1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-11-23 02:27:05 +00:00
Commit Graph

960 Commits

Author SHA1 Message Date
Joshua Tauberer
3b4b57c081 switching between backup options in the admin wasn't working at all
* going from s3 to file target wasn't working
* use 'local' in the config instead of a file: url, for the local target, so it is not path-specific
* break out the S3 fields since users can't be expected to know how to form a URL
* use boto to generate a list of S3 hosts
* use boto to validate that the user input for s3 is valid
* fix lots of html errors in the backup admin
2015-08-09 20:08:33 +00:00
Joshua Tauberer
c7f8ead496 clean up the new backup configuration panel 2015-08-09 20:08:30 +00:00
Joshua Tauberer
3f15879578 remove global variables in backup.py 2015-08-09 17:54:46 +00:00
Leo Koppelkamm
1cdd205eb7 Missed one max_age 2015-07-28 20:58:39 +02:00
Leo Koppelkamm
77099b3bce Reword backup min_time label 2015-07-28 00:42:00 +02:00
Leo Koppelkamm
0d8a4099c1 Add placeholder attribute; use input instead of textarea 2015-07-28 00:37:48 +02:00
Leo Koppelkamm
606cf6a941 Fix API typo 2015-07-28 00:34:26 +02:00
Leo Koppelkamm
ba9065cada Don't write collection_status output to file but parse it directly 2015-07-27 22:30:22 +02:00
Leo Koppelkamm
e693802091 Rename max_age to min_age
Also clarify a comment and remove an unneeded type check
2015-07-27 22:18:19 +02:00
Leo Koppelkamm
fa0dd684da Add archive-dir argument to collection-status 2015-07-27 22:13:28 +02:00
Leo Koppelkamm
43fb7fe635 Remove unused variable 2015-07-27 22:11:43 +02:00
Leo Koppelkamm
91e4ea6e2f Infer target_type from url 2015-07-27 22:09:58 +02:00
Leo Koppelkamm
1e3e34f15f Make backup API RESTful 2015-07-27 22:00:36 +02:00
Leo Koppelkamm
96fb0f78f7 Add comment regarding the use of pip instead of pip3 2015-07-27 21:56:08 +02:00
Leo Koppelkamm
2e6c410336 Make backups more configurable
Backup location and maximum age can now be configured in the admin panel.
For now only S3 is supported, but adding other duplicity supported backends should be straightforward.
2015-07-27 21:53:34 +02:00
Joshua Tauberer
0293e04311 fix control panel links, broken in Firefox (worked in Chrome)
see https://discourse.mailinabox.email/t/bug-present-for-ages/694/3
2015-07-25 14:12:45 +00:00
Joshua Tauberer
8c066764d9 munin-node gets confused about the machine's name in some cases
Some users report munin is broken because munin and munin-node disagree about the name of the machine. I think this occurs if hostname (used by munin-node) reports a different name than PRIMARY_HOSTNAME (which we put in the munin config).

Hard-code PRIMARY_HOSTNAME in munin-node.conf.

Fixes #474.
See https://discourse.mailinabox.email/t/404-not-found-on-admin-munin/623/24.
2015-07-22 21:03:55 +00:00
Joshua Tauberer
1900e512f2 improve the sort order of domains - siblings to the primary hostname were not sorted right 2015-07-21 11:25:11 +00:00
Joshua Tauberer
d0ccde7b48 changelog entries 2015-07-21 06:50:00 -04:00
Joshua Tauberer
1e261e347a missing dependency php-mail-mimedecode for roundcube, fixes #447 2015-07-21 10:25:10 +00:00
Joshua Tauberer
2cb4cdc645 dont run network checks during upgrades since this is a bad reason to block an upgrade from going through 2015-07-21 06:21:56 -04:00
Joshua Tauberer
d3bbc0ec95 bug in new secondary nameservers
forgot a 'continue' statement
see 216acb0eeb
fixes #497
2015-07-20 11:25:16 +00:00
Joshua Tauberer
e54608c282 fix occ upgrade to not bail when occ returns 'ownCloud is already latest version' exit code 3, see #496 2015-07-19 13:06:38 +00:00
Joshua Tauberer
9b9a40ddd7 v0.12c
remove live dependency on Sourceforge
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJVq5kxAAoJELkgQfTBC92B9uMIALcrGjq7weaL3qRHYRoeVs5C
 /Ov1Lg9QY7PGRl3HtBmFvw50E3coxFCFBfEycK0D9Rue6xF2PHyg8n0DvX5Q2wSD
 A9EWAv27ZPoup8/ggv970lTZSpJzseJs1Km0QeOaapfgzPFFtDDwUbkV8sHQxXi4
 KCFzmlE72rmvsley/u3IlS/dCb07QdLhdIa/ZJYxSIMJdvMqj0enefBOELoeomYC
 ZoNzzzB08eCiyTVd6BTFPBz6CWI6yW203JWoQsSjaz9qEB/N6m9u/PrHBT8VPIRM
 Q/a4gn598eAzcGEjub3ZYmJlnbBSlhvczfljmYgNcgizy/SwByaA1AaAemdwI5s=
 =2FnK
 -----END PGP SIGNATURE-----

Merge tag 'v0.12c'

v0.12c

remove live dependency on Sourceforge

everything was already on master
2015-07-19 08:34:16 -04:00
Joshua Tauberer
1b00184c89 v0.12c release to work-around Sourceforge outage 2015-07-19 08:30:03 -04:00
Joshua Tauberer
e11825392d use a temporary mirror for roundcube while Sourceforge is recovering from an outage https://twitter.com/sfnet_ops/status/622171668497076224 2015-07-19 08:25:04 -04:00
Joshua Tauberer
1a995d9e26 forgot to create the pyzor home_dir in 3f606feea3 2015-07-19 08:25:04 -04:00
Joshua Tauberer
53d4820d74 hard-code pyzor sevice URL because 'pyzor discover' is failing because Sourceforge is offline, fixes #496 2015-07-19 08:25:04 -04:00
Joshua Tauberer
40a5fa46d1 use a temporary mirror for roundcube while Sourceforge is recovering from an outage https://twitter.com/sfnet_ops/status/622171668497076224 2015-07-17 20:27:59 -04:00
Joshua Tauberer
05e33edb0d forgot to create the pyzor home_dir in 3f606feea3 2015-07-17 20:26:36 -04:00
Joshua Tauberer
76dba1a521 the ownCloud upgrade must be run after apps are (re-)enabled after an upgrade 2015-07-17 11:44:28 +00:00
Joshua Tauberer
f7298a45bd update to ownCloud 8.1.0 2015-07-17 11:44:28 +00:00
Joshua Tauberer
3f606feea3 hard-code pyzor sevice URL because 'pyzor discover' is failing because Sourceforge is offline, fixes #496 2015-07-17 11:44:28 +00:00
Joshua Tauberer
541d9252f6 allow PEM files to have non-Unix line endings 2015-07-17 11:44:28 +00:00
Joshua Tauberer
cbbbb117e0 Merge pull request #492 from PortableTech/tlsa
Add TLSA record for SSL connections.
2015-07-13 09:15:12 -04:00
PortableTech
415f95b792 Add TLSA record for HTTPS connections.
While not widely supported, there are some browser addons that can
validate DNSSEC and TLSA for additional out-of-band verification of
certificates when browsing the web.  Costs nothing to implement and
might improve security in some situations.
2015-07-13 09:12:13 -04:00
Joshua Tauberer
5f17abc856 Merge pull request #463 from PortableTech/master
outgoing_mail_header_filters use local hostname and ip
2015-07-11 17:21:55 -04:00
Joshua Tauberer
a91995f0a7 Merge pull request #486 from anoma/fail2ban-organise
Optimise FAIL2BAN jail.local
2015-07-11 17:20:34 -04:00
Joshua Tauberer
216acb0eeb merge #476 - multiple secondary NS servers and zone xfr-only servers
closes #476
2015-07-10 15:42:44 +00:00
Joshua Tauberer
5dd5fc4a1c clean up multiple secondary nameservers and zone xfr ip addresses 2015-07-10 15:42:33 +00:00
Brian Bustin
09133c8f59 Initial backend changes to make it possible to have one or more secondary name servers 2015-07-10 14:59:38 +00:00
Joshua Tauberer
d08a3095a9 tweak security.md 2015-07-09 13:30:25 -04:00
anoma
e591d9082f Ultra safe dovecot findtime and maxretry settings
Explicitly set the timings and counts for the dovecot jail rather than change the global [DEFAULT] and inherit it for this one jail. These settings are far too safe so a future PR should increase security here.
2015-07-06 13:44:53 +01:00
anoma
b6f26c0f1e Revert to defaults FAIL2BAN findtime and maxretry
Reverts the remaining FAIL2BAN settings to default: findtime 600 and maxretry 3. As jail settings override default settings this was hardly being used anyway so it is better to explicitly set it per jail as and when required.
2015-07-06 13:42:41 +01:00
Joshua Tauberer
34b7638342 v0.12b 2015-07-04 11:31:51 -04:00
Joshua Tauberer
acd91665b5 setting an alias to forward to two or more addresses was broken since aa33428311
fixes #482
2015-07-04 15:28:45 +00:00
Joshua Tauberer
b503ea1cf7 v0.12
--------------------

This is a minor update to v0.11, which was a major update. Please read v0.11's advisories.

* The administrator@ alias was incorrectly created starting with v0.11. If your first install was v0.11, check that the administrator@ alias forwards mail to you.
* Intrusion detection rules (fail2ban) are relaxed (i.e. less is blocked).
* SSL certificates could not be installed for the new automatic 'www.' redirect domains.
* PHP's default character encoding is changed from no default to UTF8. The effect of this change is unclear but should prevent possible future text conversion issues.
* User-installed SSL private keys in the BEGIN PRIVATE KEY format were not accepted.
* SSL certificates with SAN domains with IDNA encoding were broken in v0.11.
* Some IDNA functionality was using IDNA 2003 rather than IDNA 2008.
2015-07-03 10:34:33 -04:00
Joshua Tauberer
091c2e45bf always attempt to upgrade pip packages during setup 2015-07-03 14:25:41 +00:00
Joshua Tauberer
0a78d1d2fa update changelog 2015-07-03 14:15:14 +00:00
Joshua Tauberer
ff4780d5fb better error handling of invalid PEM files 2015-07-03 14:00:59 +00:00