Joshua Tauberer
4e5b5f2852
Vagrant typo
2014-07-16 09:36:31 -04:00
Joshua Tauberer
89376b10d0
Merge pull request #111 from h8h/patch-1
...
Output SSL Cert Fingerprint can point to a wrong dir: Better to use $STORAGE_ROOT
2014-07-16 09:36:22 -04:00
h8h
9b887d2e63
Use $STORAGE_ROOT
...
Better to use $STORAGE_ROOT instead of hardcoded /home/user-data/
2014-07-16 15:33:40 +02:00
Joshua Tauberer
9c7d476915
re-do catch-all aliases, fixes #107 (originally #104 )
...
This reverts pull request #105 from jonessen96/master (84d2023f94
) which was incorrect because it lost the "+" in DOT_ATOM_TEXT and so was not accepting any email addresses.
Am taking the opportunity to make the code cleaner while I'm here.
2014-07-13 12:29:43 +00:00
Joshua Tauberer
84d2023f94
Merge pull request #105 from jonessen96/master
...
Fix validate_email not accepting catchalls (empty local part of the address)
2014-07-12 17:05:07 -04:00
Jonas Platte
c35252720f
Prohibited usage of empty local part for validate_email(email, strict = true)
2014-07-12 22:57:38 +02:00
Jonas Platte
70e4e7f7be
Fixed validate_email not accepting catchalls (empty local part of the address)
2014-07-12 03:22:55 +02:00
Joshua Tauberer
fb357dee33
add z-push to the start script
2014-07-12 00:04:56 +00:00
Joshua Tauberer
2a7669a0d3
z-push: an Exchange ActiveSync server
2014-07-12 00:02:32 +00:00
Joshua Tauberer
67c7391546
Roundcube's classic skin is nicer
2014-07-11 21:52:46 +00:00
Joshua Tauberer
85bd2c8804
use the Dovecot managesieve service to manage sieve scripts
...
This lets roundcube's manageseive plugin do cool things like vacation responses.
Also:
* Run the spam filtering sieve script out of a global sieve file that we'll place in /etc/dovecot. It is no longer necessary to create per-user sieve files for this. Remove them with a new migration. Remove the code that created them.
* Corrects the spam script. Backslashes were double-escaped probably because this script started embedded within the bash script. Not sure how this was working until now.
this adapts work by @h8h in #103
2014-07-10 23:09:07 +00:00
Joshua Tauberer
e713af5f5a
refactor the mail setup scripts
...
As the scripts keep growing, it's time to split them up to
keep them understandable.
This splits mail.sh into mail-postfix.sh, mail-dovecot.sh,
and mail-users.sh, which has all of the user database-related
configurations shared by Dovecot and Postfix. Also from
spamassassin.sh the core sieve configuration is moved into
mail-dovecot.sh and the virtual transport setting is moved
into mail-postfix.sh.
Also revising one of the sed scripts in mail-dovecot to
not insert a new additional # at the start of a line each
time the script is run.
2014-07-10 12:49:28 +00:00
Joshua Tauberer
6f51b49671
remove the hard-coded migration ID from setup.sh
2014-07-10 12:49:19 +00:00
Joshua Tauberer
41b3df6d78
manage hostmaster@ and postmaster@ automatically, create administrator@ during setup instead
...
closes #94
2014-07-09 19:30:17 +00:00
Joshua Tauberer
22a010ecb9
say that certificates are valid too in output
2014-07-09 16:38:56 +00:00
Joshua Tauberer
659b5c8aa3
if the server certificate can be used for a non-primary domain, use it
2014-07-09 16:38:42 +00:00
Joshua Tauberer
6c70b10c15
tell users to restart nginx after plugging in a new cert
2014-07-09 14:05:59 +00:00
Joshua Tauberer
deebda06e1
utils.sort_domains wasn't right
2014-07-09 12:35:12 +00:00
Joshua Tauberer
1a74b81f44
new nginx configuration yaml file to allow proxying of whole domains elsewhere
2014-07-09 12:31:32 +00:00
Joshua Tauberer
04e30ffa78
check that the installed certificate corresponds to the private key
2014-07-08 15:47:54 +00:00
Joshua Tauberer
10fbb2b293
in cf7053c124
I allowed editconf.py to insert a setting where we find it already commented-out in order to get an nginx configuration line in the right place, but it wasn't quite right because when run again we would insert the setting a second time
2014-07-08 00:48:22 +00:00
Joshua Tauberer
3bab63d4ce
update to Roundcube 1.0.1
2014-07-08 00:37:53 +00:00
Joshua Tauberer
7339bf080a
add a web_update script to trigger writing nginx config
2014-07-08 00:34:38 +00:00
Joshua Tauberer
59a9d02fa5
check that installed certificates are for the domains we are using the certificates for
2014-07-07 12:06:11 +00:00
Joshua Tauberer
3d4eadd436
the new migration management in c8856f107d
left out the part where we actually keep the system's current MIGRATIONID... it was being lost when setup/start.sh was re-run
2014-07-07 11:29:21 +00:00
Joshua Tauberer
cf7053c124
set nginx server_names_hash_bucket_size to 64, fixes #93
2014-07-07 11:23:41 +00:00
Joshua Tauberer
430b2dec11
update default www page to link to the website, fixes #96
2014-07-07 07:07:54 -04:00
Joshua Tauberer
ad3f6f8424
adding externals and .env to gitignore
2014-07-07 07:06:36 -04:00
Joshua Tauberer
65fb65ada7
an mx record may be missing if the A record matches the A record of PRIMARY_HOSTNAME
2014-07-07 02:35:45 +00:00
Joshua Tauberer
28e254fb84
whats_next: Allow the PRIMARY_HOSTNAME to not have an MX because the default value means the domain itself, which is what we want anyway
2014-07-07 02:35:45 +00:00
Joshua Tauberer
e898cd5d2a
whats_next: wrap output to the actual width of the terminal
2014-07-07 02:35:45 +00:00
Joshua Tauberer
6a231d4409
clarify that an SSL cert can remain self-signed on the non-primary domains if the domain isn't being used for web
2014-07-07 02:35:45 +00:00
Joshua Tauberer
dcce98f84b
and remove the old documentation now that there is documentation on the website
2014-07-06 11:57:57 -04:00
Joshua Tauberer
05664f0a3b
have the README refer to the website for details
2014-07-06 11:31:17 -04:00
Joshua Tauberer
49d5561933
when adding/removing mail addresses also update nginx's config
2014-07-06 12:16:50 +00:00
Joshua Tauberer
c8856f107d
migrate the SSL certificates path for non-primary certs to a new layout using a new migration script
2014-06-30 20:41:29 +00:00
Joshua Tauberer
06ba25151f
get_domain_ssl_files returned the wrong path for the CSR for PRIMARY_HOSTNAME
2014-06-30 19:49:41 +00:00
Joshua Tauberer
b5aa1b0f31
walk the user through choosing the PRIMARY_HOSTNAME by first asking for their email address
2014-06-30 10:20:58 -04:00
Joshua Tauberer
fed5959288
s/PUBLIC_HOSTNAME/PRIMARY_HOSTNAME/ throughout
2014-06-30 09:15:36 -04:00
Joshua Tauberer
573faa2bf5
install the backup script as a daily cron job
2014-06-26 10:46:22 +00:00
Joshua Tauberer
87f001a5d5
some comments
2014-06-24 03:24:41 +00:00
Joshua Tauberer
f8cd2bb805
typo: www/default/index.html would be overwritten if it already exists
2014-06-23 19:43:19 +00:00
Joshua Tauberer
1dec8c65ce
move the SSH password login check into whats_next.py (it used to be in start.sh and then moved to an unused script when it became a problem for Vagrant)
2014-06-23 19:39:20 +00:00
Joshua Tauberer
d4ce50de86
new tool to purchase and install a SSL certificate using Gandi.net's API
2014-06-23 10:53:29 +00:00
Joshua Tauberer
30c416ff6e
rename the new checklist script to whats_next.py
2014-06-23 00:11:24 +00:00
Joshua Tauberer
5aa09c3f9b
let the user override some DNS records in a different way
...
Moved the configuration to a single YAML file, rather than one per domain, to be clearer.
re-does 33f06f29c1
2014-06-22 19:33:30 +00:00
Joshua Tauberer
45e93f7dcc
strengthen the cyphers and protocols allowed by Dovecot and Postfix submission
2014-06-22 19:03:11 +00:00
Joshua Tauberer
343886d818
add mail alias checks and other cleanup
2014-06-22 16:28:55 +00:00
Joshua Tauberer
deab8974ec
if we handle mail for both a domain and any subdomain, only create a zone for the domain and put the subdomain's DNS records in the main domain's zone file
2014-06-22 16:24:15 +00:00
Joshua Tauberer
4668367420
first pass at a management tool for checking what the user must do to finish his configuration: set NS records, DS records, sign his certificates, etc.
2014-06-22 15:54:22 +00:00