Merge pull request #5952 from mailcow/staging

2024-06b

data/Dockerfiles/phpfpm/Dockerfile

@@ -1,4 +1,4 @@
-FROM php:8.2-fpm-alpine3.20
+FROM php:8.2-fpm-bookworm
 LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
 
 # renovate: datasource=github-tags depName=krakjoe/apcu versioning=semver-coerced extractVersion=^v(?<version>.*)$
@@ -14,54 +14,51 @@ ARG REDIS_PECL_VERSION=6.0.2
 # renovate: datasource=github-tags depName=composer/composer versioning=semver-coerced extractVersion=(?<version>.*)$
 ARG COMPOSER_VERSION=2.6.6
 
-RUN apk add -U --no-cache autoconf \
-  aspell-dev \
-  aspell-libs \
+RUN apt-get update && apt-get install --no-install-recommends -y \
+  aspell \
+  aspell-en \
+  autoconf \
   bash \
-  c-client \
-  cyrus-sasl-dev \
-  freetype \
-  freetype-dev \
+  default-mysql-client \
+  dnsutils \
   g++ \
-  git \
   gettext \
-  gettext-dev \
-  gmp-dev \
+  git \
   gnupg \
-  icu-dev \
-  icu-libs \
   imagemagick \
-  imagemagick-dev \
-  imap-dev \
   jq \
-  libavif \
-  libavif-dev \
-  libjpeg-turbo \
-  libjpeg-turbo-dev \
-  libmemcached \
+  libc-client-dev \
+  libc-client2007e \
+  libfreetype6-dev \
+  libgettextpo-dev \
+  libgmp-dev \
+  libicu-dev \
+  libjpeg62-turbo-dev \
+  libkrb5-3 \
+  libkrb5-dev \
+  libldap2-dev \
+  libmagickcore-dev \
+  libmagickwand-dev \
   libmemcached-dev \
-  libpng \
+  libmemcached11 \
+  libpcre3-dev \
   libpng-dev \
-  libressl \
-  libressl-dev \
-  librsvg \
-  libtool \
+  libpspell-dev \
+  librsvg2-dev \
+  libsasl2-dev \
+  libssl-dev \
   libwebp-dev \
   libxml2-dev \
-  libxpm \
   libxpm-dev \
-  libzip \
+  libxpm4 \
   libzip-dev \
-  linux-headers \
+  libzip4 \
   make \
-  mysql-client \
-  openldap-dev \
-  pcre-dev \
   re2c \
-  redis \
-  samba-client \
-  zlib-dev \
+  redis-tools \
+  smbclient \
   tzdata \
+  zlib1g-dev \
   && pecl install APCu-${APCU_PECL_VERSION} \
   && pecl install imagick-${IMAGICK_PECL_VERSION} \
   && pecl install mailparse-${MAILPARSE_PECL_VERSION} \
@@ -71,40 +68,37 @@ RUN apk add -U --no-cache autoconf \
   && pecl clear-cache \
   && docker-php-ext-configure intl \
   && docker-php-ext-configure exif \
-  && docker-php-ext-configure gd --with-freetype=/usr/include/ \  
-    --with-jpeg=/usr/include/ \
-    --with-webp \
-    --with-xpm \
-    --with-avif \
+  && docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp --with-xpm \
   && docker-php-ext-install -j 4 exif gd gettext intl ldap opcache pcntl pdo pdo_mysql pspell soap sockets sysvsem zip bcmath gmp \
-  && docker-php-ext-configure imap --with-imap --with-imap-ssl \
-  && docker-php-ext-install -j 4 imap \
+  && docker-php-ext-configure imap --with-imap --with-imap-ssl --with-kerberos \
+  && docker-php-ext-install -j 4 imap  \
   && curl --silent --show-error https://getcomposer.org/installer | php -- --version=${COMPOSER_VERSION} \
   && mv composer.phar /usr/local/bin/composer \
   && chmod +x /usr/local/bin/composer \
-  && apk del --purge autoconf \
-    aspell-dev \
-    cyrus-sasl-dev \
-    freetype-dev \
+  && apt-get purge -y --auto-remove \
+    autoconf \
     g++ \
-    gettext-dev \
-    icu-dev \
-    imagemagick-dev \
-    imap-dev \
-    libavif-dev \
-    libjpeg-turbo-dev \
+    libc-client-dev \
+    libfreetype6-dev \
+    libgettextpo-dev \
+    libicu-dev \
+    libjpeg62-turbo-dev \
+    libkrb5-dev \
+    libldap2-dev \
+    libmagickcore-dev \
+    libmagickwand-dev \
     libmemcached-dev \
+    libpcre3-dev \
     libpng-dev \
-    libressl-dev \
+    libpspell-dev \
+    libsasl2-dev \
+    libssl-dev \
     libwebp-dev \
     libxml2-dev \
     libxpm-dev \
     libzip-dev \
-    linux-headers \
     make \
-    openldap-dev \
-    pcre-dev \
-    zlib-dev
+    zlib1g-dev
 
 COPY ./docker-entrypoint.sh /
 

data/Dockerfiles/phpfpm/docker-entrypoint.sh

@@ -24,6 +24,7 @@ done
 CONTAINER_ID=
 until [[ ! -z "${CONTAINER_ID}" ]] && [[ "${CONTAINER_ID}" =~ ^[[:alnum:]]*$ ]]; do
   CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], project: .Config.Labels[\"com.docker.compose.project\"], id: .Id}" 2> /dev/null | jq -rc "select( .name | tostring | contains(\"mysql-mailcow\")) | select( .project | tostring | contains(\"${COMPOSE_PROJECT_NAME,,}\")) | .id" 2> /dev/null)
+  echo "Could not get mysql-mailcow container id... trying again"
   sleep 2
 done
 echo "MySQL @ ${CONTAINER_ID}"
@@ -197,10 +198,10 @@ fi
 [[ ! -f /web/css/build/0081-custom-mailcow.css ]] && echo '/* Autogenerated by mailcow */' > /web/css/build/0081-custom-mailcow.css
 
 # Fix permissions for global filters
-chown -R 82:82 /global_sieve/*
+chown -R 33:33 /global_sieve/*
 
 # Fix permissions on twig cache folder
-chown -R 82:82 /web/templates/cache
+chown -R 33:33 /web/templates/cache
 # Clear cache
 find /web/templates/cache/* -not -name '.gitkeep' -delete
 

data/conf/postfix/postscreen_access.cidr

@@ -1,6 +1,6 @@
-# Whitelist generated by Postwhite v3.4 on Sat Jun  1 00:15:02 UTC 2024
+# Whitelist generated by Postwhite v3.4 on Mon Jul  1 00:16:55 UTC 2024
 # https://github.com/stevejenkins/postwhite/
-# 2000 total rules
+# 1993 total rules
 2a00:1450:4000::/36	permit
 2a01:111:f400::/48	permit
 2a01:111:f403:8000::/50	permit
@@ -23,11 +23,7 @@
 8.40.222.0/23	permit
 10.162.0.0/16	permit
 12.130.86.238	permit
-13.70.32.43	permit
 13.72.50.45	permit
-13.74.143.28	permit
-13.78.233.182	permit
-13.92.31.129	permit
 13.110.208.0/21	permit
 13.110.209.0/24	permit
 13.110.216.0/22	permit
@@ -110,6 +106,7 @@
 35.176.132.251	permit
 35.190.247.0/24	permit
 35.191.0.0/16	permit
+35.205.92.9	permit
 35.242.169.159	permit
 37.218.248.47	permit
 37.218.249.47	permit
@@ -185,8 +182,6 @@
 50.18.126.162	permit
 50.31.32.0/19	permit
 50.56.130.220/30	permit
-51.137.58.21	permit
-51.140.75.55	permit
 52.1.14.157	permit
 52.5.230.59	permit
 52.27.5.72	permit
@@ -216,7 +211,6 @@
 52.100.0.0/14	permit
 52.103.0.0/17	permit
 52.119.213.144/28	permit
-52.165.175.144	permit
 52.185.106.240/28	permit
 52.200.59.0/24	permit
 52.205.61.79	permit
@@ -1142,7 +1136,6 @@
 104.47.108.0/23	permit
 104.130.96.0/28	permit
 104.130.122.0/23	permit
-104.214.25.77	permit
 106.10.144.64/27	permit
 106.10.144.100/31	permit
 106.10.144.103	permit
@@ -1373,6 +1366,7 @@
 136.147.176.0/20	permit
 136.147.176.0/24	permit
 136.147.182.0/24	permit
+136.147.224.0/20	permit
 136.179.50.206	permit
 138.91.172.26	permit
 139.60.152.0/22	permit
@@ -1435,7 +1429,6 @@
 157.55.61.0/24	permit
 157.55.157.128/25	permit
 157.55.225.0/25	permit
-157.55.254.216	permit
 157.56.24.0/25	permit
 157.56.120.128/26	permit
 157.56.232.0/21	permit
@@ -1753,6 +1746,7 @@
 205.251.233.36	permit
 206.25.247.143	permit
 206.25.247.155	permit
+206.55.144.0/20	permit
 206.165.246.80/29	permit
 206.191.224.0/19	permit
 206.246.157.1	permit
@@ -1770,7 +1764,6 @@
 207.46.132.128/27	permit
 207.46.198.0/25	permit
 207.46.200.0/27	permit
-207.46.225.107	permit
 207.58.147.64/28	permit
 207.67.38.0/24	permit
 207.67.98.192/27	permit

data/web/js/site/debug.js

@@ -1294,13 +1294,7 @@ function update_stats(timeout=5){
       $("#host_cpu_usage").text(parseInt(data.cpu.usage).toString() + "%");
       $("#host_memory_total").text((data.memory.total / (1024 ** 3)).toFixed(2).toString() + "GB");
       $("#host_memory_usage").text(parseInt(data.memory.usage).toString() + "%");
-      if (data.architecture == "aarch64"){
-        $("#host_architecture").html('<span data-bs-toggle="tooltip" data-bs-placement="top" title="' + lang_debug.wip +'">' + data.architecture + ' ⚠️</span>');
-      }
-      else {
-        $("#host_architecture").html(data.architecture);
-      }
-
+      $("#host_architecture").html(data.architecture);
       // update cpu and mem chart
       var cpu_chart = Chart.getChart("host_cpu_chart");
       var mem_chart = Chart.getChart("host_mem_chart");

docker-compose.yml

@@ -110,7 +110,7 @@ services:
             - rspamd
 
     php-fpm-mailcow:
-      image: mailcow/phpfpm:1.88
+      image: mailcow/phpfpm:1.89
       command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
       depends_on:
         - redis-mailcow

helper-scripts/backup_and_restore.sh

@@ -55,10 +55,10 @@ ENV_FILE=${SCRIPT_DIR}/../.env
 THREADS=$(echo ${THREADS:-1})
 ARCH=$(uname -m)
 
-if ! [[ "${THREADS}" =~ ^[1-9]+$ ]] ; then
+if ! [[ "${THREADS}" =~ ^[1-9][0-9]?$ ]] ; then
   echo "Thread input is not a number!"
   exit 1
-elif [[ "${THREADS}" =~ ^[1-9]+$ ]] ; then
+elif [[ "${THREADS}" =~ ^[1-9][0-9]?$ ]] ; then
   echo "Using ${THREADS} Thread(s) for this run."
   echo "Notice: You can set the Thread count with the THREADS Variable before you run this script."
 fi