David Duque
1ba62c6112
v0.47
...
v0.47 (July 29, 2020)
---------------------
Security fixes:
* Roundcube is updated to version 1.4.7 fixing a cross-site scripting (XSS) vulnerability with HTML messages with malicious svg/na$
* SSH connections are now rate-limited at the firewall level (in addition to fail2ban).
-----BEGIN PGP SIGNATURE-----
iQFDBAABCgAtFiEEX0wOcxPM10RpOyrquSBB9MEL3YEFAl8hh4APHGp0QG9jY2Ft
cy5pbmZvAAoJELkgQfTBC92BD8EIAKuNEHxgL0C0kkpAhuTlVXuoNEH/2FF6hYS7
7NqVrqOO1iVPGkGPhAh77CLpnvvJEhu9GeSWFhTrpI//5CvfafUQowmELClmDcYL
yxHqgoHX9O0PAd+uCLgO3MdAzFMVLNbPmt/uPgEHufnrrQGIGieB2iGWnf9xnnpf
wFSyQQnLofFpq7nH6qQvLNvh//zPQd7l/YV3ieEuT0dV4izg/Sr7Q5W6Zwn/q/ed
Btp4CizRFRFTmulIEM8an+jSXMMvdVkut6WDcl6ct8LZLoWwtEkWVeru9IVu4n9L
Lj8Bkt+8aRR6updnI/2tm0d7ZgFXWHc/+dfLCaK+aOlMD3qV9p0=
=xsgn
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEAKK/toPAcMkE+dinLzJ3OKPArjoFAl8i0EQACgkQLzJ3OKPA
rjopbg//T75ZyceGJVvDnzylhW65bIL8oUYiFLy/GOA39rmR1gjcwzHSaIP0kOtX
HPpm6rhPhVUKo8pjuWSvLnnNfz9QfJ4b6SqAN2Zg/hiqFdMEShGZNqvSQVvLkfxi
HHwa1C+TlRTD57HlVi9Y6TLX7YH65T9YmJol6KO30dGJRMIPssLg6K5k0Wf2Y2uG
E+6tipkiTPcHEaKIHUPdi5xxTL/QHVn+c+C0nsiflX7i9vC6P30e3yNsOvpk3q7V
XwD/bJfycUq8Qc5WhPsKoo287QY9XrkUco8vsVMDJJ1oCSIO1Ek5H/tgu2qB1QNJ
EGtcAYr09Fi8+5PLhmbTgRRWJ6ez6SaNnxsh8W5FhRpymgujoe4ghMiuYCwfHW13
ESB1KKZHGUiqP4nxHIgYyANrSP97qsZmVWUEQcwqhcP8BZY4NOzEsUKgIjTCTpVJ
CbRUJlgQow7s/R76aH3Crb7xhbE+2eQPDgKQ6AwDySWbPTDd3T6MtL0Oe2MZS8Wg
8mv02U+eqDfQ0TfD30vGIESARXJ1UJWfsLQzyyg7jBCTrIfSQt1IwFzXCASm78hs
kHN0/gmXUULQq0FslKV/zrfOsNEzKX+sCwjOMG7RMlWVcEVkRyXFvcajBj72mvZl
3kFOEqah8nErTStsP89Z+ltwfkVsWehu+vwP67NryRy4/B3y9fQ=
=CTVK
-----END PGP SIGNATURE-----
Merge upstream v0.47
2020-07-30 14:51:00 +01:00
Joshua Tauberer
65983b8ac7
Merge v0.47 point release branch
2020-07-29 10:27:06 -04:00
hija
56d0289ed9
v0.47
2020-07-29 10:24:56 -04:00
Marcus Bointon
f253c40012
[backport] Add rate limiting of SSH in the firewall ( #1770 )
...
See #1767 . Backport of cfc8fb484c
.
2020-07-29 10:24:23 -04:00
Hilko
2c34a6df2b
Update roundcube to 1.4.7
2020-07-29 10:15:12 -04:00
Marcus Bointon
cd518e6820
Raise Dovecot per user connection limit ( #1799 )
2020-07-27 06:37:52 -04:00
David Duque
dd7899acca
Version bump
2020-07-26 01:03:28 +01:00
David Duque
60911515fd
Support Ubuntu LTS point releases
2020-07-26 00:26:35 +01:00
David Duque
ac8c0ae762
Release v0.46.POWER.4
2020-07-22 12:45:18 +01:00
David Duque
c8fbe2dd5d
Determine the PHP version at runtime (instead of at setup-time)
2020-07-15 15:28:02 +01:00
David Duque
515a74ba11
Render the lsb_release at flask init time
...
Don't change the index.html file at setup time
2020-07-14 11:51:25 +01:00
David Duque
1d4d03637f
Version bump
2020-06-29 09:47:38 +01:00
David Duque
b98111b4e1
Fix unassigned php version
2020-06-29 09:13:50 +01:00
David Duque
3876cbac8a
Version bump
2020-06-28 10:06:50 +01:00
David Duque
fcb44dafa3
Let's encrypt certbot hotfix
2020-06-27 21:32:36 +01:00
David Duque
7af4ab0f4f
Version bump
2020-06-27 20:27:49 +01:00
David Duque
7864055490
Upgrade Nextcloud
2020-06-27 19:39:03 +01:00
David Duque
7b357fa71b
Version bump (v0.46 rc)
2020-06-21 22:49:14 +01:00
David Duque
9a4cf4d7af
Update dependencies
2020-06-21 16:02:17 +01:00
David Duque
022a11e159
Merge remote-tracking branch 'up/master'
2020-06-21 15:52:31 +01:00
David Duque
74554bcbf3
Version bump
2020-06-21 15:45:34 +01:00
David Duque
5d6c23cff9
Finalize php configuration
2020-06-21 15:18:46 +01:00
Joshua Tauberer
224242dfde
Merge v0.46 point release branch
2020-06-11 12:25:49 -04:00
Joshua Tauberer
049bfb6f7f
v0.46
2020-06-11 12:23:18 -04:00
Joshua Tauberer
12d60d102b
Update Roundcube to 1.4.6
...
Fixes #1776
2020-06-11 12:21:17 -04:00
Faye Duxovni
41642f2f59
[backport] Fix roundcube error log file path in setup script ( #1775 )
2020-06-11 12:16:53 -04:00
Faye Duxovni
339c330b4f
Fix roundcube error log file path in setup script ( #1775 )
2020-06-07 09:50:04 -04:00
Marcus Bointon
cfc8fb484c
Add rate limiting of SSH in the firewall ( #1770 )
...
See #1767 .
2020-06-07 09:47:51 -04:00
Joshua Tauberer
10bedad3a3
MTA-STS tweaks, add status check using postfix-mta-sts-resolver, change to enforce
2020-05-29 15:36:52 -04:00
A. Schippers
afc9f9686a
Publish MTA-STS policy for incoming mail ( #1731 )
...
Co-authored-by: Daniel Mabbett <triumph_2500@hotmail.com>
2020-05-29 15:30:07 -04:00
David Duque
211d3ff8a8
Fix os tag issues
2020-05-24 23:23:45 +01:00
David Duque
a51e968d31
Use pip3
2020-05-17 15:20:14 +01:00
David Duque
c95b91af5a
Force python3-pip
2020-05-17 15:14:43 +01:00
David Duque
117bdb7464
Update Nextcloud to the latest version
...
Nextcloud 17 doesn't support PHP 7.4 (and therefore Ubuntu 20.04 LTS)
2020-05-17 15:04:17 +01:00
David Duque
baa5d32dea
Make sure /etc/default/bind9 exists
2020-05-17 02:58:19 +01:00
David Duque
1513655bc4
Make sure that the OS in the admin panel matches the actual system OS
2020-05-17 02:45:35 +01:00
David Duque
959281c635
Version bump
2020-05-17 02:38:18 +01:00
David Duque
98b50ce333
Syntax function fix
2020-05-17 02:38:00 +01:00
David Duque
b66ade73c8
Begin support for Ubuntu LTS
2020-05-17 02:33:26 +01:00
Joshua Tauberer
7de8fc9bc0
v0.45
2020-05-16 06:45:23 -04:00
David Duque
de115fe01e
Merge remote-tracking branch 'up/master'
2020-05-11 19:42:54 +01:00
clonejo
8fe33da85d
Run nightly tasks on a random minute after 03:00 to avoid overload ( #1754 )
...
- The MIAB version check regularly fails at 03:00, presumably because a
large portion of installations is checking mailinabox.email at the same
time.
- At installation time, the time of the nightly clock is configured to
run at a random minute after 03:00, but before 04:00.
- Users might expect the nightly tasks to be over at a certain time and
run their own custom tasks afterwards. This could thus interfere with
custom backup routines.
- This breaks reproducibility of the installation process.
- Users might also be surprised by the nightly task time changing after
updating MIAB.
2020-05-10 19:54:45 -04:00
Joshua Tauberer
1353949e42
Upgrade Roundcube to 1.4.4, Nextcloud to 17.0.6, Z-Push to 2.5.2
2020-05-10 19:44:12 -04:00
David Duque
8ca34e18bd
Properly configure nsd, bump version
2020-04-22 16:25:12 +01:00
David Duque
3589ac2c06
Don't interfere with locales right away, bump version
2020-04-22 16:14:20 +01:00
David Duque
2d228c0520
Remove PPA installation process
2020-04-21 14:59:54 +01:00
David Duque
8ba078c04b
Attempt to fix some stuff and bump version
2020-04-21 14:48:16 +01:00
David Duque
8aa1ea23c8
Use describe --tags when comparing versions
2020-04-21 14:26:51 +01:00
David Duque
d98825f609
Update pre-flights, bump version
2020-04-20 23:31:18 +01:00
David Duque
ecb575e686
git describe --tags
2020-04-18 15:17:13 +01:00
David Duque
a8be38fcc0
Refer to Debian instead of Ubuntu
2020-04-18 14:43:24 +01:00
David Duque
52e9afcf2f
Just use the script directly
2020-04-17 22:59:25 +01:00
David Duque
9b6781685a
Move settings away from mailinabox.conf
2020-04-16 22:52:48 +01:00
David Duque
d9397a026b
SMTP Relay initialization
2020-04-16 20:19:14 +01:00
David Duque
7ffc889c08
Bump web dependencies ( #1 )
...
- Bootstrap: 3.3.7 -> 4.4.1
- - New admin panel style and respective corrections applied.
- JQuery: 2.1.4 -> 3.5.0
2020-04-16 19:52:01 +01:00
David Duque
edb03b7862
Misc changes
2020-04-12 23:54:35 +01:00
David Duque
8667a574d4
Use local PHP version (ZPush)
2020-04-12 01:04:55 +01:00
David Duque
5f1343864c
Use local PHP version
2020-04-12 01:02:14 +01:00
David Duque
6cee029d15
Move php version to functions.sh
2020-04-12 00:56:55 +01:00
David Duque
5c93d698b4
Update PHP version (7.2 -> 7.3)
2020-04-12 00:50:31 +01:00
David Duque
0568bcc5d3
Early configuration of the nsd service
2020-04-12 00:44:19 +01:00
David Duque
435b01dda4
Merge remote-tracking branch 'up/master'
2020-04-11 19:32:10 +01:00
David Duque
9fb02090bf
Remove operations not applicable to Debian
...
Signed-off-by: David Duque <david.f.s.duque@tecnico.ulisboa.pt>
2020-04-11 19:24:20 +01:00
Stefan
f52749b403
Better return codes after errors in the setup scripts ( #1741 )
2020-04-11 14:18:44 -04:00
David Duque
fcff1f5d2c
Change environment to Debian 10
2020-04-11 19:12:40 +01:00
Daniel Davis
e224fc6656
Delete unused function apt_add_repository_to_unattended_upgrades ( #1721 )
...
The function apt_add_repository_to_unattended_upgrades is defined
but never called anywhere. It appears that automatic apt updates
are handled in system.sh where the file /etc/apt/apt.conf.d/02periodic
is created. The last call was removed in bbfa01f33a
.
Co-authored-by: ddavis32 <dan@nthdegreesoftware.com>
2020-03-08 09:49:39 -04:00
Joshua Tauberer
30c2c60f59
v0.44
2020-02-15 07:15:09 -05:00
Joshua Tauberer
ddadb6c28a
Roundcube 1.4.2
2020-01-22 03:25:53 -05:00
Michael Kroes
faee29ba8b
Bump Nextcloud to 17.0.2 ( #1702 )
2020-01-22 03:06:17 -05:00
jvolkenant
e6294049bc
Update Roundcube persistent_login plugin ( #1712 )
2020-01-22 02:58:04 -05:00
Joshua Tauberer
30885bcc8a
Downgrade TLS settings for port 25, partially reverting f53b18ebb9
...
Port 25 now is aligned with Mozilla's "Old" recommendations at https://ssl-config.mozilla.org/#server=postfix&server-version=3.3.0&config=old&openssl-version=1.1.1 .
See #1705
2020-01-20 14:52:23 -05:00
Joshua Tauberer
385340da46
install openssh-client which provides ssh-keygen and is not present on desktop Ubuntu by default
2019-12-12 11:27:39 -05:00
jvolkenant
0271e549bb
Fix typo in InstallNextcloud calls ( #1693 )
2019-12-10 19:01:09 -05:00
Joshua Tauberer
f53b18ebb9
Upgrade TLS settings
2019-12-01 17:49:36 -05:00
Joshua Tauberer
8567a9b719
Fix upgrade issue broken by 802e7a1f4d
2019-12-01 17:44:12 -05:00
Vasek Sraier
ad9d732608
OpenDKIM canonicalization changed to relaxed for mail headers ( #1620 )
...
Because Mailman reformats headers it breaks DKIM signatures. SPF also does
not apply in mailing lists. This together causes DMARC to fail and mark the
email as invalid. This fixes DKIM signatures for Mailman-based mailing lists
and makes sure DMARC test is passed.
2019-12-01 16:24:38 -05:00
jvolkenant
aa15670dc2
Fixed multiple commented add_header entries in /etc/spamassassin/local.cf ( #1641 )
2019-12-01 16:23:02 -05:00
jvolkenant
81176c8e4b
Fix to prevent multiple commented entries in dovecot conf ( #1642 )
2019-12-01 16:22:17 -05:00
Carl Reinke
960b5d5bbd
Don't use ifquery to check interface state since it is no longer installed ( #1689 )
2019-12-01 16:21:38 -05:00
Carl Reinke
802e7a1f4d
Copy systemd service files before linking to avoid issue with order of mounting filesystems ( #1688 )
2019-12-01 16:15:04 -05:00
Michael Kroes
52c68c6510
Implement Nextcloud php-fpm recommended performance tuning settings ( #1679 )
2019-12-01 16:13:33 -05:00
Michael Kroes
54b1ee9a3d
Nextcloud 17 ( #1676 )
2019-12-01 16:11:00 -05:00
Francesco Montanari
6e3dee8b3b
Upgrade RoundCube to 1.4.1 and set the default skin to elastic ( #1673 )
...
* Upgrade RoundCube to 1.4.0 and set the default skin to elastic
* Install php-ldap extension
* Remove smtp parameters that are now the default
2019-12-01 16:10:04 -05:00
Michael Kroes
91638c7fe0
Removed the postgrey option that specifies which whitelist file to use. This allows the usage of a .local verion ( #1675 )
2019-11-23 07:58:29 -05:00
Michael Kroes
ff8170d5ab
Align nextcloud cron job with recommended settings ( #1680 )
2019-11-23 07:51:22 -05:00
jvolkenant
df80b9fc71
Allow user_external for Nextcloud 16 (and eventually 17) ( #1655 )
2019-11-02 15:28:36 -04:00
jvolkenant
ed02e2106b
Update zpush to 2.5.1 ( #1654 )
2019-10-28 06:27:54 -04:00
Jeff Volkenant
24a567c3be
Fix mailinabox-postgrey-whitelist cron job return code for file over 28 days
...
Merges #1639
2019-10-05 16:27:21 -04:00
Brendan Hide
70f05e9d52
Ensure the universe repository is enabled
...
A minimal Ubuntu server installation might not have universe enabled by
default. By adding it, we ensure we can install packages only available
in universe, such as python3-pip
Merges #1650 .
2019-10-05 16:14:12 -04:00
Michael Kroes
889118aeb6
Upgraded Nextcloud to 16.0.5 ( #1648 )
...
* Upgraded Nextcloud to 16.0.5
* Improved Nextcloud upgrade detection
2019-10-05 16:12:00 -04:00
Joshua Tauberer
9e29564f48
v0.43
2019-09-01 07:43:47 -04:00
jvolkenant
d6becddbe5
Change Nextcloud upgrade logic to look at STORAGE_ROOT's config.php version vs /usr/local's version.php version ( #1632 )
...
* Download and verify Nextcloud download before deleting old install directory
* Changed install logic to look at config.php and not version.php for database version number. When restoring from a backup, config.php in STORAGE_ROOT will hold the Nextcloud version that corresponds to the user's database and version.php in /usr/local won't even exist, so we were missing Nextcloud migration steps. In other cases they should be the same.
2019-08-31 08:50:36 -04:00
Michael Kroes
1d6793d124
Update the Postgrey whitelist to a newer version monthly ( #1611 )
...
Automatically update the Postgrey whitelist to a newer version once a month.
2019-08-31 08:38:41 -04:00
cmharper
295d481603
Upgraded roundcube to 1.3.10 ( #1634 )
2019-08-31 07:55:38 -04:00
Joshua Tauberer
e37768ca86
v0.42b
2019-08-03 11:49:32 -04:00
jvolkenant
bea5eb0dda
Add interm upgrade step from Nextcloud 13 -> 14 ( #1605 )
2019-07-12 06:41:16 -04:00
Joshua Tauberer
5fc1944f04
pull v0.42, go back to v0.41
2019-07-05 11:56:54 -04:00
Joshua Tauberer
39fd4ce16c
v0.42
2019-07-04 21:34:55 -04:00
jvolkenant
193763f8f0
Update to Nextcloud 15.0.8, Contacts to 3.1.1, and Calendar to 1.6.5 ( #1577 )
...
* Update to Nextcloud 15.0.7, Contacts to 3.1.1, and Calendar to 1.6.5
* Enabled localhost-only insecure IMAP login for localhost Nextcloud auth
* Add package php-imagick and BigInt conversion
* added support for /cloud/oc[sm]-provider/ endpoint
2019-06-16 11:10:52 -04:00
jvolkenant
79759ea5a3
Upgrade Z-Push to 2.5.0 ( #1581 )
2019-06-16 11:07:45 -04:00
jvolkenant
6e5ceab0f8
hide virtualenv output ( #1578 )
2019-05-15 11:59:32 -07:00
jvolkenant
c6fa0d23df
check that munin-cron is not running (via cron) when it is run in setup, fixes #660 ( #1579 )
2019-05-15 11:58:40 -07:00
cmharper
85e59245fd
hide 'RTNETLINK answers: Network is unreachable' error message during setup if IPv6 is not available ( #1576 )
2019-05-15 11:57:06 -07:00
jvolkenant
4232a1205c
fix dovecot message about SSLv2 not supported by OpenSSL ( #1580 )
2019-05-15 11:46:52 -07:00
just4t
25fec63a03
RAM limit to 502Mb to meet EC2 & Vultr 512Mb inst. ( #1560 )
...
AS told here: https://github.com/mail-in-a-box/mailinabox/pull/1534
2019-04-14 16:33:50 -04:00
dexbleeker
9b46637aff
Update Roundcube to version 1.3.9 ( #1546 )
2019-04-14 14:19:21 -04:00
Joshua Tauberer
dd7a2aa8a6
v0.41
2019-02-26 18:17:50 -05:00
Joshua Tauberer
149552f79b
systemctl link should use -f to avoid an error if a system service already exists with that name but points to a different file
...
https://discourse.mailinabox.email/t/new-error-failed-systemctl-link-conf-mailinabox-service/4626/2
2019-02-26 18:16:26 -05:00
Joshua Tauberer
adddd95e38
add lmtp_destination_recipient_limit=1 to work around spampd bug, see #1523
2019-02-25 13:20:57 -05:00
Yoann Colin
10050aa601
Upgrade to NextCloud 14 ( #1504 )
...
* Upgraded Nextcloud from 13.0.6 to 14.0.6.
* Upgraded Contacts from 2.1.5 to 2.1.8.
* Upgraded Calendar from 1.6.1 to 1.6.4.
* Cleanup unsupported version upgrades: Since an upgrade to v0.30 is mandatory before moving upward, I removed the checks for Nextcloud prior version 12.
* Fix the storage root path.
* Add missing indices. Thx @yodax for your feedback.
2019-02-08 21:24:03 -05:00
jvolkenant
c60e3dc842
fail2ban ssh/ssh-ddos and sasl are now sshd and postfix-sasl ( fixes #1453 , merges #1454 )
...
* fail2ban ssh/ssh-ddos and sasl are now sshd and postfix-sasl
* specified custom datepattern for miab-owncloud.conf
2019-01-18 09:40:51 -05:00
Joshua Tauberer
c7659d9053
v0.40
2019-01-12 08:24:15 -05:00
Joshua Tauberer
cd3fb1b487
fix bootstrap.sh to not confuse the status checks about the latest version
2019-01-09 09:03:43 -05:00
Joshua Tauberer
6e60b47cb5
update bootstrap.sh script to detect the operating system and choose a different version tag depending on whether the box is running Ubuntu 14.04 or Ubuntu 18.04
2019-01-09 08:52:51 -05:00
Joshua Tauberer
a3add03706
Merge branch 'master' into ubuntu_bionic
2019-01-09 07:00:44 -05:00
Joshua Tauberer
7b592b1e99
v0.30 - the last Ubuntu 14.04 release
2019-01-09 06:31:56 -05:00
Dean Perry
31b743b164
Fix some more $DEFAULT_PUBLIC_IP issues ( #1494 )
2018-12-26 15:39:47 -05:00
jvolkenant
71f1c92b9e
bash strict mode fixes ( #1482 )
2018-12-13 20:30:05 -05:00
EliterScripts
e80a1dd4b7
fix DEFAULT_PUBLIC_IP unbound variable error ( #1488 )
...
This will fix this error while installing:
setup/questions.sh: line 95: DEFAULT_PUBLIC_IP: unbound variable
2018-12-13 20:28:21 -05:00
jvolkenant
b7e9a90005
roundcube: upgrade carddav plugin to 3.0.3 & updated migrate.py ( #1479 )
...
* roundcube: upgrade carddav plugin to 3.0.3 & updated migrate.py
* Check for db first and clear sessions to force re-login
2018-12-03 15:33:36 -05:00
Joshua Tauberer
0d4565e71d
merge master branch
2018-12-02 18:19:15 -05:00
Joshua Tauberer
703a9376ef
fix /etc /usr permissions for Scaleway, see #1438
2018-12-02 18:16:40 -05:00
Joshua Tauberer
bd54b41041
add missing rsyslog to apt install line
...
see #1438
2018-12-02 18:02:00 -05:00
Achilleas Pipinellis
a7dded8182
Add a logfile entry to the NSD conf file ( #1434 )
...
Having a log file can help debugging when something goes wrong and
NSD doesn't fail or MiaB doesn't notify you.
See
https://discourse.mailinabox.email/t/dns-email-domain-becomes-inaccessible-every-few-hours/3770
2018-12-02 18:00:16 -05:00
Joshua Tauberer
9ddca42c91
add 'nameserver' to resolv.conf, fixes #1450
2018-11-30 10:46:54 -05:00
Joshua Tauberer
e5e0c64395
turn on bash strict mode to better catch setup errors
...
fixes #893
2018-11-30 10:46:54 -05:00
Joshua Tauberer
aa52f52d02
disable SMTP AUTH on port 25 to stop it accidentally being used for submission
...
fixes #830
2018-11-30 10:46:54 -05:00
Holger Just
0335595e7e
Update Roundcube to version 1.3.8 ( #1475 )
...
https://github.com/roundcube/roundcubemail/releases/tag/1.3.8
2018-11-25 10:40:21 -05:00
jvolkenant
c9b3d88108
Fixes #1437 - package python-virtualenv is now called just virtualenv ( #1452 )
2018-10-24 17:20:48 -04:00
Joshua Tauberer
16f38042ec
v0.29 released, closes #1440
2018-10-24 16:12:25 -04:00
Michael Kroes
6eb9055275
Upgrade NextCloud to 13.06 ( #1436 )
2018-10-09 07:09:54 -04:00
Joshua Tauberer
3dbd6c994a
update bind9 configuration
2018-10-03 14:28:43 -04:00
Joshua Tauberer
bbfa01f33a
update to PHP 7.2
...
* drop the ondrej/php PPA since PHP 7.x is available directly from Ubuntu 18.04
* intall PHP 7.2 which is just the "php" package in Ubuntu 18.04
* some package names changed, some unnecessary packages are no longer provided
* update paths
2018-10-03 13:00:15 -04:00
Joshua Tauberer
f6a641ad23
remove some cleanup steps that are no longer needed since we aren't supporting upgrades of existing machines and, even if we did, we aren't supporting upgrades from really old versions of Mail-in-a-Box
2018-10-03 13:00:15 -04:00
Joshua Tauberer
51972fd129
fix some comments
2018-10-03 13:00:15 -04:00
Joshua Tauberer
bb43a2127c
turn the x64/i686 architecture check into a warning since I'm not sure if we have any architecture requirements anymore, beyond what Ubuntu supports
2018-10-03 13:00:15 -04:00
Christopher A. DeFlumeri
d96613b8fe
minimal changeset to get things working on 18.04
...
@joshdata squashed pull request #1398 , removed some comments, and added these notes:
* The old init.d script for the management daemon is replaced with a systemd service.
* A systemd service configuration is added to configure permissions for munin on startup.
* nginx SSL settings are updated because nginx's options and defaults have changed, and we now enable http2.
* Automatic SSHFP record generation is updated to know that 22 is the default SSH daemon port, since it is no longer explicit in sshd_config.
* The dovecot-lucene package is dropped because the Mail-in-a-Box PPA where we built the package has not been updated for Ubuntu 18.04.
* The stock postgrey package is installed instead of the one from our PPA (which we no longer support), which loses the automatic whitelisting of DNSWL.org-whitelisted senders.
* Drop memcached and the status check for memcached, which we used to use with ownCloud long ago but are no longer installing.
* Other minor changes.
2018-10-03 13:00:06 -04:00
Joshua Tauberer
504a9b0abc
certbot uses a new directory path for API v02 accounts and we should check that before creating a new account or else we'll try to create a new account on each setup run (which certbot just fails on)
2018-09-03 13:07:24 -04:00
Joshua Tauberer
842fbb3d72
auto-agree to Let's Encrypt's terms of service during setup
...
fixes #1409
This reverts commit 82844ca651
("make certbot auto-agree to TOS if NONINTERACTIVE=1 env var is set (#1399 )") and instead *always* auto-agree. If we don't auto-agree, certbot asks the user interactively, but our "curl | bash" setup line does not permit interactive prompts, so certbot failed to register and all certificate things were broken until the command was re-run interactively.
2018-09-03 13:06:34 -04:00
Joshua Tauberer
a5d5a073c7
update Z-Push to 2.4.4
...
Starting with 2.4, Z-Push no longer provides tarballs on their download server. The only options are getting the code from their git repository or using one of their distribution packages. Their Ubuntu 18.04 packaes don't seem to actually work in Ubuntu 18.04, so thinking ahead that's currently a bad choice. In 78d1c9be6e
we switched from doing a git clone to using wget on their downloads server because of a problem with something related to stash.z-hub.io's SSL certificate. But wget also seems to work on their source code repository, so we can use that.
2018-09-02 11:29:44 -04:00
Joshua Tauberer
d4b122ee94
update to Nextcloud 13.0.5
2018-08-24 11:11:52 -04:00
Joshua Tauberer
052a1f3b26
update to Roundcube 1.3.7
2018-08-24 10:47:22 -04:00
Joshua Tauberer
180b054dbc
small code cleanup testing if the utf8 locale is installed
2018-08-24 09:49:08 -04:00
hlxnd
de9c556ad7
Add missing PHP end tag
2018-08-05 15:27:35 +02:00
Joshua Tauberer
738e0a6e17
v0.28 released, closes #1405
2018-07-30 11:14:38 -04:00
Joshua Tauberer
7f37abca05
add php7.0-curl to webmail.sh
...
see 7ee91f6ae6
see #1268
closes #1259
2018-07-22 09:19:36 -04:00
Nils Norman Haukås
78d1c9be6e
failing z-push installation: replace git clone with wget_verify
...
git clone (which uses curl) underneath was failing. Curiously, the same
git clone command would work on my macos host machine.
From the screenshot it looks like curl was somehow not able to negotiate
the connection. Might have been a missing CA certificate for Comodo, but
I was not able to determine if that was the issue.
fixes #1393
closes #1387
closes #1400
2018-07-19 11:25:57 -04:00
Nils
82844ca651
make certbot auto-agree to TOS if NONINTERACTIVE=1 env var is set ( #1399 )
2018-07-15 11:24:15 -04:00
Joshua Tauberer
2a72c800f6
replace free_tls_certificates with certbot
2018-06-29 16:46:21 -04:00
Joshua Tauberer
f9a0e39cc9
cryptography is now distributed as a wheel and no longer needs system development packages to be installed or pip/setuptools workarounds
2018-06-29 16:46:21 -04:00
Joshua Tauberer
0c0a079354
v0.27
2018-06-14 07:49:20 -04:00
yeah
7c62f4b8e9
Update Roundcube to 1.3.6 ( #1376 )
2018-04-17 11:54:24 -04:00
xetorixik
8f399df5bb
Update Roundcube to 1.3.4 and Z-push to 2.3.9 ( #1354 )
2018-02-21 08:22:57 -05:00
Joshua Tauberer
ae73dc5d30
v0.26c
2018-02-13 10:46:02 -05:00
Joshua Tauberer
6961840c0e
wrap wget in hide_output so that wget errors are shown
...
Our wget_verify function uses wget to download a file and then check
the file's hash. If wget fails, i.e. because of a 404 or other HTTP
or network error, we exited setup without displaying any output because
normally there are no errors and -q keeps the setup output clean.
Wrapping wget with our hide_output function, and dropping -q, captures
wget's output and shows it and exits setup just if wget fails.
see #1297
2018-02-13 10:38:10 -05:00
Jan Schulz-Hofen
47c968e71b
Upgrade Nextcloud from 12.0.3 to 12.0.5
2018-02-04 10:13:30 -05:00
Jan Schulz-Hofen
ed3e2aa712
Use new .tar.bz2 source files for ownCloud and fix upgrade paths
2018-02-04 10:13:30 -05:00
Joshua Tauberer
35fed8606e
only spawn one process for the management daemon
...
In 0088fb4553
I changed the management daemon's startup
script from a symlink to a Python script to a bash script that activated the new virtualenv
and then launched Python. As a result, the init.d script that starts the daemon would
write the pid of bash to the pidfile, and when trying to kill it, it would kill bash but
not the Python process.
Using exec to start Python fixes this problem by making the Python process have the pid
that the init.d script knows about.
fixes #1339
2018-01-28 09:08:19 -05:00
Joshua Tauberer
ec3aab0eaa
v0.26b
2018-01-25 09:27:17 -05:00
Joshua Tauberer
e7150e3bc6
pin acme to v0.20, which is the last version compatible with free_tls_certificates
...
free_tls_certificates uses acme.jose, which in acme v0.21 was moved to a new Python package.
See #1328
2018-01-20 11:23:45 -05:00
Joshua Tauberer
8d6d84d87f
run mailconfig.py's email address validator outside of the virtualenv during questions.sh
...
We don't have the virtualenv this early in setup.
Broken by 0088fb4553
.
Fixes #1326 .
See https://discourse.mailinabox.email/t/that-is-not-a-valid-email-error-during-mailinabox-installation/2793 .
2018-01-20 10:59:37 -05:00
barrybingo
a6a1cc7ae0
Reduce munin-node log level to warning ( #1330 )
2018-01-19 12:00:44 -05:00
Joshua Tauberer
b5c0736d27
release v0.26
2018-01-18 17:10:23 -05:00
Joshua Tauberer
8ee7de6ff3
no need to do a second apt-get update after 'installing' the PHP7 PPA if the PPA was already installed
2018-01-15 13:28:18 -05:00
Joshua Tauberer
0088fb4553
install Python 3 packages in a virtualenv
...
The cryptography package has created all sorts of installation trouble over the last few years, probably because of mismatches between OS-installed packages and pip-installed packages. Using a virtualenv for all Python packages used by the management daemon should make sure everything is consistent.
See #1298 , see #1264 .
2018-01-15 13:27:04 -05:00
Joshua Tauberer
b2d103145f
remove php5 packages from webmail.sh
...
The PHP5 packages have a dependency on (apache2 or php5-cgi or php5-fpm), and since removing php5-fpm apache2 started getting installed during setup, which caused a conflict with nginx of course.
These packages don't seem to be needed by Roundcube or Nextcloud --- Roundcube includes the ones it needs.
see #1264 , #1298
2018-01-15 11:29:12 -05:00
Joshua Tauberer
e924459140
revert f25801e/#1233 - use Mozilla intermediate ciphers for IMAP/POP not modern ciphers
...
fixes #1300
2017-12-24 14:41:41 -05:00
Michael Kroes
a0e603a3c6
Change z-push to use the git repository instead of the tar ball ( #1305 )
2017-12-23 17:51:18 -05:00
sam-banks
88604074d6
Bugfix for free command ( #1278 )
...
A quick fix - there's no "o" option for free.
2017-12-18 08:21:28 -05:00
yeah
d43111eb48
Add X-Spam-Score header to checked mail ( #1292 )
...
To enable users to do custom spam filtering based on score, it's helpful to render the actual spam score as a float in a separate header rather than as part of X-Spam-Status where it only appears in a comma separated list.
2017-12-18 08:17:47 -05:00
Jim Bailey
6729588d8c
Changed temp_dir to /var/temp/roundcube to avoid loss on reboot. ( #1302 )
2017-12-18 08:12:45 -05:00
Joshua Tauberer
5f14eca67f
merge v0.25 security release
2017-11-15 11:27:30 -05:00
Joshua Tauberer
8944cd7980
v0.25
2017-11-15 11:27:00 -05:00
yeah
2bbbc9dfa3
Update Roundcube to protect against CVE-2017-16651
...
See https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10 .
merges #1287
2017-11-15 11:14:21 -05:00
Joshua Tauberer
f080eabb3a
run apt-get autoremove after updating system packages
...
Old kernels can build up and some packages may not be needed anymore.
See https://discourse.mailinabox.email/t/storage-space-decreasing/2525/5 .
2017-11-15 11:05:43 -05:00
Michael Kroes
e5448405ae
add php7.0-mbstring to webmail.sh ( #1268 )
2017-10-15 07:53:01 -04:00
Tristan Hill
a7eff8fb35
turn off apt verbose in unattended upgrades ( #1255 )
2017-10-06 08:16:40 -04:00
Joshua Tauberer
f25801e88d
Merge #1233 - Limit Dovecot ciphers to the Mozilla modern set
2017-10-03 11:55:16 -04:00
Joshua Tauberer
00898b2ff5
v0.24
2017-10-03 10:49:04 -04:00
Joshua Tauberer
d0423afd18
Nextcloud install shouldn't fail if php-fpm isn't already running
2017-09-22 11:10:48 -04:00
Joshua Tauberer
edf42df835
update Roundcube (1.3.1), persistent login plugin, Z-Push (2.3.8), and Nextcloud (12.0.3)
2017-09-22 11:10:40 -04:00
Joshua Tauberer
734745a4a6
Nextcloud 12.0.2, fix Nextcloud 12 upgrades seeing the wrong version
...
Nextcloud 12 adds a new OC_VersionCanBeUpgradedFrom field to /usr/local/lib/owncloud/version.php which lists
prior NC/OC version numbers, which confuses our check for what the installed version is. Make our regex more strict.
merges #1238
2017-09-01 07:58:07 -04:00
dofl
dbebaba8b9
switch PHP's process manager to on demand
...
merges #1216
2017-08-30 13:39:25 -04:00
Lloyd Smart
81258e2189
Implement upstream issue #1228 for stronger dh parameters in Dovecot. ( #1232 )
2017-08-30 13:04:22 -04:00
Lloyd Smart
4dd4b4232a
Limited ciphers to the Mozilla modern set from https://mozilla.github.io/server-side-tls/ssl-config-generator/ as requested in issue #1228 .
2017-08-29 15:02:58 +01:00
Michael Kroes
a52c56e571
only set the CN field when generating initial CSR to prevent issues with the php7 ppa version of openssl ( #1223 )
...
OpenSSL 1.1.0f now validates the other subject fields and rejects the empty string (for the country?) because it isn't two characters.
2017-07-30 08:11:39 -04:00
yodax
d773140502
Update to Nextcloud 12 using PHP7
...
* Install PHP7 via a PPA, enable unattended upgrades for the PPA, and switch all of our PHP configuration to the PHP7 install.
* Keep installing PHP5 for ownCloud/Nextcloud packages because we need it to possibly run transitional updates to ownCloud/Nextcloud versions less than 12. But replace PHP5 packages with PHP7 packages elsewhere.
* Update to Nextcloud 12 which requires PHP7, with a transitional upgrade to Nextcloud 11.0.3.
* Disable TLS cert validation by Roundcube when connecting to localhost IMAP and SMTP. Validation became the default in PHP7 but we don't necessarily have a (non-self-)signed certificate and it definitely isn't valid for the IP address 127.0.0.1.
Merges #1140
2017-07-14 06:48:22 -04:00
Joshua Tauberer
2bd6cc4d6b
update to Z-Push 2.3.7
2017-07-10 18:01:21 -04:00
Joshua Tauberer
b11157e0b6
updated to Roundcube 1.3, but unfortunately dropping the vacation plugin
...
Switched to the -complete download which has vendored assets. See https://github.com/mail-in-a-box/mailinabox/pull/1140 .
2017-07-10 17:31:59 -04:00
Joshua Tauberer
4c36d6e6c9
release v0.23a
2017-05-31 07:42:18 -04:00
Michael Kroes
e49c99890b
fetch whole bootstrap - fixes missing icons in admin ( #1185 )
2017-05-31 07:36:17 -04:00
Joshua Tauberer
a13fd90347
v0.23
2017-05-30 06:50:42 -04:00
Git Repository
18f1689f45
changed the location we store the web-assets for the admin pages to /usr/local/mailinabox ( #1179 )
2017-05-23 19:22:53 -04:00
Git Repository
8234a5a9f4
download jQuery and Bootstrap during setup and serve locally so that we don't rely on a CDN which is blocked in some parts of the world ( #1167 ) ( #1171 )
2017-05-08 07:25:16 -04:00
Michael Kroes
1d9f9ea617
Fix two typos in setup/owncloud.sh regarding the setting of the hostname ( #1172 )
2017-05-08 07:23:59 -04:00
Git Repository
2caddb41eb
#1161 Move the config line for mail_domain to always reset the PRIMARY_HOST ( #1163 )
2017-05-06 08:18:50 -04:00
Michael Kroes
68ebca8a15
Update Z-Push to 2.3.6 ( #1166 )
2017-04-30 07:24:36 -04:00
Joshua Tauberer
0c4c2e51bb
bump to Nextcloud 10.0.5
2017-04-24 17:31:54 -04:00
Michael Kroes
416dbebf45
update z-push to 2.3.5 on the upstream repository z-push.org ( #1153 )
2017-04-17 07:42:44 -04:00
Git Repository
2a046a22f4
changed roundcube theme to 'larry' ( #1138 )
...
Updated the setup file to use roundcube's 'larry' theme as the default.
2017-04-17 07:29:50 -04:00