mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-12-25 07:47:05 +00:00
v0.42b (August 3, 2019)
----------------------- Changes: * Decreased the minimum supported RAM to 502 Mb. * Improved mail client autoconfiguration. * Added support for S3-compatible backup services besides Amazon S3. * Fixed the control panel login page to let LastPass save passwords. * Fixed an error in the user privileges API. * Silenced some spurrious messages. Software updates: * Upgraded Roundcube from 1.3.8 to 1.3.9. * Upgraded Nextcloud from 14.0.6 to 15.0.8 (with Contacts from 2.1.8 to 3.1.1 and Calendar from 1.6.4 to 1.6.5). * Upgraded Z-Push from 2.4.4 to 2.5.0. Note that v0.42 (July 4, 2019) was pulled shortly after it was released to fix a Nextcloud upgrade issue. -----BEGIN PGP SIGNATURE----- iQFDBAABCgAtFiEEX0wOcxPM10RpOyrquSBB9MEL3YEFAl1FrScPHGp0QG9jY2Ft cy5pbmZvAAoJELkgQfTBC92BCvgH/AieqUcy/ujFML4YeIKY/ThQNFdI6VUO0b4b QBzR9ixc9ctp6qV+wVfnL22xO4V2rcO/eMAKMc6AzOw6E97iWHtK/4L2fmRYXclw arln7LokFTczSp1J29ldRjCYMn3dOS1IvBRJe8JWvFNdQY6gGaGrhqV/nCIECOWP sJsJ/sPv2d4ZapbQtfqBh2WiLADNf1CSmDpkCXwS9Va+XstVeprIk1Kbsy8z5L8K 0cFZWxiWTB/hgHD/BqUNxrzB5mS4fCyr9c9g+OIjZFeoF/olYPp4SsEFHPQ604YG qRupfjdG1bWHUpTT5lvG1AVIIPJPnvFk/Ctk1iQiYSU5BzbvKz8= =4QdN -----END PGP SIGNATURE----- Merge tag 'v0.42b' of https://github.com/mail-in-a-box/mailinabox v0.42b (August 3, 2019) ----------------------- Changes: * Decreased the minimum supported RAM to 502 Mb. * Improved mail client autoconfiguration. * Added support for S3-compatible backup services besides Amazon S3. * Fixed the control panel login page to let LastPass save passwords. * Fixed an error in the user privileges API. * Silenced some spurrious messages. Software updates: * Upgraded Roundcube from 1.3.8 to 1.3.9. * Upgraded Nextcloud from 14.0.6 to 15.0.8 (with Contacts from 2.1.8 to 3.1.1 and Calendar from 1.6.4 to 1.6.5). * Upgraded Z-Push from 2.4.4 to 2.5.0. Note that v0.42 (July 4, 2019) was pulled shortly after it was released to fix a Nextcloud upgrade issue. 5F4C0E7313CCD744693B2AEAB92041F4C10BDD81
This commit is contained in:
commit
32a0b0467f
20
CHANGELOG.md
20
CHANGELOG.md
@ -1,6 +1,26 @@
|
|||||||
CHANGELOG
|
CHANGELOG
|
||||||
=========
|
=========
|
||||||
|
|
||||||
|
v0.42b (August 3, 2019)
|
||||||
|
-----------------------
|
||||||
|
|
||||||
|
Changes:
|
||||||
|
|
||||||
|
* Decreased the minimum supported RAM to 502 Mb.
|
||||||
|
* Improved mail client autoconfiguration.
|
||||||
|
* Added support for S3-compatible backup services besides Amazon S3.
|
||||||
|
* Fixed the control panel login page to let LastPass save passwords.
|
||||||
|
* Fixed an error in the user privileges API.
|
||||||
|
* Silenced some spurrious messages.
|
||||||
|
|
||||||
|
Software updates:
|
||||||
|
|
||||||
|
* Upgraded Roundcube from 1.3.8 to 1.3.9.
|
||||||
|
* Upgraded Nextcloud from 14.0.6 to 15.0.8 (with Contacts from 2.1.8 to 3.1.1 and Calendar from 1.6.4 to 1.6.5).
|
||||||
|
* Upgraded Z-Push from 2.4.4 to 2.5.0.
|
||||||
|
|
||||||
|
Note that v0.42 (July 4, 2019) was pulled shortly after it was released to fix a Nextcloud upgrade issue.
|
||||||
|
|
||||||
v0.41 (February 26, 2019)
|
v0.41 (February 26, 2019)
|
||||||
-------------------------
|
-------------------------
|
||||||
|
|
||||||
|
@ -198,7 +198,7 @@ by him:
|
|||||||
$ curl -s https://keybase.io/joshdata/key.asc | gpg --import
|
$ curl -s https://keybase.io/joshdata/key.asc | gpg --import
|
||||||
gpg: key C10BDD81: public key "Joshua Tauberer <jt@occams.info>" imported
|
gpg: key C10BDD81: public key "Joshua Tauberer <jt@occams.info>" imported
|
||||||
|
|
||||||
$ git verify-tag v0.41
|
$ git verify-tag v0.42b
|
||||||
gpg: Signature made ..... using RSA key ID C10BDD81
|
gpg: Signature made ..... using RSA key ID C10BDD81
|
||||||
gpg: Good signature from "Joshua Tauberer <jt@occams.info>"
|
gpg: Good signature from "Joshua Tauberer <jt@occams.info>"
|
||||||
gpg: WARNING: This key is not certified with a trusted signature!
|
gpg: WARNING: This key is not certified with a trusted signature!
|
||||||
@ -211,7 +211,7 @@ and on his [personal homepage](https://razor.occams.info/). (Of course, if this
|
|||||||
|
|
||||||
Checkout the tag corresponding to the most recent release:
|
Checkout the tag corresponding to the most recent release:
|
||||||
|
|
||||||
$ git checkout v0.41
|
$ git checkout v0.42b
|
||||||
|
|
||||||
Begin the installation.
|
Begin the installation.
|
||||||
|
|
||||||
|
@ -18,6 +18,9 @@
|
|||||||
location = /.well-known/autoconfig/mail/config-v1.1.xml {
|
location = /.well-known/autoconfig/mail/config-v1.1.xml {
|
||||||
alias /var/lib/mailinabox/mozilla-autoconfig.xml;
|
alias /var/lib/mailinabox/mozilla-autoconfig.xml;
|
||||||
}
|
}
|
||||||
|
location = /mail/config-v1.1.xml {
|
||||||
|
alias /var/lib/mailinabox/mozilla-autoconfig.xml;
|
||||||
|
}
|
||||||
|
|
||||||
# Roundcube Webmail configuration.
|
# Roundcube Webmail configuration.
|
||||||
rewrite ^/mail$ /mail/ redirect;
|
rewrite ^/mail$ /mail/ redirect;
|
||||||
|
@ -19,6 +19,7 @@
|
|||||||
rewrite ^/cloud/$ /cloud/index.php;
|
rewrite ^/cloud/$ /cloud/index.php;
|
||||||
rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect;
|
rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect;
|
||||||
rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;
|
rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;
|
||||||
|
rewrite ^(/cloud/oc[sm]-provider)/$ $1/index.php redirect;
|
||||||
location /cloud/ {
|
location /cloud/ {
|
||||||
alias /usr/local/lib/owncloud/;
|
alias /usr/local/lib/owncloud/;
|
||||||
location ~ ^/cloud/(build|tests|config|lib|3rdparty|templates|data|README)/ {
|
location ~ ^/cloud/(build|tests|config|lib|3rdparty|templates|data|README)/ {
|
||||||
@ -27,6 +28,14 @@
|
|||||||
location ~ ^/cloud/(?:\.|autotest|occ|issue|indie|db_|console) {
|
location ~ ^/cloud/(?:\.|autotest|occ|issue|indie|db_|console) {
|
||||||
deny all;
|
deny all;
|
||||||
}
|
}
|
||||||
|
# Enable paths for service and cloud federation discovery
|
||||||
|
# Resolves warning in Nextcloud Settings panel
|
||||||
|
location ~ ^/cloud/(oc[sm]-provider)?/([^/]+\.php)$ {
|
||||||
|
index index.php;
|
||||||
|
include fastcgi_params;
|
||||||
|
fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$1/$2;
|
||||||
|
fastcgi_pass php-fpm;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
location ~ ^(/cloud)((?:/ocs)?/[^/]+\.php)(/.*)?$ {
|
location ~ ^(/cloud)((?:/ocs)?/[^/]+\.php)(/.*)?$ {
|
||||||
# note: ~ has precendence over a regular location block
|
# note: ~ has precendence over a regular location block
|
||||||
|
@ -419,15 +419,22 @@ def list_target_files(config):
|
|||||||
fix_boto() # must call prior to importing boto
|
fix_boto() # must call prior to importing boto
|
||||||
import boto.s3
|
import boto.s3
|
||||||
from boto.exception import BotoServerError
|
from boto.exception import BotoServerError
|
||||||
|
custom_region = False
|
||||||
for region in boto.s3.regions():
|
for region in boto.s3.regions():
|
||||||
if region.endpoint == target.hostname:
|
if region.endpoint == target.hostname:
|
||||||
break
|
break
|
||||||
else:
|
else:
|
||||||
raise ValueError("Invalid S3 region/host.")
|
# If region is not found this is a custom region
|
||||||
|
custom_region = True
|
||||||
|
|
||||||
bucket = target.path[1:].split('/')[0]
|
bucket = target.path[1:].split('/')[0]
|
||||||
path = '/'.join(target.path[1:].split('/')[1:]) + '/'
|
path = '/'.join(target.path[1:].split('/')[1:]) + '/'
|
||||||
|
|
||||||
|
# Create a custom region with custom endpoint
|
||||||
|
if custom_region:
|
||||||
|
from boto.s3.connection import S3Connection
|
||||||
|
region = boto.s3.S3RegionInfo(name=bucket, endpoint=target.hostname, connection_cls=S3Connection)
|
||||||
|
|
||||||
# If no prefix is specified, set the path to '', otherwise boto won't list the files
|
# If no prefix is specified, set the path to '', otherwise boto won't list the files
|
||||||
if path == '/':
|
if path == '/':
|
||||||
path = ''
|
path = ''
|
||||||
|
@ -288,6 +288,21 @@ def build_zone(domain, all_domains, additional_records, www_redirect_domains, en
|
|||||||
if not has_rec(qname, "SRV"):
|
if not has_rec(qname, "SRV"):
|
||||||
records.append((qname, "SRV", "0 0 443 " + env["PRIMARY_HOSTNAME"] + ".", "Recommended. Specifies the hostname of the server that handles CardDAV/CalDAV services for email addresses on this domain."))
|
records.append((qname, "SRV", "0 0 443 " + env["PRIMARY_HOSTNAME"] + ".", "Recommended. Specifies the hostname of the server that handles CardDAV/CalDAV services for email addresses on this domain."))
|
||||||
|
|
||||||
|
# Adds autoconfiguration A records for all domains.
|
||||||
|
# This allows the following clients to automatically configure email addresses in the respective applications.
|
||||||
|
# autodiscover.* - Z-Push ActiveSync Autodiscover
|
||||||
|
# autoconfig.* - Thunderbird Autoconfig
|
||||||
|
autodiscover_records = [
|
||||||
|
("autodiscover", "A", env["PUBLIC_IP"], "Provides email configuration autodiscovery support for Z-Push ActiveSync Autodiscover."),
|
||||||
|
("autodiscover", "AAAA", env["PUBLIC_IPV6"], "Provides email configuration autodiscovery support for Z-Push ActiveSync Autodiscover."),
|
||||||
|
("autoconfig", "A", env["PUBLIC_IP"], "Provides email configuration autodiscovery support for Thunderbird Autoconfig."),
|
||||||
|
("autoconfig", "AAAA", env["PUBLIC_IPV6"], "Provides email configuration autodiscovery support for Thunderbird Autoconfig.")
|
||||||
|
]
|
||||||
|
for qname, rtype, value, explanation in autodiscover_records:
|
||||||
|
if value is None or value.strip() == "": continue # skip IPV6 if not set
|
||||||
|
if not has_rec(qname, rtype):
|
||||||
|
records.append((qname, rtype, value, explanation))
|
||||||
|
|
||||||
# Sort the records. The None records *must* go first in the nsd zone file. Otherwise it doesn't matter.
|
# Sort the records. The None records *must* go first in the nsd zone file. Otherwise it doesn't matter.
|
||||||
records.sort(key = lambda rec : list(reversed(rec[0].split(".")) if rec[0] is not None else ""))
|
records.sort(key = lambda rec : list(reversed(rec[0].split(".")) if rec[0] is not None else ""))
|
||||||
|
|
||||||
|
@ -195,7 +195,7 @@ def get_mail_users_ex(env, with_archived=False):
|
|||||||
if email in active_accounts: continue
|
if email in active_accounts: continue
|
||||||
user = {
|
user = {
|
||||||
"email": email,
|
"email": email,
|
||||||
"privileges": "",
|
"privileges": [],
|
||||||
"status": "inactive",
|
"status": "inactive",
|
||||||
"mailbox": mbox,
|
"mailbox": mbox,
|
||||||
}
|
}
|
||||||
|
@ -23,7 +23,7 @@ sudo tools/mail.py user make-admin me@{{hostname}}</pre>
|
|||||||
<p style="margin: 2em; text-align: center;">Log in here for your Mail-in-a-Box control panel.</p>
|
<p style="margin: 2em; text-align: center;">Log in here for your Mail-in-a-Box control panel.</p>
|
||||||
|
|
||||||
<div style="margin: 0 auto; max-width: 32em;">
|
<div style="margin: 0 auto; max-width: 32em;">
|
||||||
<form class="form-horizontal" role="form" onsubmit="do_login(); return false;">
|
<form class="form-horizontal" role="form" onsubmit="do_login(); return false;" method="get">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="inputEmail3" class="col-sm-3 control-label">Email</label>
|
<label for="inputEmail3" class="col-sm-3 control-label">Email</label>
|
||||||
<div class="col-sm-9">
|
<div class="col-sm-9">
|
||||||
|
@ -77,15 +77,22 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group backup-target-s3">
|
<div class="form-group backup-target-s3">
|
||||||
<label for="backup-target-s3-host" class="col-sm-2 control-label">S3 Region</label>
|
<label for="backup-target-s3-host-select" class="col-sm-2 control-label">S3 Region</label>
|
||||||
<div class="col-sm-8">
|
<div class="col-sm-8">
|
||||||
<select class="form-control" rows="1" id="backup-target-s3-host">
|
<select class="form-control" rows="1" id="backup-target-s3-host-select">
|
||||||
{% for name, host in backup_s3_hosts %}
|
{% for name, host in backup_s3_hosts %}
|
||||||
<option value="{{host}}">{{name}}</option>
|
<option value="{{host}}">{{name}}</option>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
<option value="other">Other</option>
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
<div class="form-group backup-target-s3">
|
||||||
|
<label for="backup-target-s3-host" class="col-sm-2 control-label">S3 Host / Endpoint</label>
|
||||||
|
<div class="col-sm-8">
|
||||||
|
<input type="text" placeholder="Endpoint" class="form-control" rows="1" id="backup-target-s3-host">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
<div class="form-group backup-target-s3">
|
<div class="form-group backup-target-s3">
|
||||||
<label for="backup-target-s3-path" class="col-sm-2 control-label">S3 Path</label>
|
<label for="backup-target-s3-path" class="col-sm-2 control-label">S3 Path</label>
|
||||||
<div class="col-sm-8">
|
<div class="col-sm-8">
|
||||||
@ -139,6 +146,8 @@ function toggle_form() {
|
|||||||
var target_type = $("#backup-target-type").val();
|
var target_type = $("#backup-target-type").val();
|
||||||
$(".backup-target-local, .backup-target-rsync, .backup-target-s3").hide();
|
$(".backup-target-local, .backup-target-rsync, .backup-target-s3").hide();
|
||||||
$(".backup-target-" + target_type).show();
|
$(".backup-target-" + target_type).show();
|
||||||
|
|
||||||
|
init_inputs(target_type);
|
||||||
}
|
}
|
||||||
|
|
||||||
function nice_size(bytes) {
|
function nice_size(bytes) {
|
||||||
@ -278,4 +287,20 @@ function set_custom_backup() {
|
|||||||
});
|
});
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function init_inputs(target_type) {
|
||||||
|
function set_host(host) {
|
||||||
|
if(host !== 'other') {
|
||||||
|
$("#backup-target-s3-host").val(host);
|
||||||
|
} else {
|
||||||
|
$("#backup-target-s3-host").val('');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (target_type == "s3") {
|
||||||
|
$('#backup-target-s3-host-select').off('change').on('change', function() {
|
||||||
|
set_host($('#backup-target-s3-host-select').val());
|
||||||
|
});
|
||||||
|
set_host($('#backup-target-s3-host-select').val());
|
||||||
|
}
|
||||||
|
}
|
||||||
</script>
|
</script>
|
||||||
|
@ -29,6 +29,12 @@ def get_web_domains(env, include_www_redirects=True, exclude_dns_elsewhere=True)
|
|||||||
# IP address than this box. Remove those domains from our list.
|
# IP address than this box. Remove those domains from our list.
|
||||||
domains -= get_domains_with_a_records(env)
|
domains -= get_domains_with_a_records(env)
|
||||||
|
|
||||||
|
# Add Autoconfiguration domains, allowing us to serve correct SSL certs.
|
||||||
|
# 'autoconfig.' for Mozilla Thunderbird auto setup.
|
||||||
|
# 'autodiscover.' for Activesync autodiscovery.
|
||||||
|
domains |= set('autoconfig.' + maildomain for maildomain in get_mail_domains(env))
|
||||||
|
domains |= set('autodiscover.' + maildomain for maildomain in get_mail_domains(env))
|
||||||
|
|
||||||
# Ensure the PRIMARY_HOSTNAME is in the list so we can serve webmail
|
# Ensure the PRIMARY_HOSTNAME is in the list so we can serve webmail
|
||||||
# as well as Z-Push for Exchange ActiveSync. This can't be removed
|
# as well as Z-Push for Exchange ActiveSync. This can't be removed
|
||||||
# by a custom A/AAAA record and is never a 'www.' redirect.
|
# by a custom A/AAAA record and is never a 'www.' redirect.
|
||||||
|
@ -20,7 +20,7 @@ if [ -z "$TAG" ]; then
|
|||||||
# want to display in status checks.
|
# want to display in status checks.
|
||||||
if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/18\.04\.[0-9]/18.04/' `" == "Ubuntu 18.04 LTS" ]; then
|
if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/18\.04\.[0-9]/18.04/' `" == "Ubuntu 18.04 LTS" ]; then
|
||||||
# This machine is running Ubuntu 18.04.
|
# This machine is running Ubuntu 18.04.
|
||||||
TAG=v0.41-quota-0.18-beta
|
TAG=v0.42b-quota-0.18-beta
|
||||||
|
|
||||||
elif [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' `" == "Ubuntu 14.04 LTS" ]; then
|
elif [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' `" == "Ubuntu 14.04 LTS" ]; then
|
||||||
# This machine is running Ubuntu 14.04.
|
# This machine is running Ubuntu 14.04.
|
||||||
|
@ -127,7 +127,7 @@ function get_default_privateip {
|
|||||||
if [ "$1" == "6" ]; then target=2001:4860:4860::8888; fi
|
if [ "$1" == "6" ]; then target=2001:4860:4860::8888; fi
|
||||||
|
|
||||||
# Get the route information.
|
# Get the route information.
|
||||||
route=$(ip -$1 -o route get $target | grep -v unreachable)
|
route=$(ip -$1 -o route get $target 2>/dev/null | grep -v unreachable)
|
||||||
|
|
||||||
# Parse the address out of the route information.
|
# Parse the address out of the route information.
|
||||||
address=$(echo $route | sed "s/.* src \([^ ]*\).*/\1/")
|
address=$(echo $route | sed "s/.* src \([^ ]*\).*/\1/")
|
||||||
|
@ -82,11 +82,12 @@ tools/editconf.py /etc/dovecot/conf.d/10-auth.conf \
|
|||||||
# Enable SSL, specify the location of the SSL certificate and private key files.
|
# Enable SSL, specify the location of the SSL certificate and private key files.
|
||||||
# Disable obsolete SSL protocols and allow only good ciphers per http://baldric.net/2013/12/07/tls-ciphers-in-postfix-and-dovecot/.
|
# Disable obsolete SSL protocols and allow only good ciphers per http://baldric.net/2013/12/07/tls-ciphers-in-postfix-and-dovecot/.
|
||||||
# Enable strong ssl dh parameters
|
# Enable strong ssl dh parameters
|
||||||
|
|
||||||
tools/editconf.py /etc/dovecot/conf.d/10-ssl.conf \
|
tools/editconf.py /etc/dovecot/conf.d/10-ssl.conf \
|
||||||
ssl=required \
|
ssl=required \
|
||||||
"ssl_cert=<$STORAGE_ROOT/ssl/ssl_certificate.pem" \
|
"ssl_cert=<$STORAGE_ROOT/ssl/ssl_certificate.pem" \
|
||||||
"ssl_key=<$STORAGE_ROOT/ssl/ssl_private_key.pem" \
|
"ssl_key=<$STORAGE_ROOT/ssl/ssl_private_key.pem" \
|
||||||
"ssl_protocols=!SSLv3 !SSLv2" \
|
"ssl_protocols=!SSLv3" \
|
||||||
"ssl_cipher_list=ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS" \
|
"ssl_cipher_list=ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS" \
|
||||||
"ssl_prefer_server_ciphers = yes" \
|
"ssl_prefer_server_ciphers = yes" \
|
||||||
"ssl_dh_parameters_length = 2048"
|
"ssl_dh_parameters_length = 2048"
|
||||||
@ -137,6 +138,14 @@ service lmtp {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Enable imap-login on localhost to allow the user_external plugin
|
||||||
|
# for Nextcloud to do imap authentication. (See #1577)
|
||||||
|
service imap-login {
|
||||||
|
inet_listener imap {
|
||||||
|
address = 127.0.0.1
|
||||||
|
port = 143
|
||||||
|
}
|
||||||
|
}
|
||||||
protocol imap {
|
protocol imap {
|
||||||
mail_max_userip_connections = 20
|
mail_max_userip_connections = 20
|
||||||
}
|
}
|
||||||
|
@ -38,7 +38,7 @@ inst_dir=/usr/local/lib/mailinabox
|
|||||||
mkdir -p $inst_dir
|
mkdir -p $inst_dir
|
||||||
venv=$inst_dir/env
|
venv=$inst_dir/env
|
||||||
if [ ! -d $venv ]; then
|
if [ ! -d $venv ]; then
|
||||||
virtualenv -ppython3 $venv
|
hide_output virtualenv -ppython3 $venv
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Upgrade pip because the Ubuntu-packaged version is out of date.
|
# Upgrade pip because the Ubuntu-packaged version is out of date.
|
||||||
|
@ -76,4 +76,8 @@ restart_service munin-node
|
|||||||
# generate initial statistics so the directory isn't empty
|
# generate initial statistics so the directory isn't empty
|
||||||
# (We get "Pango-WARNING **: error opening config file '/root/.config/pango/pangorc': Permission denied"
|
# (We get "Pango-WARNING **: error opening config file '/root/.config/pango/pangorc': Permission denied"
|
||||||
# if we don't explicitly set the HOME directory when sudo'ing.)
|
# if we don't explicitly set the HOME directory when sudo'ing.)
|
||||||
sudo -H -u munin munin-cron
|
# We check to see if munin-cron is already running, if it is, there is no need to run it simultaneously
|
||||||
|
# generating an error.
|
||||||
|
if [ ! -f /var/run/munin/munin-update.lock ]; then
|
||||||
|
sudo -H -u munin munin-cron
|
||||||
|
fi
|
||||||
|
@ -13,7 +13,8 @@ apt-get purge -qq -y owncloud* # we used to use the package manager
|
|||||||
|
|
||||||
apt_install php php-fpm \
|
apt_install php php-fpm \
|
||||||
php-cli php-sqlite3 php-gd php-imap php-curl php-pear curl \
|
php-cli php-sqlite3 php-gd php-imap php-curl php-pear curl \
|
||||||
php-dev php-gd php-xml php-mbstring php-zip php-apcu php-json php-intl
|
php-dev php-gd php-xml php-mbstring php-zip php-apcu php-json \
|
||||||
|
php-intl php-imagick
|
||||||
|
|
||||||
InstallNextcloud() {
|
InstallNextcloud() {
|
||||||
|
|
||||||
@ -39,14 +40,22 @@ InstallNextcloud() {
|
|||||||
# their github repositories.
|
# their github repositories.
|
||||||
mkdir -p /usr/local/lib/owncloud/apps
|
mkdir -p /usr/local/lib/owncloud/apps
|
||||||
|
|
||||||
wget_verify https://github.com/nextcloud/contacts/releases/download/v2.1.8/contacts.tar.gz b5d5bbee33f0c32b124b46cb6aaab90c695ac170 /tmp/contacts.tgz
|
wget_verify https://github.com/nextcloud/contacts/releases/download/v3.1.1/contacts.tar.gz a06bd967197dcb03c94ec1dbd698c037018669e5 /tmp/contacts.tgz
|
||||||
tar xf /tmp/contacts.tgz -C /usr/local/lib/owncloud/apps/
|
tar xf /tmp/contacts.tgz -C /usr/local/lib/owncloud/apps/
|
||||||
rm /tmp/contacts.tgz
|
rm /tmp/contacts.tgz
|
||||||
|
|
||||||
wget_verify https://github.com/nextcloud/calendar/releases/download/v1.6.4/calendar.tar.gz d8a7950dba14803472b6c19625a8ceb23d6fd4ef /tmp/calendar.tgz
|
wget_verify https://github.com/nextcloud/calendar/releases/download/v1.6.5/calendar.tar.gz 79941255521a5172f7e4ce42dc7773838b5ede2f /tmp/calendar.tgz
|
||||||
tar xf /tmp/calendar.tgz -C /usr/local/lib/owncloud/apps/
|
tar xf /tmp/calendar.tgz -C /usr/local/lib/owncloud/apps/
|
||||||
rm /tmp/calendar.tgz
|
rm /tmp/calendar.tgz
|
||||||
|
|
||||||
|
# Starting with Nextcloud 15, the app user_external is no longer included in Nextcloud core,
|
||||||
|
# we will install from their github repository.
|
||||||
|
if [[ $version =~ ^15 ]]; then
|
||||||
|
wget_verify https://github.com/nextcloud/user_external/releases/download/v0.6.3/user_external-0.6.3.tar.gz 0f756d35fef6b64a177d6a16020486b76ea5799c /tmp/user_external.tgz
|
||||||
|
tar -xf /tmp/user_external.tgz -C /usr/local/lib/owncloud/apps/
|
||||||
|
rm /tmp/user_external.tgz
|
||||||
|
fi
|
||||||
|
|
||||||
# Fix weird permissions.
|
# Fix weird permissions.
|
||||||
chmod 750 /usr/local/lib/owncloud/{apps,config}
|
chmod 750 /usr/local/lib/owncloud/{apps,config}
|
||||||
|
|
||||||
@ -75,12 +84,14 @@ InstallNextcloud() {
|
|||||||
|
|
||||||
# Add missing indices. NextCloud didn't include this in the normal upgrade because it might take some time.
|
# Add missing indices. NextCloud didn't include this in the normal upgrade because it might take some time.
|
||||||
sudo -u www-data php /usr/local/lib/owncloud/occ db:add-missing-indices
|
sudo -u www-data php /usr/local/lib/owncloud/occ db:add-missing-indices
|
||||||
|
|
||||||
|
# Run conversion to BigInt identifiers, this process may take some time on large tables.
|
||||||
|
sudo -u www-data php /usr/local/lib/owncloud/occ db:convert-filecache-bigint --no-interaction
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
nextcloud_ver=14.0.6
|
nextcloud_ver=15.0.8
|
||||||
nextcloud_hash=4e43a57340f04c2da306c8eea98e30040399ae5a
|
nextcloud_hash=4129d8d4021c435f2e86876225fb7f15adf764a3
|
||||||
|
|
||||||
# Check if Nextcloud dir exist, and check if version matches nextcloud_ver (if either doesn't - install/upgrade)
|
# Check if Nextcloud dir exist, and check if version matches nextcloud_ver (if either doesn't - install/upgrade)
|
||||||
if [ ! -d /usr/local/lib/owncloud/ ] \
|
if [ ! -d /usr/local/lib/owncloud/ ] \
|
||||||
|| ! grep -q $nextcloud_ver /usr/local/lib/owncloud/version.php; then
|
|| ! grep -q $nextcloud_ver /usr/local/lib/owncloud/version.php; then
|
||||||
@ -115,6 +126,16 @@ if [ ! -d /usr/local/lib/owncloud/ ] \
|
|||||||
echo "Upgrades from Mail-in-a-Box prior to v0.28 (dated July 30, 2018) with Nextcloud < 13.0.6 (you have ownCloud 10, 11 or 12) are not supported. Upgrade to Mail-in-a-Box version v0.30 first. Setup aborting."
|
echo "Upgrades from Mail-in-a-Box prior to v0.28 (dated July 30, 2018) with Nextcloud < 13.0.6 (you have ownCloud 10, 11 or 12) are not supported. Upgrade to Mail-in-a-Box version v0.30 first. Setup aborting."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
# If we are running Nextcloud 13, upgrade to Nextcloud 14
|
||||||
|
if grep -q "OC_VersionString = '13\." /usr/local/lib/owncloud/version.php; then
|
||||||
|
InstallNextcloud 14.0.6 4e43a57340f04c2da306c8eea98e30040399ae5a
|
||||||
|
|
||||||
|
fi
|
||||||
|
# During the upgrade from Nextcloud 14 to 15, user_external may cause the upgrade to fail.
|
||||||
|
# We will disable it here before the upgrade and install it again after the upgrade.
|
||||||
|
if grep -q "OC_VersionString = '14\." /usr/local/lib/owncloud/version.php; then
|
||||||
|
hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:disable user_external
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
InstallNextcloud $nextcloud_ver $nextcloud_hash
|
InstallNextcloud $nextcloud_ver $nextcloud_hash
|
||||||
@ -143,9 +164,11 @@ if [ ! -f $STORAGE_ROOT/owncloud/owncloud.db ]; then
|
|||||||
'overwrite.cli.url' => '/cloud',
|
'overwrite.cli.url' => '/cloud',
|
||||||
'user_backends' => array(
|
'user_backends' => array(
|
||||||
array(
|
array(
|
||||||
'class'=>'OC_User_IMAP',
|
'class' => 'OC_User_IMAP',
|
||||||
'arguments'=>array('{127.0.0.1:993/imap/ssl/novalidate-cert}')
|
'arguments' => array(
|
||||||
)
|
'127.0.0.1', 143, null
|
||||||
|
),
|
||||||
|
),
|
||||||
),
|
),
|
||||||
'memcache.local' => '\OC\Memcache\APCu',
|
'memcache.local' => '\OC\Memcache\APCu',
|
||||||
'mail_smtpmode' => 'sendmail',
|
'mail_smtpmode' => 'sendmail',
|
||||||
@ -217,6 +240,8 @@ include("$STORAGE_ROOT/owncloud/config.php");
|
|||||||
|
|
||||||
\$CONFIG['mail_domain'] = '$PRIMARY_HOSTNAME';
|
\$CONFIG['mail_domain'] = '$PRIMARY_HOSTNAME';
|
||||||
|
|
||||||
|
\$CONFIG['user_backends'] = array(array('class' => 'OC_User_IMAP','arguments' => array('127.0.0.1', 143, null),),);
|
||||||
|
|
||||||
echo "<?php\n\\\$CONFIG = ";
|
echo "<?php\n\\\$CONFIG = ";
|
||||||
var_export(\$CONFIG);
|
var_export(\$CONFIG);
|
||||||
echo ";";
|
echo ";";
|
||||||
|
@ -26,7 +26,7 @@ fi
|
|||||||
#
|
#
|
||||||
# Skip the check if we appear to be running inside of Vagrant, because that's really just for testing.
|
# Skip the check if we appear to be running inside of Vagrant, because that's really just for testing.
|
||||||
TOTAL_PHYSICAL_MEM=$(head -n 1 /proc/meminfo | awk '{print $2}')
|
TOTAL_PHYSICAL_MEM=$(head -n 1 /proc/meminfo | awk '{print $2}')
|
||||||
if [ $TOTAL_PHYSICAL_MEM -lt 500000 ]; then
|
if [ $TOTAL_PHYSICAL_MEM -lt 490000 ]; then
|
||||||
if [ ! -d /vagrant ]; then
|
if [ ! -d /vagrant ]; then
|
||||||
TOTAL_PHYSICAL_MEM=$(expr \( \( $TOTAL_PHYSICAL_MEM \* 1024 \) / 1000 \) / 1000)
|
TOTAL_PHYSICAL_MEM=$(expr \( \( $TOTAL_PHYSICAL_MEM \* 1024 \) / 1000 \) / 1000)
|
||||||
echo "Your Mail-in-a-Box needs more memory (RAM) to function properly."
|
echo "Your Mail-in-a-Box needs more memory (RAM) to function properly."
|
||||||
|
@ -28,8 +28,8 @@ apt_install \
|
|||||||
# Install Roundcube from source if it is not already present or if it is out of date.
|
# Install Roundcube from source if it is not already present or if it is out of date.
|
||||||
# Combine the Roundcube version number with the commit hash of plugins to track
|
# Combine the Roundcube version number with the commit hash of plugins to track
|
||||||
# whether we have the latest version of everything.
|
# whether we have the latest version of everything.
|
||||||
VERSION=1.3.8
|
VERSION=1.3.9
|
||||||
HASH=90c7900ccf7b2f46fe49c650d5adb9b85ee9cc22
|
HASH=02850972b416bbfa1c13580f16d06fd7ae2774aa
|
||||||
PERSISTENT_LOGIN_VERSION=dc5ca3d3f4415cc41edb2fde533c8a8628a94c76
|
PERSISTENT_LOGIN_VERSION=dc5ca3d3f4415cc41edb2fde533c8a8628a94c76
|
||||||
HTML5_NOTIFIER_VERSION=4b370e3cd60dabd2f428a26f45b677ad1b7118d5
|
HTML5_NOTIFIER_VERSION=4b370e3cd60dabd2f428a26f45b677ad1b7118d5
|
||||||
CARDDAV_VERSION=3.0.3
|
CARDDAV_VERSION=3.0.3
|
||||||
|
@ -22,8 +22,8 @@ apt_install \
|
|||||||
phpenmod -v php imap
|
phpenmod -v php imap
|
||||||
|
|
||||||
# Copy Z-Push into place.
|
# Copy Z-Push into place.
|
||||||
VERSION=2.4.4
|
VERSION=2.5.0
|
||||||
TARGETHASH=104d44426852429dac8ec2783a4e9ad7752d4682
|
TARGETHASH=30ce5c1af3f10939036361b6032d1187651b621e
|
||||||
needs_update=0 #NODOC
|
needs_update=0 #NODOC
|
||||||
if [ ! -f /usr/local/lib/z-push/version ]; then
|
if [ ! -f /usr/local/lib/z-push/version ]; then
|
||||||
needs_update=1 #NODOC
|
needs_update=1 #NODOC
|
||||||
|
Loading…
Reference in New Issue
Block a user