🐄 Moorch Update 2022 - ClamAV, Dovecot & Olefy Update (#4497)

* [API] Fix minor issue in api docs * [GH-Actions][stale] Add neverstale label to exempt list * [Web] add github version tag * [Web] add github version tag * [Web] add github version tag * [Web] add github version tag * [Web] add github version tag * [Web] add github version tag error handling * [Web] add github version tag error handling * Passwordless SOGo auth: support for calendar invitations and calendar/contacts subscriptions Inviting someone to a calendar event triggers a request to /SOGo/so/otheruser@example.com/freebusy.ifb/ajaxRead. Subscribing to someone's calendar/contacts triggers a request to /SOGo/so/otheruser@example.com/foldersSearch. The email address in the URL is different from the logged-in user, which needs to be handled appropriately by sogo-auth.php. * [Web] add github version tag - adjust css * [Compose] Update SOGo Autoreply Schedule to 5m Based on the advice of inverse (SOGo developer). Thanks to https://github.com/jmber Closes: https://github.com/mailcow/mailcow-dockerized/issues/4436 * [Web] add github version tag - move twig globals * [Web] add github version tag - missing </div> * Passwordless SOGo auth: improvements for when accessing other users * [WebAuthn] fido2 passwordless auth - fix (#4440) * [WebAuthn] fido2 revert * [WebAuthn] set UV flags to 'discouraged' * [WebAuthn] revert - set UV flags to 'discouraged' * Update clamav to 0.104.2 * Update clamav to 0.104.2 * Update dovecot to 2.3.18 Update gosu to 1.14 Use debian bullseye as base * [Web] Updated lang.es.json [CI SKIP] (#4453) Co-authored-by: Fijxu <fijxu@zzls.xyz> Co-authored-by: milkmaker <milkmaker@mailcow.de> Co-authored-by: Fijxu <fijxu@zzls.xyz> * Fix broken documentation links (#4458) * Fix broken documentation links * Fix a few more broken documentation links * Fix broken documentation links in translation files * Fall back to empty string if WATCHDOG_NOTIFY_EMAIL undefined (#4457) By default, `.env` (`mailcow.conf`) does not define `WATCHDOG_NOTIFY_EMAIL`. Using it in `docker-compose.yml` without having it defined leads to Compose v2 displaying this warning on startup: > WARNING: The WATCHDOG_NOTIFY_EMAIL variable is not set. Defaulting to a blank string. Related to https://github.com/mailcow/mailcow-dockerized/issues/4315 * [Web] Updated lang.sk.json [CI SKIP] (#4461) Co-authored-by: Lukáš Matula <lukas@gbely.net> Co-authored-by: milkmaker <milkmaker@mailcow.de> Co-authored-by: Lukáš Matula <lukas@gbely.net> * oletools: disable template injection detection (#4464) Seems to be causing a lot of false positives lately * Fix minor typo in comment (#4466) Correction of the comment, so that the explanation is correct and can be understood. * Update issue templates to issue forms (#4465) This PR updates the issue templates to GitHubs new issue forms * [Web] Fix padding issue in UI admin panel (#4481) * [Web] fix admin panel padding issue * [Web] fix admin panel padding issue * [Web] Updated lang.sk.json [CI SKIP] (#4489) Co-authored-by: Lukáš Matula <lukas@gbely.net> Co-authored-by: milkmaker <milkmaker@mailcow.de> Co-authored-by: Lukáš Matula <lukas@gbely.net> * increase opcache.interned_strings_buffer to 16 (#4487) since version 23.0.2 Nextcloud recommends having a value greater than 8 for `opcache.interned_strings_buffer`. As this memory will be only used when needed this should have no impact on installations that are not using nextcloud. related discussion: https://help.nextcloud.com/t/nextcloud-23-02-opcache-interned-strings-buffer/134007/19 related nextcloud issue: https://github.com/nextcloud/server/issues/31223 * nextcloud - add missing redirections (#4366) adds missing location directives to the nginx configuration of nextcloud 22, to prevent warnings in nextcloud admin center of missing redirections * Update imapsync to 2.178 (#4491) * Update and fix oletools (#4479) As noticed by @MAGICCC (#4464 (comment)), our olefy image does not work anymore if you rebuild it. This is because @HeinleinSupport recently updated their repository with the changes from @decalage2's repository, which renamed olvba3 to olevba. Since @HeinleinSupport does not recommend using its own patched branch and is very slow in pulling in changes from upstream (@decalage2), let's switch to the latter. This also allowed me to revert #4464. Finally, a minor patch to rspamd is necessary. While the documentation says In the extended mode the oletools module will not trigger on specific categories, but will always set a threat string with all found flags when at least a macro was found. This is not actually true -- it only sets it when suspicious or autoexec threats were detected. But it's a one-line patch to make rspamd behave as documented and we should submit that patch to @rspamd too. With this patch, I have confirmed that Mailcow will reject any incoming, non-whitelisted message containing attachments with macros. * [Web] Fix excluded domain list in quaratine view Previously excluded domains from quarantine were not shown. * [Dovecot] Update syslogng Version to 3.28 (#4496) Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh> Co-authored-by: ntimo <git@nowitzki.me> Co-authored-by: Peter <magic@kthx.at> Co-authored-by: FreddleSpl0it <patschul@posteo.de> Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com> Co-authored-by: Michael Kuron <mkuron@users.noreply.github.com> Co-authored-by: milkmaker <milkmaker@mailcow.de> Co-authored-by: Fijxu <fijxu@zzls.xyz> Co-authored-by: Slavi Pantaleev <slavi@devture.com> Co-authored-by: Lukáš Matula <lukas@gbely.net> Co-authored-by: Max <mail@heavygale.de> Co-authored-by: Michael Cramer <michael@bigmichi1.de> Co-authored-by: Robert Christian <soulsymphonies@users.noreply.github.com> Co-authored-by: André <andre.peters@debinux.de> Co-authored-by: Niklas Meyer <niklas.meyer@tinc.gmbh>
2022-03-02 16:32:17 +01:00
parent b1314bd9a3
commit c520f21d28
30 changed files with 1537 additions and 641 deletions
--- a/data/web/lang/lang.sk.json
+++ b/data/web/lang/lang.sk.json
@@ -105,7 +105,8 @@
        "timeout2": "Časový limit pre spojenie s lokálnym serverom",
        "username": "Používateľské meno",
        "validate": "Overiť",
-        "validation_success": "Úspešne overené"
+        "validation_success": "Úspešne overené",
+        "app_passwd_protocols": "Povolené protokoly"
    },
    "admin": {
        "access": "Prístup",
@@ -460,7 +461,8 @@
        "unlimited_quota_acl": "Neobmedzené kvóta je zakázaná cez ACL",
        "username_invalid": "Používateľské meno %s nemôže byť použité",
        "validity_missing": "Zadajte periódu platnosti",
-        "value_missing": "Prosím poskytnite všetky hodnoty"
+        "value_missing": "Prosím poskytnite všetky hodnoty",
+        "yotp_verification_failed": "Overenie cez OTP Yubico zlyhalo: %s"
    },
    "debug": {
        "chart_this_server": "Graf (tento server)",
@@ -494,7 +496,7 @@
        "dns_records": "DNS záznamy",
        "dns_records_24hours": "Berte prosím do úvahy, že zmeny v DNS môžu trvať až 24 hodín, aby sa zmeny prejavili na tejto stránke. Pre jednoduchosť DNS konfigurácie môžete použiť údaje uvedené nižšie, prípadne skontrolovať tak správnosť záznamov v DNS.",
        "dns_records_data": "Správne dáta",
-        "dns_records_docs": "Pozrite si prosím <a target=\"_blank\" href=\"https://mailcow.github.io/mailcow-dockerized-docs/prerequisite-dns/\">dokumentáciu</a>.",
+        "dns_records_docs": "Pozrite si prosím <a target=\"_blank\" href=\"https://mailcow.github.io/mailcow-dockerized-docs/prerequisite/prerequisite-dns/\">dokumentáciu</a>.",
        "dns_records_name": "Meno",
        "dns_records_status": "Súčasný stav",
        "dns_records_type": "Typ",
@@ -608,7 +610,10 @@
        "title": "Upraviť objekt",
        "unchanged_if_empty": "Ak nemeníte, nechajte prázdne",
        "username": "Používateľské meno",
-        "validate_save": "Validovať a uložiť"
+        "validate_save": "Validovať a uložiť",
+        "sogo_access": "Prideliť priame prihlásenie do SOGo",
+        "sogo_access_info": "Jednotné prihlásenie z používateľského mail rozhrania zostáva funkčné. Toto nastavenie nemá vplyv na prístup k ostatným službám, ani neodstraňuje alebo nemení existujúci profil používateľa SOGo.",
+        "app_passwd_protocols": "Povolené protokoly"
    },
    "fido2": {
        "confirm": "Potvrdiť",
@@ -985,7 +990,7 @@
        "enter_qr_code": "Zadajte váš TOTP kód, ak vaše zariadenie nedokáže skenovať QR kódy",
        "error_code": "Chyba kódu",
        "init_webauthn": "Inicializácia, prosím čakajte...",
-        "key_id": "Identifikátor pre váš YubiKey",
+        "key_id": "Identifikátor zariadenia",
        "key_id_totp": "Identifikátor pre váš kľúč",
        "none": "Deaktivovať",
        "reload_retry": "- (obnovte stránku, ak chyba pretrváva)",
@@ -999,7 +1004,9 @@
        "webauthn": "WebAuthn autentifikácia",
        "waiting_usb_auth": "<i>Čakanie na USB zariadenie...</i><br><br>Prosím stlačte tlačidlo na vašom USB zariadení.",
        "waiting_usb_register": "<i>Čakanie na USB zariadenie...</i><br><br>Prosím zadajte vaše heslo a potvrďte registráciu stlačením tlačidla na vašom USB zariadení.",
-        "yubi_otp": "Yubico OTP autentifikácia"
+        "yubi_otp": "Yubico OTP autentifikácia",
+        "u2f_deprecated_important": "Zaregistrujte si svoj Kľúč v paneli správcu pomocou novej metódy WebAuthn.",
+        "u2f_deprecated": "Zdá sa, že váš kľúč bol zaregistrovaný pomocou zastaranej metódy U2F. Deaktivujeme vám dvojfaktorovú autentifikáciu a odstránime váš Kľúč."
    },
    "user": {
        "action": "Akcia",
@@ -1155,7 +1162,10 @@
        "weekly": "Týždenne",
        "weeks": "týždne",
        "year": "rok",
-        "years": "rokov"
+        "years": "rokov",
+        "apple_connection_profile_with_app_password": "Nové heslo aplikácie sa vygeneruje a pridá do profilu, takže pri nastavovaní zariadenia nie je potrebné zadávať žiadne heslo. Súbor nezdieľajte, pretože poskytuje úplný prístup k vašej mail schránke.",
+        "change_password_hint_app_passwords": "Vaše konto má {{number_of_app_passwords}} hesiel aplikácií, ktoré nebudú zmenené. Ak ich chcete spravovať, prejdite na kartu Heslá aplikácií.",
+        "direct_protocol_access": "Tento používateľ mailovej schránky má <b>priamy, externý prístup</b> k nasledujúcim protokolom a aplikáciám. Toto nastavenie kontroluje administrátor. Na udelenie prístupu k jednotlivým protokolom a aplikáciám je možné vytvoriť heslá aplikácií.<br>Tlačidlo \"Prihlásenie do webmailu\" poskytuje jednotné prihlásenie do systému SOGo a je vždy k dispozícii."
    },
    "warning": {
        "cannot_delete_self": "Nemožno vymazať prihláseného používateľa",