Joshua Tauberer
ef6f121491
when generating a CSR in the control panel, don't set empty attributes
...
Same as in a52c56e571
.
Fixes #1338 .
2018-01-28 09:07:54 -05:00
Joshua Tauberer
ec3aab0eaa
v0.26b
2018-01-25 09:27:17 -05:00
Joshua Tauberer
8c69b9e261
update CHANGELOG
2018-01-25 09:23:04 -05:00
Joshua Tauberer
e7150e3bc6
pin acme to v0.20, which is the last version compatible with free_tls_certificates
...
free_tls_certificates uses acme.jose, which in acme v0.21 was moved to a new Python package.
See #1328
2018-01-20 11:23:45 -05:00
Joshua Tauberer
8d6d84d87f
run mailconfig.py's email address validator outside of the virtualenv during questions.sh
...
We don't have the virtualenv this early in setup.
Broken by 0088fb4553
.
Fixes #1326 .
See https://discourse.mailinabox.email/t/that-is-not-a-valid-email-error-during-mailinabox-installation/2793 .
2018-01-20 10:59:37 -05:00
barrybingo
a6a1cc7ae0
Reduce munin-node log level to warning ( #1330 )
2018-01-19 12:00:44 -05:00
Joshua Tauberer
b5c0736d27
release v0.26
2018-01-18 17:10:23 -05:00
Joshua Tauberer
8ee7de6ff3
no need to do a second apt-get update after 'installing' the PHP7 PPA if the PPA was already installed
2018-01-15 13:28:18 -05:00
Joshua Tauberer
0088fb4553
install Python 3 packages in a virtualenv
...
The cryptography package has created all sorts of installation trouble over the last few years, probably because of mismatches between OS-installed packages and pip-installed packages. Using a virtualenv for all Python packages used by the management daemon should make sure everything is consistent.
See #1298 , see #1264 .
2018-01-15 13:27:04 -05:00
Joshua Tauberer
b2d103145f
remove php5 packages from webmail.sh
...
The PHP5 packages have a dependency on (apache2 or php5-cgi or php5-fpm), and since removing php5-fpm apache2 started getting installed during setup, which caused a conflict with nginx of course.
These packages don't seem to be needed by Roundcube or Nextcloud --- Roundcube includes the ones it needs.
see #1264 , #1298
2018-01-15 11:29:12 -05:00
Joshua Tauberer
fc9e279cec
partial revert of 441bd350
, accidentally uncommented something
2018-01-15 10:33:05 -05:00
yeah
257983d559
Fix typo in CHANGELOG.md ( #1312 )
2017-12-25 17:46:31 -05:00
Joshua Tauberer
e924459140
revert f25801e/#1233 - use Mozilla intermediate ciphers for IMAP/POP not modern ciphers
...
fixes #1300
2017-12-24 14:41:41 -05:00
Joshua Tauberer
441bd35053
update CHANGELOG
2017-12-23 18:01:41 -05:00
Michael Kroes
a0e603a3c6
Change z-push to use the git repository instead of the tar ball ( #1305 )
2017-12-23 17:51:18 -05:00
sam-banks
88604074d6
Bugfix for free command ( #1278 )
...
A quick fix - there's no "o" option for free.
2017-12-18 08:21:28 -05:00
yeah
d43111eb48
Add X-Spam-Score header to checked mail ( #1292 )
...
To enable users to do custom spam filtering based on score, it's helpful to render the actual spam score as a float in a separate header rather than as part of X-Spam-Status where it only appears in a comma separated list.
2017-12-18 08:17:47 -05:00
Jim Bailey
6729588d8c
Changed temp_dir to /var/temp/roundcube to avoid loss on reboot. ( #1302 )
2017-12-18 08:12:45 -05:00
Joshua Tauberer
5f14eca67f
merge v0.25 security release
2017-11-15 11:27:30 -05:00
Joshua Tauberer
8944cd7980
v0.25
2017-11-15 11:27:00 -05:00
yeah
2bbbc9dfa3
Update Roundcube to protect against CVE-2017-16651
...
See https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10 .
merges #1287
2017-11-15 11:14:21 -05:00
John Olten
544f155948
Add support for DNS wildcard [merges #1281 ]
2017-11-15 11:10:59 -05:00
Joshua Tauberer
f080eabb3a
run apt-get autoremove after updating system packages
...
Old kernels can build up and some packages may not be needed anymore.
See https://discourse.mailinabox.email/t/storage-space-decreasing/2525/5 .
2017-11-15 11:05:43 -05:00
Jānis (Yannis)
7bf377eed1
use RSASHA256 for .lv domains DNSSEC ( #1277 )
2017-10-31 18:01:47 -04:00
Nicolas North
cd554cf480
document the "local" alias pointing to this box in Custom DNS ( #1261 )
2017-10-20 17:20:21 -04:00
Michael Kroes
e5448405ae
add php7.0-mbstring to webmail.sh ( #1268 )
2017-10-15 07:53:01 -04:00
Tristan Hill
a7eff8fb35
turn off apt verbose in unattended upgrades ( #1255 )
2017-10-06 08:16:40 -04:00
Fabian Bucher
341aa8695a
update F-Droid DAVdroid link ( #1253 )
...
the information about the invalid link comes from here -> https://discourse.mailinabox.email/t/admin-sync-guide-contacts-and-calendar-davdroid-3-69-free-here/2528
2017-10-04 17:47:15 -04:00
Joshua Tauberer
5efdd72f41
update TLS test to record changes in the ciphers we offer on the open ports
2017-10-03 12:01:10 -04:00
Joshua Tauberer
f25801e88d
Merge #1233 - Limit Dovecot ciphers to the Mozilla modern set
2017-10-03 11:55:16 -04:00
Joshua Tauberer
cc7be13098
update nginx cipher list to Mozilla's current intermediate ciphers and update HSTS header to be six months
...
* The Mozilla recommendations must have been updated in the last few years.
* The HSTS header must have >=6 months to get an A+ at ssllabs.com/ssltest.
2017-10-03 11:47:32 -04:00
Joshua Tauberer
2556e3fbc2
HSTS header does not belong here, will result in multiple headers
2017-10-03 11:38:15 -04:00
Joshua Tauberer
00898b2ff5
v0.24
2017-10-03 10:49:04 -04:00
Joshua Tauberer
35b8a149d8
fix dns regex: underscores are allowed in domain names even though they are not allowed in hostnames
2017-09-22 12:31:49 -04:00
Joshua Tauberer
d0423afd18
Nextcloud install shouldn't fail if php-fpm isn't already running
2017-09-22 11:10:48 -04:00
Joshua Tauberer
edf42df835
update Roundcube (1.3.1), persistent login plugin, Z-Push (2.3.8), and Nextcloud (12.0.3)
2017-09-22 11:10:40 -04:00
Joshua Tauberer
734745a4a6
Nextcloud 12.0.2, fix Nextcloud 12 upgrades seeing the wrong version
...
Nextcloud 12 adds a new OC_VersionCanBeUpgradedFrom field to /usr/local/lib/owncloud/version.php which lists
prior NC/OC version numbers, which confuses our check for what the installed version is. Make our regex more strict.
merges #1238
2017-09-01 07:58:07 -04:00
dofl
dbebaba8b9
switch PHP's process manager to on demand
...
merges #1216
2017-08-30 13:39:25 -04:00
Joshua Tauberer
cb765dfe2a
changelog entries
2017-08-30 13:11:58 -04:00
Lloyd Smart
81258e2189
Implement upstream issue #1228 for stronger dh parameters in Dovecot. ( #1232 )
2017-08-30 13:04:22 -04:00
Lloyd Smart
4dd4b4232a
Limited ciphers to the Mozilla modern set from https://mozilla.github.io/server-side-tls/ssl-config-generator/ as requested in issue #1228 .
2017-08-29 15:02:58 +01:00
Marius Blüm
48ff664ee9
Remove the ? from "Log out" ( #1231 )
...
Signed-off-by: Marius Blüm <marius@lineone.io>
2017-08-23 19:46:45 -04:00
Michael Kroes
a52c56e571
only set the CN field when generating initial CSR to prevent issues with the php7 ppa version of openssl ( #1223 )
...
OpenSSL 1.1.0f now validates the other subject fields and rejects the empty string (for the country?) because it isn't two characters.
2017-07-30 08:11:39 -04:00
Jon Hermansen
6ace97e482
update PPA build URL for postgrey 1.35. Fixes #1211 ( #1212 )
2017-07-21 15:13:57 -04:00
Git Repository
19a928e4ec
[Issue #1159 ] Remove any +tag name in email alias before checking privileges ( #1181 )
...
* [Issue #1159 ] Remove any +tag name in email alias before checking privileges
* Move priprivileged email check after the conversion to unicode so only IDNA serves as input
2017-07-21 11:10:16 -04:00
Michael Kroes
78f2fe213e
Secondary name server could not be set ( #1209 )
2017-07-21 08:20:37 -04:00
Michael Kroes
a16855ecf0
Backup script should now stop php7.0-fpm instead of php5-fpm ( #1206 )
2017-07-17 09:45:40 -04:00
yodax
d773140502
Update to Nextcloud 12 using PHP7
...
* Install PHP7 via a PPA, enable unattended upgrades for the PPA, and switch all of our PHP configuration to the PHP7 install.
* Keep installing PHP5 for ownCloud/Nextcloud packages because we need it to possibly run transitional updates to ownCloud/Nextcloud versions less than 12. But replace PHP5 packages with PHP7 packages elsewhere.
* Update to Nextcloud 12 which requires PHP7, with a transitional upgrade to Nextcloud 11.0.3.
* Disable TLS cert validation by Roundcube when connecting to localhost IMAP and SMTP. Validation became the default in PHP7 but we don't necessarily have a (non-self-)signed certificate and it definitely isn't valid for the IP address 127.0.0.1.
Merges #1140
2017-07-14 06:48:22 -04:00
Michael Kroes
2c324d0bc9
web_domains should also normalize ipv6 addresses ( #1201 )
2017-07-13 07:16:12 -04:00
Joshua Tauberer
2bd6cc4d6b
update to Z-Push 2.3.7
2017-07-10 18:01:21 -04:00