YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity
10290 commits 33 branches 409 tags 24 MiB
Commit graph

99 commits

Author SHA1 Message Date
Alexandre Aubin
42d2f789cf Merge remote-tracking branch 'origin/dev' into bookworm 2024-05-19 20:47:27 +02:00
Yann Autissier
c2e39a533f fix ldap write access for admin users 
Admin users are unable to modify ldap entries, getting following error:
0x32 (LDAP_INSUFFICIENT_ACCESS)
 2024-05-13 22:28:38 +00:00
Alexandre Aubin
582350c145 mail: attempt to move to opendkim instead of rspamd for dkim signing/verify 2024-05-07 16:31:50 +02:00
Alexandre Aubin
f248086fb6 nginx: nevermind applogos caching, nowadays nginx/browsers automatically cache static assets with etags etc ? 2024-02-03 20:28:41 +01:00
Alexandre Aubin
41da1daf02 nginx: remove old 'yunohost_panel.conf' stuff 2024-02-03 18:39:25 +01:00
Alexandre Aubin
98701ebdab regenconf: the 'plain' subfolder thing for nginx conf is annoying, flatten things up 2024-02-03 18:36:55 +01:00
Alexandre Aubin
ca835534de portal: serve app logos from an sso-specific route (to keep separation of concern etc) 2024-02-03 18:24:31 +01:00
Alexandre Aubin
69cc6345a5 webadmin: add cache config for app logos 2024-02-03 18:21:02 +01:00
Alexandre Aubin
0a01423408 Merge remote-tracking branch 'origin/dev' into bookworm 2023-12-28 02:57:12 +01:00
Alexandre Aubin
3070e504ad Make rspamd an optional dependency, because rspamd is only necessary when you really care about incoming mail, is resource-heavy, and for some reason some setups cant install libhyperscan which is required by rspamd 2023-12-26 17:52:08 +01:00
Alexandre Aubin
155418409e postfix: fix edge case bug with the sni file when no domain has mail enabled 2023-12-26 17:42:11 +01:00
Josue-T
a729c78379
apps: add mailbox/IMAP support for apps that declared a system user with mail enabled (#1745) 
* Add missing account registration for apps in postfix

* Also set email on dovecot DB

* fix undefined var

* Fix missing username format config in dovecot
 2023-12-23 19:34:22 +01:00
Alexandre Aubin
d7855fc9a7 portalapi: propagate changes to fail2ban config 2023-11-28 18:40:49 +01:00
Alexandre Aubin
c216a3f246 Merge remote-tracking branch 'origin/dev' into bookworm 2023-11-24 22:35:25 +01:00
chri2
8cb6a5649b
let dovecot create folders on first login 
tells dovecot to create standard folders on first login if they do not exist and which folder names are used for special purposes like archive, spam/junk, sent, etc.
 2023-10-31 14:07:36 +01:00
axolotle
bfba939927 Merge remote-tracking branch 'origin/dev' into bookworm 2023-10-31 02:57:26 +01:00
Alexandre Aubin
62779ee266
Merge pull request #1730 from chri2/fix_rspamd_redis 
add redis database configuration
 2023-10-21 13:00:08 +02:00
Chris Vogel
e6e58ec269 improve dovecots rspamd integration 
For rspamd being able to learn ham or spam from messages being moved into spam/junk folders or out of them dovecot needs to know how spam/junk folders and trash folders are named.

The former rules narrowed the folders being recognized as spam/trash down to just 'Junk, SPAM, Trash' (case-senistive).

Since users and admins can change the foldernames and write their own seive filters to use those folders I think it is a big improvement if more folders will be recognized.

The change is supposed to accept some more commonly used folder names for spam and trash in a case-insensitive manner.
 2023-10-18 23:04:24 +02:00
Chris Vogel
a2faa8add9 add redis database configuration 
https://github.com/YunoHost/issues/issues/2266

without this rspamd does not use the redis database
 2023-10-17 14:49:32 +02:00
Alexandre Aubin
db30b3acb8
Merge branch 'bookworm' into portal-api 2023-09-27 18:57:02 +02:00
Kayou
2bd3dd2bba
set maxretry to 10 2023-09-08 22:31:08 +02:00
Kay0u
d0b65d5661
revert important variables in fail2ban jail.conf 2023-09-08 15:17:25 +02:00
Kay0u
8eb2e72282
Update Fail2ban jail.conf file from https://sources.debian.org/src/fail2ban/1.0.2-2/config/jail.conf/ 2023-09-08 15:13:20 +02:00
selfhoster1312
26d4d9420c Allow inline scripts for yunohost-portal (nginx CSP) 2023-08-15 14:12:08 +02:00
Alexandre Aubin
afd7b37ebc Tweak nginx portal conf to serve html/css/js/assets from /usr/share/yunohost/portal, similar to webadmin 2023-07-30 23:53:43 +02:00
Alexandre Aubin
09c5a4cfb9 admin and portalapi: propagate new configurable CORS mechanism from moulinette 2023-07-29 19:15:30 +02:00
Alexandre Aubin
ae37b5fc24 portalapi: Add new yunohost-portal-api to yunohost services 2023-07-17 19:47:24 +02:00
Alexandre Aubin
f69f87fa65 Merge remote-tracking branch 'origin/dev' into portal-api 2023-07-17 18:56:05 +02:00
Alexandre Aubin
f4dfb56006 portal refactoring: the 'yunohost tile' thingy won't work anymore, gotta discuss what we want to do exactly 2023-07-15 16:01:03 +02:00
Alexandre Aubin
0cb673c125 portalapi: woopsies 2023-07-14 19:35:05 +02:00
Alexandre Aubin
5104c2a79f portalapi: add CORS headers ... though gotta revisit this later, I don't know what I'm doing 2023-07-14 19:11:32 +02:00
Alexandre Aubin
5e1d69a2cb portalapi: harden systemd service configuration 2023-07-14 18:55:33 +02:00
Alexandre Aubin
a1cf770e1b Merge branch 'dev' into portal-api 2023-07-11 17:11:02 +02:00
Alexandre Aubin
7ba6c37eb8 Merge branch '11.2' into bookworm 2023-07-11 15:56:52 +02:00
Alexandre Aubin
432a9ab544 regenconf/ssh: disable Banner by default 2023-07-10 19:19:28 +02:00
Alexandre Aubin
961dc5a6ee
Merge pull request #815 from YunoHost/allow-system-user-to-auth-on-mail-stack 
Allow system users to auth on the mail stack and send emails
 2023-07-10 19:14:30 +02:00
Alexandre Aubin
6b24412910
Merge pull request #1534 from YunoHost/fix-ocsp-stapling 
Fix OCSP stapling ... but using tech giant resolvers :|
 2023-07-10 19:12:19 +02:00
Alexandre Aubin
c0c0fcaf54
ocsp stapling: Use 1.1.1.1 and 9.9.9.9 instead of 8.8.8.8 2023-07-10 19:10:54 +02:00
Alexandre Aubin
bdc296f858 Merge remote-tracking branch 'origin/dev' into bookworm 2023-07-04 18:10:25 +02:00
Alexandre Aubin
3957b10e92 nginx: replace $http_host by $host, cf https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md / Credit to A.Wolski 2023-07-04 15:00:02 +02:00
Alexandre Aubin
194eb9c6c7 conf: Update ciphers for nginx, postfix, dovecot 2023-06-13 20:39:56 +02:00
Alexandre Aubin
d42c99835a nginx: use /var/www/.well-known folder for ynh diagnosis and acme challenge, because /tmp/ could be manipulated by user to serve maliciously crafted files 2023-06-09 22:30:32 +02:00
Yann Autissier
e8dd243218 update Content-Security-Policy header for chromium 
Chromium fails to load a jitsi video conference, refusing to create a
worker because it violates the Content Security Policy directive:
"script-src https: data: 'unsafe-inline' 'unsafe-eval'".
 2023-05-19 20:39:29 +00:00
Alexandre Aubin
c48d9ec483 appsv2/mail: add new 'allow_email' flag on app system users that will autogenerate a passwd-like file to be used by dovecot + map for postfix 2023-02-28 17:56:49 +01:00
Alexandre Aubin
f0751aff17 Allow system users to auth on the mail stack and send emails 2023-02-28 13:52:22 +01:00
Alexandre Aubin
e458d8813e nginx/security: fix empty webadmin allowlist breaking nginx conf... 2023-02-26 15:11:18 +01:00
John Hackett
013aff3d0c
Add push notification plugins 
This is reasonably important for the performance of clients such as Delta Chat. The plugins are bundled with dovecot by default (see https://wiki2.dovecot.org/Plugins ) so this should not be disruptive.
 2023-02-10 00:14:57 +00:00
Alexandre Aubin
0da6370d62 postfix complains about unused parameter: exclude_internal=yes / search_timeout=30 2023-02-10 00:15:02 +01:00
Kayou
c444dee4fe
add xmpp-upload. and muc. server_name only if xmpp_enabled is enabled 2023-01-23 15:18:44 +01:00
Alexandre Aubin
95173e5bde
Merge branch 'dev' into enh-apps-v2 2023-01-05 19:39:13 +01:00