merge master

README.md

@@ -20,7 +20,8 @@ Functionality changes and additions
 * Configure domain names for which only www will be hosted  
   Edit /etc/miabwwwdomains.conf to configure. The box will handle incoming traffic asking for these domain names. The DNS entries are entered in an external DNS provider! If you want this box to handle the DNS entries, simply add a mail alias. (existing functionality of the vanilla Mail-in-a-Box)
 * Add some munin plugins
-* Update nextcloud to 20.0.13
+* Update nextcloud to 22.2.3
+  And updated apps
 * Add nextcloud notes app
 * Update roundcube carddav plugin to 4.1.1
 * Add roundcube context menu plugin

management/dns_update.py

@@ -306,7 +306,7 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True)
 
 		# Append the DKIM TXT record to the zone as generated by DKIMpy.
 		# Skip if the user has set a DKIM record already.
-		dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-rsa.dns')
+		dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-rsa.dns')
 		with open(dkim_record_file) as orf:
 			m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S)
 			val = "".join(re.findall(r'"([^"]+)"', m.group(2)))
@@ -314,7 +314,7 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True)
 				records.append((m.group(1), "TXT", val, "Recommended. Provides a way for recipients to verify that this machine sent @%s mail." % domain))
 		
 		# Also add a ed25519 DKIM record
-		dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-ed25519.dns')
+		dkim_record_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-ed25519.dns')
 		with open(dkim_record_file) as orf:
 			m = re.match(r'(\S+)\s+IN\s+TXT\s+\( ((?:"[^"]+"\s+)+)\)', orf.read(), re.S)
 			val = "".join(re.findall(r'"([^"]+)"', m.group(2)))
@@ -830,8 +830,8 @@ def write_dkim_tables(domains, env):
 	# Append a record to DKIMpy's KeyTable and SigningTable for each domain
 	# that we send mail from (zones and all subdomains).
 
-	dkim_rsa_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-rsa.key')
-	dkim_ed_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim2/box-ed25519.key')
+	dkim_rsa_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-rsa.key')
+	dkim_ed_key_file = os.path.join(env['STORAGE_ROOT'], 'mail/dkim/box-ed25519.key')
 
 	if not os.path.exists(dkim_rsa_key_file) || not os.path.exists(dkim_ed_key_file):
 		# Looks like DKIMpy is not installed.

management/mail_log.py

@@ -549,8 +549,9 @@ def scan_postfix_submission_line(date, log, collector):
     """
 
     # Match both the 'plain' and 'login' sasl methods, since both authentication methods are
-    # allowed by Dovecot
-    m = re.match("([A-Z0-9]+): client=(\S+), sasl_method=(PLAIN|LOGIN), sasl_username=(\S+)", log)
+    # allowed by Dovecot. Exclude trailing comma after the username when additional fields 
+	# follow after.
+    m = re.match("([A-Z0-9]+): client=(\S+), sasl_method=(PLAIN|LOGIN), sasl_username=(\S+)(?<!,)", log)
 
     if m:
         _, client, method, user = m.groups()

management/status_checks.py

@@ -663,7 +663,7 @@ def check_dnssec(domain, env, output, dns_zonefiles, is_checking_primary=False):
 		output.print_line("Option " + str(i+1) + ":")
 		output.print_line("----------")
 		output.print_line("Key Tag: " + ds_suggestion['keytag'])
-		output.print_line("Key Flags: KSK (256)")
+		output.print_line("Key Flags: KSK / 257")
 		output.print_line("Algorithm: %s / %s" % (ds_suggestion['alg'], ds_suggestion['alg_name']))
 		output.print_line("Digest Type: %s / %s" % (ds_suggestion['digalg'], ds_suggestion['digalg_name']))
 		output.print_line("Digest: " + ds_suggestion['digest'])

setup/dkim.sh

@@ -15,7 +15,7 @@ apt_install dkimpy-milter opendmarc
 
 # Make sure configuration directories exist.
 mkdir -p /etc/dkim;
-mkdir -p $STORAGE_ROOT/mail/dkim2
+mkdir -p $STORAGE_ROOT/mail/dkim
 
 # Used in InternalHosts and ExternalIgnoreList configuration directives.
 # Not quite sure why.
@@ -48,21 +48,21 @@ fi
 # in our DNS setup. Note that the files are named after the
 # 'selector' of the key, which we can change later on to support
 # key rotation.
-if [ ! -f "$STORAGE_ROOT/mail/dkim2/box-rsa.key" ]; then
+if [ ! -f "$STORAGE_ROOT/mail/dkim/box-rsa.key" ]; then
 	# All defaults are supposed to be ok, default key for rsa is 2048 bit
-	dknewkey --ktype rsa $STORAGE_ROOT/mail/dkim2/box-rsa
-	dknewkey --ktype ed25519 $STORAGE_ROOT/mail/dkim2/box-ed25519
+	dknewkey --ktype rsa $STORAGE_ROOT/mail/dkim/box-rsa
+	dknewkey --ktype ed25519 $STORAGE_ROOT/mail/dkim/box-ed25519
 	
 	# Force them into the format dns_update.py expects
-	sed -i 's/v=DKIM1;/box-rsa._domainkey IN      TXT      ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim2/box-rsa.dns
+	sed -i 's/v=DKIM1;/box-rsa._domainkey IN      TXT      ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim/box-rsa.dns
 	echo '" )' >> box-rsa.dns
-	sed -i 's/v=DKIM1;/box-ed25519._domainkey IN      TXT      ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim2/box-ed25519.dns
+	sed -i 's/v=DKIM1;/box-ed25519._domainkey IN      TXT      ( "v=DKIM1; s=email;/' $STORAGE_ROOT/mail/dkim/box-ed25519.dns
 	echo '" )' >> box-ed25519.dns
 fi
 
 # Ensure files are owned by the dkimpy-milter user and are private otherwise.
-chown -R dkimpy-milter:dkimpy-milter $STORAGE_ROOT/mail/dkim2
-chmod go-rwx $STORAGE_ROOT/mail/dkim2
+chown -R dkimpy-milter:dkimpy-milter $STORAGE_ROOT/mail/dkim
+chmod go-rwx $STORAGE_ROOT/mail/dkim
 
 tools/editconf.py /etc/opendmarc.conf -s \
 	"Syslog=true" \

setup/management.sh

@@ -25,7 +25,7 @@ done
 #
 # certbot installs EFF's certbot which we use to
 # provision free TLS certificates.
-apt_install duplicity python3-pip virtualenv certbot
+apt_install duplicity python3-pip virtualenv certbot rsync
 
 # b2sdk is used for backblaze backups.
 # boto is used for amazon aws backups.

setup/nextcloud.sh

@@ -100,8 +100,8 @@ InstallNextcloud() {
 }
 
 # Nextcloud Version to install. Checks are done down below to step through intermediate versions.
-nextcloud_ver=20.0.14
-nextcloud_hash=92cac708915f51ee2afc1787fd845476fd090c81
+nextcloud_ver=22.2.3
+nextcloud_hash=58d2d897ba22a057aa03d29c762c5306211fefd2
 contacts_ver=4.0.0
 contacts_hash=f893ca57a543b260c9feeecbb5958c00b6998e18
 calendar_ver=2.2.2
@@ -175,7 +175,8 @@ if [ ! -d /usr/local/lib/owncloud/ ] || [[ ! ${CURRENT_NEXTCLOUD_VER} =~ ^$nextc
 			CURRENT_NEXTCLOUD_VER="17.0.6"
         fi
         if [[ ${CURRENT_NEXTCLOUD_VER} =~ ^17 ]]; then
-			echo "ALTER TABLE oc_flow_operations ADD COLUMN entity VARCHAR;" | sqlite3 $STORAGE_ROOT/owncloud/owncloud.db
+        	# Don't exit the install if this column already exists (see #2076)
+			(echo "ALTER TABLE oc_flow_operations ADD COLUMN entity VARCHAR;" | sqlite3 $STORAGE_ROOT/owncloud/owncloud.db 2>/dev/null) || true
             InstallNextcloud 18.0.10 39c0021a8b8477c3f1733fddefacfa5ebf921c68 3.4.1 aee680a75e95f26d9285efd3c1e25cf7f3bfd27e 2.0.3 9d9717b29337613b72c74e9914c69b74b346c466 1.0.0 3bf2609061d7214e7f0f69dd8883e55c4ec8f50a
             CURRENT_NEXTCLOUD_VER="18.0.10"
 	    fi
@@ -183,13 +184,21 @@ if [ ! -d /usr/local/lib/owncloud/ ] || [[ ! ${CURRENT_NEXTCLOUD_VER} =~ ^$nextc
 			InstallNextcloud 19.0.4 01e98791ba12f4860d3d4047b9803f97a1b55c60 3.4.1 aee680a75e95f26d9285efd3c1e25cf7f3bfd27e 2.0.3 9d9717b29337613b72c74e9914c69b74b346c466 1.0.0 3bf2609061d7214e7f0f69dd8883e55c4ec8f50a
 			CURRENT_NEXTCLOUD_VER="19.0.4"
 		fi
-	fi
-
-	InstallNextcloud $nextcloud_ver $nextcloud_hash $contacts_ver $contacts_hash $calendar_ver $calendar_hash $user_external_ver $user_external_hash
+		if [[ ${CURRENT_NEXTCLOUD_VER} =~ ^19 ]]; then
+			InstallNextcloud 20.0.14 92cac708915f51ee2afc1787fd845476fd090c81 4.0.0 f893ca57a543b260c9feeecbb5958c00b6998e18 2.2.2 923846d48afb5004a456b9079cf4b46d23b3ef3a 1.0.0 3bf2609061d7214e7f0f69dd8883e55c4ec8f50a
+			CURRENT_NEXTCLOUD_VER="20.0.14"
 			
 			# Nextcloud 20 needs to have some optional columns added
 			sudo -u www-data php /usr/local/lib/owncloud/occ db:add-missing-columns
 		fi
+		if [[ ${CURRENT_NEXTCLOUD_VER} =~ ^20 ]]; then
+			InstallNextcloud 21.0.7 f5c7079c5b56ce1e301c6a27c0d975d608bb01c9 4.0.0 f893ca57a543b260c9feeecbb5958c00b6998e18 2.2.2 923846d48afb5004a456b9079cf4b46d23b3ef3a 1.0.0 3bf2609061d7214e7f0f69dd8883e55c4ec8f50a
+			CURRENT_NEXTCLOUD_VER="21.0.7"
+		fi
+	fi
+
+	InstallNextcloud $nextcloud_ver $nextcloud_hash $contacts_ver $contacts_hash $calendar_ver $calendar_hash $user_external_ver $user_external_hash
+fi
 
 # ### Configuring Nextcloud
 
@@ -359,12 +368,6 @@ tools/editconf.py /etc/php/$(php_version)/cli/conf.d/10-opcache.ini -c ';' \
 	opcache.save_comments=1 \
 	opcache.revalidate_freq=1
 
-# If apc is explicitly disabled we need to enable it
-if grep -q apc.enabled=0 /etc/php/$(php_version)/mods-available/apcu.ini; then
-	tools/editconf.py /etc/php/$(php_version)/mods-available/apcu.ini -c ';' \
-		apc.enabled=1
-fi
-
 # Set up a cron job for Nextcloud.
 cat > /etc/cron.d/mailinabox-nextcloud << EOF;
 #!/bin/bash

setup/web.sh

@@ -63,6 +63,10 @@ tools/editconf.py /etc/php/$(php_version)/fpm/php.ini -c ';' \
 tools/editconf.py /etc/php/$(php_version)/fpm/pool.d/www.conf -c ';' \
 	env[PATH]=/usr/local/bin:/usr/bin:/bin \
 
+# Enable apc is required before installing nextcloud 21
+tools/editconf.py /etc/php/$(php_version)/mods-available/apcu.ini -c ';' \
+    apc.enabled=1
+
 # Configure php-fpm based on the amount of memory the machine has
 # This is based on the nextcloud manual for performance tuning: https://docs.nextcloud.com/server/17/admin_manual/installation/server_tuning.html
 # Some synchronisation issues can occur when many people access the site at once.