github@kiekerjan.isdronken.nl
11644ef93c
merging master
2022-02-01 21:37:40 +01:00
github@kiekerjan.isdronken.nl
99c960fc56
dkimpy dev and nextcloud installation details
2022-02-01 21:36:06 +01:00
github@kiekerjan.isdronken.nl
3350fecd92
backport fix for dns resolver in python3-dkim
2022-02-01 21:36:06 +01:00
github@kiekerjan.isdronken.nl
8d5f52db0f
update nextcloud and webmail plugins
2022-02-01 21:36:06 +01:00
jvolkenant
28b801607d
Don't die if column already exists on Nextcloud 18 upgrade ( #2078 )
2022-02-01 21:36:02 +01:00
KiekerJan
2f86aa4eee
upgraded nextcloud to 22
2022-02-01 21:31:30 +01:00
KiekerJan
a041737f88
move command to web.sh setup
2022-02-01 21:31:30 +01:00
KiekerJan
2496f4783f
upgrade nextcloud to 21
2022-02-01 21:31:30 +01:00
Ilnahro
e952a69486
Include rsync to the installed basic packages ( #2067 )
...
Some VPS providers strip this package from their Ubuntu 18.04 VM images. This will help avoid errors.
2022-02-01 21:31:15 +01:00
Joshua Tauberer
3a7de051ee
Version 56 (January 19, 2022)
2022-01-19 16:59:34 -05:00
Joshua Tauberer
d1d6318862
Set systemd journald log retention to 10 days (from no limit) to reduce disk usage
2022-01-08 09:11:48 -05:00
Joshua Tauberer
34b7a02f4f
Update Roundcube to 1.5.2
2022-01-08 09:00:12 -05:00
Joshua Tauberer
a312acc3bc
Update to Nextcloud 20.0.8 and update apps
2022-01-08 09:00:12 -05:00
github@kiekerjan.isdronken.nl
21d4817998
dkimpy dev and nextcloud installation details
2022-01-06 22:06:27 +01:00
github@kiekerjan.isdronken.nl
96768f1fcb
backport fix for dns resolver in python3-dkim
2021-12-31 00:33:34 +01:00
github@kiekerjan.isdronken.nl
bf06639c78
merge from master
2021-12-29 22:36:23 +01:00
github@kiekerjan.isdronken.nl
acc9ebd68f
update nextcloud and webmail plugins
2021-12-29 22:27:15 +01:00
github@kiekerjan.isdronken.nl
73833e9e76
merge master
2021-12-28 23:33:22 +01:00
KiekerJan
e98a86b8d0
merge upstream
2021-12-28 23:12:08 +01:00
jvolkenant
c92fd02262
Don't die if column already exists on Nextcloud 18 upgrade ( #2078 )
2021-12-25 10:17:34 -05:00
github@kiekerjan.isdronken.nl
acfc71e7fd
correct dns tag for DKIM key
2021-12-11 01:00:02 +01:00
github@kiekerjan.isdronken.nl
ded1b55ebd
First steps in migrating to dkimpy-milter
2021-12-11 00:54:56 +01:00
kiekerjan
c1bfc20952
Merge pull request #11 from kiekerjan/upgrade-nextcloud
...
Upgrade nextcloud
2021-12-08 21:39:10 +01:00
KiekerJan
617dcbded9
merge upstream
2021-12-08 21:35:10 +01:00
KiekerJan
19be771769
upgraded nextcloud to 22
2021-12-07 22:41:00 +01:00
KiekerJan
fa9bcbe8d2
move command to web.sh setup
2021-12-06 23:25:31 +01:00
KiekerJan
9850ae5420
upgrade nextcloud to 21
2021-12-06 23:22:11 +01:00
Ilnahro
50a5cb90bc
Include rsync to the installed basic packages ( #2067 )
...
Some VPS providers strip this package from their Ubuntu 18.04 VM images. This will help avoid errors.
2021-11-30 19:50:01 -05:00
KiekerJan
53c6c0fcc4
update nextcloud to 2.0.14
2021-11-17 00:25:05 +01:00
KiekerJan
2e397aea62
postgrey remembers
2021-11-14 16:12:06 +01:00
KiekerJan
5da3803697
password needs to be editable in case totp is enabled in nextcloud, an application specific password is to be used to access nextcloud address book
2021-11-07 22:55:48 +01:00
KiekerJan
daff60ee13
add totp two factor auth to nextcloud
2021-11-07 22:54:43 +01:00
kiekerjan
d36b3e9030
Merge branch 'mail-in-a-box:main' into master
2021-11-06 23:39:28 +01:00
jvolkenant
58b0323b36
Update persistent_login for Roundcube 1.5 ( #2055 )
2021-11-04 18:59:10 -04:00
KiekerJan
2741affa48
Merge branch 'master' of github.com:kiekerjan/mailinabox
2021-11-04 00:32:14 +01:00
github@kiekerjan.isdronken.nl
7c11022fb5
merge upstream
2021-11-04 00:26:53 +01:00
KiekerJan
9c35f4d5f5
add totp two factor auth to roundcube
2021-10-28 21:56:50 +02:00
KiekerJan
be899f2b9e
avoid a runaway /64 in jail.conf
2021-10-25 16:44:25 +02:00
KiekerJan
91d4dfc88c
fix downloaded version of nextcloud contacts app
2021-10-25 16:24:18 +02:00
KiekerJan
5403f7eea7
updated version nextcloud
2021-10-25 00:09:32 +02:00
github@kiekerjan.isdronken.nl
eeada2b9b5
merge changes from V55 upstream
2021-10-19 23:07:02 +02:00
Joshua Tauberer
65861c68b7
Version 55
2021-10-18 20:40:51 -04:00
Joshua Tauberer
71a7a3e201
Upgrade to Roundcube 1.5
2021-10-18 20:40:51 -04:00
Joshua Tauberer
113b7bd827
Disable SMTPUTF8 in Postfix because Dovecot LMTP doesn't support it and bounces messages that require SMTPUTF8
...
By not advertising SMTPUTF8 support at the start, senders may opt to transmit recipient internationalized domain names in IDNA form instead, which will be deliverable.
Incoming mail with internationalized domains was probably working prior to our move to Ubuntu 18.04 when postfix's SMTPUTF8 support became enabled by default.
The previous commit is retained because Mail-in-a-Box users might prefer to keep SMTPUTF8 on for outbound mail, if they are not using internationalized domains for email, in which case the previous commit fixes the 'relay access denied' error even if the emails aren't deliverable.
2021-09-24 08:11:36 -04:00
Joshua Tauberer
3e19f85fad
Add domain maps from Unicode forms of internationalized domains to their ASCII forms
...
When an email is received by Postfix using SMTPUTF8 and the recipient domain is a Unicode internationalized domain, it was failing to be delivered (bouncing with 'relay access denied') because our users and aliases tables only store ASCII (IDNA) forms of internationalized domains. In this commit, domain maps are added to the auto_aliases table from the Unicode form of each mail domain to its IDNA form, if those forms are different. The Postfix domains query is updated to look at the auto_aliases table now as well, since it is the only table with Unicode forms of the mail domains.
However, mail delivery is still not working since the Dovecot LMTP server does not support SMTPUTF8, and mail still bounces but with an error that SMTPUTF8 is not supported.
2021-09-24 08:11:36 -04:00
Joshua Tauberer
11e84d0d40
Move automatically generated aliases to a separate database table
...
They really should never have been conflated with the user-provided aliases.
Update the postfix alias map to query the automatically generated aliases with lowest priority.
2021-09-24 08:11:36 -04:00
drpixie
df46e1311b
Include NSD config files from /etc/nsd/nsd.conf.d/*.conf ( #2035 )
...
And write MIAB dns zone config into /etc/nsd/nsd.conf.d/zones.conf. Delete lingering old zones.conf file.
Co-authored-by: Joshua Tauberer <jt@occams.info>
2021-09-24 08:07:40 -04:00
Joshua Tauberer
e884c4774f
Replace HMAC-based session API keys with tokens stored in memory in the daemon process
...
Since the session cache clears keys after a period of time, this fixes #1821 .
Based on https://github.com/mail-in-a-box/mailinabox/pull/2012 , and so:
Co-Authored-By: NewbieOrange <NewbieOrange@users.noreply.github.com>
Also fixes #2029 by not revealing through the login failure error message whether a user exists or not.
2021-09-06 09:23:58 -04:00
Joshua Tauberer
700188c443
Roundcube 1.5 RC
2021-09-06 09:23:58 -04:00
KiekerJan
9b39251469
active roundcube markasjunk plugin
2021-09-03 22:23:00 +02:00
github@kiekerjan.isdronken.nl
4b260354c2
revert carddav plugin install
2021-08-02 22:47:42 +02:00
github@kiekerjan.isdronken.nl
75f14a0735
make plugin installation of carddav like other git based installs
2021-08-02 22:09:04 +02:00
github@kiekerjan.isdronken.nl
a3b7878ef4
add contextmenu plugin
2021-08-02 00:44:47 +02:00
github@kiekerjan.isdronken.nl
bd9952704a
mute re indexing, could be lots of noise on existing installs
2021-08-02 00:27:45 +02:00
KiekerJan
cf6eac0d0c
add nginx security headers
2021-08-02 00:05:12 +02:00
KiekerJan
1f35158211
use predefined DHE field groups
2021-08-01 23:09:59 +02:00
github@kiekerjan.isdronken.nl
dbf029b399
remove old ciphers from postfix
2021-08-01 22:49:25 +02:00
KiekerJan
87be897d36
update DH security to 4096
2021-08-01 21:52:37 +02:00
KiekerJan
f6450c1cae
update obsolete settings
2021-07-31 21:43:25 +02:00
KiekerJan
104d40e819
add alternative sshd port to ssh jail
2021-07-31 21:42:57 +02:00
KiekerJan
128541d506
add alternative sshd port to ssh jail
2021-07-31 21:36:38 +02:00
github@kiekerjan.isdronken.nl
1315e02cba
mail homes and correct use of STORAGE PATH
2021-07-19 21:41:50 +02:00
github@kiekerjan.isdronken.nl
afe078ce32
remove compression for dovecot
2021-07-19 21:34:51 +02:00
KiekerJan
af079a1139
enable compression for dovecot mailboxes
2021-07-04 20:09:29 +02:00
github@kiekerjan.isdronken.nl
050c77a49a
fix sed order
2021-06-27 22:14:57 +02:00
github@kiekerjan.isdronken.nl
212b9a31df
add definition of admin ipv6 address
2021-06-27 22:12:15 +02:00
KiekerJan
606e66fe80
fixes
2021-06-22 23:33:11 +02:00
github@kiekerjan.isdronken.nl
ca5fb3c2e0
Merge changes from upstream v0.54
2021-06-20 23:36:54 +02:00
Joshua Tauberer
4cb46ea465
v0.54
2021-06-20 15:50:04 -04:00
KiekerJan
cc234c2cab
add notes app to nextcloud
2021-06-12 09:52:37 +02:00
KiekerJan
95712e196b
remove chkrootkit,too many false positives
2021-06-05 09:53:07 +02:00
KiekerJan
a24c01973f
doveadm fts rescan clears the indices, we don't want that
2021-05-30 21:11:47 +02:00
KiekerJan
5fa27b27e2
make security settings more strict for postfix
2021-05-29 00:18:43 +02:00
Joshua Tauberer
d510c8ae2a
Enable and recommend port 465 for mail submission instead of port 587 ( fixes #1849 )
...
Port 465 with "implicit" (i.e. always-on) TLS is a more secure approach than port 587 with explicit (i.e. optional and only on with STARTTLS). Although we reject credentials on port 587 without STARTTLS, by that point credentials have already been sent.
2021-05-15 16:42:14 -04:00
github@kiekerjan.isdronken.nl
9bd34141bf
add extra munin plugins
2021-05-14 00:12:11 +02:00
github@kiekerjan.isdronken.nl
d1b45945b0
cleanup
2021-05-09 21:47:14 +02:00
KiekerJan
8f4860bc1c
merge from master
2021-05-09 12:11:11 +02:00
KiekerJan
cb37c6f2d0
Merge tag 'v0.53a' of https://github.com/mail-in-a-box/mailinabox
...
v0.53a
Changed the Z-Push download URL.
2021-05-09 11:33:58 +02:00
github@kiekerjan.isdronken.nl
4df61f3325
include library installation in setup
2021-05-09 00:00:26 +02:00
github@kiekerjan.isdronken.nl
6aec61e4e8
cleanup solr files
2021-05-08 23:43:39 +02:00
github@kiekerjan.isdronken.nl
2ee85cb171
Disable solr installation, enable xapian fts
2021-05-08 23:39:12 +02:00
KiekerJan
519fef288e
reduce rkhunter logging
2021-05-08 23:37:10 +02:00
KiekerJan
c8a3699a3b
append rkhunter log
2021-05-08 23:21:11 +02:00
github@kiekerjan.isdronken.nl
2d05d89cd3
correct configuration details
2021-05-08 23:02:57 +02:00
github@kiekerjan.isdronken.nl
23c0388bb3
base for xapian dovecot fts
2021-05-08 22:35:46 +02:00
Joshua Tauberer
dbd6dae5ce
Fix exit status issue cased by 69fc2fdd
2021-05-08 09:02:48 -04:00
Thomas Urban
3701e05d92
Rewrite envelope from address in sieve forwards ( #1949 )
...
Fixes #1946 .
2021-05-08 08:30:53 -04:00
jvolkenant
49813534bd
Updated Nextcloud to 20.0.8, contacts to 3.5.1, calendar to 2.2.0 ( #1960 )
2021-05-08 08:24:04 -04:00
jvolkenant
16e81e1439
Fix to allow for non forced "enforce" MTA_STS_MODE ( #1970 )
2021-05-08 08:18:49 -04:00
Joshua Tauberer
b7b67e31b7
Merged point release branch for v0.53a
...
Changed the Z-Push download URL.
2021-05-08 08:14:39 -04:00
Joshua Tauberer
2e7f2835e7
v0.53a
2021-05-08 08:13:37 -04:00
Joshua Tauberer
8a5f9f464a
Download Z-Push from alternate site
...
The old server has been down for a few days.
Solution from https://discourse.mailinabox.email/t/temporary-fix-for-failed-wget-o-tmp-z-push-zip-https-stash-z-hub-io/8028 . Fixes #1974 .
2021-05-08 07:59:53 -04:00
Joshua Tauberer
69fc2fdd3a
Hide spurrious Nextcloud setup output
2021-05-03 19:41:00 -04:00
Joshua Tauberer
9b07d86bf7
Use $(...) notation instead of legacy backtick notation for embedded shell commands
...
shellcheck reported
SC2006: Use $(...) notation instead of legacy backticked `...`.
Fixed by applying shellcheck's diff output as a patch.
2021-05-03 19:28:23 -04:00
Joshua Tauberer
ae3feebd80
Fix warnings reported by shellcheck
...
* SC2068: Double quote array expansions to avoid re-splitting elements.
* SC2186: tempfile is deprecated. Use mktemp instead.
* SC2124: Assigning an array to a string! Assign as array, or use * instead of @ to concatenate.
* SC2102: Ranges can only match single chars (mentioned due to duplicates).
* SC2005: Useless echo? Instead of 'echo $(cmd)', just use 'cmd'.
2021-05-03 19:25:09 -04:00
KiekerJan
575e5144d5
add ignore file for chkrootkit
2021-05-01 23:36:51 +02:00
KiekerJan
af5e7ff626
comment
2021-04-30 22:37:03 +02:00
KiekerJan
81d96de21d
fixes to rkhunter and chkrootkit installation
2021-04-30 22:15:06 +02:00
KiekerJan
b2d966f8e4
add rootkit detectors
2021-04-29 23:03:09 +02:00
KiekerJan
e1c0cf6c0c
fix solr installation
2021-04-29 22:25:19 +02:00