fix: start webmail

.drone.yml

@@ -1,16 +0,0 @@
-
-kind: pipeline
-name: generate recipe catalogue
-steps:
-  - name: release a new version
-    image: plugins/downstream
-    settings:
-      server: https://build.coopcloud.tech
-      token:
-        from_secret: drone_abra-bot_token
-      fork: true
-      repositories:
-        - coop-cloud/auto-recipes-catalogue-json
-
-trigger:
-  event: tag

.env.sample

@@ -3,8 +3,6 @@ TYPE=mailu
 # Main mail domain, NOT main web domain (if they are different)
 DOMAIN=example.com
 LETS_ENCRYPT_ENV=production
-# Run `docker stack ls | grep traefik | cut -f 1 -d " "` on the target machine to get that one
-TRAEFIK_STACK_NAME=traefik_example_com
 
 # Custom settings used by certdumper_post.sh and Traefik
 WEB_DOMAIN=example.com
@@ -33,11 +31,11 @@ POSTMASTER=admin
 # Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
 TLS_FLAVOR=mail
 
-# Authentication rate limit per IP (per /24 on ipv4 and /56 on ipv6)
-AUTH_RATELIMIT_IP=60/hour
+# Authentication rate limit (per source IP address)
+AUTH_RATELIMIT=10/minute
 
 # Opt-out of statistics, replace with "True" to opt out
-DISABLE_STATISTICS=True
+DISABLE_STATISTICS=False
 
 ###################################
 # Optional features
@@ -47,7 +45,7 @@ DISABLE_STATISTICS=True
 ADMIN=true
 
 # Choose which webmail to run if any (values: roundcube, rainloop, none)
-WEBMAIL=snappymail
+WEBMAIL=rainloop
 
 # Dav server implementation (value: radicale, none)
 WEBDAV=none
@@ -55,9 +53,6 @@ WEBDAV=none
 # Antivirus solution (value: clamav, none)
 ANTIVIRUS=none
 
-# Scan Macros solution (value: true, false)
-SCAN_MACROS=true
-
 ###################################
 # Mail settings
 ###################################
@@ -67,9 +62,6 @@ SCAN_MACROS=true
 # Max attachment size will be 33% smaller
 MESSAGE_SIZE_LIMIT=50000000
 
-# Message rate limit (per user)
-MESSAGE_RATELIMIT=200/day
-
 # Networks granted relay permissions
 # Use this with care, all hosts in this networks will be able to send mail without authentication!
 RELAYNETS=
@@ -77,9 +69,6 @@ RELAYNETS=
 # Will relay all outgoing mails if configured
 RELAYHOST=
 
-# Enable fetchmail
-FETCHMAIL_ENABLED=False
-
 # Fetchmail delay
 FETCHMAIL_DELAY=600
 
@@ -97,7 +86,7 @@ WELCOME_SUBJECT="Welcome to your new email account"
 WELCOME_BODY="Welcome to your new email account, if you can read this, then it is configured properly!"
 
 # Maildir Compression
-# choose compression-method, default: none (value: gz, bz2, lz4, zstd)
+# choose compression-method, default: none (value: bz2, gz)
 COMPRESSION=
 # change compression-level, default: 6 (value: 1-9)
 COMPRESSION_LEVEL=
@@ -137,8 +126,9 @@ WEBSITE=https://$DOMAIN
 # Docker-compose project name, this will prepended to containers names.
 COMPOSE_PROJECT_NAME=mailu
 
-# Number of rounds used by the password hashing scheme
-CREDENTIAL_ROUNDS=12
+# Default password scheme used for newly created accounts and changed passwords
+# (value: PBKDF2, BLF-CRYPT, SHA512-CRYPT, SHA256-CRYPT)
+PASSWORD_SCHEME=PBKDF2
 
 # Header to take the real ip from
 REAL_IP_HEADER=
@@ -152,12 +142,6 @@ REJECT_UNLISTED_RECIPIENT=
 # Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
 LOG_LEVEL=WARNING
 
-# Timezone for the Mailu containers. See this link for all possible values https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
-TZ=Etc/UTC
-
-# Authentication token for API requests
-#API_TOKEN=
-
 ###################################
 # Database settings
 ###################################

README.md

@@ -22,9 +22,9 @@ host.
 1. Set up Docker Swarm and [`abra`][abra]
 2. Deploy [`coop-cloud/traefik`][compose-traefik]
 3. `abra app new mailu`
-4. `abra app config YOURAPPDOMAIN` - be sure to change `$WEB_DOMAIN` to something that resolves to
+4. `abra app YOURAPPDOMAIN config` - be sure to change `$WEB_DOMAIN` to something that resolves to
    your Docker swarm box
-5. `abra app deploy YOURAPPDOMAIN`
+5. `abra app YOURAPPDOMAIN deploy`
 9. Create initial user:
 ```
 abra app YOURAPPDOMAIN run admin flask mailu admin admin YOURDOMAIN YOURPASSWORD

compose.yml

@@ -2,12 +2,10 @@ version: "3.8"
 
 x-environment:
   &default-env
-  - FRONT_ADDRESS=${STACK_NAME}_app
+  - HOST_FRONT=${STACK_NAME}_app
   - ADMIN
   - ANTIVIRUS
-  - API_TOKEN
-  - AUTH_RATELIMIT_IP
-  - MESSAGE_RATELIMIT
+  - AUTH_RATELIMIT
   - COMPOSE_PROJECT_NAME
   - COMPRESSION
   - COMPRESSION_LEVEL
@@ -24,7 +22,7 @@ x-environment:
   - LOG_DRIVER
   - LOG_LEVEL
   - MESSAGE_SIZE_LIMIT
-  - CREDENTIAL_ROUNDS
+  - PASSWORD_SCHEME
   - POSTMASTER
   - REAL_IP_FROM
   - REAL_IP_HEADER
@@ -48,11 +46,10 @@ x-environment:
   - WELCOME
   - WELCOME_BODY
   - WELCOME_SUBJECT
-  - TZ
 
 services:
   app:
-    image: ghcr.io/mailu/nginx:2.0.23
+    image: mailu/nginx:1.8
     logging:
       driver: json-file
     networks:
@@ -91,48 +88,39 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${WEB_DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
-        - "coop-cloud.${STACK_NAME}.version=1.0.2+2.0.23"
-  
+
   db:
-    image: redis:7.2.0-alpine
+    image: redis:alpine
     volumes:
       - "redis:/data"
 
   admin:
-    image: ghcr.io/mailu/admin:2.0.23
+    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:1.8
     environment: *default-env
     healthcheck:
       disable: true
     volumes:
       - "dkim:/dkim"
       - "mailu:/data"
-    networks:
-      - default
 
   imap:
-    image: ghcr.io/mailu/dovecot:2.0.23
+    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:1.8
     environment: *default-env
     volumes:
       - "mail:/mail"
     healthcheck:
       disable: true
-    depends_on:
-      - app
-    networks:
-      - default
 
   smtp:
-    image: ghcr.io/mailu/postfix:2.0.23
+    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:1.8
     environment: *default-env
     volumes:
       - "mailqueue:/queue"
     healthcheck:
       disable: true
-    depends_on:
-      - app
 
   antispam:
-    image: ghcr.io/mailu/rspamd:2.0.23
+    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:1.8
     environment: *default-env
     volumes:
       - "rspamd:/var/lib/rspamd"
@@ -141,10 +129,8 @@ services:
       disable: true
 
   webmail:
-    image: ghcr.io/mailu/webmail:2.0.23
+    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rainloop:1.8
     environment: *default-env
-    networks:
-      - default
     volumes:
       - "webmail:/data"
     deploy:
@@ -152,8 +138,23 @@ services:
     healthcheck:
       disable: true
 
+  #certdumper:
+  #  restart: always
+  #  image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}traefik-certdumper:master
+  #  environment:
+  #    - DOMAIN=$DOMAIN
+  #    # Set TRAEFIK_VERSION to v2 in your .env if you're using Traefik v2
+  #    - TRAEFIK_VERSION=${TRAEFIK_VERSION:-v2}
+  #  volumes:
+  #    - "/docker/traefik/letsencrypt/acme.json:/traefik/acme.json"
+  #    - "/docker/traefik/letsencrypt/certs:/tmp/work"
+  #    - "/docker/mailu/certs:/output"
+  #  labels:
+  #    # Set watchtower label
+  #    - "com.centurylinklabs.watchtower.enable=true"
+
   certdumper:
-    image: ldez/traefik-certs-dumper:v2.8.1
+    image: ldez/traefik-certs-dumper:v2.7.4
     entrypoint: sh -c '
       apk add jq
       ; while ! [ -e /traefik/production-acme.json ]
@@ -167,16 +168,21 @@ services:
       - DOMAIN=$WEB_DOMAIN
     volumes:
       # Folder, which contains the acme.json
-      - type: volume
-        read_only: true
-        source: traefik_letsencrypt
-        target: "/traefik"
+      - "traefik_letsencrypt:/traefik"
       # Folder, where cert.pem and key.pem will be written
       - "certs:/output"
     configs:
       - source: certdumper_post
         target: /usr/bin/certdumper_post.sh
         mode: 0555
+  
+  #certdumper:
+  #  image: humenius/traefik-certs-dumper:latest
+  #  volumes:
+  #   - traefik_letsencrypt:/traefik:ro
+  #   - certs:/output:rw
+  #  environment:
+  #   - DOMAIN=$WEB_DOMAIN
 
 volumes:
   mailu:
@@ -188,7 +194,6 @@ volumes:
   certs:
   mailqueue:
   traefik_letsencrypt:
-    name: "${TRAEFIK_STACK_NAME}_letsencrypt"
     external: true
 
 networks:

release/0.2.0+1.9

@@ -1,11 +0,0 @@
-When upgrading to 1.9, you'll need to update your app(s') configuration(s) for
-new settings names:
-
-- Rename `AUTH_RATELIMIT` to `AUTH_RATELIMIT_IP`
-- Add MESSAGE_RATELIMIT (default `200/day`)
-- Add `TZ` to specify server timezone, e.g. `TZ=Etc/UTC`
-- Remove `PASSWORD_SCHEME`
-- Add `CREDENTIAL_ROUNDS` (default `12`)
-
-If you haven't made these changes already, it's best to bail on this upgrade
-FIRST (i.e. Ctrl+C) and run `abra app config` first.

release/1.0.1+2.0.16

@@ -1 +0,0 @@
-this version introduces a new variable TRAEFIK_STACK_NAME