1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-12-18 06:37:06 +00:00
mailinabox/setup
Joshua Tauberer 3fbbf56986 v0.15 (January 1, 2016)
-----------------------

Mail:

* Updated Roundcube to version 1.1.3.
* Auto-create aliases for abuse@, as required by RFC2142.
* The DANE TLSA record is changed to use the certificate subject public key rather than the whole certificate, which means the record remains valid after certificate changes (so long as the private key remains the same, which it does for us).

Control panel:

* When IPv6 is enabled, check that system services are accessible over IPv6 too, that the box's hostname resolves over IPv6, and that reverse DNS is setup correctly for IPv6.
* Explanatory text for setting up secondary nameserver is added/fixed.
* DNS checks now have a timeout in case a DNS server is not responding, so the checks don't stall indefinitely.
* Better messages if external DNS is used and, weirdly, custom secondary nameservers are set.
* Add POP to the mail client settings documentation.
* The box's IP address is added to the fail2ban whitelist so that the status checks don't trigger the machine banning itself, which results in the status checks showing services down even though they are running.
* For SSL certificates, rather than asking you what country you are in during setup, ask at the time a CSR is generated. The default system self-signed certificate now omits a country in the subject (it was never needed). The CSR_COUNTRY Mail-in-a-Box setting is dropped entirely.

System:

* Nightly backups and system status checks are now moved to 3am in the system's timezone.
* fail2ban's recidive jail is now active, which guards against persistent brute force login attacks over long periods of time.
* Setup (first run only) now asks for your timezone to set the system time.
* The Exchange/ActiveSync server is now taken offline during nightly backups (along with SMTP and IMAP).
* The machine's random number generator (/dev/urandom) is now seeded with Ubuntu Pollinate and a blocking read on /dev/random.
* DNSSEC key generation during install now uses /dev/urandom (instead of /dev/random), which is faster.
* The $STORAGE_ROOT/ssl directory is flattened by a migration script and the system SSL certificate path is now a symlink to the actual certificate.
* If ownCloud sends out email, it will use the box's administrative address now (admin@yourboxname).
* Z-Push (Exchange/ActiveSync) logs now exclude warnings and are now rotated to save disk space.
* Fix pip command that might have not installed all necessary Python packages.
* The control panel and backup would not work on Google Compute Engine because GCE installs a conflicting boto package.
* Added a new command `management/backup.py --restore` to restore files from a backup to a target directory (command line arguments are passed to `duplicity restore`).
2016-01-01 17:47:18 -05:00
..
bootstrap.sh v0.15 (January 1, 2016) 2016-01-01 17:47:18 -05:00
dkim.sh silence all of the installing/already installed package messages on installation 2015-08-19 15:58:35 -04:00
dns.sh use /dev/urandom for DNSSEC key generation, fixes #596, partially reverts #115 (69f0e1d07a) 2015-11-19 07:00:33 -05:00
firstuser.sh suppress some status output regarding new automatic aliases on first installation 2015-08-19 16:30:32 -04:00
functions.sh silence all of the installing/already installed package messages on installation 2015-08-19 15:58:35 -04:00
mail-dovecot.sh tiny tweaks to make the bash slightly more readable 2015-12-22 12:33:26 -08:00
mail-postfix.sh silence all of the installing/already installed package messages on installation 2015-08-19 15:58:35 -04:00
mail-users.sh various cleanup related to the new permitted_senders column for aliases 2015-08-14 23:05:08 +00:00
management.sh merge #587 - move backup and nightly status checks to 3am in system time 2015-12-26 08:42:58 -05:00
migrate.py make the system SSL certificate a symlink so we never have to replace a certificate file, and flatten the directory structure of user-installed certificates 2015-11-29 02:02:01 +00:00
munin.sh munin setup may show '/bin/rm: missing operand', fixes #527 2015-10-10 16:48:49 +00:00
network-checks.sh prevent apt from asking the user any questions 2015-02-13 13:41:52 +00:00
owncloud.sh use /dev/urandom for roundcube/owncloud key generation, see #596, partially reverts #115 (69f0e1d07a) 2015-11-19 07:00:33 -05:00
preflight.sh Typo 2015-09-05 21:29:24 +02:00
questions.sh drop the CSR_COUNTRY setting and ask within the control panel 2015-12-26 11:48:23 -05:00
spamassassin.sh Remove direct dependencies as they get installed automatically 2015-09-05 09:08:47 +02:00
ssl.sh drop the CSR_COUNTRY setting and ask within the control panel 2015-12-26 11:48:23 -05:00
start.sh drop the CSR_COUNTRY setting and ask within the control panel 2015-12-26 11:48:23 -05:00
system.sh setup now asks for and sets the system timezone 2015-12-26 08:08:08 -05:00
web.sh move nginx-ssl to be a global configuration file rather than including it into each server block 2015-09-27 17:13:11 +00:00
webmail.sh use /dev/urandom for roundcube/owncloud key generation, see #596, partially reverts #115 (69f0e1d07a) 2015-11-19 07:00:33 -05:00
zpush.sh Change Z-Push log level to error 2015-11-18 21:39:17 +01:00