Joshua Tauberer
bd86d44c8b
simplify the munin_cgi wrapper / add changelog entry
2016-03-23 16:09:19 -04:00
mike
6b408ef824
Use utils.shell instead of subprocess.Popen
2016-01-14 10:24:04 -05:00
mike
8932aaf4ef
needed libcgi-fast-perl and chown log files
2016-01-13 23:55:45 -05:00
mike
6d6f3ea391
Added ability to use munin's dynazoom
2016-01-13 22:20:33 -05:00
Joshua Tauberer
2ad7d0830e
add exception handling for what_version_is_this, fixes #659
2016-01-09 09:23:07 -05:00
Joshua Tauberer
07f9228694
Merge branch 'letsencrypt' for automatic provisioning of TLS certificates from Let's Encrypt
2016-01-09 08:58:35 -05:00
baltoche
36e5772a8e
Update dns_update.py
2016-01-05 16:56:16 +01:00
Joshua Tauberer
2882e63dd8
second part of provisioning tls certificates from the control panel
2016-01-04 18:43:17 -05:00
Joshua Tauberer
812ef024ef
status checks: check that the non-primary domains also resolve over IPv6, if configured
2016-01-04 18:43:17 -05:00
Joshua Tauberer
40cdc5aa30
status checks: if a domain's DNS isnt working dont check the TLS certificate because we cant automatically provision one now anyway
2016-01-04 18:43:17 -05:00
Joshua Tauberer
b8d6226a9a
when provisioning tls certs from the command line, specify domain names as command line arguments to force getting certs for those domains
2016-01-04 18:43:17 -05:00
Joshua Tauberer
bac15d3919
provision tls certificates from the control panel
2016-01-04 18:43:16 -05:00
Joshua Tauberer
4b4f670adf
s/SSL/TLS/ in user-visible text throughout the project
2016-01-04 18:43:16 -05:00
Joshua Tauberer
b1b57f9bfd
don't try to get certs for IDNA domains and report all reasons for not fetching a certificate
...
fixes #646
2016-01-04 18:43:16 -05:00
Joshua Tauberer
b6933a73fa
provision and install free SSL certificates from Let's Encrypt
2016-01-04 18:43:16 -05:00
Joshua Tauberer
5033042b8c
backups: email the administrator when there's a problem
...
Refactor by moving the email-the-admin code out of the status checks and into a new separate tool.
This is why I suppressed non-error output of the backups last commit - so it doesn't send a daily email.
2016-01-04 18:43:02 -05:00
Joshua Tauberer
89a46089ee
backups: suppress all output except errors
2016-01-04 18:43:02 -05:00
Joshua Tauberer
e288d7730b
backups: trap an error that occurs as early as getting the current backup status
2016-01-04 18:43:02 -05:00
Joshua Tauberer
06a0e7f3fe
merge #584 - Add checks to the management interface to report memory usage
2016-01-01 18:13:21 -05:00
Joshua Tauberer
a9cd72bbf9
tighten the status text strings for free memory, add changelog entry
2016-01-01 18:12:36 -05:00
Joshua Tauberer
682b1dea5e
changelog/status checks updated for opening the sieve port
2016-01-01 17:53:05 -05:00
Joshua Tauberer
8d19eade85
clarify the backup days option, fixes #570
2015-12-26 12:04:26 -05:00
Joshua Tauberer
d53332b7cf
drop the CSR_COUNTRY setting and ask within the control panel
2015-12-26 11:48:23 -05:00
Joshua Tauberer
392d33b902
change DANE TLSA record to hash the subject public key rather than the whole certificate, which means it is good for any certificate tied to the same private key
...
Better for short-lived certificates. This is especially in preparation to using certificates from Let's Encrypt.
see #268
2015-12-26 11:01:46 -05:00
Joshua Tauberer
4305a71916
merge #587 - move backup and nightly status checks to 3am in system time
...
previously these were run in a cron.daily script which per crontab is run at 6:25 am local time
2015-12-26 08:42:58 -05:00
Joshua Tauberer
a4d8e12fd7
clean up the backup time patch: dont choose timezone here, move status checks into the same 3am script
2015-12-26 08:41:37 -05:00
Joshua Tauberer
dbf4729109
add management/backup.py --restore
2015-12-23 12:53:38 +00:00
Joshua Tauberer
6e6c993724
reword POP documentation, add to changelog/readme
2015-12-12 08:46:18 -05:00
Marius
f8b4e3775d
Update mail-guide.html (POP3)
2015-12-12 08:41:13 -05:00
Joshua Tauberer
fad69f85fa
Merge pull request #605 from ariejan/feature/604-add-rfc2142-mail-aliases
...
Add alias for abuse@
2015-12-07 15:56:51 -05:00
Ariejan de Vroom
aedfe62bb0
Add alias for abuse@
2015-12-07 16:31:58 +01:00
Joshua Tauberer
c4f00626ef
status checks: check that PRIMARY_HOSTNAME's AAAA record is working
2015-12-07 09:08:00 -05:00
Joshua Tauberer
fdad83a1bb
status checks: check IPv6 reverse DNS
2015-12-07 08:58:48 -05:00
Joshua Tauberer
5bbe9f9a04
status checks: when ipv6 is enabled, check that services are accessible over ipv6 too
2015-12-07 08:37:04 -05:00
Joshua Tauberer
7a93d219ef
some cleanup in dns_update.py
2015-11-29 14:59:35 +00:00
Joshua Tauberer
808522d895
merge functions get_web_domains and get_default_www_redirects
2015-11-29 14:46:08 +00:00
Joshua Tauberer
be9efe0273
ensure malformed ssl certificate can't cause it to be written to an arbitrary path
2015-11-29 14:04:37 +00:00
Joshua Tauberer
766b98c4ad
refactor: move SSL-related management functions into a new module ssl_certificates.py
2015-11-29 13:59:22 +00:00
Joshua Tauberer
c422543fdd
make the system SSL certificate a symlink so we never have to replace a certificate file, and flatten the directory structure of user-installed certificates
2015-11-29 02:02:01 +00:00
Joshua Tauberer
cf33be4596
fix boto 2 conflict on Google Compute Engine instances
...
GCE installs some Python-2-only boto plugin that conflicts with boto running under Python 3. It gives a SyntaxError in /usr/share/google/boto/boto_plugins/compute_auth.py (https://github.com/GoogleCloudPlatform/compute-image-packages ).
Disabling boto's default configuration file prior to importing boto so that GCE's plugin is not loaded.
See https://discourse.mailinabox.email/t/500-internal-server-error-for-admin/942 .
2015-11-26 14:51:44 +00:00
Joshua Tauberer
161d096139
add a way to dump backup status from the command line
2015-11-26 14:34:07 +00:00
Michael Kroes
59f8aa1c31
Add checks to the management interface to report memory usage
2015-11-20 01:48:59 -05:00
Joshua Tauberer
59e9952a61
the explanatory text for setting up secondary nameservers was hidden until a secondary nameserver is added, so that wasn't helpful
2015-11-19 07:00:32 -05:00
yodax
280de022cb
Change order in which service stop
2015-11-17 05:22:42 -05:00
yodax
fa1cad7fb2
During the backup you will get login failures which will confuse iOS, so it is better to stop php-fpm as well
2015-11-17 02:57:14 -05:00
Joshua Tauberer
1926bfa1c5
all DNS queries should have a timeout, fixes #591
2015-11-11 12:25:55 +00:00
Sheldon Rupp
96b02e68ee
Change 'Wosign' to 'WoSign'
2015-11-08 21:31:43 +01:00
Joshua Tauberer
ac238b9d28
dont run secondary nameserver checks if the zone's nameservers aren't correct to begin with, possibly because the user is using external DNS, see #582
2015-11-05 11:09:15 +00:00
Joshua Tauberer
3fd1279e7d
...but then also have to compare against the intended IP address, which might have a custom override, see #582
2015-11-03 12:06:03 +00:00
Joshua Tauberer
3bc38c89ab
secondary NS status checks in 3b91bc2c0a
should not be skipped if the target IP address has been modified by a custom record
...
see #582
2015-11-03 06:48:04 -05:00