external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-03 00:07:05 +00:00
Code Issues Releases Wiki Activity
2,796 Commits 6 Branches 85 Tags 43 MiB
271a04333d
Commit Graph

56 Commits

Author SHA1 Message Date
downtownallday
0aa7050221 Merge remote-tracking branch 'upstream/main' into merge-upstream 
# Conflicts:
#	management/status_checks.py
#	setup/webmail.sh
 2024-12-22 10:22:53 -05:00
Tomasz Stanczak
0d7388899c
Allow DSA end EllipticCurve private keys to be used additionally to RSA for HTTPS certificates (#2416) 
Co-authored-by: Tomasz Stanczak <tomasz@cocoturtle.com>
 2024-12-22 07:59:58 -05:00
downtownallday
196f5588cc eliminate the use of deprecated utcnow() 2024-10-07 09:51:56 -04:00
downtownallday
446f144821 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 
# Conflicts:
#	README.md
#	management/mailconfig.py
#	setup/mail-users.sh
 2024-07-21 17:29:08 -04:00
Viktor Szépe
cd959bc522
Fix typos (#2406) 2024-07-21 07:01:25 -04:00
downtownallday
d349150dd0 Merge remote-tracking branch 'upstream/main' into merge-upstream 
# Conflicts:
#	.gitignore
#	management/auth.py
#	management/daemon.py
#	management/mail_log.py
#	management/mailconfig.py
#	management/mfa.py
#	management/ssl_certificates.py
#	management/status_checks.py
#	management/utils.py
#	management/web_update.py
#	setup/mail-postfix.sh
#	setup/migrate.py
#	setup/preflight.sh
#	setup/webmail.sh
#	tests/test_mail.py
#	tools/editconf.py
 2024-03-12 07:41:14 -04:00
Teal Dulcet
15bddcbc39 Fixed RUF010 (explicit-f-string-type-conversion): Use explicit conversion flag 2024-03-10 07:56:49 -04:00
Teal Dulcet
c719fce40a Fixed UP032 (f-string): Use f-string instead of format call 2024-03-10 07:56:49 -04:00
Teal Dulcet
d661d623dc Fixed RUF017 (quadratic-list-summation): Avoid quadratic list summation 2024-03-10 07:56:49 -04:00
Teal Dulcet
f621789298 Fixed SIM118 (in-dict-keys): Use key in dict instead of key in dict.keys() 2024-03-10 07:56:49 -04:00
Teal Dulcet
57d05c1ab2 Fixed B007 (unused-loop-control-variable) 2024-03-10 07:54:51 -04:00
Teal Dulcet
e8d1c037cb Fixed SIM102 (collapsible-if): Use a single if statement instead of nested if statements 2024-03-10 07:54:51 -04:00
Teal Dulcet
3d72c32b1d Fixed W605 (invalid-escape-sequence) 2024-03-10 07:54:51 -04:00
Teal Dulcet
14a5613dc8 Fixed UP031 (printf-string-formatting): Use format specifiers instead of percent format 2024-03-10 07:54:51 -04:00
Teal Dulcet
13b38cc04d Fixed F841 (unused-variable) 2024-03-10 07:54:51 -04:00
Teal Dulcet
dd61844ced Fixed EM101 (raw-string-in-exception): Exception must not use a string literal, assign to variable first 2024-03-10 07:54:51 -04:00
Teal Dulcet
49124cc9ca Fixed PLR6201 (literal-membership): Use a set literal when testing for membership 2024-03-10 07:54:51 -04:00
Teal Dulcet
0ee64f2fe8 Fixed F401 (unused-import) 2024-03-10 07:54:21 -04:00
downtownallday
da2d88e4f4 Fix invalid escape sequences 2024-03-05 08:56:39 -05:00
downtownallday
190d7195d3 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 
The roundcube password plugin is not disabled.

# Conflicts:
#	management/utils.py
#	setup/start.sh
#	setup/system.sh
#	setup/webmail.sh
#	tools/editconf.py
 2023-01-15 20:35:08 -05:00
Hugh Secker-Walker
820a39b865
chore(python open): Refactor open and gzip.open to use context manager (#2203) 
Co-authored-by: Hugh Secker-Walker <hsw+miac@hodain.net>
 2023-01-15 08:28:43 -05:00
downtownallday
bf63ca827e Add copyright to source files 2022-09-19 14:45:11 -04:00
Joshua Tauberer
ab71abbc7c Update to latest cryptography Python package, add missing source at top of management.sh so it can run standalone (needs STORAGE_ROOT) 2022-07-28 14:42:51 -04:00
downtownallday
c135bf1f77 Merge branch 'jammyjellyfish2204' of https://github.com/mail-in-a-box/mailinabox into jammyjellyfish2204 
# Conflicts:
#	CHANGELOG.md
#	README.md
#	conf/nginx-top.conf
#	management/backup.py
#	setup/bootstrap.sh
#	setup/management.sh
#	setup/nextcloud.sh
#	setup/system.sh
#	setup/web.sh
#	setup/webmail.sh
#	setup/zpush.sh
#	tests/test_mail.py
 2022-06-21 23:58:17 -04:00
Joshua Tauberer
a6ae0e6da1 Update to latest cryptography Python package, add missing source at top of management.sh so it can run standalone (needs STORAGE_ROOT) 2022-06-19 07:31:07 -04:00
downtownallday
9057c12c38 Merge branch 'master' of https://github.com/mail-in-a-box/mailinabox 2020-10-16 21:07:36 -04:00
David Duque
8b166f3041
Display certificate expiry dates in ISO format (#1841) 2020-10-16 16:22:36 -04:00
downtownallday
640048db04 Merge branch 'master' into ldap 2020-05-29 17:11:39 -04:00
Joshua Tauberer
37dad9d4bb Provision certificates from Let's Encrypt grouped by DNS zone 
Folks didn't want certificates exposing all of the domains hosted by the server (although this can already be found on the internet).

Additionally, if one domain fails (usually because of a misconfiguration), it would be nice if not everything fails. So grouping them helps with that.

Fixes #690.
 2020-05-29 15:38:18 -04:00
downtownallday
1f0d2ddb92 Issue #1340 - LDAP backend for accounts 
This commit will:

1. Change the user account database from sqlite to OpenLDAP
2. Add policyd-spf to postfix for SPF validation
3. Add a test runner with some automated test suites

Notes:

User account password hashes are preserved.

There is a new Roundcube contact list called "Directory" that lists the users in LDAP (MiaB users), similar to what Google Suite does.

Users can still change their password in Roundcube.

OpenLDAP is configured with TLS, but all remote access is blocked by firewall rules. Manual changes are required to open it for remote access (eg. "ufw allow proto tcp from <HOST> to any port ldaps").

The test runner is started by executing tests/runner.sh. Be aware that it will make changes to your system, including adding new users, domains, mailboxes, start/stop services, etc. It is highly unadvised to run it on a production system!

The LDAP schema that supports mail delivery with postfix and dovecot is located in conf/postfix.schema. This file is copied verbatim from the LdapAdmin project (GPL, ldapadmin.org). Instead of including the file in git, it could be referenced by URL and downloaded by the setup script if GPL is an issue or apply for a PEN from IANA.

Mangement console and other services should not appear or behave any differently than before.
 2020-01-17 17:03:21 -05:00
Joshua Tauberer
2f467556bd new ssl cert provisioning broke if a domain doesnt yet have a cert, fixes #1392 2018-07-19 11:40:49 -04:00
Joshua Tauberer
2a72c800f6 replace free_tls_certificates with certbot 2018-06-29 16:46:21 -04:00
Joshua Tauberer
8be23d5ef6 ssl_certificates: reuse query_dns function in status_checks and simplify calls by calling normalize_ip within query_dns 2018-06-29 16:46:21 -04:00
Joshua Tauberer
ef6f121491 when generating a CSR in the control panel, don't set empty attributes 
Same as in a52c56e571.

Fixes #1338.
 2018-01-28 09:07:54 -05:00
Joshua Tauberer
0088fb4553 install Python 3 packages in a virtualenv 
The cryptography package has created all sorts of installation trouble over the last few years, probably because of mismatches between OS-installed packages and pip-installed packages. Using a virtualenv for all Python packages used by the management daemon should make sure everything is consistent.

See #1298, see #1264.
 2018-01-15 13:27:04 -05:00
Joshua Tauberer
add985ce5d letencrypt now supports idna, remove the check/block 2017-04-17 07:45:08 -04:00
Joshua Tauberer
a081d04082 move the custom exclusive process code from utils.py into a new python package named exclusiveprocess 2017-01-15 11:02:23 -05:00
Jonathan Chun
584cfe42c4 compare IPv6 addresses correctly with normalization (#1052) 2017-01-15 10:41:12 -05:00
Joshua Tauberer
cd717ec94e nightly TLS certificate provisioning should omit warnings about domains it cant provision for 2016-12-07 07:02:52 -05:00
Joshua Tauberer
c26bc841a2 more for dnspython exception with IPv6 addresses 
fixes #945, corrects prev commit (#947) in case of multiple AAAA records, adds changelog
 2016-09-23 07:41:24 -04:00
Mathis Hoffmann
163daea41c dnspython exception with IPv6 addresses 
see #945, merges #947
 2016-09-23 07:35:53 -04:00
Joshua Tauberer
49ea9cddd1 ssl_certificates: also forgot to catch free_tls_certificates.client.RateLimited 2016-03-06 14:39:34 -05:00
Joshua Tauberer
36cb2ef41d missing elif 2016-02-16 09:11:54 -05:00
Joshua Tauberer
1ba44b02d4 forgot to catch free_tls_certificates.client.ChallengeFailed 
Provisioning could crash if, e.g., the DNS we see is different from the DNS Let's Encrypt sees.

see #695, probably fixes it
 2016-02-15 18:22:16 -05:00
Joshua Tauberer
2f24328608 before the user agrees to Let's Encrypt's ToS the admin could get a nightly email with weird interactive text 
Made a mistake refactoring the headless variable earlier.

fixes #696
 2016-02-13 12:38:16 -05:00
Joshua Tauberer
faaa74c3a7 tls: hide extra reasons why domains aren't getting a new certificate during setup 2016-01-14 07:21:08 -05:00
Joshua Tauberer
2882e63dd8 second part of provisioning tls certificates from the control panel 2016-01-04 18:43:17 -05:00
Joshua Tauberer
b8d6226a9a when provisioning tls certs from the command line, specify domain names as command line arguments to force getting certs for those domains 2016-01-04 18:43:17 -05:00
Joshua Tauberer
bac15d3919 provision tls certificates from the control panel 2016-01-04 18:43:16 -05:00
Joshua Tauberer
4b4f670adf s/SSL/TLS/ in user-visible text throughout the project 2016-01-04 18:43:16 -05:00