From c0e54f87d70cd4b33b5e20e26d3ab454f0c0724f Mon Sep 17 00:00:00 2001 From: lamberete <74853880+lamberete@users.noreply.github.com> Date: Sat, 26 Mar 2022 13:45:49 +0100 Subject: [PATCH 01/10] Sorting ds records on report. When building the part of the report about the current DS records founded, they are added in the same order as they were received when calling query_dns(), which can differ from run to run. This was making the difflib.SequenceMatcher() method to find the same line removed and added one line later, and sending an Status Checks Change Notice email with the same line added and removed when there was actually no real changes. --- management/status_checks.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/management/status_checks.py b/management/status_checks.py index d3c642c6..d45a2bcc 100755 --- a/management/status_checks.py +++ b/management/status_checks.py @@ -658,7 +658,7 @@ def check_dnssec(domain, env, output, dns_zonefiles, is_checking_primary=False): if len(ds) > 0: output.print_line("") output.print_line("The DS record is currently set to:") - for rr in ds: + for rr in sorted(ds): output.print_line("Key Tag: {0}, Algorithm: {1}, Digest Type: {2}, Digest: {3}".format(*rr)) def check_mail_domain(domain, env, output): From 6e40c69cb5e04b633384135417c451882dc594a9 Mon Sep 17 00:00:00 2001 From: lamberete <74853880+lamberete@users.noreply.github.com> Date: Sat, 26 Mar 2022 13:50:24 +0100 Subject: [PATCH 02/10] Error message using IPv4 instead of failing IPv6. One of the error messages around IPv6 was using the IPv4 for the output, making the error message confusing. --- management/status_checks.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/management/status_checks.py b/management/status_checks.py index d45a2bcc..c66bf9b3 100755 --- a/management/status_checks.py +++ b/management/status_checks.py @@ -135,7 +135,7 @@ def check_service(i, service, env): # IPv4 ok but IPv6 failed. Try the PRIVATE_IPV6 address to see if the service is bound to the interface. elif service["port"] != 53 and try_connect(env["PRIVATE_IPV6"]): - output.print_error("%s is running (and available over IPv4 and the local IPv6 address), but it is not publicly accessible at %s:%d." % (service['name'], env['PUBLIC_IP'], service['port'])) + output.print_error("%s is running (and available over IPv4 and the local IPv6 address), but it is not publicly accessible at %s:%d." % (service['name'], env['PUBLIC_IPV6'], service['port'])) else: output.print_error("%s is running and available over IPv4 but is not accessible over IPv6 at %s port %d." % (service['name'], env['PUBLIC_IPV6'], service['port'])) From eeee712cf3ad4d337479956f2c036071cc7e93c9 Mon Sep 17 00:00:00 2001 From: Austin Ewens Date: Wed, 4 May 2022 16:09:53 -0500 Subject: [PATCH 03/10] Switched to using tags over releases for NextCloud contacts/calendar (#2105) See [mailinabox issue #2088](https://github.com/mail-in-a-box/mailinabox/issues/2088). This also updates the commit hashes to for anyone updating from NextCloud version 17 (as shown in the related issue) since a different hash is used for tags vs releases. This was tested and verified to work on a setup previously running v0.44 and then updating to the latest version (v56). --- setup/nextcloud.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/setup/nextcloud.sh b/setup/nextcloud.sh index d8ce7635..7116c172 100755 --- a/setup/nextcloud.sh +++ b/setup/nextcloud.sh @@ -34,9 +34,9 @@ nextcloud_hash=92cac708915f51ee2afc1787fd845476fd090c81 # * The hash is the SHA1 hash of the ZIP package, which you can find by just running this script and # copying it from the error message when it doesn't match what is below. contacts_ver=4.0.7 -contacts_hash=8ab31d205408e4f12067d8a4daa3595d46b513e3 +contacts_hash=45e7cf4bfe99cd8d03625cf9e5a1bb2e90549136 calendar_ver=3.0.4 -calendar_hash=6fb1e998d307c53245faf1c37a96eb982bbee8ba +calendar_hash=d0284b68135777ec9ca713c307216165b294d0fe user_external_ver=1.0.0 user_external_hash=3bf2609061d7214e7f0f69dd8883e55c4ec8f50a @@ -79,11 +79,11 @@ InstallNextcloud() { # their github repositories. mkdir -p /usr/local/lib/owncloud/apps - wget_verify https://github.com/nextcloud-releases/contacts/releases/download/v$version_contacts/contacts-v$version_contacts.tar.gz $hash_contacts /tmp/contacts.tgz + wget_verify https://github.com/nextcloud-releases/contacts/archive/refs/tags/v$version_contacts.tar.gz $hash_contacts /tmp/contacts.tgz tar xf /tmp/contacts.tgz -C /usr/local/lib/owncloud/apps/ rm /tmp/contacts.tgz - wget_verify https://github.com/nextcloud-releases/calendar/releases/download/v$version_calendar/calendar-v$version_calendar.tar.gz $hash_calendar /tmp/calendar.tgz + wget_verify https://github.com/nextcloud-releases/calendar/archive/refs/tags/v$version_calendar.tar.gz $hash_calendar /tmp/calendar.tgz tar xf /tmp/calendar.tgz -C /usr/local/lib/owncloud/apps/ rm /tmp/calendar.tgz @@ -183,25 +183,25 @@ if [ ! -d /usr/local/lib/owncloud/ ] || [[ ! ${CURRENT_NEXTCLOUD_VER} =~ ^$nextc # During the upgrade from Nextcloud 14 to 15, user_external may cause the upgrade to fail. # We will disable it here before the upgrade and install it again after the upgrade. hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:disable user_external - InstallNextcloud 15.0.8 4129d8d4021c435f2e86876225fb7f15adf764a3 3.3.0 e55d0357c6785d3b1f3b5f21780cb6d41d32443a 2.0.3 9d9717b29337613b72c74e9914c69b74b346c466 0.7.0 555a94811daaf5bdd336c5e48a78aa8567b86437 + InstallNextcloud 15.0.8 4129d8d4021c435f2e86876225fb7f15adf764a3 3.3.0 e55d0357c6785d3b1f3b5f21780cb6d41d32443a 2.0.3 a1f3835c752929e3598eb94f22300516867ac6ab 0.7.0 555a94811daaf5bdd336c5e48a78aa8567b86437 CURRENT_NEXTCLOUD_VER="15.0.8" fi if [[ ${CURRENT_NEXTCLOUD_VER} =~ ^15 ]]; then - InstallNextcloud 16.0.6 0bb3098455ec89f5af77a652aad553ad40a88819 3.3.0 e55d0357c6785d3b1f3b5f21780cb6d41d32443a 2.0.3 9d9717b29337613b72c74e9914c69b74b346c466 0.7.0 555a94811daaf5bdd336c5e48a78aa8567b86437 + InstallNextcloud 16.0.6 0bb3098455ec89f5af77a652aad553ad40a88819 3.3.0 e55d0357c6785d3b1f3b5f21780cb6d41d32443a 2.0.3 a1f3835c752929e3598eb94f22300516867ac6ab 0.7.0 555a94811daaf5bdd336c5e48a78aa8567b86437 CURRENT_NEXTCLOUD_VER="16.0.6" fi if [[ ${CURRENT_NEXTCLOUD_VER} =~ ^16 ]]; then - InstallNextcloud 17.0.6 50b98d2c2f18510b9530e558ced9ab51eb4f11b0 3.3.0 e55d0357c6785d3b1f3b5f21780cb6d41d32443a 2.0.3 9d9717b29337613b72c74e9914c69b74b346c466 0.7.0 555a94811daaf5bdd336c5e48a78aa8567b86437 + InstallNextcloud 17.0.6 50b98d2c2f18510b9530e558ced9ab51eb4f11b0 3.3.0 e55d0357c6785d3b1f3b5f21780cb6d41d32443a 2.0.3 a1f3835c752929e3598eb94f22300516867ac6ab 0.7.0 555a94811daaf5bdd336c5e48a78aa8567b86437 CURRENT_NEXTCLOUD_VER="17.0.6" fi if [[ ${CURRENT_NEXTCLOUD_VER} =~ ^17 ]]; then # Don't exit the install if this column already exists (see #2076) (echo "ALTER TABLE oc_flow_operations ADD COLUMN entity VARCHAR;" | sqlite3 $STORAGE_ROOT/owncloud/owncloud.db 2>/dev/null) || true - InstallNextcloud 18.0.10 39c0021a8b8477c3f1733fddefacfa5ebf921c68 3.4.1 aee680a75e95f26d9285efd3c1e25cf7f3bfd27e 2.0.3 9d9717b29337613b72c74e9914c69b74b346c466 1.0.0 3bf2609061d7214e7f0f69dd8883e55c4ec8f50a + InstallNextcloud 18.0.10 39c0021a8b8477c3f1733fddefacfa5ebf921c68 3.4.1 8f685e7dc99758636d660d595e389c324e51e9d1 2.0.3 a1f3835c752929e3598eb94f22300516867ac6ab 1.0.0 3bf2609061d7214e7f0f69dd8883e55c4ec8f50a CURRENT_NEXTCLOUD_VER="18.0.10" fi if [[ ${CURRENT_NEXTCLOUD_VER} =~ ^18 ]]; then - InstallNextcloud 19.0.4 01e98791ba12f4860d3d4047b9803f97a1b55c60 3.4.1 aee680a75e95f26d9285efd3c1e25cf7f3bfd27e 2.0.3 9d9717b29337613b72c74e9914c69b74b346c466 1.0.0 3bf2609061d7214e7f0f69dd8883e55c4ec8f50a + InstallNextcloud 19.0.4 01e98791ba12f4860d3d4047b9803f97a1b55c60 3.4.1 8f685e7dc99758636d660d595e389c324e51e9d1 2.0.3 a1f3835c752929e3598eb94f22300516867ac6ab 1.0.0 3bf2609061d7214e7f0f69dd8883e55c4ec8f50a CURRENT_NEXTCLOUD_VER="19.0.4" fi fi From 69d8fdef9915127f016eb6424322a149cdff25d7 Mon Sep 17 00:00:00 2001 From: m-picc <105937591+m-picc@users.noreply.github.com> Date: Sun, 5 Jun 2022 09:24:32 -0400 Subject: [PATCH 04/10] Specify b2sdk version 1.14.1 (#2125) pin b2sdk version to 1.14.1 to resolve exception that occurs when attempting to use backblaze backups. See https://github.com/mail-in-a-box/mailinabox/issues/2124 for details. --- setup/management.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/management.sh b/setup/management.sh index 8dc64f3b..40d0a7eb 100755 --- a/setup/management.sh +++ b/setup/management.sh @@ -30,7 +30,7 @@ apt_install duplicity python-pip virtualenv certbot rsync # b2sdk is used for backblaze backups. # boto is used for amazon aws backups. # Both are installed outside the pipenv, so they can be used by duplicity -hide_output pip3 install --upgrade b2sdk boto +hide_output pip3 install --upgrade b2sdk==1.14.1 boto # Create a virtualenv for the installation of Python 3 packages # used by the management daemon. From 9004bb6e8ecf4ef8062859693919215149c68c47 Mon Sep 17 00:00:00 2001 From: jbandholz <20779634+jbandholz@users.noreply.github.com> Date: Sun, 5 Jun 2022 09:40:54 -0400 Subject: [PATCH 05/10] Add IPV6 addresses to fail2ban ignoreip (#2069) Update jails.conf to include IPV6 localhost and external ip to ignoreip line. Update system.sh to include IPV6 address in replacement. See mail-in-a-box#2066 for details. --- conf/fail2ban/jails.conf | 2 +- setup/system.sh | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/conf/fail2ban/jails.conf b/conf/fail2ban/jails.conf index ce957f41..c1514b45 100644 --- a/conf/fail2ban/jails.conf +++ b/conf/fail2ban/jails.conf @@ -5,7 +5,7 @@ # Whitelist our own IP addresses. 127.0.0.1/8 is the default. But our status checks # ping services over the public interface so we should whitelist that address of # ours too. The string is substituted during installation. -ignoreip = 127.0.0.1/8 PUBLIC_IP +ignoreip = 127.0.0.1/8 PUBLIC_IP ::1 PUBLIC_IPV6 [dovecot] enabled = true diff --git a/setup/system.sh b/setup/system.sh index 036fe3f9..9898cbcd 100755 --- a/setup/system.sh +++ b/setup/system.sh @@ -363,6 +363,7 @@ systemctl restart systemd-resolved rm -f /etc/fail2ban/jail.local # we used to use this file but don't anymore rm -f /etc/fail2ban/jail.d/defaults-debian.conf # removes default config so we can manage all of fail2ban rules in one config cat conf/fail2ban/jails.conf \ + | sed "s/PUBLIC_IPV6/$PUBLIC_IPV6/g" \ | sed "s/PUBLIC_IP/$PUBLIC_IP/g" \ | sed "s#STORAGE_ROOT#$STORAGE_ROOT#" \ > /etc/fail2ban/jail.d/mailinabox.conf From 8bebaf6a484a38aca199bdbe68e937abc6a1394d Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Sat, 11 Jun 2022 09:23:58 -0400 Subject: [PATCH 06/10] Simplify duplicity command line by omitting rsync options if the backup target type is not rsync --- management/backup.py | 38 +++++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/management/backup.py b/management/backup.py index 0a8a021e..bc3ac5bd 100755 --- a/management/backup.py +++ b/management/backup.py @@ -14,11 +14,6 @@ from exclusiveprocess import Lock from utils import load_environment, shell, wait_for_service, fix_boto -rsync_ssh_options = [ - "--ssh-options= -i /root/.ssh/id_rsa_miab", - "--rsync-options= -e \"/usr/bin/ssh -oStrictHostKeyChecking=no -oBatchMode=yes -p 22 -i /root/.ssh/id_rsa_miab\"", -] - def backup_status(env): # If backups are dissbled, return no status. config = get_backup_config(env) @@ -65,8 +60,8 @@ def backup_status(env): "--gpg-options", "--cipher-algo=AES256", "--log-fd", "1", config["target"], - ] + rsync_ssh_options, - get_env(env), + ] + get_duplicity_additional_args(env), + get_duplicity_env_vars(env), trap=True) if code != 0: # Command failed. This is likely due to an improperly configured remote @@ -195,7 +190,16 @@ def get_passphrase(env): return passphrase -def get_env(env): +def get_duplicity_additional_args(env): + config = get_backup_config(env) + if get_target_type(config) == 'rsync': + return [ + "--ssh-options= -i /root/.ssh/id_rsa_miab", + "--rsync-options= -e \"/usr/bin/ssh -oStrictHostKeyChecking=no -oBatchMode=yes -p 22 -i /root/.ssh/id_rsa_miab\"", + ] + return [] + +def get_duplicity_env_vars(env): config = get_backup_config(env) env = { "PASSPHRASE" : get_passphrase(env) } @@ -275,8 +279,8 @@ def perform_backup(full_backup): env["STORAGE_ROOT"], config["target"], "--allow-source-mismatch" - ] + rsync_ssh_options, - get_env(env)) + ] + get_duplicity_additional_args(env), + get_duplicity_env_vars(env)) finally: # Start services again. service_command("dovecot", "start", quit=False) @@ -293,8 +297,8 @@ def perform_backup(full_backup): "--archive-dir", backup_cache_dir, "--force", config["target"] - ] + rsync_ssh_options, - get_env(env)) + ] + get_duplicity_additional_args(env), + get_duplicity_env_vars(env)) # From duplicity's manual: # "This should only be necessary after a duplicity session fails or is @@ -308,8 +312,8 @@ def perform_backup(full_backup): "--archive-dir", backup_cache_dir, "--force", config["target"] - ] + rsync_ssh_options, - get_env(env)) + ] + get_duplicity_additional_args(env), + get_duplicity_env_vars(env)) # Change ownership of backups to the user-data user, so that the after-bcakup # script can access them. @@ -347,7 +351,7 @@ def run_duplicity_verification(): "--exclude", backup_root, config["target"], env["STORAGE_ROOT"], - ] + rsync_ssh_options, get_env(env)) + ] + get_duplicity_additional_args(env), get_duplicity_env_vars(env)) def run_duplicity_restore(args): env = load_environment() @@ -358,8 +362,8 @@ def run_duplicity_restore(args): "restore", "--archive-dir", backup_cache_dir, config["target"], - ] + rsync_ssh_options + args, - get_env(env)) + ] + get_duplicity_additional_args(env) + args, + get_duplicity_env_vars(env)) def list_target_files(config): import urllib.parse From 99474b348f0dd2632057c18c6a8c4e6464962878 Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Sat, 11 Jun 2022 09:24:45 -0400 Subject: [PATCH 07/10] Update backup to be compatible with duplicity 0.8.23 We were using duplicity 0.8.21-ppa202111091602~ubuntu1 from the duplicity PPA probably until June 5, which is when my box automatically updated to 0.8.23-ppa202205151528~ubuntu18.04.1. Starting with that version, two changes broke backups: * The default s3 backend was changed to boto3. But boto3 depends on the AWS SDK which does not support Ubuntu 18.04, so we can't install it. Instead, we map s3: backup target URLs to the boto+s3 scheme which tells duplicity to use legacy boto. This should be reverted when we can switch to boto3. * Contrary to the documentation, the s3 target no longer accepts a S3 hostname in the URL. It now reads the bucket from the hostname part of the URL. So we now drop the hostname from our target URL before passing it to duplicity and we pass the endpoint URL in a separate command-line argument. (The boto backend was dropped from duplicity's "uses_netloc" in https://gitlab.com/duplicity/duplicity/-/commit/74d4cf44b1410652ae5f457f3eba7aaebf3b9d31#f5a07610d36bd242c3e5b98f8348879a468b866a_37_34, but other changes may be related.) The change of target URL (due to both changes) seems to also cause duplicity to store cached data in a different directory within $STORAGE_ROOT/backup/cache, so on the next backup it will re-download cached manifest/signature files. Since the cache directory will still hold the prior data which is no longer needed, it might be a good idea to clear out the cache directory to save space. A system status checks message is added about that. Fixes #2123 --- CHANGELOG.md | 5 +++++ management/backup.py | 44 ++++++++++++++++++++++++++++++++----- management/status_checks.py | 12 ++++++++++ 3 files changed, 55 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d796970e..520c05aa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,11 @@ CHANGELOG ========= +In Development +-------------- + +* Fixed S3 backups which broke with duplicity 0.8.23. + Version 56 (January 19, 2022) ----------------------------- diff --git a/management/backup.py b/management/backup.py index bc3ac5bd..26a61a0e 100755 --- a/management/backup.py +++ b/management/backup.py @@ -59,7 +59,7 @@ def backup_status(env): "--archive-dir", backup_cache_dir, "--gpg-options", "--cipher-algo=AES256", "--log-fd", "1", - config["target"], + get_duplicity_target_url(config), ] + get_duplicity_additional_args(env), get_duplicity_env_vars(env), trap=True) @@ -190,13 +190,45 @@ def get_passphrase(env): return passphrase +def get_duplicity_target_url(config): + target = config["target"] + + if get_target_type(config) == "s3": + from urllib.parse import urlsplit, urlunsplit + target = list(urlsplit(target)) + + # Duplicity now defaults to boto3 as the backend for S3, but we have + # legacy boto installed (boto3 doesn't support Ubuntu 18.04) so + # we retarget for classic boto. + target[0] = "boto+" + target[0] + + # In addition, although we store the S3 hostname in the target URL, + # duplicity no longer accepts it in the target URL. The hostname in + # the target URL must be the bucket name. The hostname is passed + # via get_duplicity_additional_args. Move the first part of the + # path (the bucket name) into the hostname URL component, and leave + # the rest for the path. + target[1], target[2] = target[2].lstrip('/').split('/', 1) + + target = urlunsplit(target) + + return target + def get_duplicity_additional_args(env): config = get_backup_config(env) + if get_target_type(config) == 'rsync': return [ "--ssh-options= -i /root/.ssh/id_rsa_miab", "--rsync-options= -e \"/usr/bin/ssh -oStrictHostKeyChecking=no -oBatchMode=yes -p 22 -i /root/.ssh/id_rsa_miab\"", ] + elif get_target_type(config) == 's3': + # See note about hostname in get_duplicity_target_url. + from urllib.parse import urlsplit, urlunsplit + target = urlsplit(config["target"]) + endpoint_url = urlunsplit(("https", target.netloc, '', '', '')) + return ["--s3-endpoint-url", endpoint_url] + return [] def get_duplicity_env_vars(env): @@ -277,7 +309,7 @@ def perform_backup(full_backup): "--volsize", "250", "--gpg-options", "--cipher-algo=AES256", env["STORAGE_ROOT"], - config["target"], + get_duplicity_target_url(config), "--allow-source-mismatch" ] + get_duplicity_additional_args(env), get_duplicity_env_vars(env)) @@ -296,7 +328,7 @@ def perform_backup(full_backup): "--verbosity", "error", "--archive-dir", backup_cache_dir, "--force", - config["target"] + get_duplicity_target_url(config) ] + get_duplicity_additional_args(env), get_duplicity_env_vars(env)) @@ -311,7 +343,7 @@ def perform_backup(full_backup): "--verbosity", "error", "--archive-dir", backup_cache_dir, "--force", - config["target"] + get_duplicity_target_url(config) ] + get_duplicity_additional_args(env), get_duplicity_env_vars(env)) @@ -349,7 +381,7 @@ def run_duplicity_verification(): "--compare-data", "--archive-dir", backup_cache_dir, "--exclude", backup_root, - config["target"], + get_duplicity_target_url(config), env["STORAGE_ROOT"], ] + get_duplicity_additional_args(env), get_duplicity_env_vars(env)) @@ -361,7 +393,7 @@ def run_duplicity_restore(args): "/usr/bin/duplicity", "restore", "--archive-dir", backup_cache_dir, - config["target"], + get_duplicity_target_url(config), ] + get_duplicity_additional_args(env) + args, get_duplicity_env_vars(env)) diff --git a/management/status_checks.py b/management/status_checks.py index c66bf9b3..220e23e4 100755 --- a/management/status_checks.py +++ b/management/status_checks.py @@ -253,6 +253,18 @@ def check_free_disk_space(rounded_values, env, output): if rounded_values: disk_msg = "The disk has less than 15% free space." output.print_error(disk_msg) + # Check that there's only one duplicity cache. If there's more than one, + # it's probably no longer in use, and we can recommend clearing the cache + # to save space. The cache directory may not exist yet, which is OK. + backup_cache_path = os.path.join(env['STORAGE_ROOT'], 'backup/cache') + try: + backup_cache_count = len(os.listdir(backup_cache_path)) + except: + backup_cache_count = 0 + if backup_cache_count > 1: + output.print_warning("The backup cache directory {} has more than one backup target cache. Consider clearing this directory to save disk space." + .format(backup_cache_path)) + def check_free_memory(rounded_values, env, output): # Check free memory. percent_free = 100 - psutil.virtual_memory().percent From 2aca421415f9f498c21a49588d1cff6ce3d8f2de Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Sat, 29 Jan 2022 07:50:12 -0500 Subject: [PATCH 08/10] Version 57 --- CHANGELOG.md | 17 +++++++++++++++-- README.md | 2 +- setup/bootstrap.sh | 2 +- setup/nextcloud.sh | 2 +- 4 files changed, 18 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 520c05aa..fd8b65a6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,10 +1,23 @@ CHANGELOG ========= -In Development --------------- +Version 57 (June 12, 2022) +-------------------------- + +Setup: + +* Fixed issue upgrading from Mail-in-a-Box v0.40-v0.50 because of a changed URL that Nextcloud is downloaded from. + +Backups: * Fixed S3 backups which broke with duplicity 0.8.23. +* Fixed Backblaze backups which broke with latest b2sdk package by rolling back its version. + +Control panel: + +* Fixed spurious changes in system status checks messages by sorting DNSSEC DS records. +* Fixed fail2ban lockout over IPv6 from excessive loads of the system status checks. +* Fixed an incorrect IPv6 system status check message. Version 56 (January 19, 2022) ----------------------------- diff --git a/README.md b/README.md index d2271d17..02a274af 100644 --- a/README.md +++ b/README.md @@ -60,7 +60,7 @@ Clone this repository and checkout the tag corresponding to the most recent rele $ git clone https://github.com/mail-in-a-box/mailinabox $ cd mailinabox - $ git checkout v56 + $ git checkout v57 Begin the installation. diff --git a/setup/bootstrap.sh b/setup/bootstrap.sh index b90b1ac6..66294441 100644 --- a/setup/bootstrap.sh +++ b/setup/bootstrap.sh @@ -20,7 +20,7 @@ if [ -z "$TAG" ]; then # want to display in status checks. if [ "$(lsb_release -d | sed 's/.*:\s*//' | sed 's/18\.04\.[0-9]/18.04/' )" == "Ubuntu 18.04 LTS" ]; then # This machine is running Ubuntu 18.04. - TAG=v56 + TAG=v57 elif [ "$(lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' )" == "Ubuntu 14.04 LTS" ]; then # This machine is running Ubuntu 14.04. diff --git a/setup/nextcloud.sh b/setup/nextcloud.sh index 7116c172..5525a37a 100755 --- a/setup/nextcloud.sh +++ b/setup/nextcloud.sh @@ -28,7 +28,7 @@ nextcloud_hash=92cac708915f51ee2afc1787fd845476fd090c81 # -------------- # * Find the most recent tag that is compatible with the Nextcloud version above by # consulting the ... node at: -# https://github.com/nextcloud-releases/contacts/blob/maaster/appinfo/info.xml +# https://github.com/nextcloud-releases/contacts/blob/master/appinfo/info.xml # https://github.com/nextcloud-releases/calendar/blob/master/appinfo/info.xml # https://github.com/nextcloud/user_external/blob/master/appinfo/info.xml # * The hash is the SHA1 hash of the ZIP package, which you can find by just running this script and From d829d74048ce9cc3cfda51f45428cfe482a1ce02 Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Sat, 18 Jun 2022 13:13:02 -0400 Subject: [PATCH 09/10] Pin b2sdk to version 1.14.1 in the virtualenv also We install b2sdk in two places: Once globally for duplicity (see 9d8fdef9915127f016eb6424322a149cdff25d7 for #2125) and once in a virtualenv used by our control panel. The latter wasn't pinned when the former was but should be to fix new Python compatibility issues. Anyone who updated Python packages recently (so anyone who upgraded Mail-in-a-Box) started encountering these issues. Fixes #2131. See https://discourse.mailinabox.email/t/backblaze-b2-backup-not-working-since-v57/9231. --- setup/management.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/setup/management.sh b/setup/management.sh index 40d0a7eb..046c5bac 100755 --- a/setup/management.sh +++ b/setup/management.sh @@ -51,7 +51,8 @@ hide_output $venv/bin/pip install --upgrade \ rtyaml "email_validator>=1.0.0" "exclusiveprocess" \ flask dnspython python-dateutil expiringdict \ qrcode[pil] pyotp \ - "idna>=2.0.0" "cryptography==2.2.2" boto psutil postfix-mta-sts-resolver b2sdk + "idna>=2.0.0" "cryptography==2.2.2" psutil postfix-mta-sts-resolver \ + b2sdk==1.14.1 boto # CONFIGURATION From 3c3d62ac2709ee510214878ef06af0c6009f4e0b Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Sun, 19 Jun 2022 08:58:09 -0400 Subject: [PATCH 10/10] Version 57a --- CHANGELOG.md | 5 +++++ README.md | 2 +- setup/bootstrap.sh | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fd8b65a6..5c20eb7d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,11 @@ CHANGELOG ========= +Version 57a (June 19, 2022) +--------------------------- + +* The Backblaze backups fix posted in Version 57 was incomplete. It's now fixed. + Version 57 (June 12, 2022) -------------------------- diff --git a/README.md b/README.md index 02a274af..8fd2405c 100644 --- a/README.md +++ b/README.md @@ -60,7 +60,7 @@ Clone this repository and checkout the tag corresponding to the most recent rele $ git clone https://github.com/mail-in-a-box/mailinabox $ cd mailinabox - $ git checkout v57 + $ git checkout v57a Begin the installation. diff --git a/setup/bootstrap.sh b/setup/bootstrap.sh index 66294441..4ba0cee7 100644 --- a/setup/bootstrap.sh +++ b/setup/bootstrap.sh @@ -20,7 +20,7 @@ if [ -z "$TAG" ]; then # want to display in status checks. if [ "$(lsb_release -d | sed 's/.*:\s*//' | sed 's/18\.04\.[0-9]/18.04/' )" == "Ubuntu 18.04 LTS" ]; then # This machine is running Ubuntu 18.04. - TAG=v57 + TAG=v57a elif [ "$(lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' )" == "Ubuntu 14.04 LTS" ]; then # This machine is running Ubuntu 14.04.