git subrepo commit (merge) mailcow/src/mailcow-dockerized

subrepo: subdir:   "mailcow/src/mailcow-dockerized"
  merged:   "c7b1dc37"
upstream: origin:   "https://github.com/mailcow/mailcow-dockerized.git"
  branch:   "master"
  commit:   "a366494c"
git-subrepo: version:  "0.4.6"
  origin:   "???"
  commit:   "???"
Change-Id: Id574ecd4e02e3c4fbf8a1efd49be11c0b6d19a3f
diff --git a/mailcow/src/mailcow-dockerized/helper-scripts/docker-compose.override.yml.d/EXTERNAL_MYSQL_SOCKET/docker-compose.override.yml b/mailcow/src/mailcow-dockerized/helper-scripts/docker-compose.override.yml.d/EXTERNAL_MYSQL_SOCKET/docker-compose.override.yml
index 7d4424e..f014ea6 100644
--- a/mailcow/src/mailcow-dockerized/helper-scripts/docker-compose.override.yml.d/EXTERNAL_MYSQL_SOCKET/docker-compose.override.yml
+++ b/mailcow/src/mailcow-dockerized/helper-scripts/docker-compose.override.yml.d/EXTERNAL_MYSQL_SOCKET/docker-compose.override.yml
@@ -26,6 +26,6 @@
         - /var/run/mysqld/mysqld.sock:/var/run/mysqld/mysqld.sock
 
     mysql-mailcow:
-      image: alpine:3.10
+      image: alpine:3.18
       command: /bin/true
       restart: "no"
diff --git a/mailcow/src/mailcow-dockerized/helper-scripts/expiry-dates.sh b/mailcow/src/mailcow-dockerized/helper-scripts/expiry-dates.sh
old mode 100644
new mode 100755
index 1554b70..ec2a63a
--- a/mailcow/src/mailcow-dockerized/helper-scripts/expiry-dates.sh
+++ b/mailcow/src/mailcow-dockerized/helper-scripts/expiry-dates.sh
@@ -3,10 +3,11 @@
 [[ -f mailcow.conf ]] && source mailcow.conf
 [[ -f ../mailcow.conf ]] && source ../mailcow.conf
 
-POSTFIX=$(echo | openssl s_client -connect ${MAILCOW_HOSTNAME}:25 -starttls smtp 2>/dev/null | openssl x509 -inform pem -noout -enddate | cut -d "=" -f 2)
-DOVECOT=$(echo | openssl s_client -connect ${MAILCOW_HOSTNAME}:143 -starttls imap 2>/dev/null | openssl x509 -inform pem -noout -enddate | cut -d "=" -f 2)
-NGINX=$(echo | openssl s_client -connect ${MAILCOW_HOSTNAME}:443 2>/dev/null | openssl x509 -inform pem -noout -enddate | cut -d "=" -f 2)
-echo TLS expiry dates:
-echo Postfix: ${POSTFIX}
-echo Dovecot: ${DOVECOT}
-echo Nginx: ${NGINX}
+POSTFIX=$(echo | openssl s_client -connect ${MAILCOW_HOSTNAME}:${SMTP_PORT} -starttls smtp 2>/dev/null | openssl x509 -inform pem -noout -enddate | cut -d "=" -f 2)
+DOVECOT=$(echo | openssl s_client -connect ${MAILCOW_HOSTNAME}:${IMAP_PORT} -starttls imap 2>/dev/null | openssl x509 -inform pem -noout -enddate | cut -d "=" -f 2)
+NGINX=$(echo | openssl s_client -connect ${MAILCOW_HOSTNAME}:${HTTPS_PORT} 2>/dev/null | openssl x509 -inform pem -noout -enddate | cut -d "=" -f 2)
+
+echo "TLS expiry dates:"
+echo "Postfix: ${POSTFIX}"
+echo "Dovecot: ${DOVECOT}"
+echo "Nginx:   ${NGINX}"
diff --git a/mailcow/src/mailcow-dockerized/helper-scripts/mailcow-reset-admin.sh b/mailcow/src/mailcow-dockerized/helper-scripts/mailcow-reset-admin.sh
index ee95d3e..ea8a4a4 100755
--- a/mailcow/src/mailcow-dockerized/helper-scripts/mailcow-reset-admin.sh
+++ b/mailcow/src/mailcow-dockerized/helper-scripts/mailcow-reset-admin.sh
@@ -19,7 +19,7 @@
 response=${response,,}    # tolower
 if [[ "$response" =~ ^(yes|y)$ ]]; then
 	echo -e "\nWorking, please wait..."
-  random=$(</dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-16})
+  random=$(</dev/urandom tr -dc _A-Z-a-z-0-9 2> /dev/null | head -c${1:-16})
   password=$(docker exec -it $(docker ps -qf name=dovecot-mailcow) doveadm pw -s SSHA256 -p ${random} | tr -d '\r')
 	docker exec -it $(docker ps -qf name=mysql-mailcow) mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DELETE FROM admin WHERE username='admin';"
   docker exec -it $(docker ps -qf name=mysql-mailcow) mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -e "DELETE FROM domain_admins WHERE username='admin';"
diff --git a/mailcow/src/mailcow-dockerized/helper-scripts/nextcloud.sh b/mailcow/src/mailcow-dockerized/helper-scripts/nextcloud.sh
index 16311fc..730e612 100755
--- a/mailcow/src/mailcow-dockerized/helper-scripts/nextcloud.sh
+++ b/mailcow/src/mailcow-dockerized/helper-scripts/nextcloud.sh
@@ -1,16 +1,25 @@
 #!/usr/bin/env bash
-NEXTCLOUD_VER="25"
+# renovate: datasource=github-releases depName=nextcloud/server versioning=semver extractVersion=^v(?<version>.*)$
+NEXTCLOUD_VERSION=27.1.2
 
-for bin in curl dirmngr; do
-  if [[ -z $(which ${bin}) ]]; then echo "Cannot find ${bin}, exiting..."; exit 1; fi
+echo -ne "Checking prerequisites..."
+sleep 1
+for bin in curl dirmngr tar bzip2; do
+  if [[ -z $(which ${bin}) ]]; then echo -ne "\r\033[31mCannot find ${bin}, exiting...\033[0m\n"; exit 1; fi
 done
+echo -ne "\r\033[32mFound all prerequisites! Continuing...\033[0m\n"
 
 [[ -z ${1} ]] && NC_HELP=y
 
 while [ "$1" != '' ]; do
+  if [[ $# -ne 1 ]]; then
+      echo -e "\033[31mPlease use only one parameter at the same time!\033[0m" >&2
+      exit 2
+  fi
   case "${1}" in
     -p|--purge) NC_PURGE=y && shift;;
     -i|--install) NC_INSTALL=y && shift;;
+    -u|--update)  NC_UPDATE=y && shift;;
     -r|--resetpw) NC_RESETPW=y && shift;;
     -h|--help) NC_HELP=y && shift;;
     *) echo "Unknown parameter: ${1}" && shift;;
@@ -21,13 +30,11 @@
   printf 'Usage:\n\n'
   printf '  -p|--purge\n    Purge Nextcloud\n'
   printf '  -i|--install\n    Install Nextcloud\n'
+  printf '  -u|--update\n    Update Nextcloud\n'
   printf '  -r|--resetpw\n    Reset password\n\n'
   exit 0
 fi
 
-[[ ${NC_PURGE} == "y" ]] && [[ ${NC_INSTALL} == "y" ]] && { echo "Cannot use -p and -i at the same time!"; exit 1; }
-[[ ${NC_PURGE} == "y" ]] && [[ ${NC_RESETPW} == "y" ]] && { echo "Cannot use -p and -r at the same time!"; exit 1; }
-
 SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 cd ${SCRIPT_DIR}/../
 source mailcow.conf
@@ -40,8 +47,27 @@
     exit 1
   fi
 
-  docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e \
-    "$(docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e "SELECT IFNULL(GROUP_CONCAT('DROP TABLE ', TABLE_SCHEMA, '.', TABLE_NAME SEPARATOR ';'),'SELECT NULL;') FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME LIKE 'oc_%' AND TABLE_SCHEMA = '${DBNAME}';" -BN)"
+  echo -e "\033[33mDetecting Database information...\033[0m"
+  if [[ $(docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e "Show databases" | grep "nextcloud") ]]; then
+    echo -e "\033[32mFound seperate Nextcloud database (newer scheme)!\033[0m"
+    echo -e "\033[31mPurging...\033[0m"
+    docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e "DROP DATABASE nextcloud;" > /dev/null
+    docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e "DROP USER 'nextcloud'@'%';" > /dev/null
+  elif [[ $(docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} mailcow -e "SHOW TABLES LIKE 'oc_%'") && $? -eq 0 ]]; then
+    echo -e "\033[32mFound Nextcloud (oc) tables inside of mailcow database (old scheme)!\033[0m"
+    echo -e "\033[31mPurging...\033[0m"
+    docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e \
+     "$(docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e "SELECT IFNULL(GROUP_CONCAT('DROP TABLE ', TABLE_SCHEMA, '.', TABLE_NAME SEPARATOR ';'),'SELECT NULL;') FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME LIKE 'oc_%' AND TABLE_SCHEMA = '${DBNAME}';" -BN)" > /dev/null
+  elif [[ $(docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} mailcow -e "SHOW TABLES LIKE 'nc_%'") && $? -eq 0 ]]; then
+    echo -e "\033[32mFound Nextcloud (nc) tables inside of mailcow database (old scheme)!\033[0m"
+    echo -e "\033[31mPurging...\033[0m"
+    docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e \
+     "$(docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e "SELECT IFNULL(GROUP_CONCAT('DROP TABLE ', TABLE_SCHEMA, '.', TABLE_NAME SEPARATOR ';'),'SELECT NULL;') FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME LIKE 'nc_%' AND TABLE_SCHEMA = '${DBNAME}';" -BN)" > /dev/null
+  else
+    echo -e "\033[31mError: No Nextcloud databases/tables found!"
+    echo -e "\033[33mNot purging anything...\033[0m"
+    exit 1
+  fi
   docker exec -it $(docker ps -f name=redis-mailcow -q) /bin/sh -c ' cat <<EOF | redis-cli
 SELECT 10
 FLUSHDB
@@ -57,9 +83,10 @@
 
   docker restart $(docker ps -aqf name=nginx-mailcow)
 
+  echo -e "\033[32mNextcloud has been uninstalled sucessfully!\033[0m"
+
 elif [[ ${NC_UPDATE} == "y" ]]; then
-  exit;
-  read -r -p "Are you sure you want to update Nextcloud? [y/N] " response
+  read -r -p "Are you sure you want to update Nextcloud (with Nextclouds own updater)? [y/N] " response
   response=${response,,}
   if [[ ! "$response" =~ ^(yes|y)$ ]]; then
     echo "OK, aborting."
@@ -67,23 +94,18 @@
   fi
 
   if [ ! -f data/web/nextcloud/occ ]; then
-    echo "Nextcloud occ not found. Is Nextcloud installed?"
+    echo -e "\033[31mError: Nextcloud occ not found. Is Nextcloud installed?\033[0m"
     exit 1
   fi
-  if ! grep -q 'installed: true' <<<$(docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "/web/nextcloud/occ --no-warnings status"); then
-    echo "Nextcloud seems not to be installed."
-    exit 1
-  elif ! grep -q 'version: 20\.' <<<$(docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "/web/nextcloud/occ --no-warnings status"); then
-    echo "Cannot upgrade to new major version, please update manually."
+  if grep -Pq 'This version of Nextcloud is not compatible with (?:PHP)?(?>=?)(?:PHP)?(?>.+)' <<<$(docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "/web/nextcloud/occ --no-warnings status"); then
+    echo -e "\033[31mError: This version of Nextcloud is not compatible with the current PHP version of php-fpm-mailcow, we'll fix it\033[0m"
+    wget -q https://raw.githubusercontent.com/nextcloud/server/v26.0.0/lib/versioncheck.php -O ./data/web/nextcloud/lib/versioncheck.php
+	echo -e "\e[33mPlease restart the update again.\e[0m"
+  elif ! grep -q 'installed: true' <<<$(docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "/web/nextcloud/occ --no-warnings status"); then
+    echo -e "\033[31mError: Nextcloud seems not to be installed.\033[0m"
     exit 1
   else
-    curl -L# -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-$NEXTCLOUD_VER.tar.bz2" || { echo "Failed to download Nextcloud archive."; exit 1; } \
-      && tar -xjf nextcloud.tar.bz2 -C ./data/web/ \
-      && rm nextcloud.tar.bz2 \
-      && mkdir -p ./data/web/nextcloud/data \
-      && chmod +x ./data/web/nextcloud/occ \
-       docker exec -it $(docker ps -f name=php-fpm-mailcow -q) bash -c "chown www-data:www-data -R /web/nextcloud" \
-       docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "/web/nextcloud/occ --no-warnings upgrade"
+    docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "php /web/nextcloud/updater/updater.phar"
   fi
 
 elif [[ ${NC_INSTALL} == "y" ]]; then
@@ -96,25 +118,48 @@
     [[ ! ${NC_CONT_FAIL,,} =~ ^(yes|y)$ ]] && { echo "Ok, exiting..."; exit 1; }
   fi
 
-  ADMIN_NC_PASS=$(</dev/urandom tr -dc A-Za-z0-9 | head -c 28)
-
-  curl -L# -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-$NEXTCLOUD_VER.tar.bz2" || { echo "Failed to download Nextcloud archive."; exit 1; } \
+  echo -e "\033[33mDownloading \033[34mNextcloud ${NEXTCLOUD_VERSION}\033[33m...\033[0m"
+  curl -L# -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-$NEXTCLOUD_VERSION.tar.bz2" || { echo "Failed to download Nextcloud archive."; exit 1; } \
     && tar -xjf nextcloud.tar.bz2 -C ./data/web/ \
     && rm nextcloud.tar.bz2 \
     && mkdir -p ./data/web/nextcloud/data \
     && chmod +x ./data/web/nextcloud/occ
 
+  echo -e "\033[33mCreating 'nextcloud' database...\033[0m"
+  NC_DBPASS=$(</dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28)
+  NC_DBUSER=nextcloud
+  NC_DBNAME=nextcloud
+
+  echo -ne "[1/3] Creating 'nextcloud' database"
+  docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e "CREATE DATABASE ${NC_DBNAME};"
+  sleep 2
+  echo -ne "\r[2/3] Creating 'nextcloud' database user"
+  docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e "CREATE USER '${NC_DBUSER}'@'%' IDENTIFIED BY '${NC_DBPASS}';"
+  sleep 2
+  echo -ne "\r[3/3] Granting 'nextcloud' user all permissions on database 'nextcloud'"
+  docker exec -it $(docker ps -f name=mysql-mailcow -q) mysql -uroot -p${DBROOT} -e "GRANT ALL PRIVILEGES ON ${NC_DBNAME}.* TO '${NC_DBUSER}'@'%';"
+  sleep 2
+
+  echo ""
+  echo -e "\033[33mInstalling Nextcloud...\033[0m"
+  ADMIN_NC_PASS=$(</dev/urandom tr -dc A-Za-z0-9 2> /dev/null | head -c 28)
+
+  echo -ne "[1/4] Setting correct permissions for www-data"
   docker exec -it $(docker ps -f name=php-fpm-mailcow -q) /bin/bash -c "chown -R www-data:www-data /web/nextcloud"
+  sleep 2
+  echo -ne "\r[2/4] Running occ maintenance:install to install Nextcloud"
   docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) /web/nextcloud/occ --no-warnings maintenance:install \
     --database mysql \
     --database-host mysql \
-    --database-name ${DBNAME} \
-    --database-user ${DBUSER} \
-    --database-pass ${DBPASS} \
+    --database-name ${NC_DBNAME} \
+    --database-user ${NC_DBUSER} \
+    --database-pass ${NC_DBPASS} \
     --admin-user admin \
     --admin-pass ${ADMIN_NC_PASS} \
-      --data-dir /web/nextcloud/data
+    --data-dir /web/nextcloud/data > /dev/null 2>&1
 
+  echo -ne "\r[3/4] Setting custom parameters inside the Nextcloud config file"
+  echo ""
   docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) bash -c "/web/nextcloud/occ --no-warnings config:system:set redis host --value=redis --type=string; \
     /web/nextcloud/occ --no-warnings config:system:set redis port --value=6379 --type=integer; \
     /web/nextcloud/occ --no-warnings config:system:set redis timeout --value=0.0 --type=integer; \
@@ -133,6 +178,8 @@
     /web/nextcloud/occ --no-warnings config:system:set mail_domain --value=${MAILCOW_HOSTNAME}; \
     /web/nextcloud/occ --no-warnings config:system:set mail_smtphost --value=postfix; \
     /web/nextcloud/occ --no-warnings config:system:set mail_smtpport --value=588; \
+    /web/nextcloud/occ --no-warnings config:system:set mail_smtpstreamoptions ssl verify_peer --value=false --type=boolean
+    /web/nextcloud/occ --no-warnings config:system:set mail_smtpstreamoptions ssl verify_peer_name --value=false --type=boolean
     /web/nextcloud/occ --no-warnings db:convert-filecache-bigint -n"
 
     # Not installing by default, broke too often
@@ -140,13 +187,28 @@
     #/web/nextcloud/occ --no-warnings config:system:set user_backends 0 arguments 0 --value={dovecot:143/imap/tls/novalidate-cert}; \
     #/web/nextcloud/occ --no-warnings config:system:set user_backends 0 class --value=OC_User_IMAP; \
 
+    echo -e "\r[4/4] Enabling Nginx Configuration"
     cp ./data/assets/nextcloud/nextcloud.conf ./data/conf/nginx/
     sed -i "s/NC_SUBD/${NC_SUBD}/g" ./data/conf/nginx/nextcloud.conf
+    sleep 2
 
-  echo "Restarting Nginx..."
+  echo ""
+  echo -e "\033[33mFinalizing installation...\033[0m"
   docker restart $(docker ps -aqf name=nginx-mailcow)
 
-  echo "Login as admin with password: ${ADMIN_NC_PASS}"
+  echo ""
+  echo "******************************************"
+  echo "*        SAVE THESE CREDENTIALS          *"
+  echo "*    INSTALL DATE: $(date +%Y-%m-%d_%H-%M-%S)   *"
+  echo "******************************************"
+  echo ""
+  echo -e "\033[36mDatabase name:      ${NC_DBNAME}\033[0m"
+  echo -e "\033[36mDatabase user:      ${NC_DBUSER}\033[0m"
+  echo -e "\033[36mDatabase password:  ${NC_DBPASS}\033[0m"
+  echo ""
+  echo -e "\033[31mUI admin password:  ${ADMIN_NC_PASS}\033[0m"
+  echo ""
+
 
 elif [[ ${NC_RESETPW} == "y" ]]; then
     printf 'You are about to set a new password for a Nextcloud user.\n\nDo not use this option if your Nextcloud is configured to use mailcow for authentication.\nSet a new password for the corresponding mailbox in mailcow, instead.\n\n'
@@ -162,5 +224,4 @@
       read -p "Enter the username: " NC_USER
     done
     docker exec -it -u www-data $(docker ps -f name=php-fpm-mailcow -q) /web/nextcloud/occ user:resetpassword ${NC_USER}
-
 fi
diff --git a/mailcow/src/mailcow-dockerized/helper-scripts/update_postscreen_whitelist.sh b/mailcow/src/mailcow-dockerized/helper-scripts/update_postscreen_whitelist.sh
index 8dd1b83..04335bd 100644
--- a/mailcow/src/mailcow-dockerized/helper-scripts/update_postscreen_whitelist.sh
+++ b/mailcow/src/mailcow-dockerized/helper-scripts/update_postscreen_whitelist.sh
@@ -6,7 +6,7 @@
 POSTWHITE_DIR=${WORKING_DIR}/postwhite
 POSTWHITE_CONF=${POSTWHITE_DIR}/postwhite.conf
 
-COSTOM_HOSTS="web.de gmx.net mail.de freenet.de arcor.de unity-mail.de"
+CUSTOM_HOSTS='"web.de gmx.net mail.de freenet.de arcor.de unity-mail.de"'
 STATIC_HOSTS=(
     "194.25.134.0/24 permit # t-online.de"
 )
@@ -19,16 +19,23 @@
     sudo sed -i "s@^\($1\s*=\s*\).*\$@\1$2@" ${POSTWHITE_CONF}
 }
 
-set_config custom_hosts ${COSTOM_HOSTS}
+set_config custom_hosts "${CUSTOM_HOSTS}"
 set_config reload_postfix no
 set_config postfixpath /.
 set_config spftoolspath ${WORKING_DIR}/spf-tools
 set_config whitelist .${SCRIPT_DIR}/../data/conf/postfix/postscreen_access.cidr
 set_config yahoo_static_hosts ${POSTWHITE_DIR}/yahoo_static_hosts.txt
 
+#Fix URL for Yahoo!: https://github.com/stevejenkins/postwhite/issues/59
+sudo sed -i \
+      -e 's#yahoo_url="https://help.yahoo.com/kb/SLN23997.html"#yahoo_url="https://senders.yahooinc.com/outbound-mail-servers/"#' \
+      -e 's#echo "ipv6:$line";#echo "ipv6:$line" | grep -v "ipv6:::";#' \
+      -e 's#`command -v wget`#`command -v skip-wget`#' \
+      ${POSTWHITE_DIR}/scrape_yahoo
+
 cd ${POSTWHITE_DIR}
 ./postwhite ${POSTWHITE_CONF}
 
 ( IFS=$'\n'; echo "${STATIC_HOSTS[*]}" >> "${SCRIPT_DIR}/../data/conf/postfix/postscreen_access.cidr")
 
-rm -r ${WORKING_DIR}
+rm -r ${WORKING_DIR}
\ No newline at end of file