Joshua Tauberer
b80f225691
Reorganize MFA front-end and add label column
2020-09-27 08:31:23 -04:00
Joshua Tauberer
a8ea456b49
Reorganize the MFA backend methods
2020-09-26 09:58:25 -04:00
Felix Spöttel
7c4eb0fb70
Add sqlite migration
2020-09-03 19:39:29 +02:00
Felix Spöttel
ee01eae55e
Decouple totp from users table by moving to totp_credentials table
...
* this allows implementation of other mfa schemes in the future (webauthn)
* also makes key management easier and enforces one totp credentials per user on db-level
2020-09-03 19:07:21 +02:00
Felix Spöttel
f205c48564
Use pyotp for validating TOTP codes
...
* also implements resynchronisation support via `pyotp`'s `valid_window option
2020-09-02 19:12:15 +02:00
Felix Spöttel
a7a66929aa
add user interface for managing 2fa
...
* update user schema with 2fa columns
2020-09-02 16:48:23 +02:00
Joshua Tauberer
0d72566c99
Merge v0.48 point release branch
2020-08-26 14:11:56 -04:00
Joshua Tauberer
62db58eaaf
v0.48
2020-08-26 14:11:01 -04:00
Joshua Tauberer
891de8d6c3
Upgrade Roundcube to 1.4.8
...
Merges #1809
2020-08-26 14:10:04 -04:00
Joshua Tauberer
65983b8ac7
Merge v0.47 point release branch
2020-07-29 10:27:06 -04:00
hija
56d0289ed9
v0.47
2020-07-29 10:24:56 -04:00
Marcus Bointon
f253c40012
[backport] Add rate limiting of SSH in the firewall ( #1770 )
...
See #1767 . Backport of cfc8fb484c
.
2020-07-29 10:24:23 -04:00
Hilko
2c34a6df2b
Update roundcube to 1.4.7
2020-07-29 10:15:12 -04:00
Marcus Bointon
cd518e6820
Raise Dovecot per user connection limit ( #1799 )
2020-07-27 06:37:52 -04:00
Joshua Tauberer
224242dfde
Merge v0.46 point release branch
2020-06-11 12:25:49 -04:00
Joshua Tauberer
049bfb6f7f
v0.46
2020-06-11 12:23:18 -04:00
Joshua Tauberer
12d60d102b
Update Roundcube to 1.4.6
...
Fixes #1776
2020-06-11 12:21:17 -04:00
Faye Duxovni
41642f2f59
[backport] Fix roundcube error log file path in setup script ( #1775 )
2020-06-11 12:16:53 -04:00
Faye Duxovni
339c330b4f
Fix roundcube error log file path in setup script ( #1775 )
2020-06-07 09:50:04 -04:00
Marcus Bointon
cfc8fb484c
Add rate limiting of SSH in the firewall ( #1770 )
...
See #1767 .
2020-06-07 09:47:51 -04:00
Joshua Tauberer
10bedad3a3
MTA-STS tweaks, add status check using postfix-mta-sts-resolver, change to enforce
2020-05-29 15:36:52 -04:00
A. Schippers
afc9f9686a
Publish MTA-STS policy for incoming mail ( #1731 )
...
Co-authored-by: Daniel Mabbett <triumph_2500@hotmail.com>
2020-05-29 15:30:07 -04:00
Joshua Tauberer
7de8fc9bc0
v0.45
2020-05-16 06:45:23 -04:00
clonejo
8fe33da85d
Run nightly tasks on a random minute after 03:00 to avoid overload ( #1754 )
...
- The MIAB version check regularly fails at 03:00, presumably because a
large portion of installations is checking mailinabox.email at the same
time.
- At installation time, the time of the nightly clock is configured to
run at a random minute after 03:00, but before 04:00.
- Users might expect the nightly tasks to be over at a certain time and
run their own custom tasks afterwards. This could thus interfere with
custom backup routines.
- This breaks reproducibility of the installation process.
- Users might also be surprised by the nightly task time changing after
updating MIAB.
2020-05-10 19:54:45 -04:00
Joshua Tauberer
1353949e42
Upgrade Roundcube to 1.4.4, Nextcloud to 17.0.6, Z-Push to 2.5.2
2020-05-10 19:44:12 -04:00
Stefan
f52749b403
Better return codes after errors in the setup scripts ( #1741 )
2020-04-11 14:18:44 -04:00
Daniel Davis
e224fc6656
Delete unused function apt_add_repository_to_unattended_upgrades ( #1721 )
...
The function apt_add_repository_to_unattended_upgrades is defined
but never called anywhere. It appears that automatic apt updates
are handled in system.sh where the file /etc/apt/apt.conf.d/02periodic
is created. The last call was removed in bbfa01f33a
.
Co-authored-by: ddavis32 <dan@nthdegreesoftware.com>
2020-03-08 09:49:39 -04:00
Joshua Tauberer
30c2c60f59
v0.44
2020-02-15 07:15:09 -05:00
Joshua Tauberer
ddadb6c28a
Roundcube 1.4.2
2020-01-22 03:25:53 -05:00
Michael Kroes
faee29ba8b
Bump Nextcloud to 17.0.2 ( #1702 )
2020-01-22 03:06:17 -05:00
jvolkenant
e6294049bc
Update Roundcube persistent_login plugin ( #1712 )
2020-01-22 02:58:04 -05:00
Joshua Tauberer
30885bcc8a
Downgrade TLS settings for port 25, partially reverting f53b18ebb9
...
Port 25 now is aligned with Mozilla's "Old" recommendations at https://ssl-config.mozilla.org/#server=postfix&server-version=3.3.0&config=old&openssl-version=1.1.1 .
See #1705
2020-01-20 14:52:23 -05:00
Joshua Tauberer
385340da46
install openssh-client which provides ssh-keygen and is not present on desktop Ubuntu by default
2019-12-12 11:27:39 -05:00
jvolkenant
0271e549bb
Fix typo in InstallNextcloud calls ( #1693 )
2019-12-10 19:01:09 -05:00
Joshua Tauberer
f53b18ebb9
Upgrade TLS settings
2019-12-01 17:49:36 -05:00
Joshua Tauberer
8567a9b719
Fix upgrade issue broken by 802e7a1f4d
2019-12-01 17:44:12 -05:00
Vasek Sraier
ad9d732608
OpenDKIM canonicalization changed to relaxed for mail headers ( #1620 )
...
Because Mailman reformats headers it breaks DKIM signatures. SPF also does
not apply in mailing lists. This together causes DMARC to fail and mark the
email as invalid. This fixes DKIM signatures for Mailman-based mailing lists
and makes sure DMARC test is passed.
2019-12-01 16:24:38 -05:00
jvolkenant
aa15670dc2
Fixed multiple commented add_header entries in /etc/spamassassin/local.cf ( #1641 )
2019-12-01 16:23:02 -05:00
jvolkenant
81176c8e4b
Fix to prevent multiple commented entries in dovecot conf ( #1642 )
2019-12-01 16:22:17 -05:00
Carl Reinke
960b5d5bbd
Don't use ifquery to check interface state since it is no longer installed ( #1689 )
2019-12-01 16:21:38 -05:00
Carl Reinke
802e7a1f4d
Copy systemd service files before linking to avoid issue with order of mounting filesystems ( #1688 )
2019-12-01 16:15:04 -05:00
Michael Kroes
52c68c6510
Implement Nextcloud php-fpm recommended performance tuning settings ( #1679 )
2019-12-01 16:13:33 -05:00
Michael Kroes
54b1ee9a3d
Nextcloud 17 ( #1676 )
2019-12-01 16:11:00 -05:00
Francesco Montanari
6e3dee8b3b
Upgrade RoundCube to 1.4.1 and set the default skin to elastic ( #1673 )
...
* Upgrade RoundCube to 1.4.0 and set the default skin to elastic
* Install php-ldap extension
* Remove smtp parameters that are now the default
2019-12-01 16:10:04 -05:00
Michael Kroes
91638c7fe0
Removed the postgrey option that specifies which whitelist file to use. This allows the usage of a .local verion ( #1675 )
2019-11-23 07:58:29 -05:00
Michael Kroes
ff8170d5ab
Align nextcloud cron job with recommended settings ( #1680 )
2019-11-23 07:51:22 -05:00
jvolkenant
df80b9fc71
Allow user_external for Nextcloud 16 (and eventually 17) ( #1655 )
2019-11-02 15:28:36 -04:00
jvolkenant
ed02e2106b
Update zpush to 2.5.1 ( #1654 )
2019-10-28 06:27:54 -04:00
Jeff Volkenant
24a567c3be
Fix mailinabox-postgrey-whitelist cron job return code for file over 28 days
...
Merges #1639
2019-10-05 16:27:21 -04:00
Brendan Hide
70f05e9d52
Ensure the universe repository is enabled
...
A minimal Ubuntu server installation might not have universe enabled by
default. By adding it, we ensure we can install packages only available
in universe, such as python3-pip
Merges #1650 .
2019-10-05 16:14:12 -04:00