Jack Twilley
ead6f96513
Changed MX check to respect priorities other than 10.
...
Reordered the if a little, added some string parsing, and modified the
OK text to include a warning.
2015-02-20 11:29:28 -08:00
Joshua Tauberer
7ec662c83f
status checks: use a worker pool that lives across flask requests, see #327
2015-02-18 16:42:33 +00:00
Joshua Tauberer
348d2b8701
Merge pull request #326 from dhpiggott/custom-dns-filter-secondary-nameserver
...
Do not show '_secondary_nameserver' in Custom DNS table
2015-02-17 08:31:34 -05:00
David Piggott
12f0dcb23b
Do not show '_secondary_nameserver' in Custom DNS table
...
It's redundant and potentially confusing, as any secondary NS shows in "Using a
Secondary Nameserver".
2015-02-17 13:28:48 +00:00
Joshua Tauberer
449a538e6b
if a CNAME is set for a domain, don't create a website for that domain (just like A/AAAA records)
2015-02-17 00:48:26 +00:00
Joshua Tauberer
3c50c9a18b
when serving a 'www.' domain, check if the parent domain's ssl certificate can be used besides checking PRIMARY_HOSTNAME
...
Removing buy_certificate.py which is not working and I don't want to update its call signatures.
2015-02-17 00:42:25 +00:00
Joshua Tauberer
3c10ec70a5
update comment
2015-02-17 00:08:04 +00:00
Joshua Tauberer
1a59f343c0
adding entries to the CHANGELOG
2015-02-16 23:58:17 +00:00
Joshua Tauberer
fba4d4702e
install opendmarc to add Authentication-Results headers for DMARC too
2015-02-16 23:17:44 +00:00
Joshua Tauberer
143bbf37f4
all mail domains, not just (top-level) zones, must have an entry in the opendkim key tables so that such outgoing mail gets signed
...
If you had both x.y.com and y.com configured here, x.y.com mail would not get DKIM-signed.
2015-02-16 18:13:51 -05:00
Joshua Tauberer
fd3ad267ba
if a domain has a catch-all or domain alias then we no longer force the creation of postmaster@ and so we should not be checking for its existence in the status checks
...
see 85a40da83c
2015-02-15 19:07:10 -05:00
Joshua Tauberer
330583f71d
status checks: if a service isn't available publicly, check if it is available on the loopback interface to distinguish not running from not accessible
2015-02-13 09:30:25 -05:00
Joshua Tauberer
d775f90f0c
prevent apt from asking the user any questions
...
Add additional options to really prevent apt from asking questions, which causes setup to hang because stdin/out have been redirected.
fixes #270 , #291
2015-02-13 13:41:52 +00:00
Joshua Tauberer
e096144713
Outlook 2007 or later on Windows 7 and later
...
fixes #308
2015-02-13 13:29:01 +00:00
Joshua Tauberer
7ce30ba888
roundcube 1.1.0
2015-02-13 13:22:46 +00:00
Joshua Tauberer
6a3ec1d874
updating CHANGELOG
2015-02-13 13:20:55 +00:00
Joshua Tauberer
575d3a66c6
more on being smarter about waiting for the management daemon to start
...
cc333b3965
worked for fresh systems, but if the system already had the daemon running the api.key file would already exist and the test would pass to early. Now removing the file first.
fixes #322
2015-02-13 13:11:03 +00:00
Joshua Tauberer
cc333b3965
be smarter about waiting for the management daemon to start before accessing it
2015-02-10 10:03:07 -05:00
Joshua Tauberer
351758b3bd
typo
...
typo in "roudcube"
2015-02-10 09:27:36 -05:00
Joshua Tauberer
94053d8432
Merge pull request #317 from bizonix/master
...
Disable viewing dotfiles (.htaccess, .svn, .git, etc.)
2015-02-09 12:53:32 -05:00
BiZoNiX
e14b2826e0
Disable viewing dotfiles (.htaccess, .svn, .git, etc.)
2015-02-09 19:41:42 +02:00
Joshua Tauberer
150611123a
typo/text tweak
2015-02-05 09:17:48 -05:00
Joshua Tauberer
abfc17ee62
web admin: simplify the instructions for creating a separate web directory for particular sites by moving it into a modal
2015-02-05 09:12:55 -05:00
Joshua Tauberer
97be9c94b9
if the user has set a http proxy or redirect on the root path of a domain, using custom.yaml, skip the domain from the static hosting panel because it wont be serving any static files
2015-02-05 08:55:57 -05:00
Joshua Tauberer
21b00e8fbb
if a custom A record is set, dont put in a default AAAA record pointing to the box because it will probably be wrong --- the user should either set an AAAA record or let the domain not resolve on IPv6
2015-02-03 21:51:19 -05:00
Joshua Tauberer
01636c2e4b
Merge branch 'h8h-master'
...
I squashed some commits together and modified the commit message...
2015-02-03 23:54:17 +00:00
H8H
005315cd29
removed hardcoded /home directory to apply the existing configuration options for STORAGE_USER/ROOT if they exist
...
Highest priority: the pre set STORAGE_ROOT/USER, midmost priority: the config settings, lowest priority: the default one.
fixes #309 ; closes #311
2015-02-03 23:52:02 +00:00
Ian Beringer
20d20df829
allow for non-standard ssh port in status check
...
closes #313
2015-02-01 23:06:56 +00:00
Joshua Tauberer
f945a1bc6b
Merge pull request #312 from ikarus23/master
...
hide nginx version an OS information for better privacy
2015-02-01 14:25:39 -05:00
ikarus
3a09b04786
hide nginx version an OS information for better privacy.
2015-02-01 20:13:03 +01:00
Joshua Tauberer
82e752395b
Merge pull request #310 from ikarus23/master
...
do better redirection from http to https
2015-01-31 19:58:31 -05:00
ikarus
e330abd587
do better redirection from http to https
...
Redirect using the 'return' directive and the built-in
variable '$request_uri' to avoid any capturing, matching
or evaluation of regular expressions.
It's best practice. See: http://wiki.nginx.org/Pitfalls#Taxing_Rewrites
2015-02-01 01:32:07 +01:00
Joshua Tauberer
16422b4055
adding items to the CHANGELOG
2015-01-31 21:36:37 +00:00
Joshua Tauberer
b9ca74c915
implement Mozilla (e.g. Thunderbird) autoconfiguration file
...
fixes #241
2015-01-31 21:33:18 +00:00
Joshua Tauberer
7e05d7478f
run status checks asynchronously so that they finish faster, since many checks are waiting on network replies and ought not to block the whole thing
2015-01-31 20:42:43 +00:00
Joshua Tauberer
8fd98d7db3
status checks: s/env['out']/output/
2015-01-31 20:42:43 +00:00
Joshua Tauberer
1039a08be6
/admin login now issues a user-specific key for future calls (rather than providing the system-wide API key or passing the password on each request)
2015-01-31 20:42:43 +00:00
Joshua Tauberer
023b38df50
split management daemon authorization from authentication and use 'doveadm pw' rather than 'doveadm auth test' so that it is decoupled from dovecot's login mechanism
...
This was done to pave the way for two-factor authentication, but that's still a ways off.
2015-01-31 20:41:41 +00:00
Joshua Tauberer
3187053b3a
dont save the CSR generated to make self-signed certificates for non-primary domains (it has no value and might be confusing)
2015-01-31 13:27:06 +00:00
Joshua Tauberer
a3e526e818
Merge pull request #307 from pierreozoux/master
...
Typo
2015-01-29 12:52:37 -05:00
pierreozoux
f6d4621834
Typo
2015-01-29 17:03:20 +00:00
Joshua Tauberer
d075113c1a
Merge pull request #306 from dhpiggott/fix-backup-typos
...
Fix typos in backup status template
2015-01-29 08:22:44 -05:00
David Piggott
63f2abd923
Fix typos in backup status template
2015-01-29 09:25:12 +00:00
Joshua Tauberer
624cc7876a
Merge pull request #297 from kurthuwig/fix_typo
...
Fix typo in mail-guide.html
2015-01-21 08:52:39 -05:00
Kurt Huwig
d3059c810f
Fix typo in mail-guide.html
...
Sercurity -> Security
2015-01-21 08:23:26 +01:00
Joshua Tauberer
85a40da83c
catch-all aiases and domain aliases should not require postmaster@ and admin@ aliases because they'll forward anyway
2015-01-19 23:32:36 +00:00
Joshua Tauberer
1bf8f1991f
internationalized domain names (DNS, web, CSRs, normalize to Unicode in database, prohibit non-ASCII characters in user account names)
...
* For non-ASCII domain names, we will keep the Unicode encoding in our users/aliases table. This is nice for the user and also simplifies things like sorting domain names (using Unicode lexicographic order is good, using ASCII lexicogrpahic order on IDNA is confusing).
* Write nsd config, nsd zone files, nginx config, and SSL CSRs with domains in IDNA-encoded ASCII.
* When checking SSL certificates, treat the CN and SANs as IDNA.
* Since Chrome has an interesting feature of converting Unicode to IDNA in <input type="email"> form fields, we'll also forcibly convert IDNA to Unicode in the domain part of email addresses before saving email addresses in the users/aliases tables so that the table is normalized to Unicode.
* Don't allow non-ASCII characters in user account email addresses. Dovecot gets confused when querying the Sqlite database (which we observed even for non-word ASCII characters too, so it may not be related to the character encoding).
2015-01-19 23:31:55 +00:00
Joshua Tauberer
d155aa8745
if all system services are running, say so in the status checks rather than being totally silent
2015-01-19 22:04:25 +00:00
Joshua Tauberer
c0bfd6d15f
bring CHANGELOG up to date
2015-01-19 22:04:25 +00:00
Joshua Tauberer
24cc108147
if a custom CNAME record is set, don't add a default A/AAAA record, e.g. for 'www'
...
see https://discourse.mailinabox.email/t/multiple-domains-in-mail-in-a-box-with-the-domains-being-hosted-elsewhere/56/18
2015-01-19 22:04:21 +00:00