Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
M
mailinabox
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Administrator
mailinabox
Commits
fed59592
Commit
fed59592
authored
Jun 30, 2014
by
Joshua Tauberer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
s/PUBLIC_HOSTNAME/PRIMARY_HOSTNAME/ throughout
parent
573faa2b
Changes
9
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
58 additions
and
58 deletions
+58
-58
Vagrantfile
Vagrantfile
+1
-1
buy_certificate.py
management/buy_certificate.py
+4
-4
dns_update.py
management/dns_update.py
+8
-8
utils.py
management/utils.py
+4
-4
web_update.py
management/web_update.py
+9
-9
whats_next.py
management/whats_next.py
+13
-13
mail.sh
setup/mail.sh
+2
-2
ssl.sh
setup/ssl.sh
+4
-4
start.sh
setup/start.sh
+13
-13
No files found.
Vagrantfile
View file @
fed59592
...
@@ -20,7 +20,7 @@ Vagrant.configure("2") do |config|
...
@@ -20,7 +20,7 @@ Vagrant.configure("2") do |config|
# started quickly.
# started quickly.
export PUBLIC_IP=auto
export PUBLIC_IP=auto
export PUBLIC_IPV6=auto
export PUBLIC_IPV6=auto
export P
UBLIC
_HOSTNAME=auto-easy
export P
RIMARY
_HOSTNAME=auto-easy
export CSR_COUNTRY=US
export CSR_COUNTRY=US
# Start the setup script.
# Start the setup script.
...
...
management/buy_certificate.py
View file @
fed59592
...
@@ -17,9 +17,9 @@ from web_update import get_web_domains, get_domain_ssl_files, get_web_root
...
@@ -17,9 +17,9 @@ from web_update import get_web_domains, get_domain_ssl_files, get_web_root
from
whats_next
import
check_certificate
from
whats_next
import
check_certificate
def
buy_ssl_certificate
(
api_key
,
domain
,
command
,
env
):
def
buy_ssl_certificate
(
api_key
,
domain
,
command
,
env
):
if
domain
!=
env
[
'P
UBLIC
_HOSTNAME'
]
\
if
domain
!=
env
[
'P
RIMARY
_HOSTNAME'
]
\
and
domain
not
in
get_web_domains
(
env
):
and
domain
not
in
get_web_domains
(
env
):
raise
ValueError
(
"Domain is not
%
s or a domain we're serving a website for."
%
env
[
'P
UBLIC
_HOSTNAME'
])
raise
ValueError
(
"Domain is not
%
s or a domain we're serving a website for."
%
env
[
'P
RIMARY
_HOSTNAME'
])
# Initialize.
# Initialize.
...
@@ -131,9 +131,9 @@ def buy_ssl_certificate(api_key, domain, command, env):
...
@@ -131,9 +131,9 @@ def buy_ssl_certificate(api_key, domain, command, env):
print
(
"The certificate has been installed in
%
s. Restarting services..."
%
ssl_certificate
)
print
(
"The certificate has been installed in
%
s. Restarting services..."
%
ssl_certificate
)
# Restart dovecot and if this is for P
UBLIC
_HOSTNAME.
# Restart dovecot and if this is for P
RIMARY
_HOSTNAME.
if
domain
==
env
[
'P
UBLIC
_HOSTNAME'
]:
if
domain
==
env
[
'P
RIMARY
_HOSTNAME'
]:
shell
(
'check_call'
,
[
"/usr/sbin/service"
,
"dovecot"
,
"restart"
])
shell
(
'check_call'
,
[
"/usr/sbin/service"
,
"dovecot"
,
"restart"
])
shell
(
'check_call'
,
[
"/usr/sbin/service"
,
"postfix"
,
"restart"
])
shell
(
'check_call'
,
[
"/usr/sbin/service"
,
"postfix"
,
"restart"
])
...
...
management/dns_update.py
View file @
fed59592
...
@@ -10,10 +10,10 @@ from utils import shell, load_env_vars_from_file, safe_domain_name, sort_domains
...
@@ -10,10 +10,10 @@ from utils import shell, load_env_vars_from_file, safe_domain_name, sort_domains
def
get_dns_domains
(
env
):
def
get_dns_domains
(
env
):
# Add all domain names in use by email users and mail aliases and ensure
# Add all domain names in use by email users and mail aliases and ensure
# P
UBLIC
_HOSTNAME is in the list.
# P
RIMARY
_HOSTNAME is in the list.
domains
=
set
()
domains
=
set
()
domains
|=
get_mail_domains
(
env
)
domains
|=
get_mail_domains
(
env
)
domains
.
add
(
env
[
'P
UBLIC
_HOSTNAME'
])
domains
.
add
(
env
[
'P
RIMARY
_HOSTNAME'
])
return
domains
return
domains
def
get_dns_zones
(
env
):
def
get_dns_zones
(
env
):
...
@@ -130,11 +130,11 @@ def build_zone(domain, subdomains, additional_records, env, with_ns=True):
...
@@ -130,11 +130,11 @@ def build_zone(domain, subdomains, additional_records, env, with_ns=True):
# For top-level zones, define ourselves as the authoritative name server.
# For top-level zones, define ourselves as the authoritative name server.
if
with_ns
:
if
with_ns
:
records
.
append
((
None
,
"NS"
,
"ns1.
%
s."
%
env
[
"P
UBLIC
_HOSTNAME"
]))
records
.
append
((
None
,
"NS"
,
"ns1.
%
s."
%
env
[
"P
RIMARY
_HOSTNAME"
]))
records
.
append
((
None
,
"NS"
,
"ns2.
%
s."
%
env
[
"P
UBLIC
_HOSTNAME"
]))
records
.
append
((
None
,
"NS"
,
"ns2.
%
s."
%
env
[
"P
RIMARY
_HOSTNAME"
]))
# The MX record says where email for the domain should be delivered: Here!
# The MX record says where email for the domain should be delivered: Here!
records
.
append
((
None
,
"MX"
,
"10
%
s."
%
env
[
"P
UBLIC
_HOSTNAME"
]))
records
.
append
((
None
,
"MX"
,
"10
%
s."
%
env
[
"P
RIMARY
_HOSTNAME"
]))
# SPF record: Permit the box ('mx', see above) to send mail on behalf of
# SPF record: Permit the box ('mx', see above) to send mail on behalf of
# the domain, and no one else.
# the domain, and no one else.
...
@@ -151,8 +151,8 @@ def build_zone(domain, subdomains, additional_records, env, with_ns=True):
...
@@ -151,8 +151,8 @@ def build_zone(domain, subdomains, additional_records, env, with_ns=True):
child_qname
+=
"."
+
subdomain_qname
child_qname
+=
"."
+
subdomain_qname
records
.
append
((
child_qname
,
child_rtype
,
child_value
))
records
.
append
((
child_qname
,
child_rtype
,
child_value
))
# In P
UBLIC
_HOSTNAME...
# In P
RIMARY
_HOSTNAME...
if
domain
==
env
[
"P
UBLIC
_HOSTNAME"
]:
if
domain
==
env
[
"P
RIMARY
_HOSTNAME"
]:
# Define ns1 and ns2.
# Define ns1 and ns2.
records
.
append
((
"ns1"
,
"A"
,
env
[
"PUBLIC_IP"
]))
records
.
append
((
"ns1"
,
"A"
,
env
[
"PUBLIC_IP"
]))
records
.
append
((
"ns2"
,
"A"
,
env
[
"PUBLIC_IP"
]))
records
.
append
((
"ns2"
,
"A"
,
env
[
"PUBLIC_IP"
]))
...
@@ -252,7 +252,7 @@ $TTL 86400 ; default time to live
...
@@ -252,7 +252,7 @@ $TTL 86400 ; default time to live
"""
"""
# Replace replacement strings.
# Replace replacement strings.
zone
=
zone
.
format
(
domain
=
domain
,
primary_domain
=
env
[
"P
UBLIC
_HOSTNAME"
])
zone
=
zone
.
format
(
domain
=
domain
,
primary_domain
=
env
[
"P
RIMARY
_HOSTNAME"
])
# Add records.
# Add records.
for
subdomain
,
querytype
,
value
in
records
:
for
subdomain
,
querytype
,
value
in
records
:
...
...
management/utils.py
View file @
fed59592
...
@@ -17,15 +17,15 @@ def safe_domain_name(name):
...
@@ -17,15 +17,15 @@ def safe_domain_name(name):
return
urllib
.
parse
.
quote
(
name
,
safe
=
''
)
return
urllib
.
parse
.
quote
(
name
,
safe
=
''
)
def
sort_domains
(
domain_names
,
env
):
def
sort_domains
(
domain_names
,
env
):
# Put domain names in a nice sorted order. For web_update, P
UBLIC
_HOSTNAME
# Put domain names in a nice sorted order. For web_update, P
RIMARY
_HOSTNAME
# must appear first so it becomes the nginx default server.
# must appear first so it becomes the nginx default server.
# First group P
UBLIC_HOSTNAME and its subdomains, then parent domains of PUBLIC
_HOSTNAME, then other domains.
# First group P
RIMARY_HOSTNAME and its subdomains, then parent domains of PRIMARY
_HOSTNAME, then other domains.
groups
=
(
[],
[],
[]
)
groups
=
(
[],
[],
[]
)
for
d
in
domain_names
:
for
d
in
domain_names
:
if
d
==
env
[
'P
UBLIC_HOSTNAME'
]
or
d
.
endswith
(
"."
+
env
[
'PUBLIC
_HOSTNAME'
]):
if
d
==
env
[
'P
RIMARY_HOSTNAME'
]
or
d
.
endswith
(
"."
+
env
[
'PRIMARY
_HOSTNAME'
]):
groups
[
0
]
.
append
(
d
)
groups
[
0
]
.
append
(
d
)
elif
env
[
'P
UBLIC
_HOSTNAME'
]
.
endswith
(
"."
+
d
):
elif
env
[
'P
RIMARY
_HOSTNAME'
]
.
endswith
(
"."
+
d
):
groups
[
1
]
.
append
(
d
)
groups
[
1
]
.
append
(
d
)
else
:
else
:
groups
[
2
]
.
append
(
d
)
groups
[
2
]
.
append
(
d
)
...
...
management/web_update.py
View file @
fed59592
...
@@ -14,10 +14,10 @@ def get_web_domains(env):
...
@@ -14,10 +14,10 @@ def get_web_domains(env):
# Add all domain names in use by email users and mail aliases.
# Add all domain names in use by email users and mail aliases.
domains
|=
get_mail_domains
(
env
)
domains
|=
get_mail_domains
(
env
)
# Ensure the P
UBLIC
_HOSTNAME is in the list.
# Ensure the P
RIMARY
_HOSTNAME is in the list.
domains
.
add
(
env
[
'P
UBLIC
_HOSTNAME'
])
domains
.
add
(
env
[
'P
RIMARY
_HOSTNAME'
])
# Sort the list. Put P
UBLIC
_HOSTNAME first so it becomes the
# Sort the list. Put P
RIMARY
_HOSTNAME first so it becomes the
# default server (nginx's default_server).
# default server (nginx's default_server).
domains
=
sort_domains
(
domains
,
env
)
domains
=
sort_domains
(
domains
,
env
)
...
@@ -72,17 +72,17 @@ def get_web_root(domain, env):
...
@@ -72,17 +72,17 @@ def get_web_root(domain, env):
def
get_domain_ssl_files
(
domain
,
env
):
def
get_domain_ssl_files
(
domain
,
env
):
# What SSL private key will we use? Allow the user to override this, but
# What SSL private key will we use? Allow the user to override this, but
# in many cases using the same private key for all domains would be fine.
# in many cases using the same private key for all domains would be fine.
# Don't allow the user to override the key for P
UBLIC
_HOSTNAME because
# Don't allow the user to override the key for P
RIMARY
_HOSTNAME because
# that's what's in the main file.
# that's what's in the main file.
ssl_key
=
os
.
path
.
join
(
env
[
"STORAGE_ROOT"
],
'ssl/ssl_private_key.pem'
)
ssl_key
=
os
.
path
.
join
(
env
[
"STORAGE_ROOT"
],
'ssl/ssl_private_key.pem'
)
alt_key
=
os
.
path
.
join
(
env
[
"STORAGE_ROOT"
],
'ssl/domains/
%
s_private_key.pem'
%
safe_domain_name
(
domain
))
alt_key
=
os
.
path
.
join
(
env
[
"STORAGE_ROOT"
],
'ssl/domains/
%
s_private_key.pem'
%
safe_domain_name
(
domain
))
if
domain
!=
env
[
'P
UBLIC
_HOSTNAME'
]
and
os
.
path
.
exists
(
alt_key
):
if
domain
!=
env
[
'P
RIMARY
_HOSTNAME'
]
and
os
.
path
.
exists
(
alt_key
):
ssl_key
=
alt_key
ssl_key
=
alt_key
# What SSL certificate will we use? This has to be differnet for each
# What SSL certificate will we use? This has to be differnet for each
# domain name. For P
UBLIC
_HOSTNAME, use the one we generated at set-up
# domain name. For P
RIMARY
_HOSTNAME, use the one we generated at set-up
# time.
# time.
if
domain
==
env
[
'P
UBLIC
_HOSTNAME'
]:
if
domain
==
env
[
'P
RIMARY
_HOSTNAME'
]:
ssl_certificate
=
os
.
path
.
join
(
env
[
"STORAGE_ROOT"
],
'ssl/ssl_certificate.pem'
)
ssl_certificate
=
os
.
path
.
join
(
env
[
"STORAGE_ROOT"
],
'ssl/ssl_certificate.pem'
)
else
:
else
:
ssl_certificate
=
os
.
path
.
join
(
env
[
"STORAGE_ROOT"
],
'ssl/domains/
%
s_certifiate.pem'
%
safe_domain_name
(
domain
))
ssl_certificate
=
os
.
path
.
join
(
env
[
"STORAGE_ROOT"
],
'ssl/domains/
%
s_certifiate.pem'
%
safe_domain_name
(
domain
))
...
@@ -93,10 +93,10 @@ def get_domain_ssl_files(domain, env):
...
@@ -93,10 +93,10 @@ def get_domain_ssl_files(domain, env):
return
ssl_key
,
ssl_certificate
,
csr_path
return
ssl_key
,
ssl_certificate
,
csr_path
def
ensure_ssl_certificate_exists
(
domain
,
ssl_key
,
ssl_certificate
,
csr_path
,
env
):
def
ensure_ssl_certificate_exists
(
domain
,
ssl_key
,
ssl_certificate
,
csr_path
,
env
):
# For domains besides P
UBLIC
_HOSTNAME, generate a self-signed certificate if one doesn't
# For domains besides P
RIMARY
_HOSTNAME, generate a self-signed certificate if one doesn't
# already exist. See setup/mail.sh for documentation.
# already exist. See setup/mail.sh for documentation.
if
domain
==
env
[
'P
UBLIC
_HOSTNAME'
]:
if
domain
==
env
[
'P
RIMARY
_HOSTNAME'
]:
return
return
if
os
.
path
.
exists
(
ssl_certificate
):
if
os
.
path
.
exists
(
ssl_certificate
):
...
...
management/whats_next.py
View file @
fed59592
...
@@ -53,7 +53,7 @@ def run_domain_checks(env):
...
@@ -53,7 +53,7 @@ def run_domain_checks(env):
print
(
domain
)
print
(
domain
)
print
(
"="
*
len
(
domain
))
print
(
"="
*
len
(
domain
))
if
domain
==
env
[
"P
UBLIC
_HOSTNAME"
]:
if
domain
==
env
[
"P
RIMARY
_HOSTNAME"
]:
check_primary_hostname_dns
(
domain
,
env
)
check_primary_hostname_dns
(
domain
,
env
)
if
domain
in
dns_domains
:
if
domain
in
dns_domains
:
...
@@ -62,8 +62,8 @@ def run_domain_checks(env):
...
@@ -62,8 +62,8 @@ def run_domain_checks(env):
if
domain
in
mail_domains
:
if
domain
in
mail_domains
:
check_mail_domain
(
domain
,
env
)
check_mail_domain
(
domain
,
env
)
if
domain
==
env
[
"P
UBLIC
_HOSTNAME"
]
or
domain
in
web_domains
:
if
domain
==
env
[
"P
RIMARY
_HOSTNAME"
]
or
domain
in
web_domains
:
# We need a SSL certificate for P
UBLIC
_HOSTNAME because that's where the
# We need a SSL certificate for P
RIMARY
_HOSTNAME because that's where the
# user will log in with IMAP or webmail. Any other domain we serve a
# user will log in with IMAP or webmail. Any other domain we serve a
# website for also needs a signed certificate.
# website for also needs a signed certificate.
check_ssl_cert
(
domain
,
env
)
check_ssl_cert
(
domain
,
env
)
...
@@ -75,29 +75,29 @@ def check_primary_hostname_dns(domain, env):
...
@@ -75,29 +75,29 @@ def check_primary_hostname_dns(domain, env):
# comes from the TLD since the information is set at the registrar.
# comes from the TLD since the information is set at the registrar.
ip
=
query_dns
(
"ns1."
+
domain
,
"A"
)
+
'/'
+
query_dns
(
"ns2."
+
domain
,
"A"
)
ip
=
query_dns
(
"ns1."
+
domain
,
"A"
)
+
'/'
+
query_dns
(
"ns2."
+
domain
,
"A"
)
if
ip
==
env
[
'PUBLIC_IP'
]
+
'/'
+
env
[
'PUBLIC_IP'
]:
if
ip
==
env
[
'PUBLIC_IP'
]
+
'/'
+
env
[
'PUBLIC_IP'
]:
print_ok
(
"Nameserver IPs are correct at registrar. [ns1/ns2.
%
s =>
%
s]"
%
(
env
[
'P
UBLIC
_HOSTNAME'
],
env
[
'PUBLIC_IP'
]))
print_ok
(
"Nameserver IPs are correct at registrar. [ns1/ns2.
%
s =>
%
s]"
%
(
env
[
'P
RIMARY
_HOSTNAME'
],
env
[
'PUBLIC_IP'
]))
else
:
else
:
print_error
(
"""Nameserver IP addresses are incorrect. The ns1.
%
s and ns2.
%
s nameservers must be configured at your domain name
print_error
(
"""Nameserver IP addresses are incorrect. The ns1.
%
s and ns2.
%
s nameservers must be configured at your domain name
registrar as having the IP address
%
s. They currently report addresses of
%
s. It may take several hours for
registrar as having the IP address
%
s. They currently report addresses of
%
s. It may take several hours for
public DNS to update after a change."""
public DNS to update after a change."""
%
(
env
[
'P
UBLIC_HOSTNAME'
],
env
[
'PUBLIC
_HOSTNAME'
],
env
[
'PUBLIC_IP'
],
ip
))
%
(
env
[
'P
RIMARY_HOSTNAME'
],
env
[
'PRIMARY
_HOSTNAME'
],
env
[
'PUBLIC_IP'
],
ip
))
# Check that P
UBLIC
_HOSTNAME resolves to PUBLIC_IP in public DNS.
# Check that P
RIMARY
_HOSTNAME resolves to PUBLIC_IP in public DNS.
ip
=
query_dns
(
domain
,
"A"
)
ip
=
query_dns
(
domain
,
"A"
)
if
ip
==
env
[
'PUBLIC_IP'
]:
if
ip
==
env
[
'PUBLIC_IP'
]:
print_ok
(
"Domain resolves to box's IP address. [
%
s =>
%
s]"
%
(
env
[
'P
UBLIC
_HOSTNAME'
],
env
[
'PUBLIC_IP'
]))
print_ok
(
"Domain resolves to box's IP address. [
%
s =>
%
s]"
%
(
env
[
'P
RIMARY
_HOSTNAME'
],
env
[
'PUBLIC_IP'
]))
else
:
else
:
print_error
(
"""This domain must resolve to your box's IP address (
%
s) in public DNS but it currently resolves
print_error
(
"""This domain must resolve to your box's IP address (
%
s) in public DNS but it currently resolves
to
%
s. It may take several hours for public DNS to update after a change. This problem may result from other
to
%
s. It may take several hours for public DNS to update after a change. This problem may result from other
issues listed here."""
issues listed here."""
%
(
env
[
'PUBLIC_IP'
],
ip
))
%
(
env
[
'PUBLIC_IP'
],
ip
))
# Check reverse DNS on the P
UBLIC
_HOSTNAME. Note that it might not be
# Check reverse DNS on the P
RIMARY
_HOSTNAME. Note that it might not be
# a DNS zone if it is a subdomain of another domain we have a zone for.
# a DNS zone if it is a subdomain of another domain we have a zone for.
ipaddr_rev
=
dns
.
reversename
.
from_address
(
env
[
'PUBLIC_IP'
])
ipaddr_rev
=
dns
.
reversename
.
from_address
(
env
[
'PUBLIC_IP'
])
existing_rdns
=
query_dns
(
ipaddr_rev
,
"PTR"
)
existing_rdns
=
query_dns
(
ipaddr_rev
,
"PTR"
)
if
existing_rdns
==
domain
:
if
existing_rdns
==
domain
:
print_ok
(
"Reverse DNS is set correctly at ISP. [
%
s =>
%
s]"
%
(
env
[
'PUBLIC_IP'
],
env
[
'P
UBLIC
_HOSTNAME'
]))
print_ok
(
"Reverse DNS is set correctly at ISP. [
%
s =>
%
s]"
%
(
env
[
'PUBLIC_IP'
],
env
[
'P
RIMARY
_HOSTNAME'
]))
else
:
else
:
print_error
(
"""Your box's reverse DNS is currently
%
s, but it should be
%
s. Your ISP or cloud provider will have instructions
print_error
(
"""Your box's reverse DNS is currently
%
s, but it should be
%
s. Your ISP or cloud provider will have instructions
on setting up reverse DNS for your box at
%
s."""
%
(
existing_rdns
,
domain
,
env
[
'PUBLIC_IP'
])
)
on setting up reverse DNS for your box at
%
s."""
%
(
existing_rdns
,
domain
,
env
[
'PUBLIC_IP'
])
)
...
@@ -116,7 +116,7 @@ def check_dns_zone(domain, env, dns_zonefiles):
...
@@ -116,7 +116,7 @@ def check_dns_zone(domain, env, dns_zonefiles):
# We provide a DNS zone for the domain. It should have NS records set up
# We provide a DNS zone for the domain. It should have NS records set up
# at the domain name's registrar pointing to this box.
# at the domain name's registrar pointing to this box.
existing_ns
=
query_dns
(
domain
,
"NS"
)
existing_ns
=
query_dns
(
domain
,
"NS"
)
correct_ns
=
"ns1.BOX; ns2.BOX"
.
replace
(
"BOX"
,
env
[
'P
UBLIC
_HOSTNAME'
])
correct_ns
=
"ns1.BOX; ns2.BOX"
.
replace
(
"BOX"
,
env
[
'P
RIMARY
_HOSTNAME'
])
if
existing_ns
==
correct_ns
:
if
existing_ns
==
correct_ns
:
print_ok
(
"Nameservers are set correctly at registrar. [
%
s]"
%
correct_ns
)
print_ok
(
"Nameservers are set correctly at registrar. [
%
s]"
%
correct_ns
)
else
:
else
:
...
@@ -125,9 +125,9 @@ def check_dns_zone(domain, env, dns_zonefiles):
...
@@ -125,9 +125,9 @@ def check_dns_zone(domain, env, dns_zonefiles):
%
(
existing_ns
,
correct_ns
)
)
%
(
existing_ns
,
correct_ns
)
)
# See if the domain's A record resolves to our PUBLIC_IP. This is already checked
# See if the domain's A record resolves to our PUBLIC_IP. This is already checked
# for P
UBLIC
_HOSTNAME, for which it is required. For other domains it is just nice
# for P
RIMARY
_HOSTNAME, for which it is required. For other domains it is just nice
# to have if we want web.
# to have if we want web.
if
domain
!=
env
[
'P
UBLIC
_HOSTNAME'
]:
if
domain
!=
env
[
'P
RIMARY
_HOSTNAME'
]:
ip
=
query_dns
(
domain
,
"A"
)
ip
=
query_dns
(
domain
,
"A"
)
if
ip
==
env
[
'PUBLIC_IP'
]:
if
ip
==
env
[
'PUBLIC_IP'
]:
print_ok
(
"Domain resolves to this box's IP address. [
%
s =>
%
s]"
%
(
domain
,
env
[
'PUBLIC_IP'
]))
print_ok
(
"Domain resolves to this box's IP address. [
%
s =>
%
s]"
%
(
domain
,
env
[
'PUBLIC_IP'
]))
...
@@ -160,7 +160,7 @@ def check_dns_zone(domain, env, dns_zonefiles):
...
@@ -160,7 +160,7 @@ def check_dns_zone(domain, env, dns_zonefiles):
def
check_mail_domain
(
domain
,
env
):
def
check_mail_domain
(
domain
,
env
):
# Check the MX record.
# Check the MX record.
mx
=
query_dns
(
domain
,
"MX"
)
mx
=
query_dns
(
domain
,
"MX"
)
expected_mx
=
"10 "
+
env
[
'P
UBLIC
_HOSTNAME'
]
expected_mx
=
"10 "
+
env
[
'P
RIMARY
_HOSTNAME'
]
if
mx
==
expected_mx
:
if
mx
==
expected_mx
:
print_ok
(
"Domain's email is directed to this domain. [
%
s =>
%
s]"
%
(
domain
,
mx
))
print_ok
(
"Domain's email is directed to this domain. [
%
s =>
%
s]"
%
(
domain
,
mx
))
else
:
else
:
...
...
setup/mail.sh
View file @
fed59592
...
@@ -30,7 +30,7 @@ mkdir -p $STORAGE_ROOT/mail
...
@@ -30,7 +30,7 @@ mkdir -p $STORAGE_ROOT/mail
# there is no true local mail delivery). Also set the banner (must have the hostname first, then anything).
# there is no true local mail delivery). Also set the banner (must have the hostname first, then anything).
tools/editconf.py /etc/postfix/main.cf
\
tools/editconf.py /etc/postfix/main.cf
\
inet_interfaces
=
all
\
inet_interfaces
=
all
\
myhostname
=
$P
UBLIC
_HOSTNAME
\
myhostname
=
$P
RIMARY
_HOSTNAME
\
smtpd_banner
=
"
\$
myhostname ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://github.com/joshdata/mailinabox)"
\
smtpd_banner
=
"
\$
myhostname ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://github.com/joshdata/mailinabox)"
\
mydestination
=
localhost
mydestination
=
localhost
...
@@ -235,7 +235,7 @@ EOF
...
@@ -235,7 +235,7 @@ EOF
# postmaster_address seems to be required or LMTP won't start
# postmaster_address seems to be required or LMTP won't start
tools/editconf.py /etc/dovecot/conf.d/15-lda.conf
\
tools/editconf.py /etc/dovecot/conf.d/15-lda.conf
\
postmaster_address
=
postmaster@
$P
UBLIC
_HOSTNAME
postmaster_address
=
postmaster@
$P
RIMARY
_HOSTNAME
# Drew Crawford sets the auth-worker process to run as the mail user, but we don't care if it runs as root.
# Drew Crawford sets the auth-worker process to run as the mail user, but we don't care if it runs as root.
...
...
setup/ssl.sh
View file @
fed59592
...
@@ -4,14 +4,14 @@
...
@@ -4,14 +4,14 @@
#
#
# Create a self-signed SSL certificate if one has not yet been created.
# Create a self-signed SSL certificate if one has not yet been created.
#
#
# The certificate is for P
UBLIC
_HOSTNAME specifically and is used for:
# The certificate is for P
RIMARY
_HOSTNAME specifically and is used for:
#
#
# * IMAP
# * IMAP
# * SMTP submission (port 587) and opportunistic TLS (when on the receiving end)
# * SMTP submission (port 587) and opportunistic TLS (when on the receiving end)
# * the DNSSEC DANE TLSA record for SMTP
# * the DNSSEC DANE TLSA record for SMTP
# * HTTPS (for P
UBLIC
_HOSTNAME only)
# * HTTPS (for P
RIMARY
_HOSTNAME only)
#
#
# When other domains besides P
UBLIC
_HOSTNAME are served over HTTPS,
# When other domains besides P
RIMARY
_HOSTNAME are served over HTTPS,
# we generate a domain-specific self-signed certificate in the management
# we generate a domain-specific self-signed certificate in the management
# daemon (web_update.py) as needed.
# daemon (web_update.py) as needed.
...
@@ -29,7 +29,7 @@ fi
...
@@ -29,7 +29,7 @@ fi
if
[
!
-f
$STORAGE_ROOT
/ssl/ssl_cert_sign_req.csr
]
;
then
if
[
!
-f
$STORAGE_ROOT
/ssl/ssl_cert_sign_req.csr
]
;
then
# Generate a certificate signing request if one doesn't already exist.
# Generate a certificate signing request if one doesn't already exist.
openssl req
-new
-key
$STORAGE_ROOT
/ssl/ssl_private_key.pem
-out
$STORAGE_ROOT
/ssl/ssl_cert_sign_req.csr
\
openssl req
-new
-key
$STORAGE_ROOT
/ssl/ssl_private_key.pem
-out
$STORAGE_ROOT
/ssl/ssl_cert_sign_req.csr
\
-subj
"/C=
$CSR_COUNTRY
/ST=/L=/O=/CN=
$P
UBLIC
_HOSTNAME
"
-subj
"/C=
$CSR_COUNTRY
/ST=/L=/O=/CN=
$P
RIMARY
_HOSTNAME
"
fi
fi
if
[
!
-f
$STORAGE_ROOT
/ssl/ssl_certificate.pem
]
;
then
if
[
!
-f
$STORAGE_ROOT
/ssl/ssl_certificate.pem
]
;
then
# Generate a SSL certificate by self-signing if a SSL certificate doesn't yet exist.
# Generate a SSL certificate by self-signing if a SSL certificate doesn't yet exist.
...
...
setup/start.sh
View file @
fed59592
...
@@ -23,10 +23,10 @@ fi
...
@@ -23,10 +23,10 @@ fi
# Gather information from the user about the hostname and public IP
# Gather information from the user about the hostname and public IP
# address of this host.
# address of this host.
if
[
-z
"
$P
UBLIC
_HOSTNAME
"
]
;
then
if
[
-z
"
$P
RIMARY
_HOSTNAME
"
]
;
then
if
[
-z
"
$DEFAULT_P
UBLIC
_HOSTNAME
"
]
;
then
if
[
-z
"
$DEFAULT_P
RIMARY
_HOSTNAME
"
]
;
then
# set a default on first run
# set a default on first run
DEFAULT_P
UBLIC
_HOSTNAME
=
`
get_default_hostname
`
DEFAULT_P
RIMARY
_HOSTNAME
=
`
get_default_hostname
`
fi
fi
echo
echo
...
@@ -36,7 +36,7 @@ if [ -z "$PUBLIC_HOSTNAME" ]; then
...
@@ -36,7 +36,7 @@ if [ -z "$PUBLIC_HOSTNAME" ]; then
echo
"be similar."
echo
"be similar."
echo
echo
read
-e
-i
"
$DEFAULT_P
UBLIC_HOSTNAME
"
-p
"Hostname: "
PUBLIC
_HOSTNAME
read
-e
-i
"
$DEFAULT_P
RIMARY_HOSTNAME
"
-p
"Hostname: "
PRIMARY
_HOSTNAME
fi
fi
if
[
-z
"
$PUBLIC_IP
"
]
;
then
if
[
-z
"
$PUBLIC_IP
"
]
;
then
...
@@ -102,10 +102,10 @@ if [ "$PUBLIC_IPV6" = "auto" ]; then
...
@@ -102,10 +102,10 @@ if [ "$PUBLIC_IPV6" = "auto" ]; then
PUBLIC_IPV6
=
`
get_default_publicipv6
`
PUBLIC_IPV6
=
`
get_default_publicipv6
`
echo
"IPv6 Address:
$PUBLIC_IPV6
"
echo
"IPv6 Address:
$PUBLIC_IPV6
"
fi
fi
if
[
"
$P
UBLIC
_HOSTNAME
"
=
"auto-easy"
]
;
then
if
[
"
$P
RIMARY
_HOSTNAME
"
=
"auto-easy"
]
;
then
# Generate a probably-unique subdomain under our justtesting.email domain.
# Generate a probably-unique subdomain under our justtesting.email domain.
P
UBLIC
_HOSTNAME
=
m
`
get_default_publicip |
sha1sum
|
cut
-c1-5
`
.justtesting.email
P
RIMARY
_HOSTNAME
=
m
`
get_default_publicip |
sha1sum
|
cut
-c1-5
`
.justtesting.email
echo
"Public Hostname:
$P
UBLIC
_HOSTNAME
"
echo
"Public Hostname:
$P
RIMARY
_HOSTNAME
"
fi
fi
...
@@ -123,7 +123,7 @@ fi
...
@@ -123,7 +123,7 @@ fi
cat
>
/etc/mailinabox.conf
<<
EOF
;
cat
>
/etc/mailinabox.conf
<<
EOF
;
STORAGE_USER=
$STORAGE_USER
STORAGE_USER=
$STORAGE_USER
STORAGE_ROOT=
$STORAGE_ROOT
STORAGE_ROOT=
$STORAGE_ROOT
P
UBLIC_HOSTNAME=
$PUBLIC
_HOSTNAME
P
RIMARY_HOSTNAME=
$PRIMARY
_HOSTNAME
PUBLIC_IP=
$PUBLIC_IP
PUBLIC_IP=
$PUBLIC_IP
PUBLIC_IPV6=
$PUBLIC_IPV6
PUBLIC_IPV6=
$PUBLIC_IPV6
CSR_COUNTRY=
$CSR_COUNTRY
CSR_COUNTRY=
$CSR_COUNTRY
...
@@ -154,10 +154,10 @@ if [ -z "`tools/mail.py user`" ]; then
...
@@ -154,10 +154,10 @@ if [ -z "`tools/mail.py user`" ]; then
if
[
-t
0
]
;
then
if
[
-t
0
]
;
then
echo
echo
echo
"Let's create your first mail user."
echo
"Let's create your first mail user."
read
-e
-i
"user@
$P
UBLIC
_HOSTNAME
"
-p
"Email Address: "
EMAIL_ADDR
read
-e
-i
"user@
$P
RIMARY
_HOSTNAME
"
-p
"Email Address: "
EMAIL_ADDR
else
else
# Use me@P
UBLIC
_HOSTNAME
# Use me@P
RIMARY
_HOSTNAME
EMAIL_ADDR
=
me@
$P
UBLIC
_HOSTNAME
EMAIL_ADDR
=
me@
$P
RIMARY
_HOSTNAME
EMAIL_PW
=
1234
EMAIL_PW
=
1234
echo
echo
echo
"Creating a new mail account for
$EMAIL_ADDR
with password
$EMAIL_PW
."
echo
"Creating a new mail account for
$EMAIL_ADDR
with password
$EMAIL_PW
."
...
@@ -165,7 +165,7 @@ if [ -z "`tools/mail.py user`" ]; then
...
@@ -165,7 +165,7 @@ if [ -z "`tools/mail.py user`" ]; then
fi
fi
tools/mail.py user add
$EMAIL_ADDR
$EMAIL_PW
# will ask for password if none given
tools/mail.py user add
$EMAIL_ADDR
$EMAIL_PW
# will ask for password if none given
tools/mail.py
alias
add hostmaster@
$P
UBLIC
_HOSTNAME
$EMAIL_ADDR
tools/mail.py
alias
add hostmaster@
$P
RIMARY
_HOSTNAME
$EMAIL_ADDR
tools/mail.py
alias
add postmaster@
$P
UBLIC
_HOSTNAME
$EMAIL_ADDR
tools/mail.py
alias
add postmaster@
$P
RIMARY
_HOSTNAME
$EMAIL_ADDR
fi
fi
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment