Joshua Tauberer
495790d81d
still didn't get the permissions right, chmod must follow sa-learn's initial creation of files
...
see #231 , #201 , b26abc947e
, 7ca54a2bfb
, dfe0a9f187
2014-10-12 18:05:04 +00:00
Joshua Tauberer
dfe0a9f187
clean up setup/spamassassin.sh
2014-10-12 17:57:04 +00:00
Joshua Tauberer
7ca54a2bfb
give dovecot antispam plugin's sa-learn-pipe script permission to write to the bayes files
...
see #231 , #201 , b26abc947e
.
2014-10-12 17:57:04 +00:00
David Piggott
b26abc947e
Change owner of spamassassin directory from mail to spampd, closes #231
2014-10-11 18:00:22 +01:00
Joshua Tauberer
2f4eccd9a9
add 'source /etc/mailinabox.conf' to dns.sh so it can be run separately
2014-10-08 12:48:43 +00:00
Joshua Tauberer
8566b78202
drop webfinger, see #95
2014-10-07 20:30:36 +00:00
Joshua Tauberer
711db9352c
bootstrap: apt was mangling stdin
...
When executed "cat bootstrap.sh | bash", apt-get mangled stdin. The script would terminate at the end of the if block containing apt-get (that seems to be as much as bash read from the pipe) and the remainder of the script was output to the console. This was very weird.
Ensuring that apt-get and git have their stdins redirected from /dev/null seems to fix the problem.
see #224
2014-10-05 13:40:12 -04:00
Joshua Tauberer
7c2092d48f
remove apache before installing nginx, see #224
2014-10-05 09:01:20 -04:00
Joshua Tauberer
5fd107cae5
more work on making the bash scripts readable
2014-10-04 17:57:26 -04:00
Joshua Tauberer
db0967446b
remove unnecessary sudos
2014-10-04 14:06:08 -04:00
Joshua Tauberer
2ff5038c84
replace '.' with 'source'
2014-10-04 14:05:06 -04:00
Joshua Tauberer
4ae76aa2dd
dnssec: use RSASHA256 keys for .email domains
2014-10-04 17:29:42 +00:00
h8h
ba33669a62
generate the locales before change to it.
...
For my german box changing the locale failed:
´´´´/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
setup/functions.sh: line 6: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)´´´´
see #206 and 4e6d572de9
closes #220
commit modified by joshdata
2014-10-02 11:05:42 +00:00
Joshua Tauberer
94c4352f45
Merge branch 'jmar71n-master' - site-wide bayesean spam filtering
2014-09-27 16:18:55 +00:00
Joshua Tauberer
6dd6353d41
move sa-learn-pipe.sh from /usr to /usr/local
2014-09-27 16:18:40 +00:00
Joshua Tauberer
d06bfa6c1b
tweak the site-wide bayesian spam filtering config
2014-09-27 16:18:36 +00:00
Joshua Tauberer
698ae03505
catch-all addresses should not have precedence over mail users
...
Aliases have precedence over mail users. A catch-all address would grab mail intended for a mail user and send it elsewhere. This adds some SQL hackery to create dummy aliases for all mail users.
fixes #200
closes #214 another way
2014-09-27 13:32:10 +00:00
Joshua Tauberer
a4c70f7a92
revert dovecot part of 39bca053ed
because dovecot started behaving weird and I don't have time to debug it
2014-09-26 22:41:59 +00:00
Joshua Tauberer
39bca053ed
add 2048 bits of DH params for nginx, postfix, dovecot
...
nginx/postfix use a new pre-generated dh2048.pem file. dovecot generates the bits on its own.
ssllabs.com reports that TLS_DHE ciphers went from 1024 to 2048 bits as expected. The ECDHE ciphers remain at 256 bits --- no idea what that really means. (This tests nginx only. I haven't tested postfix/dovecot.)
see https://discourse.mailinabox.email/t/fips-ready-for-ssl-dhec-key-exchange/76/3
2014-09-26 22:09:22 +00:00
Joshua Tauberer
c2eb8e5330
typo in roundcube download URL
...
see 8e0967dd8e (commitcomment-7940724)
2014-09-26 14:26:45 +00:00
Joshua Tauberer
4e6d572de9
ensure Python operates in UTF-8 with a consistent locale for all users
...
fixes #206 (hopefully)
2014-09-26 08:26:09 -04:00
Joshua Tauberer
5714b3c6b7
bump bootstrap.sh to incoming 0.03 tag
2014-09-24 12:48:15 +00:00
Joshua Tauberer
8e0967dd8e
if an earlier version of roundcube had already been installed, update to our target version
...
fixes #195
2014-09-24 12:46:51 +00:00
Joshua Tauberer
ed8fb2d06d
the latest z-push introduces a new/second USE_FULLEMAIL_FOR_LOGIN parameter
...
see http://discourse.mailinabox.email/t/activesync-z-push-not-working/94/3
2014-09-24 12:24:35 +00:00
Joshua Tauberer
8c8d9304ac
lock z-push to a particular upstream version by fmbiete/Z-Push-contrib commit hash
2014-09-24 12:20:10 +00:00
Joshua Tauberer
c1ccd22531
put a start script at /usr/local/bin/mailinabox
2014-09-22 16:37:12 -04:00
Joshua Tauberer
01c964bfe3
update bootstrap.sh for next tag
2014-09-22 16:35:07 -04:00
Joshua Tauberer
6c59294e7b
more readable bash
2014-09-21 16:05:11 -04:00
Joshua Tauberer
9d40a12f44
first pass at making readable documentation by parsing the bash scripts
2014-09-21 13:43:31 -04:00
jmar71n
b5bb12d0d2
enable site-wide bayesian filtering
...
Create directory in $STORAGE_ROOT for bayes database.
Added --username arg to sa-learn as the user mail does not have permission to edit files in $STORAGE_ROOT. There is probably a better solution to this...
2014-09-20 16:07:30 +01:00
Joshua Tauberer
dd91553689
open the firewall to an alternative SSH port if set
...
https://discourse.mailinabox.email/t/opening-up-a-custom-port-for-ssh-after-install/55/2
2014-09-20 08:26:10 -04:00
Joshua Tauberer
98651deea4
python3-dev is a dependency for many pip packages, including pyyaml, fixes #196
2014-09-17 21:56:09 +00:00
Bretos
467f04facb
update roundcube version
2014-09-10 12:32:32 +02:00
Joshua Tauberer
7ea956d3bc
install network-checks's dependencies
...
Since it runs before the real setup begins, we must make sure that packages are installed.
Also removing bind9-host's installation from system.sh. In 189dd6000e
I added this so we could use `host`
to aid Docker autoconfiguration. Docker support was since removed but this hadn't gotten removed, which lead me to think it was
normally installed by Ubuntu. It's now installed in `network-checks.sh`.
fixes #180
2014-09-07 12:29:23 +00:00
Joel Kåberg
6b13ac1ca9
Support more concurrent connections
2014-09-04 16:40:33 +02:00
Joel Kåberg
9fd6958dc2
Revert commit "Support more concurrent connections for z-push"
2014-09-04 16:39:38 +02:00
Joel Kåberg
e434bf9fce
Support more concurrent connections for z-push
...
My logs were showing lots of:
[04-Sep-2014 15:52:41] WARNING: [pool www] server reached pm.max_children setting (5), consider raising it
2014-09-04 16:11:06 +02:00
Joshua Tauberer
3853e8dd93
show the status of backups in the control panel
2014-09-01 13:06:53 +00:00
Joshua Tauberer
4ec6692f21
showing the mail-in-a-box version might fail if git isn't actually installed
...
The user might acquire the sources via some means other than a git clone. On Vagrant, the files come in via Vagrant. So test for git before running `git describe`.
2014-09-01 07:51:25 -04:00
Joel Kåberg
7603ce0489
this is what I meant
2014-09-01 10:32:44 +02:00
Joel Kåberg
8b2fed1a2a
fixes comments by @JoshData
2014-09-01 10:02:46 +02:00
Joel Kåberg
ee244386ed
update ownCloud if necessary
...
this will always download the latest ownCloud and upgrade if ownCloud install dir exist, this apphroach allows us to keep existing user plugins. currently not checking if currently installed version is equal to the one we're downloading as I couldn't find a proper solution for that
2014-08-31 20:34:57 +02:00
Joshua Tauberer
cfffb38508
link-local IPv6 addresses need a '%interface' specification to be useful
2014-08-31 08:09:13 -04:00
Joshua Tauberer
24ff0e04b1
output/text tweaks
2014-08-27 14:42:00 +00:00
Joshua Tauberer
10a37cd033
add SSHFP records to DNS
2014-08-27 12:59:40 +00:00
Joshua Tauberer
8586723e70
Merge pull request #168 from hjjg/feature-localehandling1
...
locale-safe check if we have enough memory installed
2014-08-27 07:41:49 -04:00
Joshua Tauberer
da2af2ea5c
once the user has a signed SSL cert, simplify the message at the end of setup
2014-08-27 02:37:03 +00:00
Joshua Tauberer
6a311ee7d9
show the tag or commit the user is on in the output to aid debugging when a user posts the output somewhere
2014-08-27 02:37:03 +00:00
Helmuth Gronewold
756ba111a3
Also swith blocksize and count at the owncloud-specific key generation to ensure get as much bytes as you wanted.
2014-08-26 22:22:43 +02:00
Helmuth Gronewold
ab3d205ef6
Switch blocksize and count when reading from urandom with dd, to prevent getting fewer bytes for the secret key.
2014-08-26 22:16:31 +02:00
Joshua Tauberer
c0f4618bef
normalize some whitespace
2014-08-26 07:13:47 -04:00
Joshua Tauberer
245864caac
bug in the IPV6 question
2014-08-26 10:34:22 +00:00
Helmuth Gronewold
3774f589c8
locale-safe check if we have enough memory installed
2014-08-25 23:36:55 +02:00
Joshua Tauberer
d1c7617cdb
Merge branch 'master' into usedialog
2014-08-25 08:26:59 -04:00
Joshua Tauberer
ea32af1f0e
Merge commit 'b0d6473c3c6748a68f4845324fee13f3153bc18f' into usedialog
...
Conflicts:
setup/start.sh (changes are in questions.sh now)
2014-08-25 08:26:39 -04:00
Joshua Tauberer
c18200d9b1
Merge commit '09d2a08ce620928d0398068197951e5acebca0f0' into usedialog
...
Conflicts:
setup/start.sh (change was already applied)
2014-08-25 08:23:28 -04:00
Joshua Tauberer
bf5016a8ac
bootstrap.sh: allow overring the tag to checkout by setting the TAG environment variable (helpful for debugging)
2014-08-25 08:18:46 -04:00
Joshua Tauberer
e0dc8ff04a
when deleting my old /usr/local/bin/mailinabox-exchange-autodiscover.php file from existing systems, don't emit an error if the file doesn't exist (added -f)
2014-08-25 08:10:54 -04:00
Joshua Tauberer
faf6f87a63
move the user-interactive questions and other parts of start.sh into new files
2014-08-25 08:09:37 -04:00
Joshua Tauberer
4ed69cbae5
replace '-t 0' test with an environment variable since '-t 0' is false when standard input has been redirected and doesn't tell us whether or not we can use dialog for input, but Vagrant must be non-interactive
2014-08-25 07:54:11 -04:00
Joshua Tauberer
28231ac248
Merge pull request #150 from hjjg/secretkeyfix
...
The secret key that encrypts the backups should not be world readable.
2014-08-24 17:21:38 -04:00
Helmuth Gronewold
90c7655d82
Fix wrong permissions of backup secret. Pyhton 3 needs octal permissions.
2014-08-24 21:27:39 +02:00
Joshua Tauberer
6e3b04ce83
when generating SSL CSRs, using SHA256 as SHA1 is being phased out, per @konklone
2014-08-23 17:49:33 -04:00
Joshua Tauberer
b0d6473c3c
Merge branch 'box-in-a-name' of github.com:hjjg/mailinabox
2014-08-23 12:43:47 +00:00
Joshua Tauberer
03bbd25a10
re-do allow apt to perform security updates on its own
...
Move this into system.sh rather than anagement.sh.
This reverts commit eab28c97ff
.
2014-08-23 12:35:59 +00:00
Helmuth Gronewold
ff8413a622
Better handling of hostname and email address recommendation.
2014-08-23 08:51:18 +02:00
Helmuth Gronewold
ee9552734f
Fix permissions of backup secret according to Josh's comment at
...
https://github.com/mail-in-a-box/mailinabox/pull/150#issuecomment-53120156
2014-08-22 23:23:56 +02:00
Helmuth Gronewold
a68fd6429f
The secret key that encrypts the backups should not be world readable.
2014-08-22 22:55:34 +02:00
Joshua Tauberer
f7c7d5b9c3
Merge pull request #146 from ls42/zpush/auto-timezone
...
Read timezone from /etc/timezone.
2014-08-21 17:21:47 -04:00
Christian Koptein
09d2a08ce6
Typo in introduction
2014-08-21 21:51:54 +02:00
Joshua Tauberer
9576594cfe
bootstrap script should check out a particular tag rather than master
2014-08-21 17:28:20 +00:00
Joshua Tauberer
76dcab3139
now that we use `dialog` for input we can pipe the bootstrap script to bash
2014-08-21 17:28:12 +00:00
Joshua Tauberer
7e8e104964
when asking for a CSR country code, give the user a list
2014-08-21 17:28:04 +00:00
Joshua Tauberer
7ea4d33e06
simplify the input_box function
2014-08-21 16:01:12 +00:00
Joshua Tauberer
eab28c97ff
allow apt to perform security updates on its own
2014-08-21 11:47:28 +00:00
Joshua Tauberer
294d19e0af
rename whats_next.py to status_checks.py
2014-08-21 10:43:55 +00:00
H8H
980b83b124
Added dialogs, so that the setup.sh can ask the user any questions even when its piped; Added additional email valdidation for the last step
2014-08-21 03:09:09 +02:00
Stephan Brauer
2cab02c831
Read timezone from /etc/timezone.
2014-08-20 23:51:10 +02:00
Joshua Tauberer
aaea954072
remove my old Exchange autodiscover PHP script from systems
2014-08-19 11:50:00 +00:00
Joshua Tauberer
b6dd407aa7
z-push autodiscover should use the primary hostname for the mail server and not the domain part of the email address (both may work, but the primary hostname is more likely to have a signed SSL cert)
2014-08-19 11:49:20 +00:00
jkaberg
a0df18506b
use z-push autodisover instead
2014-08-19 13:03:44 +02:00
Joshua Tauberer
b30d7ad80a
web-based administrative UI
...
closes #19
2014-08-17 22:46:06 +00:00
Joshua Tauberer
04454b35c6
(merge) CardDAV, CalDAV via ownCloud and move to z-push fork fork
...
Merges branch 'owncloud' of github.com:jkaberg/mailinabox
which is pull request #135 , closes #135
thanks @jkaberg, @fmbiete, @owncloud
2014-08-17 15:31:08 -04:00
Joshua Tauberer
56c7d7436e
warn that generating DNSSEC keys takes a while (still slow in some virtualized environments)
2014-08-17 11:50:05 -04:00
Joshua Tauberer
062e8b839e
failed network checks should result in start.sh exiting with a non-zero exit status
2014-08-17 11:50:05 -04:00
Joshua Tauberer
7e62131fbc
a bootstrapping script to support a one-line install command
...
based on a script by @jkaberg in #141
2014-08-16 13:31:42 -04:00
Joshua Tauberer
e1606df237
s/joshdata/mailinabox/ due to repo moving to the org account
2014-08-16 13:16:01 +00:00
Joshua Tauberer
bbd35f4906
ownCloud: do cron the same way we do the others
2014-08-16 13:00:36 +00:00
Joshua Tauberer
ae1e69a5e3
ownCloud: code a way to add admins from our users table, but dont use it
2014-08-16 12:59:29 +00:00
Joshua Tauberer
9e86c67534
make setup/owncloud.sh idempotent: don't wreck user data on second run
2014-08-16 12:38:03 +00:00
Joshua Tauberer
277f98aac8
drop the owncloud mail app for now
2014-08-16 12:19:40 +00:00
Joshua Tauberer
398b538e2b
owncloud: automatically set it up with an administrator account that even the box owner doesn't have access to, because we do not want to have the user hit ownCloud's setup page on first visit
2014-08-15 23:07:20 +00:00
Joshua Tauberer
ca45c88a32
owncloud: set forcessl to be true to get the corret HSTS header (would be better if we could prevent ownCloud from sending one)
2014-08-15 22:32:01 +00:00
Joshua Tauberer
5ecbaa2b41
Merge branch 'owncloud' of github.com:jkaberg/mailinabox into owncloud
2014-08-15 18:30:17 -04:00
Joshua Tauberer
a10b828d5c
when modifying php.ini, use ; as the comment char not # because php emits horrid deprecation warnings otherwise
2014-08-15 18:29:05 -04:00
jkaberg
7024b428ad
increased timeouts so that owncloud properly loads with larger db
2014-08-13 07:30:32 +02:00
Joshua Tauberer
d03bc0cefa
more owncloud configuration tweaks
2014-08-13 00:30:09 +00:00
Joshua Tauberer
05cc63b5d5
Merge branch 'owncloud' of github.com:jkaberg/mailinabox into owncloud
...
Conflicts:
conf/nginx.conf
setup/zpush.sh
2014-08-12 23:10:51 +00:00
jkaberg
e828dd63e1
auto enable apps in owncloud (FINAL COMMIT!)
2014-08-12 16:45:36 +02:00
jkaberg
b92033cafe
install fpm instead of cgi
2014-08-12 15:39:45 +02:00