Joshua Tauberer
01636c2e4b
Merge branch 'h8h-master'
...
I squashed some commits together and modified the commit message...
2015-02-03 23:54:17 +00:00
H8H
005315cd29
removed hardcoded /home directory to apply the existing configuration options for STORAGE_USER/ROOT if they exist
...
Highest priority: the pre set STORAGE_ROOT/USER, midmost priority: the config settings, lowest priority: the default one.
fixes #309 ; closes #311
2015-02-03 23:52:02 +00:00
Ian Beringer
20d20df829
allow for non-standard ssh port in status check
...
closes #313
2015-02-01 23:06:56 +00:00
Joshua Tauberer
f945a1bc6b
Merge pull request #312 from ikarus23/master
...
hide nginx version an OS information for better privacy
2015-02-01 14:25:39 -05:00
ikarus
3a09b04786
hide nginx version an OS information for better privacy.
2015-02-01 20:13:03 +01:00
Joshua Tauberer
82e752395b
Merge pull request #310 from ikarus23/master
...
do better redirection from http to https
2015-01-31 19:58:31 -05:00
ikarus
e330abd587
do better redirection from http to https
...
Redirect using the 'return' directive and the built-in
variable '$request_uri' to avoid any capturing, matching
or evaluation of regular expressions.
It's best practice. See: http://wiki.nginx.org/Pitfalls#Taxing_Rewrites
2015-02-01 01:32:07 +01:00
Joshua Tauberer
16422b4055
adding items to the CHANGELOG
2015-01-31 21:36:37 +00:00
Joshua Tauberer
b9ca74c915
implement Mozilla (e.g. Thunderbird) autoconfiguration file
...
fixes #241
2015-01-31 21:33:18 +00:00
Joshua Tauberer
7e05d7478f
run status checks asynchronously so that they finish faster, since many checks are waiting on network replies and ought not to block the whole thing
2015-01-31 20:42:43 +00:00
Joshua Tauberer
8fd98d7db3
status checks: s/env['out']/output/
2015-01-31 20:42:43 +00:00
Joshua Tauberer
1039a08be6
/admin login now issues a user-specific key for future calls (rather than providing the system-wide API key or passing the password on each request)
2015-01-31 20:42:43 +00:00
Joshua Tauberer
023b38df50
split management daemon authorization from authentication and use 'doveadm pw' rather than 'doveadm auth test' so that it is decoupled from dovecot's login mechanism
...
This was done to pave the way for two-factor authentication, but that's still a ways off.
2015-01-31 20:41:41 +00:00
Joshua Tauberer
3187053b3a
dont save the CSR generated to make self-signed certificates for non-primary domains (it has no value and might be confusing)
2015-01-31 13:27:06 +00:00
Joshua Tauberer
a3e526e818
Merge pull request #307 from pierreozoux/master
...
Typo
2015-01-29 12:52:37 -05:00
pierreozoux
f6d4621834
Typo
2015-01-29 17:03:20 +00:00
Joshua Tauberer
d075113c1a
Merge pull request #306 from dhpiggott/fix-backup-typos
...
Fix typos in backup status template
2015-01-29 08:22:44 -05:00
David Piggott
63f2abd923
Fix typos in backup status template
2015-01-29 09:25:12 +00:00
Joshua Tauberer
624cc7876a
Merge pull request #297 from kurthuwig/fix_typo
...
Fix typo in mail-guide.html
2015-01-21 08:52:39 -05:00
Kurt Huwig
d3059c810f
Fix typo in mail-guide.html
...
Sercurity -> Security
2015-01-21 08:23:26 +01:00
Joshua Tauberer
85a40da83c
catch-all aiases and domain aliases should not require postmaster@ and admin@ aliases because they'll forward anyway
2015-01-19 23:32:36 +00:00
Joshua Tauberer
1bf8f1991f
internationalized domain names (DNS, web, CSRs, normalize to Unicode in database, prohibit non-ASCII characters in user account names)
...
* For non-ASCII domain names, we will keep the Unicode encoding in our users/aliases table. This is nice for the user and also simplifies things like sorting domain names (using Unicode lexicographic order is good, using ASCII lexicogrpahic order on IDNA is confusing).
* Write nsd config, nsd zone files, nginx config, and SSL CSRs with domains in IDNA-encoded ASCII.
* When checking SSL certificates, treat the CN and SANs as IDNA.
* Since Chrome has an interesting feature of converting Unicode to IDNA in <input type="email"> form fields, we'll also forcibly convert IDNA to Unicode in the domain part of email addresses before saving email addresses in the users/aliases tables so that the table is normalized to Unicode.
* Don't allow non-ASCII characters in user account email addresses. Dovecot gets confused when querying the Sqlite database (which we observed even for non-word ASCII characters too, so it may not be related to the character encoding).
2015-01-19 23:31:55 +00:00
Joshua Tauberer
d155aa8745
if all system services are running, say so in the status checks rather than being totally silent
2015-01-19 22:04:25 +00:00
Joshua Tauberer
c0bfd6d15f
bring CHANGELOG up to date
2015-01-19 22:04:25 +00:00
Joshua Tauberer
24cc108147
if a custom CNAME record is set, don't add a default A/AAAA record, e.g. for 'www'
...
see https://discourse.mailinabox.email/t/multiple-domains-in-mail-in-a-box-with-the-domains-being-hosted-elsewhere/56/18
2015-01-19 22:04:21 +00:00
Joshua Tauberer
b02d7d990e
install cron in case it isn't already installed
2015-01-11 20:00:11 +00:00
Joshua Tauberer
87f82addbc
preflight memory check: units problems
...
/proc/meminfo reports kibibytes. Lower the minimum memory requirement so that 768 MB (not MiB) also is allowed.
Report the detected memory in MB (not KiB), to be clearer.
Fixes #289 .
2015-01-11 14:13:35 +00:00
Joshua Tauberer
09713e8eab
status checks: check that system services are running
...
If bind9 isn't running, dont proceed with other checks because we can't do DNS checks. Even though we skip, add error handling so that a failed call to rndc doesn't crash and that a timeout in a DNS check doesn't crash the status checks.
2015-01-11 14:13:35 +00:00
Joshua Tauberer
0aa3941832
release v0.06
2015-01-04 15:18:13 -05:00
Joshua Tauberer
fea77e41df
Owncloud doesnt't support CARDDAV_SUPPORTS_SYNC
...
partialy reverts 93a722f; closes #287
2015-01-04 16:04:32 +00:00
Joshua Tauberer
74ef9ab7c5
Merge pull request #288 from fjuan/srv_doc
...
explain how to add SRV records to DNS zonefile using the API
2015-01-04 09:19:24 -05:00
Francisco de Juan
6499c82d7f
explain how to add SRV records to DNS zonefile using the API
2015-01-04 10:23:34 +01:00
Joshua Tauberer
80e97feee2
update CHANGELOG
2015-01-02 23:47:19 +00:00
Joshua Tauberer
fddab5d432
allow the dns api to set srv records
...
see https://discourse.mailinabox.email/t/create-srv-record-at-the-dns-server/225
2015-01-02 23:39:09 +00:00
Joshua Tauberer
c4e4805160
ensure postfix/postgrey agree on whether to communicate with ipv4 or ipv6
...
see https://discourse.mailinabox.email/t/postgrey-and-ipv6/227
2015-01-02 23:37:16 +00:00
Joshua Tauberer
c75950125d
set dovecot default_process_limit and fs.inotify.max_user_instances to better defaults
...
See https://discourse.mailinabox.email/t/mailserver-limits/228 .
2015-01-02 23:25:52 +00:00
Joshua Tauberer
f141af4b61
status checks: dont die if openssh-server isn't installed
...
see https://discourse.mailinabox.email/t/local-dns-is-not-working-was-unable-to-check-system-status/165/39
2015-01-02 22:59:29 +00:00
Joshua Tauberer
3d8ea0e6ed
mail log scanner: dont assume lines are utf8
2015-01-02 22:49:25 +00:00
H8H
6efeff6fce
[Z-Push] Owncloud doesnt't support CARDDAV_SUPPORTS_SYNC, so set it to false
2014-12-29 16:35:47 +01:00
Joshua Tauberer
399f9d9bdf
in status checks, clear bind9 cache using rndc rather than restarting bind9
2014-12-26 13:22:14 +00:00
Joshua Tauberer
2b76fd299e
admin: ensure multiple concurrent api calls dont confuse the ajax loading indicator (track number of open requets, stop fade animation when it is time to hide)
2014-12-21 22:47:11 +00:00
Joshua Tauberer
90592bb157
add a control panel for setting custom dns records so that we dont have to use the api manually
2014-12-21 11:31:24 -05:00
Joshua Tauberer
5cf38b950a
bump ownCloud to 7.0.4; fixes #283
2014-12-12 01:00:35 +00:00
Joshua Tauberer
3bc5361491
Merge pull request #282 from m4rcs/master
...
Fix NS status check - should sort on both ends of the comparison
2014-12-09 11:17:30 -05:00
Marc Schiller
c3a7e3413b
Fixed a small status check bug, where secondary dns server check fails misleadingly.
2014-12-09 12:40:32 +01:00
Joshua Tauberer
d390bfb215
indicate in the admin when a multi-domain or wildcard certificate is in use
2014-12-05 14:43:52 -05:00
Joshua Tauberer
ceba53f1c4
explain how to install a multi-domain or wildcard ssl cert; if one is installed, the Replace Cert button in the admin for non-primary domains should not replace the cert on the primary domain
2014-12-05 14:25:14 -05:00
Joshua Tauberer
be59bcd47d
for .fund domains use RSASHA256 DNSSEC keys
2014-12-05 12:03:21 -05:00
Joshua Tauberer
cfe0fa912a
add a 'redirects' feature in web/custom.yaml
2014-12-05 12:03:21 -05:00
Joshua Tauberer
31d6128a2b
nginx: explicitly listen on both ipv4 and ipv6 (works even if ipv6 isn't present)
2014-11-30 14:41:30 +00:00