From 32422d3f49e0f3480a19543d51e6911ddff47eb1 Mon Sep 17 00:00:00 2001 From: Luca Bosin Date: Tue, 23 Jul 2024 17:13:40 +0200 Subject: [PATCH] Improve GitHub user experience - Improve formatting of `AUTHORS.md`, `CONTRIBUTING.md`, `LICENSE.md`, `README.md` and `SECURITY.md` - Update wording to include `Mailu-OIDC`-related information in `AUTHORS.md`, `CONTRIBUTING.md`, `LICENSE.md`, `README.md`, `RELEASE_TEMPLATE.md`, `SECURITY.md` - Add OIDC setup guide to `README.md` - Switch from issue template to issue forms - Add pull-request templates --- .github/ISSUE_TEMPLATE/bug-report.yml | 108 ++++++++++++++++ .../ISSUE_TEMPLATE/enhancement-request.yml | 75 +++++++++++ .github/ISSUE_TEMPLATE/feature-request.yml | 61 +++++++++ .github/PULL_REQUEST_TEMPLATE/bug-fix.md | 22 ++++ .github/PULL_REQUEST_TEMPLATE/enhancement.md | 63 +++++++++ .github/PULL_REQUEST_TEMPLATE/new-feature.md | 59 +++++++++ AUTHORS.md | 5 +- CONTRIBUTING.md | 4 +- ISSUE_TEMPLATE.md | 81 ------------ LICENSE.md | 7 +- PULL_REQUEST_TEMPLATE.md | 16 --- README.md | 121 ++++++++++++++++-- RELEASE_TEMPLATE.md | 8 +- SECURITY.md | 19 ++- docs/assets/oidc.svg | 1 + 15 files changed, 524 insertions(+), 126 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE/bug-report.yml create mode 100644 .github/ISSUE_TEMPLATE/enhancement-request.yml create mode 100644 .github/ISSUE_TEMPLATE/feature-request.yml create mode 100644 .github/PULL_REQUEST_TEMPLATE/bug-fix.md create mode 100644 .github/PULL_REQUEST_TEMPLATE/enhancement.md create mode 100644 .github/PULL_REQUEST_TEMPLATE/new-feature.md delete mode 100644 ISSUE_TEMPLATE.md delete mode 100644 PULL_REQUEST_TEMPLATE.md create mode 100644 docs/assets/oidc.svg diff --git a/.github/ISSUE_TEMPLATE/bug-report.yml b/.github/ISSUE_TEMPLATE/bug-report.yml new file mode 100644 index 00000000..b63e877c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug-report.yml @@ -0,0 +1,108 @@ +name: Bug Report +description: File a bug report to report a problem with Mailu-OIDC. +title: "`TLS_FLAVOR=notls` not working / Redirect to provider's login page broken / ..." +labels: ["bug"] +assignees: ["encotric", "wombosvideo"] +body: + - type: markdown + attributes: + value: | + ## Bug Report + + Thank you for opening an issue with Mailu-OIDC. Please understand that bug reports are meant for bugs only. The bug report should provide clear replication steps and logs. + + Before you open your issue + + - Check if no issue or pull-request for this already exists. + - Check the [Mailu-OIDC](https://github.com/heviat/Mailu-OIDC) or [Mailu](https://mailu.io/master/) documentation and [FAQ](https://mailu.io/master/faq.html). (Tip, use the search function on the Mailu documentation page) + - You understand `Mailu-OIDC` is maintained by volunteers in their **free time** — be concise, civil and accept that delays can occur. + - The title of the issue should be short and simple. It should contain specific terms related to the actual issue. Be specific while writing the title. + + ## Environment & Version + - type: dropdown + id: version + attributes: + label: Version + description: "Use `docker ps -a | grep mailu | awk '{print $2}' | cut -d: -f2` to get the version you are running or `grep MAILU_VERSION docker-compose.yml mailu.env` from the config file." + options: + - '2024.06' + - 'master' + - Not sure + - Not listed + validations: + required: true + - type: dropdown + id: os + attributes: + label: Operating System + multiple: true + options: + - Linux + - Windows + - Mac + - Unlisted + - type: input + id: docker-compose-version + attributes: + label: Docker Compose Version + description: Run `docker compose version` to get the version. + placeholder: ex. v2.27.1-desktop.1 + validations: + required: false + - type: markdown + attributes: + value: | + If you are not using Docker Compose do not file any new issue here. + Kubernetes related issues belong to . There is no official support for Kubernetes in `Mailu-OIDC`. + If you are not using Docker Compose or Kubernetes, create a new thread on user support in [disussions](https://github.com/Mailu/Mailu/discussions/categories/user-support). + Non-bug reports (or bug reports that do not follow the template) are moved to [disussions](https://github.com/heviat/Mailu-OIDC/discussions). + + ## Bug Description + - type: textarea + id: description + attributes: + label: Description + description: Explain the bug in a few words. It should be clear what the unexpected behaviour is. Share it in an easy-to-understand language. + validations: + required: true + - type: textarea + id: replication + attributes: + label: Replication Steps + description: Provide a step-by-step guide to replicate the bug. This should be clear and concise. + placeholder: ex. 1. Go to '...' + value: | + 1. + 2. + 3. + validations: + required: true + - type: textarea + id: observed + attributes: + label: Observed Behaviour + description: What is the actual behaviour you observed? + validations: + required: true + - type: textarea + id: expected + attributes: + label: Expected Behaviour + description: What is the expected behaviour? + validations: + required: true + - type: markdown + attributes: + value: | + ## Diagnostic Information + - type: textarea + id: logs + attributes: + label: Relevant log output + description: | + You can get the logs via `docker logs --tail 1000`. + For example for the admin container: `docker logs mailu_admin_1 --tail 1000` + or using docker compose `docker compose -f /mailu/docker-compose.yml logs --tail 1000 admin` + + If you can find the relevant section, please share only the parts that seem relevant. + render: shell diff --git a/.github/ISSUE_TEMPLATE/enhancement-request.yml b/.github/ISSUE_TEMPLATE/enhancement-request.yml new file mode 100644 index 00000000..afec0801 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/enhancement-request.yml @@ -0,0 +1,75 @@ +name: Enhancement Request +description: File an enhancement request to suggest improvements to existing functionality. +title: "Allow changing the OIDC login button color / Improve the setup documentation / ..." +labels: ["enhancement"] +assignees: ["encotric", "wombosvideo"] +body: + - type: markdown + attributes: + value: | + ## Enhancement Request + + Thank you for opening an issue with Mailu-OIDC. Please understand that enhancement requests are meant for enhancements to existing functionality only. The enhancement request should provide clear details of the enhancement and the reason for the enhancement. + + Before you open your issue + + - Check if no issue or pull-request for this already exists. + - Check the [Mailu-OIDC](https://github.com/heviat/Mailu-OIDC) or [Mailu](https://mailu.io/master/) documentation and [FAQ](https://mailu.io/master/faq.html). (Tip, use the search function on the Mailu documentation page) + - You understand `Mailu-OIDC` is maintained by volunteers in their **free time** — be concise, civil and accept that delays can occur. + - The title of the issue should be short and simple. It should contain specific terms related to the actual enhancement. Be specific while writing the title. + + ## Environment & Version + - type: dropdown + id: version + attributes: + label: Version + description: "Use `docker ps -a | grep mailu | awk '{print $2}' | cut -d: -f2` to get the version you are running or `grep MAILU_VERSION docker-compose.yml mailu.env` from the config file." + options: + - '2024.06' + - 'master' + - Not sure + - Not listed + validations: + required: true + - type: markdown + attributes: + value: | + Keep in mind that enhancements will be considered for the latest version of Mailu-OIDC. If you are not using the latest version, please upgrade before filing an enhancement request. + + ## Enhancement Description + - type: textarea + id: problem + attributes: + label: Related Problem + description: If your enhancement request is related to a problem, please provide a clear and concise description of what the problem is. + - type: textarea + id: improvement + attributes: + label: Improvement Description + description: Explain the enhancement in a few sentences. What should be changed or added? + validations: + required: true + - type: textarea + id: alternatives + attributes: + label: Alternatives + description: If applicable, describe any alternative solutions or features you've considered. + - type: markdown + attributes: + value: | + ## Additional Information + - type: textarea + id: implementation + attributes: + label: Implementation Details + description: If you have an idea of how the enhancement could be implemented, please provide details here. + - type: textarea + id: additional + attributes: + label: Additional Context + description: Add any other context about the enhancement request here. + - type: textarea + id: screenshots + attributes: + label: Screenshots + description: If applicable, add screenshots to help explain the enhancement request. This can be a screenshot of the current behavior or a mockup of the desired behavior. diff --git a/.github/ISSUE_TEMPLATE/feature-request.yml b/.github/ISSUE_TEMPLATE/feature-request.yml new file mode 100644 index 00000000..cf89c69d --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature-request.yml @@ -0,0 +1,61 @@ +name: Feature Request +description: File a feature request to suggest new functionality. +title: "Allow setting up multiple OIDC providers / Allow configuring OIDC from the admin panel / ..." +labels: ["enhancement"] +assignees: ["encotric", "wombosvideo"] +body: + - type: markdown + attributes: + value: | + ## Feature Request + + Thank you for opening an issue with Mailu-OIDC. Please understand that feature requests are meant for requesting new functionality only. The feature request should provide clear details of the new feature and the reason for the implementation. + + Before you open your issue + + - Check if no issue or pull-request for this already exists. + - Check the [Mailu-OIDC](https://github.com/heviat/Mailu-OIDC) or [Mailu](https://mailu.io/master/) documentation and [FAQ](https://mailu.io/master/faq.html). (Tip, use the search function on the Mailu documentation page) + - You understand `Mailu-OIDC` is maintained by volunteers in their **free time** — be concise, civil and accept that delays can occur. + - The title of the issue should be short and simple. It should contain specific terms related to the actual enhancement. Be specific while writing the title. + + ## Environment & Version + + Keep in mind that new features will be considered for the latest version of Mailu-OIDC only. They will not be backported to older versions. + + ## Feature Description + - type: textarea + id: problem + attributes: + label: Related Problem + description: If your feature request is related to a problem, please provide a clear and concise description of what the problem is. + - type: textarea + id: improvement + attributes: + label: Improvement Description + description: Explain the feature in a few sentences. What should be implemented? Why is it important? + validations: + required: true + - type: textarea + id: alternatives + attributes: + label: Alternatives + description: If applicable, describe any alternative solutions or features you've considered. + - type: markdown + attributes: + value: | + ## Additional Information + - type: textarea + id: implementation + attributes: + label: Implementation Details + description: If you have an idea of how the feature could be implemented, please provide details here. + - type: textarea + id: additional + attributes: + label: Additional Context + description: Add any other context about the feature request here. + - type: textarea + id: screenshots + attributes: + label: Inspirational Screenshots + description: If applicable, add screenshots to help explain the feature request. This can be a mockup of the desired behavior or screenshots from other software. diff --git a/.github/PULL_REQUEST_TEMPLATE/bug-fix.md b/.github/PULL_REQUEST_TEMPLATE/bug-fix.md new file mode 100644 index 00000000..a80dec54 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE/bug-fix.md @@ -0,0 +1,22 @@ +## Bug Fix + + + +This pull request fixes the following issue(s): + +- closes #000 + +## Details of Implementation + + +## Checklist + +Before we can consider review and merge, please make sure the following list is done and checked. + +- [ ] Make sure you follow our [Code of Conduct](https://github.com/heviat/Mailu-OIDC/blob/master/CODE_OF_CONDUCT.md). +- [ ] This fix is tested and works as expected. +- [ ] This fix does not break any existing functionality. +- [ ] This fix does not introduce any new functionality[^1]. +- [ ] Unless it's a minor change: add a [Changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file. + +[^1]: If this pull request introduces new functionality or enhances existing functionality, please create a new-feature or enhancement pull request instead. diff --git a/.github/PULL_REQUEST_TEMPLATE/enhancement.md b/.github/PULL_REQUEST_TEMPLATE/enhancement.md new file mode 100644 index 00000000..3da286d1 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE/enhancement.md @@ -0,0 +1,63 @@ +## Enhancement + +This pull request enhances the following feature(s): + +- Your enhancement here. closes #000 + +## Details of Implementation + +### What's new + + + +### Breaking changes + + + +### Previous behavior + + + +## Checklist + +Before we can consider review and merge, please make sure the following list is done and checked. + +- [ ] Make sure you follow our [Code of Conduct](https://github.com/heviat/Mailu-OIDC/blob/master/CODE_OF_CONDUCT.md). +- [ ] This enhancement is tested and works as expected. +- [ ] This enhancement modifies existing functionality[^1]. +- [ ] This enhancement does not break any existing functionality, or breaks it intentionally (documented above). +- [ ] Add a [Changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file. + +[^1]: If this pull request introduces new functionality, please create a new-feature pull request instead. If it only fixes a bug but does not otherwise modify behaviour, please create a bug-fix pull request instead. diff --git a/.github/PULL_REQUEST_TEMPLATE/new-feature.md b/.github/PULL_REQUEST_TEMPLATE/new-feature.md new file mode 100644 index 00000000..f2bd5302 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE/new-feature.md @@ -0,0 +1,59 @@ +## New Feature + +This pull request adds the following feature(s): + +- Your feature here. closes #000 + +## Details of Implementation + +### What's new + + + +### Breaking changes + + + +### Previous behavior + + + +## Checklist + +Before we can consider review and merge, please make sure the following list is done and checked. + +- [ ] Make sure you follow our [Code of Conduct](https://github.com/heviat/Mailu-OIDC/blob/master/CODE_OF_CONDUCT.md). +- [ ] This new feature is tested and works as expected. +- [ ] This new feature introduces new functionality[^1]. +- [ ] This enhancement does not break any existing functionality, or breaks it intentionally (documented above). +- [ ] Unless it's a minor change: Add a [Changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file. + +[^1]: If this pull request enhances existing functionality, please create an enhancement pull request instead. For bug fixes, create a bug-fix pull request instead. diff --git a/AUTHORS.md b/AUTHORS.md index 3e8bf0c1..8ba17136 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -1,6 +1,9 @@ +# Contributors + Most contributors are listed on Github at: - https://github.com/Mailu/Mailu/graphs/contributors +[Mailu Contributors Graph](https://github.com/Mailu/Mailu/graphs/contributors) +and [Mailu-OIDC Contributors Graph](https://github.com/heviat/Mailu-OIDC/graphs/contributors) If you contribute time, code or resources to the project, feel free to add your name, pseudonym, and any contact information you feel is relevant to diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index fca178b8..67e0e0cb 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,6 +1,8 @@ +# Contributing to Mailu-OIDC + This project is open source, and your contributions are all welcome. There are mostly three different ways one can contribute to the project: -1. use Mailu, either on test or on production instances, and report meaningful bugs when you find some; +1. use Mailu-OIDC, either on test or on production instances, and report meaningful bugs when you find some; 2. contribute code and/or configuration to the repository (see [the development guidelines](https://mailu.io/master/contributors/workflow.html) for details); 3. contribute localization to your native language (see [the localization docs](https://mailu.io/master/contributors/localization.html) for details); diff --git a/ISSUE_TEMPLATE.md b/ISSUE_TEMPLATE.md deleted file mode 100644 index f015250e..00000000 --- a/ISSUE_TEMPLATE.md +++ /dev/null @@ -1,81 +0,0 @@ - - -## Environment & Version - -- `docker compose version` -- Version: `master` - - - -If you are not using docker compose do not file any new issue here. -Kubernetes related issues belong to https://github.com/Mailu/helm-charts/issues -If you are not using docker compose or kubernetes, create a new thread on user support in [disussions](https://github.com/Mailu/Mailu/discussions/categories/user-support). -Non-bug reports (or bug reports that do not follow the template) are moved to [disussions](https://github.com/Mailu/Mailu/discussions). - -## Description - - -## Replication Steps - - -## Observed behaviour - - -## Expected behaviour - - -## Logs - diff --git a/LICENSE.md b/LICENSE.md index d44642ec..04735be8 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,10 +1,11 @@ -MIT License +# MIT License -Copyright (c) 2016 All Mailu contributors at the date +Copyright (c) 2024 All Mailu-OIDC or Mailu contributors at the date This software consists of voluntary contributions made by multiple individuals. For exact contribution history, see the revision history available at -https://github.com/Mailu/Mailu + + Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/PULL_REQUEST_TEMPLATE.md b/PULL_REQUEST_TEMPLATE.md deleted file mode 100644 index fc3b6b61..00000000 --- a/PULL_REQUEST_TEMPLATE.md +++ /dev/null @@ -1,16 +0,0 @@ -## What type of PR? - -(Feature, enhancement, bug-fix, documentation) - -## What does this PR do? - -### Related issue(s) -- Mention an issue like: #001 -- Auto close an issue like: closes #001 - -## Prerequisites -Before we can consider review and merge, please make sure the following list is done and checked. -If an entry in not applicable, you can check it or remove it from the list. - -- [ ] In case of feature or enhancement: documentation updated accordingly -- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file. diff --git a/README.md b/README.md index 3eb10374..a163739c 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,16 @@ -

Mailu

+ +

+ Mailu + + + OIDC +

+

Mailu-OIDC

+

+ Multi-container mail server landscape
+ featuring OpenID Connect authentication +

+--- Mailu is a simple yet full-featured mail server as a set of Docker images. It is free software (both as in free beer and as in free speech), open to @@ -8,12 +19,17 @@ with an easily setup, easily maintained and full-featured mail server while not shipping proprietary software nor unrelated features often found in popular groupware. -Most of the documentation is available on our [Website](https://mailu.io), -you can also [try our demo server](https://mailu.io/master/demo.html) -before setting up your own, and come [talk to us on Matrix](https://matrix.to/#/#mailu:tedomum.net). +Most of the documentation is available [below](#getting-started), and on the [Mailu Website](https://mailu.io). -Features -======== +> [!NOTE] +> This fork is extended by an OpenID Connect implementation to enable single +> sign-on user session handling and authentication using OIDC providers. The +> fork is maintained by [Heviat](https://heviat.com), a German cloud computing +> company based in Potsdam. Feel free to contribute to this repository! + +## Features + +![Domains](docs/assets/screenshots/domains.png) Main features include: @@ -25,13 +41,98 @@ Main features include: - **Security**, enforced TLS, DANE, MTA-STS, Letsencrypt!, outgoing DKIM, anti-virus scanner, [Snuffleupagus](https://github.com/jvoisin/snuffleupagus/), block malicious attachments - **Antispam**, auto-learn, greylisting, DMARC and SPF, anti-spoofing - **Freedom**, all FOSS components, no tracker included +- **Integration** with OpenID Connect providers for single sign-on -![Domains](docs/assets/screenshots/domains.png) +## Getting Started -Contributing -============ +### Quick Overview -Mailu is free software, open to suggestions and contributions. All +1. Check the [Docker Compose Requirements](https://mailu.io/2024.06/compose/requirements.html) +2. Create your installation directory (e.g. `mkdir /mailu && cd /mailu`) +3. Generate a `docker-compose.yml` file and a `mailu.env` file using the + [Mailu Configuration Assistant](https://setup.mailu.io/2024.06/). +4. Replace all `mailu` docker images with `heviat/mailu-oidc` in the `docker-compose.yml` file. See [details below](#replacing-docker-images). +5. Add the [required OIDC environment variables](#setting-up-variables) to the `mailu.env` file +6. Continue with the official setup guide [from here](https://mailu.io/2024.06/compose/setup.html#tls-certificates) + +### Replacing Docker Images + +Every Docker image from the organization [`mailu`](https://hub.docker.com/u/mailu) +must be replaced with an image from the organization [`heviat`](https://github.com/orgs/heviat/packages) +at GitHub Container Registry - e.g. [`mailu/admin`](https://hub.docker.com/r/mailu/admin) +becomes [`ghcr.io/heviat/admin`](https://ghcr.io/heviat/admin). To do so, you +can simply place a `.env` file in the project directory and set `DOCKER_ORG` +and `MAILU_VERSION` environment variables matching our Docker images: + +Example `.env` file: + +```properties +DOCKER_ORG=ghcr.io/heviat +MAILU_VERSION=2024.06 +``` + +### Setting Up Variables + +To enable OpenID Connect authentication, the following additional configuration +properties are needed in `mailu.env`: + +| Property Name | Description | Example | +| --------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `OIDC_ENABLED` | Enable OpenID Connect | `True` \| `False` | +| `OIDC_PROVIDER_INFO_URL` | OpenID Connect provider configuration url (aka. _well-known_ url) | [https://`host`:`port`/auth/realms/`realm`/.well-known/openid-configuration]() | +| `OIDC_REDIRECT_URL` | OpenID Connect custom redirect URL if HOSTNAME not matching your login url | [https://`host`]() | +| `OIDC_CLIENT_ID` | OpenID Connect Client ID for Mailu | `6779ef20e75817b79602` | +| `OIDC_CLIENT_SECRET` | OpenID Connect Client Secret for Mailu | `3d66bbd6d0a69af62de7...` | +| `OIDC_BUTTON_NAME` | Label text for the "login-with-OpenID" button | `OpenID Connect` | +| `OIDC_VERIFY_SSL` | Disable TLS certificate verification for the OIDC client | `True` \| `False` | +| `OIDC_CHANGE_PASSWORD_REDIRECT_ENABLED` | If enabled, OIDC users will have an button to get redirect to their OIDC provider to change their password | `True` \| `False` | +| `OIDC_CHANGE_PASSWORD_REDIRECT_URL` | Defaults to provider issuer url appended by `/.well-known/password-change`. | [https://`host`/pw-change]() | + +Here is a snippet for easy copy paste: + +```properties +################################### +# OpenID Connect settings +################################### + +# Enable OpenID Connect. Possible values: True, False +OIDC_ENABLED=True +# OpenID Connect provider configuration URL +OIDC_PROVIDER_INFO_URL=https://:/auth/realms/.well-known/openid-configuration +# OpenID redirect URL if HOSTNAME not matching your login url +OIDC_REDIRECT_URL=https://mail.example.com +# OpenID Connect Client ID for Mailu +OIDC_CLIENT_ID= +# OpenID Connect Client secret for Mailu +OIDC_CLIENT_SECRET= +# Label text for OpenID Connect login button. Default: OpenID Connect +OIDC_BUTTON_NAME=OpenID Connect +# Disable TLS certificate verification for the OIDC client. Possible values: True, False +OIDC_VERIFY_SSL=True +# Enable redirect to OIDC provider for password change. Possible values: True, False +OIDC_CHANGE_PASSWORD_REDIRECT_ENABLED=True +# Redirect URL for password change. Defaults to provider issuer url appended by /.well-known/password-change +OIDC_CHANGE_PASSWORD_REDIRECT_URL=https://oidc.example.com/pw-change +``` + +### Signing In + +Click on the "OpenID Connect" button[^1] on the login page to sign in with your +OpenID Connect provider. You will be redirected to the provider's login page +where you can sign in with your credentials. After successful authentication, +you will be redirected to the Mailu admin panel. + +[^1]: If you don't see the "OpenID Connect" button, make sure you have set up + the OIDC environment variables correctly in the `mailu.env` file. + +Use the button in the sidebar to open your mailbox on the web. Set up a user +token to sign in to external email clients like Thunderbird or Outlook. See +[Authentication tokens](https://mailu.io/2024.06/webadministration.html#authentication-tokens) +in the Mailu documentation for more information. + +## Contributing + +Mailu-OIDC is free software, open to suggestions and contributions. All components are free software and compatible with the MIT license. All specific configuration files, Dockerfiles and code are placed under the MIT license. diff --git a/RELEASE_TEMPLATE.md b/RELEASE_TEMPLATE.md index 2aa2b0d7..0a3db84d 100644 --- a/RELEASE_TEMPLATE.md +++ b/RELEASE_TEMPLATE.md @@ -1,9 +1,9 @@ -This is a new automatic release of Mailu. The new version can be seen in the tag name. -The main version X.Y (e.g. 2.1) will always reflect the latest version of the branch. To update your Mailu installation simply pull the latest images `docker compose pull && docker compose up -d`. -The pinned version X.Y.Z (e.g. 2.1.1) is not updated. It is pinned to the commit that was used for creating this release. You can use a pinned version to make sure your Mailu installation is not suddenly updated when recreating containers. The pinned version allows the user to manually update. It also allows to go back to a previous pinned version. +This is a new automatic release of Mailu-OIDC. The new version can be seen in the tag name. +The main version X.Y (e.g. 2024.06) will always reflect the latest version of the branch. To update your Mailu-OIDC installation simply pull the latest images `docker compose pull && docker compose up -d`. +The pinned version X.Y.Z (e.g. 2024.06.1) is not updated. It is pinned to the commit that was used for creating this release. You can use a pinned version to make sure your Mailu installation is not suddenly updated when recreating containers. The pinned version allows the user to manually update. It also allows to go back to a previous pinned version. To check what was changed: -- Go to https://github.com/Mailu/Mailu/tree/master/towncrier/newsfragments + - Change the branch to the tag of this release. - Read the news fragment files to check what was changed. diff --git a/SECURITY.md b/SECURITY.md index c191e6e4..368aba31 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,17 +2,16 @@ ## Supported Versions -Only the latest version is supported. When in doubt visit mailu.io or setup.mailu.io. These pages always show the current version. -Master is the development branch. Security issues can be reported for this branch as well, but it is not advised to use master for production purposes. +Only the latest version is supported. Security issues can be reported for the `master` branch as well, but it is not advised to use `master` for production purposes. - -| Version | Supported | -| ------- | ------------------ | -| master | :white_check_mark: | -| current version | :white_check_mark: | -| < current version | :x: | +| Version | Supported | +| --------------------------------------------------------------- | ---------------------- | +| `master` | :white_check_mark: Yes | +| [latest release](https://github.com/heviat/Mailu-OIDC/releases) | :white_check_mark: Yes | +| < latest version | :x: No | ## Reporting a Vulnerability -Severe security issues can be reported via security @ mailu.io . -For Minor security issues create an issue in the Mailu/Mailu repository. +Severe security issues with the OIDC implementation can be reported using the contact information on our [website](https://heviat.com/legal/imprint) or [GitHub organization page](https://github.com/heviat/). +Other severe security issues can be reported via security @ mailu.io . +For Minor security issues [create an issue](https://github.com/Mailu/Mailu/issues/new?title=Security+issue) in the Mailu/Mailu repository. diff --git a/docs/assets/oidc.svg b/docs/assets/oidc.svg new file mode 100644 index 00000000..9391e7ea --- /dev/null +++ b/docs/assets/oidc.svg @@ -0,0 +1 @@ + \ No newline at end of file