Commit Graph

57 Commits

Author SHA1 Message Date
John Supplee fc1f211af5 initial work on extended configuration 2019-02-10 23:39:38 +02:00
Christopher A. DeFlumeri d96613b8fe minimal changeset to get things working on 18.04
@joshdata squashed pull request #1398, removed some comments, and added these notes:

* The old init.d script for the management daemon is replaced with a systemd service.
* A systemd service configuration is added to configure permissions for munin on startup.
* nginx SSL settings are updated because nginx's options and defaults have changed, and we now enable http2.
* Automatic SSHFP record generation is updated to know that 22 is the default SSH daemon port, since it is no longer explicit in sshd_config.
* The dovecot-lucene package is dropped because the Mail-in-a-Box PPA where we built the package has not been updated for Ubuntu 18.04.
* The stock postgrey package is installed instead of the one from our PPA (which we no longer support), which loses the automatic whitelisting of DNSWL.org-whitelisted senders.
* Drop memcached and the status check for memcached, which we used to use with ownCloud long ago but are no longer installing.
* Other minor changes.
2018-10-03 13:00:06 -04:00
Joshua Tauberer 2a72c800f6 replace free_tls_certificates with certbot 2018-06-29 16:46:21 -04:00
Joshua Tauberer 4b4f670adf s/SSL/TLS/ in user-visible text throughout the project 2016-01-04 18:43:16 -05:00
Joshua Tauberer b6933a73fa provision and install free SSL certificates from Let's Encrypt 2016-01-04 18:43:16 -05:00
Joshua Tauberer 834c42bc50 move nginx-ssl to be a global configuration file rather than including it into each server block 2015-09-27 17:13:11 +00:00
Joshua Tauberer 95173bb327 provide redirects from www subdomains of zones to their parent domain
* Split the nginx templates again so we have just the part needed to make a domain do a redirect separate from the rest.
* Add server blocks to the nginx config for these domains.
* List these domains in the SSL certificate install admin panel.
* Generate default 'www' records just for domains we provide default redirects for.

Fixes #321.
2015-06-04 12:19:01 +00:00
Joshua Tauberer a0e6c7ceb6 fix downloading dotfiles through ownCloud's webdav
fixes #414
2015-05-30 18:03:37 +00:00
BiZoNiX e14b2826e0 Disable viewing dotfiles (.htaccess, .svn, .git, etc.) 2015-02-09 19:41:42 +02:00
ikarus 3a09b04786 hide nginx version an OS information for better privacy. 2015-02-01 20:13:03 +01:00
ikarus e330abd587 do better redirection from http to https
Redirect using the 'return' directive and the built-in
variable '$request_uri' to avoid any capturing, matching
or evaluation of regular expressions.

It's best practice. See: http://wiki.nginx.org/Pitfalls#Taxing_Rewrites
2015-02-01 01:32:07 +01:00
Joshua Tauberer b9ca74c915 implement Mozilla (e.g. Thunderbird) autoconfiguration file
fixes #241
2015-01-31 21:33:18 +00:00
Joshua Tauberer 31d6128a2b nginx: explicitly listen on both ipv4 and ipv6 (works even if ipv6 isn't present) 2014-11-30 14:41:30 +00:00
Norman 5775cab175 various fixes 2014-11-06 15:33:08 +01:00
Joshua Tauberer 6585384daa bring the max outgoing mail size via webmail and z-push in line with the limit set in postfix: 128 MB
The limit was previously the nginx default (2MB?).

fixes #236
2014-10-16 22:11:10 +00:00
Joshua Tauberer 8566b78202 drop webfinger, see #95 2014-10-07 20:30:36 +00:00
jkaberg 68efef1164 dont log robots.txt and favicon.ico. we should REALLY consider creating seperate include files for *all* of our "apps", this is getting messy.. 2014-09-27 17:04:05 +00:00
Joshua Tauberer aa3bc3225e expose the control panel only on PRIMARY_HOSTNAME since /admin might conflict with other stuff hosted on other domains 2014-08-27 02:38:43 +00:00
Joshua Tauberer df20d447a9 add an api for setting custom DNS records
Works like this:

```curl -d "" --user email:password https://.../admin/dns/set/qname/rtype/value```

where the rtype and value default to "A" and the remote IP address of the request, so that a simple, empty POST to

```https://.../admin/dns/set/desktop.mydomain.com```

will point desktop.mydomain.com to the caller's IPv4 address.

closes #140
2014-08-23 23:03:45 +00:00
Joshua Tauberer a501256fb9 fix the include path for our second use of z-push 2014-08-19 15:07:55 +00:00
Joshua Tauberer 80a05c3bbf short_open_tag=Off was mistakenly left in the earlier merge (was a fix for my old autodiscover.php but not needed with z-push), also regrouping the nginx directive to be near the rest of Z-Push 2014-08-19 12:07:54 +00:00
jkaberg a0df18506b use z-push autodisover instead 2014-08-19 13:03:44 +02:00
jkaberg f7d2dfd1c0 xml generation fails when short_open_tag is on 2014-08-19 11:27:50 +02:00
Joshua Tauberer 92acef9b87 fix PHP path for Z-Push so it can see libawl-php
broken in 04454b35c6

fixes #143
2014-08-17 22:53:46 +00:00
Joshua Tauberer b30d7ad80a web-based administrative UI
closes #19
2014-08-17 22:46:06 +00:00
Joshua Tauberer 6e380ade17 owncloud will only let users access it from the PRIMARY_HOSTNAME (due to its trusted_domains option being set statically), so only include /cloud in the nginx configuration for PRIMARY_HOSTNAME 2014-08-16 12:33:10 +00:00
Joshua Tauberer 6fdef379ad owncloud: fix regex in nginx config
/cloud/index.php/apps/files/ajax/scan.php would not be parsed right because of two .php's
2014-08-15 23:17:16 +00:00
Joshua Tauberer 8c9f278166 owncloud: support MOD_X_ACCEL_REDIRECT_ENABLED
This lets downloads from the file app work.
2014-08-15 23:16:54 +00:00
jkaberg 59c1c670b5 x-accel-redirect dosn't need to process files in ownCloud data directory. TODO: fix for autogeneration 2014-08-13 08:10:53 +02:00
jkaberg 7024b428ad increased timeouts so that owncloud properly loads with larger db 2014-08-13 07:30:32 +02:00
Joshua Tauberer d03bc0cefa more owncloud configuration tweaks 2014-08-13 00:30:09 +00:00
Joshua Tauberer 05cc63b5d5 Merge branch 'owncloud' of github.com:jkaberg/mailinabox into owncloud
Conflicts:
	conf/nginx.conf
	setup/zpush.sh
2014-08-12 23:10:51 +00:00
Joshua Tauberer c9bf57eacd Merge branch 'master' into owncloud (php5-fpm) 2014-08-12 13:30:55 +00:00
Joshua Tauberer 9d6dc78b15 keep Roundcube working too, put owncloud at /cloud rather than at / 2014-08-12 13:29:43 +00:00
jkaberg 52c50621cd use x-accel-redirect for faster larg file downloads 2014-08-12 15:11:33 +02:00
jkaberg afb09a84b7 use tools/editconf.py to edit php.ini for large file uploads 2014-08-12 14:00:28 +02:00
Joshua Tauberer 0eceb2012f use php5-fpm rather than our own custom launcher script for PHP+FastCGI 2014-08-12 11:00:54 +00:00
jkaberg d60abd0f92 bump (php) ram limit to 512MB 2014-08-12 09:11:55 +02:00
jkaberg 21d59862de typo 2014-08-12 00:49:33 +02:00
jkaberg 7f01146c3d enable large file uploads in nginx 2014-08-11 23:51:24 +02:00
jkaberg 64b1db4c30 include_path to include php-libawl and use php-fpm instead of cgi 2014-08-11 23:41:38 +02:00
jkaberg 44fcdc2066 owncloud properly working, but not in sub dir anymore 2014-08-11 20:17:38 +02:00
jkaberg 20b494c3ac attempting to fix broken static files etc 2014-08-11 18:46:39 +02:00
jkaberg a801bf2a30 white spaces argh. 2014-08-11 16:30:39 +02:00
jkaberg 0899952fe1 initial owncloud port, untested and unfinished 2014-08-11 16:24:29 +02:00
Joshua Tauberer 2a7669a0d3 z-push: an Exchange ActiveSync server 2014-07-12 00:02:32 +00:00
Joshua Tauberer 1a74b81f44 new nginx configuration yaml file to allow proxying of whole domains elsewhere 2014-07-09 12:31:32 +00:00
Joshua Tauberer 3bab63d4ce update to Roundcube 1.0.1 2014-07-08 00:37:53 +00:00
Joshua Tauberer 49d5561933 when adding/removing mail addresses also update nginx's config 2014-07-06 12:16:50 +00:00
Joshua Tauberer 326cc2a451 obviously put our stuff in /usr/local and not /usr 2014-06-21 12:35:00 -04:00