From fb25013334dcb05fa6a025c8fe0694b96c05001b Mon Sep 17 00:00:00 2001 From: mbraem <1116286+mbraem@users.noreply.github.com> Date: Sun, 14 Apr 2019 20:17:43 +0200 Subject: [PATCH 01/18] user privileges is a set (#1551) fixes #1540 --- management/mailconfig.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/management/mailconfig.py b/management/mailconfig.py index 28e1c623..5f253c14 100755 --- a/management/mailconfig.py +++ b/management/mailconfig.py @@ -150,7 +150,7 @@ def get_mail_users_ex(env, with_archived=False): if email in active_accounts: continue user = { "email": email, - "privileges": "", + "privileges": [], "status": "inactive", "mailbox": mbox, } From 9b46637aff8851db98f9eac1f38b9a32f69a14fa Mon Sep 17 00:00:00 2001 From: dexbleeker Date: Sun, 14 Apr 2019 20:19:21 +0200 Subject: [PATCH 02/18] Update Roundcube to version 1.3.9 (#1546) --- CHANGELOG.md | 4 ++++ setup/webmail.sh | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 089aa68d..32f04763 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,10 @@ CHANGELOG ========= +In Development +-------------- + * Update to Roundcube 1.3.9. + v0.41 (February 26, 2019) ------------------------- diff --git a/setup/webmail.sh b/setup/webmail.sh index b0e11c9b..cbe6bfca 100755 --- a/setup/webmail.sh +++ b/setup/webmail.sh @@ -28,8 +28,8 @@ apt_install \ # Install Roundcube from source if it is not already present or if it is out of date. # Combine the Roundcube version number with the commit hash of plugins to track # whether we have the latest version of everything. -VERSION=1.3.8 -HASH=90c7900ccf7b2f46fe49c650d5adb9b85ee9cc22 +VERSION=1.3.9 +HASH=02850972b416bbfa1c13580f16d06fd7ae2774aa PERSISTENT_LOGIN_VERSION=dc5ca3d3f4415cc41edb2fde533c8a8628a94c76 HTML5_NOTIFIER_VERSION=4b370e3cd60dabd2f428a26f45b677ad1b7118d5 CARDDAV_VERSION=3.0.3 From 25fec63a03be972c8989eeada1ca09b9d7b7ae50 Mon Sep 17 00:00:00 2001 From: just4t Date: Sun, 14 Apr 2019 22:33:50 +0200 Subject: [PATCH 03/18] RAM limit to 502Mb to meet EC2 & Vultr 512Mb inst. (#1560) AS told here: https://github.com/mail-in-a-box/mailinabox/pull/1534 --- setup/preflight.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/preflight.sh b/setup/preflight.sh index d087efe2..2547c410 100644 --- a/setup/preflight.sh +++ b/setup/preflight.sh @@ -26,7 +26,7 @@ fi # # Skip the check if we appear to be running inside of Vagrant, because that's really just for testing. TOTAL_PHYSICAL_MEM=$(head -n 1 /proc/meminfo | awk '{print $2}') -if [ $TOTAL_PHYSICAL_MEM -lt 500000 ]; then +if [ $TOTAL_PHYSICAL_MEM -lt 490000 ]; then if [ ! -d /vagrant ]; then TOTAL_PHYSICAL_MEM=$(expr \( \( $TOTAL_PHYSICAL_MEM \* 1024 \) / 1000 \) / 1000) echo "Your Mail-in-a-Box needs more memory (RAM) to function properly." From aff80ac58cf85e6674a03cd2638db3442e774d4b Mon Sep 17 00:00:00 2001 From: jvolkenant Date: Thu, 9 May 2019 10:13:24 -0700 Subject: [PATCH 04/18] Autodiscovery fix for additional hosted email domains, Fixes #941 (#1467) --- conf/nginx-alldomains.conf | 3 +++ management/dns_update.py | 9 +++++++++ management/web_update.py | 6 ++++++ 3 files changed, 18 insertions(+) diff --git a/conf/nginx-alldomains.conf b/conf/nginx-alldomains.conf index 1db7606c..1b3ad5a9 100644 --- a/conf/nginx-alldomains.conf +++ b/conf/nginx-alldomains.conf @@ -18,6 +18,9 @@ location = /.well-known/autoconfig/mail/config-v1.1.xml { alias /var/lib/mailinabox/mozilla-autoconfig.xml; } + location = /mail/config-v1.1.xml { + alias /var/lib/mailinabox/mozilla-autoconfig.xml; + } # Roundcube Webmail configuration. rewrite ^/mail$ /mail/ redirect; diff --git a/management/dns_update.py b/management/dns_update.py index 5c1969d7..006a00c2 100755 --- a/management/dns_update.py +++ b/management/dns_update.py @@ -288,6 +288,15 @@ def build_zone(domain, all_domains, additional_records, www_redirect_domains, en if not has_rec(qname, "SRV"): records.append((qname, "SRV", "0 0 443 " + env["PRIMARY_HOSTNAME"] + ".", "Recommended. Specifies the hostname of the server that handles CardDAV/CalDAV services for email addresses on this domain.")) + # Adds autoconfiguration A records for all domains. + # This allows the following clients to automatically configure email addresses in the respective applications. + # autodiscover.* - Z-Push ActiveSync Autodiscover + # autoconfig.* - Thunderbird Autoconfig + if not has_rec("autodiscover", "A"): + records.append(("autodiscover", "A", env["PUBLIC_IP"], "Provides email configuration autodiscovery support for Z-Push ActiveSync Autodiscover.")) + if not has_rec("autoconfig", "A"): + records.append(("autoconfig", "A", env["PUBLIC_IP"], "Provides email configuration autodiscovery support for Thunderbird Autoconfig.")) + # Sort the records. The None records *must* go first in the nsd zone file. Otherwise it doesn't matter. records.sort(key = lambda rec : list(reversed(rec[0].split(".")) if rec[0] is not None else "")) diff --git a/management/web_update.py b/management/web_update.py index 61b38a7b..12959632 100644 --- a/management/web_update.py +++ b/management/web_update.py @@ -29,6 +29,12 @@ def get_web_domains(env, include_www_redirects=True, exclude_dns_elsewhere=True) # IP address than this box. Remove those domains from our list. domains -= get_domains_with_a_records(env) + # Add Autoconfiguration domains, allowing us to serve correct SSL certs. + # 'autoconfig.' for Mozilla Thunderbird auto setup. + # 'autodiscover.' for Activesync autodiscovery. + domains |= set('autoconfig.' + maildomain for maildomain in get_mail_domains(env)) + domains |= set('autodiscover.' + maildomain for maildomain in get_mail_domains(env)) + # Ensure the PRIMARY_HOSTNAME is in the list so we can serve webmail # as well as Z-Push for Exchange ActiveSync. This can't be removed # by a custom A/AAAA record and is never a 'www.' redirect. From 77b2246010f72e03ff4b57e6c003db77ad1fdb3d Mon Sep 17 00:00:00 2001 From: Pascal Garber Date: Sun, 12 May 2019 14:09:30 +0200 Subject: [PATCH 05/18] Backup Amazon S3: Added support for custom endpoints (#1427) --- management/backup.py | 9 +++++++- management/templates/system-backup.html | 29 +++++++++++++++++++++++-- 2 files changed, 35 insertions(+), 3 deletions(-) diff --git a/management/backup.py b/management/backup.py index e15fbbbf..93136bf5 100755 --- a/management/backup.py +++ b/management/backup.py @@ -419,15 +419,22 @@ def list_target_files(config): fix_boto() # must call prior to importing boto import boto.s3 from boto.exception import BotoServerError + custom_region = False for region in boto.s3.regions(): if region.endpoint == target.hostname: break else: - raise ValueError("Invalid S3 region/host.") + # If region is not found this is a custom region + custom_region = True bucket = target.path[1:].split('/')[0] path = '/'.join(target.path[1:].split('/')[1:]) + '/' + # Create a custom region with custom endpoint + if custom_region: + from boto.s3.connection import S3Connection + region = boto.s3.S3RegionInfo(name=bucket, endpoint=target.hostname, connection_cls=S3Connection) + # If no prefix is specified, set the path to '', otherwise boto won't list the files if path == '/': path = '' diff --git a/management/templates/system-backup.html b/management/templates/system-backup.html index be528f19..3860edb7 100644 --- a/management/templates/system-backup.html +++ b/management/templates/system-backup.html @@ -77,15 +77,22 @@
- +
- {% for name, host in backup_s3_hosts %} {% endfor %} +
+
+ +
+ +
+
@@ -139,6 +146,8 @@ function toggle_form() { var target_type = $("#backup-target-type").val(); $(".backup-target-local, .backup-target-rsync, .backup-target-s3").hide(); $(".backup-target-" + target_type).show(); + + init_inputs(target_type); } function nice_size(bytes) { @@ -278,4 +287,20 @@ function set_custom_backup() { }); return false; } + +function init_inputs(target_type) { + function set_host(host) { + if(host !== 'other') { + $("#backup-target-s3-host").val(host); + } else { + $("#backup-target-s3-host").val(''); + } + } + if (target_type == "s3") { + $('#backup-target-s3-host-select').off('change').on('change', function() { + set_host($('#backup-target-s3-host-select').val()); + }); + set_host($('#backup-target-s3-host-select').val()); + } +} From 0d4c6937927a498bf7faf8e468cba4d37eafe745 Mon Sep 17 00:00:00 2001 From: Michael Heuberger Date: Mon, 13 May 2019 00:10:34 +1200 Subject: [PATCH 06/18] Add missing login form method to keep LastPass happy (#1565) --- management/templates/login.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/management/templates/login.html b/management/templates/login.html index 04c27279..b6e74df6 100644 --- a/management/templates/login.html +++ b/management/templates/login.html @@ -17,13 +17,13 @@ sudo tools/mail.py user make-admin me@{{hostname}} {% endif %}
-
+ {% endif %}

Log in here for your Mail-in-a-Box control panel.

-
+
@@ -76,7 +76,7 @@ function do_login() { "/me", "GET", { }, - function(response){ + function(response){ // This API call always succeeds. It returns a JSON object indicating // whether the request was authenticated or not. if (response.status != "ok") { From 4232a1205c300254be8052c1e9f105b519e44d66 Mon Sep 17 00:00:00 2001 From: jvolkenant Date: Wed, 15 May 2019 11:46:52 -0700 Subject: [PATCH 07/18] fix dovecot message about SSLv2 not supported by OpenSSL (#1580) --- setup/mail-dovecot.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/setup/mail-dovecot.sh b/setup/mail-dovecot.sh index 4bcc53aa..6098e295 100755 --- a/setup/mail-dovecot.sh +++ b/setup/mail-dovecot.sh @@ -80,11 +80,12 @@ tools/editconf.py /etc/dovecot/conf.d/10-auth.conf \ # Enable SSL, specify the location of the SSL certificate and private key files. # Disable obsolete SSL protocols and allow only good ciphers per http://baldric.net/2013/12/07/tls-ciphers-in-postfix-and-dovecot/. # Enable strong ssl dh parameters + tools/editconf.py /etc/dovecot/conf.d/10-ssl.conf \ ssl=required \ "ssl_cert=<$STORAGE_ROOT/ssl/ssl_certificate.pem" \ "ssl_key=<$STORAGE_ROOT/ssl/ssl_private_key.pem" \ - "ssl_protocols=!SSLv3 !SSLv2" \ + "ssl_protocols=!SSLv3" \ "ssl_cipher_list=ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS" \ "ssl_prefer_server_ciphers = yes" \ "ssl_dh_parameters_length = 2048" From 85e59245fdfd2a2e633a890927a89adba79e1bf5 Mon Sep 17 00:00:00 2001 From: cmharper <1422608+cmharper@users.noreply.github.com> Date: Wed, 15 May 2019 18:57:06 +0000 Subject: [PATCH 08/18] hide 'RTNETLINK answers: Network is unreachable' error message during setup if IPv6 is not available (#1576) --- setup/functions.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/setup/functions.sh b/setup/functions.sh index 1a74edfd..3bb96b7a 100644 --- a/setup/functions.sh +++ b/setup/functions.sh @@ -1,7 +1,7 @@ # Turn on "strict mode." See http://redsymbol.net/articles/unofficial-bash-strict-mode/. # -e: exit if any command unexpectedly fails. # -u: exit if we have a variable typo. -# -o pipefail: don't ignore errors in the non-last command in a pipeline +# -o pipefail: don't ignore errors in the non-last command in a pipeline set -euo pipefail function hide_output { @@ -127,7 +127,7 @@ function get_default_privateip { if [ "$1" == "6" ]; then target=2001:4860:4860::8888; fi # Get the route information. - route=$(ip -$1 -o route get $target | grep -v unreachable) + route=$(ip -$1 -o route get $target 2>/dev/null | grep -v unreachable) # Parse the address out of the route information. address=$(echo $route | sed "s/.* src \([^ ]*\).*/\1/") From c6fa0d23df986f9065108b58f984026204cd4e20 Mon Sep 17 00:00:00 2001 From: jvolkenant Date: Wed, 15 May 2019 11:58:40 -0700 Subject: [PATCH 09/18] check that munin-cron is not running (via cron) when it is run in setup, fixes #660 (#1579) --- setup/munin.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/setup/munin.sh b/setup/munin.sh index 3cb1cd9d..df7af601 100755 --- a/setup/munin.sh +++ b/setup/munin.sh @@ -76,4 +76,8 @@ restart_service munin-node # generate initial statistics so the directory isn't empty # (We get "Pango-WARNING **: error opening config file '/root/.config/pango/pangorc': Permission denied" # if we don't explicitly set the HOME directory when sudo'ing.) -sudo -H -u munin munin-cron +# We check to see if munin-cron is already running, if it is, there is no need to run it simultaneously +# generating an error. +if [ ! -f /var/run/munin/munin-update.lock ]; then + sudo -H -u munin munin-cron +fi From 6e5ceab0f8d6496ae9dda5ae4cb134f16fa11626 Mon Sep 17 00:00:00 2001 From: jvolkenant Date: Wed, 15 May 2019 11:59:32 -0700 Subject: [PATCH 10/18] hide virtualenv output (#1578) --- setup/management.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/management.sh b/setup/management.sh index f7621a8b..3a6e187b 100755 --- a/setup/management.sh +++ b/setup/management.sh @@ -38,7 +38,7 @@ inst_dir=/usr/local/lib/mailinabox mkdir -p $inst_dir venv=$inst_dir/env if [ ! -d $venv ]; then - virtualenv -ppython3 $venv + hide_output virtualenv -ppython3 $venv fi # Upgrade pip because the Ubuntu-packaged version is out of date. From 79759ea5a39c9398460d33453d986c90db9d7d54 Mon Sep 17 00:00:00 2001 From: jvolkenant Date: Sun, 16 Jun 2019 08:07:45 -0700 Subject: [PATCH 11/18] Upgrade Z-Push to 2.5.0 (#1581) --- CHANGELOG.md | 3 +++ setup/zpush.sh | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 32f04763..14afe39d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,9 @@ In Development -------------- * Update to Roundcube 1.3.9. +Z-Push: + * Upgraded Z-Push from 2.4.4 to 2.5.0. + v0.41 (February 26, 2019) ------------------------- diff --git a/setup/zpush.sh b/setup/zpush.sh index 32fc4992..0cbd30ad 100755 --- a/setup/zpush.sh +++ b/setup/zpush.sh @@ -22,8 +22,8 @@ apt_install \ phpenmod -v php imap # Copy Z-Push into place. -VERSION=2.4.4 -TARGETHASH=104d44426852429dac8ec2783a4e9ad7752d4682 +VERSION=2.5.0 +TARGETHASH=30ce5c1af3f10939036361b6032d1187651b621e needs_update=0 #NODOC if [ ! -f /usr/local/lib/z-push/version ]; then needs_update=1 #NODOC From 193763f8f0a6e113053e2c8b5ae2bb12bbd5eb03 Mon Sep 17 00:00:00 2001 From: jvolkenant Date: Sun, 16 Jun 2019 08:10:53 -0700 Subject: [PATCH 12/18] Update to Nextcloud 15.0.8, Contacts to 3.1.1, and Calendar to 1.6.5 (#1577) * Update to Nextcloud 15.0.7, Contacts to 3.1.1, and Calendar to 1.6.5 * Enabled localhost-only insecure IMAP login for localhost Nextcloud auth * Add package php-imagick and BigInt conversion * added support for /cloud/oc[sm]-provider/ endpoint --- CHANGELOG.md | 11 ++++++++++- conf/nginx-primaryonly.conf | 9 +++++++++ setup/mail-dovecot.sh | 8 ++++++++ setup/nextcloud.sh | 38 +++++++++++++++++++++++++++---------- 4 files changed, 55 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 14afe39d..faa4a918 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,16 @@ CHANGELOG In Development -------------- - * Update to Roundcube 1.3.9. + +Mail: + +* Update to Roundcube 1.3.9. + +Contacts/Calendar: + +* Upgraded Nextcloud from 14.0.6 to 15.0.8. +* Upgraded Contacts from 2.1.8 to 3.1.1. +* Upgraded Calendar from 1.6.4 to 1.6.5. Z-Push: * Upgraded Z-Push from 2.4.4 to 2.5.0. diff --git a/conf/nginx-primaryonly.conf b/conf/nginx-primaryonly.conf index d8d912ca..288fce40 100644 --- a/conf/nginx-primaryonly.conf +++ b/conf/nginx-primaryonly.conf @@ -19,6 +19,7 @@ rewrite ^/cloud/$ /cloud/index.php; rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect; rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html; + rewrite ^(/cloud/oc[sm]-provider)/$ $1/index.php redirect; location /cloud/ { alias /usr/local/lib/owncloud/; location ~ ^/cloud/(build|tests|config|lib|3rdparty|templates|data|README)/ { @@ -27,6 +28,14 @@ location ~ ^/cloud/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } + # Enable paths for service and cloud federation discovery + # Resolves warning in Nextcloud Settings panel + location ~ ^/cloud/(oc[sm]-provider)?/([^/]+\.php)$ { + index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$1/$2; + fastcgi_pass php-fpm; + } } location ~ ^(/cloud)((?:/ocs)?/[^/]+\.php)(/.*)?$ { # note: ~ has precendence over a regular location block diff --git a/setup/mail-dovecot.sh b/setup/mail-dovecot.sh index 6098e295..c3d2ee57 100755 --- a/setup/mail-dovecot.sh +++ b/setup/mail-dovecot.sh @@ -136,6 +136,14 @@ service lmtp { } } +# Enable imap-login on localhost to allow the user_external plugin +# for Nextcloud to do imap authentication. (See #1577) +service imap-login { + inet_listener imap { + address = 127.0.0.1 + port = 143 + } +} protocol imap { mail_max_userip_connections = 20 } diff --git a/setup/nextcloud.sh b/setup/nextcloud.sh index 9476bbf8..8dc8d35a 100755 --- a/setup/nextcloud.sh +++ b/setup/nextcloud.sh @@ -13,7 +13,8 @@ apt-get purge -qq -y owncloud* # we used to use the package manager apt_install php php-fpm \ php-cli php-sqlite3 php-gd php-imap php-curl php-pear curl \ - php-dev php-gd php-xml php-mbstring php-zip php-apcu php-json php-intl + php-dev php-gd php-xml php-mbstring php-zip php-apcu php-json \ + php-intl php-imagick InstallNextcloud() { @@ -39,14 +40,20 @@ InstallNextcloud() { # their github repositories. mkdir -p /usr/local/lib/owncloud/apps - wget_verify https://github.com/nextcloud/contacts/releases/download/v2.1.8/contacts.tar.gz b5d5bbee33f0c32b124b46cb6aaab90c695ac170 /tmp/contacts.tgz + wget_verify https://github.com/nextcloud/contacts/releases/download/v3.1.1/contacts.tar.gz a06bd967197dcb03c94ec1dbd698c037018669e5 /tmp/contacts.tgz tar xf /tmp/contacts.tgz -C /usr/local/lib/owncloud/apps/ rm /tmp/contacts.tgz - wget_verify https://github.com/nextcloud/calendar/releases/download/v1.6.4/calendar.tar.gz d8a7950dba14803472b6c19625a8ceb23d6fd4ef /tmp/calendar.tgz + wget_verify https://github.com/nextcloud/calendar/releases/download/v1.6.5/calendar.tar.gz 79941255521a5172f7e4ce42dc7773838b5ede2f /tmp/calendar.tgz tar xf /tmp/calendar.tgz -C /usr/local/lib/owncloud/apps/ rm /tmp/calendar.tgz + # Starting with Nextcloud 15, the app user_external is no longer included in Nextcloud core, + # we will install from their github repository. + wget_verify https://github.com/nextcloud/user_external/releases/download/v0.6.3/user_external-0.6.3.tar.gz 0f756d35fef6b64a177d6a16020486b76ea5799c /tmp/user_external.tgz + tar -xf /tmp/user_external.tgz -C /usr/local/lib/owncloud/apps/ + rm /tmp/user_external.tgz + # Fix weird permissions. chmod 750 /usr/local/lib/owncloud/{apps,config} @@ -75,12 +82,14 @@ InstallNextcloud() { # Add missing indices. NextCloud didn't include this in the normal upgrade because it might take some time. sudo -u www-data php /usr/local/lib/owncloud/occ db:add-missing-indices + + # Run conversion to BigInt identifiers, this process may take some time on large tables. + sudo -u www-data php /usr/local/lib/owncloud/occ db:convert-filecache-bigint --no-interaction fi } -nextcloud_ver=14.0.6 -nextcloud_hash=4e43a57340f04c2da306c8eea98e30040399ae5a - +nextcloud_ver=15.0.8 +nextcloud_hash=4129d8d4021c435f2e86876225fb7f15adf764a3 # Check if Nextcloud dir exist, and check if version matches nextcloud_ver (if either doesn't - install/upgrade) if [ ! -d /usr/local/lib/owncloud/ ] \ || ! grep -q $nextcloud_ver /usr/local/lib/owncloud/version.php; then @@ -115,6 +124,11 @@ if [ ! -d /usr/local/lib/owncloud/ ] \ echo "Upgrades from Mail-in-a-Box prior to v0.28 (dated July 30, 2018) with Nextcloud < 13.0.6 (you have ownCloud 10, 11 or 12) are not supported. Upgrade to Mail-in-a-Box version v0.30 first. Setup aborting." exit 1 fi + # During the upgrade from Nextcloud 14 to 15, user_external may cause the upgrade to fail. + # We will disable it here before the upgrade and install it again after the upgrade. + if grep -q "OC_VersionString = '14\." /usr/local/lib/owncloud/version.php; then + hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:disable user_external + fi fi InstallNextcloud $nextcloud_ver $nextcloud_hash @@ -142,10 +156,12 @@ if [ ! -f $STORAGE_ROOT/owncloud/owncloud.db ]; then 'overwritewebroot' => '/cloud', 'overwrite.cli.url' => '/cloud', 'user_backends' => array( - array( - 'class'=>'OC_User_IMAP', - 'arguments'=>array('{127.0.0.1:993/imap/ssl/novalidate-cert}') - ) + array( + 'class' => 'OC_User_IMAP', + 'arguments' => array( + '127.0.0.1', 143, null + ), + ), ), 'memcache.local' => '\OC\Memcache\APCu', 'mail_smtpmode' => 'sendmail', @@ -217,6 +233,8 @@ include("$STORAGE_ROOT/owncloud/config.php"); \$CONFIG['mail_domain'] = '$PRIMARY_HOSTNAME'; +\$CONFIG['user_backends'] = array(array('class' => 'OC_User_IMAP','arguments' => array('127.0.0.1', 143, null),),); + echo " Date: Sun, 16 Jun 2019 11:40:40 -0400 Subject: [PATCH 13/18] changelog updates --- CHANGELOG.md | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index faa4a918..0f232670 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,18 +4,20 @@ CHANGELOG In Development -------------- -Mail: +Changes: -* Update to Roundcube 1.3.9. +* Decreased the minimum supported RAM to 502 Mb. +* Improved mail client autoconfiguration. +* Added support for S3-compatible backup services besides Amazon S3. +* Fixed the control panel login page to let LastPass save passwords. +* Fixed an error in the user privileges API. +* Silenced some spurrious messages. -Contacts/Calendar: +Software updates: -* Upgraded Nextcloud from 14.0.6 to 15.0.8. -* Upgraded Contacts from 2.1.8 to 3.1.1. -* Upgraded Calendar from 1.6.4 to 1.6.5. - -Z-Push: - * Upgraded Z-Push from 2.4.4 to 2.5.0. +* Upgraded Roundcube from 1.3.8 to 1.3.9. +* Upgraded Nextcloud from 14.0.6 to 15.0.8 (with Contacts from 2.1.8 to 3.1.1 and Calendar from 1.6.4 to 1.6.5). +* Upgraded Z-Push from 2.4.4 to 2.5.0. v0.41 (February 26, 2019) ------------------------- From 39fd4ce16c6b665f1df886083dcc0a6afda6c08e Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Thu, 4 Jul 2019 21:34:55 -0400 Subject: [PATCH 14/18] v0.42 --- CHANGELOG.md | 4 ++-- README.md | 4 ++-- setup/bootstrap.sh | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f232670..15311c84 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,8 +1,8 @@ CHANGELOG ========= -In Development --------------- +v0.42 (July 4, 2019) +-------------------- Changes: diff --git a/README.md b/README.md index 01997fd4..d93a0847 100644 --- a/README.md +++ b/README.md @@ -58,7 +58,7 @@ by him: $ curl -s https://keybase.io/joshdata/key.asc | gpg --import gpg: key C10BDD81: public key "Joshua Tauberer " imported - $ git verify-tag v0.41 + $ git verify-tag v0.42 gpg: Signature made ..... using RSA key ID C10BDD81 gpg: Good signature from "Joshua Tauberer " gpg: WARNING: This key is not certified with a trusted signature! @@ -71,7 +71,7 @@ and on his [personal homepage](https://razor.occams.info/). (Of course, if this Checkout the tag corresponding to the most recent release: - $ git checkout v0.41 + $ git checkout v0.42 Begin the installation. diff --git a/setup/bootstrap.sh b/setup/bootstrap.sh index 74bf5e16..b8dfcc64 100644 --- a/setup/bootstrap.sh +++ b/setup/bootstrap.sh @@ -20,7 +20,7 @@ if [ -z "$TAG" ]; then # want to display in status checks. if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/18\.04\.[0-9]/18.04/' `" == "Ubuntu 18.04 LTS" ]; then # This machine is running Ubuntu 18.04. - TAG=v0.41 + TAG=v0.42 elif [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' `" == "Ubuntu 14.04 LTS" ]; then # This machine is running Ubuntu 14.04. From 5fc1944f04dba9e111f3c8787a5969d4c296468f Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Fri, 5 Jul 2019 11:56:54 -0400 Subject: [PATCH 15/18] pull v0.42, go back to v0.41 --- setup/bootstrap.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/bootstrap.sh b/setup/bootstrap.sh index b8dfcc64..74bf5e16 100644 --- a/setup/bootstrap.sh +++ b/setup/bootstrap.sh @@ -20,7 +20,7 @@ if [ -z "$TAG" ]; then # want to display in status checks. if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/18\.04\.[0-9]/18.04/' `" == "Ubuntu 18.04 LTS" ]; then # This machine is running Ubuntu 18.04. - TAG=v0.42 + TAG=v0.41 elif [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' `" == "Ubuntu 14.04 LTS" ]; then # This machine is running Ubuntu 14.04. From fd5b11823ce01cd7e9bf68a247758adb46f4f146 Mon Sep 17 00:00:00 2001 From: jvolkenant Date: Wed, 10 Jul 2019 03:28:37 -0700 Subject: [PATCH 16/18] Add AAAA records for autodiscover & autoconfig (#1606) --- management/dns_update.py | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/management/dns_update.py b/management/dns_update.py index 006a00c2..7e006d0b 100755 --- a/management/dns_update.py +++ b/management/dns_update.py @@ -288,14 +288,20 @@ def build_zone(domain, all_domains, additional_records, www_redirect_domains, en if not has_rec(qname, "SRV"): records.append((qname, "SRV", "0 0 443 " + env["PRIMARY_HOSTNAME"] + ".", "Recommended. Specifies the hostname of the server that handles CardDAV/CalDAV services for email addresses on this domain.")) - # Adds autoconfiguration A records for all domains. - # This allows the following clients to automatically configure email addresses in the respective applications. - # autodiscover.* - Z-Push ActiveSync Autodiscover - # autoconfig.* - Thunderbird Autoconfig - if not has_rec("autodiscover", "A"): - records.append(("autodiscover", "A", env["PUBLIC_IP"], "Provides email configuration autodiscovery support for Z-Push ActiveSync Autodiscover.")) - if not has_rec("autoconfig", "A"): - records.append(("autoconfig", "A", env["PUBLIC_IP"], "Provides email configuration autodiscovery support for Thunderbird Autoconfig.")) + # Adds autoconfiguration A records for all domains. + # This allows the following clients to automatically configure email addresses in the respective applications. + # autodiscover.* - Z-Push ActiveSync Autodiscover + # autoconfig.* - Thunderbird Autoconfig + autodiscover_records = [ + ("autodiscover", "A", env["PUBLIC_IP"], "Provides email configuration autodiscovery support for Z-Push ActiveSync Autodiscover."), + ("autodiscover", "AAAA", env["PUBLIC_IPV6"], "Provides email configuration autodiscovery support for Z-Push ActiveSync Autodiscover."), + ("autoconfig", "A", env["PUBLIC_IP"], "Provides email configuration autodiscovery support for Thunderbird Autoconfig."), + ("autoconfig", "AAAA", env["PUBLIC_IPV6"], "Provides email configuration autodiscovery support for Thunderbird Autoconfig.") + ] + for qname, rtype, value, explanation in autodiscover_records: + if value is None or value.strip() == "": continue # skip IPV6 if not set + if not has_rec(qname, rtype): + records.append((qname, rtype, value, explanation)) # Sort the records. The None records *must* go first in the nsd zone file. Otherwise it doesn't matter. records.sort(key = lambda rec : list(reversed(rec[0].split(".")) if rec[0] is not None else "")) From bea5eb0dda083478ce0a27d0b8e6740bae26e2ab Mon Sep 17 00:00:00 2001 From: jvolkenant Date: Fri, 12 Jul 2019 03:41:16 -0700 Subject: [PATCH 17/18] Add interm upgrade step from Nextcloud 13 -> 14 (#1605) --- setup/nextcloud.sh | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/setup/nextcloud.sh b/setup/nextcloud.sh index 8dc8d35a..9f36ee56 100755 --- a/setup/nextcloud.sh +++ b/setup/nextcloud.sh @@ -50,9 +50,11 @@ InstallNextcloud() { # Starting with Nextcloud 15, the app user_external is no longer included in Nextcloud core, # we will install from their github repository. - wget_verify https://github.com/nextcloud/user_external/releases/download/v0.6.3/user_external-0.6.3.tar.gz 0f756d35fef6b64a177d6a16020486b76ea5799c /tmp/user_external.tgz - tar -xf /tmp/user_external.tgz -C /usr/local/lib/owncloud/apps/ - rm /tmp/user_external.tgz + if [[ $version =~ ^15 ]]; then + wget_verify https://github.com/nextcloud/user_external/releases/download/v0.6.3/user_external-0.6.3.tar.gz 0f756d35fef6b64a177d6a16020486b76ea5799c /tmp/user_external.tgz + tar -xf /tmp/user_external.tgz -C /usr/local/lib/owncloud/apps/ + rm /tmp/user_external.tgz + fi # Fix weird permissions. chmod 750 /usr/local/lib/owncloud/{apps,config} @@ -124,6 +126,11 @@ if [ ! -d /usr/local/lib/owncloud/ ] \ echo "Upgrades from Mail-in-a-Box prior to v0.28 (dated July 30, 2018) with Nextcloud < 13.0.6 (you have ownCloud 10, 11 or 12) are not supported. Upgrade to Mail-in-a-Box version v0.30 first. Setup aborting." exit 1 fi + # If we are running Nextcloud 13, upgrade to Nextcloud 14 + if grep -q "OC_VersionString = '13\." /usr/local/lib/owncloud/version.php; then + InstallNextcloud 14.0.6 4e43a57340f04c2da306c8eea98e30040399ae5a + + fi # During the upgrade from Nextcloud 14 to 15, user_external may cause the upgrade to fail. # We will disable it here before the upgrade and install it again after the upgrade. if grep -q "OC_VersionString = '14\." /usr/local/lib/owncloud/version.php; then From e37768ca8680106b037822975445de88e3e0da14 Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Sat, 3 Aug 2019 11:49:32 -0400 Subject: [PATCH 18/18] v0.42b --- CHANGELOG.md | 6 ++++-- README.md | 4 ++-- setup/bootstrap.sh | 2 +- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 15311c84..a07304b6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,8 +1,8 @@ CHANGELOG ========= -v0.42 (July 4, 2019) --------------------- +v0.42b (August 3, 2019) +----------------------- Changes: @@ -19,6 +19,8 @@ Software updates: * Upgraded Nextcloud from 14.0.6 to 15.0.8 (with Contacts from 2.1.8 to 3.1.1 and Calendar from 1.6.4 to 1.6.5). * Upgraded Z-Push from 2.4.4 to 2.5.0. +Note that v0.42 (July 4, 2019) was pulled shortly after it was released to fix a Nextcloud upgrade issue. + v0.41 (February 26, 2019) ------------------------- diff --git a/README.md b/README.md index d93a0847..925e62aa 100644 --- a/README.md +++ b/README.md @@ -58,7 +58,7 @@ by him: $ curl -s https://keybase.io/joshdata/key.asc | gpg --import gpg: key C10BDD81: public key "Joshua Tauberer " imported - $ git verify-tag v0.42 + $ git verify-tag v0.42b gpg: Signature made ..... using RSA key ID C10BDD81 gpg: Good signature from "Joshua Tauberer " gpg: WARNING: This key is not certified with a trusted signature! @@ -71,7 +71,7 @@ and on his [personal homepage](https://razor.occams.info/). (Of course, if this Checkout the tag corresponding to the most recent release: - $ git checkout v0.42 + $ git checkout v0.42b Begin the installation. diff --git a/setup/bootstrap.sh b/setup/bootstrap.sh index 74bf5e16..1135107b 100644 --- a/setup/bootstrap.sh +++ b/setup/bootstrap.sh @@ -20,7 +20,7 @@ if [ -z "$TAG" ]; then # want to display in status checks. if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/18\.04\.[0-9]/18.04/' `" == "Ubuntu 18.04 LTS" ]; then # This machine is running Ubuntu 18.04. - TAG=v0.41 + TAG=v0.42b elif [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' `" == "Ubuntu 14.04 LTS" ]; then # This machine is running Ubuntu 14.04.