merge master branch
This commit is contained in:
commit
0d4565e71d
22
CHANGELOG.md
22
CHANGELOG.md
|
@ -6,11 +6,28 @@ This branch supports Ubuntu 18.04 **only**. When upgrading, **always** upgrade y
|
||||||
In Development
|
In Development
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
* Starting with v0.28, TLS certificate provisioning wouldn't work on new boxes until the mailinabox setup command was run a second time because of a problem with the non-interactive setup.
|
Setup:
|
||||||
|
|
||||||
* Update to Nextcloud 13.0.5.
|
* Update to Roundcube 1.3.8.
|
||||||
|
* Add missing rsyslog package to install line since some OS images don't have it installed by default.
|
||||||
|
* A log file for nsd was added.
|
||||||
|
|
||||||
|
Control Panel:
|
||||||
|
|
||||||
|
* The users page now documents that passwords should only have ASCII characters to prevent character encoding mismaches between clients and the server.
|
||||||
|
* The users page no longer shows user mailbox sizes because this was extremely slow for very large mailboxes.
|
||||||
|
* The Mail-in-a-Box version is now shown in the system status checks even when the new-version check is disabled.
|
||||||
|
* The alises page now warns that alises should not be used to forward mail off of the box. Mail filters within Roundcube are better for that.
|
||||||
|
* The explanation of greylisting has been improved.
|
||||||
|
|
||||||
|
v0.29 (October 25, 2018)
|
||||||
|
------------------------
|
||||||
|
|
||||||
|
* Starting with v0.28, TLS certificate provisioning wouldn't work on new boxes until the mailinabox setup command was run a second time because of a problem with the non-interactive setup.
|
||||||
|
* Update to Nextcloud 13.0.6.
|
||||||
* Update to Roundcube 1.3.7.
|
* Update to Roundcube 1.3.7.
|
||||||
* Update to Z-Push 2.4.4.
|
* Update to Z-Push 2.4.4.
|
||||||
|
* Backup dates listed in the control panel now use an internationalized format.
|
||||||
|
|
||||||
v0.28 (July 30, 2018)
|
v0.28 (July 30, 2018)
|
||||||
---------------------
|
---------------------
|
||||||
|
@ -37,7 +54,6 @@ Mail:
|
||||||
|
|
||||||
Control Panel:
|
Control Panel:
|
||||||
|
|
||||||
* We now use EFF's `certbot` tool to provision HTTPS certificates instead of our home-grown free_tls_certificates package.
|
|
||||||
* The undocumented feature for proxying web requests to another server now sets X-Forwarded-For.
|
* The undocumented feature for proxying web requests to another server now sets X-Forwarded-For.
|
||||||
|
|
||||||
v0.26c (February 13, 2018)
|
v0.26c (February 13, 2018)
|
||||||
|
|
|
@ -58,7 +58,7 @@ by me:
|
||||||
$ curl -s https://keybase.io/joshdata/key.asc | gpg --import
|
$ curl -s https://keybase.io/joshdata/key.asc | gpg --import
|
||||||
gpg: key C10BDD81: public key "Joshua Tauberer <jt@occams.info>" imported
|
gpg: key C10BDD81: public key "Joshua Tauberer <jt@occams.info>" imported
|
||||||
|
|
||||||
$ git verify-tag v0.28
|
$ git verify-tag v0.29
|
||||||
gpg: Signature made ..... using RSA key ID C10BDD81
|
gpg: Signature made ..... using RSA key ID C10BDD81
|
||||||
gpg: Good signature from "Joshua Tauberer <jt@occams.info>"
|
gpg: Good signature from "Joshua Tauberer <jt@occams.info>"
|
||||||
gpg: WARNING: This key is not certified with a trusted signature!
|
gpg: WARNING: This key is not certified with a trusted signature!
|
||||||
|
@ -71,7 +71,7 @@ and on my [personal homepage](https://razor.occams.info/). (Of course, if this r
|
||||||
|
|
||||||
Checkout the tag corresponding to the most recent release:
|
Checkout the tag corresponding to the most recent release:
|
||||||
|
|
||||||
$ git checkout v0.28
|
$ git checkout v0.29
|
||||||
|
|
||||||
Begin the installation.
|
Begin the installation.
|
||||||
|
|
||||||
|
|
|
@ -257,7 +257,7 @@ def scan_mail_log(env):
|
||||||
|
|
||||||
print(textwrap.fill(
|
print(textwrap.fill(
|
||||||
"The following mail was greylisted, meaning the emails were temporarily rejected. "
|
"The following mail was greylisted, meaning the emails were temporarily rejected. "
|
||||||
"Legitimate senders will try again within ten minutes.",
|
"Legitimate senders must try again after three minutes.",
|
||||||
width=80, initial_indent=" ", subsequent_indent=" "
|
width=80, initial_indent=" ", subsequent_indent=" "
|
||||||
), end='\n\n')
|
), end='\n\n')
|
||||||
|
|
||||||
|
|
|
@ -59,7 +59,7 @@
|
||||||
</div>
|
</div>
|
||||||
<div class="panel-body">
|
<div class="panel-body">
|
||||||
<h4>Greylisting</h4>
|
<h4>Greylisting</h4>
|
||||||
<p>Your box using a technique called greylisting to cut down on spam. Greylisting works by delaying mail from people you haven’t received mail from before for up to about 10 minutes. The vast majority of spam gets tricked by this. If you are waiting for an email from someone new, such as if you are registering on a new website and are waiting for an email confirmation, please give it up to 10-15 minutes to arrive.</p>
|
<p>Your box uses a technique called greylisting to cut down on spam. Greylisting works by initially rejecting mail from people you haven’t received mail from before. Legitimate mail servers will attempt redelivery shortly afterwards, but the vast majority of spam gets tricked by this. If you are waiting for an email from someone new, such as if you are registering on a new website and are waiting for an email confirmation, please be aware there will be a minimum of 3 minutes delay, depending how soon the remote server attempts redelivery.</p>
|
||||||
|
|
||||||
<h4>+tag addresses</h4>
|
<h4>+tag addresses</h4>
|
||||||
<p>Every incoming email address also receives mail for <code>+tag</code> addresses. If your email address is <code>you@yourdomain.com</code>, you’ll also automatically get mail sent to <code>you+anythinghere@yourdomain.com</code>. Use this as a fast way to segment incoming mail for your own filtering rules without having to create aliases in this control panel.</p>
|
<p>Every incoming email address also receives mail for <code>+tag</code> addresses. If your email address is <code>you@yourdomain.com</code>, you’ll also automatically get mail sent to <code>you+anythinghere@yourdomain.com</code>. Use this as a fast way to segment incoming mail for your own filtering rules without having to create aliases in this control panel.</p>
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
#########################################################
|
#########################################################
|
||||||
|
|
||||||
if [ -z "$TAG" ]; then
|
if [ -z "$TAG" ]; then
|
||||||
TAG=v0.28
|
TAG=v0.29
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Are we running as root?
|
# Are we running as root?
|
||||||
|
|
13
setup/dns.sh
13
setup/dns.sh
|
@ -26,6 +26,7 @@ cat > /etc/nsd/nsd.conf << EOF;
|
||||||
# Do not edit. Overwritten by Mail-in-a-Box setup.
|
# Do not edit. Overwritten by Mail-in-a-Box setup.
|
||||||
server:
|
server:
|
||||||
hide-version: yes
|
hide-version: yes
|
||||||
|
logfile: "/var/log/nsd.log"
|
||||||
|
|
||||||
# identify the server (CH TXT ID.SERVER entry).
|
# identify the server (CH TXT ID.SERVER entry).
|
||||||
identity: ""
|
identity: ""
|
||||||
|
@ -41,6 +42,18 @@ server:
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
# Add log rotation
|
||||||
|
cat > /etc/logrotate.d/nsd <<EOF;
|
||||||
|
/var/log/nsd.log {
|
||||||
|
weekly
|
||||||
|
missingok
|
||||||
|
rotate 12
|
||||||
|
compress
|
||||||
|
delaycompress
|
||||||
|
notifempty
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
|
||||||
# Since we have bind9 listening on localhost for locally-generated
|
# Since we have bind9 listening on localhost for locally-generated
|
||||||
# DNS queries that require a recursive nameserver, and the system
|
# DNS queries that require a recursive nameserver, and the system
|
||||||
# might have other network interfaces for e.g. tunnelling, we have
|
# might have other network interfaces for e.g. tunnelling, we have
|
||||||
|
|
|
@ -75,8 +75,8 @@ InstallNextcloud() {
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
nextcloud_ver=13.0.5
|
nextcloud_ver=13.0.6
|
||||||
nextcloud_hash=e2b4a4bebd4fac14feae1e6e8997682f73fa8b50
|
nextcloud_hash=33e41f476f0e2be5dc7cdb9d496673d9647aa3d6
|
||||||
|
|
||||||
# Check if Nextcloud dir exist, and check if version matches nextcloud_ver (if either doesn't - install/upgrade)
|
# Check if Nextcloud dir exist, and check if version matches nextcloud_ver (if either doesn't - install/upgrade)
|
||||||
if [ ! -d /usr/local/lib/owncloud/ ] \
|
if [ ! -d /usr/local/lib/owncloud/ ] \
|
||||||
|
|
|
@ -126,7 +126,7 @@ echo Installing system packages...
|
||||||
apt_install python3 python3-dev python3-pip \
|
apt_install python3 python3-dev python3-pip \
|
||||||
netcat-openbsd wget curl git sudo coreutils bc \
|
netcat-openbsd wget curl git sudo coreutils bc \
|
||||||
haveged pollinate unzip \
|
haveged pollinate unzip \
|
||||||
unattended-upgrades cron ntp fail2ban
|
unattended-upgrades cron ntp fail2ban rsyslog
|
||||||
|
|
||||||
# ### Suppress Upgrade Prompts
|
# ### Suppress Upgrade Prompts
|
||||||
# When Ubuntu 20 comes out, we don't want users to be prompted to upgrade,
|
# When Ubuntu 20 comes out, we don't want users to be prompted to upgrade,
|
||||||
|
|
|
@ -28,8 +28,8 @@ apt_install \
|
||||||
# Install Roundcube from source if it is not already present or if it is out of date.
|
# Install Roundcube from source if it is not already present or if it is out of date.
|
||||||
# Combine the Roundcube version number with the commit hash of plugins to track
|
# Combine the Roundcube version number with the commit hash of plugins to track
|
||||||
# whether we have the latest version of everything.
|
# whether we have the latest version of everything.
|
||||||
VERSION=1.3.7
|
VERSION=1.3.8
|
||||||
HASH=df0e29d09aae0b7a7ae98023dcd1ae3c6be77cd0
|
HASH=90c7900ccf7b2f46fe49c650d5adb9b85ee9cc22
|
||||||
PERSISTENT_LOGIN_VERSION=dc5ca3d3f4415cc41edb2fde533c8a8628a94c76
|
PERSISTENT_LOGIN_VERSION=dc5ca3d3f4415cc41edb2fde533c8a8628a94c76
|
||||||
HTML5_NOTIFIER_VERSION=4b370e3cd60dabd2f428a26f45b677ad1b7118d5
|
HTML5_NOTIFIER_VERSION=4b370e3cd60dabd2f428a26f45b677ad1b7118d5
|
||||||
CARDDAV_VERSION=2.0.4
|
CARDDAV_VERSION=2.0.4
|
||||||
|
|
Loading…
Reference in New Issue