mirror of
https://github.com/stalwartlabs/mail-server.git
synced 2024-10-23 06:57:26 +00:00
v0.5.2
This commit is contained in:
parent
3a800aff7a
commit
d829b56571
9 changed files with 49 additions and 13 deletions
10
CHANGELOG.md
10
CHANGELOG.md
|
@ -2,12 +2,14 @@
|
|||
|
||||
All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/).
|
||||
|
||||
## [0.5.2] - 2024-01-xx
|
||||
## [0.5.2] - 2024-01-07
|
||||
|
||||
Please read the [UPGRADING.md](UPGRADING.md) file for more information on how to upgrade from previous versions.
|
||||
|
||||
## Added
|
||||
- ACME support for automatic TLS certificate generation and renewal.
|
||||
- TLS certificate hot-reloading.
|
||||
- HAProxy protocol support.
|
||||
- [ACME](https://stalw.art/docs/server/tls/acme) support for automatic TLS certificate generation and renewal (#160).
|
||||
- TLS certificate [hot-reloading](https://stalw.art/docs/management/database/maintenance#tls-certificate-reloading).
|
||||
- [HAProxy protocol](https://stalw.art/docs/server/proxy) support (#36).
|
||||
|
||||
### Changed
|
||||
|
||||
|
|
14
UPGRADING.md
14
UPGRADING.md
|
@ -1,4 +1,16 @@
|
|||
Upgrading from `v0.5.0` to `v0.5.x`
|
||||
Upgrading from `v0.5.1` to `v0.5.2`
|
||||
-----------------------------------
|
||||
|
||||
- Make sure that implicit TLS is enabled for the JMAP [listener](https://stalw.art/docs/server/listener) configured under `ets/jmap/listener.toml`:
|
||||
```toml
|
||||
[server.listener."jmap".tls]
|
||||
implicit = true
|
||||
```
|
||||
- Optional: Enable automatic TLS with [ACME](https://stalw.art/docs/server/tls/acme).
|
||||
- Replace the binary with the new version.
|
||||
- Restart the service.
|
||||
|
||||
Upgrading from `v0.5.0` to `v0.5.1`
|
||||
-----------------------------------
|
||||
|
||||
- Replace the binary with the new version.
|
||||
|
|
|
@ -111,9 +111,10 @@ enum SmtpDirectory {
|
|||
Imap,
|
||||
}
|
||||
|
||||
const DIRECTORIES: [[&str; 2]; 6] = [
|
||||
const DIRECTORIES: [[&str; 2]; 7] = [
|
||||
["bin", ""],
|
||||
["etc", "dkim"],
|
||||
["etc", "acme"],
|
||||
["data", "blobs"],
|
||||
["logs", ""],
|
||||
["queue", ""],
|
||||
|
|
|
@ -274,6 +274,7 @@ pub enum DirectoryError {
|
|||
NoTlsAlpn01Challenge,
|
||||
}
|
||||
|
||||
#[allow(unused_mut)]
|
||||
async fn https(
|
||||
url: impl AsRef<str>,
|
||||
method: Method,
|
||||
|
|
|
@ -93,12 +93,6 @@ impl Config {
|
|||
})
|
||||
.collect::<Vec<_>>();
|
||||
let cache = PathBuf::from(self.value_require(("acme", acme_id, "cache"))?);
|
||||
if !cache.exists() {
|
||||
std::fs::create_dir_all(&cache).map_err(|err| {
|
||||
format!("Failed to create ACME cache directory {:?}: {}", cache, err)
|
||||
})?;
|
||||
}
|
||||
|
||||
let renew_before: Duration =
|
||||
self.property_or_static(("acme", acme_id, "renew-before"), "30d")?;
|
||||
|
||||
|
|
|
@ -115,6 +115,8 @@ pub trait SessionManager: Sync + Send + 'static + Clone {
|
|||
tracing::debug!(
|
||||
context = "tls",
|
||||
event = "error",
|
||||
instance = session.instance.id,
|
||||
protocol = ?session.instance.protocol,
|
||||
remote.ip = session.remote_ip.to_string(),
|
||||
"Failed to accept TLS connection: {}",
|
||||
err
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
[server]
|
||||
hostname = "%{HOST}%"
|
||||
max-connections = 8192
|
||||
#proxy-trusted-networks = ["10.0.0.0/8", "127.0.0.0/8"]
|
||||
#proxy-trusted-networks = ["127.0.0.0/8", "::1", "10.0.0.0/8"]
|
||||
|
||||
[server.run-as]
|
||||
user = "stalwart-mail"
|
||||
|
|
6
tests/resources/docker/Docker.haproxy
Normal file
6
tests/resources/docker/Docker.haproxy
Normal file
|
@ -0,0 +1,6 @@
|
|||
# docker build -t test-haproxy -f Docker.haproxy .
|
||||
# docker run -it --rm --name haproxy-syntax-check test-haproxy haproxy -c -f /usr/local/etc/haproxy/haproxy.cfg
|
||||
# docker run -d -p 1111:1111 --name some-haproxy --sysctl net.ipv4.ip_unprivileged_port_start=0 test-haproxy
|
||||
|
||||
FROM haproxy:2.3
|
||||
COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
|
18
tests/resources/docker/haproxy.cfg
Normal file
18
tests/resources/docker/haproxy.cfg
Normal file
|
@ -0,0 +1,18 @@
|
|||
global
|
||||
log stdout format raw local0
|
||||
|
||||
defaults
|
||||
log global
|
||||
timeout connect 5000ms
|
||||
timeout client 50000ms
|
||||
timeout server 50000ms
|
||||
|
||||
frontend tcp_in
|
||||
bind *:1111
|
||||
mode tcp
|
||||
option tcplog
|
||||
default_backend tcp_out
|
||||
|
||||
backend tcp_out
|
||||
mode tcp
|
||||
server docker_server host.docker.internal:143 send-proxy
|
Loading…
Reference in a new issue