remove extra features from master branch

management/auth.py

@@ -59,7 +59,7 @@ class KeyAuthService:
 
 			credentials = decode(credentials)
 			if ":" not in credentials:
-				return credentials, None
+				return None, None
 			username, password = credentials.split(':', maxsplit=1)
 			return username, password
 

management/daemon.py

@@ -1,7 +1,5 @@
 import os, os.path, re, json, time
 import subprocess
-import base64
-import sys
 
 from functools import wraps
 
@@ -349,34 +347,6 @@ def dns_get_dump():
 	from dns_update import build_recommended_dns
 	return json_response(build_recommended_dns(env))
 
-@app.route('/letsencrypt/dns-auth/<domain>/<token>', methods=['GET'])
-@authorized_personnel_only
-def letsencrypt_dns_auth(domain, token):
-	from dns_update import do_dns_update, set_custom_dns_record
-	try:
-		qname = '_acme-challenge.' + domain
-		if set_custom_dns_record(qname, 'TXT', token, 'add', env):
-			if not do_dns_update(env):
-				return ("Error updating DNS", 400)
-		return "OK"
-
-	except ValueError as e:
-		return (str(e), 400)
-
-@app.route('/letsencrypt/dns-cleanup/<domain>', methods=['GET'])
-@authorized_personnel_only
-def letsencrypt_dns_cleanup(domain):
-	from dns_update import do_dns_update, set_custom_dns_record
-	try:
-		qname = '_acme-challenge.' + domain
-		if set_custom_dns_record(qname, 'TXT', None, 'remove', env):
-			if not do_dns_update(env):
-				return ("Error updating DNS", 400)
-		return "OK"
-
-	except ValueError as e:
-		return (str(e), 400)
-
 # SSL
 
 @app.route('/ssl/status')
@@ -573,62 +543,28 @@ def privacy_status_set():
 	utils.write_settings(config, env)
 	return "OK"
 
-
-# Quotas
-
 @app.route('/system/default-quota', methods=["GET"])
 @authorized_personnel_only
 def default_quota_get():
-    if request.values.get('text'):
-        return get_default_quota(env)
-    else:
-        return json_response({
-            "default-quota": get_default_quota(env),
-        })
+	if request.values.get('text'):
+		return get_default_quota(env)
+	else:
+		return json_response({
+			"default-quota": get_default_quota(env),
+		})
 
 @app.route('/system/default-quota', methods=["POST"])
 @authorized_personnel_only
 def default_quota_set():
-    config = utils.load_settings(env)
-    try:
-        config["default-quota"] = validate_quota(request.values.get('default_quota'))
-        utils.write_settings(config, env)
+	config = utils.load_settings(env)
+	try:
+		config["default-quota"] = validate_quota(request.values.get('default_quota'))
+		utils.write_settings(config, env)
 
-    except ValueError as e:
-        return ("ERROR: %s" % str(e), 400)
-
-    return "OK"
-
-
-# Mailgraph
-
-@app.route('/mailgraph/image.cgi', methods=['GET'])
-@authorized_personnel_only
-def mailgraph():
-	if request.query_string:
-		query = request.query_string.decode('utf-8', 'ignore')
-		if '&' in query:
-			query = query.split('&')[0]
-
-		print("QUERY_STRING=%s" % query, file=sys.stderr)
-
-		code, bin_out = utils.shell(
-			"check_output",
-			["/usr/share/mailgraph/mailgraph.cgi"],
-			env={"QUERY_STRING": query},
-			return_bytes=True,
-			trap=True
-		)
-
-		if code != 0:
-			return ('Error generating mailgraph image: %s' % query, 500)
-
-		headers, image_bytes = bin_out.split(b'\n\n', 1)
-
-		return base64.b64encode(image_bytes)
-
-	return ('Mailgraph: no image requested', 500)
+	except ValueError as e:
+		return ("ERROR: %s" % str(e), 400)
 
+	return "OK"
 
 # MUNIN
 

management/ssl_certificates.py

@@ -313,7 +313,6 @@ def provision_certificates(env, limit_domains):
 				webroot = os.path.join(account_path, 'webroot')
 				os.makedirs(webroot, exist_ok=True)
 				with tempfile.TemporaryDirectory() as d:
-					miab_dir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
 					cert_file = os.path.join(d, 'cert_and_chain.pem')
 					print("Provisioning TLS certificates for " + ", ".join(domain_list) + ".")
 					certbotret = subprocess.check_output([
@@ -329,10 +328,7 @@ def provision_certificates(env, limit_domains):
 						"--chain-path", os.path.join(d, 'chain'), # we only use the full chain
 						"--fullchain-path", cert_file,
 
-						"--manual",
-						"--preferred-challenge", "dns",
-						"--manual-auth-hook", os.path.join(miab_dir, "tools/dns-auth.sh"),
-						"--manual-cleanup-hook", os.path.join(miab_dir, "tools/dns-cleanup.sh"),
+						"--webroot", "--webroot-path", webroot,
 
 						"--config-dir", account_path,
 						#"--staging",

management/status_checks.py

@@ -26,7 +26,6 @@ def get_services():
 		{ "name": "Dovecot LMTP LDA", "port": 10026, "public": False, },
 		{ "name": "Postgrey", "port": 10023, "public": False, },
 		{ "name": "Spamassassin", "port": 10025, "public": False, },
-		{ "name": "IMAP Quota", "port": 12340, "public": False },
 		{ "name": "OpenDKIM", "port": 8891, "public": False, },
 		{ "name": "OpenDMARC", "port": 8893, "public": False, },
 		{ "name": "Mail-in-a-Box Management Daemon", "port": 10222, "public": False, },
@@ -39,7 +38,6 @@ def get_services():
 		{ "name": "Mail Filters (Sieve/dovecot)", "port": 4190, "public": True, },
 		{ "name": "HTTP Web (nginx)", "port": 80, "public": True, },
 		{ "name": "HTTPS Web (nginx)", "port": 443, "public": True, },
-	    { "name": "Solr Full Text Search (tomcat)", "port": 8080, "public": False, },
 	]
 
 def run_checks(rounded_values, env, output, pool):

management/templates/index.html

@@ -102,7 +102,6 @@
                 <li><a href="#mail-guide" onclick="return show_panel(this);">Instructions</a></li>
                 <li><a href="#users" onclick="return show_panel(this);">Users</a></li>
                 <li><a href="#aliases" onclick="return show_panel(this);">Aliases</a></li>
-                <li><a href="#mailgraph" onclick="return show_panel(this);">Mailgraph</a></li>
               </ul>
             </li>
             <li><a href="#sync_guide" onclick="return show_panel(this);">Contacts/Calendar</a></li>
@@ -152,10 +151,6 @@
       {% include "sync-guide.html" %}
       </div>
 
-      <div id="panel_mailgraph" class="admin_panel">
-      {% include "mailgraph.html" %}
-      </div>
-
       <div id="panel_web" class="admin_panel">
       {% include "web.html" %}
       </div>

management/templates/mailgraph.html

@@ -1,48 +0,0 @@
-<h2>Mail statistics</h2>
-<ul id="jump">
-  <li><a href="#G0">Day</a>&nbsp;</li>
-  <li><a href="#G1">Week</a>&nbsp;</li>
-  <li><a href="#G2">Month</a>&nbsp;</li>
-  <li><a href="#G3">Year</a>&nbsp;</li>
-</ul>
-
-<h3 id="G0">Last Day</h3>
-<p><img src="" data-src="/mailgraph/image.cgi?0-n" alt="mailgraph"/></p>
-<p><img src="" data-src="/mailgraph/image.cgi?0-e" alt="mailgraph"/></p>
-<p><img src="" data-src="/mailgraph/image.cgi?0-g" alt="mailgraph"/></p>
-
-<h3 id="G1">Last Week</h3>
-<p><img src="" data-src="/mailgraph/image.cgi?1-n" alt="mailgraph"/></p>
-<p><img src="" data-src="/mailgraph/image.cgi?1-e" alt="mailgraph"/></p>
-<p><img src="" data-src="/mailgraph/image.cgi?1-g" alt="mailgraph"/></p>
-
-<h3 id="G2">Last Month</h3>
-<p><img src="" data-src="/mailgraph/image.cgi?2-n" alt="mailgraph"/></p>
-<p><img src="" data-src="/mailgraph/image.cgi?2-e" alt="mailgraph"/></p>
-<p><img src="" data-src="/mailgraph/image.cgi?2-g" alt="mailgraph"/></p>
-
-<h3 id="G3">Last Year</h3>
-<p><img src="" data-src="/mailgraph/image.cgi?3-n" alt="mailgraph"/></p>
-<p><img src="" data-src="/mailgraph/image.cgi?3-e" alt="mailgraph"/></p>
-<p><img src="" data-src="/mailgraph/image.cgi?3-g" alt="mailgraph"/></p>
-
-<hr/>
-
-<p><a href="http://mailgraph.schweikert.ch/">Mailgraph</a> 1.14 by <a href="http://david.schweikert.ch/">David Schweikert</a>
-(built on Tobi Oetiker's <a href="http://oss.oetiker.ch/rrdtool/">RRDtool</a>)</p>
-
-<script type="text/javascript">
-    function show_mailgraph() {
-        $('[data-src]').each(function() {
-            var that = this;
-            api(
-                $(that).attr('data-src'),
-                'GET',
-                '',
-                function(data) {
-                    $(that).attr('src', 'data:image/gif;base64,' + data);
-                }
-            );
-        });
-    }
-</script>

management/web_update.py

@@ -100,20 +100,6 @@ def do_web_update(env):
 			# Add default 'www.' redirect.
 			nginx_conf += make_domain_config(domain, [template0, template3], ssl_certificates, env)
 
-	if str(env['HTTP_SSL_PORT']) != "443":
-		in_http = False
-		new_conf = ''
-		for line in nginx_conf.split('\n'):
-			if line.strip() == '#BEGIN_HTTP':
-				in_http = True
-			elif line.strip() == '#END_HTTP':
-				in_http = False
-
-			if not in_http:
-				new_conf += line + '\n'
-
-		nginx_conf = new_conf
-
 	# Did the file change? If not, don't bother writing & restarting nginx.
 	nginx_conf_fn = "/etc/nginx/conf.d/local.conf"
 	if os.path.exists(nginx_conf_fn):
@@ -198,12 +184,8 @@ def make_domain_config(domain, templates, ssl_certificates, env):
 		nginx_conf = re.sub("[ \t]*# ADDITIONAL DIRECTIVES HERE *\n", t, nginx_conf)
 
 	# Replace substitution strings in the template & return.
-	if int(env['HTTP_SSL_PORT']) != 443:
-		# disable the regular HTTP server
-		nginx_conf = re.sub(r'#BEGIN_HTTP.*?#END_HTTP', repl='', string=nginx_conf, flags=re.MULTILINE)
 	nginx_conf = nginx_conf.replace("$STORAGE_ROOT", env['STORAGE_ROOT'])
 	nginx_conf = nginx_conf.replace("$HOSTNAME", domain)
-	nginx_conf = nginx_conf.replace("$HTTP_SSL_PORT", env['HTTP_SSL_PORT'])
 	nginx_conf = nginx_conf.replace("$ROOT", root)
 	nginx_conf = nginx_conf.replace("$SSL_KEY", tls_cert["private-key"])
 	nginx_conf = nginx_conf.replace("$SSL_CERTIFICATE", tls_cert["certificate"])