1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-10-25 18:00:54 +00:00
Commit Graph

73 Commits

Author SHA1 Message Date
downtownallday
1f35e9ef91 Move directory setup/mods.d to local 2020-06-11 21:18:05 -04:00
downtownallday
0e857916eb Update wording 2020-06-11 08:08:31 -04:00
downtownallday
6baf4993db Ensure root user has a mailbox for sendmail -bv delivery report 2020-06-11 06:45:49 -04:00
downtownallday
4113ed8501 Look at resolv.conf this time 2020-06-10 23:16:35 -04:00
downtownallday
f1ba09a066 Dump nsswitch 2020-06-10 12:18:10 -04:00
downtownallday
ab087365c4 Move system-setup directory to tests
Set the hosts FQDN instead of adding hosts entry for private ip
2020-06-10 11:40:44 -04:00
downtownallday
96da15ad27 Add ipv6 address to /etc/hosts 2020-06-10 08:21:45 -04:00
downtownallday
64d24566b2 Dump /etc/hosts on travis 2020-06-10 07:49:17 -04:00
downtownallday
f4fda41705 Output formatting changes 2020-06-10 07:21:47 -04:00
downtownallday
2f1082a290 More debug output 2020-06-10 00:19:59 -04:00
downtownallday
6ed1a2ad20 add foreground color 2020-06-09 23:35:46 -04:00
downtownallday
74b2926586 dump nsd.conf 2020-06-09 23:27:20 -04:00
downtownallday
4d99e6021b Move nsd fix for Travis-CI into setup/dns.sh 2020-06-09 23:20:02 -04:00
downtownallday
38319c90d5 More Travis nsd startup failure issues 2020-06-09 22:52:46 -04:00
downtownallday
0cd9e92566 Try to deal with nsd failure under Travis 2020-06-09 22:45:12 -04:00
downtownallday
e498b47d53 Dump /var/log/syslog when start.sh fails 2020-06-09 22:06:25 -04:00
downtownallday
ca33614cbf Run apt-get update before installing anything 2020-06-09 21:51:01 -04:00
downtownallday
46e0d7a070 Don't overwrite PRIMARY_HOSTNAME if already set 2020-06-09 21:33:30 -04:00
downtownallday
29fad6106e Update comment 2020-06-09 21:32:49 -04:00
downtownallday
83cb7cbcbe Automated QA tests for remote nextcloud 2020-06-09 20:46:59 -04:00
downtownallday
44f7392e9e Last commit fixed things, so just cleaning up with this commit 2020-06-03 09:41:27 -04:00
downtownallday
ceca4a3cff again 2020-06-02 23:27:24 -04:00
downtownallday
500d8cfaa7 again 2020-06-02 22:21:56 -04:00
downtownallday
677fe42566 again 2020-06-02 19:35:06 -04:00
downtownallday
bb66a7c32b again 2020-06-02 18:18:35 -04:00
downtownallday
773ae77cf3 again 2020-06-02 17:54:02 -04:00
downtownallday
5e1c60f5a2 again 2020-06-02 17:27:53 -04:00
downtownallday
8d033a4bdd again 2020-06-02 17:11:58 -04:00
downtownallday
c0a2e048b3 again 2020-06-02 16:58:05 -04:00
downtownallday
504de9874f More systemctl reset attempts for travis 2020-06-02 15:37:42 -04:00
downtownallday
c91012a338 Add option to skip tests requiring remote smtp 2020-06-02 15:18:56 -04:00
downtownallday
e56084d682 Try resetting nsd restart count to avoid errors in mgmt tests 2020-06-02 14:48:26 -04:00
downtownallday
f2e970fe38 Dump the output from failed tests 2020-06-02 13:04:16 -04:00
downtownallday
1f0d2ddb92 Issue #1340 - LDAP backend for accounts
This commit will:

1. Change the user account database from sqlite to OpenLDAP
2. Add policyd-spf to postfix for SPF validation
3. Add a test runner with some automated test suites

Notes:

User account password hashes are preserved.

There is a new Roundcube contact list called "Directory" that lists the users in LDAP (MiaB users), similar to what Google Suite does.

Users can still change their password in Roundcube.

OpenLDAP is configured with TLS, but all remote access is blocked by firewall rules. Manual changes are required to open it for remote access (eg. "ufw allow proto tcp from <HOST> to any port ldaps").

The test runner is started by executing tests/runner.sh. Be aware that it will make changes to your system, including adding new users, domains, mailboxes, start/stop services, etc. It is highly unadvised to run it on a production system!

The LDAP schema that supports mail delivery with postfix and dovecot is located in conf/postfix.schema. This file is copied verbatim from the LdapAdmin project (GPL, ldapadmin.org). Instead of including the file in git, it could be referenced by URL and downloaded by the setup script if GPL is an issue or apply for a PEN from IANA.

Mangement console and other services should not appear or behave any differently than before.
2020-01-17 17:03:21 -05:00
Joshua Tauberer
5aeced5c2e add a test for fail2ban monitoring managesieve 2019-08-31 09:15:41 -04:00
Joshua Tauberer
8e0d9b9f21 update list of tls ciphers supported 2019-01-09 08:52:51 -05:00
Joshua Tauberer
870b82637a fix some wrong variable names, fixes #1353 2018-11-30 10:46:54 -05:00
Joshua Tauberer
e924459140 revert f25801e/#1233 - use Mozilla intermediate ciphers for IMAP/POP not modern ciphers
fixes #1300
2017-12-24 14:41:41 -05:00
Joshua Tauberer
5efdd72f41 update TLS test to record changes in the ciphers we offer on the open ports 2017-10-03 12:01:10 -04:00
Michael Kroes
2151d81453 update to ownCloud 9.1.1 (with intermediate upgrades) (#894)
[this is a squashed merge from-]

* Install owncoud 9.1 and provide an upgrade path from 8.2. This also disables memcached and goes with apc. The upgrade fails with memcached.

* Remove php apc setting

* Add dav migrations for each user

* Add some comments to the code

* When upgrading owncloud from 8.2.3 to 9.1.0 the backup of 8.2.3 was overwritten when going from 9.0 to 9.1

* Add upgrade path from 8.1.1. Only do an upgrade check if owncloud was previously installed.

* Stop php5-fpm before owncloud upgrade to prevent database locks

* Fix fail2ban tests for owncloud 9

* When upgrading owncloud copy the database to the user-data/owncloud-backup directory

* Remove not need unzip directives during owncloud extraction. Directory is removed beforehand so a normal extraction is fine

* Improve backup of owncloud installation and provide a post installation restore script. Update the owncloud version number to 9.1.1. Update the calendar and contacts apps to the latest versions

* Separate the ownCloud upgrades visually in the console output.
2016-10-18 06:04:13 -04:00
Joshua Tauberer
fc0abd5b4d confirm that fail2ban is protecting pop3s, closes #629 2016-08-22 19:18:23 -04:00
Joshua Tauberer
83d8dbca3e fail2ban won't start until the roundcube log file is created
fixes #911
2016-08-18 08:32:14 -04:00
Joshua Tauberer
8844a9185f Merge pull request #798 from mail-in-a-box/fail2banjails
add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon
2016-07-29 08:52:44 -04:00
Michael Kroes
d9ac321f25 Owncloud needs more time to detect blocks. It doesn't respond as fast as the other services. Also owncloud logs UTC (since latest update) even though the timezone is not UTC. Also to detect a block, we get a timeout instead of a refused) 2016-06-27 06:03:19 -04:00
Michael Kroes
bf5e9200f8 Update owncloud url to use webdav and increase http timeout 2016-06-27 06:03:14 -04:00
Joshua Tauberer
3055f9a79c drop SSLv3, RC4 ciphers from SMTP port 25
Per http://googleappsupdates.blogspot.ro/2016/05/disabling-support-for-sslv3-and-rc4-for.html, Google is about to do the same.

fixes #611
2016-06-12 09:11:50 -04:00
Michael Kroes
01fa8cf72c add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon
(tests squashed into this commit by josh)
2016-06-06 09:13:10 -04:00
Joshua Tauberer
a0c7e63d78 best guess at what clients are supported by the tls settings used 2015-05-22 17:36:55 -04:00
Joshua Tauberer
2c44333679 compare tls ciphers against Mozilla's recommendations 2015-05-20 19:41:04 -04:00
Joshua Tauberer
610be9cf17 record current TLS settings from my box 2015-05-20 18:31:46 -04:00