1
0
Mirror von https://github.com/mail-in-a-box/mailinabox.git synchronisiert 2025-10-24 17:50:54 +00:00
Commit graph

2046 Commits

Autor SHA1 Nachricht Datum
David Duque
311e6c63e8
Render the 'Backup now' buttons even if there are already backups 2020-07-21 19:25:48 +01:00
David Duque
a0da88834c
Terminate the status checks process pool before exiting 2020-07-21 19:21:46 +01:00
David Duque
967409b157
Drop requirement for passwords to have no spaces (#1789) 2020-07-16 07:23:11 -04:00
David Duque
1b2711fc42
Add 'always' modifier to the HSTS add_header directive (#1790)
This will make it so that the HSTS header is sent regardless of the request status code (until this point it would only be sent if "the response code equals 200, 201, 206, 301, 302, 303, 307, or 308." - according to thttp://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header)
2020-07-16 07:21:14 -04:00
David Duque
20b4f26e42
Use ubuntu/focal64 as main testbed 2020-07-15 15:28:47 +01:00
David Duque
c8fbe2dd5d
Determine the PHP version at runtime (instead of at setup-time) 2020-07-15 15:28:02 +01:00
David Duque
515a74ba11
Render the lsb_release at flask init time
Don't change the index.html file at setup time
2020-07-14 11:51:25 +01:00
David Duque
b562e7eefa
Hide the 'Create Backup' buttons when backups are turned off 2020-07-11 15:45:50 +01:00
David Duque
ccf60c7017
Backups: User-initiated and cron-initiated jobs will have the same lockname
So that some poor timing (initiating a backup when there's a cron-initiated backup)
doesn't screw everything up.
2020-07-11 09:16:32 +01:00
David Duque
e224b6b3b2
Update project status 2020-07-11 08:43:46 +01:00
David Duque
79e2398d71
Fix comment 2020-07-11 08:30:05 +01:00
David Duque
af9ef186b3
Add manual backup option 2020-07-10 15:48:37 +01:00
David Duque
e6102eacfb
AXFR Transfers (for secondary DNS servers): Allow IPv6 addresses (#1787) 2020-07-08 18:26:47 -04:00
David Duque
199c2c50ba
Backups: Fix backup target selector width 2020-07-08 19:32:24 +01:00
David Duque
4a85250242
Revert vagrantfile to upstream config 2020-07-08 19:31:35 +01:00
David Duque
dd017c44c7
Update ideas section and roadmap 2020-07-08 15:00:04 +01:00
David Duque
3dfdb9a309
Update Vagrantfile to pull from development branch 2020-07-03 19:01:16 +01:00
David Duque
1d4d03637f
Version bump 2020-06-29 09:47:38 +01:00
David Duque
b98111b4e1
Fix unassigned php version 2020-06-29 09:13:50 +01:00
David Duque
3876cbac8a
Version bump 2020-06-28 10:06:50 +01:00
David Duque
ffc7e8d77e
Add comments explaining 2020-06-28 10:05:25 +01:00
David Duque
7f305ee02e
Add /.well-known/mta-sts.txt to all nginx dotfiles 2020-06-28 09:57:28 +01:00
David Duque
fcb44dafa3
Let's encrypt certbot hotfix 2020-06-27 21:32:36 +01:00
David Duque
7af4ab0f4f
Version bump 2020-06-27 20:27:49 +01:00
David Duque
7864055490
Upgrade Nextcloud 2020-06-27 19:39:03 +01:00
David Duque
7b357fa71b Version bump (v0.46 rc) 2020-06-21 22:49:14 +01:00
David Duque
9a4cf4d7af Update dependencies 2020-06-21 16:02:17 +01:00
David Duque
022a11e159 Merge remote-tracking branch 'up/master' 2020-06-21 15:52:31 +01:00
David Duque
74554bcbf3 Version bump 2020-06-21 15:45:34 +01:00
David Duque
5d6c23cff9 Finalize php configuration 2020-06-21 15:18:46 +01:00
David Duque
0ccbf1b809 Only spawn a thread pool when strictly needed
For --check-primary-hostname, the pool is not used.
When exiting, the other processes are left alive and will hang.
2020-06-21 15:05:17 +01:00
Joshua Tauberer
6fd3195275 Fix MTA-STS policy id so it does not have invalid characters, fixes #1779 2020-06-12 13:09:11 -04:00
David Duque
d01069f7f2 Automatically agree to ToS on SSL provision 2020-06-12 09:27:08 +01:00
Joshua Tauberer
224242dfde Merge v0.46 point release branch 2020-06-11 12:25:49 -04:00
Joshua Tauberer
049bfb6f7f v0.46 2020-06-11 12:23:18 -04:00
Joshua Tauberer
12d60d102b Update Roundcube to 1.4.6
Fixes #1776
2020-06-11 12:21:17 -04:00
Joshua Tauberer
9db2fc7f05 In web proxies, add X-{Forwarded-{Host,Proto},Real-IP} and 'proxy_set_header Host' when there is a flag
Merges #1432, more or less.
2020-06-11 12:20:17 -04:00
Joshua Tauberer
e03a6541ce Don't make autoconfig/autodiscover subdomains and SRV records when the parent domain has no user accounts
These subdomains/records are for automatic configuration of mail clients, but if there are no user accounts on a domain, there is no need to publish a DNS record, provision a TLS certificate, or create an nginx server config block.
2020-06-11 12:20:17 -04:00
Faye Duxovni
41642f2f59 [backport] Fix roundcube error log file path in setup script (#1775) 2020-06-11 12:16:53 -04:00
Vasek Sraier
df9bb263dc
daily_tasks.sh: redirect stderr to stdout (#1768)
When the management commands fail, they can print something to the standard error output.
The administrator would never notice, because it wouldn't be send to him with the usual emails.
Fixes #1763
2020-06-07 09:56:45 -04:00
Faye Duxovni
339c330b4f
Fix roundcube error log file path in setup script (#1775) 2020-06-07 09:50:04 -04:00
Marcus Bointon
cfc8fb484c
Add rate limiting of SSH in the firewall (#1770)
See #1767.
2020-06-07 09:47:51 -04:00
Joshua Tauberer
bc1be9d70a readme fixes 2020-05-30 08:15:31 -04:00
Joshua Tauberer
3a4b8da8fd More for MTA-STS for incoming mail
* Create the mta_sts A/AAAA records even if there is no valid TLS certificate because we can't get a TLS certificate if we don't set up the domains.
* Make the policy id in the TXT record stable by using a hash of the policy file so that the DNS record doesn't change every day, which means no nightly notification and also it allows for longer caching by sending MTAs.
2020-05-30 08:04:09 -04:00
Joshua Tauberer
37dad9d4bb Provision certificates from Let's Encrypt grouped by DNS zone
Folks didn't want certificates exposing all of the domains hosted by the server (although this can already be found on the internet).

Additionally, if one domain fails (usually because of a misconfiguration), it would be nice if not everything fails. So grouping them helps with that.

Fixes #690.
2020-05-29 15:38:18 -04:00
Joshua Tauberer
b805f8695e Move status checks for www, autoconfig, autodiscover, and mta-sts to within the section for the parent domain
Since we're checking the MTA-STS policy, there's no need to check that the domain resolves etc. directly.
2020-05-29 15:38:13 -04:00
Joshua Tauberer
10bedad3a3 MTA-STS tweaks, add status check using postfix-mta-sts-resolver, change to enforce 2020-05-29 15:36:52 -04:00
A. Schippers
afc9f9686a
Publish MTA-STS policy for incoming mail (#1731)
Co-authored-by: Daniel Mabbett <triumph_2500@hotmail.com>
2020-05-29 15:30:07 -04:00
David Duque
8ca58798e4
Typo fix 2020-05-28 16:17:10 +01:00
David Duque
235ebe9a4a
Secondary nameservers: Allow IPv6 2020-05-28 15:47:43 +01:00