Commit graph

980 commits

Author SHA1 Message Date
David Duque
55dbd9d93c Nextcloud user permission fixes 2022-06-07 11:24:12 +01:00
David Duque
3503b5a1f0 Update nextcloud to v23.0.5
* Contacts to v4.1.1
* Calendar to 3.3.1
2022-06-07 11:18:22 +01:00
David Duque
e5ffae7791 Upgrade Nextcloud to v23.0.4, External User Backend to v3.0.0 2022-04-27 23:22:55 +01:00
David Duque
7df762b46b v56.4 2022-03-29 17:29:20 +01:00
David Duque
f605e55997 Handle the absence of openssh-server
It is not strictly required for us to have sshd installed,
for example on baremetal machines where shell access
is physical-only.

Instead we'll skip certain tasks that depend on sshd if
it is not installed.
2022-03-29 17:14:06 +01:00
David Duque
1fcc1a489b
v56.3 2022-03-22 18:25:36 +00:00
David Duque
fece9355cf
Update NextCloud to v23.0.3 2022-03-22 18:01:51 +00:00
David Duque
a56bb235d7
Upgrade FontAwesome to v6.1.1, Persistent Login Plugin to v5.3.0 2022-03-22 16:41:54 +00:00
David Duque
6602d2c774
Merge from main 2022-02-20 20:45:14 +00:00
David Duque
2cee801002
v56.2 2022-02-18 01:07:01 +00:00
David Duque
d8d742d74d
Update contacts to v4.0.8, cal to v3.0.6 2022-02-18 00:56:26 +00:00
David Duque
4da6f66b94
Update Postfix TLS configuration (#45)
* Update the list of very old ciphers that shouldn't be used at all
* Enforce cipher preference server side
2022-02-18 00:43:13 +00:00
David Duque
51fa2a6fd9
Change the SMTP banner as not to disclose the operating system (which was set to be always 'Debian') 2022-02-17 23:28:20 +00:00
David Duque
deaecbe0d2
Fix nextcloud issue piping stderr to a file 2022-02-17 23:27:45 +00:00
David Duque
56b0fc02da
Install libsasl2-modules (#44)
Required for SMTP relays to work
2022-02-17 23:25:01 +00:00
David Duque
14534fd0cb
Fix nextcloud cleanup typo 2022-01-31 16:10:28 +00:00
David Duque
6b4ee8f576
Merge from main 2022-01-31 00:53:59 +00:00
David Duque
ed886ee934
Admin panel refactoring (#41) 2022-01-31 00:52:22 +00:00
David Duque
16b521c2f0
v56.1 2022-01-24 01:52:48 +00:00
David Duque
6436bad483
Recreate Python env after an in-place OS upgrade
Fixes #42
2022-01-24 01:48:34 +00:00
David Duque
271b03a346
v56.0 2022-01-22 20:00:01 +00:00
David Duque
37a97a394f
Suppress complaints about owncloud not existing (legacy setup code) 2022-01-22 19:58:03 +00:00
David Duque
152d7c39bc
Band-aid fix for B2 backups on Debian 10 2022-01-22 18:53:49 +00:00
David Duque
b622df6b03
Update Software:
- Bootstrap to v4.6.1
- FontAwesome to v5.15.4
- NextCloud Calendar to v3.0.5
- Roundcube Persistent Login to latest commit
2022-01-20 15:49:06 +00:00
David Duque
cd9bd51ed0
Import changes from upstream (v56) 2022-01-20 15:02:16 +00:00
Joshua Tauberer
3a7de051ee Version 56 (January 19, 2022) 2022-01-19 16:59:34 -05:00
Joshua Tauberer
d1d6318862 Set systemd journald log retention to 10 days (from no limit) to reduce disk usage 2022-01-08 09:11:48 -05:00
Joshua Tauberer
34b7a02f4f Update Roundcube to 1.5.2 2022-01-08 09:00:12 -05:00
Joshua Tauberer
a312acc3bc Update to Nextcloud 20.0.8 and update apps 2022-01-08 09:00:12 -05:00
jvolkenant
c92fd02262
Don't die if column already exists on Nextcloud 18 upgrade (#2078) 2021-12-25 10:17:34 -05:00
Ilnahro
50a5cb90bc
Include rsync to the installed basic packages (#2067)
Some VPS providers strip this package from their Ubuntu 18.04 VM images. This will help avoid errors.
2021-11-30 19:50:01 -05:00
David Duque
4812ffd6b3
v55.1 2021-11-17 22:58:33 +00:00
David Duque
faacc1d674
Update to above: Bail only at the second failure. 2021-11-17 22:55:18 +00:00
David Duque
5e66af63f2
Don't bail if pollinate fails 2021-11-17 22:42:45 +00:00
David Duque
972c413b19
nginx: Overhaul upstream directives (#38)
* Add a way for users to specify custom upstream directives via .upstream.conf file;
* MiaB-managed applications and user applications will now use different sockets;
2021-11-17 22:41:36 +00:00
jvolkenant
58b0323b36
Update persistent_login for Roundcube 1.5 (#2055) 2021-11-04 18:59:10 -04:00
David Duque
109267c7b0
v55.0 2021-10-19 21:12:17 +01:00
David Duque
cb7cbe419e
Update external software checksums 2021-10-19 21:08:24 +01:00
David Duque
dab920042e
Update external software 2021-10-19 21:05:19 +01:00
David
856260bf29
Check for lsb_release, and if it doesn't exist, install it 2021-10-19 14:43:01 +01:00
David
f6d7d5689c
Merge v55 from upstream 2021-10-19 14:42:07 +01:00
Joshua Tauberer
65861c68b7 Version 55 2021-10-18 20:40:51 -04:00
Joshua Tauberer
71a7a3e201 Upgrade to Roundcube 1.5 2021-10-18 20:40:51 -04:00
Joshua Tauberer
113b7bd827 Disable SMTPUTF8 in Postfix because Dovecot LMTP doesn't support it and bounces messages that require SMTPUTF8
By not advertising SMTPUTF8 support at the start, senders may opt to transmit recipient internationalized domain names in IDNA form instead, which will be deliverable.

Incoming mail with internationalized domains was probably working prior to our move to Ubuntu 18.04 when postfix's SMTPUTF8 support became enabled by default.

The previous commit is retained because Mail-in-a-Box users might prefer to keep SMTPUTF8 on for outbound mail, if they are not using internationalized domains for email, in which case the previous commit fixes the 'relay access denied' error even if the emails aren't deliverable.
2021-09-24 08:11:36 -04:00
Joshua Tauberer
3e19f85fad Add domain maps from Unicode forms of internationalized domains to their ASCII forms
When an email is received by Postfix using SMTPUTF8 and the recipient domain is a Unicode internationalized domain, it was failing to be delivered (bouncing with 'relay access denied') because our users and aliases tables only store ASCII (IDNA) forms of internationalized domains. In this commit, domain maps are added to the auto_aliases table from the Unicode form of each mail domain to its IDNA form, if those forms are different. The Postfix domains query is updated to look at the auto_aliases table now as well, since it is the only table with Unicode forms of the mail domains.

However, mail delivery is still not working since the Dovecot LMTP server does not support SMTPUTF8, and mail still bounces but with an error that SMTPUTF8 is not supported.
2021-09-24 08:11:36 -04:00
Joshua Tauberer
11e84d0d40 Move automatically generated aliases to a separate database table
They really should never have been conflated with the user-provided aliases.

Update the postfix alias map to query the automatically generated aliases with lowest priority.
2021-09-24 08:11:36 -04:00
drpixie
df46e1311b
Include NSD config files from /etc/nsd/nsd.conf.d/*.conf (#2035)
And write MIAB dns zone config into /etc/nsd/nsd.conf.d/zones.conf. Delete lingering old zones.conf file.

Co-authored-by: Joshua Tauberer <jt@occams.info>
2021-09-24 08:07:40 -04:00
David Duque
4c4cce836e
Merge changes from upstream 2021-09-07 17:08:05 +01:00
Joshua Tauberer
e884c4774f Replace HMAC-based session API keys with tokens stored in memory in the daemon process
Since the session cache clears keys after a period of time, this fixes #1821.

Based on https://github.com/mail-in-a-box/mailinabox/pull/2012, and so:

Co-Authored-By: NewbieOrange <NewbieOrange@users.noreply.github.com>

Also fixes #2029 by not revealing through the login failure error message whether a user exists or not.
2021-09-06 09:23:58 -04:00
Joshua Tauberer
700188c443 Roundcube 1.5 RC 2021-09-06 09:23:58 -04:00