public/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-12-17 20:01:31 +00:00
Code Issues Releases Wiki Activity
7,407 Commits 39 Branches 82 Tags
renovate/php-memcached-dev-php-memcached-3.x
Commit Graph

41 Commits

Author SHA1 Message Date
Patrik Kernstock
7b29c1f304 Disable nginx server_tokens in http context (#6873) 2025-11-13 15:19:11 +01:00
Patrik Kernstock
ae3ef391ee Remove deprecated 'X-XSS-Protection' header (#6871) 2025-11-13 15:16:44 +01:00
patr_
84e230de8f [Nginx] fix: Disable IPv6 support in Nginx configuration (#6736) 
Co-authored-by: patr_ <patbernh@gmail.com>
 2025-09-12 11:17:18 +02:00
DerLinkman
c39712af67 pf/php: add mta-sts support (outbound) (#6686) 
* added mta-sts-resolver into postfix config + daemon

* [Web] Add MTA-STS support

* [Web] Fix mta-sts server_name

* updated .gitignore

* [ACME] fetch cert for mta-sts subdomain

* [Web] change MTA-STS id to human-readable timestamp

* [Web] Remove MTA-STS version STSv2

* [Web] Fix MTA-STS DNS check

* [Web] add max_age limit for MTA-STS policy

* Added tooltips and info texts to mta-sts webui page

* postfix: replace mta-sts-resolver with postfix-tlspol

---------

Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
 2025-08-26 09:57:05 +02:00
FreddleSpl0it
65fb4c2aa8 [Nginx] Move conf.d include before SNI vhosts 2025-03-26 13:04:43 +01:00
FreddleSpl0it
fcebe98557 Merge branch 'staging' into nightly 2025-02-24 15:09:36 +01:00
FreddleSpl0it
a567d5dc31 [Nginx] Add support for trusted proxies via env var 2025-02-18 11:03:34 +01:00
FreddleSpl0it
f64c6aa1d4 Merge pull request #6269 from mailcow/staging 
Automatic PR to nightly from 2025-01-27T10:00:26Z
 2025-02-07 15:10:10 +01:00
FreddleSpl0it
e645f931dc [Nginx] Add env var for HTTP to HTTPS redirection 2025-02-03 12:05:08 +01:00
FreddleSpl0it
bbdec0960a Merge pull request #6290 from mailcow/fix/nginx-vhosts 
[Nginx] Use vhosts for additional server names
 2025-02-03 11:35:09 +01:00
FreddleSpl0it
3a81b84cf7 [Nginx] Fix #6275 2025-01-30 14:49:18 +01:00
FreddleSpl0it
0ad327bbe5 [Nginx] Use separate vhosts for additional server names 2025-01-29 09:51:45 +01:00
FreddleSpl0it
36d4fcbf39 Merge pull request #6255 from mailcow/staging 
Automatic PR to nightly from 2025-01-23T11:01:42Z
 2025-01-23 15:21:39 +01:00
FreddleSpl0it
04058ab06e [Nginx] move conf.d include to end of nginx.conf 2025-01-23 14:54:28 +01:00
FreddleSpl0it
d430b595c1 Merge branch 'staging' into nightly 2025-01-23 08:11:45 +01:00
FreddleSpl0it
1fca328266 [Nginx] Disable IPv6 listener for Rspamd dynmaps when DISABLE_IPv6=y 2025-01-22 15:11:46 +01:00
FreddleSpl0it
7bcd61ecb5 [Nginx] Generate includes for custom configs 2025-01-22 14:30:47 +01:00
FreddleSpl0it
70ca5fde95 [Nginx] Use jinja2 for templating nginx configuration 2024-11-19 08:39:52 +01:00
Josef Fröhle
095d59c01b Update listen_ssl.template deprecated http2 on listener 2023-08-12 16:59:15 +02:00
andryyy
3045bcf49d [Nginx] Allow SOGo SSO 2021-06-23 14:12:14 +02:00
andryyy
b11764dff0 [Config] Add ADDITIONAL_SERVER_NAMES as optional config to define additional server_name parameters for mailcow UI 2021-02-16 16:38:28 +01:00
andryyy
06c8f140b5 [Nginx] Mark script not executable 2020-07-14 13:24:37 +02:00
andryyy
4cd51017a7 [Nginx] Mark script executable 2020-07-14 13:20:50 +02:00
andryyy
d931083e0e [SOGo] Disable EAS when SKIP_SOGO=y 2020-07-14 13:16:26 +02:00
andryyy
ad8acefb96 [SOGo] Disable EAS when SKIP_SOGO=y 2020-07-14 13:13:32 +02:00
Marcel Hofer
f2b552c00d Fix custom http redirects with TLS-SNI 
Disable http listener for SNI ssl hosts in nginx. This allows the use of the following config again:
https://mailcow.github.io/mailcow-dockerized-docs/u_e-80_to_443/

However that documentation page should still be updated: https://github.com/mailcow/mailcow-dockerized-docs/pull/175/commits
 2019-10-20 20:24:16 +02:00
Marcel Hofer
05e7c95829 [SSL] fix wildcard compare for non-bash shell 2019-10-20 17:02:54 +02:00
Marcel Hofer
dcd50b2245 [SSL] restore old nginx templates. fix possible issues with custom nginx sites 2019-10-20 16:41:53 +02:00
Marcel Hofer
2e35da6816 [SSL] create individual domain certificates, add SNI configs for Postfix/Dovecot/Nginx 2019-10-19 12:48:56 +02:00
Marcel Hofer
dd6d253ac0 add random masterpass for sogo admin login 
add required headers for sogo proxy auth with password
add SOGoEncryptionKey
add SOGoTrustProxyAuthentication only conditionally if feature is enabled
 2019-02-26 09:02:35 +01:00
andryyy
57312ad605 [Compose] Add ALLOW_ADMIN_EMAIL_LOGIN to sogo-mailcow to trigger bootstrap on change 
[Compose] Static IPv4 for Dovecot
[SOGo] Remove SOGoIMAPServer from sogo.conf
[SOGo] Add SOGoIMAPServer to bootstrap process
[Nginx] Disallow editAccount for other accounts than 0 (own)
 2019-02-25 00:00:32 +01:00
André Peters
9a9079baa5 Update sogo.auth_request.template.sh 2019-02-23 22:29:14 +01:00
André Peters
0c8f217f49 Update sogo.auth_request.template.sh 
Don't want to split hairs! Just consistency. :)
 2019-02-23 22:20:09 +01:00
Marcel Hofer
cac67db203 add config ALLOW_ADMIN_EMAIL_LOGIN and implement password-less SOGo login admins 2019-02-23 17:59:18 +01:00
Kristian Klausen
63002cbb74 [Nginx] Reduce config duplication 
It does not make sense having a seperate server block for both http
and https.
According to the nginx doc [1], using the same server block for both
should work.

[1] http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server
 2018-02-15 21:23:07 +01:00
André Peters
63f7e5930d [Nginx] Fix EAS 2018-02-13 09:07:44 +01:00
André Peters
74c804b9a3 [SOGo] SOGo refuses to bind to IPv6, so force IPv4 in proxy_pass, fixes #1006 2018-02-12 21:32:49 +01:00
andryyy
e15795e112 Enable http2 2017-06-06 21:59:27 +02:00
andryyy
e159eb7522 Fix listener 2017-05-29 21:48:41 +02:00
andryyy
813207c694 Listen on internal IPv6 2017-05-25 10:59:57 +02:00
andryyy
6d7c3423ba Change Nginx templates 2017-02-28 10:12:18 +01:00