to 2.3.18 Update gosu to 1.14 Use debian bullseye as base * [Web] Updated lang.es.json [CI SKIP] (#4453) Co-authored-by: Fijxu Co-authored-by: milkmaker Co-authored-by: Fijxu Co-authored-by: FreddleSpl0it Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com> Co-authored-by: Michael Kuron Co-authored-by: Peter Co-authored-by: milkmaker Co-authored-by: Fijxu --- data/Dockerfiles/clamd/Dockerfile | 78 +++++++++++++++++----------- data/Dockerfiles/clamd/tini | Bin 24064 -> 0 bytes data/Dockerfiles/dovecot/Dockerfile | 2 +- data/web/lang/lang.es.json | 3 +- docker-compose.yml | 4 +- 5 files changed, 52 insertions(+), 35 deletions(-) delete mode 100755 data/Dockerfiles/clamd/tini diff --git a/data/Dockerfiles/clamd/Dockerfile b/data/Dockerfiles/clamd/Dockerfile index 6f38e359..3f1aa157 100644 --- a/data/Dockerfiles/clamd/Dockerfile +++ b/data/Dockerfiles/clamd/Dockerfile @@ -2,18 +2,26 @@ FROM debian:bullseye-slim LABEL maintainer "André Peters " -ARG CLAMAV=0.103.5 +ARG CLAMAV=0.104.2 +ARG TINI_VERSION=v0.19.0 + RUN apt-get update && apt-get install -y --no-install-recommends \ ca-certificates \ - zlib1g-dev \ - libcurl4-openssl-dev \ - libncurses5-dev \ - libzip-dev \ - libpcre2-dev \ - libxml2-dev \ - libssl-dev \ build-essential \ + pkg-config \ + python3 \ + python3-pip \ + valgrind \ + check \ + libbz2-dev \ + libcurl4-openssl-dev \ libjson-c-dev \ + libmilter-dev \ + libncurses5-dev \ + libpcre2-dev \ + libssl-dev \ + libxml2-dev \ + zlib1g-dev \ curl \ bash \ wget \ @@ -22,39 +30,47 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ rsync \ dos2unix \ netcat \ + && python3 -m pip install cmake \ && rm -rf /var/lib/apt/lists/* \ && wget -O - https://www.clamav.net/downloads/production/clamav-${CLAMAV}.tar.gz | tar xfvz - \ && cd clamav-${CLAMAV} \ - && ./configure \ - --prefix=/usr \ - --libdir=/usr/lib \ - --sysconfdir=/etc/clamav \ - --mandir=/usr/share/man \ - --infodir=/usr/share/info \ - --disable-llvm \ - --with-user=clamav \ - --with-group=clamav \ - --with-dbdir=/var/lib/clamav \ - --enable-clamdtop \ - --enable-bigstack \ - --with-pcre \ - && make -j4 \ - && make install \ - && make clean \ + && cmake . \ + -D CMAKE_INSTALL_PREFIX=/usr \ + -D CMAKE_INSTALL_LIBDIR=/usr/lib \ + -D APP_CONFIG_DIRECTORY=/etc/clamav \ + -D CMAKE_INSTALL_MANDIR=/usr/share/man \ + -D CMAKE_INSTALL_INFODIR=/usr/share/info \ + -D CLAMAV_USER=clamav \ + -D CLAMAV_GROUP=clamav \ + -D DATABASE_DIRECTORY=/var/lib/clamav \ + -D ENABLE_APP=ON \ + -D ENABLE_JSON_SHARED=OFF \ + -D CMAKE_BUILD_TYPE=MinSizeRel \ + && cmake --build . -j4 \ + && cmake --build . --target install \ && cd .. && rm -rf clamav-${CLAMAV} \ && apt-get -y --auto-remove purge build-essential \ - && apt-get -y purge zlib1g-dev \ - libncurses5-dev \ - libzip-dev \ - libpcre2-dev \ - libxml2-dev \ - libssl-dev \ + && apt-get -y purge pkg-config \ + python3 \ + python3-pip \ + valgrind \ + check \ + libbz2-dev \ + libcurl4-openssl-dev \ libjson-c-dev \ + libmilter-dev \ + libncurses5-dev \ + libpcre2-dev \ + libssl-dev \ + libxml2-dev \ + zlib1g-dev \ + && addgroup --system --gid 700 clamav \ && adduser --system --no-create-home --home /var/lib/clamav --uid 700 --gid 700 --disabled-login clamav \ && rm -rf /tmp/* /var/tmp/* COPY clamd.sh ./ -COPY tini /sbin/tini +ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini +RUN chmod +x /sbin/tini CMD ["/sbin/tini", "-g", "--", "/clamd.sh"] diff --git a/data/Dockerfiles/clamd/tini b/data/Dockerfiles/clamd/tini deleted file mode 100755 index 03af82f09e6484df819313cf9fec158d6b4a879d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 24064 zcmeHve|!|xx%VU_2mv+$L8H=o!q#N{<`HuEer$$? zd~V;*{k(s?pAVy(GtckmJm)#joS8Yy?VhHF+?*Uu9l6?-8bMtPT^uF;YTD#_4oY0L zHd}LPpU@U-Gl9v+&&4U!iZj(7m#S4eOY+S?n}=U@u0T}hy7-A|7Yj5jh(mcuE!mqo zT=G=3^;Zc{wVK8_g5=28qGk@F?cyh@{qz|UuN;(e8<=IQ5Nw zKG{ECt_u*sE^4%T{&%V+UOHO;VD{4a_B9+t>*6P>eNdn^)hfAbAV+@wy+@H`Y?Jn; zi^~z&Kh;W5yL2$ny=vv9gT3X0fnan~`KIbs<*QaYBO&K<-fz-Ryp7Er+>(kT14KSA z#E)`-=+#ejZ`!o*WzSbP?R~eg=<(m)z4kNf=YzHcKjNjB7EKhfbvbvZFZvBThpZ}9Xf4*w`=G*VTZTXY$FL-SH&yF8Ge%%YJzEvJOaLaXz_udlU`>$(X zpG>~~<=dWm{)^wdl_rbRx`R4lz=B>GRPU$D^T6~>mP?HY%_i@ys_LAhWW zd?|u|D*oPS_&dPQPNDzBY4|Cgr_ygtga6Vr`21=7TssZ_U#7udHx2&mY4jhMroZ*m z=%IW%Re#&2!Bak+ihs^D_(Rj+*);y&I}QIYros1M0y5CDk0=nQ@^kMr_-{;u|F3EA zw@rhen8u&KO~X&ufm8YUV;&!e#+JIkp=m3imyYFV7ibQxYmtk?6h}I?Nc^F5TpWH$ z;xFTR3bng05qM6-pV{D_ubrd0uIb{awN#LBERc357PvV4jMTFT(0uJ&?K>S^9530m z^SIqP+NL5G$E!b^q@E+^3p~w3I_{PDt|cx4wIt-}xDag-^e3c#fz`CNl7B+#*&qoY z06!lR+hxC$KNmOXXzi^IMAucrM9_#(tdlkt&g ztwrjYl>Eh#@I8qiJIlo}{|tFLZjpMj`}JLE_u<7Z&i6dz>G&yr6z5492f9YkQ7-u> zWPc^QHY)A5Uf|+<1=4N;EsgI=>A#B4e96zG9)nA1+H+FBS|8E1hK`5vBYz&w^5;Ln z&rT7a&rAO8S^SpN-zxiiEh)#bQTbEs;_wf_#}8bGd+4&eN{g7`NT5IHAJjs_W+2$B z^@YMWYd{T$Lp?+O2tV%&3=T#NQ|mX(;Xto;Ge8nFLxWn6e{e9=qYa09OyC0j#?Y|2 znRq)pjc_;^>IBtq20}p+h6&*NhQooN+1J@K0Oe+HC~9hb!%?$GGkYL7+#ep+cneFA zF@huHnm^o6%+N_zdJXQ6vB~He8P@tn!vWJEyuXK=8ubUbqrjMfA)}XIa=2#*s?9Kz zgu-xyqR<(EYO{059|&sQ{)iFu4;j3lY0ib^<6qJ4H)cn1@ zoyMkNqsJta8I8cn7M%75f}PQb(W|W6`-m=LkPKu(XJ>aLA{B>?h#9guM&5Vc8XD>j z81RzD6VdE3f)NbEuzxhDbzVKv*(O6#H|UQ6;e7^{x@}|Ff^B^&ehozj!G3_b8P>e2-zug zZl}_@fN5TdbE<9PFwY6hrWNZBI6=7Rxdi8GPm)tOj<K)vYXx;YY{Q?WkZ5<< z@MqiblQz7%wi0=-4S%kUf1eG1o(;d>hFAC6L_TE0f5OIZ+3=sV;g8tx%!WU1!(U*- z>#?_H>52U4RZP>jPMZ1FQDmtzrqrP{j-@vc zOsSvR$Kf`DDdkg>9KM=hO7+yk9IhppQarVt!)pkpX_cDb@N$AF)l*{}zL;Q2@zgMf zmk>;;o$BK7xdc;6r&>9@fM81Hl#9a!1XBv9Dma`=Fr{vaarlEP0aMDRia7i(!IY{g zjl*veOeH0Cn&9w{2&NQFjdA#U1XJpzhB^FAf+^)vT^zojU@QR9e-3|{U`oA|i^HEMm{KlP z!QsymOsSS)91hnot#1M_KlD4^+J?c?$D2wP>f^qW;yv{xJT7P#(kNRWAlAs3xd|Zj zJDw!&-IbHpZiE!*Gj+#=6 zw6CNB;P{r3N#Yv6t;D6r>r0q*CE~tyGWz{Q)z4~~w)L2K<4*2FA3TS#R_o^FB9`O?j%C`5SX_RQrozjszRSr z!M`AShknO9T*0o7XF!1-KcerluF`X!)}Q^@T$Ir^M`&c7%uPgJ0NHU z5#xdpW8`O&oVeZdI4}nz@0_7Yb5VC0BnHqF|?Ys7Fc9l9$d=GxH}L< zYc9x%YHKUbldel$Ncmmhei1cCCFTtv>4~b{K#Acx2O@mdY}nm5VIBT}>wggBEd3Xd z{(l7-`j?XaBBB5A1Biq5h>#mRSuO?rmMP@k#(8o;$fbG^srJfam1*lCpb?gB?@$lD z04me*r>$0wjqf%?RuyTF?@nm3mc{AYGua2_n_tQKdF4RJ}s0IJ*x*lgrs!^$cXn(aGw0B=thc4 zgOVrz`d7oh!aEy)w#tOMr!cdj&hBG3cVyo8K}phzQ}{SRK3*n#oB&A#VJ5Vsj$z7A zxI5fFZ~UWx;@J5tTBBF@A zRbrX^Z)O_cPlg45xq!a&3v&zwu|KR#8xV-VnWUj53AM^fK^@Ah=`EzKD?@wJuHG$Vd zDDxuzbg>xUUT>-a zI}TM-V!UHjLp$cr%lfX@^AcaNfQ>Ku8ETA}intPCp4lcJt{PMM1{=jmTGY_8W0sCp z8@~&*7E-XVNST$Sva4e$wRG%CEz0zoG~m%t76BiM_Ib$sYxus^gS?&Ie$Jb!c~uKc$lG`L0yT}e60dEC53n1NE7EqVeI{t+?f4-aZjO00k^dFYz?HIY zfD#1!OyO{y?VfCccV!+Gq~tQpEaB_+%iycQNmaiENyK0!X`xE0?jvRhwOGBjBQ}K5iSw1;WIJjEQGSB>$k3X{oZzddI!q-QkTNbNlf3qjucg z@1qc$1>apPCj-foyT82s^i(fr}@QKLrq0t)h+2OsD7NLqPbr)Kk&~(xf+R-rCem`plN3i@L&V~kU#&2ItV@KE z-(%iq%}+lxS#Q0?$JM}jax3&>RN>O2;8xXYjWGBvpoGD{LWEnAR&561-{YV{gL$&O zKMPN8AWAA3v?cCuIHk&!G4WMWa;iQ}SQ~`?g(vI(60}&0K}Pkx2j|K4qCcrikbP>s zV4WxA|2L{iRy?lZUd&5^Vhj2MP?EY6lUn3Ydy-w#rC|vjdvZ*VzhS+6SgtA(h<{>b zN$lhK=FPF1-(NzvV4r&kS6Kg{bu}EoL~gfkA<=3)kU%MYit=F$ z2!w9+$*w(0y}I1mi6*&eB_E~3oqXLDtJy3}y$%g@cl6d6-K%QWnWRkIA?KNI#E#D~ zU$f2^2KJ+rWc9s67`TxPlnMjzgzAw>gB2j5On)6Hkp}O+2?WfEq*HYyk^kn!RHzEK zgs5Qu8!;tn`h-P$v3i~RGOr1gB$Yu?tXg5)+QCUxl^Ii?gBDzU&nJx=gvR%rybty| z^(CS4B~X$@8IAieepa8*xDzDde3f**a+0D&^JIq5`}LFcu7)t~9IbB%j$6S&weK}3 zR>3(-=zW3Vs4OkJs4Dbc;PIN78wZHp*&*a5mJ>DE!=Oa0O{!gljX_m~wq-ecz%iEg6C<#UhFw^-=2U8k+D zK}fAL{)sE7IaVgd=sQR!HAZ2f`yfc7pOvKXr2c&PNACCCV8bBW{jTH+=G_X4&F?du z@O!4v-I>w-0%@`7&ODE_{!!>(DfHX(_gT@ybBThxNa$6r|CCdzw2b-@C_y4@eIMzS zz?0zkzSyDL3%7oeC(FP^SRIaBV^s=E&!9e_C-#Rg{m@tVXj92N4AA#MPVTeC>1tu@ zE5M65&4wN_Quyf8@h9BzypmlX2=$L-)X#>h)C@k6 zU7Gt^tYG44y4`FVU;5i63=fyb%c;c^v18u&3r)-ZK=;-9u8(F|7ySWU-TJo4Di5l7 zG{xU+iXW?ohV;Uh`Azrg!_ha9D)OP0`$l)?Zrl3t=x&;H&<75jYV;m@LxbDrZerNe z5n!cD1IsotwX1^l`2&MS?;5r=qHU=6)OIwUz?IpBVdtY=A$FK{UO?WC+Td+&XkjO) z0z>K2$g%>hE;KZRy$cN6J`F}2O+vxQnt}q2vGTz+tbHIf3KHKwz=+M*6fm6ynkP6C z2#110M$lv<{&0Y{QgAV!x7pj--cj4;akqNfG!Cx!wAHq>dwtgnaILqgsk61MrOwmd z-r3mJ($R|8H|l80%SR0CdBKj9rI7-yIbJkwDPP90t|Ff!Ud zXskgTeQoYK&k3DZyB~~R=8rJGfq_l!``B=;yRG@eXkpWb+-Q>t>qSc=7ftPVv7rMT zt@h~H2;gtv!^_MN!!8nR+F6jC(9)r`89hc|1df8UPH(E$TCrgx5bS4SAIciW z{b&x!UO+S7QDaBY-VW%&o|az8H5xDn7`6+MG~D%IOrdg(qz)h^G|bq90;Aq$A2ru> zczKJlBM>p=qvoz{NEEBM?^ZR-g3c|=>+ zB8;{BTDW#!yN|aWZH>fsU0rJjZyVZgpmsfGkq|^SH4x@nZ*!eaC+*j_^YVp$)9x4w zm>g!leTUKZsS}4ru-o{dg@%R=AngZ@a2EHJUe4FjF%93zQ#Kf4rn#AwhHj=jpgb{* z-euDK)JCg}J@7}OJp-)Q7{NT8POhD{_GAW_YmG#BaxgX8Vz8wlUVP+iV-?QIYG(y2 zXZ@JmeMZlURn;pbUkB|1qAA5TwBU7LOLO~1hG;jox!1Asa<;+U)(FgPIG4&$I_U7A z3Pnu=6Bxeqhy6n=8pIAPW)2wW4z^c~1ZbkOP+w+_)AlA24|vXt6I7uLDb2DPDW`4K z2=>4?AQ{YoK!gn#gTrjdh>-jC!Uev_8m0;WO@HoT4>+ev04og}w?qTjS;d-YH$1zt zhGApVG88_@4>JsTv%6^x^MwQb{pgf{+30`~WY~2^MX?vVugaL=?02#yLV_m65@-+y z^o*=wjYiN2V-pn{qGEuab%!FT!ch~O?ws&)7<<`RbeIxl1u7W&qZB}XbPa2z?Oo^r zcAW(&$At%!Qnag!!4-ymdNjEi-{IA(#Hk;c@a@=4CM!vVjL_)td2&%CGZOvbP;}TX zXE4uoUSDTjOTC98IpiOnLa@@laA=5Ckh0}fRm-TYAYq0S`k%#}yC?bB7#N++{MsXG2yOb4g;#5B>umQR7`nHq ze(Ji%kb%*le+1>8u8a(c&a-kDJLYf=8*(x?hGugp%A&lO+p~;bmT0yMg4%p{ic1y0 z)N%F``2DKRXRc|?Z<^siHzuSK=?IG5hbS3*&m{{4DG@SzGFAWTXm=m-D}wq1y*$C> zHb=@TaTS6KC+Ryir&6nVXrm|8VY$PvSfq@u?zk#tVoN<+huxpDbc<^e!*z2AV}lCH z3!B(I$!i-G(UbWFmni#EL;!T<%+%eJ<;a_8@aAA>G)R*tf>j9)c^wt|D>HLMmDrl4 z0b;^2l}Ff=N>flVeR3H+(2qd{b7t@npqU7R5?M-$T z+`u>Zssu!>AH~jZuC?2Mbh$`3h@$|L%`z4VF`2b=Dd1O&5Sbdq{e!c>7h-*ZO}x0` zf{mIrREFAQa71}Tt-moPD4pptfqm5{-2t!@SN~*Nb%Z-{%D$8_XhkS896T1zQ^bx? zkCwSO1y54=(Tv+{I%qcz9UT&$AwX@Tg!3faD`9%zOvj*v=|MCdriAG!H65RpFg=^5 zG)8>iv_6VUFzaz=Sw)}ycw6%voY@Pi|O4(v>*V5@j1fxBU_F=RYNPwc>;dUMEk>7(4Z7Xiy_o96m4*-s! zoy3!YVkE{Go|sLbox~&2y#(XUhYR+Ppxq`DMa3`Y);29?Q&G-&bI+JHk#j~7;i+%O z_overqgBVL`8BNs48%X{1>v*iC~9yNUtKt7bk>-5)w!2nyrN_Y=^(y({I(+o41Lnv zj-ps@ZexLCmOdwUBbqv%Qlx7Tzxxm){%>sr-@Tj<_$K`B!ms${bejL0l3GX6cy6tu z_^uiC4t8gr+ff?JzuHle8!m8^x*g2zCKKR+J6Nu(z)=hg z^fb(=cN8~dRFb|=L2eV|t|dA2BDc*ki*%U4PXf>X4UxxD^o3lHqj-Eqt%Kc_SMMmj zGr!(Z5u2HNjp!+2AbMIqC-)wpU^atloYR_xsh1O&?7vL?L2hjj_KR}YJ7&>%y$Adl z@ciF+HPU!_#c+KV4Ue82f8^ed*VAeKZcO`ixy%1;7<~N# zjobJP5A_G*Ci~Oq7|WfZ=M*?98u$oiI?*sEw+C2oVq7y=&m0OsHgBz}Pc$w+gIx=A zg#TMRo=n5Bv@I?Fp&g!UhKFGZXxg&Vm$p1|l{Jo3v;!eu5SY88C z?9l=TtK;K}{A!$&yE_X;!cEcF3Xdqin=mK$KA%oMgZOHVj*0vrBIOoznj?dtS7YuP zIM-nJixj6XP@Kl|Y8|C_ew0U9ImjV+RdYayvRg_|9j;hLr)j7;^r={iSFa+Q1riioDLCuU#^Rq%s1aAXA4+8 zf1Q{iVD&t8pS(F&&nwh3CG|X$bkTuZd2zIM@mAf_)At?dpyxPrsOP%sdFSLj*9mxC z!piSWoQm%T$yV9NhEm?2V#%MDu!<)hC35=2T%liz|37ckckHqaJz6CEcv`kE%JvP} z9+U0N`GW5(*-H)MNEwlfz<`?9@I zwyR{@Alvn_?UU_@Y_t2F4Xg1{c!JmFDG1;5!>f&TULW53i#<=J0G1UL)P;sO<7NMV z$x3^cvE>z&Rm?XK!Y&fl5)R$k6Jl4G9CU>^=f$;)x@>j@_P@jp{ z{bExC_5y`^0(eQ?%X&jSQQD5hzvzQ^IoOZIO6f(-l6EPvWEnSt_qc-v0eT^g?MF%( zy}-n_1H7)mM|cAKQ$1yPCEPO@#RqAyuRxLq14996fy8-4A_edquZqgJpJmv}&>QI6 zjMm`Y8jf}k1|kDx*bzah=^ZrQMG=w*xQt$UUCQ4p4GtEdr`R_^QL%f+c_==J4eZMh z@eK>3i24b&*v} zzdJO7T@aZ8$D2CZcSGAv#5??{QI({~0NzJ4ymu1;gWW)|fKaMCcxx8z#*6Bp8SoFX z;ZT^{%kHMLpunelSbIx@4?EC2%-c>oZPt71J@ssfyB+Y7GIp)kr?+(Y7&zM8&A#hd zO9OK^U(eQho9oN452LjWyXsg=TY-07Ym?Ul9JWL?b<}&C8(A&nnp=?DUL-Y?`dSzn zl&ZWQ$ThHap0+w2n%%YDCT!U&D`@cgnn`CvOB-{uR(G4vTi4O#Zey(-ZLKZs9+-BBe_UB`IOH;iE$XX9P zbJsR`gei2YuF36PSH|ky>)egxT^nnGmbL<76W+0Fbq}G)o*Vzy(H14@25lw7zCT|X zdfDd7h+gY$_mnYro41_;($LnjuB?E<2?=P2638`sgcb@l4^U=Az(N7*K&O>2tlr~p zf-VeC^9jS}ENHB&Tf<5_x}!le%Bq|zofYM)q8zIHOyw$P#Y*SuWdctHWmUzhiq)Ft zj0|9!nEr0fiLE^bzI5e8mKjcTxZL#jOQ=5>b#_OwGow7vt2qh6ro92p*}FLy**qj# zGb|`_ztjmpCum_~&`$#LYH!^^$bMwYuLKeQ+&84`-&LW>&e zyOLMyng-yARmrRM*`!mpIW?*S8q~z85XF@J8w@5kl{$25@mfo?^+DgG{ zeN`+Mq!m&=+kc7HZo&!0RLQILoG#@zNk(NqyZ@$?ua$gieK;xQ)q0ZTDQ4O7^yvYL zi41dQJ-w+2NE~XNEFj^lI;VCses=loa$UAv${)%KxI|~ZYew<4%a1K^0fYCH3wV?9 zS3pz#D|j3yc6s$Z%n2!XTzmg@d?jP>HL~y8ewBpas|F21THGb+lm)oWM z2_ItvFH?$S`wg_@e@1?di&ND1mmlQN)SqnoKLE)tuV3!s%=+a*=5LuB4FRk17ZAQn zgcI7!q1e>@lKLKVHh(t!6l4o+^6Gx7m?jpEZ2oNcS@4km%07MGh7R_3%D)I+%3UR| z?kCjuviFg494fz+eU%5>K(pId-_bkX!o{ZbU+H-@OI~a35`wLw;mYMHHA+sk7I1d^ z+BIFohVPk*CXqGZOrSG=-@zH_QvFxo`%82PmNC&}{<6%OI5~=j>{n#rl|0pV`ys=b W>DCFp+ZcCB`+u|H=v2uo^#1{xm}Ef! diff --git a/data/Dockerfiles/dovecot/Dockerfile b/data/Dockerfiles/dovecot/Dockerfile index 06cc7f2c..68fb7332 100644 --- a/data/Dockerfiles/dovecot/Dockerfile +++ b/data/Dockerfiles/dovecot/Dockerfile @@ -2,7 +2,7 @@ FROM debian:bullseye-slim LABEL maintainer "Andre Peters " ARG DEBIAN_FRONTEND=noninteractive -ARG DOVECOT=2.3.17.1 +ARG DOVECOT=2.3.18 ENV LC_ALL C ENV GOSU_VERSION 1.14 diff --git a/data/web/lang/lang.es.json b/data/web/lang/lang.es.json index 87be8b4d..098dfa2c 100644 --- a/data/web/lang/lang.es.json +++ b/data/web/lang/lang.es.json @@ -18,7 +18,8 @@ "spam_score": "Puntuación de spam", "syncjobs": "Trabajos de sincronización", "tls_policy": "Póliza de TLS", - "unlimited_quota": "Cuota ilimitada para buzones" + "unlimited_quota": "Cuota ilimitada para buzones", + "app_passwds": "Gestionar las contraseñas de aplicaciones" }, "add": { "activate_filter_warn": "Todos los demás filtros se desactivarán cuando este filtro se active.", diff --git a/docker-compose.yml b/docker-compose.yml index e787f514..56147f98 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -58,7 +58,7 @@ services: - redis clamd-mailcow: - image: mailcow/clamd:1.43 + image: mailcow/clamd:1.44 restart: always dns: - ${IPV4_NETWORK:-172.22.1}.254 @@ -212,7 +212,7 @@ services: - sogo dovecot-mailcow: - image: mailcow/dovecot:1.159 + image: mailcow/dovecot:1.160 depends_on: - mysql-mailcow dns: