YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity
9959 commits 33 branches 409 tags 24 MiB
Commit graph

67 commits

Author SHA1 Message Date
Yann Autissier
c2e39a533f fix ldap write access for admin users 
Admin users are unable to modify ldap entries, getting following error:
0x32 (LDAP_INSUFFICIENT_ACCESS)
 2024-05-13 22:28:38 +00:00
Alexandre Aubin
155418409e postfix: fix edge case bug with the sni file when no domain has mail enabled 2023-12-26 17:42:11 +01:00
Josue-T
a729c78379
apps: add mailbox/IMAP support for apps that declared a system user with mail enabled (#1745) 
* Add missing account registration for apps in postfix

* Also set email on dovecot DB

* fix undefined var

* Fix missing username format config in dovecot
 2023-12-23 19:34:22 +01:00
chri2
8cb6a5649b
let dovecot create folders on first login 
tells dovecot to create standard folders on first login if they do not exist and which folder names are used for special purposes like archive, spam/junk, sent, etc.
 2023-10-31 14:07:36 +01:00
Alexandre Aubin
62779ee266
Merge pull request #1730 from chri2/fix_rspamd_redis 
add redis database configuration
 2023-10-21 13:00:08 +02:00
Chris Vogel
e6e58ec269 improve dovecots rspamd integration 
For rspamd being able to learn ham or spam from messages being moved into spam/junk folders or out of them dovecot needs to know how spam/junk folders and trash folders are named.

The former rules narrowed the folders being recognized as spam/trash down to just 'Junk, SPAM, Trash' (case-senistive).

Since users and admins can change the foldernames and write their own seive filters to use those folders I think it is a big improvement if more folders will be recognized.

The change is supposed to accept some more commonly used folder names for spam and trash in a case-insensitive manner.
 2023-10-18 23:04:24 +02:00
Chris Vogel
a2faa8add9 add redis database configuration 
https://github.com/YunoHost/issues/issues/2266

without this rspamd does not use the redis database
 2023-10-17 14:49:32 +02:00
Alexandre Aubin
432a9ab544 regenconf/ssh: disable Banner by default 2023-07-10 19:19:28 +02:00
Alexandre Aubin
961dc5a6ee
Merge pull request #815 from YunoHost/allow-system-user-to-auth-on-mail-stack 
Allow system users to auth on the mail stack and send emails
 2023-07-10 19:14:30 +02:00
Alexandre Aubin
6b24412910
Merge pull request #1534 from YunoHost/fix-ocsp-stapling 
Fix OCSP stapling ... but using tech giant resolvers :|
 2023-07-10 19:12:19 +02:00
Alexandre Aubin
c0c0fcaf54
ocsp stapling: Use 1.1.1.1 and 9.9.9.9 instead of 8.8.8.8 2023-07-10 19:10:54 +02:00
Alexandre Aubin
3957b10e92 nginx: replace $http_host by $host, cf https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md / Credit to A.Wolski 2023-07-04 15:00:02 +02:00
Alexandre Aubin
d42c99835a nginx: use /var/www/.well-known folder for ynh diagnosis and acme challenge, because /tmp/ could be manipulated by user to serve maliciously crafted files 2023-06-09 22:30:32 +02:00
Yann Autissier
e8dd243218 update Content-Security-Policy header for chromium 
Chromium fails to load a jitsi video conference, refusing to create a
worker because it violates the Content Security Policy directive:
"script-src https: data: 'unsafe-inline' 'unsafe-eval'".
 2023-05-19 20:39:29 +00:00
Alexandre Aubin
c48d9ec483 appsv2/mail: add new 'allow_email' flag on app system users that will autogenerate a passwd-like file to be used by dovecot + map for postfix 2023-02-28 17:56:49 +01:00
Alexandre Aubin
f0751aff17 Allow system users to auth on the mail stack and send emails 2023-02-28 13:52:22 +01:00
Alexandre Aubin
e458d8813e nginx/security: fix empty webadmin allowlist breaking nginx conf... 2023-02-26 15:11:18 +01:00
John Hackett
013aff3d0c
Add push notification plugins 
This is reasonably important for the performance of clients such as Delta Chat. The plugins are bundled with dovecot by default (see https://wiki2.dovecot.org/Plugins ) so this should not be disruptive.
 2023-02-10 00:14:57 +00:00
Alexandre Aubin
0da6370d62 postfix complains about unused parameter: exclude_internal=yes / search_timeout=30 2023-02-10 00:15:02 +01:00
Kayou
c444dee4fe
add xmpp-upload. and muc. server_name only if xmpp_enabled is enabled 2023-01-23 15:18:44 +01:00
Alexandre Aubin
95173e5bde
Merge branch 'dev' into enh-apps-v2 2023-01-05 19:39:13 +01:00
Alexandre Aubin
bb6f8ef41c
Merge pull request #1450 from zeroheure/patch-1 
Fix flag case sensitivity in dovecot and rspamd sieve filter
 2023-01-03 15:07:43 +01:00
Alexandre Aubin
e9b5ec90a4 Yoloimplementation of app logo support (require change in app catalog build) 2023-01-03 00:46:14 +01:00
Alexandre Aubin
59405ef4c6
Merge pull request #1552 from Ddataa/patch-1 
Add postfix SASL login failure to a fail2ban jail
 2022-12-20 23:20:58 +01:00
Alexandre Aubin
47b9b8b520 configpanels: fix inconsistent return format for boolean, sometimes 1/0, sometimes True/False -> force normalization of values when calling get() for a single setting from a config panel 2022-12-20 19:51:21 +01:00
DDATAA
b3940f199e
Create postfix-sasl.conf 2022-12-20 10:20:21 +00:00
DDATAA
34628d450f
Add SASL login failure jail 
in order to prevent those 
```
Aug 31 22:23:52 hostxyz postfix/smtpd[38697]: warning: unknown[192.168.xx.xx]: SASL LOGIN authentication failed: authentication failure
Aug 31 22:23:52 hostxyz postfix/smtpd[38697]: lost connection after AUTH from unknown[192.168.xx.xx]
```
 2022-12-20 10:15:00 +00:00
Alexandre Aubin
80a060dd94 postfix: fix typo breaking relays 2022-12-18 15:24:13 +01:00
Alexandre Aubin
4d211335ed
Merge branch 'dev' into dev_on_muc 2022-12-04 18:36:25 +01:00
Alexandre Aubin
9ac7c32393
Merge pull request #1541 from YunoHost/disable-unecessary-domain-features 
domains: propagate mail/xmpp enable/disable toggle to actual system configs
 2022-12-03 12:38:21 +01:00
Alexandre Aubin
0f9d938853
groups: add mail-aliases management (#1539) 2022-12-01 21:34:36 +01:00
Alexandre Aubin
30a18a4ec0 domains: propagate mail/xmpp enable/disable toggle to actual system configurations 2022-11-27 15:51:20 +01:00
Alexandre Aubin
a5a2a15351 Merge branch 'dev_on_muc' of github.com:larchange/yunohost into larchange-dev_on_muc 2022-11-27 03:02:42 +01:00
Alexandre Aubin
867632d355 domains: propagate mail/xmpp enable/disable toggle to actual system configurations 2022-11-27 02:54:35 +01:00
Alexandre Aubin
dc5fbd5555 Fix OCSP stapling ... but using Google resolver :| 2022-11-26 23:47:50 +01:00
Alexandre Aubin
68c6e58e9c
Fix tip to regen slapd conf 2022-11-20 18:12:28 +01:00
Alexandre Aubin
afdc2ad5b4 nginx: fix broken postinstall, yunohost_http_errors.conf.inc was not actually copied to /etc/nginx/conf.d. Moving to plain/ subfolder where all files in this folder are copied during nginx regenconf 2022-11-19 20:20:26 +01:00
tituspijean
5063e12835
Add 502 custom error page (#1530) 2022-11-14 23:24:08 +01:00
Alexandre Aubin
4f5cc166e2 ldap: re-allow member of the admins group to edit ldap db 2022-11-06 15:38:42 +01:00
Alexandre Aubin
d1d203726b Merge remote-tracking branch 'origin/enh-actions' into 11.1 2022-10-04 22:33:28 +02:00
Alexandre Aubin
47543b19b7 configpanels: Iterating on action POC to create a certificat section in domain config panels 2022-09-30 15:03:03 +02:00
Alexandre Aubin
1037508fb5
Merge branch '11.1' into admins 2022-09-04 20:28:59 +02:00
Alexandre Aubin
a2d0a1445d Merge branch 'dev' into admins 2022-09-04 20:25:42 +02:00
Alexandre Aubin
38234c9501
Merge branch 'dev' into enh-global-settings-configpanel 2022-09-03 22:33:46 +02:00
Alexandre Aubin
1246fcf8f6 nginx: I'm tired of people reporting the 'Report-Only' error message they see in the console. This is useless. Just get rid of it. 2022-08-14 18:56:20 +02:00
Alexandre Aubin
87abbe678d Merge remote-tracking branch 'origin/dev' into admins 2022-08-09 18:29:59 +02:00
Alexandre Aubin
cae7e5b5af Merge branch 'dev' into enh-global-settings-configpanel 2022-08-04 18:27:12 +02:00
Keoma Brun
b32bc3a034
Content Security Policies Report and Websockets 
Add the `wss:` field so that Nginx does not create warning when using Websocket over TLS.

This modification only affects the `Report-Only` part of the CSP, that takes care of creating warnings in the logs.

Warning ex (fr only sorry):
```
Content Security Policy: Les paramètres de la page ont empêché le chargement d’une ressource à wss://your.website.tld (« default-src »). Un rapport CSP est en cours d’envoi.
```
 2022-05-15 18:33:44 +02:00
Tagadda
f0bf8dd1fd settings: use email.smtp.smtp_relay_enabled 2022-04-26 17:26:48 +00:00
Tagadda
eb747cc15e Search and replace old settings, first pass 2022-04-26 17:26:48 +00:00