From a70ba94b0c2fb77f3f7c23f91eee5d4f3c1620f7 Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Tue, 10 Sep 2019 07:10:58 -0400 Subject: [PATCH] add autoconfig domains before subtracting domains with overridden A records so that a custom DNS record can be used to suppress TLS certificate generation for those domains if needed --- management/web_update.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/management/web_update.py b/management/web_update.py index 12959632..72295c21 100644 --- a/management/web_update.py +++ b/management/web_update.py @@ -23,11 +23,6 @@ def get_web_domains(env, include_www_redirects=True, exclude_dns_elsewhere=True) # to the main domain for. We'll add 'www.' to any DNS zones, i.e. # the topmost of each domain we serve. domains |= set('www.' + zone for zone, zonefile in get_dns_zones(env)) - - if exclude_dns_elsewhere: - # ...Unless the domain has an A/AAAA record that maps it to a different - # IP address than this box. Remove those domains from our list. - domains -= get_domains_with_a_records(env) # Add Autoconfiguration domains, allowing us to serve correct SSL certs. # 'autoconfig.' for Mozilla Thunderbird auto setup. @@ -35,6 +30,11 @@ def get_web_domains(env, include_www_redirects=True, exclude_dns_elsewhere=True) domains |= set('autoconfig.' + maildomain for maildomain in get_mail_domains(env)) domains |= set('autodiscover.' + maildomain for maildomain in get_mail_domains(env)) + if exclude_dns_elsewhere: + # ...Unless the domain has an A/AAAA record that maps it to a different + # IP address than this box. Remove those domains from our list. + domains -= get_domains_with_a_records(env) + # Ensure the PRIMARY_HOSTNAME is in the list so we can serve webmail # as well as Z-Push for Exchange ActiveSync. This can't be removed # by a custom A/AAAA record and is never a 'www.' redirect.