Joshua Tauberer
39bca053ed
add 2048 bits of DH params for nginx, postfix, dovecot
...
nginx/postfix use a new pre-generated dh2048.pem file. dovecot generates the bits on its own.
ssllabs.com reports that TLS_DHE ciphers went from 1024 to 2048 bits as expected. The ECDHE ciphers remain at 256 bits --- no idea what that really means. (This tests nginx only. I haven't tested postfix/dovecot.)
see https://discourse.mailinabox.email/t/fips-ready-for-ssl-dhec-key-exchange/76/3
2014-09-26 22:09:22 +00:00
Joshua Tauberer
c2eb8e5330
typo in roundcube download URL
...
see 8e0967dd8e (commitcomment-7940724)
2014-09-26 14:26:45 +00:00
Joshua Tauberer
ab47144ae3
add strict SPF and DMARC records to any subdomains (including custom records) that do not have SPF/DMARC set
...
closes #208
2014-09-26 14:01:03 +00:00
Joshua Tauberer
9b6f9859d1
dns_update: assume DKIM is present
2014-09-26 14:01:03 +00:00
Joshua Tauberer
4e6d572de9
ensure Python operates in UTF-8 with a consistent locale for all users
...
fixes #206 (hopefully)
2014-09-26 08:26:09 -04:00
Joshua Tauberer
145186a6b6
link to Modoboa in README
2014-09-26 08:20:13 -04:00
Joshua Tauberer
5714b3c6b7
bump bootstrap.sh to incoming 0.03 tag
2014-09-24 12:48:15 +00:00
Joshua Tauberer
8e0967dd8e
if an earlier version of roundcube had already been installed, update to our target version
...
fixes #195
2014-09-24 12:46:51 +00:00
Joshua Tauberer
5a89f3c633
don't allow catch-all addresses in the admin because they take precedence over mail users and that's counter-intuitive
...
For now use the command-line tools/mail.py if you need it.
see #200
Revert "Changed incomming-email-input to type text"
This reverts commit 9631fab7b2
.
2014-09-24 12:36:47 +00:00
Joshua Tauberer
ed8fb2d06d
the latest z-push introduces a new/second USE_FULLEMAIL_FOR_LOGIN parameter
...
see http://discourse.mailinabox.email/t/activesync-z-push-not-working/94/3
2014-09-24 12:24:35 +00:00
Joshua Tauberer
8c8d9304ac
lock z-push to a particular upstream version by fmbiete/Z-Push-contrib commit hash
2014-09-24 12:20:10 +00:00
Joshua Tauberer
c1ccd22531
put a start script at /usr/local/bin/mailinabox
2014-09-22 16:37:12 -04:00
Joshua Tauberer
01c964bfe3
update bootstrap.sh for next tag
2014-09-22 16:35:07 -04:00
Joshua Tauberer
6c59294e7b
more readable bash
2014-09-21 16:05:11 -04:00
Joshua Tauberer
9d40a12f44
first pass at making readable documentation by parsing the bash scripts
2014-09-21 13:43:31 -04:00
Joshua Tauberer
c2ddabe683
fix ajax loading indicator positioning
2014-09-21 17:41:46 +00:00
Joshua Tauberer
846768efcb
admin: update user's password from the admin
2014-09-21 17:24:01 +00:00
Joshua Tauberer
8dfbb90f3a
admin: simplify the users table a bit
2014-09-21 17:10:23 +00:00
Joshua Tauberer
c7c3bd33cf
DNS API should reject qnames that aren't in a zone managed by the box
...
see https://discourse.mailinabox.email/t/set-www-a-and-other-dns-records-after-install/63/10
2014-09-21 13:37:30 +00:00
Joshua Tauberer
1637153566
make the DNS API a little clearer
2014-09-21 13:37:30 +00:00
Joshua Tauberer
05510f25a5
warn if a SSL cert is expiring in 30 days
2014-09-21 13:37:30 +00:00
Joshua Tauberer
b8ea7282b0
don't run `apt-get update` when generating the status checks output because it is so slow and should be update daily by cron anyway
2014-09-21 13:37:30 +00:00
Joshua Tauberer
dd91553689
open the firewall to an alternative SSH port if set
...
https://discourse.mailinabox.email/t/opening-up-a-custom-port-for-ssh-after-install/55/2
2014-09-20 08:26:10 -04:00
Joshua Tauberer
98651deea4
python3-dev is a dependency for many pip packages, including pyyaml, fixes #196
2014-09-17 21:56:09 +00:00
Joshua Tauberer
ff0c85615b
correct typo in comment
2014-09-15 10:02:25 +00:00
Joshua Tauberer
16e2350fef
revise the description of A records on domains: the A record must be present for good deliverability so that the envelope domain resolves, but it doesn't have to resolve to this machine
2014-09-15 06:00:50 -04:00
Joshua Tauberer
52b2e27451
Merge pull request #193 from waldyrious/patch-1
...
add link to contributors, remove duplicate "to"s
2014-09-13 20:54:26 -04:00
Waldir Pimenta
48bb8a90d2
add link to contributors, remove duplicate "to"s
2014-09-14 01:45:10 +01:00
Joshua Tauberer
941684f4d9
Merge pull request #192 from ch000/patch-1
...
Changed incomming-email-input to type text
2014-09-12 12:15:24 -04:00
Christian
9631fab7b2
Changed incomming-email-input to type text
...
The input type="email" validation won't allow "@example.com", which is needed for catch-all-aliases.
2014-09-12 18:08:33 +02:00
Joshua Tauberer
4f4a8faa00
Merge pull request #188 from Bretos/master
...
update roundcube version
2014-09-10 09:04:27 -04:00
Bretos
467f04facb
update roundcube version
2014-09-10 12:32:32 +02:00
Joshua Tauberer
196e42e8b5
don't automatically create an alias if a user account already exists by that name
...
In the event the first user is an address that we'd normally create as an alias,
we'd generate a loop from the alias to the administrative alias to the first user
account (which was the alias again).
hopefully fixes #186
2014-09-09 11:41:47 +00:00
Joshua Tauberer
f09da719f7
show the response from spamhaus.org in the status checks output
2014-09-08 20:27:26 +00:00
Joshua Tauberer
e9e95cbed5
tweak backup explanatory text
2014-09-08 20:12:31 +00:00
Joshua Tauberer
98fc449b49
only hold onto backups for 14 days (not 31) and show when the backups will be deleted in the control panel
2014-09-08 20:09:18 +00:00
Joshua Tauberer
bab8b515ea
new logic for determining when to take a full backup
2014-09-08 19:42:54 +00:00
Joshua Tauberer
cce6bc02a8
add links to IANA tables for DNSSEC algorithm/digest number assignemnts
2014-09-07 10:59:20 -04:00
Joshua Tauberer
85d4fad030
add Hacker News links to README
2014-09-07 10:59:20 -04:00
Joshua Tauberer
7ea956d3bc
install network-checks's dependencies
...
Since it runs before the real setup begins, we must make sure that packages are installed.
Also removing bind9-host's installation from system.sh. In 189dd6000e
I added this so we could use `host`
to aid Docker autoconfiguration. Docker support was since removed but this hadn't gotten removed, which lead me to think it was
normally installed by Ubuntu. It's now installed in `network-checks.sh`.
fixes #180
2014-09-07 12:29:23 +00:00
Joshua Tauberer
110e0f90d9
dns: move the quoting of TXT records to when we write the zone file so that we can display it unquoted in the External DNS instructions
2014-09-07 11:42:20 +00:00
Joshua Tauberer
954a234aa9
move website link to the top of README
2014-09-07 07:24:50 -04:00
Joshua Tauberer
b5122770cc
tweak admin template for external DNS
2014-09-07 07:22:39 -04:00
Joshua Tauberer
711b1128e3
Merge pull request #178 from jkaberg/master
...
Support more concurrent connections for PHP services
2014-09-04 10:42:19 -04:00
Joel Kåberg
6b13ac1ca9
Support more concurrent connections
2014-09-04 16:40:33 +02:00
Joel Kåberg
9fd6958dc2
Revert commit "Support more concurrent connections for z-push"
2014-09-04 16:39:38 +02:00
Joel Kåberg
e434bf9fce
Support more concurrent connections for z-push
...
My logs were showing lots of:
[04-Sep-2014 15:52:41] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it
2014-09-04 16:11:06 +02:00
Joshua Tauberer
03f9358de4
when checking SSL certs are OK, check for wildcard certificates
...
fixes #175 (hopefully)
2014-09-03 17:31:47 +00:00
Joshua Tauberer
c7a2aad0f8
tweak readme to emphasize not being customizable
2014-09-03 11:10:30 -04:00
Joshua Tauberer
c75a2c4ca0
add a warning not to use owncloud-unlockadmin.sh
2014-09-03 11:02:09 -04:00