external
/
mailinabox
mirror of https://github.com/mail-in-a-box/mailinabox.git
1
0
Fork 0
Code Issues Releases Wiki Activity
mailinabox/HeadsUp.md

4.8 KiB
Raw Blame History

Vagrant commands that you'd need most:

  1. To view the list of vagrant boxes, use vagrant box list
  2. To initialize a vagrant VM, use vagrant init boxname
  3. To start a vagrant VM, use vagrant up
  4. To shut down the vagrant VM, use vagrant halt ubuntu/bionic64
  5. To remove a vagrant box, use vagrant box remove <boxname>

UserName and Password

  1. Generally vagrant created VM's username is vagrant, password is vagrant
  2. _hostname/ IP address will be available in config.vm.network "private_network", ip: <if there is any>. _

Errors encountered while setting up MIAB

  1. If you're seeing an error message about your IP address being listed in the Spamhaus Block List, simply uncomment the export SKIP_NETWORK_CHECKS=1 line in Vagrantfile. It's normal, you're probably using a dynamic IP address assigned by your Internet providerthey're almost all listed.
  2. If you're seeing an error message such as this Bash script and /bin/bash^M: bad interpreter: No such file or directory, then most likely you're on windows host and your vm is ubuntu. Then you've to change the format of all .py and .sh files in all the mailinabox directories to Unix (LF).
  3. If you're encountering migration error, please add this line return in line 216 at setup/migrate.py. Then after the up --provision command is successful, you gotta uncomment this or remove this line. (Not sure yet)
  4. If your vagrant up command is stuck at upgrading to nextcloud, it is because the nextcloud server is either down or very slow. Check the /tmp folder whether the nextcloud.zip is being downloaded. If not, download it yourself and paste it in the /tmp folder.
  5. As your vagrant VM is CLI, to see the contents of 192.168.50.4, do the following.

To make sure that you can view the curl contents in your host machine's browser by executing commands from guest VM CLI, these are the steps that you gotta follow:

  1. Copy the private key that vagrant generated for you and paste it in .ssh directory (for windows: by default this is the path C:\\Users\HP\.ssh folder) with a name

  2. _Now if you try to login using the following SSH command, ssh -i <path to your private key> username@hostname or username@ipaddress

  3. You should be logged in to the vagrant VM

  4. CD into the directory /etc/ssh

  5. Edit the sshd_config file with sudo permission and uncomment these 3 lines:

    X11Forwarding yes

    X11DisplayOffset 10

    X11UseLocalhost yes

  6. Now restart the sshd service by the following command: sudo systemctl restart sshd

  7. logout from your account

  8. If you're in ubuntu host, then do the following: ssh -X -i <path to your private key> username@hostname or username@ipaddress _you should be logged into the host as username. type echo $DISPLAY and see whether localhost=10.0.0 comes up or not. If it does, then X11Forwarding is enabled. Now type firefox in your terminal and you should see the output in firefox browser in your ubuntu host machine

  9. If you're in windows host, install XMing and Putty

    a) Open Puttygen app and from conversions -> import key, load the key you saved in line 6

    b) Save the key by pressing save private key button in the same folder

    c) In Putty, go to Connections->SSH->Auth and load the private key by clicking load key button

    d) go to Connections->SSH->X11 and tick on X11forwarding

    e) Now, write the IP address/ hostname in sessions, save it with a session name and click on open.

    f) Type vagrant as username and you should be logged in with X11 forwarding option enabled

    g) To check this option, type $ echo $DISPLAY and see whether localhost=10.0.0 comes up or not. If it does, then you're good to go.

    h) Now type firefox in your putty terminal and you should see the output in firefox browser in your windows host machine

What is done here? Mail-in-a-box is an open source sw that provides you the options to control your mail server yourself. It gives you a DNS server as well and has all the necessary settings like DNSSEC, DANE TLSA, etc. But the existing software doesn't really provide the options for renewing key. It creates a key pair initially and uses this key during the whole lifetime of the setup. If any user updates the key, he or she will have to manually change the certificates and TLSA records which is error-prone. So, what I did is provide an option to renew the cert for user with both the existing key and with a new key and if user does so with a new key, then update the TLSA records. I followed the double TLSA scheme. Main motivation of doing this is to reduce the number of misconfigurations due to manual key rollover.

To make it work into an existing mailinabox setup, you need to do the following:

  1. sudo setup/ssl.sh
  2. sudo setup/dns.sh
  3. sudo tools/dns_update
  4. sudo service mailinabox restart

To view the print logs for testing:

  1. sudo cat /var/log/syslog