David Duque
a0da88834c
Terminate the status checks process pool before exiting
2020-07-21 19:21:46 +01:00
David Duque
967409b157
Drop requirement for passwords to have no spaces ( #1789 )
2020-07-16 07:23:11 -04:00
David Duque
1b2711fc42
Add 'always' modifier to the HSTS add_header directive ( #1790 )
...
This will make it so that the HSTS header is sent regardless of the request status code (until this point it would only be sent if "the response code equals 200, 201, 206, 301, 302, 303, 307, or 308." - according to thttp://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header )
2020-07-16 07:21:14 -04:00
David Duque
c8fbe2dd5d
Determine the PHP version at runtime (instead of at setup-time)
2020-07-15 15:28:02 +01:00
David Duque
515a74ba11
Render the lsb_release at flask init time
...
Don't change the index.html file at setup time
2020-07-14 11:51:25 +01:00
David Duque
b562e7eefa
Hide the 'Create Backup' buttons when backups are turned off
2020-07-11 15:45:50 +01:00
David Duque
ccf60c7017
Backups: User-initiated and cron-initiated jobs will have the same lockname
...
So that some poor timing (initiating a backup when there's a cron-initiated backup)
doesn't screw everything up.
2020-07-11 09:16:32 +01:00
David Duque
79e2398d71
Fix comment
2020-07-11 08:30:05 +01:00
David Duque
af9ef186b3
Add manual backup option
2020-07-10 15:48:37 +01:00
David Duque
e6102eacfb
AXFR Transfers (for secondary DNS servers): Allow IPv6 addresses ( #1787 )
2020-07-08 18:26:47 -04:00
David Duque
199c2c50ba
Backups: Fix backup target selector width
2020-07-08 19:32:24 +01:00
David Duque
b98111b4e1
Fix unassigned php version
2020-06-29 09:13:50 +01:00
David Duque
fcb44dafa3
Let's encrypt certbot hotfix
2020-06-27 21:32:36 +01:00
David Duque
022a11e159
Merge remote-tracking branch 'up/master'
2020-06-21 15:52:31 +01:00
David Duque
5d6c23cff9
Finalize php configuration
2020-06-21 15:18:46 +01:00
David Duque
0ccbf1b809
Only spawn a thread pool when strictly needed
...
For --check-primary-hostname, the pool is not used.
When exiting, the other processes are left alive and will hang.
2020-06-21 15:05:17 +01:00
Joshua Tauberer
6fd3195275
Fix MTA-STS policy id so it does not have invalid characters, fixes #1779
2020-06-12 13:09:11 -04:00
David Duque
d01069f7f2
Automatically agree to ToS on SSL provision
2020-06-12 09:27:08 +01:00
Joshua Tauberer
9db2fc7f05
In web proxies, add X-{Forwarded-{Host,Proto},Real-IP} and 'proxy_set_header Host' when there is a flag
...
Merges #1432 , more or less.
2020-06-11 12:20:17 -04:00
Joshua Tauberer
e03a6541ce
Don't make autoconfig/autodiscover subdomains and SRV records when the parent domain has no user accounts
...
These subdomains/records are for automatic configuration of mail clients, but if there are no user accounts on a domain, there is no need to publish a DNS record, provision a TLS certificate, or create an nginx server config block.
2020-06-11 12:20:17 -04:00
Vasek Sraier
df9bb263dc
daily_tasks.sh: redirect stderr to stdout ( #1768 )
...
When the management commands fail, they can print something to the standard error output.
The administrator would never notice, because it wouldn't be send to him with the usual emails.
Fixes #1763
2020-06-07 09:56:45 -04:00
Joshua Tauberer
3a4b8da8fd
More for MTA-STS for incoming mail
...
* Create the mta_sts A/AAAA records even if there is no valid TLS certificate because we can't get a TLS certificate if we don't set up the domains.
* Make the policy id in the TXT record stable by using a hash of the policy file so that the DNS record doesn't change every day, which means no nightly notification and also it allows for longer caching by sending MTAs.
2020-05-30 08:04:09 -04:00
Joshua Tauberer
37dad9d4bb
Provision certificates from Let's Encrypt grouped by DNS zone
...
Folks didn't want certificates exposing all of the domains hosted by the server (although this can already be found on the internet).
Additionally, if one domain fails (usually because of a misconfiguration), it would be nice if not everything fails. So grouping them helps with that.
Fixes #690 .
2020-05-29 15:38:18 -04:00
Joshua Tauberer
b805f8695e
Move status checks for www, autoconfig, autodiscover, and mta-sts to within the section for the parent domain
...
Since we're checking the MTA-STS policy, there's no need to check that the domain resolves etc. directly.
2020-05-29 15:38:13 -04:00
Joshua Tauberer
10bedad3a3
MTA-STS tweaks, add status check using postfix-mta-sts-resolver, change to enforce
2020-05-29 15:36:52 -04:00
A. Schippers
afc9f9686a
Publish MTA-STS policy for incoming mail ( #1731 )
...
Co-authored-by: Daniel Mabbett <triumph_2500@hotmail.com>
2020-05-29 15:30:07 -04:00
David Duque
8ca58798e4
Typo fix
2020-05-28 16:17:10 +01:00
David Duque
235ebe9a4a
Secondary nameservers: Allow IPv6
2020-05-28 15:47:43 +01:00
David Duque
1513655bc4
Make sure that the OS in the admin panel matches the actual system OS
2020-05-17 02:45:35 +01:00
David Duque
ad9979f9c6
Make the Show More link an actual button
2020-04-25 04:26:24 +01:00
David Duque
e75d89113a
Test
2020-04-25 04:17:55 +01:00
David Duque
7984d103a4
Test
2020-04-25 04:13:46 +01:00
David Duque
4309a6a875
Swap show-button order
2020-04-25 03:51:38 +01:00
David Duque
32e42f14fb
Do not apply custom nginx dotfiles to the default webroot
2020-04-24 17:03:13 +01:00
David Duque
d9567c0035
Use proper emojis for status checks
2020-04-24 15:50:01 +01:00
David Duque
372d5d9783
SMTP Relays: Wrap ternary operations correctly
2020-04-21 14:35:51 +01:00
David Duque
2176d59727
Version check will now use the correct endpoint
2020-04-20 23:35:11 +01:00
David Duque
ab9dbdf270
Default conf: don't repeat the upstream php conf
2020-04-20 20:01:19 +01:00
David Duque
502a4d2128
Uhhhh, yeah
2020-04-20 19:38:50 +01:00
David Duque
7ff5a336a6
Always assign default config to primary hostname
2020-04-20 19:35:20 +01:00
David Duque
c401625a01
Don't overwrite
2020-04-20 19:20:26 +01:00
David Duque
5f15c2e53b
Fix some stuff
2020-04-20 19:15:43 +01:00
David Duque
49da79cbd9
Oops (yet again)
2020-04-20 19:06:19 +01:00
David Duque
7f5a939e50
Throw failure reason (web update)
2020-04-20 18:59:02 +01:00
David Duque
3396bdbb22
Use get_web_root instead of raw indexing
2020-04-20 18:54:27 +01:00
David Duque
8c5ff2b523
Screwed up on the path
2020-04-20 18:28:13 +01:00
David Duque
b2c2d61867
Oops
2020-04-20 18:23:45 +01:00
David Duque
72070ee7bd
Create custom nginx files
2020-04-20 18:17:41 +01:00
David Duque
b6342d34d2
Start web templating work
2020-04-20 15:55:05 +01:00
David Duque
9a6a35cadc
Update version display
2020-04-20 00:43:20 +01:00
David Duque
4ed014a50c
Add SMTP Relay status checks
2020-04-18 15:00:51 +01:00
David Duque
ad3a78a300
relayhost, not relay_host, and key, not pass
2020-04-18 11:56:30 +01:00
David Duque
da7fe68daa
pls
2020-04-18 00:38:36 +01:00
David Duque
eee5dbf755
Is this it?
2020-04-18 00:22:10 +01:00
David Duque
8f247e3b70
Import other stuff
2020-04-18 00:13:13 +01:00
David Duque
10e4b79423
Fixing editconf input
2020-04-18 00:00:35 +01:00
David Duque
625eca8ea4
Swap tuple by a list
2020-04-17 23:48:39 +01:00
David Duque
858251045d
Cleanup
2020-04-17 23:39:52 +01:00
David Duque
b9dec64ea1
Merge branch 'master' of github.com:ddavness/mailinabox
2020-04-17 19:54:44 +01:00
David Duque
ca3d794c80
Sanity improvements
2020-04-17 19:54:34 +01:00
David Duque
60294a876d
Allow editconf to be ran
2020-04-17 19:36:04 +01:00
David Duque
02c2657569
Oops
2020-04-17 19:06:19 +01:00
David Duque
df8bacd0ed
Actually edit the files on Postfix's end
2020-04-17 19:05:05 +01:00
David Duque
c653f660bb
Move editconf into management
2020-04-17 18:54:13 +01:00
David Duque
25900758d1
I screwed up badly
2020-04-17 18:09:43 +01:00
David Duque
0e583b9e4f
Booleans are passed as strings
2020-04-17 18:06:16 +01:00
David Duque
6d8e2a5bb9
Cleanup
2020-04-17 10:45:47 +01:00
David Duque
9b6781685a
Move settings away from mailinabox.conf
2020-04-16 22:52:48 +01:00
David Duque
5e080bedb6
Syntax errors.
2020-04-16 22:21:33 +01:00
David Duque
430f6dab38
Actual implementation of the Relay setup daemon
2020-04-16 22:16:02 +01:00
David Duque
7ffc889c08
Bump web dependencies ( #1 )
...
- Bootstrap: 3.3.7 -> 4.4.1
- - New admin panel style and respective corrections applied.
- JQuery: 2.1.4 -> 3.5.0
2020-04-16 19:52:01 +01:00
David Duque
785280c86b
Submission
2020-04-16 17:01:49 +01:00
David Duque
fcf5544fc8
WIP
2020-04-16 14:09:24 +01:00
David Duque
09b3c37885
Oops
2020-04-16 14:04:45 +01:00
David Duque
bf83bd6ff7
MiaB SMTP Daemon: Just return something for now
2020-04-16 12:56:27 +01:00
David Duque
03472788fd
WIP
2020-04-16 12:45:55 +01:00
David Duque
7b60c0850c
Merge remote-tracking branch 'up/master'
2020-04-15 18:03:50 +01:00
David Duque
68768ed112
Fix attempt
2020-04-15 18:01:33 +01:00
David Duque
21196620b6
Code debug
2020-04-15 15:02:20 +01:00
David Duque
bb26a2d12c
Push script zone to the end of the document
2020-04-14 10:08:11 +01:00
David Duque
687721caf8
Load SMTP settings when entering the page
2020-04-14 10:03:44 +01:00
David Duque
14ee44e8e2
HTML JS Cleanup
2020-04-14 09:52:01 +01:00
Michael Becker
40b21c466d
Fypo fix in users.html ( #1748 )
2020-04-13 22:10:52 -04:00
David Duque
109d8735c7
Change admin panel footer
2020-04-13 19:32:38 +01:00
David Duque
ee688eb184
SMTP Relay Host stub progress
2020-04-13 18:36:56 +01:00
David Duque
c004e55c76
SMTP Relay Host stub progress
2020-04-13 18:29:14 +01:00
David Duque
6e462f6523
SMTP Relay Host stub progress
2020-04-13 18:21:33 +01:00
David Duque
51c288dcd5
SMTP Relay Host stub progress
2020-04-13 18:14:39 +01:00
David Duque
6393075f11
SMTP Relay Host stub progress
2020-04-13 18:09:04 +01:00
David Duque
9d23f67e8a
SMTP Relay Host stub progress
2020-04-13 18:05:49 +01:00
David Duque
10993b9154
SMTP Relay Host stub progress
2020-04-13 17:55:00 +01:00
David Duque
3278c8cf94
SMTP Relay Host stub progress
2020-04-13 16:18:26 +01:00
David Duque
aa62c6349e
SMTP Relay Host stub progress
2020-04-13 16:13:26 +01:00
David Duque
30221bdb11
SMTP Relay Host stub progress
2020-04-13 15:57:56 +01:00
David Duque
664267357a
SMTP Relay Host stub progress
2020-04-13 15:53:47 +01:00
David Duque
4a20d50eea
SMTP Relay Host stub
2020-04-13 15:34:14 +01:00
David Duque
cd4c478986
Add smtp relay html page
2020-04-13 01:24:36 +01:00
David Duque
974c9bba61
Fix status check colors, add SMTP relay stub
2020-04-13 01:16:23 +01:00
David Duque
0d17caccfe
Downgrade port 25 blockage error to warn; mention SMTP relays
2020-04-13 01:10:38 +01:00
David Duque
8d7f6bfb19
Change all occurrences of PHP 7.2 to PHP 7.3
2020-04-13 00:55:48 +01:00
David Duque
edb03b7862
Misc changes
2020-04-12 23:54:35 +01:00
Sumit
d67e09f334
Allowing adding nginx aliases in www/custom.yaml ( #1742 )
...
with this nginx will keep on proxying requests and serve static content
instead of passing this responsibility to proxied server
Without this the one needs to run an additional server to server static
content on the proxied url
2020-04-11 14:17:46 -04:00
Jarek Jurasz
db9637ce4f
Fix Feb 29 issue #1733
2020-03-03 20:59:28 +01:00
Jarek Jurasz
f908bc364e
mail_log.py reading forward #1593
2020-03-03 20:56:30 +01:00
Matthias Hähnel
cd62fd9826
Update usage hint in backup.py ( #1662 )
...
removed explicit call of the system python, cause the file has a shebang with the mail-in-a-box shipped python.
for me the system python complaint, that it is missing some modules
2019-11-23 08:04:22 -05:00
Joshua Tauberer
f6f75f6fab
Don't fail when resolving zone transfer IP addresses since a nameserver may not have an IPv6 address
2019-11-19 09:57:33 -05:00
Edwin Schaap
2f54f39f31
If xfr is subnet, do not create "notify" entry ( #1672 )
2019-11-10 11:58:22 -05:00
Dan Jensen
cde4e0caca
Change SSL notification email subject ( #1653 )
...
Previously the notification email sent when a box's SSL certificate
is automatically updated said, "Error Provisioning TLS Certificate"
even when there was no error. This changes the subject line to "TLS
Certificate Provisioning Results", which is more accurate.
2019-11-02 15:29:05 -04:00
notEvil
7558ffd4f3
Allow dns zone transfer from IPv6 ( #1643 )
2019-10-28 06:31:50 -04:00
Victor
50e9e8af30
Sort custom dns table based on fqdn, rtype, and value ( #1651 )
2019-10-28 06:29:40 -04:00
Joshua Tauberer
a70ba94b0c
add autoconfig domains before subtracting domains with overridden A records so that a custom DNS record can be used to suppress TLS certificate generation for those domains if needed
2019-09-10 07:11:16 -04:00
Joshua Tauberer
3ff9817325
document the xfr: CIDR notation, fix spaces vs tabs and syntax error, broken by c7377e602d
, #1616
2019-08-31 08:50:44 -04:00
Kim Schulz
c7377e602d
make it possible to use subnet addresses for axfr ( #1616 )
...
it is sometimes needed to be able to set axfr to more than just one ip address. This can be done with multiple xfr: in the secondary dns input but if you need to add an entire subnet segment (xxx.xxx.xxx.0/yy) then it will not work.
With this patch it is now possible to use a subnet as input for xfr the same way as if it was an ip address.
2019-08-31 08:00:18 -04:00
Snacho
08021ea19f
Fix an issue when Secondary NS has multiple A records ( #1633 )
...
If a custom secondary NS server has multiple A records status_checks.py will fail with a timeout and Web UI won't load.
2019-08-31 07:58:12 -04:00
captainwasabi
c4cb828f65
Fix rsync backup options string: extraneous single quotes causing problems ( #1629 )
...
The resulting command had nested single quotes which doesn't work
I think this fixes all/most of the issues in #1627 . I am getting a full backup, then the next time it's run I get an incremental. running from the CLI with --status looks good, --verify looks good, and --list looks good.
2019-08-13 05:57:05 -04:00
captainwasabi
0657f9e875
add proper check for DNS error in list_target_files ( #1625 )
...
The elif needed to check to see if the string was in the listing of results of the shell command. As it was the conditional was just the string which always evaluates to true and was therefore giving a misleading error message.
2019-08-13 05:47:11 -04:00
jvolkenant
fd5b11823c
Add AAAA records for autodiscover & autoconfig ( #1606 )
2019-07-10 06:28:37 -04:00
Michael Heuberger
0d4c693792
Add missing login form method to keep LastPass happy ( #1565 )
2019-05-12 05:10:34 -07:00
Pascal Garber
77b2246010
Backup Amazon S3: Added support for custom endpoints ( #1427 )
2019-05-12 05:09:30 -07:00
jvolkenant
aff80ac58c
Autodiscovery fix for additional hosted email domains, Fixes #941 ( #1467 )
2019-05-09 10:13:23 -07:00
mbraem
fb25013334
user privileges is a set ( #1551 )
...
fixes #1540
2019-04-14 14:17:43 -04:00
Ryan Stubbs
bad38840d8
Fix type on alias edit page ( #1520 )
2019-02-11 20:14:56 -05:00
Joshua Tauberer
0d4565e71d
merge master branch
2018-12-02 18:19:15 -05:00
Joshua Tauberer
a211ad422b
add a note on the aliases page that aliases should not be used to forward to outside domains
...
fixes #1198
2018-12-02 18:02:00 -05:00
Joshua Tauberer
ef28a1defd
show the Mail-in-a-Box version in the system status checks even when the new-version check is disabled
...
fixes #922
2018-12-02 18:02:00 -05:00
Joshua Tauberer
c5c413b447
remove user account mailbox size from the control panel because it takes way too long to compute on very large mailboxes
...
fixes #531
2018-12-02 18:02:00 -05:00
Joshua Tauberer
d2beb3919b
document password character limitation
...
fixes #407
2018-12-02 18:02:00 -05:00
jeff-h
000363492e
Improve greylisting explanation. ( #1447 )
...
Hopefully this improves the accuracy of the greylisting description.
2018-12-02 17:58:26 -05:00
jeff-h
5be74dec6e
Improve postgrey logging ( #1448 )
...
We can't presume the redelivery timeframe of the sending server. However, we do know the blacklist timeframe within which we will reject a redelivery.
2018-12-02 17:57:37 -05:00
Joshua Tauberer
870b82637a
fix some wrong variable names, fixes #1353
2018-11-30 10:46:54 -05:00
Joshua Tauberer
dc6458623d
add a note on the aliases page that aliases should not be used to forward to outside domains
...
fixes #1198
2018-11-30 10:46:54 -05:00
Joshua Tauberer
60f9c9e3b7
show the Mail-in-a-Box version in the system status checks even when the new-version check is disabled
...
fixes #922
2018-11-30 10:46:54 -05:00
Joshua Tauberer
b05b06c74a
remove user account mailbox size from the control panel because it takes way too long to compute on very large mailboxes
...
fixes #531
2018-11-30 10:46:54 -05:00
Joshua Tauberer
7f8f4518e3
document password character limitation
...
fixes #407
2018-11-30 10:46:54 -05:00
Joshua Tauberer
86e2cfb6c8
remove old duplicity migration code from 2015, see 42322455
2018-11-30 10:46:54 -05:00
Joshua Tauberer
f739662392
duplicity started creating signature files with invalid filenames, fixes #1431
2018-10-13 16:16:30 -04:00
Joshua Tauberer
3dbd6c994a
update bind9 configuration
2018-10-03 14:28:43 -04:00
Joshua Tauberer
bbfa01f33a
update to PHP 7.2
...
* drop the ondrej/php PPA since PHP 7.x is available directly from Ubuntu 18.04
* intall PHP 7.2 which is just the "php" package in Ubuntu 18.04
* some package names changed, some unnecessary packages are no longer provided
* update paths
2018-10-03 13:00:15 -04:00
Christopher A. DeFlumeri
d96613b8fe
minimal changeset to get things working on 18.04
...
@joshdata squashed pull request #1398 , removed some comments, and added these notes:
* The old init.d script for the management daemon is replaced with a systemd service.
* A systemd service configuration is added to configure permissions for munin on startup.
* nginx SSL settings are updated because nginx's options and defaults have changed, and we now enable http2.
* Automatic SSHFP record generation is updated to know that 22 is the default SSH daemon port, since it is no longer explicit in sshd_config.
* The dovecot-lucene package is dropped because the Mail-in-a-Box PPA where we built the package has not been updated for Ubuntu 18.04.
* The stock postgrey package is installed instead of the one from our PPA (which we no longer support), which loses the automatic whitelisting of DNSWL.org-whitelisted senders.
* Drop memcached and the status check for memcached, which we used to use with ownCloud long ago but are no longer installing.
* Other minor changes.
2018-10-03 13:00:06 -04:00
hlxnd
f420294819
Use ISO 8601 on backups table dates.
2018-08-05 15:26:45 +02:00
Joshua Tauberer
2f467556bd
new ssl cert provisioning broke if a domain doesnt yet have a cert, fixes #1392
2018-07-19 11:40:49 -04:00
Joshua Tauberer
2a72c800f6
replace free_tls_certificates with certbot
2018-06-29 16:46:21 -04:00
Joshua Tauberer
8be23d5ef6
ssl_certificates: reuse query_dns function in status_checks and simplify calls by calling normalize_ip within query_dns
2018-06-29 16:46:21 -04:00
Joshua Tauberer
1eba7b0616
send the mail_log.py report to the box admin every Monday
2018-02-25 11:55:06 -05:00
Joshua Tauberer
9c7820f422
mail_log.py: include sent mail in the logins report in a new smtp column
2018-02-24 09:24:15 -05:00
Joshua Tauberer
87ec4e9f82
mail_log.py: refactor the dovecot login collector
2018-02-24 09:24:14 -05:00
Joshua Tauberer
08becf7fa3
the hidden feature for proxying web requests now sets X-Forwarded-For
2018-02-24 09:24:14 -05:00
NatCC
fe597da7aa
Update users.html ( #1345 )
...
Passwords must be eight characters long; when passwords are changed via the users page the dialog states that passwords need to be at least four characters but only eight or more are acceptable.
2018-02-03 17:49:11 -05:00
Joshua Tauberer
61e9888a85
Cdon't try to generate a CSR in the control panel until both the domain and country are selected
...
Fixes #1338 .
See 0e9680fda63c33ace3f34ca7126617fb0efe8ffc, a52c56e571
.
2018-01-28 09:08:24 -05:00
Joshua Tauberer
ef6f121491
when generating a CSR in the control panel, don't set empty attributes
...
Same as in a52c56e571
.
Fixes #1338 .
2018-01-28 09:07:54 -05:00