[SOGo] Fix draft folder creation by adding /var/spool/sogo directory

[Watchdog] Fix Nagios MariaDB client SSL compatibility with Alpine 3.23

_modules/scripts/new_options.sh

@@ -64,7 +64,7 @@ adapt_new_options() {
 
   sed -i --follow-symlinks '$a\' mailcow.conf
   for option in ${CONFIG_ARRAY[@]}; do
-    if grep -q "${option}" mailcow.conf; then
+    if grep -q "^#\?${option}=" mailcow.conf; then
       continue
     fi
 
@@ -302,7 +302,7 @@ adapt_new_options() {
             ;;
         ACME_DNS_PROVIDER)
             echo '# DNS provider for DNS-01 challenge (e.g. dns_cf, dns_azure, dns_gd, etc.)' >> mailcow.conf
-            echo '# See the dns-101 provider documentation for more information.' >> mailcow.conf
+            echo '# See the dns-01 provider documentation for more information.' >> mailcow.conf
             echo 'ACME_DNS_PROVIDER=dns_xxx' >> mailcow.conf
             ;;
         ACME_ACCOUNT_EMAIL)

data/Dockerfiles/acme/load-dns-config.sh

@@ -7,7 +7,7 @@ else
   __dns_loader_standalone=0
 fi
 
-CONFIG_PATH="${ACME_DNS_CONFIG_FILE:-/etc/acme/dns-101.conf}"
+CONFIG_PATH="${ACME_DNS_CONFIG_FILE:-/etc/acme/dns-01.conf}"
 
 if [[ ! -f "${CONFIG_PATH}" ]]; then
   if [[ $__dns_loader_standalone -eq 1 ]]; then

data/Dockerfiles/acme/obtain-certificate-dns.sh

@@ -12,7 +12,7 @@ CERT_DOMAINS=(${DOMAINS[@]})
 CERT_DOMAIN=${CERT_DOMAINS[0]}
 ACME_BASE=/var/lib/acme
 
-# Load optional DNS provider secrets from /etc/acme/dns-101.conf
+# Load optional DNS provider secrets from /etc/acme/dns-01.conf
 if [[ -f /srv/load-dns-config.sh ]]; then
   source /srv/load-dns-config.sh
   if declare -F log_f >/dev/null; then

data/Dockerfiles/sogo/Dockerfile

@@ -146,8 +146,8 @@ RUN echo "/usr/lib64" > /etc/ld.so.conf.d/sogo.conf \
 # Create sogo user and group
 RUN groupadd -r -g 999 sogo \
   && useradd -r -u 999 -g sogo -d /var/lib/sogo -s /bin/bash -c "SOGo Daemon" sogo \
-  && mkdir -p /var/lib/sogo /var/run/sogo /var/log/sogo \
-  && chown -R sogo:sogo /var/lib/sogo /var/run/sogo /var/log/sogo
+  && mkdir -p /var/lib/sogo /var/run/sogo /var/log/sogo /var/spool/sogo \
+  && chown -R sogo:sogo /var/lib/sogo /var/run/sogo /var/log/sogo /var/spool/sogo
 
 # Create symlinks for SOGo binaries
 RUN ln -s /usr/local/sbin/sogod /usr/sbin/sogod \

data/Dockerfiles/watchdog/Dockerfile

@@ -37,5 +37,6 @@ RUN apk add --update \
 COPY watchdog.sh /watchdog.sh
 COPY check_mysql_slavestatus.sh /usr/lib/nagios/plugins/check_mysql_slavestatus.sh
 COPY check_dns.sh /usr/lib/mailcow/check_dns.sh
+COPY client.cnf /etc/my.cnf.d/client.cnf
 
 CMD ["/watchdog.sh"]

data/Dockerfiles/watchdog/client.cnf

@@ -0,0 +1,3 @@
+[client]
+ssl = false
+ssl-verify-server-cert = false

data/Dockerfiles/watchdog/watchdog.sh

@@ -38,7 +38,7 @@ if [[ ! -p /tmp/com_pipe ]]; then
 fi
 
 # Wait for containers
-while ! mariadb-admin status --ssl=false --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
+while ! mariadb-admin status --skip-ssl --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
   echo "Waiting for SQL..."
   sleep 2
 done
@@ -359,8 +359,8 @@ mysql_checks() {
   while [ ${err_count} -lt ${THRESHOLD} ]; do
     touch /tmp/mysql-mailcow; echo "$(tail -50 /tmp/mysql-mailcow)" > /tmp/mysql-mailcow
     err_c_cur=${err_count}
-    /usr/lib/nagios/plugins/check_mysql -s /var/run/mysqld/mysqld.sock -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} 2>> /tmp/mysql-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
-    /usr/lib/nagios/plugins/check_mysql_query -s /var/run/mysqld/mysqld.sock -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} -q "SELECT COUNT(*) FROM information_schema.tables" 2>> /tmp/mysql-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
+    /usr/lib/nagios/plugins/check_mysql -f /etc/my.cnf.d/client.cnf -s /var/run/mysqld/mysqld.sock -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} 2>> /tmp/mysql-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
+    /usr/lib/nagios/plugins/check_mysql_query -f /etc/my.cnf.d/client.cnf -s /var/run/mysqld/mysqld.sock -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} -q "SELECT COUNT(*) FROM information_schema.tables" 2>> /tmp/mysql-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
     [ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
     [ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
     progress "MySQL/MariaDB" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
@@ -384,7 +384,7 @@ mysql_repl_checks() {
   while [ ${err_count} -lt ${THRESHOLD} ]; do
     touch /tmp/mysql_repl_checks; echo "$(tail -50 /tmp/mysql_repl_checks)" > /tmp/mysql_repl_checks
     err_c_cur=${err_count}
-    /usr/lib/nagios/plugins/check_mysql_slavestatus.sh -S /var/run/mysqld/mysqld.sock -u root -p ${DBROOT} 2>> /tmp/mysql_repl_checks 1>&2; err_count=$(( ${err_count} + $? ))
+    /usr/lib/nagios/plugins/check_mysql_slavestatus.sh -o /etc/my.cnf.d/client.cnf -S /var/run/mysqld/mysqld.sock -u root -p ${DBROOT} 2>> /tmp/mysql_repl_checks 1>&2; err_count=$(( ${err_count} + $? ))
     [ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
     [ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
     progress "MySQL/MariaDB replication" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}

docker-compose.yml

@@ -200,7 +200,7 @@ services:
             - phpfpm
 
     sogo-mailcow:
-      image: ghcr.io/mailcow/sogo:5.12.5-1
+      image: ghcr.io/mailcow/sogo:5.12.5-2
       environment:
         - DBNAME=${DBNAME}
         - DBUSER=${DBUSER}
@@ -526,7 +526,7 @@ services:
         - /lib/modules:/lib/modules:ro
 
     watchdog-mailcow:
-      image: ghcr.io/mailcow/watchdog:2.10
+      image: ghcr.io/mailcow/watchdog:2.11
       dns:
         - ${IPV4_NETWORK:-172.22.1}.254
       tmpfs:

generate_config.sh

@@ -299,7 +299,7 @@ ACME_DNS_CHALLENGE=n
 ACME_DNS_PROVIDER=dns_xxx
 ACME_ACCOUNT_EMAIL=me@example.com
 # You will need to pass provider-specific environment variables to the acme-mailcow container.
-# See the dns-101 provider documentation for more information.
+# See the dns-01 provider documentation for more information.
 # for example for Azure DNS:
 #AZUREDNS_SUBSCRIPTIONID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
 #AZUREDNS_TENANTID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

update.sh

@@ -19,30 +19,48 @@ if [ ! -f "${PWD}/mailcow.conf" ]; then
 fi
 BRANCH="$(cd "${SCRIPT_DIR}" && git rev-parse --abbrev-ref HEAD)"
 
+# Check for --dev flag early to skip _modules update
+for arg in "$@"; do
+  if [[ "$arg" == "--dev" || "$arg" == "-d" ]]; then
+    echo -e "\e[32mRunning in Developer mode...\e[0m"
+    DEV=y
+    break
+  fi
+done
+
 MODULE_DIR="${SCRIPT_DIR}/_modules"
-# Calculate hash before fetch
-if [[ -d "${MODULE_DIR}" && -n "$(ls -A "${MODULE_DIR}" 2>/dev/null)" ]]; then
-  MODULES_HASH_BEFORE=$(find "${MODULE_DIR}" -type f -exec sha256sum {} \; 2>/dev/null | sort | sha256sum | awk '{print $1}')
+
+if [ ! "$DEV" ]; then
+  # Calculate hash before fetch
+  if [[ -d "${MODULE_DIR}" && -n "$(ls -A "${MODULE_DIR}" 2>/dev/null)" ]]; then
+    MODULES_HASH_BEFORE=$(find "${MODULE_DIR}" -type f -exec sha256sum {} \; 2>/dev/null | sort | sha256sum | awk '{print $1}')
+  else
+    MODULES_HASH_BEFORE="EMPTY"
+  fi
+
+  echo -e "\e[33mFetching latest _modules from origin/${BRANCH}…\e[0m"
+  git fetch origin "${BRANCH}"
+  git checkout "origin/${BRANCH}" -- _modules
+
+  if [[ ! -d "${MODULE_DIR}" || -z "$(ls -A "${MODULE_DIR}")" ]]; then
+    echo -e "\e[31mError: _modules is still missing or empty after fetch!\e[0m"
+    exit 2
+  fi
+
+  # Calculate hash after fetch
+  MODULES_HASH_AFTER=$(find "${MODULE_DIR}" -type f -exec sha256sum {} \; 2>/dev/null | sort | sha256sum | awk '{print $1}')
+
+  # Check if modules changed
+  if [[ "${MODULES_HASH_BEFORE}" != "${MODULES_HASH_AFTER}" ]]; then
+    echo -e "\e[33m_modules have been updated. Please restart the update script.\e[0m"
+    exit 2
+  fi
 else
-  MODULES_HASH_BEFORE="EMPTY"
-fi
-
-echo -e "\e[33mFetching latest _modules from origin/${BRANCH}…\e[0m"
-git fetch origin "${BRANCH}"
-git checkout "origin/${BRANCH}" -- _modules
-
-if [[ ! -d "${MODULE_DIR}" || -z "$(ls -A "${MODULE_DIR}")" ]]; then
-  echo -e "\e[31mError: _modules is still missing or empty after fetch!\e[0m"
-  exit 2
-fi
-
-# Calculate hash after fetch
-MODULES_HASH_AFTER=$(find "${MODULE_DIR}" -type f -exec sha256sum {} \; 2>/dev/null | sort | sha256sum | awk '{print $1}')
-
-# Check if modules changed
-if [[ "${MODULES_HASH_BEFORE}" != "${MODULES_HASH_AFTER}" ]]; then
-  echo -e "\e[33m_modules have been updated. Please restart the update script.\e[0m"
-  exit 2
+  echo -e "\e[33mDeveloper mode: Skipping _modules update from git\e[0m"
+  if [[ ! -d "${MODULE_DIR}" || -z "$(ls -A "${MODULE_DIR}")" ]]; then
+    echo -e "\e[31mError: _modules directory is missing or empty!\e[0m"
+    exit 2
+  fi
 fi
 
 source _modules/scripts/core.sh
@@ -151,8 +169,7 @@ while (($#)); do
       FORCE=y
     ;;
     -d|--dev)
-      echo -e "\e[32mRunning in Developer mode...\e[0m"
-      DEV=y
+      # Already handled at the top of the script before _modules update
     ;;
     --legacy)
       CURRENT_BRANCH="$(cd "${SCRIPT_DIR}"; git rev-parse --abbrev-ref HEAD)"