external
/
mailinabox
mirror of https://github.com/mail-in-a-box/mailinabox.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Update to be compatible with Ubuntu 12 and newer

This commit is contained in:
Alice Chen 2014-10-09 23:47:43 -07:00
parent 929ef89a40
commit 0e61e8274c
5 changed files with 21 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
management/dns_update.py
View File

@ -70,7 +70,7 @@ def do_dns_update(env, force=False):
additional_records = get_custom_dns_config(env) additional_records = get_custom_dns_config(env)
# Write zone files. # Write zone files.
os.makedirs('/etc/nsd/zones', exist_ok=True) os.makedirs('/etc/' + env.get("NSD_PACKAGE", "nsd") + '/zones', exist_ok=True)
updated_domains = [] updated_domains = []
for i, (domain, zonefile) in enumerate(zonefiles): for i, (domain, zonefile) in enumerate(zonefiles):
# Build the records to put in the zone. # Build the records to put in the zone.
@ -78,7 +78,7 @@ def do_dns_update(env, force=False):
# See if the zone has changed, and if so update the serial number # See if the zone has changed, and if so update the serial number
# and write the zone file. # and write the zone file.
if not write_nsd_zone(domain, "/etc/nsd/zones/" + zonefile, records, env, force): if not write_nsd_zone(domain, "/etc/" + env.get("NSD_PACKAGE", "nsd") + "/zones/" + zonefile, records, env, force):
# Zone was not updated. There were no changes. # Zone was not updated. There were no changes.
continue continue
@ -119,7 +119,7 @@ def do_dns_update(env, force=False):
# Kick nsd if anything changed. # Kick nsd if anything changed.
if len(updated_domains) > 0: if len(updated_domains) > 0:
shell('check_call', ["/usr/sbin/service", "nsd", "restart"]) shell('check_call', ["/usr/sbin/service", env.get("NSD_PACKAGE", "nsd"), "restart"])
# Write the OpenDKIM configuration tables. # Write the OpenDKIM configuration tables.
if write_opendkim_tables(zonefiles, env): if write_opendkim_tables(zonefiles, env):
@ -465,8 +465,8 @@ server:
identity: "" identity: ""
# The directory for zonefile: files. # The directory for zonefile: files.
zonesdir: "/etc/nsd/zones"
""" """
nsdconf += ' zonesdir: "/etc/' + env.get("NSD_PACKAGE", "nsd") + '/zones"'
# Since we have bind9 listening on localhost for locally-generated # Since we have bind9 listening on localhost for locally-generated
# DNS queries that require a recursive nameserver, and the system # DNS queries that require a recursive nameserver, and the system
@ -499,11 +499,11 @@ zone:
# Check if the nsd.conf is changing. If it isn't changing, # Check if the nsd.conf is changing. If it isn't changing,
# return False to flag that no change was made. # return False to flag that no change was made.
with open("/etc/nsd/nsd.conf") as f: with open("/etc/" + env.get("NSD_PACKAGE", "nsd") + "/nsd.conf") as f:
if f.read() == nsdconf: if f.read() == nsdconf:
return False return False
with open("/etc/nsd/nsd.conf", "w") as f: with open("/etc/" + env.get("NSD_PACKAGE", "nsd") + "/nsd.conf", "w") as f:
f.write(nsdconf) f.write(nsdconf)
return True return True
@ -562,7 +562,7 @@ def sign_zone(domain, zonefile, env):
"-n", "-n",
# zonefile to sign # zonefile to sign
"/etc/nsd/zones/" + zonefile, "/etc/" + env.get("NSD_PACKAGE", "nsd") + "/zones/" + zonefile,
# keys to sign with (order doesn't matter -- it'll figure it out) # keys to sign with (order doesn't matter -- it'll figure it out)
dnssec_keys["KSK"], dnssec_keys["KSK"],
@ -577,7 +577,7 @@ def sign_zone(domain, zonefile, env):
# We want to be able to validate DS records too, but multiple forms may be valid depending # We want to be able to validate DS records too, but multiple forms may be valid depending
# on the digest type. So we'll write all (both) valid records. Only one DS record should # on the digest type. So we'll write all (both) valid records. Only one DS record should
# actually be deployed. Preferebly the first. # actually be deployed. Preferebly the first.
with open("/etc/nsd/zones/" + zonefile + ".ds", "w") as f: with open("/etc/" + env.get("NSD_PACKAGE", "nsd") + "/zones/" + zonefile + ".ds", "w") as f:
for digest_type in ('2', '1'): for digest_type in ('2', '1'):
rr_ds = shell('check_output', ["/usr/bin/ldns-key2ds", rr_ds = shell('check_output', ["/usr/bin/ldns-key2ds",
"-n", # output to stdout "-n", # output to stdout

2
management/status_checks.py
View File

@ -213,7 +213,7 @@ def check_dnssec(domain, env, dns_zonefiles, is_checking_primary=False):
# See if the domain has a DS record set at the registrar. The DS record may have # See if the domain has a DS record set at the registrar. The DS record may have
# several forms. We have to be prepared to check for any valid record. We've # several forms. We have to be prepared to check for any valid record. We've
# pre-generated all of the valid digests --- read them in. # pre-generated all of the valid digests --- read them in.
ds_correct = open('/etc/nsd/zones/' + dns_zonefiles[domain] + '.ds').read().strip().split("\n") ds_correct = open('/etc/' + env.get("NSD_PACKAGE", "nsd") + '/zones/' + dns_zonefiles[domain] + '.ds').read().strip().split("\n")
digests = { } digests = { }
for rr_ds in ds_correct: for rr_ds in ds_correct:
ds_keytag, ds_alg, ds_digalg, ds_digest = rr_ds.split("\t")[4].split(" ") ds_keytag, ds_alg, ds_digalg, ds_digest = rr_ds.split("\t")[4].split(" ")

6
setup/dns.sh
View File

@ -27,11 +27,9 @@ fi
# * ldnsutils: Helper utilities for signing DNSSEC zones. # * ldnsutils: Helper utilities for signing DNSSEC zones.
# * openssh-client: Provides ssh-keyscan which we use to create SSHFP records. # * openssh-client: Provides ssh-keyscan which we use to create SSHFP records.
apt_install nsd ldnsutils openssh-client apt_install $NSD_PACKAGE ldnsutils openssh-client
# Prepare nsd's configuration. mkdir -p /var/run/$NSD_PACKAGE
mkdir -p /var/run/nsd
# Create DNSSEC signing keys. # Create DNSSEC signing keys.

4
setup/preflight.sh
View File

@ -8,8 +8,8 @@ if [[ $EUID -ne 0 ]]; then
fi fi
# Check that we are running on Ubuntu 14.04 LTS (or 14.04.xx). # Check that we are running on Ubuntu 14.04 LTS (or 14.04.xx).
if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' `" != "Ubuntu 14.04 LTS" ]; then if [ `lsb_release -d | sed 's/.*:\sUbuntu *//' | cut -d'.' -f1` -lt 12 ]; then
echo "Mail-in-a-Box only supports being installed on Ubuntu 14.04, sorry. You are running:" echo "Mail-in-a-Box only supports being installed on Ubuntu 12 and newer, sorry. You are running:"
echo echo
lsb_release -d | sed 's/.*:\s*//' lsb_release -d | sed 's/.*:\s*//'
echo echo

8
setup/start.sh
View File

@ -8,6 +8,13 @@ source setup/functions.sh # load our functions
# machine with enough memory? If not, this shows an error and exits. # machine with enough memory? If not, this shows an error and exits.
source setup/preflight.sh source setup/preflight.sh
# if Ubuntu major version is less than 14 use nsd3 package
if [ `lsb_release -d | sed 's/.*:\sUbuntu *//' | cut -d'.' -f1` -lt 14 ]; then
NSD_PACKAGE="nsd3"
else
NSD_PACKAGE="nsd"
fi
# Ensure Python reads/writes files in UTF-8. If the machine # Ensure Python reads/writes files in UTF-8. If the machine
# triggers some other locale in Python, like ASCII encoding, # triggers some other locale in Python, like ASCII encoding,
# Python may not be able to read/write files. Here and in # Python may not be able to read/write files. Here and in
@ -109,6 +116,7 @@ PUBLIC_IPV6=$PUBLIC_IPV6
PRIVATE_IP=$PRIVATE_IP PRIVATE_IP=$PRIVATE_IP
PRIVATE_IPV6=$PRIVATE_IPV6 PRIVATE_IPV6=$PRIVATE_IPV6
CSR_COUNTRY=$CSR_COUNTRY CSR_COUNTRY=$CSR_COUNTRY
NSD_PACKAGE=$NSD_PACKAGE
EOF EOF
# Start service configuration. # Start service configuration.