external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-03 00:07:05 +00:00
Code Issues Releases Wiki Activity

Merge 89d50b35ef into 785c337fb3

Browse Source
This commit is contained in:
Justus Wingert 2024-03-10 04:50:43 -07:00 committed by GitHub
commit 5cf3379507
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 55 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
management/status_checks.py
View File

@ -333,6 +333,18 @@ def run_domain_checks(rounded_time, env, output, pool, domains_to_check=None):
# Get the list of domains we serve HTTPS for. # Get the list of domains we serve HTTPS for.
web_domains = set(get_web_domains(env)) web_domains = set(get_web_domains(env))
output.add_heading("nginx configuration files")
# Check nginx configuration.
sites_enabled = shell("check_output", ["ls", "/etc/nginx/sites-enabled"])
output.print_ok("Checking domain configuration files: %s" % sites_enabled)
for domain in web_domains:
prefixed_domain = "miab_%s" % domain
if prefixed_domain in sites_enabled:
output.print_ok("Domain checked. (%s)" % domain)
else:
output.print_error("A domain configuration file is not enabled in nginx (%s)" % domain)
if domains_to_check is None: if domains_to_check is None:
domains_to_check = mail_domains | dns_domains | web_domains domains_to_check = mail_domains | dns_domains | web_domains

53
management/web_update.py
View File

@ -82,7 +82,7 @@ def do_web_update(env):
return f.read() return f.read()
# Build an nginx configuration file. # Build an nginx configuration file.
nginx_conf = read_conf("nginx-top.conf") nginx_conf = [("nginx-top", read_conf("nginx-top.conf")), ]
# Load the templates. # Load the templates.
template0 = read_conf("nginx.conf") template0 = read_conf("nginx.conf")
@ -91,7 +91,7 @@ def do_web_update(env):
template3 = "\trewrite ^(.*) https://$REDIRECT_DOMAIN$1 permanent;\n" template3 = "\trewrite ^(.*) https://$REDIRECT_DOMAIN$1 permanent;\n"
# Add the PRIMARY_HOST configuration first so it becomes nginx's default server. # Add the PRIMARY_HOST configuration first so it becomes nginx's default server.
nginx_conf += make_domain_config(env['PRIMARY_HOSTNAME'], [template0, template1, template2], ssl_certificates, env) nginx_conf.append((env['PRIMARY_HOSTNAME'], make_domain_config(env['PRIMARY_HOSTNAME'], [template0, template1, template2], ssl_certificates, env)))
# Add configuration all other web domains. # Add configuration all other web domains.
has_root_proxy_or_redirect = get_web_domains_with_root_overrides(env) has_root_proxy_or_redirect = get_web_domains_with_root_overrides(env)
@ -103,31 +103,44 @@ def do_web_update(env):
if domain in web_domains_not_redirect: if domain in web_domains_not_redirect:
# This is a regular domain. # This is a regular domain.
if domain not in has_root_proxy_or_redirect: if domain not in has_root_proxy_or_redirect:
nginx_conf += make_domain_config(domain, [template0, template1], ssl_certificates, env) nginx_conf.append((domain, make_domain_config(domain, [template0, template1], ssl_certificates, env)))
else: else:
nginx_conf += make_domain_config(domain, [template0], ssl_certificates, env) nginx_conf.append((domain, make_domain_config(domain, [template0], ssl_certificates, env)))
else: else:
# Add default 'www.' redirect. # Add default 'www.' redirect.
nginx_conf += make_domain_config(domain, [template0, template3], ssl_certificates, env) nginx_conf.append((domain, make_domain_config(domain, [template0, template3], ssl_certificates, env)))
# Did the file change? If not, don't bother writing & restarting nginx. # Load the currently enabled sites for nginx.
nginx_conf_fn = "/etc/nginx/conf.d/local.conf" sites_enabled = shell('check_output', ["ls", "/etc/nginx/sites-enabled"])
if os.path.exists(nginx_conf_fn): warnings = []
with open(nginx_conf_fn) as f:
if f.read() == nginx_conf: # Did the files change? If not, don't bother writing & restarting nginx.
return "" kick = False
for domain, conf in nginx_conf:
if "miab_%s" % domain not in sites_enabled:
warnings.append("Missing miab_%s in /etc/nginx/sites-enabled/\nCheck your configuration!" % domain)
# Save the file. nginx_conf_fn = "/etc/nginx/sites-available/miab_%s" % domain
with open(nginx_conf_fn, "w") as f: if os.path.exists(nginx_conf_fn):
f.write(nginx_conf) with open(nginx_conf_fn) as f:
if f.read() == conf:
continue
# Kick nginx. Since this might be called from the web admin # Save the file.
# don't do a 'restart'. That would kill the connection before with open(nginx_conf_fn, "w+") as f:
# the API returns its response. A 'reload' should be good f.write(conf)
# enough and doesn't break any open connections.
shell('check_call', ["/usr/sbin/service", "nginx", "reload"]) kick = True
if kick:
# Kick nginx. Since this might be called from the web admin
# don't do a 'restart'. That would kill the connection before
# the API returns its response. A 'reload' should be good
# enough and doesn't break any open connections.
shell('check_call', ["/usr/sbin/service", "nginx", "reload"])
return "web updated\n" return "web updated\n" + "\n".join(warnings)
return "No changes.\n%s" % "\n".join(warnings)
def make_domain_config(domain, templates, ssl_certificates, env): def make_domain_config(domain, templates, ssl_certificates, env):
# GET SOME VARIABLES # GET SOME VARIABLES

10
tools/web_update
View File

@ -1,2 +1,12 @@
#!/bin/bash #!/bin/bash
rm -f /etc/nginx/conf.d/local.conf
curl -s -d POSTDATA --user $(</var/lib/mailinabox/api.key): http://127.0.0.1:10222/web/update
cd /etc/nginx/sites-available
for f in miab_*
do
if ! [ -f "/etc/nginx/sites-enabled/$f" ]; then
echo "Processing $f"
ln -s "/etc/nginx/sites-available/$f" "/etc/nginx/sites-enabled/$f"
fi
done
curl -s -d POSTDATA --user $(</var/lib/mailinabox/api.key): http://127.0.0.1:10222/web/update curl -s -d POSTDATA --user $(</var/lib/mailinabox/api.key): http://127.0.0.1:10222/web/update