Commit Graph

1640 Commits

Author SHA1 Message Date
Ralph J.Mayer 2835d9b468 Merge pull request #1 from TabTwo/TabTwo-patch-1
Allow remote client for Sieve
2015-12-31 18:23:30 +01:00
Ralph J.Mayer afd401c3d4 Allow remote client for Sieve 2015-12-31 18:22:31 +01:00
Joshua Tauberer 362bc060f6 fix merge mistake (4305a71916) 2015-12-26 14:12:15 -05:00
Joshua Tauberer c8fef45362 v0.15-rc1 2015-12-26 14:01:00 -05:00
Joshua Tauberer 8d19eade85 clarify the backup days option, fixes #570 2015-12-26 12:04:26 -05:00
Joshua Tauberer d53332b7cf drop the CSR_COUNTRY setting and ask within the control panel 2015-12-26 11:48:23 -05:00
Joshua Tauberer 392d33b902 change DANE TLSA record to hash the subject public key rather than the whole certificate, which means it is good for any certificate tied to the same private key
Better for short-lived certificates. This is especially in preparation to using certificates from Let's Encrypt.

see #268
2015-12-26 11:01:46 -05:00
Joshua Tauberer 4305a71916 merge #587 - move backup and nightly status checks to 3am in system time
previously these were run in a cron.daily script which per crontab is run at 6:25 am local time
2015-12-26 08:42:58 -05:00
Joshua Tauberer a4d8e12fd7 clean up the backup time patch: dont choose timezone here, move status checks into the same 3am script 2015-12-26 08:41:37 -05:00
Joshua Tauberer 3cb5e109a3 update changelog entries 2015-12-26 08:25:47 -05:00
Joshua Tauberer e4a4b47fac setup now asks for and sets the system timezone
closes #294
see #328
maybe related to #235
2015-12-26 08:08:08 -05:00
BuildTools 8a35905d2e add timezone selection 2015-12-23 17:29:13 -05:00
Joshua Tauberer dbf4729109 add management/backup.py --restore 2015-12-23 12:53:38 +00:00
Joshua Tauberer 86b9ef496c Merge pull request #636 from bronson/doc-mites
tiny tweaks to make the bash docs slightly more readable
2015-12-23 07:29:39 -05:00
Scott Bronson 6336cc6452 tiny tweaks to make the bash slightly more readable 2015-12-22 12:33:26 -08:00
Joshua Tauberer bc79319864 Merge pull request #494 from anoma/fail2ban-recidive
Activate FAIL2BAN recidive jail
2015-12-22 08:11:19 -05:00
Joshua Tauberer 62e88cff54 merge #624 document POP client settings in the control panel 2015-12-12 08:46:52 -05:00
Joshua Tauberer 6e6c993724 reword POP documentation, add to changelog/readme 2015-12-12 08:46:18 -05:00
Marius f8b4e3775d Update mail-guide.html (POP3) 2015-12-12 08:41:13 -05:00
Joshua Tauberer fad69f85fa Merge pull request #605 from ariejan/feature/604-add-rfc2142-mail-aliases
Add alias for abuse@
2015-12-07 15:56:51 -05:00
Joshua Tauberer 0029811de2 Merge pull request #621 from bronson/nobind9
don't install bind9-host when setting hostname
2015-12-07 15:52:47 -05:00
Scott Bronson fe9ed3f70d don't install bind9-host when setting hostname
also remove an incorrect comment
2015-12-07 10:21:51 -08:00
Ariejan de Vroom aedfe62bb0 Add alias for abuse@ 2015-12-07 16:31:58 +01:00
Joshua Tauberer c4f00626ef status checks: check that PRIMARY_HOSTNAME's AAAA record is working 2015-12-07 09:08:00 -05:00
Joshua Tauberer fdad83a1bb status checks: check IPv6 reverse DNS 2015-12-07 08:58:48 -05:00
Joshua Tauberer 20e11bbab3 fail2ban: whitelist our machine's public ip address so status checks dont cause bans of the machine itself 2015-12-07 08:45:59 -05:00
Joshua Tauberer 5bbe9f9a04 status checks: when ipv6 is enabled, check that services are accessible over ipv6 too 2015-12-07 08:37:04 -05:00
Joshua Tauberer 7a93d219ef some cleanup in dns_update.py 2015-11-29 14:59:35 +00:00
Joshua Tauberer 808522d895 merge functions get_web_domains and get_default_www_redirects 2015-11-29 14:46:08 +00:00
Joshua Tauberer be9efe0273 ensure malformed ssl certificate can't cause it to be written to an arbitrary path 2015-11-29 14:04:37 +00:00
Joshua Tauberer 766b98c4ad refactor: move SSL-related management functions into a new module ssl_certificates.py 2015-11-29 13:59:22 +00:00
Joshua Tauberer c422543fdd make the system SSL certificate a symlink so we never have to replace a certificate file, and flatten the directory structure of user-installed certificates 2015-11-29 02:02:01 +00:00
Joshua Tauberer cf33be4596 fix boto 2 conflict on Google Compute Engine instances
GCE installs some Python-2-only boto plugin that conflicts with boto running under Python 3. It gives a SyntaxError in /usr/share/google/boto/boto_plugins/compute_auth.py (https://github.com/GoogleCloudPlatform/compute-image-packages).

Disabling boto's default configuration file prior to importing boto so that GCE's plugin is not loaded.

See https://discourse.mailinabox.email/t/500-internal-server-error-for-admin/942.
2015-11-26 14:51:44 +00:00
Joshua Tauberer 161d096139 add a way to dump backup status from the command line 2015-11-26 14:34:07 +00:00
Joshua Tauberer b32cb6229b install boto (py2) via the package manager, not pip (used by duplicity) 2015-11-26 14:20:59 +00:00
Joshua Tauberer 3dd5fff110 Merge pull request #602 from NurdTurd/patch-2
Typo on 'weirdly'
2015-11-20 14:54:39 -05:00
Sheldon Rupp 398a66dd4a Typo on 'weirdly' 2015-11-20 20:46:28 +01:00
Michael Kroes 59f8aa1c31 Add checks to the management interface to report memory usage 2015-11-20 01:48:59 -05:00
Joshua Tauberer cfba97e104 updated changelog 2015-11-19 07:01:05 -05:00
Joshua Tauberer bbf78716fd during setup suppress the status line about generating an SSL certificate if we already have it 2015-11-19 07:00:33 -05:00
Joshua Tauberer b9820641aa when generating the initial self-signed cert, dont keep the CSR - it has no use after this step 2015-11-19 07:00:33 -05:00
Joshua Tauberer 8c00556bab use /dev/urandom for roundcube/owncloud key generation, see #596, partially reverts #115 (69f0e1d07a) 2015-11-19 07:00:33 -05:00
Joshua Tauberer 16d148a8a9 use /dev/urandom for DNSSEC key generation, fixes #596, partially reverts #115 (69f0e1d07a) 2015-11-19 07:00:33 -05:00
Joshua Tauberer e8264e9b6a ensure /dev/urandom is seeded with a blocking call to /dev/random and using Ubuntu's pollinate servers 2015-11-19 07:00:33 -05:00
Joshua Tauberer 4f2b223070 add comments about how openssl generates random numbers for genrsa and what could create a perfect storm to make the key not random
see #596
2015-11-19 07:00:32 -05:00
Joshua Tauberer 05e128cafb the >'s in pip install package names might be interpreted as shell redirects and was creating files name '=1.0.0' '=2.0.0' and '=1.0.2' (I'm not sure how this was ever working) 2015-11-19 07:00:32 -05:00
Joshua Tauberer 59e9952a61 the explanatory text for setting up secondary nameservers was hidden until a secondary nameserver is added, so that wasn't helpful 2015-11-19 07:00:32 -05:00
Joshua Tauberer 2f9fd09b2f Merge pull request #599 from nstanke/loglevel
Change Z-Push log level to error
2015-11-18 17:42:58 -05:00
Norman Stanke ec20d657ba Change Z-Push log level to error 2015-11-18 21:39:17 +01:00
Joshua Tauberer 34ba279b0a Merge pull request #598 from yodax/zpush-log-rotate
Add log rotation to z-push
2015-11-18 07:25:24 -05:00