eliott/anonaddy
1
0
Fork 0
mirror of https://github.com/anonaddy/anonaddy synced 2026-04-25 17:15:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updated config

Browse Source
This commit is contained in:
Will Browning
2023-10-05 10:47:16 +01:00
parent 8d6ddb4434
commit c98e636f54
15 changed files with 340 additions and 6987 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.env.example
View File

@@ -3,7 +3,7 @@ APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_LOG_LEVEL=debug
# The URL of the AnonAddy instance, can be anything you like e.g. https://aa.example.com, or just https://example.com, if using a non-standard port you must include it e.g. https://example.test:8000. Do not include a trailing slash '/'
# The URL of the addy.io instance, can be anything you like e.g. https://aa.example.com, or just https://example.com, if using a non-standard port you must include it e.g. https://example.test:8000. Do not include a trailing slash '/'
APP_URL=https://app.example.com
LOG_CHANNEL=stack

16
SECURITY.md
View File

@@ -1,4 +1,4 @@
If you believe you've found a security issue in the AnonAddy product or service, I encourage you to
If you believe you've found a security issue in the addy.io product or service, I encourage you to
notify me. I welcome working with you to resolve the issue promptly. Thanks in advance!
# Disclosure Policy
@@ -19,19 +19,19 @@ To report a vulnerability please send an email to contact (at) help.addy.io, you
# In-scope
- Security issues in any current release of AnonAddy. This includes the web application, browser extension,
- Security issues in any current release of addy.io. This includes the web application, browser extension,
and landing page. Source code is available at https://github.com/anonaddy.
# Exclusions
The following bug classes are out-of scope:
- Bugs that are already reported on any of AnonAddy's issue trackers (https://github.com/anonaddy),
- Bugs that are already reported on any of addy.io's issue trackers (https://github.com/anonaddy),
or that I already know of.
- Attacks requiring physical access to a user's device.
- Self-XSS
- Issues related to software or protocols not under AnonAddy's control
- Vulnerabilities in outdated versions of AnonAddy
- Issues related to software or protocols not under addy.io's control
- Vulnerabilities in outdated versions of addy.io
- Missing security best practices that do not directly lead to a vulnerability
- Issues that do not have any impact on the general public
@@ -39,7 +39,7 @@ While researching, I'd like to ask you to refrain from:
- Denial of service
- Spamming
- Social engineering (including phishing) of AnonAddy emails
- Any physical attempts against AnonAddy property or data centers
- Social engineering (including phishing) of addy.io emails
- Any physical attempts against addy.io property or data centers
Thank you for helping keep AnonAddy and its users safe!
Thank you for helping keep addy.io and its users safe!

2
app/Console/Commands/UpdateAppVersion.php
View File

@@ -39,7 +39,7 @@ class UpdateAppVersion extends Command
public function handle()
{
$version = GitVersionHelper::cacheFreshVersion();
$this->info("AnonAddy version: {$version}");
$this->info("addy.io version: {$version}");
return 0;
}

2
app/Http/Controllers/Api/AliasController.php
View File

@@ -121,7 +121,7 @@ class AliasController extends Controller
$aliasable = null;
// This is an AnonAddy domain.
// This is an addy.io domain.
if ($parentDomain) {
$subdomain = substr($request->domain, 0, strrpos($request->domain, '.'.$parentDomain));

1
composer.json
View File

@@ -68,6 +68,7 @@
"post-autoload-dump": [
"Illuminate\\Foundation\\ComposerScripts::postAutoloadDump",
"@php artisan package:discover --ansi",
"cd ./postfix && composer install --prefer-dist --no-scripts --no-dev -q -o",
"@php artisan anonaddy:update-app-version"
],
"post-root-package-install": [

28
composer.lock generated
View File

@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "4baf108431cf17f4762c521fd752c926",
"content-hash": "1853e8f76107fba9299291132d651280",
"packages": [
{
"name": "asbiin/laravel-webauthn",
@@ -7508,16 +7508,16 @@
},
{
"name": "tightenco/ziggy",
"version": "v1.6.2",
"version": "v1.7.2",
"source": {
"type": "git",
"url": "https://github.com/tighten/ziggy.git",
"reference": "41eb6384a9f9ae85cf54d6dc8f98dab282b07890"
"reference": "cb47272ee078adc8cd0b04c4f0f9cb56f68d0a38"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/tighten/ziggy/zipball/41eb6384a9f9ae85cf54d6dc8f98dab282b07890",
"reference": "41eb6384a9f9ae85cf54d6dc8f98dab282b07890",
"url": "https://api.github.com/repos/tighten/ziggy/zipball/cb47272ee078adc8cd0b04c4f0f9cb56f68d0a38",
"reference": "cb47272ee078adc8cd0b04c4f0f9cb56f68d0a38",
"shasum": ""
},
"require": {
@@ -7569,9 +7569,9 @@
],
"support": {
"issues": "https://github.com/tighten/ziggy/issues",
"source": "https://github.com/tighten/ziggy/tree/v1.6.2"
"source": "https://github.com/tighten/ziggy/tree/v1.7.2"
},
"time": "2023-08-18T20:28:21+00:00"
"time": "2023-10-04T13:26:01+00:00"
},
{
"name": "tijsverkoyen/css-to-inline-styles",
@@ -8855,16 +8855,16 @@
},
{
"name": "phpunit/php-code-coverage",
"version": "10.1.6",
"version": "10.1.7",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/php-code-coverage.git",
"reference": "56f33548fe522c8d82da7ff3824b42829d324364"
"reference": "355324ca4980b8916c18b9db29f3ef484078f26e"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/56f33548fe522c8d82da7ff3824b42829d324364",
"reference": "56f33548fe522c8d82da7ff3824b42829d324364",
"url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/355324ca4980b8916c18b9db29f3ef484078f26e",
"reference": "355324ca4980b8916c18b9db29f3ef484078f26e",
"shasum": ""
},
"require": {
@@ -8921,7 +8921,7 @@
"support": {
"issues": "https://github.com/sebastianbergmann/php-code-coverage/issues",
"security": "https://github.com/sebastianbergmann/php-code-coverage/security/policy",
"source": "https://github.com/sebastianbergmann/php-code-coverage/tree/10.1.6"
"source": "https://github.com/sebastianbergmann/php-code-coverage/tree/10.1.7"
},
"funding": [
{
@@ -8929,7 +8929,7 @@
"type": "github"
}
],
"time": "2023-09-19T04:59:03+00:00"
"time": "2023-10-04T15:34:17+00:00"
},
{
"name": "phpunit/php-file-iterator",
@@ -11170,7 +11170,7 @@
"prefer-stable": true,
"prefer-lowest": false,
"platform": {
"php": "^8.1"
"php": "^8.2"
},
"platform-dev": [],
"plugin-api-version": "2.3.0"

2
config/anonaddy.php
View File

@@ -53,7 +53,7 @@ return [
| Domain
|--------------------------------------------------------------------------
|
| If set and you are self hosting AnonAddy then a check will be done so that you can
| If set and you are self hosting addy.io then a check will be done so that you can
| receive email at the root domain, e.g. @example.com aswell as @username.example.com
|
*/

7147
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

19
package.json
View File

@@ -2,7 +2,7 @@
"private": true,
"scripts": {
"dev": "vite --host",
"build": "vite build",
"production": "vite build",
"format": "prettier --write 'resources/**/*.{css,js,vue}'",
"prepare": "husky install",
"pre-commit": "lint-staged"
@@ -19,7 +19,6 @@
"chart.js": "^4.4.0",
"cross-env": "^7.0.3",
"dayjs": "^1.10.4",
"laravel-mix": "^6.0.11",
"lodash": "^4.17.20",
"mini-svg-data-uri": "^1.4.4",
"postcss": "^8.4.5",
@@ -35,14 +34,14 @@
"vuedraggable": "^4.1.0"
},
"devDependencies": {
"@vitejs/plugin-vue": "^4.2.3",
"css-loader": "^6.0.0",
"husky": "^8.0.0",
"laravel-vite-plugin": "^0.8.0",
"lint-staged": "^14.0.0",
"prettier": "^3.0.0",
"vite": "^4.3.6"
},
"@vitejs/plugin-vue": "^4.2.3",
"css-loader": "^6.0.0",
"husky": "^8.0.0",
"laravel-vite-plugin": "^0.8.0",
"lint-staged": "^14.0.0",
"prettier": "^3.0.0",
"vite": "^4.3.6"
},
"lint-staged": {
"*.{css,js,vue}": [
"prettier --write"

2
resources/js/Pages/Settings/General.vue
View File

@@ -470,7 +470,7 @@
<div class="space-y-1">
<h3 class="text-lg font-medium leading-6 text-grey-900">Store Failed Deliveries</h3>
<p class="text-base text-grey-700">
This setting allows you to choose whether or not AnonAddy should
This setting allows you to choose whether or not addy.io should
<b>temporarily store</b> failed delivery attempts, this ensures that
<b>emails are not lost</b> if they are rejected by your recipients as they can be
downloaded from the failed deliveries page. Failed deliveries are

2
resources/views/auth/register.blade.php
View File

@@ -4,7 +4,7 @@
<div class="p-6 bg-indigo-900 min-h-screen flex justify-center items-center">
<div class="w-full max-w-md">
<div class="flex justify-center text-white mb-6 text-5xl font-bold">
<img class="w-48" alt="AnonAddy Logo" src="/svg/logo.svg">
<img class="w-48" alt="addy.io Logo" src="/svg/logo.svg">
</div>
<div class="flex flex-col break-words bg-white border-2 rounded-lg shadow-lg overflow-hidden">
<form class="" method="POST" action="{{ route('register') }}">

2
resources/views/mail/gpg_key_expired.blade.php
View File

@@ -2,7 +2,7 @@
# GPG Key Encryption Error
An error occured while trying to encrypt an email recently forwarded to you by AnonAddy.
An error occured while trying to encrypt an email recently forwarded to you by addy.io.
This was likely caused because the key has expired.

2
resources/views/vendor/mail/html/message.blade.php vendored
View File

@@ -2,7 +2,7 @@
{{-- Header --}}
@slot('header')
@component('mail::header', ['url' => config('app.url')])
<img class="logo" alt="AnonAddy Logo" src="{{ config('app.url') }}/logo.png">
<img class="logo" alt="addy.io Logo" src="{{ config('app.url') }}/logo.png">
@endcomponent
@endslot

85
vite.config.js vendored
View File

@@ -1,46 +1,51 @@
import { defineConfig } from 'vite'
import { defineConfig, loadEnv } from 'vite'
import laravel from 'laravel-vite-plugin'
import vue from '@vitejs/plugin-vue'
import fs from 'fs'
export default defineConfig({
server: {
hmr: {
host: 'addy-sh.test',
},
host: 'addy-sh.test',
https: {
key:
process.env.NODE_ENV === 'production'
? null
: fs.readFileSync('/home/vagrant/addy-sh.test.key'), // copy from /etc/ssl/certs in homestead so vagrant user has permissions
cert:
process.env.NODE_ENV === 'production'
? null
: fs.readFileSync('/home/vagrant/addy-sh.test.crt'),
},
watch: {
usePolling: true,
},
},
plugins: [
laravel({
input: [
'resources/css/app.css',
'resources/js/app.js',
'resources/js/webauthn/authenticate.js',
'resources/js/webauthn/register.js',
],
refresh: true,
}),
vue({
template: {
transformAssetUrls: {
base: null,
includeAbsolute: false,
},
export default defineConfig(({ command, mode }) => {
const env = loadEnv(mode, process.cwd(), 'APP_URL')
const host = env.APP_URL.replace(/https?:\/\//, '')
return {
server: {
hmr: {
host: host,
},
}),
],
base: '',
host: host,
https: {
key:
process.env.NODE_ENV === 'production'
? null
: fs.readFileSync(`/home/vagrant/${host}.key`), // copy from /etc/ssl/certs in homestead so vagrant user has permissions
cert:
process.env.NODE_ENV === 'production'
? null
: fs.readFileSync(`/home/vagrant/${host}.crt`),
},
watch: {
usePolling: true,
},
},
plugins: [
laravel({
input: [
'resources/css/app.css',
'resources/js/app.js',
'resources/js/webauthn/authenticate.js',
'resources/js/webauthn/register.js',
],
refresh: true,
}),
vue({
template: {
transformAssetUrls: {
base: null,
includeAbsolute: false,
},
},
}),
],
base: '',
}
})

15
webpack.mix.js vendored
View File

@@ -1,15 +0,0 @@
const mix = require('laravel-mix')
mix
.js('resources/js/app.js', 'public/js')
.vue()
.js('resources/js/webauthn.js', 'public/js')
.postCss('resources/css/app.css', 'public/css', [
require('postcss-import'),
require('tailwindcss'),
require('autoprefixer'),
])
if (mix.inProduction()) {
mix.version()
}