Steve Hay
ad3aa6a26f
fixed default phone region, imagick, and url warnings.
2022-09-12 01:08:56 -04:00
Steve Hay
4b71889b90
Merge branch 'jammyjellyfish2204-nextcloud24' into jammyjellyfish2204-everything
2022-09-12 00:50:57 -04:00
Steve Hay
692a5a363e
the upgrade to 24 seems to require config_read_only to be set to false.
2022-09-12 00:50:37 -04:00
Steve Hay
9d60a3e750
Merge branch 'jammyjellyfish2204-nextcloud24' into jammyjellyfish2204-everything
2022-09-11 23:20:43 -04:00
Steve Hay
eecf6232a6
contacts and calendar version too high.
2022-09-11 22:42:55 -04:00
Steve Hay
0a62f456eb
versions of contacts and calendar too high
2022-09-11 22:41:41 -04:00
Steve Hay
3c9a56897e
Merge branch 'jammyjellyfish2204-nextcloud24' into jammyjellyfish2204-everything
2022-09-11 22:11:07 -04:00
Steve Hay
ed736cca4a
initial edit to nextcloud scripts
2022-09-11 22:10:12 -04:00
Steve Hay
db8d5bd6c5
Merge branch 'jammyjellyfish2204-smtp-banner' into jammyjellyfish2204-everything
2022-09-10 19:31:53 -04:00
Steve Hay
bdd1a14e23
security thru obscurity
2022-09-10 19:31:21 -04:00
Steve Hay
30e10f66fa
Merge branch 'jammyjellyfish2204-gunicorn' into jammyjellyfish2204-everything
2022-09-06 15:46:40 -04:00
Steve Hay
0dfb7838e0
reverting the changes that break munin
2022-09-06 15:46:19 -04:00
Steve Hay
d6e599819d
Merge branch 'jammyjellyfish2204-gunicorn' into jammyjellyfish2204-everything
2022-09-06 14:21:04 -04:00
Steve Hay
907aa4e41a
Tell systemd not to ignore the SIGPIPE caused by tr termination.
2022-09-06 14:20:50 -04:00
Steve Hay
13953a96f3
Merge branch 'jammyjellyfish2204-gunicorn' into jammyjellyfish2204-everything
2022-09-06 13:58:06 -04:00
Steve Hay
722ae510a0
two threads on gunicorn, which could help if one call is blocking for a bit.
2022-09-06 13:57:49 -04:00
Steve Hay
092b943d5f
Merge branch 'jammyjellyfish2204-gunicorn' into jammyjellyfish2204-everything
2022-09-06 13:49:24 -04:00
Steve Hay
15f1c50183
fixed cleanup
2022-09-06 13:49:12 -04:00
Steve Hay
53ebc24f00
Merge branch 'jammyjellyfish2204-gunicorn' into jammyjellyfish2204-everything
2022-09-06 13:44:57 -04:00
Steve Hay
9ab2cfe605
swapped out ExpiringDict with Flask session -- may allow multiple workers
2022-09-06 13:44:33 -04:00
Steve Hay
cbf6a0498f
Merge remote-tracking branch 'kiekerjan/updateRoundcube' into jammyjellyfish2204-everything
2022-09-05 22:42:03 -04:00
Steve Hay
9734cd92cc
Merge branch 'jammyjellyfish2204-upgrade_boto3_asyncio' into jammyjellyfish2204-everything
2022-09-05 21:11:03 -04:00
Steve Hay
9bd61e2b4f
Merge branch 'jammyjellyfish2204-dovecot_ssl' into jammyjellyfish2204-everything
2022-09-05 21:10:30 -04:00
Steve Hay
0732866a2d
changed back to 1 gunicorn worker.
2022-09-05 20:45:34 -04:00
Steve Hay
8fdd11d4c6
read the key into the auth object
2022-09-05 20:25:59 -04:00
Steve Hay
ec1641e6a5
removing offending braces
2022-09-05 20:19:39 -04:00
Steve Hay
f2227de85a
Trying to create the api key before launch so multiple workers do not conflict
2022-09-05 20:18:09 -04:00
Steve Hay
b7b334ac0b
tweaked the PYTHONPATH to allow wsgi to be found.
2022-09-05 19:45:28 -04:00
Steve Hay
1d86202b6f
trying 1 gunicorn worker
2022-09-05 19:36:47 -04:00
Steve Hay
47f5fb17f4
updated dovecot to allow DH and updated ciphers in nginx and postfix as well
2022-09-05 19:25:20 -04:00
Steve Hay
5aab1deeec
still doesnt work
2022-09-05 18:56:39 -04:00
Steve Hay
58dde1ce23
launching from the same directory as before the change
2022-09-05 17:46:59 -04:00
Steve Hay
91cf713da0
added utils import
2022-09-05 17:32:31 -04:00
Steve Hay
9457811bec
need to install gunicorn!
2022-09-05 17:28:03 -04:00
Steve Hay
af54696b62
first attempt
2022-09-05 17:21:46 -04:00
Steve Hay
66e157d274
updated cipher list to mozilla recommendations and forced use of DHE.
2022-09-05 16:07:48 -04:00
Steve Hay
8c1a7b7735
reverting parts of the patch accidentally changed from original. addressing Prefix=path.
2022-09-05 14:48:20 -04:00
Steve Hay
290b6bd7bd
port boto to boto3 and fix asyncio issue
2022-09-05 12:25:51 -04:00
Joshua Tauberer
91fc74b408
Setup fixes for Ubuntu 22.04
...
Nextcloud:
* The Nextcloud user_external 1.0.0 package for Nextcloud 21.0.7 isn't available from Nextcloud's releases page, but it's not needed in an intermediate upgrade step (hopefully), so we can skip it.
* Nextcloud updgrade steps should not be elifs because multiple intermediate upgrades may be needed.
* Continue if the user_external backend migration fails. Maybe it's not necessary. It gives a scary error message though.
* Remove a line that removes an old file that hasn't been in use since 2019 and the expectation is that Ubuntu 22.04 installations are on fresh machines.
Backups:
* For duplicity, we now need boto3 for AWS.
2022-09-03 07:50:36 -04:00
KiekerJan
5e309c1250
update roundcube
2022-08-20 00:04:09 +02:00
David Duque
e0c0b5053c
Upgrade Nextcloud External User Backend to v3.0.0
...
Co-Authored-By: Joshua Tauberer <jt@occams.info>
2022-07-28 14:42:51 -04:00
Joshua Tauberer
268b31685d
Ensure STORAGE_ROOT has a+rx permission since processes run by different system users need to access files within it
2022-07-28 14:42:51 -04:00
Joshua Tauberer
ab71abbc7c
Update to latest cryptography Python package, add missing source at top of management.sh so it can run standalone (needs STORAGE_ROOT)
2022-07-28 14:42:51 -04:00
Joshua Tauberer
87e6df9e28
Fix roundcube dependency missing imap and unneeded ldap
2022-07-28 14:42:51 -04:00
Felix Matouschek
558f2db31f
system.sh: Remove no longer needed haveged ( #2090 )
...
Starting from kernels 5.6 haveged is obsolete. Therefore remove it in
Ubuntu 22.04.
See https://github.com/jirka-h/haveged/issues/57
2022-07-28 14:42:51 -04:00
Joshua Tauberer
c23dd701f0
Start changelog and instructions updates for version 60 supporting Ubuntu 22.04
...
To scan for updated apt packages in Ubuntu 22.04, I ran on Ubuntu 18.04 and 22.04 and compared the output:
```
for package in openssl openssh-client haveged pollinate fail2ban ufw bind9 nsd ldnsutils nginx dovecot-core postfix opendkim opendkim-tools opendmarc postgrey spampd razor pyzor dovecot-antispam sqlite3 duplicity certbot munin munin-node php python3; do
echo -n "$package ";
dpkg-query --showformat='${Version}' --show $package;
echo
done
```
2022-07-28 14:42:51 -04:00
Joshua Tauberer
0a7b9d5089
Update dovecot, spampd settings for Ubuntu 22.04
...
* dovecot's ssl_protocols became ssl_min_protocol in 2.3
* spampd fixed a bug so we can remove lmtp_destination_recipient_limit=1 in postfix
2022-07-28 14:34:45 -04:00
Joshua Tauberer
1eddf9a220
Upgrade to Nextcloud 23.0.4
...
The first version supporting PHP 8.0 is Nextcloud 21. Therefore we can add migrations only to Nextcloud 21 forward, and so we only support migrating from Nextcloud 20 (Mail-in-a-Box versions v0.51+). Migration steps through Nextcloud 21 and 22 are added.
Also:
* Fix PHP APUc settings to be before Nextcloud tools are run.
2022-07-28 14:34:45 -04:00
Joshua Tauberer
78d71498fa
Upgrade from PHP 7.2 to 8.0 for Ubuntu 22.04
...
* Add the PHP PPA.
* Specify the version when invoking the php CLI.
* Specify the version in package names.
* Update paths to 8.0 (using a variable in the setup scripts).
* Update z-push's php-xsl dependency to php8.0-xml.
* php-json is now built-into PHP.
Although PHP 8.1 is the stock version in Ubuntu 22.04, it's not supported by Nextcloud yet, and it likely will never be supported by the the version of Nextcloud that succeeds the last version of Nextcloud that supports PHP 7.2, and we have to install the next version so that an upgrade is permitted, so skipping to PHP 8.1 may not be easily possible.
2022-07-28 14:02:46 -04:00
Joshua Tauberer
b41a0ad80e
Drop some hacks that we needed for Ubuntu 18.04
...
* certbot's PPA is no longer needed because a recent version is now included in the Ubuntu respository.
* Un-pin b2sdk (reverts 69d8fdef99d829d7404899474b348fcf33be4596
2022-07-28 14:02:46 -04:00
