jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							68efef1164 
							
						 
					 
					
						
						
							
							dont log robots.txt and favicon.ico. we should REALLY consider creating seperate include files for *all* of our "apps", this is getting messy..  
						
						
						
					 
					
						2014-09-27 17:04:05 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							6ecada7eed 
							
						 
					 
					
						
						
							
							Merge commit '93a722f'  
						
						
						
					 
					
						2014-09-27 16:56:38 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							39bca053ed 
							
						 
					 
					
						
						
							
							add 2048 bits of DH params for nginx, postfix, dovecot  
						
						... 
						
						
						
						nginx/postfix use a new pre-generated dh2048.pem file. dovecot generates the bits on its own.
ssllabs.com reports that TLS_DHE ciphers went from 1024 to 2048 bits as expected. The ECDHE ciphers remain at 256 bits --- no idea what that really means. (This tests nginx only. I haven't tested postfix/dovecot.)
see https://discourse.mailinabox.email/t/fips-ready-for-ssl-dhec-key-exchange/76/3  
						
					 
					
						2014-09-26 22:09:22 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							4e6d572de9 
							
						 
					 
					
						
						
							
							ensure Python operates in UTF-8 with a consistent locale for all users  
						
						... 
						
						
						
						fixes  #206  (hopefully) 
					
						2014-09-26 08:26:09 -04:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							93a722f85b 
							
						 
					 
					
						
						
							
							ownCloud (witch is based on SabreDAV) supports sync  
						
						
						
					 
					
						2014-09-10 21:22:56 +02:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							f77f1e656c 
							
						 
					 
					
						
						
							
							split CardDAV instrctions into a new page and add CalDAV instructions; create nice redirects at /cloud/calendar and /cloud/contacts  
						
						
						
					 
					
						2014-09-03 10:51:19 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							24ff0e04b1 
							
						 
					 
					
						
						
							
							output/text tweaks  
						
						
						
					 
					
						2014-08-27 14:42:00 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							aa3bc3225e 
							
						 
					 
					
						
						
							
							expose the control panel only on PRIMARY_HOSTNAME since /admin might conflict with other stuff hosted on other domains  
						
						
						
					 
					
						2014-08-27 02:38:43 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							df20d447a9 
							
						 
					 
					
						
						
							
							add an api for setting custom DNS records  
						
						... 
						
						
						
						Works like this:
```curl -d "" --user email:password https://.../admin/dns/set/qname/rtype/value ```
where the rtype and value default to "A" and the remote IP address of the request, so that a simple, empty POST to
```https://.../admin/dns/set/desktop.mydomain.com ```
will point desktop.mydomain.com to the caller's IPv4 address.
closes  #140  
						
					 
					
						2014-08-23 23:03:45 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							a0b056ae29 
							
						 
					 
					
						
						
							
							put a sterner warning in nginx local.conf about not modifying it  
						
						
						
					 
					
						2014-08-23 12:35:59 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							a501256fb9 
							
						 
					 
					
						
						
							
							fix the include path for our second use of z-push  
						
						
						
					 
					
						2014-08-19 15:07:55 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							80a05c3bbf 
							
						 
					 
					
						
						
							
							short_open_tag=Off was mistakenly left in the earlier merge (was a fix for my old autodiscover.php but not needed with z-push), also regrouping the nginx directive to be near the rest of Z-Push  
						
						
						
					 
					
						2014-08-19 12:07:54 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							b6dd407aa7 
							
						 
					 
					
						
						
							
							z-push autodiscover should use the primary hostname for the mail server and not the domain part of the email address (both may work, but the primary hostname is more likely to have a signed SSL cert)  
						
						
						
					 
					
						2014-08-19 11:49:20 +00:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							9a1989357c 
							
						 
					 
					
						
						
							
							some makeup  
						
						
						
					 
					
						2014-08-19 13:17:13 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							a0df18506b 
							
						 
					 
					
						
						
							
							use z-push autodisover instead  
						
						
						
					 
					
						2014-08-19 13:03:44 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							f7d2dfd1c0 
							
						 
					 
					
						
						
							
							xml generation fails when short_open_tag is on  
						
						
						
					 
					
						2014-08-19 11:27:50 +02:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							92acef9b87 
							
						 
					 
					
						
						
							
							fix PHP path for Z-Push so it can see libawl-php  
						
						... 
						
						
						
						broken in 04454b35c6fixes  #143  
						
					 
					
						2014-08-17 22:53:46 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							b30d7ad80a 
							
						 
					 
					
						
						
							
							web-based administrative UI  
						
						... 
						
						
						
						closes  #19  
					
						2014-08-17 22:46:06 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							6e380ade17 
							
						 
					 
					
						
						
							
							owncloud will only let users access it from the PRIMARY_HOSTNAME (due to its trusted_domains option being set statically), so only include /cloud in the nginx configuration for PRIMARY_HOSTNAME  
						
						
						
					 
					
						2014-08-16 12:33:10 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							6fdef379ad 
							
						 
					 
					
						
						
							
							owncloud: fix regex in nginx config  
						
						... 
						
						
						
						/cloud/index.php/apps/files/ajax/scan.php would not be parsed right because of two .php's 
						
					 
					
						2014-08-15 23:17:16 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							8c9f278166 
							
						 
					 
					
						
						
							
							owncloud: support MOD_X_ACCEL_REDIRECT_ENABLED  
						
						... 
						
						
						
						This lets downloads from the file app work. 
						
					 
					
						2014-08-15 23:16:54 +00:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							59c1c670b5 
							
						 
					 
					
						
						
							
							x-accel-redirect dosn't need to process files in ownCloud data directory. TODO: fix for autogeneration  
						
						
						
					 
					
						2014-08-13 08:10:53 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							7024b428ad 
							
						 
					 
					
						
						
							
							increased timeouts so that owncloud properly loads with larger db  
						
						
						
					 
					
						2014-08-13 07:30:32 +02:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							d03bc0cefa 
							
						 
					 
					
						
						
							
							more owncloud configuration tweaks  
						
						
						
					 
					
						2014-08-13 00:30:09 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							05cc63b5d5 
							
						 
					 
					
						
						
							
							Merge branch 'owncloud' of github.com:jkaberg/mailinabox into owncloud  
						
						... 
						
						
						
						Conflicts:
	conf/nginx.conf
	setup/zpush.sh 
						
					 
					
						2014-08-12 23:10:51 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							c9bf57eacd 
							
						 
					 
					
						
						
							
							Merge branch 'master' into owncloud (php5-fpm)  
						
						
						
					 
					
						2014-08-12 13:30:55 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							9d6dc78b15 
							
						 
					 
					
						
						
							
							keep Roundcube working too, put owncloud at /cloud rather than at /  
						
						
						
					 
					
						2014-08-12 13:29:43 +00:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							52c50621cd 
							
						 
					 
					
						
						
							
							use x-accel-redirect for faster larg file downloads  
						
						
						
					 
					
						2014-08-12 15:11:33 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							afb09a84b7 
							
						 
					 
					
						
						
							
							use tools/editconf.py to edit php.ini for large file uploads  
						
						
						
					 
					
						2014-08-12 14:00:28 +02:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							cf4f519cc0 
							
						 
					 
					
						
						
							
							zpush/owncloud: inject mail using 'sendmail' not SMTP  
						
						
						
					 
					
						2014-08-12 11:18:45 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							7b81ea1834 
							
						 
					 
					
						
						
							
							simplify zpush configuration files, no need to preserve copyright message  
						
						
						
					 
					
						2014-08-12 11:12:10 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							0eceb2012f 
							
						 
					 
					
						
						
							
							use php5-fpm rather than our own custom launcher script for PHP+FastCGI  
						
						
						
					 
					
						2014-08-12 11:00:54 +00:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							d60abd0f92 
							
						 
					 
					
						
						
							
							bump (php) ram limit to 512MB  
						
						
						
					 
					
						2014-08-12 09:11:55 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							21d59862de 
							
						 
					 
					
						
						
							
							typo  
						
						
						
					 
					
						2014-08-12 00:49:33 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							0bb257db2a 
							
						 
					 
					
						
						
							
							forgot to commit  
						
						
						
					 
					
						2014-08-12 00:32:56 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							ecfabd2dad 
							
						 
					 
					
						
						
							
							use smtp for z-push  
						
						
						
					 
					
						2014-08-12 00:32:16 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							7f01146c3d 
							
						 
					 
					
						
						
							
							enable large file uploads in nginx  
						
						
						
					 
					
						2014-08-11 23:51:24 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							54fe92615b 
							
						 
					 
					
						
						
							
							include php-libawl and cleanup  
						
						
						
					 
					
						2014-08-11 23:43:16 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							64b1db4c30 
							
						 
					 
					
						
						
							
							include_path to include php-libawl and use php-fpm instead of cgi  
						
						
						
					 
					
						2014-08-11 23:41:38 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							44fcdc2066 
							
						 
					 
					
						
						
							
							owncloud properly working, but not in sub dir anymore  
						
						
						
					 
					
						2014-08-11 20:17:38 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							b5928de740 
							
						 
					 
					
						
						
							
							use subdir  
						
						
						
					 
					
						2014-08-11 19:43:27 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							a80c076d8f 
							
						 
					 
					
						
						
							
							safe apphroach, sid dosnt like special characters like %  
						
						
						
					 
					
						2014-08-11 19:42:52 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							d53cb88a92 
							
						 
					 
					
						
						
							
							update z-push with carddav and caldav support  
						
						
						
					 
					
						2014-08-11 19:08:02 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							20b494c3ac 
							
						 
					 
					
						
						
							
							attempting to fix broken static files etc  
						
						
						
					 
					
						2014-08-11 18:46:39 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							a801bf2a30 
							
						 
					 
					
						
						
							
							white spaces argh.  
						
						
						
					 
					
						2014-08-11 16:30:39 +02:00 
						 
				 
			
				
					
						
							
							
								jkaberg 
							
						 
					 
					
						
						
						
						
							
						
						
							0899952fe1 
							
						 
					 
					
						
						
							
							initial owncloud port, untested and unfinished  
						
						
						
					 
					
						2014-08-11 16:24:29 +02:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							2a7669a0d3 
							
						 
					 
					
						
						
							
							z-push: an Exchange ActiveSync server  
						
						
						
					 
					
						2014-07-12 00:02:32 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							85bd2c8804 
							
						 
					 
					
						
						
							
							use the Dovecot managesieve service to manage sieve scripts  
						
						... 
						
						
						
						This lets roundcube's manageseive plugin do cool things like vacation responses.
Also:
* Run the spam filtering sieve script out of a global sieve file that we'll place in /etc/dovecot. It is no longer necessary to create per-user sieve files for this. Remove them with a new migration. Remove the code that created them.
* Corrects the spam script. Backslashes were double-escaped probably because this script started embedded within the bash script. Not sure how this was working until now.
this adapts work by @h8h in #103  
						
					 
					
						2014-07-10 23:09:07 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							1a74b81f44 
							
						 
					 
					
						
						
							
							new nginx configuration yaml file to allow proxying of whole domains elsewhere  
						
						
						
					 
					
						2014-07-09 12:31:32 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							3bab63d4ce 
							
						 
					 
					
						
						
							
							update to Roundcube 1.0.1  
						
						
						
					 
					
						2014-07-08 00:37:53 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							430b2dec11 
							
						 
					 
					
						
						
							
							update default www page to link to the website,  fixes   #96  
						
						
						
					 
					
						2014-07-07 07:07:54 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							49d5561933 
							
						 
					 
					
						
						
							
							when adding/removing mail addresses also update nginx's config  
						
						
						
					 
					
						2014-07-06 12:16:50 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							326cc2a451 
							
						 
					 
					
						
						
							
							obviously put our stuff in /usr/local and not /usr  
						
						
						
					 
					
						2014-06-21 12:35:00 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							85169dc960 
							
						 
					 
					
						
						
							
							preliminary support for webfinger  
						
						... 
						
						
						
						It just echos back the subject given to it. 
						
					 
					
						2014-06-20 01:55:16 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							5faa1cae71 
							
						 
					 
					
						
						
							
							manage the nginx conf in the management daemon too so we can have nginx operate on all domains that we serve mail for  
						
						
						
					 
					
						2014-06-20 01:55:12 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							cd1802fecc 
							
						 
					 
					
						
						
							
							Filter privacy-sensitive headers on outgoing mail  
						
						... 
						
						
						
						This re-implements part of PR #69  by @mkropat, who wrote:
By default, Postfix adds a Received header — on all mail that you send —
that lists the IP of the device you sent the mail from.  This feature is
great if you're a mail provider and you need to debug why one user is
having sending issues.  This feature is not so great if you run your own
mail server and you don't want every recipient of every email you send
to know the device and IP you sent the email from.
To limit this filtering to outgoing mail only, we apply the filters just
to the submission port.  See these guides [1] [2] for more context.
  [1] http://askubuntu.com/a/78168/11259 
  [2] http://www.void.gr/kargig/blog/2013/11/24/anonymize-headers-in-postfix/  
						
					 
					
						2014-06-08 18:35:09 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							51dd2ed70b 
							
						 
					 
					
						
						
							
							update nginx SSL options,  fixes   #61  
						
						
						
					 
					
						2014-06-03 14:06:02 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							c54b0cbefc 
							
						 
					 
					
						
						
							
							move management into a daemon service running as root  
						
						... 
						
						
						
						* Created a new Python/flask-based management daemon.
* Moved the mail user management core code from tools/mail.py to the new daemon.
* tools/mail.py is a wrapper around the daemon and can be run as a non-root user.
* Adding a new initscript for the management daemon.
* Moving dns_update.sh to the management daemon, called via curl'ing the daemon's API.
This also now runs the DNS update after mail users and aliases are added/removed,
which sets up new domains' DNS as needed. 
						
					 
					
						2014-06-03 13:56:40 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							b646771517 
							
						 
					 
					
						
						
							
							redirect all HTTP to HTTPS and enable HSTS,  closes   #18  
						
						
						
					 
					
						2014-05-14 12:15:11 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							6fd768d6ee 
							
						 
					 
					
						
						
							
							update to @konklone's latest nginx SSL configuration recommendations  
						
						
						
					 
					
						2014-04-17 20:27:52 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							48bbdd9999 
							
						 
					 
					
						
						
							
							branding  
						
						
						
					 
					
						2014-04-17 18:05:05 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							2ebd9706ec 
							
						 
					 
					
						
						
							
							add php-fastcgi init script to start the FastCGI process needed to run Roundcube (and any other PHP scripts, really)  
						
						
						
					 
					
						2014-03-17 00:03:19 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							cf0f26d58d 
							
						 
					 
					
						
						
							
							update project webpage because I renamed my github account  
						
						
						
					 
					
						2014-01-27 15:49:00 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							afda0405cf 
							
						 
					 
					
						
						
							
							apply @konklone's nginx https: recommendations from  https://gist.github.com/konklone/6532544  
						
						
						
					 
					
						2013-09-14 10:11:47 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							b4e7d6ba5e 
							
						 
					 
					
						
						
							
							create a basic hello world page on http/https  
						
						
						
					 
					
						2013-09-08 09:55:58 +00:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							b770c5370b 
							
						 
					 
					
						
						
							
							web and roundcube webmail  
						
						
						
					 
					
						2013-09-07 16:53:25 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							7f63c199a6 
							
						 
					 
					
						
						
							
							move the sieve script configuration to tools/mail.py  
						
						
						
					 
					
						2013-09-01 10:40:12 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Tauberer 
							
						 
					 
					
						
						
						
						
							
						
						
							5b82bbb5b3 
							
						 
					 
					
						
						
							
							preliminary script for nginx  
						
						
						
					 
					
						2013-09-01 14:24:49 +00:00