Joshua Tauberer
b32cb6229b
install boto (py2) via the package manager, not pip (used by duplicity)
2015-11-26 14:20:59 +00:00
Joshua Tauberer
05e128cafb
the >'s in pip install package names might be interpreted as shell redirects and was creating files name '=1.0.0' '=2.0.0' and '=1.0.2' (I'm not sure how this was ever working)
2015-11-19 07:00:32 -05:00
Joshua Tauberer
2a44b0cafb
the new SSL certs routine requires cryptography>=1.0.2 to make RSAPublicNumbers hashable
...
an earlier problem about --upgrade (de34d0d337
) seemed to be just a local problem on my box, so going back to unpinned >= requirement specs
https://discourse.mailinabox.email/t/upgrade-to-v0-13b-broke-admin/876
2015-10-08 12:24:22 +00:00
Joshua Tauberer
de34d0d337
pin pip versions of email_validator and cryptography so pip doesn't keep reinstalling them each upgrade even if nothing changed (and the ceffi depedency installation can be very slow and is prone to break under low memory)
2015-09-05 12:35:01 +00:00
Joshua Tauberer
73fbcd7fa3
silence all of the installing/already installed package messages on installation
...
Querying dpkg for each package is slow, and we have way too much output on installation because of it.
2015-08-19 15:58:35 -04:00
Leo Koppelkamm
96fb0f78f7
Add comment regarding the use of pip instead of pip3
2015-07-27 21:56:08 +02:00
Leo Koppelkamm
2e6c410336
Make backups more configurable
...
Backup location and maximum age can now be configured in the admin panel.
For now only S3 is supported, but adding other duplicity supported backends should be straightforward.
2015-07-27 21:53:34 +02:00
Joshua Tauberer
091c2e45bf
always attempt to upgrade pip packages during setup
2015-07-03 14:25:41 +00:00
Joshua Tauberer
aa33428311
some IDNA functionality was still using Python's built-in IDNA 2003 encoder rather than the idna package's IDNA 2008 encoder
2015-06-30 13:09:18 +00:00
Joshua Tauberer
47acbbf332
bump to latest version of my email_validator library
2015-06-23 16:43:35 -04:00
Joshua Tauberer
dece359c90
validate certificates using the cryptography python package as much as possible, shelling out to openssl just once instead of four times per certificate
...
* Use `cryptography` instead of parsing openssl's output.
* When checking if we can reuse the primary domain certificate or a www-parent-domain certificate for a domain, avoid shelling out to openssl entirely.
2015-06-21 14:53:37 +00:00
Toilal
ce17c12ca2
Use netcat to check if mailinabox webservice is available
...
[JT added installing netcat-openbsd in system.sh]
2015-06-18 08:04:46 -04:00
Joshua Tauberer
3b86b3fe66
bump to email_validator 0.1.0-rc5
2015-05-19 08:37:17 -04:00
Joshua Tauberer
1f08997a9e
need my new email_validator library during questions
2015-05-03 11:02:23 -04:00
Joshua Tauberer
f0143fd6c9
bump version of my email_validator library
2015-04-29 21:18:14 +00:00
Joshua Tauberer
5efd5abbe4
move the email address syntax validation for users and aliases into my new email_validator library ( https://github.com/JoshData/python-email-validator )
2015-04-21 14:43:12 +00:00
Joshua Tauberer
4d22fb9b2a
run status checks each night and email the administrator with the changes from the previous day's results
2015-03-21 16:02:42 +00:00
Joshua Tauberer
575d3a66c6
more on being smarter about waiting for the management daemon to start
...
cc333b3965
worked for fresh systems, but if the system already had the daemon running the api.key file would already exist and the test would pass to early. Now removing the file first.
fixes #322
2015-02-13 13:11:03 +00:00
Joshua Tauberer
3853e8dd93
show the status of backups in the control panel
2014-09-01 13:06:53 +00:00
Joshua Tauberer
28231ac248
Merge pull request #150 from hjjg/secretkeyfix
...
The secret key that encrypts the backups should not be world readable.
2014-08-24 17:21:38 -04:00
Joshua Tauberer
03bbd25a10
re-do allow apt to perform security updates on its own
...
Move this into system.sh rather than anagement.sh.
This reverts commit eab28c97ff
.
2014-08-23 12:35:59 +00:00
Helmuth Gronewold
ee9552734f
Fix permissions of backup secret according to Josh's comment at
...
https://github.com/mail-in-a-box/mailinabox/pull/150#issuecomment-53120156
2014-08-22 23:23:56 +02:00
Helmuth Gronewold
a68fd6429f
The secret key that encrypts the backups should not be world readable.
2014-08-22 22:55:34 +02:00
Joshua Tauberer
eab28c97ff
allow apt to perform security updates on its own
2014-08-21 11:47:28 +00:00
Joshua Tauberer
023cd12e1a
hide lots of unnecessary and scary output during setup
2014-07-16 09:36:56 -04:00
Joshua Tauberer
573faa2bf5
install the backup script as a daily cron job
2014-06-26 10:46:22 +00:00
Joshua Tauberer
4668367420
first pass at a management tool for checking what the user must do to finish his configuration: set NS records, DS records, sign his certificates, etc.
2014-06-22 15:54:22 +00:00
Joshua Tauberer
326cc2a451
obviously put our stuff in /usr/local and not /usr
2014-06-21 12:35:00 -04:00
Joshua Tauberer
33f06f29c1
let the user override some DNS records
2014-06-17 22:21:51 +00:00
Joshua Tauberer
5490142df5
re-do the backup script to use the duplicity program
...
Duplicity will manage the process of creating incremental backups for us.
Although duplicity can both encrypt & copy files to a remote host, I really
don't like PGP and so I don't want to use that.
Instead, we'll back up to a local directory unencrypted, then manually
encrypt the full & incremental backup files. Synchronizing the encrypted
backup directory to a remote host is a TODO.
2014-06-09 09:34:52 -04:00
Joshua Tauberer
89730bd643
new backup script, see #11
2014-06-03 21:16:38 +00:00
Joshua Tauberer
c54b0cbefc
move management into a daemon service running as root
...
* Created a new Python/flask-based management daemon.
* Moved the mail user management core code from tools/mail.py to the new daemon.
* tools/mail.py is a wrapper around the daemon and can be run as a non-root user.
* Adding a new initscript for the management daemon.
* Moving dns_update.sh to the management daemon, called via curl'ing the daemon's API.
This also now runs the DNS update after mail users and aliases are added/removed,
which sets up new domains' DNS as needed.
2014-06-03 13:56:40 +00:00