Commit graph

116 commits

Author SHA1 Message Date
3e21632d4e setup(cron): remove git pull 2024-01-31 20:01:38 +01:00
150793e037 setup(cron): Add auto git update 2024-01-27 14:43:50 +01:00
19dfa5142c chore(deps): update ghcr.io/imagegenius/amp docker tag to v2.4.8 (#16)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/imagegenius/amp](https://github.com/imagegenius/docker-amp/packages) ([source](https://github.com/imagegenius/docker-amp)) | patch | `2.4.7-ubuntu` -> `2.4.8-ubuntu` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTAuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE1MC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: carsten/container-server#16
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2024-01-27 13:16:06 +01:00
f36d23ec70 chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.99.0 (#13)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/element-hq/synapse](https://matrix.org/docs/projects/server/synapse) ([source](https://github.com/element-hq/synapse)) | minor | `v1.98.0` -> `v1.99.0` |

---

### Release Notes

<details>
<summary>element-hq/synapse (ghcr.io/element-hq/synapse)</summary>

### [`v1.99.0`](https://github.com/element-hq/synapse/releases/tag/v1.99.0)

[Compare Source](https://github.com/element-hq/synapse/compare/v1.98.0...v1.99.0)

### Synapse 1.99.0 (2024-01-16)

Synapse 1.99.0 is the first Synapse release under an AGPLv3.0 licence (with CLA to enable Element to sell AGPL exceptions). You can read more about this here:

-   https://matrix.org/blog/2023/11/06/future-of-synapse-dendrite/
-   https://element.io/blog/element-to-adopt-agplv3/
-   https://element.io/blog/synapse-now-lives-at-github-com-element-hq-synapse/

No significant changes since 1.99.0rc1.

### Synapse 1.99.0rc1 (2024-01-09)

-   Add [config options](https://element-hq.github.io/synapse/v1.99/usage/configuration/config_documentation.html#server_notices) to set the avatar and the topic of the server notices room, as well as the avatar of the server notices user. ([https://github.com/element-hq/synapse/issues/16679](https://github.com/matrix-org/synapse/pull/16679))

-   Add config option [`email.notif_delay_before_mail`](https://element-hq.github.io/synapse/v1.99/usage/configuration/config_documentation.html#email) to tweak the delay before an email is sent following a notification. ([https://github.com/element-hq/synapse/issues/16696](https://github.com/matrix-org/synapse/pull/16696))

-   Add new configuration option [`sentry.environment`](https://element-hq.github.io/synapse/v1.99/usage/configuration/config_documentation.html#sentry) for improved system monitoring. Contributed by [@&#8203;zeeshanrafiqrana](https://github.com/zeeshanrafiqrana). ([https://github.com/element-hq/synapse/issues/16738](https://github.com/matrix-org/synapse/pull/16738))

-   Filter out rooms from the room directory being served to other homeservers when those rooms block that homeserver by their Access Control Lists. ([#&#8203;16759](https://github.com/element-hq/synapse/pull/16759))

-   Fix a long-standing bug where the signing keys generated by Synapse were world-readable. Contributed by Fabian Klemp. ([https://github.com/element-hq/synapse/issues/16740](https://github.com/matrix-org/synapse/pull/16740))

-   Fix email verification redirection. Contributed by Fadhlan Ridhwanallah. ([#&#8203;16761](https://github.com/element-hq/synapse/pull/16761))

-   Fixed a bug that prevented users from being queried by display name if it contains non-ASCII characters. ([#&#8203;16767](https://github.com/element-hq/synapse/pull/16767))

-   Allow reactivate user without password with Admin API in some edge cases. ([#&#8203;16770](https://github.com/element-hq/synapse/pull/16770))

-   Adds the `recursion_depth` parameter to the response of the /relations endpoint if [MSC3981](https://github.com/matrix-org/matrix-spec-proposals/pull/3981) recursion is being performed. ([#&#8203;16775](https://github.com/element-hq/synapse/pull/16775))

-   Added version picker for Synapse documentation. Contributed by [@&#8203;Dmytro27Ind](https://github.com/Dmytro27Ind). ([https://github.com/element-hq/synapse/issues/16533](https://github.com/matrix-org/synapse/pull/16533))

-   Clarify that `password_config.enabled: "only_for_reauth"` does not allow new logins to be created using password auth. ([https://github.com/element-hq/synapse/issues/16737](https://github.com/matrix-org/synapse/pull/16737))

-   Remove value from header in configuration documentation for `refresh_token_lifetime`. ([#&#8203;16763](https://github.com/element-hq/synapse/pull/16763))

-   Add another custom statistics collection server to the documentation. Contributed by [@&#8203;loelkes](https://github.com/loelkes). ([#&#8203;16769](https://github.com/element-hq/synapse/pull/16769))

-   Remove run-once workflow after adding the version picker to the documentation. ([#&#8203;9453](https://github.com/element-hq/synapse/pull/9453))

-   Update the implementation of \[[MSC2965](https://github.com/matrix-org/matrix-spec-proposals/pull/2965)]\(https://github.com/matrix-org/matrix-spec-proposals/pull/2965) (OIDC Provider discovery). ([https://github.com/element-hq/synapse/issues/16726](https://github.com/matrix-org/synapse/pull/16726))

-   Move the rust stubs inline for better IDE integration. ([#&#8203;16757](https://github.com/element-hq/synapse/pull/16757))

-   Fix sample config doc CI. ([#&#8203;16758](https://github.com/element-hq/synapse/pull/16758))

-   Simplify event internal metadata class. ([#&#8203;16762](https://github.com/element-hq/synapse/pull/16762), [#&#8203;16780](https://github.com/element-hq/synapse/pull/16780))

-   Sign the published docker image using [cosign](https://docs.sigstore.dev/). ([#&#8203;16774](https://github.com/element-hq/synapse/pull/16774))

-   Port `EventInternalMetadata` class to Rust. ([#&#8203;16782](https://github.com/element-hq/synapse/pull/16782))

<!---->

-   Bump actions/setup-go from 4 to 5. ([https://github.com/element-hq/synapse/issues/16749](https://github.com/matrix-org/synapse/pull/16749))
-   Bump actions/setup-python from 4 to 5. ([https://github.com/element-hq/synapse/issues/16748](https://github.com/matrix-org/synapse/pull/16748))
-   Bump immutabledict from 3.0.0 to 4.0.0. ([https://github.com/element-hq/synapse/issues/16743](https://github.com/matrix-org/synapse/pull/16743))
-   Bump isort from 5.12.0 to 5.13.0. ([https://github.com/element-hq/synapse/issues/16745](https://github.com/matrix-org/synapse/pull/16745))
-   Bump isort from 5.13.0 to 5.13.1. ([https://github.com/element-hq/synapse/issues/16752](https://github.com/matrix-org/synapse/pull/16752))
-   Bump pydantic from 2.5.1 to 2.5.2. ([https://github.com/element-hq/synapse/issues/16747](https://github.com/matrix-org/synapse/pull/16747))
-   Bump ruff from 0.1.6 to 0.1.7. ([https://github.com/element-hq/synapse/issues/16746](https://github.com/matrix-org/synapse/pull/16746))
-   Bump types-setuptools from 68.2.0.2 to 69.0.0.0. ([https://github.com/element-hq/synapse/issues/16744](https://github.com/matrix-org/synapse/pull/16744))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMzAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE0MC4xNCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Reviewed-on: carsten/container-server#13
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2024-01-23 17:42:14 +01:00
f5782183d1 chore(deps): update woodpeckerci/woodpecker-agent docker tag to v2.2.2 (#14)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [woodpeckerci/woodpecker-agent](https://github.com/woodpecker-ci/woodpecker) | minor | `v2.1.1-alpine` -> `v2.2.2-alpine` |

---

### Release Notes

<details>
<summary>woodpecker-ci/woodpecker (woodpeckerci/woodpecker-agent)</summary>

### [`v2.2.2`](https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.2.2): 2.2.2

[Compare Source](https://github.com/woodpecker-ci/woodpecker/compare/v2.2.1...v2.2.2)

#### [2.2.2](https://github.com/woodpecker-ci/woodpecker/releases/tag/2.2.2) - 2024-01-21

##### Misc

-   build: fix nfpm path for server binary \[[#&#8203;3246](https://github.com/woodpecker-ci/woodpecker/pull/3246)]

### [`v2.2.1`](https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.2.1): 2.2.1

[Compare Source](https://github.com/woodpecker-ci/woodpecker/compare/v2.1.1...v2.2.1)

#### [2.2.1](https://github.com/woodpecker-ci/woodpecker/releases/tag/2.2.1) - 2024-01-21

##### 🐛 Bug Fixes

-   Add gitea/forgejo driver check, to handle ErrUnknownVersion error \[[#&#8203;3243](https://github.com/woodpecker-ci/woodpecker/pull/3243)]

##### Misc

-   Build tarball for distribution packages \[[#&#8203;3244](https://github.com/woodpecker-ci/woodpecker/pull/3244)]

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNDAuMTQiLCJ1cGRhdGVkSW5WZXIiOiIzNy4xNDAuMTQiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Reviewed-on: carsten/container-server#14
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2024-01-23 17:41:40 +01:00
a2815bf057 chore(deps): update woodpeckerci/woodpecker-server docker tag to v2.2.2 (#15)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [woodpeckerci/woodpecker-server](https://github.com/woodpecker-ci/woodpecker) | minor | `v2.1.1-alpine` -> `v2.2.2-alpine` |

---

### Release Notes

<details>
<summary>woodpecker-ci/woodpecker (woodpeckerci/woodpecker-server)</summary>

### [`v2.2.2`](https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.2.2): 2.2.2

[Compare Source](https://github.com/woodpecker-ci/woodpecker/compare/v2.2.1...v2.2.2)

#### [2.2.2](https://github.com/woodpecker-ci/woodpecker/releases/tag/2.2.2) - 2024-01-21

##### Misc

-   build: fix nfpm path for server binary \[[#&#8203;3246](https://github.com/woodpecker-ci/woodpecker/pull/3246)]

### [`v2.2.1`](https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.2.1): 2.2.1

[Compare Source](https://github.com/woodpecker-ci/woodpecker/compare/v2.1.1...v2.2.1)

#### [2.2.1](https://github.com/woodpecker-ci/woodpecker/releases/tag/2.2.1) - 2024-01-21

##### 🐛 Bug Fixes

-   Add gitea/forgejo driver check, to handle ErrUnknownVersion error \[[#&#8203;3243](https://github.com/woodpecker-ci/woodpecker/pull/3243)]

##### Misc

-   Build tarball for distribution packages \[[#&#8203;3244](https://github.com/woodpecker-ci/woodpecker/pull/3244)]

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNDAuMTQiLCJ1cGRhdGVkSW5WZXIiOiIzNy4xNDAuMTQiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Reviewed-on: carsten/container-server#15
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2024-01-23 17:41:24 +01:00
f1fd90f42e chore(deps): update ghcr.io/actualbudget/actual-server docker tag to v24 (#12)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| ghcr.io/actualbudget/actual-server | major | `23.12.1-alpine` -> `24.1.0-alpine` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMjYuMSIsInVwZGF0ZWRJblZlciI6IjM3LjEyNi4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: carsten/container-server#12
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2024-01-16 19:26:50 +01:00
d545d8948f service(forgejo): remove actions runner because github actions are fucking stupid! 2024-01-06 15:53:56 +01:00
6886ddf782 service(forgejo): add runner for forgejo actions 2024-01-06 14:35:55 +01:00
1cae697520 chore(deps): update postgres docker tag to v16 (#11)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| postgres | major | `15-alpine` -> `16-alpine` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMTguMCIsInVwZGF0ZWRJblZlciI6IjM3LjExOC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: carsten/container-server#11
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2024-01-03 18:56:26 +01:00
e1b1b90bbb service: remove psql version varaible to make it renovate compatible 2024-01-03 18:02:16 +01:00
85c703dd34 ci(trigger): Use CI update trigger via shared volume and cron 2024-01-03 17:47:01 +01:00
5115b86532 misc: set specfic version numbers where possible 2024-01-03 17:03:24 +01:00
09c18e5ec7 service(watchtower): use via internal docker connection 2024-01-03 13:36:08 +01:00
2de5b8bed1 service(proxy): Add HSTS header 2023-12-16 20:41:33 +01:00
cd871e99fe service(forgejo): activate notification emails 2023-12-16 20:40:43 +01:00
810712c969 backup: include .env 2023-12-16 20:40:00 +01:00
d920cd968b Add Wireguard VPN service 2023-12-16 20:39:14 +01:00
c4ef0d3c18 chore(deps): update nextcloud docker tag to v28 (#10)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| nextcloud | major | `27` -> `28` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4wLjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy4wLjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Reviewed-on: carsten/container-server#10
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2023-12-14 18:01:59 +01:00
20afa5b53f chore(deps): update ghcr.io/actualbudget/actual-server docker tag to v23.12.1 (#9)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| ghcr.io/actualbudget/actual-server | minor | `23.11.0-alpine` -> `23.12.1-alpine` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4wLjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy4wLjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Reviewed-on: carsten/container-server#9
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2023-12-08 20:34:16 +01:00
a2345efe1f chore(deps): update codeberg.org/forgejo/forgejo docker tag to v1.21 (#7)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| codeberg.org/forgejo/forgejo | minor | `1.20` -> `1.21` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4wLjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy4wLjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Reviewed-on: carsten/container-server#7
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2023-11-27 17:19:25 +01:00
9c1291823e chore(deps): update mailserver/docker-mailserver docker tag to v13 (#8)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [mailserver/docker-mailserver](https://github.com/docker-mailserver/docker-mailserver) | major | `12` -> `13` |

---

### Release Notes

<details>
<summary>docker-mailserver/docker-mailserver (mailserver/docker-mailserver)</summary>

### [`v13`](https://github.com/docker-mailserver/docker-mailserver/blob/HEAD/CHANGELOG.md#v1300)

##### Breaking

-   **LDAP:**
    -   ENV `LDAP_SERVER_HOST`, `DOVECOT_URIS`, and `SASLAUTHD_LDAP_SERVER` will now log an error if the LDAP URI scheme is missing. Previously there was an implicit fallback to `ldap://` ([#&#8203;3522](https://github.com/docker-mailserver/docker-mailserver/pull/3522))
    -   `ENABLE_LDAP=1` is no longer supported, please use `ACCOUNT_PROVISIONER=LDAP` ([#&#8203;3507](https://github.com/docker-mailserver/docker-mailserver/pull/3507))
-   **Rspamd:**
    -   The deprecated path for the Rspamd custom commands file (`/tmp/docker-mailserver/rspamd-modules.conf`) now prevents successful startup. The correct path is `/tmp/docker-mailserver/rspamd/custom-commands.conf`.
-   **Dovecot:**
    -   Dovecot mail storage per account in `/var/mail` previously shared the same path for the accounts home directory ([#&#8203;3335](https://github.com/docker-mailserver/docker-mailserver/pull/3335))
        -   The home directory now is a subdirectory `home/`. This change better supports sieve scripts.
        -   **NOTE:** The change has not yet been implemented for `ACCOUNT_PROVISIONER=LDAP`.
-   **Postfix:**
    -   `/etc/postfix/master.cf` has renamed the "smtps" service to "submissions" ([#&#8203;3235](https://github.com/docker-mailserver/docker-mailserver/pull/3235))
        -   This is the modern `/etc/services` name for port 465, aligning with the similar "submission" port 587.
    -   Postfix now defaults to supporting DSNs (*[Delivery Status Notifications](https://github.com/docker-mailserver/docker-mailserver/pull/3572#issuecomment-1751880574)*) only for authenticated users (*via ports 465 + 587*). This is a security measure to reduce spammer abuse of your DMS instance as a backscatter source. ([#&#8203;3572](https://github.com/docker-mailserver/docker-mailserver/pull/3572))
        -   If you need to modify this change, please let us know by opening an issue / discussion.
        -   You can [opt out (*enable DSNs*) via the `postfix-main.cf` override support](https://docker-mailserver.github.io/docker-mailserver/v12.1/config/advanced/override-defaults/postfix/) using the contents: `smtpd_discard_ehlo_keywords =`.
        -   Likewise for authenticated users, the submission(s) ports (465 + 587) are configured internally via `master.cf` to keep DSNs enabled (*since authentication protects from abuse*).

            If necessary, DSNs for authenticated users can be disabled via the `postfix-master.cf` override with the following contents:

            ```cf
            submission/inet/smtpd_discard_ehlo_keywords=silent-discard,dsn
            submissions/inet/smtpd_discard_ehlo_keywords=silent-discard,dsn
            ```

##### Added

-   **Features:**
    -   `getmail` as an alternative to `fetchmail` ([#&#8203;2803](https://github.com/docker-mailserver/docker-mailserver/pull/2803))
    -   `setup` CLI - `setup fail2ban` gained a new `status <JAIL>` subcommand ([#&#8203;3455](https://github.com/docker-mailserver/docker-mailserver/pull/3455))
-   **Environment Variables:**
    -   `MARK_SPAM_AS_READ`. When set to `1`, marks incoming spam as "read" to avoid unwanted "new mail" notifications for junk mail ([#&#8203;3489](https://github.com/docker-mailserver/docker-mailserver/pull/3489))
    -   `DMS_VMAIL_UID` and `DMS_VMAIL_GID` allow changing the default ID values (`5000:5000`) for the Dovecot vmail user and group ([#&#8203;3550](https://github.com/docker-mailserver/docker-mailserver/pull/3550))
    -   `RSPAMD_CHECK_AUTHENTICATED` allows authenticated users to avoid additional security checks by Rspamd ([#&#8203;3440](https://github.com/docker-mailserver/docker-mailserver/pull/3440))
-   **Documentation:**
    -   Use-case examples / tutorials:
        -   iOS mail push support ([#&#8203;3513](https://github.com/docker-mailserver/docker-mailserver/pull/3513))
        -   Guide for setting up Dovecot Authentication via Lua ([#&#8203;3579](https://github.com/docker-mailserver/docker-mailserver/pull/3579))
        -   Guide for integrating with the Crowdsec service ([#&#8203;3651](https://github.com/docker-mailserver/docker-mailserver/pull/3651))
    -   Debugging page:
        -   New compatibility section ([#&#8203;3404](https://github.com/docker-mailserver/docker-mailserver/pull/3404))
        -   Now advises how to (re)start DMS correctly ([#&#8203;3654](https://github.com/docker-mailserver/docker-mailserver/pull/3654))
    -   Better communicate distinction between DMS FQDN and DMS mail accounts ([#&#8203;3372](https://github.com/docker-mailserver/docker-mailserver/pull/3372))
    -   Traefik example now includes `passthrough=true` on implicit ports ([#&#8203;3568](https://github.com/docker-mailserver/docker-mailserver/pull/3568))
    -   Rspamd docs have received a variety of revisions ([#&#8203;3318](https://github.com/docker-mailserver/docker-mailserver/pull/3318), [#&#8203;3325](https://github.com/docker-mailserver/docker-mailserver/pull/3325), [#&#8203;3329](https://github.com/docker-mailserver/docker-mailserver/pull/3329))
    -   IPv6 config examples with content tabs ([#&#8203;3436](https://github.com/docker-mailserver/docker-mailserver/pull/3436))
    -   Mention [internet.nl](https://internet.nl/test-mail/) as another testing service ([#&#8203;3445](https://github.com/docker-mailserver/docker-mailserver/pull/3445))
    -   `setup alias add ...` CLI help message now includes an example for aliasing to multiple recipients ([#&#8203;3600](https://github.com/docker-mailserver/docker-mailserver/pull/3600))
    -   `SPAMASSASSIN_SPAM_TO_INBOX=1`, now emits a debug log to raise awareness that `SA_KILL` will be ignored ([#&#8203;3360](https://github.com/docker-mailserver/docker-mailserver/pull/3360))
    -   `CLAMAV_MESSAGE_SIZE_LIMIT` now logs a warning when the value exceeds what ClamAV is capable of supporting (4GiB max scan size [#&#8203;3332](https://github.com/docker-mailserver/docker-mailserver/pull/3332), 2GiB max file size [#&#8203;3341](https://github.com/docker-mailserver/docker-mailserver/pull/3341))
    -   Added note to caution against changing `mydestination` in Postfix's `main.cf` ([#&#8203;3316](https://github.com/docker-mailserver/docker-mailserver/pull/3316))
-   **Internal:**
    -   Added a wrapper to update Postfix configuration safely ([#&#8203;3484](https://github.com/docker-mailserver/docker-mailserver/pull/3484), [#&#8203;3503](https://github.com/docker-mailserver/docker-mailserver/pull/3503))
    -   Add debug group to `packages.sh` ([#&#8203;3578](https://github.com/docker-mailserver/docker-mailserver/pull/3578))
-   **Tests:**
    -   Additional linting check for BASH syntax ([#&#8203;3369](https://github.com/docker-mailserver/docker-mailserver/pull/3369))

##### Updates

-   **Misc:**
    -   Changed `setup config dkim` default key size to `2048` (`open-dkim`) ([#&#8203;3508](https://github.com/docker-mailserver/docker-mailserver/pull/3508))
-   **Postfix:**
    -   Dropped special bits from `maildrop/` and `public/` directory permissions ([#&#8203;3625](https://github.com/docker-mailserver/docker-mailserver/pull/3625))
-   **Rspamd:**
    -   Adjusted learning of ham ([#&#8203;3334](https://github.com/docker-mailserver/docker-mailserver/pull/3334))
    -   Adjusted `antivirus.conf` ([#&#8203;3331](https://github.com/docker-mailserver/docker-mailserver/pull/3331))
    -   `logrotate` setup + Rspamd log path + tests log helper fallback path ([#&#8203;3576](https://github.com/docker-mailserver/docker-mailserver/pull/3576))
    -   Setup during container startup is now more resilient ([#&#8203;3578](https://github.com/docker-mailserver/docker-mailserver/pull/3578))
    -   Changed DKIM default config location ([#&#8203;3597](https://github.com/docker-mailserver/docker-mailserver/pull/3597))
    -   Removed the symlink for the `override.d/` directory in favor of using `cp`, integrated into the changedetector service, , added a `--force` option for the Rspamd DKIM management, and provided a dedicated helper script for common ENV variables ([#&#8203;3599](https://github.com/docker-mailserver/docker-mailserver/pull/3599))
    -   Required permissions are now verified for DKIM private key files ([#&#8203;3627](https://github.com/docker-mailserver/docker-mailserver/pull/3627))
-   **Documentation:**
    -   Documentation aligned to Compose v2 conventions, `docker-compose` command changed to `docker compose`, `docker-compose.yaml` to `compose.yaml` ([#&#8203;3295](https://github.com/docker-mailserver/docker-mailserver/pull/3295))
    -   Restored missing edit button ([#&#8203;3338](https://github.com/docker-mailserver/docker-mailserver/pull/3338))
    -   Complete rewrite of the IPv6 page ([#&#8203;3244](https://github.com/docker-mailserver/docker-mailserver/pull/3244), [#&#8203;3531](https://github.com/docker-mailserver/docker-mailserver/pull/3531))
    -   Complete rewrite of the "Update and Cleanup" maintenance page ([#&#8203;3539](https://github.com/docker-mailserver/docker-mailserver/pull/3539), [#&#8203;3583](https://github.com/docker-mailserver/docker-mailserver/pull/3583))
    -   Improved debugging page advice on working with logs ([#&#8203;3626](https://github.com/docker-mailserver/docker-mailserver/pull/3626), [#&#8203;3640](https://github.com/docker-mailserver/docker-mailserver/pull/3640))
    -   Clarified the default for ENV `FETCHMAIL_PARALLEL` ([#&#8203;3603](https://github.com/docker-mailserver/docker-mailserver/pull/3603))
    -   Removed port 25 from FAQ entry for mail client ports supporting authenticated submission ([#&#8203;3496](https://github.com/docker-mailserver/docker-mailserver/pull/3496))
    -   Updated home path in docs for Dovecot Sieve ([#&#8203;3370](https://github.com/docker-mailserver/docker-mailserver/pull/3370), [#&#8203;3650](https://github.com/docker-mailserver/docker-mailserver/pull/3650))
    -   Fixed path to `rspamd.log` ([#&#8203;3585](https://github.com/docker-mailserver/docker-mailserver/pull/3585))
    -   "Optional Config" page now uses consistent lowercase convention for directory names ([#&#8203;3629](https://github.com/docker-mailserver/docker-mailserver/pull/3629))
    -   `CONTRIBUTORS.md`: Removed redundant "All Contributors" section ([#&#8203;3638](https://github.com/docker-mailserver/docker-mailserver/pull/3638))
-   **Internal:**
    -   LDAP config improvements (Removed implicit `ldap://` LDAP URI scheme fallback) ([#&#8203;3522](https://github.com/docker-mailserver/docker-mailserver/pull/3522))
    -   Changed style conventions for internal scripts ([#&#8203;3361](https://github.com/docker-mailserver/docker-mailserver/pull/3361), [#&#8203;3364](https://github.com/docker-mailserver/docker-mailserver/pull/3364), [#&#8203;3365](https://github.com/docker-mailserver/docker-mailserver/pull/3365), [#&#8203;3366](https://github.com/docker-mailserver/docker-mailserver/pull/3366), [#&#8203;3368](https://github.com/docker-mailserver/docker-mailserver/pull/3368), [#&#8203;3464](https://github.com/docker-mailserver/docker-mailserver/pull/3464))
-   **CI / Automation:**
    -   `.gitattributes` now ensures files are committed with `eol=lf` ([#&#8203;3527](https://github.com/docker-mailserver/docker-mailserver/pull/3527))
    -   Revised the GitHub issue bug report template ([#&#8203;3317](https://github.com/docker-mailserver/docker-mailserver/pull/3317), [#&#8203;3381](https://github.com/docker-mailserver/docker-mailserver/pull/3381), [#&#8203;3435](https://github.com/docker-mailserver/docker-mailserver/pull/3435))
    -   Clarified that the issue tracker is not for personal support ([#&#8203;3498](https://github.com/docker-mailserver/docker-mailserver/pull/3498), [#&#8203;3502](https://github.com/docker-mailserver/docker-mailserver/pull/3502))
    -   Bumped versions of miscellaneous software (also shoutout to [@&#8203;dependabot](https://github.com/dependabot)) ([#&#8203;3371](https://github.com/docker-mailserver/docker-mailserver/pull/3371), [#&#8203;3584](https://github.com/docker-mailserver/docker-mailserver/pull/3584), [#&#8203;3504](https://github.com/docker-mailserver/docker-mailserver/pull/3504), [#&#8203;3516](https://github.com/docker-mailserver/docker-mailserver/pull/3516))
-   **Tests:**
    -   Refactored LDAP tests to current conventions ([#&#8203;3483](https://github.com/docker-mailserver/docker-mailserver/pull/3483))
    -   Changed OpenLDAP image to `bitnami/openldap` ([#&#8203;3494](https://github.com/docker-mailserver/docker-mailserver/pull/3494))
    -   Revised LDAP config + setup ([#&#8203;3514](https://github.com/docker-mailserver/docker-mailserver/pull/3514))
    -   Added tests for the helper function `_add_to_or_update_postfix_main()` ([#&#8203;3505](https://github.com/docker-mailserver/docker-mailserver/pull/3505))
    -   EditorConfig Checker lint now uses a mount path to `/check` instead of `/ci` ([#&#8203;3655](https://github.com/docker-mailserver/docker-mailserver/pull/3655))

##### Fixed

-   **Security:**
    -   Fixed issue with concatenating `$dmarc_milter` and `$dkim_milter` in `main.cf` ([#&#8203;3380](https://github.com/docker-mailserver/docker-mailserver/pull/3380))
    -   Fixed Rspamd DKIM signing for inbound emails ([#&#8203;3439](https://github.com/docker-mailserver/docker-mailserver/pull/3439), [#&#8203;3453](https://github.com/docker-mailserver/docker-mailserver/pull/3453))
    -   OpenDKIM key generation is no longer broken when Rspamd is also enabled ([#&#8203;3535](https://github.com/docker-mailserver/docker-mailserver/pull/3535))
-   **Internal:**
    -   The "database" files (*for managing users and aliases*) now correctly filters within lookup query ([#&#8203;3359](https://github.com/docker-mailserver/docker-mailserver/pull/3359))
    -   `_setup_spam_to_junk()` no longer registered when `SMTP_ONLY=1` ([#&#8203;3385](https://github.com/docker-mailserver/docker-mailserver/pull/3385))
    -   Dovecot `fts_xapian` is now compiled from source to match the Dovecot package ABI ([#&#8203;3373](https://github.com/docker-mailserver/docker-mailserver/pull/3373))
-   **CI:**
    -   Scheduled build now have the correct permissions to run successfully ([#&#8203;3345](https://github.com/docker-mailserver/docker-mailserver/pull/3345))
-   **Documentation:**
    -   Miscellaneous spelling and wording improvements ([#&#8203;3324](https://github.com/docker-mailserver/docker-mailserver/pull/3324), [#&#8203;3330](https://github.com/docker-mailserver/docker-mailserver/pull/3330), [#&#8203;3337](https://github.com/docker-mailserver/docker-mailserver/pull/3337), [#&#8203;3339](https://github.com/docker-mailserver/docker-mailserver/pull/3339), [#&#8203;3344](https://github.com/docker-mailserver/docker-mailserver/pull/3344), [#&#8203;3367](https://github.com/docker-mailserver/docker-mailserver/pull/3367), [#&#8203;3411](https://github.com/docker-mailserver/docker-mailserver/pull/3411), [#&#8203;3443](https://github.com/docker-mailserver/docker-mailserver/pull/3443))
-   **Tests:**
    -   Run `pgrep` within the actual container ([#&#8203;3553](https://github.com/docker-mailserver/docker-mailserver/pull/3553))
    -   `lmtp_ip.bats` improved partial failure output ([#&#8203;3552](https://github.com/docker-mailserver/docker-mailserver/pull/3552))
    -   Improvements to LDIF test data ([#&#8203;3506](https://github.com/docker-mailserver/docker-mailserver/pull/3506))
    -   Normalized for `.gitattributes` + improved `eclint` coverage ([#&#8203;3566](https://github.com/docker-mailserver/docker-mailserver/pull/3566))
    -   Fixed ShellCheck linting for BATS tests ([#&#8203;3347](https://github.com/docker-mailserver/docker-mailserver/pull/3347))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4wLjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy4wLjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Reviewed-on: carsten/container-server#8
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2023-11-27 17:18:07 +01:00
f768d814ec chore(deps): update ghcr.io/actualbudget/actual-server docker tag to v23.11.0 (#6)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| ghcr.io/actualbudget/actual-server | minor | `23.9.0-alpine` -> `23.11.0-alpine` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4wLjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy4wLjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Reviewed-on: carsten/container-server#6
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2023-11-11 12:38:12 +01:00
69fa62c875 Add actualbudget 2023-11-01 22:16:00 +01:00
f3a269412b Setup games server with minecraft 2023-10-29 20:22:54 +01:00
85eeb3d80f chore(deps): update ghcr.io/goauthentik/server docker tag to v2023.10 (#5)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/goauthentik/server](https://github.com/goauthentik/authentik) | minor | `2023.8` -> `2023.10` |

⚠️ Release Notes retrieval for this PR were skipped because no github.com credentials were available.
If you are self-hosted, please see [this instruction](https://github.com/renovatebot/renovate/blob/master/docs/usage/examples/self-hosting.md#githubcom-token-for-release-notes).

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4wLjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy4wLjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Reviewed-on: carsten/container-server#5
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2023-10-27 17:51:18 +02:00
d98334c5d3 setup borg backup (#4)
Reviewed-on: carsten/container-server#4
2023-10-18 19:54:47 +02:00
6a4459c78d update ignored ip of kiel.csprung.de in fail2ban via cron 2023-10-05 16:51:06 +02:00
7b3bf6ec77 add homepage with watchtower deploy 2023-09-24 22:47:56 +02:00
026b2a32cc services: add uptimerobot ips to ignorelist 2023-09-22 19:44:17 +02:00
a20c6a2979 Make fail2ban compatible with uptimerobot, fix timezone for vaultwarden and woodpecker, add fail2ban task 2023-09-21 13:47:22 +02:00
900b1c61e9 services: single common config for fail2ban 2023-09-20 20:56:20 +02:00
60c52bab40 services: add fail2ban 2023-09-20 00:34:12 +02:00
9ce7194fb8 move forgejo internal ssh server to other port to not collide with standard openssh, but still have ssh logs 2023-09-20 00:30:04 +02:00
102b3702ed services: prepare logs for fail2ban 2023-09-19 23:32:46 +02:00
f13ea399f8 setup: add config for cron mails 2023-09-19 22:28:39 +02:00
1e5ff87707 renovate: add common preset 2023-09-18 14:48:35 +02:00
8ce4483213 services: add redis nextcloud 2023-09-18 14:29:09 +02:00
0af4f3cce8 Configure Renovate (#2)
Welcome to [Renovate](https://github.com/renovatebot/renovate)! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---
### Detected Package Files

 * `services/authentik/docker-compose.yml` (docker-compose)
 * `services/docker-compose.yml` (docker-compose)
 * `services/forgejo/docker-compose.yml` (docker-compose)
 * `services/hedgedoc/docker-compose.yml` (docker-compose)
 * `services/mail/docker-compose.yml` (docker-compose)
 * `services/matrix/docker-compose.yml` (docker-compose)
 * `services/minecraft/docker-compose.yml` (docker-compose)
 * `services/nextcloud/docker-compose.yml` (docker-compose)
 * `services/proxy/docker-compose.yml` (docker-compose)
 * `services/vaultwarden/docker-compose.yml` (docker-compose)
 * `services/watchtower/docker-compose.yml` (docker-compose)
 * `services/woodpecker/docker-compose.yml` (docker-compose)

### What to Expect

It looks like your repository dependencies are already up-to-date and no Pull Requests will be necessary right away.

---

 Got questions? Check out Renovate's [Docs](https://docs.renovatebot.com/), particularly the Getting Started section.
If you need any further assistance then you can also [request help here](https://github.com/renovatebot/renovate/discussions).

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

<!--renovate-config-hash:9bea58aeb4c1bc949bd53c7133889ed56ddfd28fd36d2fa94c1309d69ff531f6-->

Co-authored-by: Carsten Sprung <carsten.sprung@csprung.de>
Reviewed-on: carsten/container-server#2
Co-authored-by: Renovate Bot <renovate@git.csprung.de>
Co-committed-by: Renovate Bot <renovate@git.csprung.de>
2023-09-13 22:46:12 +02:00
d96dab07b8 General deployment (#1)
General deployment done

Reviewed-on: carsten/container-server#1
2023-09-13 22:33:47 +02:00
667fb699e0 update config for nextcloud update 2023-08-09 19:43:52 +00:00
e4891de8cb alpine-setup (#4) update setup to alpine 3.18
Reviewed-on: carsten/container-server#4
2023-08-09 09:34:50 +00:00
e75695b9dc woodpecker ci working 2023-02-18 15:25:31 +01:00
732f724640 add woodpecker ci 2023-02-18 01:23:11 +01:00
c913e66e20 Working login in forgejo with authentik 2023-02-18 00:07:06 +01:00
ab91831dd3 skip ldap 2022-12-22 18:11:48 +01:00
f73d26c675 authentik with ldap mail connection 2022-12-17 19:20:46 +01:00
8662a26098 Make psql version configurable, add dump/restore commands 2022-12-11 23:24:48 +01:00
e0f4281fc6 update vaultwarden, add gitea setup lock variable 2022-12-11 19:37:01 +01:00
99b7c5e15a roundcube: working config with carddav + managesieve 2022-12-11 00:10:46 +01:00