Ben Schumacher
d5efb05f31
Fix typo in dns_update.py.
2014-08-26 15:58:34 -04:00
Joshua Tauberer
92c7815d2c
Merge pull request #156 from skosch/patch-1
...
Allow users to insert custom nginx configuration directives through new optional files.
2014-08-26 10:24:22 -04:00
Joshua Tauberer
06a4046d13
fix link to /cloud in the admin, fixes #160
2014-08-26 11:51:47 +00:00
Joshua Tauberer
9b8d85de45
if there are no admins when trying to access the control panel, tell the user how to make an admin from SSH
2014-08-26 11:31:45 +00:00
Joshua Tauberer
b76cbae5a0
document the DNS API in the control panel
...
see #140 , #155 , df20d447a9
2014-08-25 23:52:41 +00:00
Joshua Tauberer
ed8ce16fb5
show custom DNS records in the control panel too, fixes #155
2014-08-25 23:35:44 +00:00
Joshua Tauberer
a32806da32
create STORAGE_ROOT/backup/duplicity if it doesn't exist
...
fixes #158
2014-08-25 23:29:00 +00:00
Joshua Tauberer
18f0406541
update comments in backup.py
2014-08-25 23:28:43 +00:00
Joshua Tauberer
bc9d670981
prettify mail guide
2014-08-25 23:24:41 +00:00
Sebastian Kosch
00b5c6ee9c
test_domain -> domain
2014-08-25 16:02:13 -04:00
Sebastian Kosch
76ff9735cc
Move custom server blocks to STORAGE_ROOT
2014-08-25 13:25:44 -04:00
Sebastian Kosch
9bfff1f679
Add server block customizations
...
This allows users to add a file /etc/nginx/conf.d/includes/mydomain.com.conf, the contents of which will be included in the server block for mydomain.com.
2014-08-24 17:34:15 -04:00
Joshua Tauberer
df20d447a9
add an api for setting custom DNS records
...
Works like this:
```curl -d "" --user email:password https://.../admin/dns/set/qname/rtype/value ```
where the rtype and value default to "A" and the remote IP address of the request, so that a simple, empty POST to
```https://.../admin/dns/set/desktop.mydomain.com ```
will point desktop.mydomain.com to the caller's IPv4 address.
closes #140
2014-08-23 23:03:45 +00:00
Joshua Tauberer
6e3b04ce83
when generating SSL CSRs, using SHA256 as SHA1 is being phased out, per @konklone
2014-08-23 17:49:33 -04:00
Joshua Tauberer
2d5097345a
move the package update check into the system status checks
2014-08-21 11:24:40 +00:00
Joshua Tauberer
294d19e0af
rename whats_next.py to status_checks.py
2014-08-21 10:43:55 +00:00
Joshua Tauberer
46f3d05034
add the network checks to whats_next
...
* zen.spamhaus.org
* dbl.spamhaus.org
* checks if a connection to Google's MTA on port 25 works
2014-08-19 11:16:49 +00:00
Joshua Tauberer
91821adfd7
nameserver checks should be case insensitive
2014-08-18 22:41:27 +00:00
Joshua Tauberer
b30d7ad80a
web-based administrative UI
...
closes #19
2014-08-17 22:46:06 +00:00
Joshua Tauberer
ba8e015795
dns_update: dont restart the opendkim process if nothing changed
2014-08-17 20:42:17 +00:00
Joshua Tauberer
919a5a8f0b
whats_next: when there are multiple responses like for NS records sort the responses so we can compare to a fixed order
2014-08-17 19:55:03 +00:00
Joshua Tauberer
f299825a95
in the nginx override YAML file, change how proxies are specified into a mapping
2014-08-17 19:40:45 +00:00
Joshua Tauberer
04454b35c6
(merge) CardDAV, CalDAV via ownCloud and move to z-push fork fork
...
Merges branch 'owncloud' of github.com:jkaberg/mailinabox
which is pull request #135 , closes #135
thanks @jkaberg, @fmbiete, @owncloud
2014-08-17 15:31:08 -04:00
Joshua Tauberer
f41ec93cbe
management: dont raise an exception on a poorly formatted authentication header
2014-08-17 11:50:05 -04:00
Joshua Tauberer
6e380ade17
owncloud will only let users access it from the PRIMARY_HOSTNAME (due to its trusted_domains option being set statically), so only include /cloud in the nginx configuration for PRIMARY_HOSTNAME
2014-08-16 12:33:10 +00:00
Joshua Tauberer
8c9f278166
owncloud: support MOD_X_ACCEL_REDIRECT_ENABLED
...
This lets downloads from the file app work.
2014-08-15 23:16:54 +00:00
Joshua Tauberer
e625a424fd
whats_next: check that the TLSA record is correct, fixes #139
2014-08-13 19:42:49 +00:00
Joshua Tauberer
0eceb2012f
use php5-fpm rather than our own custom launcher script for PHP+FastCGI
2014-08-12 11:00:54 +00:00
Joshua Tauberer
1312b0254b
backup: dont remove old increments because then we lose the backup history right before the last full backup, instead let them disappear along with full backups when a whole chain becomes very old
2014-08-11 11:45:40 +00:00
Joshua Tauberer
f66914d634
backup: automatically take a full backup when the sum of the increments get very large
2014-08-11 11:38:32 +00:00
Joshua Tauberer
58e300e113
backup must be full on the first run because incremental backup will fail, fixes #134
2014-08-11 07:16:58 -04:00
Joshua Tauberer
e294f7c181
create the Drafts folder for users so K-9 mail doesn't poll unnecessarily, see #129
2014-08-09 16:49:57 +00:00
Joshua Tauberer
b56f82cb92
make a privileges column in the users table and mark the first user as an admin
2014-08-08 12:31:22 +00:00
Joshua Tauberer
6a512042dc
after creating the local encrypted backup, execute the after-backup script if the user has provided one to copy the files to a remote location
2014-08-02 14:16:08 +00:00
Joshua Tauberer
6d4fab1e6a
whats_next: offer DNSSEC DS parameters rather than the full record and in validation allow for other digests than the one we suggest using
...
fixes #120 (hopefully), in which Gandi generates a SHA1 digest but we were only checking against a SHA256 digest
Also see http://discourse.mailinabox.email/t/how-to-set-ds-record-for-gandi-net/24/1 in which a user asks about the DS parameters that Gandi asks for.
2014-08-01 12:15:05 +00:00
Joshua Tauberer
30178ef019
add a --force flag to dns_update
2014-08-01 12:05:34 +00:00
Joshua Tauberer
168c06939d
have nsd bind to the network interaface that is connected to the Internet, rather than all non-loopback network interfaces
...
hopefully fixes #121 ; thanks for the help @sfPlayer1
2014-07-29 20:07:26 -04:00
Joshua Tauberer
8042ab66ac
dont serve web for domains with custom DNS records that point A/AAAA elsewhere, and in whats_next only check that an A record exists on a domain if we are serving web on the domain
2014-07-20 15:23:17 +00:00
Joshua Tauberer
8354d9732a
in the custom DNS yaml config, treat 'local' as an alias for the box's own IP/IPv6 addresses
2014-07-20 14:53:55 +00:00
Joshua Tauberer
1ad9c70887
refactor custom DNS records
2014-07-20 14:48:20 +00:00
Joshua Tauberer
2e0680de4f
the check for whether a custom DNS setting is valid was in the wrong place
2014-07-20 14:41:02 +00:00
sfPlayer1
89acbe4127
Update dns_update.py
...
Add new extra bool parameter.
2014-07-18 13:05:32 +02:00
sfPlayer1
0e893626c8
Add IPv6 glue records as well
...
The dns_update script didn't generate IPv6 (AAAA) glue records for the name servers.
This caused http://dnscheck.pingdom.com to complain about a mismatch between the glue records reported by the parent name server and mailinabox nsd.
Here's the failing dnscheck output for reference:
> Checking glue for ns1.my.domain.tld (1.2.3.4).
> Child glue for bgwe.eu found: ns1.my.domain.tld (1.2.3.4)
> Checking glue for ns1.my.domain.tld (1234::1).
> Missing glue at child: ns1.my.domain.tld
> Checking glue for ns2.my.domain.tld (1.2.3.4).
> Child glue for bgwe.eu found: ns2.my.domain.tld (1.2.3.4)
> Checking glue for ns2.my.domain.tld (1234::1).
> Missing glue at child: ns2.my.domain.tld
I'm not very familiar with Python and DNS, please verify ;)
2014-07-18 13:03:09 +02:00
Joshua Tauberer
42c891032d
don't create a www. subdomain on any domains that are themselves subdomains within a zone, i.e. don't create www.PUBLIC_HOSTNAME if PUBLIC_HOSTNAME is a subdomain of another domain, which is what we normally recommend
2014-07-17 13:08:05 +00:00
Joshua Tauberer
d7a9e7cc17
run management/dns_update.py from the console to dump the DNS records, with explanations, in case the user wants to host DNS off of the box
2014-07-17 13:08:05 +00:00
Joshua Tauberer
7803ac9ca4
write explanatory text as we build DNS zones so we can help the user manage DNS off of the box
2014-07-17 13:08:05 +00:00
Joshua Tauberer
eac349187d
whats_next: move the admin alias check to the system section
2014-07-16 09:36:56 -04:00
Joshua Tauberer
9c7d476915
re-do catch-all aliases, fixes #107 (originally #104 )
...
This reverts pull request #105 from jonessen96/master (84d2023f94
) which was incorrect because it lost the "+" in DOT_ATOM_TEXT and so was not accepting any email addresses.
Am taking the opportunity to make the code cleaner while I'm here.
2014-07-13 12:29:43 +00:00
Jonas Platte
c35252720f
Prohibited usage of empty local part for validate_email(email, strict = true)
2014-07-12 22:57:38 +02:00
Jonas Platte
70e4e7f7be
Fixed validate_email not accepting catchalls (empty local part of the address)
2014-07-12 03:22:55 +02:00