Joshua Tauberer
|
46f3d05034
|
add the network checks to whats_next
* zen.spamhaus.org
* dbl.spamhaus.org
* checks if a connection to Google's MTA on port 25 works
|
2014-08-19 11:16:49 +00:00 |
Joshua Tauberer
|
91821adfd7
|
nameserver checks should be case insensitive
|
2014-08-18 22:41:27 +00:00 |
Joshua Tauberer
|
b30d7ad80a
|
web-based administrative UI
closes #19
|
2014-08-17 22:46:06 +00:00 |
Joshua Tauberer
|
919a5a8f0b
|
whats_next: when there are multiple responses like for NS records sort the responses so we can compare to a fixed order
|
2014-08-17 19:55:03 +00:00 |
Joshua Tauberer
|
e625a424fd
|
whats_next: check that the TLSA record is correct, fixes #139
|
2014-08-13 19:42:49 +00:00 |
Joshua Tauberer
|
6d4fab1e6a
|
whats_next: offer DNSSEC DS parameters rather than the full record and in validation allow for other digests than the one we suggest using
fixes #120 (hopefully), in which Gandi generates a SHA1 digest but we were only checking against a SHA256 digest
Also see http://discourse.mailinabox.email/t/how-to-set-ds-record-for-gandi-net/24/1 in which a user asks about the DS parameters that Gandi asks for.
|
2014-08-01 12:15:05 +00:00 |
Joshua Tauberer
|
8042ab66ac
|
dont serve web for domains with custom DNS records that point A/AAAA elsewhere, and in whats_next only check that an A record exists on a domain if we are serving web on the domain
|
2014-07-20 15:23:17 +00:00 |
Joshua Tauberer
|
eac349187d
|
whats_next: move the admin alias check to the system section
|
2014-07-16 09:36:56 -04:00 |
Joshua Tauberer
|
41b3df6d78
|
manage hostmaster@ and postmaster@ automatically, create administrator@ during setup instead
closes #94
|
2014-07-09 19:30:17 +00:00 |
Joshua Tauberer
|
22a010ecb9
|
say that certificates are valid too in output
|
2014-07-09 16:38:56 +00:00 |
Joshua Tauberer
|
6c70b10c15
|
tell users to restart nginx after plugging in a new cert
|
2014-07-09 14:05:59 +00:00 |
Joshua Tauberer
|
04e30ffa78
|
check that the installed certificate corresponds to the private key
|
2014-07-08 15:47:54 +00:00 |
Joshua Tauberer
|
59a9d02fa5
|
check that installed certificates are for the domains we are using the certificates for
|
2014-07-07 12:06:11 +00:00 |
Joshua Tauberer
|
65fb65ada7
|
an mx record may be missing if the A record matches the A record of PRIMARY_HOSTNAME
|
2014-07-07 02:35:45 +00:00 |
Joshua Tauberer
|
28e254fb84
|
whats_next: Allow the PRIMARY_HOSTNAME to not have an MX because the default value means the domain itself, which is what we want anyway
|
2014-07-07 02:35:45 +00:00 |
Joshua Tauberer
|
e898cd5d2a
|
whats_next: wrap output to the actual width of the terminal
|
2014-07-07 02:35:45 +00:00 |
Joshua Tauberer
|
6a231d4409
|
clarify that an SSL cert can remain self-signed on the non-primary domains if the domain isn't being used for web
|
2014-07-07 02:35:45 +00:00 |
Joshua Tauberer
|
fed5959288
|
s/PUBLIC_HOSTNAME/PRIMARY_HOSTNAME/ throughout
|
2014-06-30 09:15:36 -04:00 |
Joshua Tauberer
|
1dec8c65ce
|
move the SSH password login check into whats_next.py (it used to be in start.sh and then moved to an unused script when it became a problem for Vagrant)
|
2014-06-23 19:39:20 +00:00 |
Joshua Tauberer
|
d4ce50de86
|
new tool to purchase and install a SSL certificate using Gandi.net's API
|
2014-06-23 10:53:29 +00:00 |
Joshua Tauberer
|
30c416ff6e
|
rename the new checklist script to whats_next.py
|
2014-06-23 00:11:24 +00:00 |