external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-20 02:52:11 +00:00
Code Issues Releases Wiki Activity

Update system.sh

Browse Source
This commit is contained in:
kaibae19 2022-04-04 08:24:05 -07:00
parent a96a709077
commit 508296f789
1 changed files with 26 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
setup/system.sh
View File

@ -1,5 +1,3 @@
echo "Starting system.sh"
source /etc/mailinabox.conf source /etc/mailinabox.conf
source setup/functions.sh # load our functions source setup/functions.sh # load our functions
@ -263,10 +261,6 @@ EOF
# ### Firewall # ### Firewall
if [ "$INSTALL" == "m" ]; then
DISABLE_FIREWALL=1
fi
# Various virtualized environments like Docker and some VPSs don't provide #NODOC # Various virtualized environments like Docker and some VPSs don't provide #NODOC
# a kernel that supports iptables. To avoid error-like output in these cases, #NODOC # a kernel that supports iptables. To avoid error-like output in these cases, #NODOC
# we skip this if the user sets DISABLE_FIREWALL=1. #NODOC # we skip this if the user sets DISABLE_FIREWALL=1. #NODOC
@ -351,7 +345,6 @@ if ! grep -q "max-recursion-queries " /etc/bind/named.conf.options; then
sed -i "s/^}/\n\tmax-recursion-queries 100;\n}/" /etc/bind/named.conf.options sed -i "s/^}/\n\tmax-recursion-queries 100;\n}/" /etc/bind/named.conf.options
fi fi
if [ "$INSTALL" == "m" ]; then
# First we'll disable systemd-resolved's management of resolv.conf and its stub server. # First we'll disable systemd-resolved's management of resolv.conf and its stub server.
# Breaking the symlink to /run/systemd/resolve/stub-resolv.conf means # Breaking the symlink to /run/systemd/resolve/stub-resolv.conf means
# systemd-resolved will read it for DNS servers to use. Put in 127.0.0.1, # systemd-resolved will read it for DNS servers to use. Put in 127.0.0.1,
@ -361,22 +354,15 @@ if [ "$INSTALL" == "m" ]; then
rm -f /etc/resolv.conf rm -f /etc/resolv.conf
tools/editconf.py /etc/systemd/resolved.conf DNSStubListener=no tools/editconf.py /etc/systemd/resolved.conf DNSStubListener=no
echo "nameserver 127.0.0.1" > /etc/resolv.conf echo "nameserver 127.0.0.1" > /etc/resolv.conf
fi
# Restart the DNS services. # Restart the DNS services.
if [ "$INSTALL" == "m" ]; then
restart_service bind9 restart_service bind9
systemctl restart systemd-resolved systemctl restart systemd-resolved
else
service bind9 restart
fi
# ### Fail2Ban Service # ### Fail2Ban Service
# We'll skip this on docker installations
if [ "$INSTALL" == "m" ]; then
# Configure the Fail2Ban installation to prevent dumb bruce-force attacks against dovecot, postfix, ssh, etc. # Configure the Fail2Ban installation to prevent dumb bruce-force attacks against dovecot, postfix, ssh, etc.
rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore
rm -f /etc/fail2ban/jail.d/defaults-debian.conf # removes default config so we can manage all of fail2ban rules in one config rm -f /etc/fail2ban/jail.d/defaults-debian.conf # removes default config so we can manage all of fail2ban rules in one config
@ -393,6 +379,3 @@ if [ "$INSTALL" == "m" ]; then
# scripts will ensure the files exist and then fail2ban is given another # scripts will ensure the files exist and then fail2ban is given another
# restart at the very end of setup. # restart at the very end of setup.
restart_service fail2ban restart_service fail2ban
fi
echo "Finsihed system.sh"