* add new option for kwmbridge dnat mode
* add local config for test of nat functionality
* use variable instead of real ip
* move turn configuration to the right place
* update kwmbridge
* remove trivy
* Added KAPPS_VERSION
The KAPPS_VERSION didin't match the CORE_VERSION execept for latest.
A new KAAPS_VERSION var in the .env, which defaults to latest, will fix this.
Co-authored-by: Anton Engelhardt <anton@neednow.de>
Co-authored-by: Felix Bartels <1257835+fbartels@users.noreply.github.com>
* Add container for kopano-spamd
* Authenticate version requests if needed
* Fix building of z-push for 'supported' base image
* Install kopano-spamd package by default
* Smaller fixes for kopano-spamd
* Fix missing file header
* simplify netrc usage
* add kweb config for z-push
* clean out apache bits from z-push container and use kopano_php as the base
* fix commander tests for current php version
* globally define log location for php-fpm error_log
* move port in outer kweb config
* rewrite other spellings of the autodiscover url
* fix port in startup test
* force plain output to buildkit
* reorder z-push dockerfile
* add a switch to allow usage of specific ssl cert
* add documentation how to specify own certificates and what to do when running web behind an existing proxy
Reson: some non-default configuration options are backed into the startup scripts. This can be unexpected when mounting files e.g. in a Kubernetes setup.
https://github.com/zokradonh/kopano-docker/issues/294
* core configuration
* fix compose for meet
* remove interpreter from start script
* use default oidc timeout
* Make registration_conf configurable through an env
Fixes https://github.com/zokradonh/kopano-docker/issues/368
Signed-off-by: Felix Bartels <felix@host-consultants.de>
* add registration_conf to meet example
Signed-off-by: Felix Bartels <felix@host-consultants.de>
* fix php version in kweb config
* include webapp kweb config only in the webapp container build
* add workaround for https://jira.kopano.io/browse/KW-3398 for oidc
* Specify config location through KOPANO_CONFIG_PATH env variable
* add commander test to verify config is honoured by cli programs
* remove wrappers other than kopano-cli as it cannot make use of KOPANO_CONFIG_PATH
Fixes: https://github.com/zokradonh/kopano-docker/issues/351
explicit capabilities are not longer required since the process is now running as nobody
fixes#322
Signed-off-by: Felix Bartels <felix@host-consultants.de>
* move ldap to its own file
* add separate files for db and mail as well
* add new compose file to the default compose_file variable
* enhance setup.sh to add these new compose files if they are currently missing
* switch containers in compose file to read-only
related to https://github.com/zokradonh/kopano-docker/issues/310
* make scheduler container read-only
* make meet container read-only
* fix konnect for read-only
* make core mostly read-only
* add custom location for ldap.cfg to default config
* sort config option for readability
* update makefile pull workaround
* make kdav read-only
* remove locale generation code from core startup
* fix commander tests
* fix store language tests
* add test for a dutch mailbox
* make it possible to run webapp read-only
* add locale hint to the compose file
* finish read-only mode for z-push
* split up installation for core and kapi+grapi
* add some debug output in case package installation fails
* let konnect run as nobody
* add code to check writing permissions for certificates and create certificates in container if possible
* add tests to check on failed and successful certificate creation
* add certificate creation logic from the konnect binfile
* add env for custom dockerize timeout (to fail earlier in tests)
* add mount for machine-id
* services should check the availability of the machine id before starting
* add a note to the readme
* add new mounts to the multiserver example
* add dockerize to kweb
* fix meet demo
* make readme of owncloud more clear
* clarify setup.sh
* make user23 an admin by default
* remove hard depenency on reg
* add completed message
* set more attributes on startup
Signed-off-by: Felix Bartels <felix@host-consultants.de>
* use cn instead of uid
* add config for owncloud phoenix ui and openid plugin
* add override for experimental feature endpoint
* import kweb-calendar.cfg
* experimental endpoint is yes/no
* grapi also needs the ability to run insecure
* grapi needs to resolve the domain, therefore needs to be in the web network
* make it possible to configure grapi through its cfg
* add test for config setting in grapi
* add volume for persistent data
* chown and add tests for dir
Via a new environment variable containing the relevant information in a
JSON string, shared folders can be specifified which will be set using
Z-Push's $additionalFolders configuration option.
* clean out unneeded locales
* add test to verify that language is picked up in admin.cfg
* add basic question for language and use variable in compose
* use scriptlet to generate locales before start of kopano-server
* add script to check folders of a given mailbox (for language checks)
* add tests for locale generation
relates to #248
* move playground into its own compose file
fixes#245
* move ldap-admin and ssp into their own directories
fixes#244
* remove command for konnect from meet example
* precreate meet keys in ssl, but do the actual action in konnect
* generate all keys for meet within Konnect
* incorporate explicit logging and settings set by ucs app
* make konnect container more dynamic
* set default oidc_issuer_identifier
* print size of container
* builder image is not required for security scanning
* define entrypoint instead of using command
* more cleanup of testing containers
* give logs in case of error
* make it possible to redirect to another url, than /webapp
* add documentation
* define default value in container
* add value to .env through setup.sh
* make konnect url configurable
* switch to fork of dockerize as it allows to skip ssl verification
since the address of the oidc issuer is now dynamic it could point to an invalid ssl certificate (the self signed cert is by default "valid" for *)
* update hadolint
* add more scopes
* only skip ssl verification when running insecure
* move portmapping into docker-compose.ports.yml
Ensure loading of docker-compose.ports.yml via COMPOSE_FILE in .env.
* instruct users to put overridden ports into override.yml
* rename check-scripts target to lint
* install yamllint through pip on travis
* add yamllint config, do not fail on too long lines
* fix yaml linting errors
* remove circular dependency
