1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-11-27 03:07:04 +00:00
Commit Graph

1843 Commits

Author SHA1 Message Date
Joshua Tauberer
7fa4862f1a refactor dns_update so that the zone is first generated in a file-format agnostic way 2014-06-04 19:00:31 -04:00
Joshua Tauberer
8ed15168c0 the new dns_update totally forgot to write the OpenDKIM tables 2014-06-04 18:44:13 -04:00
Joshua Tauberer
2f0d036504 the bc package is no longer needed since redoing dns_update 2014-06-04 17:27:01 -04:00
Joshua Tauberer
d6e6cfd3c9 mail test: catch typical connecting errors and display nicer output 2014-06-04 17:13:06 -04:00
Joshua Tauberer
fff06f7d71 improve DNS test output 2014-06-04 17:01:49 -04:00
Joshua Tauberer
2bbb7a5e7e remove Docker stuff since it doesnt work 2014-06-04 10:57:23 -04:00
Joshua Tauberer
a35fa12465 script to check the SSL certificate, with instructions for turning the self-signed certificate into a properly signed certificate 2014-06-04 11:38:20 +00:00
Joshua Tauberer
ea62c2419d typo in updating DKIM, dont regenerate the DKIM private key each time setup is run 2014-06-03 21:42:33 +00:00
Joshua Tauberer
2a9349a64e show the SSL certificate's fingerprint during setup so the user can sort of pin it 2014-06-03 21:39:49 +00:00
Joshua Tauberer
bb7905aefd on second and later runs of start.sh, recall the inputs the user entered the last time 2014-06-03 21:31:13 +00:00
Joshua Tauberer
24edd5ce91 the SSL CSR must be generated with a country code 2014-06-03 21:17:10 +00:00
Joshua Tauberer
89730bd643 new backup script, see #11 2014-06-03 21:16:38 +00:00
Joshua Tauberer
51dd2ed70b update nginx SSL options, fixes #61 2014-06-03 14:06:02 +00:00
Joshua Tauberer
c54b0cbefc move management into a daemon service running as root
* Created a new Python/flask-based management daemon.
* Moved the mail user management core code from tools/mail.py to the new daemon.
* tools/mail.py is a wrapper around the daemon and can be run as a non-root user.
* Adding a new initscript for the management daemon.
* Moving dns_update.sh to the management daemon, called via curl'ing the daemon's API.

This also now runs the DNS update after mail users and aliases are added/removed,
which sets up new domains' DNS as needed.
2014-06-03 13:56:40 +00:00
Joshua Tauberer
da15ae5375 rename the scripts directory to setup 2014-06-03 11:12:38 +00:00
Joshua Tauberer
af03feb389 remove permit_dnswl_client because postfix has odd behavior when an IP address is not listed: it turns all bounces into deferrals (retry)
partially reverts 6d473f81ac
2014-05-23 09:01:03 +00:00
Joshua Tauberer
19aba091d7 test_mail: if EHLO test fails continue testing the rest, since user may be waiting on DNS propagation 2014-05-17 08:32:40 -04:00
Joshua Tauberer
f91830f0e3 clean up README a bit; moving the bit Rationale into the github wiki 2014-05-15 08:57:44 -04:00
Joshua Tauberer
6d473f81ac add more postfix rules: reject_non_fqdn_sender, reject_unknown_sender_domain, reject_rhsbl_sender, and permit_dnswl_client 2014-05-15 12:10:35 +00:00
Joshua Tauberer
b646771517 redirect all HTTP to HTTPS and enable HSTS, closes #18 2014-05-14 12:15:11 +00:00
Joshua Tauberer
091a58ac94 dns_update needs to run with bash when run directly, see #39 2014-05-12 23:38:55 +00:00
Joshua Tauberer
c722625041 test_dns: add ADSP and DMARC tests, see #14 2014-05-10 08:03:18 -04:00
Joshua Tauberer
c403895f95 test_dns: properly test the non-primary domain of a box (for email addresses on domains besides PUBLIC_HOSTNAME) 2014-05-10 08:03:13 -04:00
Joshua Tauberer
bdadf3017d test_dns: handle case where a DNS record is missing (vs incorrect) 2014-05-10 08:03:07 -04:00
Joshua Tauberer
d5971e383b add ADSP and DMARC records; see #14 2014-05-10 11:58:27 +00:00
Joshua Tauberer
a8938e107e DKIM: For the benefit of ADSP and DMARC (not yet impl), each sending domain should be its signing domain 2014-05-10 11:58:27 +00:00
Joshua Tauberer
cfcb5f5bbd merge: @PirosB3 and @pjz suggested using pjzz/phusion-baseimage as the base image for docker
See http://phusion.github.io/baseimage-docker/ for why the stock Ubuntu
image from Docker is not good enough for a complex system.

Thanks to @pjz for updating the base image for Ubuntu 14.04 and starting
the service scripts.

see #16; merges #49
2014-05-06 10:05:14 -04:00
Joshua Tauberer
80b367ab07 test_mail: gracefully handled when the server has no reverse DNS available 2014-05-06 10:02:29 -04:00
Joshua Tauberer
63ef8f7b04 missing wget dependency used by roundcube installation 2014-05-06 10:02:06 -04:00
Joshua Tauberer
e247929386 docker: don't start services ourself
* let the base image's system services manager handle it
* move our container start script to occur before system services are started
2014-05-06 10:00:30 -04:00
Joshua Tauberer
1db0dd3092 system.sh: make apt-get upgrade quieter 2014-05-06 09:57:11 -04:00
Joshua Tauberer
fbd7d731e8 docker: fix startup scripts for nsd and dovecot to run them in the foreground 2014-05-06 09:56:20 -04:00
Joshua Tauberer
0659a0bb16 Merge branch 'better_docker' of https://github.com/pjz/mailinabox into pjz-better_docker
our trees had diverged, various conflicts resolved
2014-05-02 14:54:21 -04:00
Joshua Tauberer
189dd6000e docker: re-run the start script on the container's first run because it won't know its hostname or IP address until then 2014-05-02 14:23:56 -04:00
Joshua Tauberer
3fdcbe542f don't ask the user to create an email account if the shell is non-interactive and provide a better default for the domain name 2014-05-02 14:22:59 -04:00
Joshua Tauberer
89bb5da986 dns: missing dependency on bc 2014-05-02 14:18:26 -04:00
Paul Jimenez
5ceec760b9 Better Dockerfile support 2014-05-02 13:03:37 -04:00
Joshua Tauberer
acec82950b docker: disable the ufw firewall because it is not supported in a docker container and produces a lot of error output (by reverting a510e08f9e and setting an environment variable) 2014-05-01 22:39:45 -04:00
Joshua Tauberer
2f6e0ded7a docker: cleanup comments and make the installation of sshd quieter 2014-05-01 22:36:14 -04:00
Joshua Tauberer
f0afa7e8dc docker: add some example run commands for debugging a container or having it take over host ports 2014-05-01 22:29:00 -04:00
Joshua Tauberer
89240a4fab docker: do ADD container/docker later on so that the Dockerfile can be updated and still reuse a cached image after the major setup steps are done 2014-05-01 22:18:45 -04:00
Joshua Tauberer
16c0a9d342 docker: if container was launched with a tty start bash otherwise loop forever to keep the container going 2014-05-01 22:16:14 -04:00
Joshua Tauberer
7999eae857 Merge pull request #47 from randallsquared/master
don't reject mail to domains that only have aliases and not users
2014-05-01 18:21:19 -04:00
Randall Randall
8fcb10cc0a don't reject alias-only domains 2014-05-01 22:14:04 +00:00
Joshua Tauberer
74ec3d9696 ssl: there is no need to use -des3 in key generation if we're just going to remove the passphrase
thanks @konklone for discussion
2014-05-01 16:47:24 -04:00
Joshua Tauberer
532c9aa7fd move the Dockerfile to the root to allow the working directory of the repo to be pushed inside the image (rather than inside the container getting a fresh mailinabox from github) so changes in the working copy can be tested in Docker quickly / without pushing to github 2014-05-01 16:39:12 -04:00
Joshua Tauberer
19f5f144ae installing roundcube from debian would cause update from ubuntu later, now install from Ubuntu debs
We were installing .deb's from Debian. The next apt-get upgrade would cause roundcube to be upgraded.
Maybe that also triggered the installation of apache. Now install roundcube from Ubuntu. So long as
Ubuntu doesn't post an update to roundcube, at least it won't trigger an upgrade on the next
apt-get upgrade. This should also mean we don't need to purge the installation of apache2.

Also try using apt-mark hold to prevent roundcube from being updated, in case that will trigger
dependencies.
2014-05-01 20:34:41 +00:00
Joshua Tauberer
e413680f62 add a bash function ufw_allow which calls 'ufw allow' but hides its totally useless output 2014-05-01 19:35:18 +00:00
Joshua Tauberer
66269f910f make a bash function to use everywhere we apt-get-install (DEBIAN_FRONTEND=noninteractive apt-get -qq -y )
ensures the output is quiet
2014-05-01 19:24:16 +00:00
Joshua Tauberer
80bf60715e Merge pull request #45 from randallsquared/master
enable roundcube's password-change plugin
2014-04-30 15:11:23 -04:00