Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
M
mailinabox
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Administrator
mailinabox
Commits
c18200d9
Commit
c18200d9
authored
Aug 25, 2014
by
Joshua Tauberer
Browse files
Options
Browse Files
Download
Plain Diff
Merge commit '
09d2a08c
' into usedialog
Conflicts: setup/start.sh (change was already applied)
parents
bf5016a8
09d2a08c
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
63 additions
and
14 deletions
+63
-14
buy_certificate.py
management/buy_certificate.py
+1
-1
daemon.py
management/daemon.py
+6
-9
status_checks.py
management/status_checks.py
+45
-1
web_update.py
management/web_update.py
+1
-1
management.sh
setup/management.sh
+9
-1
start.sh
setup/start.sh
+1
-1
No files found.
management/buy_certificate.py
View file @
c18200d9
...
@@ -14,7 +14,7 @@ import rtyaml
...
@@ -14,7 +14,7 @@ import rtyaml
from
utils
import
load_environment
,
shell
from
utils
import
load_environment
,
shell
from
web_update
import
get_web_domains
,
get_domain_ssl_files
,
get_web_root
from
web_update
import
get_web_domains
,
get_domain_ssl_files
,
get_web_root
from
whats_next
import
check_certificate
from
status_checks
import
check_certificate
def
buy_ssl_certificate
(
api_key
,
domain
,
command
,
env
):
def
buy_ssl_certificate
(
api_key
,
domain
,
command
,
env
):
if
domain
!=
env
[
'PRIMARY_HOSTNAME'
]
\
if
domain
!=
env
[
'PRIMARY_HOSTNAME'
]
\
...
...
management/daemon.py
View file @
c18200d9
...
@@ -191,7 +191,7 @@ def web_update():
...
@@ -191,7 +191,7 @@ def web_update():
@
app
.
route
(
'/system/status'
,
methods
=
[
"POST"
])
@
app
.
route
(
'/system/status'
,
methods
=
[
"POST"
])
@
authorized_personnel_only
@
authorized_personnel_only
def
system_status
():
def
system_status
():
from
whats_next
import
run_checks
from
status_checks
import
run_checks
class
WebOutput
:
class
WebOutput
:
def
__init__
(
self
):
def
__init__
(
self
):
self
.
items
=
[]
self
.
items
=
[]
...
@@ -210,14 +210,11 @@ def system_status():
...
@@ -210,14 +210,11 @@ def system_status():
@
app
.
route
(
'/system/updates'
)
@
app
.
route
(
'/system/updates'
)
@
authorized_personnel_only
@
authorized_personnel_only
def
show_updates
():
def
show_updates
():
utils
.
shell
(
"check_call"
,
[
"/usr/bin/apt-get"
,
"-qq"
,
"update"
])
from
status_checks
import
list_apt_updates
simulated_install
=
utils
.
shell
(
"check_output"
,
[
"/usr/bin/apt-get"
,
"-qq"
,
"-s"
,
"upgrade"
])
return
""
.
join
(
pkgs
=
[]
"
%
s (
%
s)
\n
"
for
line
in
simulated_install
.
split
(
'
\n
'
):
%
(
p
[
"package"
],
p
[
"version"
])
if
re
.
match
(
r'^Conf .*'
,
line
):
continue
# remove these lines, not informative
for
p
in
list_apt_updates
())
line
=
re
.
sub
(
r'^Inst (.*) \[(.*)\] \((\S*).*'
,
r'Updated Package Available: \1 (\3)'
,
line
)
# make these lines prettier
pkgs
.
append
(
line
)
return
"
\n
"
.
join
(
pkgs
)
@
app
.
route
(
'/system/update-packages'
,
methods
=
[
"POST"
])
@
app
.
route
(
'/system/update-packages'
,
methods
=
[
"POST"
])
@
authorized_personnel_only
@
authorized_personnel_only
...
...
management/
whats_next
.py
→
management/
status_checks
.py
View file @
c18200d9
...
@@ -6,7 +6,7 @@
...
@@ -6,7 +6,7 @@
__ALL__
=
[
'check_certificate'
]
__ALL__
=
[
'check_certificate'
]
import
os
,
os
.
path
,
re
,
subprocess
import
os
,
os
.
path
,
re
,
subprocess
,
datetime
import
dns.reversename
,
dns
.
resolver
import
dns.reversename
,
dns
.
resolver
...
@@ -36,6 +36,17 @@ def run_system_checks(env):
...
@@ -36,6 +36,17 @@ def run_system_checks(env):
else
:
else
:
env
[
'out'
]
.
print_ok
(
"SSH disallows password-based login."
)
env
[
'out'
]
.
print_ok
(
"SSH disallows password-based login."
)
# Check for any software package updates.
pkgs
=
list_apt_updates
()
if
os
.
path
.
exists
(
"/var/run/reboot-required"
):
env
[
'out'
]
.
print_error
(
"System updates have been installed and a reboot of the machine is required."
)
elif
len
(
pkgs
)
==
0
:
env
[
'out'
]
.
print_ok
(
"System software is up to date."
)
else
:
env
[
'out'
]
.
print_error
(
"There are
%
d software packages that can be updated."
%
len
(
pkgs
))
for
p
in
pkgs
:
env
[
'out'
]
.
print_line
(
"
%
s (
%
s)"
%
(
p
[
"package"
],
p
[
"version"
]))
# Check that the administrator alias exists since that's where all
# Check that the administrator alias exists since that's where all
# admin email is automatically directed.
# admin email is automatically directed.
check_alias_exists
(
"administrator@"
+
env
[
'PRIMARY_HOSTNAME'
],
env
)
check_alias_exists
(
"administrator@"
+
env
[
'PRIMARY_HOSTNAME'
],
env
)
...
@@ -433,6 +444,39 @@ def check_certificate(domain, ssl_certificate, ssl_private_key):
...
@@ -433,6 +444,39 @@ def check_certificate(domain, ssl_certificate, ssl_private_key):
else
:
else
:
return
verifyoutput
.
strip
()
return
verifyoutput
.
strip
()
_apt_updates
=
None
def
list_apt_updates
():
# See if we have this information cached recently.
# Keep the information for 8 hours.
global
_apt_updates
if
_apt_updates
is
not
None
and
_apt_updates
[
0
]
>
datetime
.
datetime
.
now
()
-
datetime
.
timedelta
(
hours
=
8
):
return
_apt_updates
[
1
]
# Run apt-get update to refresh package list.
shell
(
"check_call"
,
[
"/usr/bin/apt-get"
,
"-qq"
,
"update"
])
# Run apt-get upgrade in simulate mode to get a list of what
# it would do.
simulated_install
=
shell
(
"check_output"
,
[
"/usr/bin/apt-get"
,
"-qq"
,
"-s"
,
"upgrade"
])
pkgs
=
[]
for
line
in
simulated_install
.
split
(
'
\n
'
):
if
line
.
strip
()
==
""
:
continue
if
re
.
match
(
r'^Conf .*'
,
line
):
# remove these lines, not informative
continue
m
=
re
.
match
(
r'^Inst (.*) \[(.*)\] \((\S*)'
,
line
)
if
m
:
pkgs
.
append
({
"package"
:
m
.
group
(
1
),
"version"
:
m
.
group
(
3
),
"current_version"
:
m
.
group
(
2
)
})
else
:
pkgs
.
append
({
"package"
:
"["
+
line
+
"]"
,
"version"
:
""
,
"current_version"
:
""
})
# Cache for future requests.
_apt_updates
=
(
datetime
.
datetime
.
now
(),
pkgs
)
return
pkgs
try
:
try
:
terminal_columns
=
int
(
shell
(
'check_output'
,
[
'stty'
,
'size'
])
.
split
()[
1
])
terminal_columns
=
int
(
shell
(
'check_output'
,
[
'stty'
,
'size'
])
.
split
()[
1
])
except
:
except
:
...
...
management/web_update.py
View file @
c18200d9
...
@@ -140,7 +140,7 @@ def get_domain_ssl_files(domain, env):
...
@@ -140,7 +140,7 @@ def get_domain_ssl_files(domain, env):
# a Subject Alternative Name matching this domain. Don't do this if
# a Subject Alternative Name matching this domain. Don't do this if
# the user has uploaded a different private key for this domain.
# the user has uploaded a different private key for this domain.
if
not
ssl_key_is_alt
:
if
not
ssl_key_is_alt
:
from
whats_next
import
check_certificate
from
status_checks
import
check_certificate
if
check_certificate
(
domain
,
ssl_certificate_primary
,
None
)
==
"OK"
:
if
check_certificate
(
domain
,
ssl_certificate_primary
,
None
)
==
"OK"
:
ssl_certificate
=
ssl_certificate_primary
ssl_certificate
=
ssl_certificate_primary
...
...
setup/management.sh
View file @
c18200d9
...
@@ -2,7 +2,7 @@
...
@@ -2,7 +2,7 @@
source
setup/functions.sh
source
setup/functions.sh
apt_install python3-flask links duplicity libyaml-dev python3-dnspython
apt_install python3-flask links duplicity libyaml-dev python3-dnspython
unattended-upgrades
hide_output pip3
install
rtyaml
hide_output pip3
install
rtyaml
# Create a backup directory and a random key for encrypting backups.
# Create a backup directory and a random key for encrypting backups.
...
@@ -21,6 +21,14 @@ rm -f /etc/init.d/mailinabox
...
@@ -21,6 +21,14 @@ rm -f /etc/init.d/mailinabox
ln
-s
$(
pwd
)
/conf/management-initscript /etc/init.d/mailinabox
ln
-s
$(
pwd
)
/conf/management-initscript /etc/init.d/mailinabox
hide_output update-rc.d mailinabox defaults
hide_output update-rc.d mailinabox defaults
# Allow apt to install system updates automatically every day.
cat
>
/etc/apt/apt.conf.d/02periodic
<<
EOF
;
APT::Periodic::MaxAge "7";
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";
APT::Periodic::Verbose "1";
EOF
# Perform a daily backup.
# Perform a daily backup.
cat
>
/etc/cron.daily/mailinabox-backup
<<
EOF
;
cat
>
/etc/cron.daily/mailinabox-backup
<<
EOF
;
#!/bin/bash
#!/bin/bash
...
...
setup/start.sh
View file @
c18200d9
...
@@ -115,7 +115,7 @@ echo Your Mail-in-a-Box is running.
...
@@ -115,7 +115,7 @@ echo Your Mail-in-a-Box is running.
echo
echo
echo
Please log
in
to the control panel
for
further instructions at:
echo
Please log
in
to the control panel
for
further instructions at:
echo
echo
if
management/
whats_next
.py
--check-primary-hostname
;
then
if
management/
status_checks
.py
--check-primary-hostname
;
then
# Show the nice URL if it appears to be resolving and has a valid certificate.
# Show the nice URL if it appears to be resolving and has a valid certificate.
echo
https://
$PRIMARY_HOSTNAME
/admin
echo
https://
$PRIMARY_HOSTNAME
/admin
echo
echo
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment