mailinabox/setup/bootstrap.sh

#!/bin/bash
#########################################################
# This script is intended to be run like this:
#
#   curl https://.../bootstrap.sh | sudo bash
#
#########################################################

if [ -z "$TAG" ]; then
	TAG=v0.15
fi

# Are we running as root?
if [[ $EUID -ne 0 ]]; then
	echo "This script must be run as root. Did you leave out sudo?"
	exit
fi

# Clone the Mail-in-a-Box repository if it doesn't exist.
if [ ! -d $HOME/mailinabox ]; then
	if [ ! -f /usr/bin/git ]; then
		echo Installing git . . .
		apt-get -q -q update
		DEBIAN_FRONTEND=noninteractive apt-get -q -q install -y git < /dev/null
		echo
	fi

	echo Downloading Mail-in-a-Box $TAG. . .
	git clone \
		-b $TAG --depth 1 \
		https://github.com/mail-in-a-box/mailinabox \
		$HOME/mailinabox \
		< /dev/null 2> /dev/null

	echo
fi

# Change directory to it.
cd $HOME/mailinabox

# Update it.
if [ "$TAG" != `git describe` ]; then
	echo Updating Mail-in-a-Box to $TAG . . .
	git fetch --depth 1 --force --prune origin tag $TAG
	if ! git checkout -q $TAG; then
		echo "Update failed. Did you modify something in `pwd`?"
		exit
	fi
	echo
fi

# Start setup script.
setup/start.sh
a bootstrapping script to support a one-line install command based on a script by @jkaberg in #141 2014-08-16 17:30:53 +00:00			`#!/bin/bash`
			`#########################################################`
			`# This script is intended to be run like this:`
			`#`
update bootstrap.sh for next tag 2014-09-21 20:37:04 +00:00			`# curl https://.../bootstrap.sh \| sudo bash`
a bootstrapping script to support a one-line install command based on a script by @jkaberg in #141 2014-08-16 17:30:53 +00:00			`#`
			`#########################################################`

bootstrap.sh: allow overring the tag to checkout by setting the TAG environment variable (helpful for debugging) 2014-08-25 12:18:46 +00:00			`if [ -z "$TAG" ]; then`
v0.15 (January 1, 2016) ----------------------- Mail: * Updated Roundcube to version 1.1.3. * Auto-create aliases for abuse@, as required by RFC2142. * The DANE TLSA record is changed to use the certificate subject public key rather than the whole certificate, which means the record remains valid after certificate changes (so long as the private key remains the same, which it does for us). Control panel: * When IPv6 is enabled, check that system services are accessible over IPv6 too, that the box's hostname resolves over IPv6, and that reverse DNS is setup correctly for IPv6. * Explanatory text for setting up secondary nameserver is added/fixed. * DNS checks now have a timeout in case a DNS server is not responding, so the checks don't stall indefinitely. * Better messages if external DNS is used and, weirdly, custom secondary nameservers are set. * Add POP to the mail client settings documentation. * The box's IP address is added to the fail2ban whitelist so that the status checks don't trigger the machine banning itself, which results in the status checks showing services down even though they are running. * For SSL certificates, rather than asking you what country you are in during setup, ask at the time a CSR is generated. The default system self-signed certificate now omits a country in the subject (it was never needed). The CSR_COUNTRY Mail-in-a-Box setting is dropped entirely. System: * Nightly backups and system status checks are now moved to 3am in the system's timezone. * fail2ban's recidive jail is now active, which guards against persistent brute force login attacks over long periods of time. * Setup (first run only) now asks for your timezone to set the system time. * The Exchange/ActiveSync server is now taken offline during nightly backups (along with SMTP and IMAP). * The machine's random number generator (/dev/urandom) is now seeded with Ubuntu Pollinate and a blocking read on /dev/random. * DNSSEC key generation during install now uses /dev/urandom (instead of /dev/random), which is faster. * The $STORAGE_ROOT/ssl directory is flattened by a migration script and the system SSL certificate path is now a symlink to the actual certificate. * If ownCloud sends out email, it will use the box's administrative address now (admin@yourboxname). * Z-Push (Exchange/ActiveSync) logs now exclude warnings and are now rotated to save disk space. * Fix pip command that might have not installed all necessary Python packages. * The control panel and backup would not work on Google Compute Engine because GCE installs a conflicting boto package. * Added a new command `management/backup.py --restore` to restore files from a backup to a target directory (command line arguments are passed to `duplicity restore`). 2016-01-01 22:47:18 +00:00			`TAG=v0.15`
bootstrap.sh: allow overring the tag to checkout by setting the TAG environment variable (helpful for debugging) 2014-08-25 12:18:46 +00:00			`fi`
bootstrap script should check out a particular tag rather than master 2014-08-21 17:23:47 +00:00
a bootstrapping script to support a one-line install command based on a script by @jkaberg in #141 2014-08-16 17:30:53 +00:00			`# Are we running as root?`
			`if [[ $EUID -ne 0 ]]; then`
			`echo "This script must be run as root. Did you leave out sudo?"`
			`exit`
			`fi`

			`# Clone the Mail-in-a-Box repository if it doesn't exist.`
fixes for bootstrap.sh for upgrading * `git fetch` wasn't done right for shallow clones * the test for whether mailinabox has already been cloned wasn't looking at the right directory if the script was not run from $HOME 2014-10-15 16:22:48 +00:00			`if [ ! -d $HOME/mailinabox ]; then`
bootstrap.sh needs to apt-get update before it does an apt-get install, fixes #431 2015-06-10 13:33:47 +00:00			`if [ ! -f /usr/bin/git ]; then`
			`echo Installing git . . .`
			`apt-get -q -q update`
			`DEBIAN_FRONTEND=noninteractive apt-get -q -q install -y git < /dev/null`
			`echo`
			`fi`
update bootstrap.sh for next tag 2014-09-21 20:37:04 +00:00
fixes for bootstrap.sh for upgrading * `git fetch` wasn't done right for shallow clones * the test for whether mailinabox has already been cloned wasn't looking at the right directory if the script was not run from $HOME 2014-10-15 16:22:48 +00:00			`echo Downloading Mail-in-a-Box $TAG. . .`
bootstrap: apt was mangling stdin When executed "cat bootstrap.sh \| bash", apt-get mangled stdin. The script would terminate at the end of the if block containing apt-get (that seems to be as much as bash read from the pipe) and the remainder of the script was output to the console. This was very weird. Ensuring that apt-get and git have their stdins redirected from /dev/null seems to fix the problem. see #224 2014-10-05 17:32:52 +00:00			`git clone \`
			`-b $TAG --depth 1 \`
			`https://github.com/mail-in-a-box/mailinabox \`
			`$HOME/mailinabox \`
			`< /dev/null 2> /dev/null`

			`echo`
			`fi`

			`# Change directory to it.`
			`cd $HOME/mailinabox`
a bootstrapping script to support a one-line install command based on a script by @jkaberg in #141 2014-08-16 17:30:53 +00:00
bootstrap: apt was mangling stdin When executed "cat bootstrap.sh \| bash", apt-get mangled stdin. The script would terminate at the end of the if block containing apt-get (that seems to be as much as bash read from the pipe) and the remainder of the script was output to the console. This was very weird. Ensuring that apt-get and git have their stdins redirected from /dev/null seems to fix the problem. see #224 2014-10-05 17:32:52 +00:00			`# Update it.`
			if [ "$TAG" != `git describe` ]; then
bootstrap.sh: allow overring the tag to checkout by setting the TAG environment variable (helpful for debugging) 2014-08-25 12:18:46 +00:00			`echo Updating Mail-in-a-Box to $TAG . . .`
fixes for bootstrap.sh for upgrading * `git fetch` wasn't done right for shallow clones * the test for whether mailinabox has already been cloned wasn't looking at the right directory if the script was not run from $HOME 2014-10-15 16:22:48 +00:00			`git fetch --depth 1 --force --prune origin tag $TAG`
bootstrap script should check out a particular tag rather than master 2014-08-21 17:23:47 +00:00			`if ! git checkout -q $TAG; then`
a bootstrapping script to support a one-line install command based on a script by @jkaberg in #141 2014-08-16 17:30:53 +00:00			echo "Update failed. Did you modify something in `pwd`?"
			`exit`
			`fi`
bootstrap: apt was mangling stdin When executed "cat bootstrap.sh \| bash", apt-get mangled stdin. The script would terminate at the end of the if block containing apt-get (that seems to be as much as bash read from the pipe) and the remainder of the script was output to the console. This was very weird. Ensuring that apt-get and git have their stdins redirected from /dev/null seems to fix the problem. see #224 2014-10-05 17:32:52 +00:00			`echo`
a bootstrapping script to support a one-line install command based on a script by @jkaberg in #141 2014-08-16 17:30:53 +00:00			`fi`

			`# Start setup script.`
			`setup/start.sh`
update bootstrap.sh for next tag 2014-09-21 20:37:04 +00:00