- 18 Oct, 2015 2 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
let dovecot automatically create mailbox folders rather than doing it manually in the management daemon, fixes #554
-
- 12 Oct, 2015 2 commits
-
-
Joshua Tauberer authored
Added 'Sent' folder when creating user.
-
Peter Timofejew authored
-
- 10 Oct, 2015 1 commit
-
-
Joshua Tauberer authored
-
- 08 Oct, 2015 1 commit
-
-
Joshua Tauberer authored
an earlier problem about --upgrade (de34d0d3) seemed to be just a local problem on my box, so going back to unpinned >= requirement specs https://discourse.mailinabox.email/t/upgrade-to-v0-13b-broke-admin/876
-
- 27 Sep, 2015 1 commit
-
-
Joshua Tauberer authored
-
- 18 Sep, 2015 3 commits
-
-
Joshua Tauberer authored
use subresource integrity attributes to guard against CDNs being used as an attack vector; drop external resources that we can't protect this way (fonts); fixes #234
-
Joshua Tauberer authored
choose the best SSL cert from among the installed certificates; use the server certificate instead of self-signed certificates For HTTPS for the non-primary domains, instead of selecting an SSL certificate by expecting it to be in a directory named after the domain name (with special-case lookups for www domains, and reusing the server certificate where possible), now scan all of the certificates that have been installed and just pick the best to use for each domain. If no certificate is available, don't create a self-signed certificate anymore. This wasn't ever really necessary. Instead just use the server certificate.
-
Joshua Tauberer authored
-
- 08 Sep, 2015 1 commit
-
-
Joshua Tauberer authored
let the HSTS header be controlled by the management daemon so some domains can choose to enable preload
-
- 07 Sep, 2015 3 commits
-
-
Joshua Tauberer authored
Revert two FAIL2BAN SSH jail changes
-
anoma authored
I propose that the default 600s/10minute find time is a better test duration for this ban. The altered 120s findtime sounds reasonable until you consider that attackers can simply throttle to 3 attempts per minute and never be banned. The remaining non default jail settings of maxretry = 7 and bantime = 3600 I believe are good.
-
anoma authored
-
- 06 Sep, 2015 2 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
see #531
-
- 05 Sep, 2015 10 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
warn in status checks if a custom DNS record has been set on a domain that would normally serve web and as a result that domain no longer is serving web
-
Joshua Tauberer authored
if a custom DNS record exists for a web-serving domain and the record is just the box's IP address, don't skip this domain for serving web
-
Joshua Tauberer authored
Typo
-
Sheldon Rupp authored
Change KB to MB due to typo.
-
Joshua Tauberer authored
Added more bantime and lowered max retry attempts
-
Joshua Tauberer authored
pin pip versions of email_validator and cryptography so pip doesn't keep reinstalling them each upgrade even if nothing changed (and the ceffi depedency installation can be very slow and is prone to break under low memory)
-
Joshua Tauberer authored
-
Joshua Tauberer authored
Fix DKIM validation and spamassassin DNS/Pyzor checks
-
Felix authored
-
- 04 Sep, 2015 8 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
admin: rename my ajax javascript function to ajax_with_indicator; see https://github.com/JoshData/html5-stub/commit/79c57c23031a1430536e1daa8f0a9f3abd07a633
-
Joshua Tauberer authored
admin: fix jumpyness when a modal is shown (move overflow-y to body; make the navbar not fixed to top)
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Felix authored
-
Felix authored
-
Felix authored
-
- 30 Aug, 2015 3 commits
-
-
Joshua Tauberer authored
ownCloud 8.1.1 trusted_domains autoconfiguration fix.
-
Joshua Tauberer authored
ownCloud 8.1.1's autoconfig resets trusted_domains / update trusted_domains if PRIMARY_HOSTNAME changes Seems like ownCloud 8.1.1 now doesn't play nice with trusted_domains. Whatever is put in ahead of time gets reset to an array containing 'localhost' only, probably because we invoke autoconfiguration from the command line where it doesn't know the hostname it's being accessed from. We now set this value after running autoconfig. This has the added benefit of also fixing the problem that if PRIMARY_HOSTNAME changes, trusted_domains wasn't updated. Now it is. Fixes #503. See #514.
-
Joshua Tauberer authored
utils.py can't import non-standard modules because it is imported by migrate.py, which is run before anything is installed closes #540
-
- 28 Aug, 2015 3 commits
-
-
Joshua Tauberer authored
Update nginx-primaryonly.conf
-
Stefan Dimitrov authored
Nginx should be connecting over the local interface, not to the IP the resolver gives it. Elsewhere in this file proxy_pass uses 127.0.0.1 as it should.
-
Joshua Tauberer authored
Added a note about TXT record length limitations and how to construct the records to bypass the limitation
-