1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-10-24 17:50:54 +00:00
Commit Graph

1095 Commits

Author SHA1 Message Date
Michael Heuberger
98628622c7
Bump Nextcloud to v25.0.7 (#2268)
Also
- bumps calendar and contacts apps
- adds extra migration steps between these versions
- adds cron job for Calendar updates
- rotates nextloud log file after upgrading
- adds primary key indices migrations
- adjusts configs slightly
- adds more well-known entries in nginx to improve service discovery
- reformats some comments (line-breaking)
2023-06-16 11:49:55 -04:00
downtownallday
d956166164 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox
# Conflicts:
#	README.md
2023-05-21 07:23:55 -04:00
Joshua Tauberer
8b19d15735 Version 62 2023-05-20 08:57:32 -04:00
downtownallday
6a7fc1594d Remove z-push hacks 2023-05-13 13:15:00 -04:00
downtownallday
8270f34acb Merge remote-tracking branch 'upstream/main' into merge-upstream
# Conflicts:
#	setup/webmail.sh
2023-05-13 12:29:18 -04:00
matidau
93380b243f
Update zpush.sh to version 2.7.0 (#2236) 2023-05-13 10:27:42 -04:00
Joshua Tauberer
fb0a3b0489
Restore Roundcube's password reset tool by removing PRAGMA journal_mode = WAL from Roundcube source (#2199) 2023-05-13 10:26:41 -04:00
downtownallday
34bee7f412 Merge remote-tracking branch 'upstream/main' into merge-upstream
# Conflicts:
#	management/templates/index.html
#	setup/nextcloud.sh
#	setup/webmail.sh
2023-05-13 08:28:29 -04:00
Joshua Tauberer
3bc9d07aeb Roundcube 1.6.1 2023-05-13 07:00:54 -04:00
Michael Heuberger
95530affbf
Bump Nextcloud to v23.0.12 and its apps (#2244) 2023-05-13 06:37:24 -04:00
KiekerJan
8aa98b25b5 Update configuration of Roundcube password plugin for Roundcube 1.6 2023-05-13 06:22:28 -04:00
KiekerJan
3c15081673 Remove journal PRAGMA from Roundcube source which broke the database for postfix
See #2185.
2023-05-13 06:20:13 -04:00
Joshua Tauberer
01d8e9f3b4 Revert "Disable Roundcube password plugin since it was corrupting the user database (#2198)"
This reverts commit 1587248762.

See subsequent commits.
2023-05-13 06:20:13 -04:00
downtownallday
a3e446b7c6 workaround occasional logwatch hang 2023-04-20 08:22:05 -04:00
downtownallday
da0506a1d7 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox
# Conflicts:
#	README.md
2023-01-29 10:41:53 -05:00
Joshua Tauberer
6f94412204 v61.1 2023-01-28 11:25:21 -05:00
Hugh Secker-Walker
31bbef3401
chore(setup): Make sed fingerprint patterns in start.sh be case insensitive (#2201) 2023-01-28 11:12:40 -05:00
downtownallday
3c3cd89a13 mods: update copyright 2023-01-25 08:50:19 -05:00
downtownallday
9f5ddc284a Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox
# Conflicts:
#	README.md
2023-01-25 08:49:12 -05:00
Joshua Tauberer
5e3e4a2161 v61 2023-01-21 08:20:48 -05:00
downtownallday
190d7195d3 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox
The roundcube password plugin is not disabled.

# Conflicts:
#	management/utils.py
#	setup/start.sh
#	setup/system.sh
#	setup/webmail.sh
#	tools/editconf.py
2023-01-15 20:35:08 -05:00
Hugh Secker-Walker
57047d96e9
chore(setup): Update obsolete chown group syntax (#2202)
Co-authored-by: Hugh Secker-Walker <hsw+miac@hodain.net>
2023-01-15 08:25:36 -05:00
KiekerJan
1587248762
Disable Roundcube password plugin since it was corrupting the user database (#2198) 2023-01-15 08:22:43 -05:00
KiekerJan
c29593b5ef
explicitly enable fail2ban which didn't start (#2190) 2023-01-15 08:10:04 -05:00
downtownallday
aaff2eebcf setup: copy custom logwatch services and conf, if available 2023-01-07 20:36:04 -05:00
downtownallday
f8bba1b2b8 setup: tighten permissions to setup mods backup in user-data 2022-12-02 15:24:21 -05:00
downtownallday
e0a237c857 Fixes #17: start services after unattended upgrades 2022-12-02 15:09:29 -05:00
downtownallday
36b5a31e82 setup: backup and restore setup mods 2022-11-20 09:08:50 -05:00
downtownallday
7cf55db865 mod: protect the coturn turnserver secret 2022-11-14 17:38:35 -05:00
downtownallday
2114b9a5d2 mods: make the logwatch setup mod cloud-in-a-box friendly 2022-11-14 09:22:48 -05:00
downtownallday
60494e0585 dns: set the remote nextcloud port in *davs._tcp records 2022-11-13 14:08:18 -05:00
downtownallday
44f2aed9e1 ios: set the caldav and carddav hostnames in the mobileconfig plist to that of the remote nextcloud 2022-11-13 13:35:15 -05:00
downtownallday
e5eb7680ae dns: ensure _caldavs._tcp and _carddavs._tcp SRV records point to the remote nextcloud 2022-11-13 12:45:38 -05:00
downtownallday
c743ebe606 zpush: add the latest z-push hack for php 8.0 2022-11-06 08:13:44 -05:00
downtownallday
29b1c29a35 setup: update mods.available/README.md wording 2022-11-06 08:05:32 -05:00
downtownallday
2ac391796e setup: add a setup mod to attach a logwatch report to daily status checks emails 2022-11-06 07:02:33 -05:00
downtownallday
93f7a84f44 roundcube: use the ldap_simple password driver 2022-11-06 06:58:29 -05:00
downtownallday
2134d44730 Add license 2022-10-30 08:46:12 -04:00
downtownallday
4d845a3618 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox
# Conflicts:
#	README.md
2022-10-30 08:21:51 -04:00
Joshua Tauberer
3314c4f7de v60.1 2022-10-30 08:18:13 -04:00
Joshua Tauberer
1f60236985 Upgrade Nextcloud to 23.0.4 (contacts to 4.2.0, calendar to 3.5.0)
This fixes the monthly view calendar items being in random order.
2022-10-30 08:16:54 -04:00
downtownallday
aad837b75e Add setup/enmod.sh to enable setup mods 2022-10-29 09:58:49 -04:00
downtownallday
7fa070aed8 avoid using PYTHONPATH to enable setup mod hooks, which is problematic for managment command line tool use
- save the directory path to setup mods in /etc/mailinabox.conf
- dynamically add the path to python during hook initialization
2022-10-24 16:24:44 -04:00
downtownallday
cac796a5bb Enable compression for wget downloads.
This fixes an issue where unless compression=auto (or compression=gzip) is specified, using wget to download jquery.min.js by setup/management.sh fails with max redirects exceeded.
The man page says --compression is an experimental option, but it doesn't appear to have any problems.
Note that downloading jquery.min.js with curl works fine when wget without --compression fails.
2022-10-20 17:02:04 -04:00
downtownallday
c787437317 Add a setup mod to install roundcube's "larry" skin, which was removed with roundcubemail version 1.6 2022-10-16 15:16:02 -04:00
downtownallday
e636e63862 Setup fixes
1. Autodetect encryption-at-rest and run the correct setup in boostrap and /usr/local/bin/mailinabox
2. Fix bug where directories in the local mod folder are improperly executed causing setup to fail
3. Add a remote_nextcloud.sh setup mod cleanup function for cleaner removal of the mod
2022-10-14 09:27:24 -04:00
downtownallday
9e5ce3e681 Enable "bootstrap" installs 2022-10-13 18:58:44 -04:00
downtownallday
9b62b5dc1a Use an explicit php exectable and package if specified by environment variables 2022-10-13 09:27:58 -04:00
downtownallday
a9d34441fa Update hashes to match upstream's use of github/nextcloud-releases 2022-10-12 08:20:44 -04:00
downtownallday
caf95b1efe Apply license 2022-10-12 07:18:30 -04:00
downtownallday
ec2c878360 Merge branch 'main' of https://github.com/mail-in-a-box/mailinabox into jammyjellyfish2204 2022-10-12 06:57:37 -04:00
Joshua Tauberer
286a4bd9e7 Remove stray quote in bootstrap.sh
Reported at https://discourse.mailinabox.email/t/version-60-for-ubuntu-22-04-is-released/9558/4.
2022-10-12 06:11:02 -04:00
downtownallday
26fa200014 Merge branch 'jammyjellyfish2204' of https://github.com/mail-in-a-box/mailinabox into jammyjellyfish2204
# Conflicts:
#	setup/management.sh
#	setup/nextcloud.sh
2022-10-09 09:30:12 -04:00
Joshua Tauberer
89cd9fb611 Increase gunicorn's worker timeout since some /admin commands take a long time 2022-10-08 08:23:48 -04:00
Joshua Tauberer
22a6270657 Remove old setup step to uninstall acme library 2022-10-08 08:23:48 -04:00
Joshua Tauberer
9b111e2493 Update to Nextcloud 23.0.8 (contacts 4.2.0, calendar 3.5.0) 2022-10-08 07:23:21 -04:00
downtownallday
cc54379ed2 Merge branch 'jammyjellyfish2204' of https://github.com/mail-in-a-box/mailinabox into jammyjellyfish2204
# Conflicts:
#	management/backup.py
2022-09-29 11:10:16 -04:00
jvolkenant
b8feb77ef4
Move postgrey database under $STORAGE_ROOT (#2077) 2022-09-24 13:17:55 -04:00
Joshua Tauberer
3c44604316 Install 'file' package
The command is used in mailinabox-postgrey-whitelist. Reported missing (on systems that don't install it by default) in #2083.
2022-09-24 10:10:50 -04:00
downtownallday
9a381961c5 setting permissions on mail.log fixes the github actions failure for upgrade-to-upstream - this is just clean up 2022-09-22 18:31:59 -04:00
downtownallday
35aa9f7691 try setting mail.log permissions during setup 2022-09-22 18:06:03 -04:00
downtownallday
9b92b394f4 change wording 2022-09-22 13:38:17 -04:00
downtownallday
f6e9fd628c Hide the output from apt-get unless an error occurs 2022-09-22 11:08:02 -04:00
downtownallday
68bc176b00 Don't add firewall rules for the remote nextcloud if it's not accessible 2022-09-22 11:07:34 -04:00
downtownallday
912b78bb47 Change the remote_nextcloud web_update hook handler strategy 2022-09-22 09:35:50 -04:00
downtownallday
53cbabac75 Fix url redirection when a remote nextcloud is used so that .well-known/caldav and carddav work properly, as well as the redirecting /cloud to the remote Nextcloud. Since the nginx config is replaced by the management daemon whenever a new domain is added, this change adds a hooking mechanism for setup mods.Fix url redirection when a remote nextcloud is in use. This corrects redirection for /.well-known/caldav, /.well-known/carddav and /cloud to send the client to the remote nextcloud. This requires an nginx configuration change, and since the nginx config is replaced by the management daemon whenever a new domain is added, this change adds a hooking mechanism for setup mods allowing them to intercept and modify the resultant nginx config. 2022-09-21 15:52:47 -04:00
downtownallday
59e78040bf Hide nextcloud upgrade output 2022-09-20 10:13:34 -04:00
downtownallday
5f8ae763aa Fix an issue where unattended upgrades randomly kick in during setup and cause apt installs, and therefore setup itself, to fail 2022-09-20 10:13:12 -04:00
downtownallday
bf63ca827e Add copyright to source files 2022-09-19 14:45:11 -04:00
downtownallday
603b716ac2 add additional protections to the management daemon's runtime environment 2022-09-18 15:43:10 -04:00
downtownallday
c33153c646 update roundcube contacts url 2022-09-17 21:54:42 -04:00
downtownallday
45d5b7cb25 Merge branch 'jammyjellyfish2204' of https://github.com/mail-in-a-box/mailinabox into jammyjellyfish2204
# Conflicts:
#	setup/webmail.sh
#	tools/editconf.py
2022-09-17 19:54:52 -04:00
kiekerjan
d584a41e60
Update Roundcube to 1.6.0 (#2153) 2022-09-17 09:20:20 -04:00
downtownallday
56074ae035 Tighten roundcube session config (#2138)
Merges #2138.
2022-09-17 09:09:00 -04:00
Steve Hay
84da4e6000 Update dovecot to use same DH parameters file as the other services
Originally from #2157.
2022-09-17 09:07:54 -04:00
Steve Hay
3fd2e3efa9
Replace Flask built-in WSGI server with gunicorn (#2158) 2022-09-17 08:03:16 -04:00
downtownallday
2461e9a36c tighten the cipher list 2022-09-07 16:17:22 -04:00
downtownallday
80decc3f71 fix python error "cannot pickle 'dict_keys' object"
a deep copy of a dictionary with values of type `dict_keys`, required by the underlying ldap3 python3 library, is no longer allowed. they must be a `list` type

actual error:

Traceback (most recent call last):
  File "/mailinabox/setup/migrate.py", line 461, in <module>
    run_miabldap_migrations()
  File "/mailinabox/setup/migrate.py", line 440, in run_miabldap_migrations
    raise e
  File "/mailinabox/setup/migrate.py", line 431, in run_miabldap_migrations
    migration_func(env)
  File "/mailinabox/setup/migrate.py", line 249, in migration_miabldap_1
    users=m13.create_users(env, conn, ldap, ldap_base, ldap_users_base, ldap_domains_base)
  File "/mailinabox/setup/migration_13.py", line 137, in create_users
    dn = add_user(env, ldapconn, ldap_base, ldap_users_base, ldap_domains_base, email, password, privs.split("\n"), totp)
  File "/mailinabox/setup/migration_13.py", line 90, in add_user
    ldapconn.add(dn, objectClasses, attrs)
  File "/usr/lib/python3/dist-packages/ldap3/core/connection.py", line 947, in add
    _attributes = deepcopy(attributes)  # dict could change when adding objectClass values
  File "/usr/lib/python3.10/copy.py", line 146, in deepcopy
    y = copier(x, memo)
  File "/usr/lib/python3.10/copy.py", line 231, in _deepcopy_dict
    y[deepcopy(key, memo)] = deepcopy(value, memo)
  File "/usr/lib/python3.10/copy.py", line 161, in deepcopy
    rv = reductor(4)
TypeError: cannot pickle 'dict_keys' object
2022-09-05 17:20:41 -04:00
downtownallday
cc0a6d25cb z-push hack for php 8.0: change a debug print statement and make a policies.ini change 2022-09-05 15:32:24 -04:00
downtownallday
9783b8bbbc sync should be true for a nextcloud backend 2022-09-05 15:29:39 -04:00
downtownallday
cb50405864 roundcube 1.6 2022-09-05 14:12:52 -04:00
downtownallday
ae173fcdc6 Update app hashes for NC 21 and 22 upgrades 2022-09-05 14:12:29 -04:00
downtownallday
f63488aa1a Merge branch 'master' into jammyjellyfish2204
# Conflicts:
#	setup/management.sh
#	setup/mods.available/connect-nextcloud-to-miab.sh
#	setup/start.sh
#	setup/webmail.sh
#	tests/lib/carddav.sh
#	tests/lib/system.sh
#	tests/system-setup/setup-defaults.sh
#	tests/system-setup/setup-funcs.sh
#	tests/system-setup/upgrade.sh
2022-09-05 10:30:45 -04:00
downtownallday
549fdbf97a Merge branch 'jammyjellyfish2204' of https://github.com/mail-in-a-box/mailinabox into jammyjellyfish2204
# Conflicts:
#	setup/management.sh
2022-09-05 09:30:19 -04:00
Joshua Tauberer
91fc74b408 Setup fixes for Ubuntu 22.04
Nextcloud:
* The Nextcloud user_external 1.0.0 package for Nextcloud 21.0.7 isn't available from Nextcloud's releases page, but it's not needed in an intermediate upgrade step (hopefully), so we can skip it.
* Nextcloud updgrade steps should not be elifs because multiple intermediate upgrades may be needed.
* Continue if the user_external backend migration fails. Maybe it's not necessary. It gives a scary error message though.
* Remove a line that removes an old file that hasn't been in use since 2019 and the expectation is that Ubuntu 22.04 installations are on fresh machines.

Backups:
* For duplicity, we now need boto3 for AWS.
2022-09-03 07:50:36 -04:00
downtownallday
72bee52bd7 fix detection of installation status of contacts app - the grep for "contacts" should not match app "contactsintegration" 2022-08-18 10:36:09 -04:00
downtownallday
cac187756d Merge branch 'jammyjellyfish2204' of https://github.com/mail-in-a-box/mailinabox into jammyjellyfish2204
# Conflicts:
#	CHANGELOG.md
#	README.md
#	management/ssl_certificates.py
#	setup/bootstrap.sh
#	setup/dns.sh
#	setup/management.sh
#	setup/nextcloud.sh
#	setup/preflight.sh
#	setup/start.sh
#	setup/webmail.sh
#	tests/test_mail.py
#	tools/editconf.py
2022-07-28 17:20:57 -04:00
David Duque
e0c0b5053c Upgrade Nextcloud External User Backend to v3.0.0
Co-Authored-By: Joshua Tauberer <jt@occams.info>
2022-07-28 14:42:51 -04:00
Joshua Tauberer
268b31685d Ensure STORAGE_ROOT has a+rx permission since processes run by different system users need to access files within it 2022-07-28 14:42:51 -04:00
Joshua Tauberer
ab71abbc7c Update to latest cryptography Python package, add missing source at top of management.sh so it can run standalone (needs STORAGE_ROOT) 2022-07-28 14:42:51 -04:00
Joshua Tauberer
87e6df9e28 Fix roundcube dependency missing imap and unneeded ldap 2022-07-28 14:42:51 -04:00
Felix Matouschek
558f2db31f system.sh: Remove no longer needed haveged (#2090)
Starting from kernels 5.6 haveged is obsolete. Therefore remove it in
Ubuntu 22.04.

See https://github.com/jirka-h/haveged/issues/57
2022-07-28 14:42:51 -04:00
Joshua Tauberer
0a7b9d5089 Update dovecot, spampd settings for Ubuntu 22.04
* dovecot's ssl_protocols became ssl_min_protocol in 2.3
* spampd fixed a bug so we can remove lmtp_destination_recipient_limit=1 in postfix
2022-07-28 14:34:45 -04:00
Joshua Tauberer
1eddf9a220 Upgrade to Nextcloud 23.0.4
The first version supporting PHP 8.0 is Nextcloud 21. Therefore we can add migrations only to Nextcloud 21 forward, and so we only support migrating from Nextcloud 20 (Mail-in-a-Box versions v0.51+). Migration steps through Nextcloud 21 and 22 are added.

Also:

* Fix PHP APUc settings to be before Nextcloud tools are run.
2022-07-28 14:34:45 -04:00
Joshua Tauberer
78d71498fa Upgrade from PHP 7.2 to 8.0 for Ubuntu 22.04
* Add the PHP PPA.
* Specify the version when invoking the php CLI.
* Specify the version in package names.
* Update paths to 8.0 (using a variable in the setup scripts).
* Update z-push's php-xsl dependency to php8.0-xml.
* php-json is now built-into PHP.

Although PHP 8.1 is the stock version in Ubuntu 22.04, it's not supported by Nextcloud yet, and it likely will never be supported by the the version of Nextcloud that succeeds the last version of Nextcloud that supports PHP 7.2, and we have to install the next version so that an upgrade is permitted, so skipping to PHP 8.1 may not be easily possible.
2022-07-28 14:02:46 -04:00
Joshua Tauberer
b41a0ad80e Drop some hacks that we needed for Ubuntu 18.04
* certbot's PPA is no longer needed because a recent version is now included in the Ubuntu respository.
* Un-pin b2sdk (reverts 69d8fdef99 and d829d74048).
* Revert boto+s3 workaround for duplicity (partial revert of 99474b348f).
* Revert old "fix boto 2 conflict on Google Compute Engine instances" (cf33be4596) which is probably no longer needed.
2022-07-28 14:02:46 -04:00
Daniel Mabbett
8cb360fe36 Configure nsd listening interfaces before installing nsd so that it does not interfere with bind9 2022-07-28 14:02:46 -04:00
Joshua Tauberer
f534a530d4 Update and drop some package and file names for Ubuntu 22.04
* Fix path to bind9 startup options file in Ubuntu 22.04.
* tinymce has not been a Roundcube requirement recently and is no longer a package in Ubuntu 22.04
* Upgrade Vagrant box to Ubuntu 22.04
2022-07-28 14:02:46 -04:00
Joshua Tauberer
2abcafd670 Update Ubuntu version checks from 18.04 to 22.04 2022-07-28 14:02:44 -04:00
downtownallday
27dcb5d7ca Enable fail2ban for z-push and add a test for it 2022-07-18 15:52:04 -04:00