diff --git a/DEV_BRAIN_DUMP.txt b/DEV_BRAIN_DUMP.txt new file mode 100644 index 0000000..4678eb2 --- /dev/null +++ b/DEV_BRAIN_DUMP.txt @@ -0,0 +1,96 @@ +This is the document to read if you are going to further the development of Mailiverse. +This is *NOT* the document to read if you just want to install it somewhere. + +For the time being I'm going to just write down anything that pops into my head. + + + +* Why is the BouncyCastle package name changed to org.bc? + +I don't trust google. Google puts the BouncyCastle package in the system loader of android phones. +This makes it impossible to override. Google may very well have modified the BouncyCastle +package to do the bidding of the NSA. + +Hence, I use BouncyCastle from the original source. However I used Eclipse to modify the package name from org.bouncycastle to org.bc. + + + + +* What is the fucking deal with the Callbacks, it makes Mailiverse's java code super sucky. + +Unfortunately this is because Javascript is super sucky. Javascript, at the time of Mailiverse's coding does not have threads. The Java is cross compiled to Javascript for the web code. + +So. + +I came up with strings of callbacks. +Let's say you are going to do a set of operations A -> B -> C -> D -> E -> F -> G. +C and F happen to be computationally expensive. + +Basically, a chain of callbacks is created, and the C callback is offloaded to a worker frame. +C's result is sent back to the original browser frame and the callbacks continue. Eventually F is offloaded, etc etc. + +You may say, well, why didn't you off load *everything* to the worker frame? +Well, because it makes it a pain in the ass to reference objects. You get all of these copies of everything, things still suck. Maybe I should have, I don't know. + + + +So, things still suck. Don't blame me. Blame Sun, Firefox and Google. + +The web could have been a beautiful place in which true games/environments run at native c++ compiled speed within a browser. I could write in the language of my choice -- and not compile to fucking javascript. Instead we have stupid people selling stupid shit to other stupid people. + + + + +* Ok, so tell me what these projects are, why did you do all this soft linking (ln -s) ? + +So, I'm writing for Java & Web & Android. Each one has different screw ups and each one has low level intricacies. + +So for instance logging is different on Web and Java. +PBE operations are different from Android to Java to Web. +Accessing web resources is different on Web and Java and Android. + +Instead of creating umpteen billion factories, I create a core set of files, Mailiverse.Core, and soft link what I need for each platform. + +Mailiverse-GWT references almost all of the Mailiverse.Core. It leaves out things for the server and it redoes some of the encryption routines and logging, etc. + +Mailiverse.Mail-WebServer is the apache tomcat server. It references only the things needed to run the server from Mailiverse.Core. + +Mailiverse.Web houses the static web files. + + + + + +* Why did you use Dropbox and S3 to store received mail? Why not from the mail server? + +Well, *you* can add the key store if you'd like. It's not that hard to do. +For my particular situation, I wanted to keep the mail server running in my physical proximity. +I wanted the ability to walk over and root the box through shear presence. + +But, bandwidth out of my apartment is incredibly low. Wat do? + +I worked out a solution where bandwidth to the box is spent authenticating (very very small amount) and handling incoming/outgoing mail (where things can be queued and slower than light speed). + +Then files which you need to go light speed are stored on providers (S3/Dropbox) which can handle light speed. + + + + +* What sort of costs in S3 am I going to have. + +Probably about $0.02 a month per user. + + + + + +* What happens if mysql crashes and I lose all the backups of logins? + +You are screwed. Totally screwed. Make backups to a safe place of the mysql server. + + + + + + + diff --git a/HOW_TO_INSTALL.txt b/HOW_TO_INSTALL.txt new file mode 100644 index 0000000..db4941d --- /dev/null +++ b/HOW_TO_INSTALL.txt @@ -0,0 +1 @@ +coming soon to a theater near you.. diff --git a/deploy/config.hosts b/deploy/config.hosts index dd72722..be59576 100644 --- a/deploy/config.hosts +++ b/deploy/config.hosts @@ -1,2 +1,2 @@ -M_HOST_PROD=`cat config/hosts/prod` -M_HOST_DEV=`cat config/hosts/dev` +M_HOST_PROD=`cat config/hosts/web_prod` +M_HOST_DEV=`cat config/hosts/web_dev` diff --git a/deploy/config/hosts/make-dev b/deploy/config/hosts/make-dev index 76d2c14..9de2d7b 100755 --- a/deploy/config/hosts/make-dev +++ b/deploy/config/hosts/make-dev @@ -3,8 +3,8 @@ if [ -z "$1" ]; then echo "Must supply server name as argument"; exit 0; fi dev=$1 echo $dev > primary_dev -echo $dev:8080 > tomcat_dev -echo $dev:8000 > web_dev +echo mail.$dev > tomcat_dev +echo mail.$dev > web_dev echo $dev > auth_dev echo $dev > dev diff --git a/deploy/config/hosts/make-prod b/deploy/config/hosts/make-prod index 2154b68..f51e739 100755 --- a/deploy/config/hosts/make-prod +++ b/deploy/config/hosts/make-prod @@ -4,7 +4,7 @@ prod=$1 echo $prod > prod echo $prod > primary_prod -echo $prod > web_prod +echo mail.$prod > web_prod echo mail.$prod > tomcat_prod echo mail.$prod > auth_prod echo mail.$prod > local_mail_prod diff --git a/deploy/james/apache-james-conf/keystore b/deploy/james/apache-james-conf/keystore index 84deb41..0aefcb2 120000 --- a/deploy/james/apache-james-conf/keystore +++ b/deploy/james/apache-james-conf/keystore @@ -1 +1 @@ -../../../keys/james/final/mail_mailiverse_com.jks \ No newline at end of file +../../../keys/james/final/mail_servers.jks \ No newline at end of file diff --git a/deploy/web/resources/final.crt b/deploy/web/resources/nginx-ssl.crt similarity index 100% rename from deploy/web/resources/final.crt rename to deploy/web/resources/nginx-ssl.crt diff --git a/deploy/web/resources/final.key b/deploy/web/resources/nginx-ssl.key similarity index 100% rename from deploy/web/resources/final.key rename to deploy/web/resources/nginx-ssl.key diff --git a/deploy/web/resources/nginx.conf b/deploy/web/resources/nginx.conf index 6314037..e810ce6 100644 --- a/deploy/web/resources/nginx.conf +++ b/deploy/web/resources/nginx.conf @@ -1,46 +1,10 @@ - -#user nobody; -worker_processes 1; - -error_log ~/run.log; -#error_log logs/error.log notice; -#error_log logs/error.log info; - -#pid logs/nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include mime.types; - default_type application/octet-stream; - - #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - # '$status $body_bytes_sent "$http_referer" ' - # '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log ~/run.log main; - - sendfile on; - #tcp_nopush on; - - #keepalive_timeout 0; - keepalive_timeout 65; - - gzip on; - - # HTTPS server - # server { listen 443; # server_name mail.mailiverse.com; ssl on; - ssl_certificate ~/resources/nginx-ssl.crt; - ssl_certificate_key ~/resources/nginx-ssl.key; + ssl_certificate nginx-ssl.crt; + ssl_certificate_key nginx-ssl.key; ssl_session_timeout 5m; @@ -50,7 +14,7 @@ http { location / { autoindex off; - root ~/www/; + root /var/local/www/; } } -} + diff --git a/deploy/web/run b/deploy/web/run index 9bdacce..39c6fd1 100755 --- a/deploy/web/run +++ b/deploy/web/run @@ -4,5 +4,5 @@ echo "----------------------------------------------" >> ../run.log date >> ../run.log echo "----------------------------------------------" >> ../run.log -/usr/bin/nginx -t -c ~/resources/nginx.conf +sudo /etc/init.d/nginx start diff --git a/deploy/web/setup b/deploy/web/setup index e66315d..c8bb487 100755 --- a/deploy/web/setup +++ b/deploy/web/setup @@ -1,3 +1,6 @@ cd ~ +ln -fs deploy/www ln -fs deploy/resources +ln -fs /var/log/nginx/error.log run.log +rsync -avz --delete www/ /var/local/www/ diff --git a/deploy/web/shutdown b/deploy/web/shutdown index df0f3e4..d62a6c4 100755 --- a/deploy/web/shutdown +++ b/deploy/web/shutdown @@ -1 +1 @@ -/usr/bin/nginx -c ~/resources/nginx.conf -s stop +sudo /etc/init.d/nginx stop diff --git a/install/enable-rsync b/install/enable-rsync new file mode 100755 index 0000000..5116459 --- /dev/null +++ b/install/enable-rsync @@ -0,0 +1,8 @@ +if [ -z "$1" ]; then echo "Must supply name"; exit 0; fi + +set -x +M_ROOT=`cat requirements/server_root_account` +M_HOST=$1 + +scp enable-rsync.remote $M_ROOT@$M_HOST: +ssh $M_ROOT@$M_HOST ./enable-rsync.remote diff --git a/install/enable-rsync.remote b/install/enable-rsync.remote new file mode 100755 index 0000000..f9e09f0 --- /dev/null +++ b/install/enable-rsync.remote @@ -0,0 +1,4 @@ +apt-get update +apt-get install rsync + + diff --git a/install/setup-server b/install/setup-server index fe9370d..146bb6e 100755 --- a/install/setup-server +++ b/install/setup-server @@ -10,4 +10,4 @@ M_HOST=$1 ./setup-mysql $M_HOST ./setup-tomcat $M_HOST ./setup-web $M_HOST - +./enable-rsync $M_HOST diff --git a/install/setup-web b/install/setup-web index e07ab9f..d9912a5 100755 --- a/install/setup-web +++ b/install/setup-web @@ -3,5 +3,6 @@ set -x M_ROOT=`cat requirements/server_root_account` M_HOST=$1 +scp sudoers.d-web $M_ROOT@$M_HOST: scp setup-web.remote $M_ROOT@$M_HOST: ssh $M_ROOT@$M_HOST ./setup-web.remote diff --git a/install/setup-web.remote b/install/setup-web.remote index 464cb38..3f7b658 100755 --- a/install/setup-web.remote +++ b/install/setup-web.remote @@ -1,3 +1,18 @@ set -x sudo apt-get install nginx --yes +cp sudoers.d-web /etc/sudoers.d/web +chmod 0440 /etc/sudoers.d/web + +cd /etc/nginx +ln -s /home/web/resources/nginx-ssl.crt +ln -s /home/web/resources/nginx-ssl.key + +cd conf.d +ln -s /home/web/resources/nginx.conf + +cd /var/local +mkdir www +chown web www + + diff --git a/install/sudoers.d-web b/install/sudoers.d-web new file mode 100644 index 0000000..2149620 --- /dev/null +++ b/install/sudoers.d-web @@ -0,0 +1 @@ +web ALL = (root) NOPASSWD :/etc/init.d/nginx start,/etc/init.d/nginx stop diff --git a/keys/james/clean b/keys/james/clean new file mode 100755 index 0000000..e7ff815 --- /dev/null +++ b/keys/james/clean @@ -0,0 +1,2 @@ +rm mail_servers.* +rm final/mail_servers.* diff --git a/keys/james/final/post-process b/keys/james/final/post-process index d1d296e..67819c2 100755 --- a/keys/james/final/post-process +++ b/keys/james/final/post-process @@ -1,4 +1,4 @@ -cp ../mail_mailiverse_com.jks . -#keytool -import -trustcacerts -alias root -file ../mail_mailiverse_com/AddTrustExternalCARoot.crt -keystore mail_mailiverse_com.jks -keytool -import -trustcacerts -alias POSITIVESSL -file ../mail_mailiverse_com/PositiveSSLCA2.crt -keystore mail_mailiverse_com.jks -keytool -import -trustcacerts -alias james -file ../mail_mailiverse_com/mail_mailiverse_com.crt -keystore mail_mailiverse_com.jks +cp ../mail_servers.jks . +#keytool -import -trustcacerts -alias root -file ../mail_servers/AddTrustExternalCARoot.crt -keystore mail_servers.jks +keytool -import -trustcacerts -alias POSITIVESSL -file ../mail_servers/PositiveSSLCA2.crt -keystore mail_servers.jks +keytool -import -trustcacerts -alias james -file ../mail_servers/mail_servers.crt -keystore mail_servers.jks diff --git a/keys/james/make b/keys/james/make index 7655c59..77af41f 100755 --- a/keys/james/make +++ b/keys/james/make @@ -1,2 +1,7 @@ -keytool -genkeypair -alias james -keyalg RSA -keysize 2048 -keystore mail_mailiverse_com.jks -keytool -certreq -alias james -keyalg RSA -file mail_mailiverse_com.csr -keystore mail_mailiverse_com.jks +echo ----------------- +echo the default installation uses 'password' for password +echo sorry about that, feel free to modify sources +echo ----------------- + +keytool -genkeypair -alias james -keyalg RSA -keysize 2048 -keystore mail_servers.jks +keytool -certreq -alias james -keyalg RSA -file mail_servers.csr -keystore mail_servers.jks diff --git a/keys/james/prepare-response-crt-for-final b/keys/james/prepare-response-crt-for-final new file mode 100755 index 0000000..c329412 --- /dev/null +++ b/keys/james/prepare-response-crt-for-final @@ -0,0 +1,6 @@ +if [ -z "$1" ]; then echo "Must supply directory name of result"; exit 0; fi + +rm -rf mail_servers +mkdir mail_servers +cp $1/* mail_servers/ +mv mail_servers/mail_* mail_servers/mail_servers.crt diff --git a/keys/nginx/convert b/keys/nginx/convert index b3bf38b..50bed24 100755 --- a/keys/nginx/convert +++ b/keys/nginx/convert @@ -1,12 +1,12 @@ set -x -JKSSTORE=mail_mailiverse_com.jks +JKSSTORE=mail_servers.jks cp $JKSSTORE store.jks keytool -importkeystore -srckeystore store.jks -srcstoretype JKS -deststoretype PKCS12 -destkeystore store.p12 openssl pkcs12 -in store.p12 -nocerts -out store.key openssl rsa -in store.key -out final.key -cat mail_mailiverse_com.crt > final.crt +cat mail_servers.crt > final.crt cat PositiveSSLCA2.crt >> final.crt cat AddTrustExternalCARoot.crt >> final.crt