elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update upgrade.debian.9-10.html.

This commit is contained in:
iredmail 2019-10-21 21:32:41 +08:00
parent a23f71c751
commit 1219871675
2 changed files with 43 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
en_US/upgrade/0-upgrade.debian.9-10.md
View File

@ -17,18 +17,21 @@ Changes required to be made in Dovecot main config file `/etc/dovecot/dovecot.co
* Remove all `postmaster_address =`.
* Remove parameter `ssl_protocols =`.
* Add new parameter `ssl_min_protocols` like this:
* Add new parameter `ssl_min_protocol` like this:
```
ssl_min_protocols = TLSv1.2
ssl_min_protocol = TLSv1.2
```
Note: If your end users run old mail client applications, it may not support
TLSv1.2, you may want to use weaker one like `TLSv1.1`, `TLSv1` instead.
* Add new parameter `ssl_dh` and load existing file:
* on CentOS, it's `/etc/pki/tls/dhparams.pem`
* on Debian/Ubuntu, FreeBSD, OpenBSD, it's `/etc/ssl/dhparams.pem`
* on CentOS, it's `/etc/pki/tls/dh2048_param.pem`
* on Debian/Ubuntu, FreeBSD, OpenBSD, it's `/etc/ssl/dh2048_param.pem`
```
ssl_dh = </etc/ssl/dhparams.pem
ssl_dh = </etc/ssl/dh2048_param.pem
```
* If you have plugin `stats` enabled, you need to rename it:
@ -44,6 +47,21 @@ Old | New
`plugin { stats_refresh = ... }` | `plugin { old_stats_refresh = ...}`
`plugin { stats_track_cmds = ...}` | `plugin { old_stats_track_cmds = ...}`
Inside `service old-status {}` block, please add new content:
```
unix_listener old-stats-reader {
user = vmail
group = vmail
mode = 0660
}
unix_listener old-stats-writer {
user = vmail
group = vmail
mode = 0660
}
```
Restart Dovecot service is required.
## PHP

25
html/upgrade.debian.9-10.html
View File

@ -41,19 +41,21 @@
<ul>
<li>Remove all <code>postmaster_address =</code>.</li>
<li>Remove parameter <code>ssl_protocols =</code>.</li>
<li>Add new parameter <code>ssl_min_protocols</code> like this:</li>
<li>Add new parameter <code>ssl_min_protocol</code> like this:</li>
</ul>
<pre><code>ssl_min_protocols = TLSv1.2
<pre><code>ssl_min_protocol = TLSv1.2
</code></pre>
<p>Note: If your end users run old mail client applications, it may not support
TLSv1.2, you may want to use weaker one like <code>TLSv1.1</code>, <code>TLSv1</code> instead.</p>
<ul>
<li>Add new parameter <code>ssl_dh</code> and load existing file:<ul>
<li>on CentOS, it's <code>/etc/pki/tls/dhparams.pem</code></li>
<li>on Debian/Ubuntu, FreeBSD, OpenBSD, it's <code>/etc/ssl/dhparams.pem</code></li>
<li>on CentOS, it's <code>/etc/pki/tls/dh2048_param.pem</code></li>
<li>on Debian/Ubuntu, FreeBSD, OpenBSD, it's <code>/etc/ssl/dh2048_param.pem</code></li>
</ul>
</li>
</ul>
<pre><code>ssl_dh = &lt;/etc/ssl/dhparams.pem
<pre><code>ssl_dh = &lt;/etc/ssl/dh2048_param.pem
</code></pre>
<ul>
@ -101,6 +103,19 @@
</tr>
</tbody>
</table>
<p>Inside <code>service old-status {}</code> block, please add new content:</p>
<pre><code> unix_listener old-stats-reader {
user = vmail
group = vmail
mode = 0660
}
unix_listener old-stats-writer {
user = vmail
group = vmail
mode = 0660
}
</code></pre>
<p>Restart Dovecot service is required.</p>
<h2 id="php">PHP</h2>
<p>Debian 9 offers PHP-5, but Debian 10 has PHP-7.3, you need to upgrade it to 7.3 manually.</p>