Commit Graph

30 Commits

Author SHA1 Message Date
Joshua Tauberer 465aaf2d30 check that we're running as root before doing anything 2014-07-16 09:36:31 -04:00
Joshua Tauberer 5a4f5b1874 move the welcome message to after the system checks 2014-07-16 09:36:31 -04:00
Joshua Tauberer c716fd27bf refuse to start if the system has less than 768 MB of RAM, except when testing within Vagrant 2014-07-16 09:36:31 -04:00
Joshua Tauberer 4e5b5f2852 Vagrant typo 2014-07-16 09:36:31 -04:00
Joshua Tauberer fb357dee33 add z-push to the start script 2014-07-12 00:04:56 +00:00
Joshua Tauberer e713af5f5a refactor the mail setup scripts
As the scripts keep growing, it's time to split them up to
keep them understandable.

This splits mail.sh into mail-postfix.sh, mail-dovecot.sh,
and mail-users.sh, which has all of the user database-related
configurations shared by Dovecot and Postfix. Also from
spamassassin.sh the core sieve configuration is moved into
mail-dovecot.sh and the virtual transport setting is moved
into mail-postfix.sh.

Also revising one of the sed scripts in mail-dovecot to
not insert a new additional # at the start of a line each
time the script is run.
2014-07-10 12:49:28 +00:00
Joshua Tauberer 6f51b49671 remove the hard-coded migration ID from setup.sh 2014-07-10 12:49:19 +00:00
Joshua Tauberer 41b3df6d78 manage hostmaster@ and postmaster@ automatically, create administrator@ during setup instead
closes #94
2014-07-09 19:30:17 +00:00
Joshua Tauberer 3d4eadd436 the new migration management in c8856f107d left out the part where we actually keep the system's current MIGRATIONID... it was being lost when setup/start.sh was re-run 2014-07-07 11:29:21 +00:00
Joshua Tauberer c8856f107d migrate the SSL certificates path for non-primary certs to a new layout using a new migration script 2014-06-30 20:41:29 +00:00
Joshua Tauberer b5aa1b0f31 walk the user through choosing the PRIMARY_HOSTNAME by first asking for their email address 2014-06-30 10:20:58 -04:00
Joshua Tauberer fed5959288 s/PUBLIC_HOSTNAME/PRIMARY_HOSTNAME/ throughout 2014-06-30 09:15:36 -04:00
Joshua Tauberer ec6c7d84c1 dont ask for a CSR country code on second runs because the CSR is already generated and any new country code won't be used anyway 2014-06-22 15:36:14 +00:00
Michael Kropat d100a790a0 Remove API_KEY_FILE setting 2014-06-22 08:45:29 -04:00
Michael Kropat 554a28479f Merge remote-tracking branch 'upstream/master' into mgmt-auth
Conflicts:
	management/daemon.py
2014-06-21 21:29:25 -04:00
Michael Kropat 88e496eba4 Update setup scripts to auth against the API 2014-06-22 00:02:52 +00:00
Michael Kropat 067052d4ea Add key-based authentication to management service
Intended to be the simplest auth possible: every time the service
starts, a random key is written to `/var/lib/mailinabox/api.key`. In
order to authenticate to the service, the client must pass the contents
of `api.key` in an HTTP basic auth header. In this way, users who do not
have read access to that file are not able to communicate with the
service.
2014-06-21 23:42:48 +00:00
Joshua Tauberer 67d31ed998 move the SSL setup into its own bash script since it is used for much more than email now 2014-06-21 22:16:46 +00:00
Joshua Tauberer 5faa1cae71 manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for 2014-06-20 01:55:12 +00:00
Michael Kropat fb957d2de7 Populate default values before echoing help text
Testing showed that it may take a few seconds for the default values to
populate.  If the help text is shown, “Enter the public IP address…,”
but no prompt is shown, the user may get confused and try to enter the
IP address before mailinabox has had a chance to figure out and display
a suitable default value.
2014-06-08 18:44:08 -04:00
Michael Kropat ae67409603 Support dual-stack IPv4/IPv6 mail servers
Addresses #3

Added support by adding parallel code wherever `$PUBLIC_IP` was used.
Providing an IPv6 address is completely optional.

Playing around on my IPv6-enabled mail server revealed that — before
this change — mailinabox might try to use an IPv6 address as the value
for `$PUBLIC_IP`, which wouldn't work out well.
2014-06-08 18:32:52 -04:00
Joshua Tauberer b60ca25e53 add comments to the new get_default_hostname etc. functions, and simplify the logic in the Vagrantfile and start.sh so that we always call into the same two functions 2014-06-07 14:57:03 -04:00
Michael Kropat 43ef49c737 Improve hostname/IP default values
Default IP+hostname values were incorrect for my VPS provider. I
improved the detection, which should give correct results results for
almost any provider. Specific issues addressed:

- icanhazip.com detection was only enabled in non-interactive mode
- `hostname` is by convention a short (non-fqdn) name in Ubuntu
- `hostname --fqdn` fails if provider does not pouplate `hosts` file
- `hostname -i` fails if provider does not populate `hosts` file
- `curl` without `--fail` will someday return crazy results
  when icanhazip.com returns 500 errors or similar
2014-06-07 14:11:42 -04:00
Joshua Tauberer f1dac1fe13 show less output when updating DNS configuration 2014-06-06 10:51:36 -04:00
Joshua Tauberer cab7321dbb remove vestigal docker compatibility that prevented starting services during setup 2014-06-04 20:04:26 -04:00
Joshua Tauberer 295981828f Vagrantize
* adding a Vagrantfile
* in a non-interactive setup like this, create the user's first email account for them
* let the machine auto-detect its IP address using http://icanhazip.com/
* use our own justtesting.email domain to provision a subdomain for users so they can quickly get started
2014-06-04 19:39:58 -04:00
Joshua Tauberer bb7905aefd on second and later runs of start.sh, recall the inputs the user entered the last time 2014-06-03 21:31:13 +00:00
Joshua Tauberer 24edd5ce91 the SSL CSR must be generated with a country code 2014-06-03 21:17:10 +00:00
Joshua Tauberer c54b0cbefc move management into a daemon service running as root
* Created a new Python/flask-based management daemon.
* Moved the mail user management core code from tools/mail.py to the new daemon.
* tools/mail.py is a wrapper around the daemon and can be run as a non-root user.
* Adding a new initscript for the management daemon.
* Moving dns_update.sh to the management daemon, called via curl'ing the daemon's API.

This also now runs the DNS update after mail users and aliases are added/removed,
which sets up new domains' DNS as needed.
2014-06-03 13:56:40 +00:00
Joshua Tauberer da15ae5375 rename the scripts directory to setup 2014-06-03 11:12:38 +00:00