Commit Graph

73 Commits

Author SHA1 Message Date
Joshua Tauberer 6d473f81ac add more postfix rules: reject_non_fqdn_sender, reject_unknown_sender_domain, reject_rhsbl_sender, and permit_dnswl_client 2014-05-15 12:10:35 +00:00
Joshua Tauberer 091a58ac94 dns_update needs to run with bash when run directly, see #39 2014-05-12 23:38:55 +00:00
Joshua Tauberer d5971e383b add ADSP and DMARC records; see #14 2014-05-10 11:58:27 +00:00
Joshua Tauberer a8938e107e DKIM: For the benefit of ADSP and DMARC (not yet impl), each sending domain should be its signing domain 2014-05-10 11:58:27 +00:00
Joshua Tauberer cfcb5f5bbd merge: @PirosB3 and @pjz suggested using pjzz/phusion-baseimage as the base image for docker
See http://phusion.github.io/baseimage-docker/ for why the stock Ubuntu
image from Docker is not good enough for a complex system.

Thanks to @pjz for updating the base image for Ubuntu 14.04 and starting
the service scripts.

see #16; merges #49
2014-05-06 10:05:14 -04:00
Joshua Tauberer 63ef8f7b04 missing wget dependency used by roundcube installation 2014-05-06 10:02:06 -04:00
Joshua Tauberer e247929386 docker: don't start services ourself
* let the base image's system services manager handle it
* move our container start script to occur before system services are started
2014-05-06 10:00:30 -04:00
Joshua Tauberer 1db0dd3092 system.sh: make apt-get upgrade quieter 2014-05-06 09:57:11 -04:00
Joshua Tauberer 189dd6000e docker: re-run the start script on the container's first run because it won't know its hostname or IP address until then 2014-05-02 14:23:56 -04:00
Joshua Tauberer 3fdcbe542f don't ask the user to create an email account if the shell is non-interactive and provide a better default for the domain name 2014-05-02 14:22:59 -04:00
Joshua Tauberer 89bb5da986 dns: missing dependency on bc 2014-05-02 14:18:26 -04:00
Joshua Tauberer acec82950b docker: disable the ufw firewall because it is not supported in a docker container and produces a lot of error output (by reverting a510e08f9e and setting an environment variable) 2014-05-01 22:39:45 -04:00
Randall Randall 8fcb10cc0a don't reject alias-only domains 2014-05-01 22:14:04 +00:00
Joshua Tauberer 74ec3d9696 ssl: there is no need to use -des3 in key generation if we're just going to remove the passphrase
thanks @konklone for discussion
2014-05-01 16:47:24 -04:00
Joshua Tauberer 19f5f144ae installing roundcube from debian would cause update from ubuntu later, now install from Ubuntu debs
We were installing .deb's from Debian. The next apt-get upgrade would cause roundcube to be upgraded.
Maybe that also triggered the installation of apache. Now install roundcube from Ubuntu. So long as
Ubuntu doesn't post an update to roundcube, at least it won't trigger an upgrade on the next
apt-get upgrade. This should also mean we don't need to purge the installation of apache2.

Also try using apt-mark hold to prevent roundcube from being updated, in case that will trigger
dependencies.
2014-05-01 20:34:41 +00:00
Joshua Tauberer e413680f62 add a bash function ufw_allow which calls 'ufw allow' but hides its totally useless output 2014-05-01 19:35:18 +00:00
Joshua Tauberer 66269f910f make a bash function to use everywhere we apt-get-install (`DEBIAN_FRONTEND=noninteractive apt-get -qq -y `)
ensures the output is quiet
2014-05-01 19:24:16 +00:00
Randall Randall abe277e393 Use STORAGE_ROOT in DSN 2014-04-30 14:52:23 -04:00
Randall Randall 410a91504e Use STORAGE_ROOT where appropriate 2014-04-30 14:50:11 -04:00
Randall Randall 43461fc14b enable and configure password-change plugin for roundcube 2014-04-30 13:07:15 -04:00
Joshua Tauberer 296d2941db 'service nsd rebuild' is no longer a thing
Seems like it was removed in nsd4 (since Ubuntu 14.04). It now
silently does nothing.

Fixes #41.
2014-04-26 11:47:31 +00:00
Joshua Tauberer 7c5c9774ea Merge pull request #34 from daniellawrence/handle_no_sshd
move the ssh PasswordAuthentication check to after installing ssh
2014-04-25 09:23:19 -04:00
Joshua Tauberer 58881f72db instead of installing roundcube from Ubuntu (before replacing it), just install the dependencies we need 2014-04-25 12:40:32 +00:00
Joshua Tauberer bb62c433fc minor fixes to comments, argument order (consistency?), the github URL changed long ago 2014-04-25 12:25:07 +00:00
Joshua Tauberer 9bab925123 use purge to get rid of apache 2014-04-25 11:41:50 +00:00
Joshua Tauberer a510e08f9e enable ufw firewall again
I had previously awkwardly disabled it because on my VPS the necessary kernel
module wasn't available. I meant to make it an option, but instead I took
out the apt-get install. Now it works for me so I'm putting everything back.
2014-04-24 17:09:34 +00:00
Daniel Lawrence 63223f6b51 Install openssh-server to ensure that the end result is consistent across all Mail-in-a-Boxes. 2014-04-25 00:31:37 +10:00
Joshua Tauberer 07b43c2bba set dovecot postmaster_address setting, fixes #31 2014-04-24 11:58:53 +00:00
Joey Pereira 7752defaa9 force scripts into bash, only supported shell 2014-04-23 18:54:05 -04:00
Joshua Tauberer 1c02803b50 tweak @randallsquared's workaround for the nsd package's brokenness 2014-04-23 18:40:33 -04:00
Randall Randall c7e1e29ddf Add conditional to avoid errors if nsd exists 2014-04-23 17:53:59 -04:00
root 7146a64f95 Merge branch 'master' of https://github.com/JoshData/mailinabox 2014-04-23 15:56:04 -04:00
Randall Randall 4e6037c0e1 fix nsd package deficiency 2014-04-23 15:41:25 -04:00
Keats 36ccbffddd Fix install on Ubuntu 14.04 2014-04-23 19:58:13 +01:00
Joshua Tauberer fe3485e13a spamassassin: enable pyzor
Not sure if I've tested this. Also because of graylisting there's not much of a need
to do sophisticated spam filtering, at least based on the email I get.
2014-04-23 12:48:04 -04:00
Joshua Tauberer 6fd768d6ee update to @konklone's latest nginx SSL configuration recommendations 2014-04-17 20:27:52 -04:00
Joshua Tauberer 304bf3d360 update for Ubuntu 14.04 2014-04-17 20:17:24 -04:00
Joshua Tauberer 9dc665e7cd remove apache before installing nginx --- it's not needed and will start complaining about the port being in use, or it might interfere with nginx 2014-04-17 18:01:14 -04:00
Joshua Tauberer d5fe5bd2a2 php-fcgid should have been configured in web.sh not webmail.sh
When I re-did this, I left in an old reference to the php-fcgid
script that never made it into the repo. Deleting that and moving
the php-fcgid configuration on top of it.

fixes #9
see 2ebd9706ec
2014-03-17 01:46:47 +00:00
Joshua Tauberer 511453adf7 update how we get the missing roundcube SQL directory: not sure previous URL was correct, should also match the deb version 2014-03-17 01:05:02 +00:00
Joshua Tauberer ebf19c197d bump roundcube version since the Debian ftp site isn't providing the previous version anymore 2014-03-17 00:52:20 +00:00
Joshua Tauberer 97083a1e0c to run webmail.sh directly, it needs to source the global variables 2014-03-17 00:46:59 +00:00
Joshua Tauberer 84e8ac25b8 block users who aren't running the distro that the docs specifically require 2014-03-17 00:42:00 +00:00
Joshua Tauberer 2ebd9706ec add php-fastcgi init script to start the FastCGI process needed to run Roundcube (and any other PHP scripts, really) 2014-03-17 00:03:19 +00:00
Joshua Tauberer 0564136bd7 advertise who we are in the SMTP 220 banner 2014-03-16 22:38:42 +00:00
Joshua Tauberer d4465d7ea3 paste my KNC entry into the README, move docs to a new file 2014-03-16 17:38:05 -04:00
Joshua Tauberer f27ef21f53 install Python 3, fixes #4 2014-03-16 16:50:24 -04:00
Joshua Tauberer 5b4af391d5 set the postfix helo string to the machine's hostname, overriding the Debian default 'localhost', since some MTAs require a hostname there 2014-01-27 15:46:32 +00:00
Joshua Tauberer 08e7c315c9 fix a -z test, quotes needed 2014-01-27 15:46:32 +00:00
Joshua Tauberer 9cd5fc34a9 refactoring dns_update: use global vars stored in /etc/mailinabox.conf 2013-09-08 11:47:27 +00:00