- 14 Jan, 2016 3 commits
-
-
Joshua Tauberer authored
Removes border and rounded corners from navbar
-
Jeroen Jacobs authored
-
Joshua Tauberer authored
-
- 09 Jan, 2016 7 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
roundcube file ownership should not preserve uid/gid from the release tarball, tar (when run as root) should always extract using --no-same-owner, fixes #667
-
Joshua Tauberer authored
-
Joshua Tauberer authored
v0.15a Sending mail through Exchange/ActiveSync (Z-Push) had been broken since v0.14. This is now fixed.
-
Joshua Tauberer authored
Sending mail through Exchange/ActiveSync (Z-Push) had been broken since v0.14. This is now fixed.
-
Bernard `Guyzmo` Pratz authored
* added IMAP_SMTP_METHOD to z_push/backend_imap * reverting that line accidentally deleted in commit 5055ef * cf pull request GH-580 that commit is part of Signed-off-by: Bernard `Guyzmo` Pratz <guyzmo+github@m0g.net>
-
Joshua Tauberer authored
Fixing issue making it impossible to send mail from Z-Push
-
- 08 Jan, 2016 1 commit
-
-
Bernard `Guyzmo` Pratz authored
* added IMAP_SMTP_METHOD to z_push/backend_imap * reverting that line accidentally deleted in commit 5055ef * cf pull request GH-580 that commit is part of Signed-off-by: Bernard `Guyzmo` Pratz <guyzmo+github@m0g.net>
-
- 05 Jan, 2016 2 commits
-
-
Joshua Tauberer authored
Gandi tells me that .be TLD only supports algorithms 8 and 10 for DNSSEC
-
baltoche authored
-
- 04 Jan, 2016 12 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
status checks: if a domain's DNS isnt working dont check the TLS certificate because we cant automatically provision one now anyway
-
Joshua Tauberer authored
when provisioning tls certs from the command line, specify domain names as command line arguments to force getting certs for those domains
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
fixes #646
-
Joshua Tauberer authored
-
Joshua Tauberer authored
Refactor by moving the email-the-admin code out of the status checks and into a new separate tool. This is why I suppressed non-error output of the backups last commit - so it doesn't send a daily email.
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
- 03 Jan, 2016 2 commits
-
-
Joshua Tauberer authored
Fix miscellaneous typos in comments
-
Chloride Cull authored
sed s/supress/suppress/g sed s/depencies/dependencies/g
-
- 01 Jan, 2016 5 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
----------------------- Mail: * Updated Roundcube to version 1.1.3. * Auto-create aliases for abuse@, as required by RFC2142. * The DANE TLSA record is changed to use the certificate subject public key rather than the whole certificate, which means the record remains valid after certificate changes (so long as the private key remains the same, which it does for us). Control panel: * When IPv6 is enabled, check that system services are accessible over IPv6 too, that the box's hostname resolves over IPv6, and that reverse DNS is setup correctly for IPv6. * Explanatory text for setting up secondary nameserver is added/fixed. * DNS checks now have a timeout in case a DNS server is not responding, so the checks don't stall indefinitely. * Better messages if external DNS is used and, weirdly, custom secondary nameservers are set. * Add POP to the mail client settings documentation. * The box's IP address is added to the fail2ban whitelist so that the status checks don't trigger the machine banning itself, which results in the status checks showing services down even though they are running. * For SSL certificates, rather than asking you what country you are in during setup, ask at the time a CSR is generated. The default system self-signed certificate now omits a country in the subject (it was never needed). The CSR_COUNTRY Mail-in-a-Box setting is dropped entirely. System: * Nightly backups and system status checks are now moved to 3am in the system's timezone. * fail2ban's recidive jail is now active, which guards against persistent brute force login attacks over long periods of time. * Setup (first run only) now asks for your timezone to set the system time. * The Exchange/ActiveSync server is now taken offline during nightly backups (along with SMTP and IMAP). * The machine's random number generator (/dev/urandom) is now seeded with Ubuntu Pollinate and a blocking read on /dev/random. * DNSSEC key generation during install now uses /dev/urandom (instead of /dev/random), which is faster. * The $STORAGE_ROOT/ssl directory is flattened by a migration script and the system SSL certificate path is now a symlink to the actual certificate. * If ownCloud sends out email, it will use the box's administrative address now (admin@yourboxname). * Z-Push (Exchange/ActiveSync) logs now exclude warnings and are now rotated to save disk space. * Fix pip command that might have not installed all necessary Python packages. * The control panel and backup would not work on Google Compute Engine because GCE installs a conflicting boto package. * Added a new command `management/backup.py --restore` to restore files from a backup to a target directory (command line arguments are passed to `duplicity restore`).
-
- 31 Dec, 2015 2 commits
-
-
Ralph J.Mayer authored
Allow remote client for Sieve
-
Ralph J.Mayer authored
-
- 26 Dec, 2015 6 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
change DANE TLSA record to hash the subject public key rather than the whole certificate, which means it is good for any certificate tied to the same private key Better for short-lived certificates. This is especially in preparation to using certificates from Let's Encrypt. see #268
-
Joshua Tauberer authored
previously these were run in a cron.daily script which per crontab is run at 6:25 am local time
-