Merge branch 'master' into fix-sender-checks

core/admin/Dockerfile

@@ -4,7 +4,7 @@ RUN mkdir -p /app
 WORKDIR /app
 
 COPY requirements-prod.txt requirements.txt
-RUN apk add --no-cache openssl \
+RUN apk add --no-cache openssl curl \
  && apk add --no-cache --virtual build-dep openssl-dev libffi-dev python-dev build-base \
  && pip install -r requirements.txt \
  && apk del --no-cache build-dep
@@ -20,3 +20,5 @@ EXPOSE 80/tcp
 VOLUME ["/data"]
 
 CMD ["/start.sh"]
+
+HEALTHCHECK CMD curl -f -L http://localhost/ui || exit 1

core/admin/mailu/internal/templates/default.sieve

@@ -32,9 +32,6 @@ if exists "X-Virus" {
   stop;
 }
 
-{% if user.reply_enabled %}
-if currentdate :value "le" "date" "{{ user.reply_enddate }}"
-{
- vacation :days 1 :subject "{{ user.reply_subject }}" "{{ user.reply_body }}";
-}
+{% if user.reply_active  %}
+vacation :days 1 :subject "{{ user.reply_subject }}" "{{ user.reply_body }}";
 {% endif %}

core/admin/mailu/models.py

@@ -272,6 +272,8 @@ class User(Base, Email):
     reply_enabled = db.Column(db.Boolean(), nullable=False, default=False)
     reply_subject = db.Column(db.String(255), nullable=True, default=None)
     reply_body = db.Column(db.Text(), nullable=True, default=None)
+    reply_startdate = db.Column(db.Date, nullable=False,
+        default=date(1900, 1, 1))
     reply_enddate = db.Column(db.Date, nullable=False,
         default=date(2999, 12, 31))
 
@@ -287,7 +289,26 @@ class User(Base, Email):
 
     def get_id(self):
         return self.email
-      
+
+    @property
+    def destination(self):
+        if self.forward_enabled:
+            result = self.self.forward_destination
+            if self.forward_keep:
+                result += ',' + self.email
+            return result
+        else:
+            return self.email
+
+    @property
+    def reply_active(self):
+        now = date.today()
+        return (
+            self.reply_enabled and
+            self.reply_startdate < now and
+            self.reply_enddate > now
+        )
+
     scheme_dict = {'PBKDF2': "pbkdf2_sha512",
                    'BLF-CRYPT': "bcrypt",
                    'SHA512-CRYPT': "sha512_crypt",

core/admin/mailu/ui/forms.py

@@ -117,6 +117,7 @@ class UserReplyForm(flask_wtf.FlaskForm):
     reply_subject = fields.StringField(_('Reply subject'))
     reply_body = fields.StringField(_('Reply body'),
         widget=widgets.TextArea())
+    reply_startdate = fields.html5.DateField(_('Start of vacation'))
     reply_enddate = fields.html5.DateField(_('End of vacation'))
     submit = fields.SubmitField(_('Update'))
 

core/admin/mailu/ui/templates/user/reply.html

@@ -13,14 +13,17 @@
 <form class="form" method="post" role="form">
   {{ form.hidden_tag() }}
   {{ macros.form_field(form.reply_enabled,
-      onchange="if(this.checked){$('#reply_subject,#reply_body,#reply_enddate').removeAttr('readonly')}
+      onchange="if(this.checked){$('#reply_subject,#reply_body,#reply_enddate,#reply_startdate').removeAttr('readonly')}
                 else{$('#reply_subject,#reply_body,#reply_enddate').attr('readonly', '')}") }}
   {{ macros.form_field(form.reply_subject,
       **{("rw" if user.reply_enabled else "readonly"): ""}) }}
     {{ macros.form_field(form.reply_body, rows=10,
         **{("rw" if user.reply_enabled else "readonly"): ""}) }}
   {{ macros.form_field(form.reply_enddate,
-      **{("rw" if user.reply_enabled else "readonly"): ""}) }}
+        **{("rw" if user.reply_enabled else "readonly"): ""}) }}
+  {{ macros.form_field(form.reply_startdate,
+        **{("rw" if user.reply_enabled else "readonly"): ""}) }}
+
   {{ macros.form_field(form.submit) }}
 </form>
 {% endcall %}

core/admin/migrations/versions/3b281286c7bd_.py

@@ -0,0 +1,24 @@
+""" Add a start day for vacations
+
+Revision ID: 3b281286c7bd
+Revises: 25fd6c7bcb4a
+Create Date: 2018-09-27 22:20:08.158553
+
+"""
+
+revision = '3b281286c7bd'
+down_revision = '25fd6c7bcb4a'
+
+from alembic import op
+import sqlalchemy as sa
+
+
+def upgrade():
+    with op.batch_alter_table('user') as batch:
+        batch.add_column(sa.Column('reply_startdate', sa.Date(), nullable=False,
+            server_default="1900-01-01"))
+
+
+def downgrade():
+    with op.batch_alter_table('user') as batch:
+        batch.drop_column('reply_startdate')

core/dovecot/Dockerfile

@@ -13,3 +13,5 @@ EXPOSE 110/tcp 143/tcp 993/tcp 4190/tcp 2525/tcp
 VOLUME ["/data", "/mail"]
 
 CMD /start.py
+
+HEALTHCHECK --start-period=350s CMD echo QUIT|nc localhost 110|grep "Dovecot ready."

core/nginx/Dockerfile

@@ -1,6 +1,6 @@
 FROM alpine:3.8
 
-RUN apk add --no-cache certbot nginx nginx-mod-mail openssl \
+RUN apk add --no-cache certbot nginx nginx-mod-mail openssl curl \
  python py-jinja2 py-requests-toolbelt py-pip \
  && pip install --upgrade pip \
  && pip install idna
@@ -12,3 +12,5 @@ EXPOSE 80/tcp 443/tcp 110/tcp 143/tcp 465/tcp 587/tcp 993/tcp 995/tcp 25/tcp 100
 VOLUME ["/certs"]
 
 CMD /start.py
+
+HEALTHCHECK CMD curl -k -f -L http://localhost/health || exit 1

core/nginx/conf/nginx.conf

@@ -34,6 +34,8 @@ http {
       ''      $scheme;
     }
 
+    # Disable the main http server when on kubernetes (port 80 and 443)
+    {% if KUBERNETES_INGRESS != 'true' %}
     # Main HTTP server
     server {
       # Variables for proxifying
@@ -48,8 +50,8 @@ http {
 
       # Only enable HTTPS if TLS is enabled with no error
       {% if TLS and not TLS_ERROR %}
-      listen 443 ssl;
-      listen [::]:443 ssl;
+      listen 443 ssl http2;
+      listen [::]:443 ssl http2;
 
       include /etc/nginx/tls.conf;
       ssl_session_cache shared:SSLHTTP:50m;
@@ -148,7 +150,12 @@ http {
         proxy_pass_request_body off;
         proxy_set_header Content-Length "";
       }
+
+      location /health {
+        return 204;
+      }
     }
+    {% endif %}
 
     # Forwarding authentication server
     server {

core/postfix/Dockerfile

@@ -12,3 +12,5 @@ EXPOSE 25/tcp 10025/tcp
 VOLUME ["/data"]
 
 CMD /start.py
+
+HEALTHCHECK --start-period=350s CMD echo QUIT|nc localhost 25|grep "220 .* ESMTP Postfix"