Jan Schulz-Hofen
a843fbd352
Do not check if host/ip is blacklisted if we’re running in Vagrant
...
In Vagrant, we’re likely on a development machine which in turn is likely connected via a consumer ISP dynamic IP address which are often listed.
2018-02-04 14:39:53 +07:00
NatCC
fe597da7aa
Update users.html ( #1345 )
...
Passwords must be eight characters long; when passwords are changed via the users page the dialog states that passwords need to be at least four characters but only eight or more are acceptable.
2018-02-03 17:49:11 -05:00
Joshua Tauberer
61e9888a85
Cdon't try to generate a CSR in the control panel until both the domain and country are selected
...
Fixes #1338 .
See 0e9680fda63c33ace3f34ca7126617fb0efe8ffc, a52c56e571
.
2018-01-28 09:08:24 -05:00
Joshua Tauberer
35fed8606e
only spawn one process for the management daemon
...
In 0088fb4553
I changed the management daemon's startup
script from a symlink to a Python script to a bash script that activated the new virtualenv
and then launched Python. As a result, the init.d script that starts the daemon would
write the pid of bash to the pidfile, and when trying to kill it, it would kill bash but
not the Python process.
Using exec to start Python fixes this problem by making the Python process have the pid
that the init.d script knows about.
fixes #1339
2018-01-28 09:08:19 -05:00
Joshua Tauberer
ef6f121491
when generating a CSR in the control panel, don't set empty attributes
...
Same as in a52c56e571
.
Fixes #1338 .
2018-01-28 09:07:54 -05:00
Joshua Tauberer
ec3aab0eaa
v0.26b
2018-01-25 09:27:17 -05:00
Joshua Tauberer
8c69b9e261
update CHANGELOG
2018-01-25 09:23:04 -05:00
Joshua Tauberer
e7150e3bc6
pin acme to v0.20, which is the last version compatible with free_tls_certificates
...
free_tls_certificates uses acme.jose, which in acme v0.21 was moved to a new Python package.
See #1328
2018-01-20 11:23:45 -05:00
Joshua Tauberer
8d6d84d87f
run mailconfig.py's email address validator outside of the virtualenv during questions.sh
...
We don't have the virtualenv this early in setup.
Broken by 0088fb4553
.
Fixes #1326 .
See https://discourse.mailinabox.email/t/that-is-not-a-valid-email-error-during-mailinabox-installation/2793 .
2018-01-20 10:59:37 -05:00
barrybingo
a6a1cc7ae0
Reduce munin-node log level to warning ( #1330 )
2018-01-19 12:00:44 -05:00
Joshua Tauberer
b5c0736d27
release v0.26
2018-01-18 17:10:23 -05:00
Joshua Tauberer
8ee7de6ff3
no need to do a second apt-get update after 'installing' the PHP7 PPA if the PPA was already installed
2018-01-15 13:28:18 -05:00
Joshua Tauberer
0088fb4553
install Python 3 packages in a virtualenv
...
The cryptography package has created all sorts of installation trouble over the last few years, probably because of mismatches between OS-installed packages and pip-installed packages. Using a virtualenv for all Python packages used by the management daemon should make sure everything is consistent.
See #1298 , see #1264 .
2018-01-15 13:27:04 -05:00
Joshua Tauberer
b2d103145f
remove php5 packages from webmail.sh
...
The PHP5 packages have a dependency on (apache2 or php5-cgi or php5-fpm), and since removing php5-fpm apache2 started getting installed during setup, which caused a conflict with nginx of course.
These packages don't seem to be needed by Roundcube or Nextcloud --- Roundcube includes the ones it needs.
see #1264 , #1298
2018-01-15 11:29:12 -05:00
Joshua Tauberer
fc9e279cec
partial revert of 441bd350
, accidentally uncommented something
2018-01-15 10:33:05 -05:00
yeah
257983d559
Fix typo in CHANGELOG.md ( #1312 )
2017-12-25 17:46:31 -05:00
Joshua Tauberer
e924459140
revert f25801e/#1233 - use Mozilla intermediate ciphers for IMAP/POP not modern ciphers
...
fixes #1300
2017-12-24 14:41:41 -05:00
Joshua Tauberer
441bd35053
update CHANGELOG
2017-12-23 18:01:41 -05:00
Michael Kroes
a0e603a3c6
Change z-push to use the git repository instead of the tar ball ( #1305 )
2017-12-23 17:51:18 -05:00
sam-banks
88604074d6
Bugfix for free command ( #1278 )
...
A quick fix - there's no "o" option for free.
2017-12-18 08:21:28 -05:00
yeah
d43111eb48
Add X-Spam-Score header to checked mail ( #1292 )
...
To enable users to do custom spam filtering based on score, it's helpful to render the actual spam score as a float in a separate header rather than as part of X-Spam-Status where it only appears in a comma separated list.
2017-12-18 08:17:47 -05:00
Jim Bailey
6729588d8c
Changed temp_dir to /var/temp/roundcube to avoid loss on reboot. ( #1302 )
2017-12-18 08:12:45 -05:00
Joshua Tauberer
5f14eca67f
merge v0.25 security release
2017-11-15 11:27:30 -05:00
Joshua Tauberer
8944cd7980
v0.25
2017-11-15 11:27:00 -05:00
yeah
2bbbc9dfa3
Update Roundcube to protect against CVE-2017-16651
...
See https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10 .
merges #1287
2017-11-15 11:14:21 -05:00
John Olten
544f155948
Add support for DNS wildcard [merges #1281 ]
2017-11-15 11:10:59 -05:00
Joshua Tauberer
f080eabb3a
run apt-get autoremove after updating system packages
...
Old kernels can build up and some packages may not be needed anymore.
See https://discourse.mailinabox.email/t/storage-space-decreasing/2525/5 .
2017-11-15 11:05:43 -05:00
Jānis (Yannis)
7bf377eed1
use RSASHA256 for .lv domains DNSSEC ( #1277 )
2017-10-31 18:01:47 -04:00
Nicolas North
cd554cf480
document the "local" alias pointing to this box in Custom DNS ( #1261 )
2017-10-20 17:20:21 -04:00
Michael Kroes
e5448405ae
add php7.0-mbstring to webmail.sh ( #1268 )
2017-10-15 07:53:01 -04:00
Tristan Hill
a7eff8fb35
turn off apt verbose in unattended upgrades ( #1255 )
2017-10-06 08:16:40 -04:00
Fabian Bucher
341aa8695a
update F-Droid DAVdroid link ( #1253 )
...
the information about the invalid link comes from here -> https://discourse.mailinabox.email/t/admin-sync-guide-contacts-and-calendar-davdroid-3-69-free-here/2528
2017-10-04 17:47:15 -04:00
Joshua Tauberer
5efdd72f41
update TLS test to record changes in the ciphers we offer on the open ports
2017-10-03 12:01:10 -04:00
Joshua Tauberer
f25801e88d
Merge #1233 - Limit Dovecot ciphers to the Mozilla modern set
2017-10-03 11:55:16 -04:00
Joshua Tauberer
cc7be13098
update nginx cipher list to Mozilla's current intermediate ciphers and update HSTS header to be six months
...
* The Mozilla recommendations must have been updated in the last few years.
* The HSTS header must have >=6 months to get an A+ at ssllabs.com/ssltest.
2017-10-03 11:47:32 -04:00
Joshua Tauberer
2556e3fbc2
HSTS header does not belong here, will result in multiple headers
2017-10-03 11:38:15 -04:00
Joshua Tauberer
00898b2ff5
v0.24
2017-10-03 10:49:04 -04:00
Joshua Tauberer
35b8a149d8
fix dns regex: underscores are allowed in domain names even though they are not allowed in hostnames
2017-09-22 12:31:49 -04:00
Joshua Tauberer
d0423afd18
Nextcloud install shouldn't fail if php-fpm isn't already running
2017-09-22 11:10:48 -04:00
Joshua Tauberer
edf42df835
update Roundcube (1.3.1), persistent login plugin, Z-Push (2.3.8), and Nextcloud (12.0.3)
2017-09-22 11:10:40 -04:00
Joshua Tauberer
734745a4a6
Nextcloud 12.0.2, fix Nextcloud 12 upgrades seeing the wrong version
...
Nextcloud 12 adds a new OC_VersionCanBeUpgradedFrom field to /usr/local/lib/owncloud/version.php which lists
prior NC/OC version numbers, which confuses our check for what the installed version is. Make our regex more strict.
merges #1238
2017-09-01 07:58:07 -04:00
dofl
dbebaba8b9
switch PHP's process manager to on demand
...
merges #1216
2017-08-30 13:39:25 -04:00
Joshua Tauberer
cb765dfe2a
changelog entries
2017-08-30 13:11:58 -04:00
Lloyd Smart
81258e2189
Implement upstream issue #1228 for stronger dh parameters in Dovecot. ( #1232 )
2017-08-30 13:04:22 -04:00
Lloyd Smart
4dd4b4232a
Limited ciphers to the Mozilla modern set from https://mozilla.github.io/server-side-tls/ssl-config-generator/ as requested in issue #1228 .
2017-08-29 15:02:58 +01:00
Marius Blüm
48ff664ee9
Remove the ? from "Log out" ( #1231 )
...
Signed-off-by: Marius Blüm <marius@lineone.io>
2017-08-23 19:46:45 -04:00
Michael Kroes
a52c56e571
only set the CN field when generating initial CSR to prevent issues with the php7 ppa version of openssl ( #1223 )
...
OpenSSL 1.1.0f now validates the other subject fields and rejects the empty string (for the country?) because it isn't two characters.
2017-07-30 08:11:39 -04:00
Jon Hermansen
6ace97e482
update PPA build URL for postgrey 1.35. Fixes #1211 ( #1212 )
2017-07-21 15:13:57 -04:00
Git Repository
19a928e4ec
[Issue #1159 ] Remove any +tag name in email alias before checking privileges ( #1181 )
...
* [Issue #1159 ] Remove any +tag name in email alias before checking privileges
* Move priprivileged email check after the conversion to unicode so only IDNA serves as input
2017-07-21 11:10:16 -04:00
Michael Kroes
78f2fe213e
Secondary name server could not be set ( #1209 )
2017-07-21 08:20:37 -04:00