andryyy
c77368ee70
[ACME] Set mode 600 for key files
2019-03-12 23:24:03 +01:00
andryyy
99a816430b
[ACME] Wait for Nginx
2019-02-10 17:36:25 +01:00
andryyy
36ad9dbf78
[ACME] verify_html should accept 3** and 2**
2019-02-08 00:04:05 +01:00
andryyy
9f2a6f13a5
Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized
2019-02-04 23:45:54 +01:00
Markus Gnadl
0e33fd49bb
wildcards (subdomain.*) in ADDITIONAL_SAN are expanded to all mailcow domains
2018-10-30 09:07:01 +01:00
andryyy
37964d9dd1
[ACME] Try to reload services after certificate changes instead of restarting
...
[DockerAPI] Add service reload commands
2018-10-24 20:14:59 +02:00
André
e941c6e8b2
[ACME] Fix missing for loop start
...
[Compose] New ACME image
2018-10-19 10:03:05 +02:00
André
7386dc1e5c
[ACME] Stop requesting certificates for autoconfig.*
2018-10-16 23:01:01 +02:00
André
d2d0369f32
[PHP-FPM] Base on Alpine 3.8
...
[Watchdog] Base on Alpine 3.8
[ACME] Base on Alpine 3.8
[Watchdog] Minor changes
2018-10-14 14:29:03 +02:00
André
a9eddae686
[ACME] Do not add alias domains to auto* domains
2018-10-14 00:19:14 +02:00
André
ce135bb773
[ACME] Log acme-client output base64 encoded, use mysqladmin status instead of ping to determine readiness
2018-10-11 11:51:13 +02:00
André
0fb43f4916
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
...
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
André
6bd818ceec
[ACME] Remove third-party IP tools
2018-08-06 15:15:24 +02:00
André
ff0b9246b5
[ClamAV] Add whitelist file for ClamAV, fixes #1607
...
[ACME] Test for CAA before running script, fixes #1632
2018-08-05 22:35:20 +02:00
André
f8f87d4744
[ACME] Do not trim after each push to Redis
2018-08-02 12:15:41 +02:00
André
73a566b25a
[ACME] Fix for multiple additional SAN
2018-06-29 09:35:48 +02:00
André
d6a74e82e3
[ACME] Fix for CNAME response on AAAA dig request
2018-06-28 20:41:44 +02:00
André
a1a6574964
[PHP-FPM] Add tzdata, update APCu and Redis extensions, update PHP to new minor
2018-06-27 22:51:17 +02:00
André
729bba5b57
[ACME, Compose] Add new image; fix AAAA check for ADDITIONAL_SAN
2018-06-27 12:09:51 +02:00
André
8adf3d27db
[ACME, Compose] Add new image; fix AAAA check for MAILCOW_HOSTNAME
2018-06-26 23:35:17 +02:00
André
f88a72eedd
[ACME] Validate AAAA, if any, before A - fail on AAAA mismatch (LE prioritization)
2018-06-26 23:10:24 +02:00
André Peters
b6137cca2a
[ACME] Do not delete private key
...
...when reg key is invalid.
2018-02-28 11:13:17 +01:00
andre.peters
38aaeeb30b
[Dovecot] Dovecot 2.3 from git for temp fixes
...
[ACME] Use -a switch (thanks to jas8522!)
2018-01-14 10:34:06 +01:00
andre.peters
1e9cae9084
[Compose] New images with LOG_LINES
...
[Update] Do not add empty line in each loop
2018-01-08 22:00:54 +01:00
andre.peters
db032af698
[ACME] Fix script
2017-12-31 17:17:46 +01:00
andre.peters
2519738094
Various changes...
2017-12-09 13:15:24 +01:00
André
5211ab10ed
[ACME] Fix license issue
2017-11-16 14:57:17 +01:00
André
84a7a1a2e7
[Compose] New images, Nginx checks for SOGo before bootstrapping
...
[PHP-FPM] Some more modules (primarily for Horde)
[Fail2ban] Do not log matches of local and private ips
[Watchdog] Some changes in log system for further processing (wip)
[ACME] Fixes #745
2017-11-14 10:44:22 +01:00
André
a110e2ea0f
[ACME] Fix detection of orphaned SANs and add tini
2017-10-21 10:08:20 +02:00
andryyy
ef9953898c
[ACME, Watchdog, DockerAPI] Use only limited Docker API
2017-10-06 13:32:49 +02:00
Michael Kuron
752a571607
Merge pull request #638 from mkuron/acme
...
ACME needs to wait for MySQL to be ready
2017-09-28 12:58:07 +02:00
Michael Kuron
ae79445ec0
ACME needs to wait for MySQL to be ready
2017-09-27 19:48:25 +02:00
andryyy
62524150d2
[ACME] Add timestamps, check if acme account key is valid
...
[Postfix] Ignore local0
[Watchdog] Add Rspamd checks
2017-09-21 19:30:09 +02:00
andryyy
ab850dc901
[ACME] Detect and fix invalid registration
2017-09-21 09:46:09 +02:00
andryyy
b6e84fac3a
Sleep instead of stopping containers to prevent restarts
2017-09-20 12:50:50 +02:00
andryyy
2b97305f6d
[ACME] Sleep, don't exit
2017-09-16 13:17:48 +02:00
andryyy
1ffed58956
[ACME] New version, better IPv4 detection
2017-09-11 21:51:17 +02:00
andryyy
ed4e8d301c
Fix tabs
2017-09-08 18:41:02 +02:00
Tobias
fcd0efc265
Change primary name of SSL certificate
...
Hostname as primary name for the SSL certificate, all other names will
be added as SAN
2017-09-03 19:41:47 +02:00
andryyy
7a2c0f2ee7
[Acme] Skip backup mx domains
2017-08-18 09:57:25 +02:00
andryyy
ed33cb5f57
[Rspamd] ARC: Disallow login/domain mismatch
2017-07-21 11:03:35 +02:00
andryyy
e6727b1fd6
[ACME] Iterate alias domains, use hostname in subject field
2017-07-13 12:51:52 +02:00
andryyy
de14d30e6b
[ACME] Fix exit command (was using echo), fix for duplicate SAN (filter)
2017-07-04 21:32:58 +02:00
andryyy
ace247b3b9
[ACME] Unset name arrays before reusing them
2017-07-03 10:20:09 +02:00
andryyy
2cf9f71613
[ACME] Revert fix for empty additional_san, fix skip_ip_check in ACME
2017-07-02 20:18:22 +02:00
andryyy
cf902854d7
Merge, conflict fixed
2017-07-02 11:22:35 +02:00
andryyy
5ab11c0c1e
[ACME] Show err instead of empty var when IP lookup failed
2017-06-30 20:29:55 +02:00
andryyy
d2048ccf20
[ACME] Be more verbose about IP address
2017-06-29 21:22:01 +02:00
andryyy
9040d456ed
[acme-mailcow] Auto-detect container ids for restart; Restart containers after restore
2017-06-29 10:25:32 +02:00
andryyy
3d652dd3d0
Added more checks for acme-mailcow
2017-06-29 00:56:51 +02:00
andryyy
6d8438c01c
- More checks for acme-mailcow (verify hashes)
...
- Autodiscover configuration file: Merge array from vars.local.inc.php
- Push acme-mailcow to 1.6
2017-06-28 23:22:51 +02:00
andryyy
b0584c3622
Use , as IFS for additional san
2017-06-28 10:50:51 +02:00
andryyy
f7bce8b81a
Copy dhparams if not found
2017-06-27 20:15:53 +02:00
andryyy
2104034156
cp -n is unknown
2017-06-23 14:22:54 +02:00
andryyy
59623a639e
Keep key when issuing new certificate to not break TLSA records with options 3 1 1
2017-06-23 08:40:05 +02:00
andryyy
18e52ab27d
More debug output, keep key for TLSA 3 1 1, other minor changes
2017-06-23 08:33:07 +02:00
andryyy
85a9239ae9
Move account key
2017-06-22 21:44:10 +02:00
andryyy
0c07ff59c3
Fix skip le test...
2017-06-22 21:31:14 +02:00
Michael Kuron
1f9b5cb16e
ACME: support CNAME in domain checks
2017-06-22 20:36:03 +02:00
andryyy
856b05147c
Skip LE with configuration parameter
2017-06-22 09:06:24 +02:00
andryyy
c82c9524b0
Delete certificate if SANs were removed
2017-06-20 20:06:54 +02:00
andryyy
10d83017e1
Declare correct arrays
2017-06-19 08:59:47 +02:00
andryyy
5aba885b58
Skip ACME client for other certificates than LE
2017-06-17 10:08:12 +02:00
andryyy
19325ffb2a
Validate additional SAN
2017-06-14 07:24:32 +02:00
andryyy
0fd0cff8ac
Auto-sign autodiscover and autoconfig for all domains found in mailcow - only if A records exists and matches
2017-06-13 23:37:48 +02:00
andryyy
ef62f6b383
Acme tool checks for valid autodiscover and autoconfig A records and skips non-existing names
...
Todo: Add AAAA check, add check for additional_san
2017-06-12 10:45:12 +02:00