mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-11-26 02:57:04 +00:00
re-do allow apt to perform security updates on its own
Move this into system.sh rather than anagement.sh.
This reverts commit eab28c97ff
.
This commit is contained in:
parent
a0b056ae29
commit
03bbd25a10
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
source setup/functions.sh
|
source setup/functions.sh
|
||||||
|
|
||||||
apt_install python3-flask links duplicity libyaml-dev python3-dnspython unattended-upgrades
|
apt_install python3-flask links duplicity libyaml-dev python3-dnspython
|
||||||
hide_output pip3 install rtyaml
|
hide_output pip3 install rtyaml
|
||||||
|
|
||||||
# Create a backup directory and a random key for encrypting backups.
|
# Create a backup directory and a random key for encrypting backups.
|
||||||
@ -21,14 +21,6 @@ rm -f /etc/init.d/mailinabox
|
|||||||
ln -s $(pwd)/conf/management-initscript /etc/init.d/mailinabox
|
ln -s $(pwd)/conf/management-initscript /etc/init.d/mailinabox
|
||||||
hide_output update-rc.d mailinabox defaults
|
hide_output update-rc.d mailinabox defaults
|
||||||
|
|
||||||
# Allow apt to install system updates automatically every day.
|
|
||||||
cat > /etc/apt/apt.conf.d/02periodic <<EOF;
|
|
||||||
APT::Periodic::MaxAge "7";
|
|
||||||
APT::Periodic::Update-Package-Lists "1";
|
|
||||||
APT::Periodic::Unattended-Upgrade "1";
|
|
||||||
APT::Periodic::Verbose "1";
|
|
||||||
EOF
|
|
||||||
|
|
||||||
# Perform a daily backup.
|
# Perform a daily backup.
|
||||||
cat > /etc/cron.daily/mailinabox-backup << EOF;
|
cat > /etc/cron.daily/mailinabox-backup << EOF;
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
@ -11,18 +11,22 @@ hide_output apt-get -y upgrade
|
|||||||
# haveged: Provides extra entropy to /dev/random so it doesn't stall
|
# haveged: Provides extra entropy to /dev/random so it doesn't stall
|
||||||
# when generating random numbers for private keys (e.g. during
|
# when generating random numbers for private keys (e.g. during
|
||||||
# ldns-keygen).
|
# ldns-keygen).
|
||||||
|
# unattended-upgrades: Apt tool to install security updates automatically.
|
||||||
apt_install python3 python3-pip wget curl bind9-host haveged
|
|
||||||
|
|
||||||
# Turn on basic services:
|
|
||||||
#
|
|
||||||
# ntp: keeps the system time correct
|
# ntp: keeps the system time correct
|
||||||
#
|
|
||||||
# fail2ban: scans log files for repeated failed login attempts and blocks the remote IP at the firewall
|
# fail2ban: scans log files for repeated failed login attempts and blocks the remote IP at the firewall
|
||||||
#
|
|
||||||
# These services don't need further configuration and are started immediately after installation.
|
|
||||||
|
|
||||||
apt_install ntp fail2ban
|
apt_install python3 python3-pip \
|
||||||
|
wget curl bind9-host \
|
||||||
|
haveged unattended-upgrades ntp fail2ban
|
||||||
|
|
||||||
|
# Allow apt to install system updates automatically every day.
|
||||||
|
|
||||||
|
cat > /etc/apt/apt.conf.d/02periodic <<EOF;
|
||||||
|
APT::Periodic::MaxAge "7";
|
||||||
|
APT::Periodic::Update-Package-Lists "1";
|
||||||
|
APT::Periodic::Unattended-Upgrade "1";
|
||||||
|
APT::Periodic::Verbose "1";
|
||||||
|
EOF
|
||||||
|
|
||||||
if [ -z "$DISABLE_FIREWALL" ]; then
|
if [ -z "$DISABLE_FIREWALL" ]; then
|
||||||
# Turn on the firewall. First allow incoming SSH, then turn on the firewall.
|
# Turn on the firewall. First allow incoming SSH, then turn on the firewall.
|
||||||
|
Loading…
Reference in New Issue
Block a user