Joshua Tauberer
5fd107cae5
more work on making the bash scripts readable
2014-10-04 17:57:26 -04:00
Joshua Tauberer
db0967446b
remove unnecessary sudos
2014-10-04 14:06:08 -04:00
Joshua Tauberer
4ae76aa2dd
dnssec: use RSASHA256 keys for .email domains
2014-10-04 17:29:42 +00:00
Joshua Tauberer
9d40a12f44
first pass at making readable documentation by parsing the bash scripts
2014-09-21 13:43:31 -04:00
Joshua Tauberer
10a37cd033
add SSHFP records to DNS
2014-08-27 12:59:40 +00:00
Joshua Tauberer
56c7d7436e
warn that generating DNSSEC keys takes a while (still slow in some virtualized environments)
2014-08-17 11:50:05 -04:00
Joshua Tauberer
86ec0f6da7
the cron job to re-sign DNSSEC zones was still not working because the script needed a hash-bang line; what I did in 65c3a44e63
didn't actually fix the problem
2014-07-25 12:15:30 +00:00
Joshua Tauberer
621fcc2233
use /dev/random for crypto-grade RNG with the help of haveged
...
Rather than pass `-r /dev/random` to ldns-keygen (it was `-r /dev/urandom`),
don't pass `-r` at all since /dev/random is the default.
Merges branch 'master' of github.com:pysiak/mailinabox
2014-07-21 07:31:14 -04:00
solt
69f0e1d07a
Use /dev/random instead of /dev/urandom
...
/dev/random should be used for crypto-grade RNG.
To make sure use of /dev/random doesn't stall due to lack of entropy, install haveged which fills the entropy pool with sources such as network traffic, key strokes, etc.
On branch master
Your branch is up-to-date with 'origin/master'.
Changes to be committed:
modified: setup/dns.sh
modified: setup/system.sh
modified: setup/webmail.sh
2014-07-20 23:14:13 +02:00
Joshua Tauberer
65c3a44e63
the cron job to re-sign DNSSEC zones wasnt working after adding the API key to the management daemon because the script relied on a bash-ism but cron runs it with (probably) sh
2014-07-19 16:31:05 +00:00
Michael Kropat
88e496eba4
Update setup scripts to auth against the API
2014-06-22 00:02:52 +00:00
Joshua Tauberer
88709506f8
add DNSSEC
...
* sign zones
* in a cron job, periodically re-sign zones because they expire (not tested)
2014-06-17 22:21:12 +00:00
Joshua Tauberer
c925f72b0b
remove obsoleted parts of setup/dns.sh
...
Now that dns_update is a part of the management daemon, we no
longer are using STORAGE_ROOT/dns for anything.
2014-06-12 20:18:55 -04:00
Joshua Tauberer
2f0d036504
the bc package is no longer needed since redoing dns_update
2014-06-04 17:27:01 -04:00
Joshua Tauberer
da15ae5375
rename the scripts directory to setup
2014-06-03 11:12:38 +00:00