1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-11-29 03:27:05 +00:00
Commit Graph

291 Commits

Author SHA1 Message Date
Joshua Tauberer
c75950125d set dovecot default_process_limit and fs.inotify.max_user_instances to better defaults
See https://discourse.mailinabox.email/t/mailserver-limits/228.
2015-01-02 23:25:52 +00:00
Joshua Tauberer
5cf38b950a bump ownCloud to 7.0.4; fixes #283 2014-12-12 01:00:35 +00:00
Joshua Tauberer
be59bcd47d for .fund domains use RSASHA256 DNSSEC keys 2014-12-05 12:03:21 -05:00
Michael Dec
7e36e1fd90 added sudo to the list
not all setups have it and the miab installer depends on it
2014-11-25 15:36:34 +00:00
Joshua Tauberer
3133dcd5a3 release 0.05 2014-11-18 16:52:02 +00:00
Joshua Tauberer
06f2477cfd the new iOS configuration profile also is used on OS X 10.10.1, see #261 2014-11-18 16:32:37 +00:00
Joshua Tauberer
cdaa2c847d [merge] iOS Mobile Configuration Profile 2014-11-14 13:56:18 +00:00
Joshua Tauberer
b04addda9a move the mobileconfig into the conf directory as a plain XML file and handle substitutions and copying to /var in web.sh 2014-11-14 13:52:29 +00:00
Joshua Tauberer
9b9f5abf8f update to ownCloud 7.0.3 2014-11-14 13:35:58 +00:00
Norman
7db80458dd fix description 2014-11-06 15:42:22 +01:00
Norman
5775cab175 various fixes 2014-11-06 15:33:08 +01:00
Norman
c872e6a9f0 iOS Configuration Profile
change name

removed .vagrant

fix guide layout
2014-11-05 18:42:04 +01:00
fpgaminer
f797eecaca Fix typo in zpush.sh comment 2014-11-04 19:53:24 -08:00
Joshua Tauberer
de0ccd0632 [merge] Disable encapsulation of spam and marking of it as seen
is #254 plus a longer comment, fixes #243
2014-10-31 12:15:58 +00:00
David Piggott
be9d97902f Disable encapsulation of spam and marking of it as seen 2014-10-28 15:15:21 +00:00
Joshua Tauberer
d790cae0e2 DNSSEC: use RSASHA256 for the .guide tld too 2014-10-23 17:03:23 +00:00
David Piggott
3ff74c8dc5 Add source line so dkim should actually work when run separately 2014-10-20 21:33:20 +01:00
David Piggott
e997114d6e Add shebangs to enable running dkim and webmail scripts separately 2014-10-20 21:26:14 +01:00
Joshua Tauberer
e9aecba4df update to roundcube 1.0.3, and really update
Updating existing installed was broken. The new roundcube would be copied into a subdirectory of /usr/local/lib/roundcubemail.

Also fixes the image thumbnail issue raised on the forum (https://discourse.mailinabox.email/t/roundcube-thumbnails-not-showing/136), see http://trac.roundcube.net/wiki/Changelog.
2014-10-20 12:48:15 +00:00
Joshua Tauberer
6585384daa bring the max outgoing mail size via webmail and z-push in line with the limit set in postfix: 128 MB
The limit was previously the nginx default (2MB?).

fixes #236
2014-10-16 22:11:10 +00:00
Joshua Tauberer
8902e9d1fc bump bootstrap to incoming v0.04 tag 2014-10-15 12:33:20 -04:00
Joshua Tauberer
df5df18820 fixes for bootstrap.sh for upgrading
* `git fetch` wasn't done right for shallow clones
* the test for whether mailinabox has already been cloned wasn't looking at the right directory if the script was not run from $HOME
2014-10-15 12:22:48 -04:00
Joshua Tauberer
0b5bf602aa various improvements in bash comments 2014-10-15 11:46:20 -04:00
Joshua Tauberer
06e074bd32 disable SSLv3 in dovecot now that it is known to be insecure (POODLE)
SSLv3 is already disabled in Postfix (45e93f7dcc) and Nginx (51dd2ed70b).
2014-10-15 15:39:05 +00:00
Joshua Tauberer
495790d81d still didn't get the permissions right, chmod must follow sa-learn's initial creation of files
see #231, #201, b26abc947e, 7ca54a2bfb, dfe0a9f187
2014-10-12 18:05:04 +00:00
Joshua Tauberer
dfe0a9f187 clean up setup/spamassassin.sh 2014-10-12 17:57:04 +00:00
Joshua Tauberer
7ca54a2bfb give dovecot antispam plugin's sa-learn-pipe script permission to write to the bayes files
see #231, #201, b26abc947e.
2014-10-12 17:57:04 +00:00
David Piggott
b26abc947e Change owner of spamassassin directory from mail to spampd, closes #231 2014-10-11 18:00:22 +01:00
Joshua Tauberer
2f4eccd9a9 add 'source /etc/mailinabox.conf' to dns.sh so it can be run separately 2014-10-08 12:48:43 +00:00
Joshua Tauberer
8566b78202 drop webfinger, see #95 2014-10-07 20:30:36 +00:00
Joshua Tauberer
711db9352c bootstrap: apt was mangling stdin
When executed "cat bootstrap.sh | bash", apt-get mangled stdin. The script would terminate at the end of the if block containing apt-get (that seems to be as much as bash read from the pipe) and the remainder of the script was output to the console. This was very weird.

Ensuring that apt-get and git have their stdins redirected from /dev/null seems to fix the problem.

see #224
2014-10-05 13:40:12 -04:00
Joshua Tauberer
7c2092d48f remove apache before installing nginx, see #224 2014-10-05 09:01:20 -04:00
Joshua Tauberer
5fd107cae5 more work on making the bash scripts readable 2014-10-04 17:57:26 -04:00
Joshua Tauberer
db0967446b remove unnecessary sudos 2014-10-04 14:06:08 -04:00
Joshua Tauberer
2ff5038c84 replace '.' with 'source' 2014-10-04 14:05:06 -04:00
Joshua Tauberer
4ae76aa2dd dnssec: use RSASHA256 keys for .email domains 2014-10-04 17:29:42 +00:00
h8h
ba33669a62 generate the locales before change to it.
For my german box changing the locale failed:
´´´´/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
setup/functions.sh: line 6: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)´´´´

see #206 and 4e6d572de9
closes #220
commit modified by joshdata
2014-10-02 11:05:42 +00:00
Joshua Tauberer
94c4352f45 Merge branch 'jmar71n-master' - site-wide bayesean spam filtering 2014-09-27 16:18:55 +00:00
Joshua Tauberer
6dd6353d41 move sa-learn-pipe.sh from /usr to /usr/local 2014-09-27 16:18:40 +00:00
Joshua Tauberer
d06bfa6c1b tweak the site-wide bayesian spam filtering config 2014-09-27 16:18:36 +00:00
Joshua Tauberer
698ae03505 catch-all addresses should not have precedence over mail users
Aliases have precedence over mail users. A catch-all address would grab mail intended for a mail user and send it elsewhere. This adds some SQL hackery to create dummy aliases for all mail users.

fixes #200
closes #214 another way
2014-09-27 13:32:10 +00:00
Joshua Tauberer
a4c70f7a92 revert dovecot part of 39bca053ed because dovecot started behaving weird and I don't have time to debug it 2014-09-26 22:41:59 +00:00
Joshua Tauberer
39bca053ed add 2048 bits of DH params for nginx, postfix, dovecot
nginx/postfix use a new pre-generated dh2048.pem file. dovecot generates the bits on its own.

ssllabs.com reports that TLS_DHE ciphers went from 1024 to 2048 bits as expected. The ECDHE ciphers remain at 256 bits --- no idea what that really means. (This tests nginx only. I haven't tested postfix/dovecot.)

see https://discourse.mailinabox.email/t/fips-ready-for-ssl-dhec-key-exchange/76/3
2014-09-26 22:09:22 +00:00
Joshua Tauberer
c2eb8e5330 typo in roundcube download URL
see 8e0967dd8e (commitcomment-7940724)
2014-09-26 14:26:45 +00:00
Joshua Tauberer
4e6d572de9 ensure Python operates in UTF-8 with a consistent locale for all users
fixes #206 (hopefully)
2014-09-26 08:26:09 -04:00
Joshua Tauberer
5714b3c6b7 bump bootstrap.sh to incoming 0.03 tag 2014-09-24 12:48:15 +00:00
Joshua Tauberer
8e0967dd8e if an earlier version of roundcube had already been installed, update to our target version
fixes #195
2014-09-24 12:46:51 +00:00
Joshua Tauberer
ed8fb2d06d the latest z-push introduces a new/second USE_FULLEMAIL_FOR_LOGIN parameter
see http://discourse.mailinabox.email/t/activesync-z-push-not-working/94/3
2014-09-24 12:24:35 +00:00
Joshua Tauberer
8c8d9304ac lock z-push to a particular upstream version by fmbiete/Z-Push-contrib commit hash 2014-09-24 12:20:10 +00:00
Joshua Tauberer
c1ccd22531 put a start script at /usr/local/bin/mailinabox 2014-09-22 16:37:12 -04:00
Joshua Tauberer
01c964bfe3 update bootstrap.sh for next tag 2014-09-22 16:35:07 -04:00
Joshua Tauberer
6c59294e7b more readable bash 2014-09-21 16:05:11 -04:00
Joshua Tauberer
9d40a12f44 first pass at making readable documentation by parsing the bash scripts 2014-09-21 13:43:31 -04:00
jmar71n
b5bb12d0d2 enable site-wide bayesian filtering
Create directory in $STORAGE_ROOT for bayes database.

Added --username arg to sa-learn as the user mail does not have permission to edit files in $STORAGE_ROOT. There is probably a better solution to this...
2014-09-20 16:07:30 +01:00
Joshua Tauberer
dd91553689 open the firewall to an alternative SSH port if set
https://discourse.mailinabox.email/t/opening-up-a-custom-port-for-ssh-after-install/55/2
2014-09-20 08:26:10 -04:00
Joshua Tauberer
98651deea4 python3-dev is a dependency for many pip packages, including pyyaml, fixes #196 2014-09-17 21:56:09 +00:00
Bretos
467f04facb update roundcube version 2014-09-10 12:32:32 +02:00
Joshua Tauberer
7ea956d3bc install network-checks's dependencies
Since it runs before the real setup begins, we must make sure that packages are installed.

Also removing bind9-host's installation from system.sh. In 189dd6000e I added this so we could use `host`
to aid Docker autoconfiguration. Docker support was since removed but this hadn't gotten removed, which lead me to think it was
normally installed by Ubuntu. It's now installed in `network-checks.sh`.

fixes #180
2014-09-07 12:29:23 +00:00
Joel Kåberg
6b13ac1ca9 Support more concurrent connections 2014-09-04 16:40:33 +02:00
Joel Kåberg
9fd6958dc2 Revert commit "Support more concurrent connections for z-push" 2014-09-04 16:39:38 +02:00
Joel Kåberg
e434bf9fce Support more concurrent connections for z-push
My logs were showing lots of: 
[04-Sep-2014 15:52:41] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it
2014-09-04 16:11:06 +02:00
Joshua Tauberer
3853e8dd93 show the status of backups in the control panel 2014-09-01 13:06:53 +00:00
Joshua Tauberer
4ec6692f21 showing the mail-in-a-box version might fail if git isn't actually installed
The user might acquire the sources via some means other than a git clone. On Vagrant, the files come in via Vagrant. So test for git before running `git describe`.
2014-09-01 07:51:25 -04:00
Joel Kåberg
7603ce0489 this is what I meant 2014-09-01 10:32:44 +02:00
Joel Kåberg
8b2fed1a2a fixes comments by @JoshData 2014-09-01 10:02:46 +02:00
Joel Kåberg
ee244386ed update ownCloud if necessary
this will always download the latest ownCloud and upgrade if ownCloud install dir exist, this apphroach allows us to keep existing user plugins. currently not checking if currently installed version is equal to the one we're downloading as I couldn't find a proper solution for that
2014-08-31 20:34:57 +02:00
Joshua Tauberer
cfffb38508 link-local IPv6 addresses need a '%interface' specification to be useful 2014-08-31 08:09:13 -04:00
Joshua Tauberer
24ff0e04b1 output/text tweaks 2014-08-27 14:42:00 +00:00
Joshua Tauberer
10a37cd033 add SSHFP records to DNS 2014-08-27 12:59:40 +00:00
Joshua Tauberer
8586723e70 Merge pull request #168 from hjjg/feature-localehandling1
locale-safe check if we have enough memory installed
2014-08-27 07:41:49 -04:00
Joshua Tauberer
da2af2ea5c once the user has a signed SSL cert, simplify the message at the end of setup 2014-08-27 02:37:03 +00:00
Joshua Tauberer
6a311ee7d9 show the tag or commit the user is on in the output to aid debugging when a user posts the output somewhere 2014-08-27 02:37:03 +00:00
Helmuth Gronewold
756ba111a3 Also swith blocksize and count at the owncloud-specific key generation to ensure get as much bytes as you wanted. 2014-08-26 22:22:43 +02:00
Helmuth Gronewold
ab3d205ef6 Switch blocksize and count when reading from urandom with dd, to prevent getting fewer bytes for the secret key. 2014-08-26 22:16:31 +02:00
Joshua Tauberer
c0f4618bef normalize some whitespace 2014-08-26 07:13:47 -04:00
Joshua Tauberer
245864caac bug in the IPV6 question 2014-08-26 10:34:22 +00:00
Helmuth Gronewold
3774f589c8 locale-safe check if we have enough memory installed 2014-08-25 23:36:55 +02:00
Joshua Tauberer
d1c7617cdb Merge branch 'master' into usedialog 2014-08-25 08:26:59 -04:00
Joshua Tauberer
ea32af1f0e Merge commit 'b0d6473c3c6748a68f4845324fee13f3153bc18f' into usedialog
Conflicts:
	setup/start.sh (changes are in questions.sh now)
2014-08-25 08:26:39 -04:00
Joshua Tauberer
c18200d9b1 Merge commit '09d2a08ce620928d0398068197951e5acebca0f0' into usedialog
Conflicts:
	setup/start.sh (change was already applied)
2014-08-25 08:23:28 -04:00
Joshua Tauberer
bf5016a8ac bootstrap.sh: allow overring the tag to checkout by setting the TAG environment variable (helpful for debugging) 2014-08-25 08:18:46 -04:00
Joshua Tauberer
e0dc8ff04a when deleting my old /usr/local/bin/mailinabox-exchange-autodiscover.php file from existing systems, don't emit an error if the file doesn't exist (added -f) 2014-08-25 08:10:54 -04:00
Joshua Tauberer
faf6f87a63 move the user-interactive questions and other parts of start.sh into new files 2014-08-25 08:09:37 -04:00
Joshua Tauberer
4ed69cbae5 replace '-t 0' test with an environment variable since '-t 0' is false when standard input has been redirected and doesn't tell us whether or not we can use dialog for input, but Vagrant must be non-interactive 2014-08-25 07:54:11 -04:00
Joshua Tauberer
28231ac248 Merge pull request #150 from hjjg/secretkeyfix
The secret key that encrypts the backups should not be world readable.
2014-08-24 17:21:38 -04:00
Helmuth Gronewold
90c7655d82 Fix wrong permissions of backup secret. Pyhton 3 needs octal permissions. 2014-08-24 21:27:39 +02:00
Joshua Tauberer
6e3b04ce83 when generating SSL CSRs, using SHA256 as SHA1 is being phased out, per @konklone 2014-08-23 17:49:33 -04:00
Joshua Tauberer
b0d6473c3c Merge branch 'box-in-a-name' of github.com:hjjg/mailinabox 2014-08-23 12:43:47 +00:00
Joshua Tauberer
03bbd25a10 re-do allow apt to perform security updates on its own
Move this into system.sh rather than anagement.sh.

This reverts commit eab28c97ff.
2014-08-23 12:35:59 +00:00
Helmuth Gronewold
ff8413a622 Better handling of hostname and email address recommendation. 2014-08-23 08:51:18 +02:00
Helmuth Gronewold
ee9552734f Fix permissions of backup secret according to Josh's comment at
https://github.com/mail-in-a-box/mailinabox/pull/150#issuecomment-53120156
2014-08-22 23:23:56 +02:00
Helmuth Gronewold
a68fd6429f The secret key that encrypts the backups should not be world readable. 2014-08-22 22:55:34 +02:00
Joshua Tauberer
f7c7d5b9c3 Merge pull request #146 from ls42/zpush/auto-timezone
Read timezone from /etc/timezone.
2014-08-21 17:21:47 -04:00
Christian Koptein
09d2a08ce6 Typo in introduction 2014-08-21 21:51:54 +02:00
Joshua Tauberer
9576594cfe bootstrap script should check out a particular tag rather than master 2014-08-21 17:28:20 +00:00
Joshua Tauberer
76dcab3139 now that we use dialog for input we can pipe the bootstrap script to bash 2014-08-21 17:28:12 +00:00
Joshua Tauberer
7e8e104964 when asking for a CSR country code, give the user a list 2014-08-21 17:28:04 +00:00
Joshua Tauberer
7ea4d33e06 simplify the input_box function 2014-08-21 16:01:12 +00:00
Joshua Tauberer
eab28c97ff allow apt to perform security updates on its own 2014-08-21 11:47:28 +00:00
Joshua Tauberer
294d19e0af rename whats_next.py to status_checks.py 2014-08-21 10:43:55 +00:00