Joshua Tauberer
f9a0e39cc9
cryptography is now distributed as a wheel and no longer needs system development packages to be installed or pip/setuptools workarounds
2018-06-29 16:46:21 -04:00
Joshua Tauberer
35fed8606e
only spawn one process for the management daemon
...
In 0088fb4553
I changed the management daemon's startup
script from a symlink to a Python script to a bash script that activated the new virtualenv
and then launched Python. As a result, the init.d script that starts the daemon would
write the pid of bash to the pidfile, and when trying to kill it, it would kill bash but
not the Python process.
Using exec to start Python fixes this problem by making the Python process have the pid
that the init.d script knows about.
fixes #1339
2018-01-28 09:08:19 -05:00
Joshua Tauberer
e7150e3bc6
pin acme to v0.20, which is the last version compatible with free_tls_certificates
...
free_tls_certificates uses acme.jose, which in acme v0.21 was moved to a new Python package.
See #1328
2018-01-20 11:23:45 -05:00
Joshua Tauberer
0088fb4553
install Python 3 packages in a virtualenv
...
The cryptography package has created all sorts of installation trouble over the last few years, probably because of mismatches between OS-installed packages and pip-installed packages. Using a virtualenv for all Python packages used by the management daemon should make sure everything is consistent.
See #1298 , see #1264 .
2018-01-15 13:27:04 -05:00
Michael Kroes
e49c99890b
fetch whole bootstrap - fixes missing icons in admin ( #1185 )
2017-05-31 07:36:17 -04:00
Git Repository
18f1689f45
changed the location we store the web-assets for the admin pages to /usr/local/mailinabox ( #1179 )
2017-05-23 19:22:53 -04:00
Git Repository
8234a5a9f4
download jQuery and Bootstrap during setup and serve locally so that we don't rely on a CDN which is blocked in some parts of the world ( #1167 ) ( #1171 )
2017-05-08 07:25:16 -04:00
Norman S
f6b20a810f
Enforce pip to use python 2.7 for boto ( #1093 )
2017-02-10 09:44:40 -05:00
Joshua Tauberer
2c86fa3755
merge v0.21c hot fix release
2017-02-01 11:26:32 -05:00
Joshua Tauberer
2e00530944
upgrade acme package
2017-02-01 11:01:11 -05:00
Joshua Tauberer
32d6728dc9
fix pip breaking due to setuptools/pip/cryptography problem
...
pip<6.1 + setuptools>=34 have a problem with packages that
try to update setuptools during installation, like cryptography.
See https://github.com/pypa/pip/issues/4253 . The Ubuntu 14.04
package versions are pip 1.5.4 and setuptools 3.3. When we
install cryptography under those versions, it tries to update
setuptools to version 34, which became available about 10 days
ago, and then pip gets permanently broken with errors like
"ImportError: No module named 'packaging'".
The easiest work-around on systems that aren't already broken is
to upgrade pip and setuptools individually before we install any
package that tries to update setuptools.
Also try to detect a broken system and forcibly remove setuptools
first before trying to install/upgrade pip.
fixes #1080 , fixes #1081 , fixes #1086
see #1083
see https://discourse.mailinabox.email/t/error-with-pip-and-python/1880
see https://discourse.mailinabox.email/t/error-installing-mib/1875
2017-02-01 10:29:28 -05:00
Joshua Tauberer
a081d04082
move the custom exclusive process code from utils.py into a new python package named exclusiveprocess
2017-01-15 11:02:23 -05:00
Joshua Tauberer
86368ed165
clean up apt_install lines and comments in setup/management.sh
2016-02-18 06:59:38 -05:00
Joshua Tauberer
5e4c0ed825
Revert "install boto (py2) via the package manager, not pip (used by duplicity)"
...
This reverts commit b32cb6229b
.
Fixes #627 . Fixes #653 . Closes #714 .
2016-02-18 06:54:23 -05:00
Joshua Tauberer
098e250cc4
bump free_tls_certificates, fixes #695 , if a challenge fails dont cache it permanently (or at all)
2016-02-16 09:08:58 -05:00
Joshua Tauberer
b6933a73fa
provision and install free SSL certificates from Let's Encrypt
2016-01-04 18:43:16 -05:00
Joshua Tauberer
06a0e7f3fe
merge #584 - Add checks to the management interface to report memory usage
2016-01-01 18:13:21 -05:00
Joshua Tauberer
4305a71916
merge #587 - move backup and nightly status checks to 3am in system time
...
previously these were run in a cron.daily script which per crontab is run at 6:25 am local time
2015-12-26 08:42:58 -05:00
Joshua Tauberer
a4d8e12fd7
clean up the backup time patch: dont choose timezone here, move status checks into the same 3am script
2015-12-26 08:41:37 -05:00
BuildTools
8a35905d2e
add timezone selection
2015-12-23 17:29:13 -05:00
Joshua Tauberer
b32cb6229b
install boto (py2) via the package manager, not pip (used by duplicity)
2015-11-26 14:20:59 +00:00
Michael Kroes
59f8aa1c31
Add checks to the management interface to report memory usage
2015-11-20 01:48:59 -05:00
Joshua Tauberer
05e128cafb
the >'s in pip install package names might be interpreted as shell redirects and was creating files name '=1.0.0' '=2.0.0' and '=1.0.2' (I'm not sure how this was ever working)
2015-11-19 07:00:32 -05:00
BuildTools
82f4f8b2eb
delete /etc/cron.daily/mailinabox-backup
2015-11-06 07:55:48 -05:00
BuildTools
d703b0a2a1
change from /etc/cron.daily to /etc/cron.d
2015-11-06 07:47:40 -05:00
Joshua Tauberer
2a44b0cafb
the new SSL certs routine requires cryptography>=1.0.2 to make RSAPublicNumbers hashable
...
an earlier problem about --upgrade (de34d0d337
) seemed to be just a local problem on my box, so going back to unpinned >= requirement specs
https://discourse.mailinabox.email/t/upgrade-to-v0-13b-broke-admin/876
2015-10-08 12:24:22 +00:00
Joshua Tauberer
de34d0d337
pin pip versions of email_validator and cryptography so pip doesn't keep reinstalling them each upgrade even if nothing changed (and the ceffi depedency installation can be very slow and is prone to break under low memory)
2015-09-05 12:35:01 +00:00
Joshua Tauberer
73fbcd7fa3
silence all of the installing/already installed package messages on installation
...
Querying dpkg for each package is slow, and we have way too much output on installation because of it.
2015-08-19 15:58:35 -04:00
Leo Koppelkamm
96fb0f78f7
Add comment regarding the use of pip instead of pip3
2015-07-27 21:56:08 +02:00
Leo Koppelkamm
2e6c410336
Make backups more configurable
...
Backup location and maximum age can now be configured in the admin panel.
For now only S3 is supported, but adding other duplicity supported backends should be straightforward.
2015-07-27 21:53:34 +02:00
Joshua Tauberer
091c2e45bf
always attempt to upgrade pip packages during setup
2015-07-03 14:25:41 +00:00
Joshua Tauberer
aa33428311
some IDNA functionality was still using Python's built-in IDNA 2003 encoder rather than the idna package's IDNA 2008 encoder
2015-06-30 13:09:18 +00:00
Joshua Tauberer
47acbbf332
bump to latest version of my email_validator library
2015-06-23 16:43:35 -04:00
Joshua Tauberer
dece359c90
validate certificates using the cryptography python package as much as possible, shelling out to openssl just once instead of four times per certificate
...
* Use `cryptography` instead of parsing openssl's output.
* When checking if we can reuse the primary domain certificate or a www-parent-domain certificate for a domain, avoid shelling out to openssl entirely.
2015-06-21 14:53:37 +00:00
Toilal
ce17c12ca2
Use netcat to check if mailinabox webservice is available
...
[JT added installing netcat-openbsd in system.sh]
2015-06-18 08:04:46 -04:00
Joshua Tauberer
3b86b3fe66
bump to email_validator 0.1.0-rc5
2015-05-19 08:37:17 -04:00
Joshua Tauberer
1f08997a9e
need my new email_validator library during questions
2015-05-03 11:02:23 -04:00
Joshua Tauberer
f0143fd6c9
bump version of my email_validator library
2015-04-29 21:18:14 +00:00
Joshua Tauberer
5efd5abbe4
move the email address syntax validation for users and aliases into my new email_validator library ( https://github.com/JoshData/python-email-validator )
2015-04-21 14:43:12 +00:00
Joshua Tauberer
4d22fb9b2a
run status checks each night and email the administrator with the changes from the previous day's results
2015-03-21 16:02:42 +00:00
Joshua Tauberer
575d3a66c6
more on being smarter about waiting for the management daemon to start
...
cc333b3965
worked for fresh systems, but if the system already had the daemon running the api.key file would already exist and the test would pass to early. Now removing the file first.
fixes #322
2015-02-13 13:11:03 +00:00
Joshua Tauberer
3853e8dd93
show the status of backups in the control panel
2014-09-01 13:06:53 +00:00
Joshua Tauberer
28231ac248
Merge pull request #150 from hjjg/secretkeyfix
...
The secret key that encrypts the backups should not be world readable.
2014-08-24 17:21:38 -04:00
Joshua Tauberer
03bbd25a10
re-do allow apt to perform security updates on its own
...
Move this into system.sh rather than anagement.sh.
This reverts commit eab28c97ff
.
2014-08-23 12:35:59 +00:00
Helmuth Gronewold
ee9552734f
Fix permissions of backup secret according to Josh's comment at
...
https://github.com/mail-in-a-box/mailinabox/pull/150#issuecomment-53120156
2014-08-22 23:23:56 +02:00
Helmuth Gronewold
a68fd6429f
The secret key that encrypts the backups should not be world readable.
2014-08-22 22:55:34 +02:00
Joshua Tauberer
eab28c97ff
allow apt to perform security updates on its own
2014-08-21 11:47:28 +00:00
Joshua Tauberer
023cd12e1a
hide lots of unnecessary and scary output during setup
2014-07-16 09:36:56 -04:00
Joshua Tauberer
573faa2bf5
install the backup script as a daily cron job
2014-06-26 10:46:22 +00:00
Joshua Tauberer
4668367420
first pass at a management tool for checking what the user must do to finish his configuration: set NS records, DS records, sign his certificates, etc.
2014-06-22 15:54:22 +00:00