v0.29 released, closes #1440

CHANGELOG fixes/updates
Upgrade NextCloud to 13.06 (#1436 )
2026-03-12 17:07:23 +01:00 · 2018-10-24 16:12:25 -04:00 · 2018-10-24 16:09:59 -04:00 · 2018-10-09 07:09:54 -04:00 · 2018-09-03 13:07:24 -04:00 · 2018-09-03 13:06:34 -04:00
9 changed files with 49 additions and 34 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,15 @@
 CHANGELOG
 =========

+v0.29 (October 25, 2018)
+------------------------
+
+* Starting with v0.28, TLS certificate provisioning wouldn't work on new boxes until the mailinabox setup command was run a second time because of a problem with the non-interactive setup.
+* Update to Nextcloud 13.0.6.
+* Update to Roundcube 1.3.7.
+* Update to Z-Push 2.4.4.
+* Backup dates listed in the control panel now use an internationalized format.
+
 v0.28 (July 30, 2018)
 ---------------------

@@ -26,7 +35,6 @@ Mail:

 Control Panel:

-* We now use EFF's `certbot` tool to provision HTTPS certificates instead of our home-grown free_tls_certificates package.
 * The undocumented feature for proxying web requests to another server now sets X-Forwarded-For.

 v0.26c (February 13, 2018)
--- a/README.md
+++ b/README.md
@@ -59,7 +59,7 @@ by me:
 	$ curl -s https://keybase.io/joshdata/key.asc | gpg --import
 	gpg: key C10BDD81: public key "Joshua Tauberer <jt@occams.info>" imported

-	$ git verify-tag v0.28
+	$ git verify-tag v0.29
 	gpg: Signature made ..... using RSA key ID C10BDD81
 	gpg: Good signature from "Joshua Tauberer <jt@occams.info>"
 	gpg: WARNING: This key is not certified with a trusted signature!
@@ -72,7 +72,7 @@ and on my [personal homepage](https://razor.occams.info/). (Of course, if this r

 Checkout the tag corresponding to the most recent release:

-	$ git checkout v0.28
+	$ git checkout v0.29

 Begin the installation.

--- a/3
+++ b/3
@@ -22,9 +22,6 @@ Vagrant.configure("2") do |config|
    # Set environment variables so that the setup script does
    # not ask any questions during provisioning. We'll let the
    # machine figure out its own public IP.
-  #
-  # Please note: NONINTERACTIVE=1 mode means that you'll automatically agree
-  # to Let's Encrypt's ACME Subscriber Agreement.
    export NONINTERACTIVE=1
    export PUBLIC_IP=auto
    export PUBLIC_IPV6=auto
--- a/management/backup.py
+++ b/management/backup.py
@@ -54,7 +54,7 @@ def backup_status(env):
 		date = dateutil.parser.parse(keys[1]).astimezone(dateutil.tz.tzlocal())
 		return {
 			"date": keys[1],
-			"date_str": date.strftime("%x %X") + " " + now.tzname(),
+			"date_str": date.strftime("%Y-%m-%d %X") + " " + now.tzname(),
 			"date_delta": reldate(date, now, "the future?"),
 			"full": keys[0] == "full",
 			"size": 0, # collection-status doesn't give us the size
--- a/setup/bootstrap.sh
+++ b/setup/bootstrap.sh
@@ -7,7 +7,7 @@
 #########################################################

 if [ -z "$TAG" ]; then
-	TAG=v0.28
+	TAG=v0.29
 fi

 # Are we running as root?
--- a/setup/owncloud.sh
+++ b/setup/owncloud.sh
@@ -19,7 +19,7 @@ apt-get purge -qq -y owncloud*

 apt_install php7.0 php7.0-fpm \
 	php7.0-cli php7.0-sqlite php7.0-gd php7.0-imap php7.0-curl php-pear php-apc curl \
-        php7.0-dev php7.0-gd memcached php7.0-memcached php7.0-xml php7.0-mbstring php7.0-zip php7.0-apcu
+        php7.0-dev php7.0-gd php7.0-xml php7.0-mbstring php7.0-zip php7.0-apcu php7.0-json php7.0-intl

 # Migrate <= v0.10 setups that stored the ownCloud config.php in /usr/local rather than
 # in STORAGE_ROOT. Move the file to STORAGE_ROOT.
@@ -57,11 +57,11 @@ InstallNextcloud() {
 	# their github repositories.
 	mkdir -p /usr/local/lib/owncloud/apps

-	wget_verify https://github.com/nextcloud/contacts/releases/download/v1.5.3/contacts.tar.gz 78c4d49e73f335084feecd4853bd8234cf32615e /tmp/contacts.tgz
+	wget_verify https://github.com/nextcloud/contacts/releases/download/v2.1.5/contacts.tar.gz b7460d15f1b78d492ed502d778c0c458d503ba17 /tmp/contacts.tgz
 	tar xf /tmp/contacts.tgz -C /usr/local/lib/owncloud/apps/
 	rm /tmp/contacts.tgz

-	wget_verify https://github.com/nextcloud/calendar/releases/download/v1.5.3/calendar.tar.gz b370352d1f280805cc7128f78af4615f623827f8 /tmp/calendar.tgz
+	wget_verify https://github.com/nextcloud/calendar/releases/download/v1.6.1/calendar.tar.gz f93a247cbd18bc624f427ba2a967d93ebb941f21 /tmp/calendar.tgz
 	tar xf /tmp/calendar.tgz -C /usr/local/lib/owncloud/apps/
 	rm /tmp/calendar.tgz

@@ -154,8 +154,8 @@ InstallOwncloud() {
 	fi
 }

-owncloud_ver=12.0.5
-owncloud_hash=d25afbac977a4e331f5e38df50aed0844498ca86
+owncloud_ver=13.0.6
+owncloud_hash=33e41f476f0e2be5dc7cdb9d496673d9647aa3d6

 # Check if Nextcloud dir exist, and check if version matches owncloud_ver (if either doesn't - install/upgrade)
 if [ ! -d /usr/local/lib/owncloud/ ] \
@@ -245,6 +245,12 @@ EOF
 			echo "We are running Nextcloud 10.0.x, upgrading to Nextcloud 11.0.7 first"
 			InstallNextcloud 11.0.7 f936ddcb2ae3dbb66ee4926eb8b2ebbddc3facbe
 		fi
+
+		# If we are upgrading from Nextcloud 11 we should go to Nextcloud 12 first.
+		if grep -q "OC_VersionString = '11\." /usr/local/lib/owncloud/version.php; then
+			echo "We are running Nextcloud 11, upgrading to Nextcloud 12.0.5 first"
+			InstallNextcloud 12.0.5 d25afbac977a4e331f5e38df50aed0844498ca86
+		fi
 	fi

 	InstallNextcloud $owncloud_ver $owncloud_hash
--- a/setup/start.sh
+++ b/setup/start.sh
@@ -14,7 +14,7 @@ source setup/preflight.sh
 # Python may not be able to read/write files. This is also
 # in the management daemon startup script and the cron script.

-if [ -z `locale -a | grep en_US.utf8` ]; then
+if ! locale -a | grep en_US.utf8 > /dev/null; then
    # Generate locale if not exists
    hide_output locale-gen en_US.UTF-8
 fi
@@ -130,17 +130,18 @@ restart_service fail2ban
 # If there aren't any mail users yet, create one.
 source setup/firstuser.sh

-# Register with Let's Encrypt, including agreeing to the Terms of Service. This
-# is an interactive command.
-if [ ! -d $STORAGE_ROOT/ssl/lets_encrypt/accounts/acme-v01.api.letsencrypt.org/ ]; then
+# Register with Let's Encrypt, including agreeing to the Terms of Service.
+# We'd let certbot ask the user interactively, but when this script is
+# run in the recommended curl-pipe-to-bash method there is no TTY and
+# certbot will fail if it tries to ask.
+if [ ! -d $STORAGE_ROOT/ssl/lets_encrypt/accounts/acme-v02.api.letsencrypt.org/ ]; then
 echo
 echo "-----------------------------------------------"
-echo "Mail-in-a-Box uses Let's Encrypt to provision free certificates"
-echo "to enable HTTPS connections to your box. You'll now be asked to agree"
-echo "to Let's Encrypt's terms of service."
+echo "Mail-in-a-Box uses Let's Encrypt to provision free SSL/TLS certificates"
+echo "to enable HTTPS connections to your box. We're automatically"
+echo "agreeing you to their subscriber agreement. See https://letsencrypt.org."
 echo
-certbot register $([ "$NONINTERACTIVE" == 1 ] && echo "--agree-tos") \
-    --register-unsafely-without-email --config-dir $STORAGE_ROOT/ssl/lets_encrypt
+certbot register --register-unsafely-without-email --agree-tos --config-dir $STORAGE_ROOT/ssl/lets_encrypt
 fi

 # Done.
--- a/setup/webmail.sh
+++ b/setup/webmail.sh
@@ -35,8 +35,8 @@ apt-get purge -qq -y roundcube* #NODOC
 # Install Roundcube from source if it is not already present or if it is out of date.
 # Combine the Roundcube version number with the commit hash of plugins to track
 # whether we have the latest version of everything.
-VERSION=1.3.6
-HASH=ece5cfc9c7af0cbe90c0065ef33e85ed42991830
+VERSION=1.3.7
+HASH=df0e29d09aae0b7a7ae98023dcd1ae3c6be77cd0
 PERSISTENT_LOGIN_VERSION=dc5ca3d3f4415cc41edb2fde533c8a8628a94c76
 HTML5_NOTIFIER_VERSION=4b370e3cd60dabd2f428a26f45b677ad1b7118d5
 CARDDAV_VERSION=2.0.4
@@ -155,6 +155,7 @@ cat > ${RCM_PLUGIN_DIR}/carddav/config.inc.php <<EOF;
 	 'preemptive_auth' => '1',
 	 'hide'        =>  false,
 );
+?>
 EOF

 # Create writable directories.
--- a/setup/zpush.sh
+++ b/setup/zpush.sh
@@ -22,8 +22,8 @@ apt_install \
 phpenmod -v php7.0 imap

 # Copy Z-Push into place.
-VERSION=2.3.9
-TARGETHASH=60087b97e4b1c73db096e252cf893c75df556907
+VERSION=2.4.4
+TARGETHASH=104d44426852429dac8ec2783a4e9ad7752d4682
 needs_update=0 #NODOC
 if [ ! -f /usr/local/lib/z-push/version ]; then
 	needs_update=1 #NODOC
@@ -32,12 +32,14 @@ elif [[ $VERSION != `cat /usr/local/lib/z-push/version` ]]; then
 	needs_update=1 #NODOC
 fi
 if [ $needs_update == 1 ]; then
-	wget_verify http://download.z-push.org/final/2.3/z-push-$VERSION.tar.gz $TARGETHASH /tmp/z-push.tar.gz
+	# Download
+	wget_verify "https://stash.z-hub.io/rest/api/latest/projects/ZP/repos/z-push/archive?at=refs%2Ftags%2F$VERSION&format=zip" $TARGETHASH /tmp/z-push.zip

-	rm -rf /usr/local/lib/z-push
-	tar -xzf /tmp/z-push.tar.gz -C /usr/local/lib/
-	rm /tmp/z-push.tar.gz
-	mv /usr/local/lib/z-push-$VERSION /usr/local/lib/z-push
+	# Extract into place.
+	rm -rf /usr/local/lib/z-push /tmp/z-push
+	unzip -q /tmp/z-push.zip -d /tmp/z-push
+	mv /tmp/z-push/src /usr/local/lib/z-push
+	rm -rf /tmp/z-push.zip /tmp/z-push

 	rm -f /usr/sbin/z-push-{admin,top}
 	ln -s /usr/local/lib/z-push/z-push-admin.php /usr/sbin/z-push-admin
Author	SHA1	Message	Date
Joshua Tauberer	16f38042ec	v0.29 released, closes #1440	2018-10-24 16:12:25 -04:00
Joshua Tauberer	2f494e9a1c	CHANGELOG fixes/updates	2018-10-24 16:09:59 -04:00
Michael Kroes	6eb9055275	Upgrade NextCloud to 13.06 (#1436 )	2018-10-09 07:09:54 -04:00
Joshua Tauberer	504a9b0abc	certbot uses a new directory path for API v02 accounts and we should check that before creating a new account or else we'll try to create a new account on each setup run (which certbot just fails on)	2018-09-03 13:07:24 -04:00
Joshua Tauberer	842fbb3d72	auto-agree to Let's Encrypt's terms of service during setup fixes #1409 This reverts commit `82844ca651` ("make certbot auto-agree to TOS if NONINTERACTIVE=1 env var is set (#1399)") and instead always auto-agree. If we don't auto-agree, certbot asks the user interactively, but our "curl \| bash" setup line does not permit interactive prompts, so certbot failed to register and all certificate things were broken until the command was re-run interactively.	2018-09-03 13:06:34 -04:00
Joshua Tauberer	a5d5a073c7	update Z-Push to 2.4.4 Starting with 2.4, Z-Push no longer provides tarballs on their download server. The only options are getting the code from their git repository or using one of their distribution packages. Their Ubuntu 18.04 packaes don't seem to actually work in Ubuntu 18.04, so thinking ahead that's currently a bad choice. In `78d1c9be6e` we switched from doing a git clone to using wget on their downloads server because of a problem with something related to stash.z-hub.io's SSL certificate. But wget also seems to work on their source code repository, so we can use that.	2018-09-02 11:29:44 -04:00
Joshua Tauberer	d4b122ee94	update to Nextcloud 13.0.5	2018-08-24 11:11:52 -04:00
Joshua Tauberer	052a1f3b26	update to Roundcube 1.3.7	2018-08-24 10:47:22 -04:00
Joshua Tauberer	180b054dbc	small code cleanup testing if the utf8 locale is installed	2018-08-24 09:49:08 -04:00
Joshua Tauberer	cb162da5fe	Merge pull request #1412 from hlxnd/pr Use ISO 8601 on backups table dates, fixes #1397	2018-08-05 15:16:05 -04:00
hlxnd	de9c556ad7	Add missing PHP end tag	2018-08-05 15:27:35 +02:00
hlxnd	f420294819	Use ISO 8601 on backups table dates.	2018-08-05 15:26:45 +02:00