external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-03 00:07:05 +00:00
Code Issues Releases Wiki Activity
2,796 Commits 6 Branches 85 Tags 43 MiB
271a04333d
Commit Graph

48 Commits

Author SHA1 Message Date
downtownallday
f98d1811c9 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 2024-11-27 10:18:59 -05:00
Downtown Allday
a8d13b84b4
fix: NameError: name 'subprocess' is not defined (#2425) 2024-11-27 08:22:45 -05:00
downtownallday
7e03b651d7 Merge remote-tracking branch 'upstream/main' into merge-upstream 
# Conflicts:
#	management/status_checks.py
 2024-03-23 17:48:50 -04:00
KiekerJan
1a239c55bb
More robust reading of sshd configuration (#2330) 
Use sshd -T instead of directly reading the configuration files
 2024-03-23 11:16:40 -04:00
downtownallday
d349150dd0 Merge remote-tracking branch 'upstream/main' into merge-upstream 
# Conflicts:
#	.gitignore
#	management/auth.py
#	management/daemon.py
#	management/mail_log.py
#	management/mailconfig.py
#	management/mfa.py
#	management/ssl_certificates.py
#	management/status_checks.py
#	management/utils.py
#	management/web_update.py
#	setup/mail-postfix.sh
#	setup/migrate.py
#	setup/preflight.sh
#	setup/webmail.sh
#	tests/test_mail.py
#	tools/editconf.py
 2024-03-12 07:41:14 -04:00
Teal Dulcet
0e9193651d Fixed PLW1514 (unspecified-encoding): open in text mode without explicit encoding argument 2024-03-10 07:56:49 -04:00
Teal Dulcet
c719fce40a Fixed UP032 (f-string): Use f-string instead of format call 2024-03-10 07:56:49 -04:00
Teal Dulcet
d1d3d08d70 Fixed B006 (mutable-argument-default): Do not use mutable data structures for argument defaults 2024-03-10 07:56:49 -04:00
Teal Dulcet
57d05c1ab2 Fixed B007 (unused-loop-control-variable) 2024-03-10 07:54:51 -04:00
Teal Dulcet
c953e5784d Fixed C401 (unnecessary-generator-set): Unnecessary generator (rewrite as a set comprehension) 2024-03-10 07:54:51 -04:00
Teal Dulcet
67b9d0b279 Fixed PLW0108 (unnecessary-lambda): Lambda may be unnecessary; consider inlining inner function 2024-03-10 07:54:51 -04:00
Teal Dulcet
14a5613dc8 Fixed UP031 (printf-string-formatting): Use format specifiers instead of percent format 2024-03-10 07:54:51 -04:00
Teal Dulcet
51dc7615f7 Fixed RSE102 (unnecessary-paren-on-raise-exception): Unnecessary parentheses on raised exception 2024-03-10 07:54:51 -04:00
Teal Dulcet
b7f70b17ac Fixed RET504 (unnecessary-assign) 2024-03-10 07:54:51 -04:00
Teal Dulcet
6bfd1e5140 Fixed W293 (blank-line-with-whitespace): Blank line contains whitespace 2024-03-10 07:54:51 -04:00
Teal Dulcet
cb922ec286 Fixed UP015 (redundant-open-modes): Unnecessary open mode parameters 2024-03-10 07:54:49 -04:00
downtownallday
da0506a1d7 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 
# Conflicts:
#	README.md
 2023-01-29 10:41:53 -05:00
Joshua Tauberer
c77d1697a7 Revert "Improve error messages in the management tools when external command-line tools are run" 
Command line arguments have user secrets in some cases which should not be included in error messages.

This reverts commit 26709a3c1d.

Reported by AK.
 2023-01-28 11:24:38 -05:00
downtownallday
190d7195d3 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox 
The roundcube password plugin is not disabled.

# Conflicts:
#	management/utils.py
#	setup/start.sh
#	setup/system.sh
#	setup/webmail.sh
#	tools/editconf.py
 2023-01-15 20:35:08 -05:00
Joshua Tauberer
26709a3c1d Improve error messages in the management tools when external command-line tools are run 2023-01-15 10:17:10 -05:00
Hugh Secker-Walker
820a39b865
chore(python open): Refactor open and gzip.open to use context manager (#2203) 
Co-authored-by: Hugh Secker-Walker <hsw+miac@hodain.net>
 2023-01-15 08:28:43 -05:00
downtownallday
dae697e6af fix case where value is None 2022-09-21 09:07:23 -04:00
downtownallday
bf63ca827e Add copyright to source files 2022-09-19 14:45:11 -04:00
Joshua Tauberer
b41a0ad80e Drop some hacks that we needed for Ubuntu 18.04 
* certbot's PPA is no longer needed because a recent version is now included in the Ubuntu respository.
* Un-pin b2sdk (reverts 69d8fdef99 and d829d74048).
* Revert boto+s3 workaround for duplicity (partial revert of 99474b348f).
* Revert old "fix boto 2 conflict on Google Compute Engine instances" (cf33be4596) which is probably no longer needed.
 2022-07-28 14:02:46 -04:00
downtownallday
c135bf1f77 Merge branch 'jammyjellyfish2204' of https://github.com/mail-in-a-box/mailinabox into jammyjellyfish2204 
# Conflicts:
#	CHANGELOG.md
#	README.md
#	conf/nginx-top.conf
#	management/backup.py
#	setup/bootstrap.sh
#	setup/management.sh
#	setup/nextcloud.sh
#	setup/system.sh
#	setup/web.sh
#	setup/webmail.sh
#	setup/zpush.sh
#	tests/test_mail.py
 2022-06-21 23:58:17 -04:00
Joshua Tauberer
794d3fb0d8 Drop some hacks that we needed for Ubuntu 18.04 
* certbot's PPA is no longer needed because a recent version is now included in the Ubuntu respository.
* Un-pin b2sdk (reverts 69d8fdef99 and d829d74048).
* Revert boto+s3 workaround for duplicity (partial revert of 99474b348f).
* Revert old "fix boto 2 conflict on Google Compute Engine instances" (cf33be4596) which is probably no longer needed.
 2022-06-19 07:30:24 -04:00
downtownallday
1f0d2ddb92 Issue #1340 - LDAP backend for accounts 
This commit will:

1. Change the user account database from sqlite to OpenLDAP
2. Add policyd-spf to postfix for SPF validation
3. Add a test runner with some automated test suites

Notes:

User account password hashes are preserved.

There is a new Roundcube contact list called "Directory" that lists the users in LDAP (MiaB users), similar to what Google Suite does.

Users can still change their password in Roundcube.

OpenLDAP is configured with TLS, but all remote access is blocked by firewall rules. Manual changes are required to open it for remote access (eg. "ufw allow proto tcp from <HOST> to any port ldaps").

The test runner is started by executing tests/runner.sh. Be aware that it will make changes to your system, including adding new users, domains, mailboxes, start/stop services, etc. It is highly unadvised to run it on a production system!

The LDAP schema that supports mail delivery with postfix and dovecot is located in conf/postfix.schema. This file is copied verbatim from the LdapAdmin project (GPL, ldapadmin.org). Instead of including the file in git, it could be referenced by URL and downloaded by the setup script if GPL is an issue or apply for a PEN from IANA.

Mangement console and other services should not appear or behave any differently than before.
 2020-01-17 17:03:21 -05:00
Joshua Tauberer
a081d04082 move the custom exclusive process code from utils.py into a new python package named exclusiveprocess 2017-01-15 11:02:23 -05:00
Joshua Tauberer
808522d895 merge functions get_web_domains and get_default_www_redirects 2015-11-29 14:46:08 +00:00
Joshua Tauberer
cf33be4596 fix boto 2 conflict on Google Compute Engine instances 
GCE installs some Python-2-only boto plugin that conflicts with boto running under Python 3. It gives a SyntaxError in /usr/share/google/boto/boto_plugins/compute_auth.py (https://github.com/GoogleCloudPlatform/compute-image-packages).

Disabling boto's default configuration file prior to importing boto so that GCE's plugin is not loaded.

See https://discourse.mailinabox.email/t/500-internal-server-error-for-admin/942.
 2015-11-26 14:51:44 +00:00
Joshua Tauberer
c5082498ab utils.py can't import non-standard modules because it is imported by migrate.py, which is run before anything is installed 
closes #540
 2015-08-30 13:50:34 -04:00
Joshua Tauberer
0c9d431a3f major cleanup to adding new version check to the status checks 2015-08-28 12:29:55 +00:00
Norman Stanke
1a525df8ad Add Mail-in-a-Box version status check. 2015-08-28 11:55:21 +00:00
Joshua Tauberer
1900e512f2 improve the sort order of domains - siblings to the primary hostname were not sorted right 2015-07-21 11:25:11 +00:00
Joshua Tauberer
febfa72d60 race condition between backups and status checks - connection refused 
At the end of the backup, wait a bit for dovecot and postfix to finish restarting.

Hopefully fixes #381.
 2015-04-29 21:06:38 +00:00
Joshua Tauberer
06a8ce1c9d in the admin, show user mailbox sizes, fixes #210 2014-10-07 20:24:11 +00:00
Joshua Tauberer
990649af2d in the admin, group users by domain, fixes 209 2014-10-07 19:47:43 +00:00
Joshua Tauberer
b30d7ad80a web-based administrative UI 
closes #19
 2014-08-17 22:46:06 +00:00
Joshua Tauberer
deebda06e1 utils.sort_domains wasn't right 2014-07-09 12:35:12 +00:00
Joshua Tauberer
c8856f107d migrate the SSL certificates path for non-primary certs to a new layout using a new migration script 2014-06-30 20:41:29 +00:00
Joshua Tauberer
fed5959288 s/PUBLIC_HOSTNAME/PRIMARY_HOSTNAME/ throughout 2014-06-30 09:15:36 -04:00
Joshua Tauberer
4668367420 first pass at a management tool for checking what the user must do to finish his configuration: set NS records, DS records, sign his certificates, etc. 2014-06-22 15:54:22 +00:00
Michael Kropat
53e15eae15 Tell Flask to log to syslog 
- Writes Flask warnings and errors to `/var/log/syslog`
- Helps to debug issues when running in production
 2014-06-21 23:25:35 +00:00
Joshua Tauberer
5faa1cae71 manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:55:12 +00:00
Joshua Tauberer
95e61bc110 add DANE TLSA records to the PUBLIC_HOSTNAME's DNS 
Postfix has a tls_security_level called "dane" which uses DNS-Based Authentication of Named Entities (DANE)
to require, if specified in the DNS of the MX host, an encrpyted connection with a known certificate.

This commit adds TLSA records.
 2014-06-19 01:39:27 +00:00
Joshua Tauberer
88709506f8 add DNSSEC 
* sign zones
* in a cron job, periodically re-sign zones because they expire (not tested)
 2014-06-17 22:21:12 +00:00
Joshua Tauberer
cecda9cec5 management: shell out external programs in a more secure way 2014-06-09 08:09:45 -04:00
Joshua Tauberer
89730bd643 new backup script, see #11 2014-06-03 21:16:38 +00:00