Commit graph

58 commits

Author SHA1 Message Date
Joshua Tauberer
6c8ee1862a use subresource integrity attributes to guard against CDNs being used as an attack vector; drop external resources that we can't protect this way (fonts); fixes #234 2015-09-18 19:04:28 +00:00
Joshua Tauberer
5924d0fe0d various cleanup related to the new permitted_senders column for aliases 2015-08-14 23:05:08 +00:00
Hnk Reno
da4d9ff607 update docstring to clarify usage of -c option 2015-07-02 19:27:05 +02:00
Joshua Tauberer
7527b4dc27 show the Mail-in-a-Box version in the control panel and a button to ping the MiaB website for the latest version
fixes #441
2015-06-25 13:43:11 +00:00
Joshua Tauberer
2cab9d5514 editconf.py: better error message if command line arguments are not valid 2015-04-11 15:25:11 -04:00
Sascha Reynolds
6989df0af3 fix(read_password): regex check for spaces, quotes
* Passwords must be at least four characters. So we need to check them
here to ensure that first user creation works during initial setup
* Change quotes to match rest of code
2015-03-30 19:59:07 +02:00
Hnk Reno
6c64723d7c Change read_password() logic to better catch improper passwords
Currently read_password does not verify password length. But further down the chain, passwords are checked to make sure they are longer than four characters.

If during initial setup, the user enters a password that is shorter than four characters, this will not be caught here, but when the script actually calls management/mailconfig.py to add the user, it will fail without a chance to correct the short password.

The setup script will then continue without an inital user being created and this will confuse users.
2015-03-29 18:54:37 +02:00
Joshua Tauberer
a68703dfb3 add a tool for me to see how many installations are happening by scanning for accesses to bootstrap.sh 2014-10-21 14:02:19 +00:00
Joshua Tauberer
0b5bf602aa various improvements in bash comments 2014-10-15 11:46:20 -04:00
Joshua Tauberer
8566b78202 drop webfinger, see #95 2014-10-07 20:30:36 +00:00
Joshua Tauberer
990649af2d in the admin, group users by domain, fixes 209 2014-10-07 19:47:43 +00:00
Joshua Tauberer
d9ecc50119 since the management server binds to 127.0.0.1, must use that and not 'localhost' to connect to it because 'localhost' resolves to the IPv6 ::1 when it is available, see #224 2014-10-05 09:01:26 -04:00
Joshua Tauberer
5fd107cae5 more work on making the bash scripts readable 2014-10-04 17:57:26 -04:00
Joshua Tauberer
6c59294e7b more readable bash 2014-09-21 16:05:11 -04:00
Joshua Tauberer
9d40a12f44 first pass at making readable documentation by parsing the bash scripts 2014-09-21 13:43:31 -04:00
Joshua Tauberer
c75a2c4ca0 add a warning not to use owncloud-unlockadmin.sh 2014-09-03 11:02:09 -04:00
Filip Weiss
7fd32d2d0b fix permissions for owncloud-unlockadmin script 2014-09-03 16:50:48 +02:00
Joshua Tauberer
302eae3fd3 Merge pull request #167 from hjjg/feature-owncloudadmin
Add a helper script to unlock ownClouds admin features
2014-08-27 07:43:01 -04:00
Helmuth Gronewold
1f19a855af Use mail.py to get the admin user 2014-08-26 23:34:27 +02:00
Helmuth Gronewold
3ce3c74273 Add a helper script to unlock ownClouds admin features 2014-08-26 23:15:09 +02:00
Michael Simmons
1125325718 CLI usage for aliases with multiple recipients 2014-08-26 11:45:03 -07:00
Joshua Tauberer
7cec45b436 tools/mail.py should not list archived mailboxes
broken by b30d7ad80a when the API began to list both real users and archived mailboxes in the JSON response
2014-08-25 08:13:46 -04:00
jkaberg
a0df18506b use z-push autodisover instead 2014-08-19 13:03:44 +02:00
jkaberg
da17466526 fix undefined index error in webfinger 2014-08-19 11:37:20 +02:00
jkaberg
3f5f95a633 fix preg_match and move up xml line 2014-08-19 11:31:54 +02:00
Joshua Tauberer
b30d7ad80a web-based administrative UI
closes #19
2014-08-17 22:46:06 +00:00
Joshua Tauberer
ae1e69a5e3 ownCloud: code a way to add admins from our users table, but dont use it 2014-08-16 12:59:29 +00:00
Joshua Tauberer
277f98aac8 drop the owncloud mail app for now 2014-08-16 12:19:40 +00:00
Joshua Tauberer
a10b828d5c when modifying php.ini, use ; as the comment char not # because php emits horrid deprecation warnings otherwise 2014-08-15 18:29:05 -04:00
jkaberg
36654bb5b4 quotes 2014-08-12 15:28:15 +02:00
jkaberg
57a441a547 small script to update the mail app 2014-08-12 15:27:37 +02:00
Joshua Tauberer
b6713d9a17 tools/mail.py should return a non-zero exit status when invalid command line args are given 2014-08-11 11:17:30 +00:00
Joshua Tauberer
b56f82cb92 make a privileges column in the users table and mark the first user as an admin 2014-08-08 12:31:22 +00:00
Joshua Tauberer
30178ef019 add a --force flag to dns_update 2014-08-01 12:05:34 +00:00
Joshua Tauberer
3a7221a69a handle errors in management API calls properly
see #118
2014-07-25 13:53:40 +00:00
Joshua Tauberer
2a7669a0d3 z-push: an Exchange ActiveSync server 2014-07-12 00:02:32 +00:00
Joshua Tauberer
10fbb2b293 in cf7053c124 I allowed editconf.py to insert a setting where we find it already commented-out in order to get an nginx configuration line in the right place, but it wasn't quite right because when run again we would insert the setting a second time 2014-07-08 00:48:22 +00:00
Joshua Tauberer
7339bf080a add a web_update script to trigger writing nginx config 2014-07-08 00:34:38 +00:00
Joshua Tauberer
cf7053c124 set nginx server_names_hash_bucket_size to 64, fixes #93 2014-07-07 11:23:41 +00:00
Joshua Tauberer
d4ce50de86 new tool to purchase and install a SSL certificate using Gandi.net's API 2014-06-23 10:53:29 +00:00
Michael Kropat
554a28479f Merge remote-tracking branch 'upstream/master' into mgmt-auth
Conflicts:
	management/daemon.py
2014-06-21 21:29:25 -04:00
Michael Kropat
447399e8cd Update mail tool to pass api key auth 2014-06-21 23:49:09 +00:00
Joshua Tauberer
0ab43ef4fd have webfinger output a JSON file in STORAGE_ROOT/webfinger/(acct/..) 2014-06-21 17:08:18 +00:00
Joshua Tauberer
85169dc960 preliminary support for webfinger
It just echos back the subject given to it.
2014-06-20 01:55:16 +00:00
Joshua Tauberer
2c4212fa36 use editconf.py to mangle /etc/postfix/master.cf
* using it to enable the Postfix submission service
* per @mkropat's suggestion in #69, set an option to distinguish submission from regular smpd in syslog by giving submission a new name (doing this here to test that editconf is working right on master.cf)
2014-06-08 17:31:12 -04:00
Joshua Tauberer
ad520b45ff adding a new script archive_conf_files.sh to dump the contents of all files modified by editconf.py so testing is easier 2014-06-08 17:31:12 -04:00
Michael Kropat
5774205bc2 Mask password input on stdin 2014-06-06 17:07:30 -04:00
Joshua Tauberer
c54b0cbefc move management into a daemon service running as root
* Created a new Python/flask-based management daemon.
* Moved the mail user management core code from tools/mail.py to the new daemon.
* tools/mail.py is a wrapper around the daemon and can be run as a non-root user.
* Adding a new initscript for the management daemon.
* Moving dns_update.sh to the management daemon, called via curl'ing the daemon's API.

This also now runs the DNS update after mail users and aliases are added/removed,
which sets up new domains' DNS as needed.
2014-06-03 13:56:40 +00:00
Joshua Tauberer
304bf3d360 update for Ubuntu 14.04 2014-04-17 20:17:24 -04:00
Joshua Tauberer
6d1d9e1cc9 remove old Amazon EC2-related things since no one should ever deploy a mail server to EC2 (IPs have bad reputation) 2014-03-17 01:11:07 +00:00