jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
10,460 Commits 33 Branches 583 Tags
0cfc3e03bb6db961ef3cef2a998df220b7b7a8f8
Commit Graph

10460 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Girish Ramakrishnan 0cfc3e03bb Use concrete resource name instead of generic "resource" 2021-09-20 22:42:34 -07:00
Girish Ramakrishnan d1e8fded65 mail: expose 465 for mail submission 
Port 465 is implicit TLS. rfc8314 is now pushing this as a standard
and some mail clients like outlook have already taken this to heart.

Note that this port is sometimes confused with SMTPS. Unlike SMTPS,
this is being used for "submissions" (by a client) as opposed to
server transfer protocol.

This is more secure than port 587+STARTTLS. We reject credentials
on insecure connections but it's too late.

See also:

https://www.fastmail.help/hc/en-us/articles/360058753834
https://www.agwa.name/blog/post/starttls_considered_harmful
https://linuxguideandhints.com/misc/port465.html
 2021-09-20 15:42:16 -07:00
Girish Ramakrishnan 2a667cb985 attach debug object for background safe() 2021-09-20 10:36:49 -07:00
Girish Ramakrishnan a36c51483c no need to re-throw 2021-09-20 10:36:46 -07:00
Girish Ramakrishnan e2fc785e80 rename getServiceIds to listServices 2021-09-20 09:15:49 -07:00
Johannes Zellner 5a1a439224 Adjust comment about getAll 2021-09-20 18:04:01 +02:00
Johannes Zellner 212d025579 Do not send new login notification if we have ghost user login 2021-09-20 17:56:37 +02:00
Johannes Zellner 7c70b9050d Fixup ghost tests 2021-09-20 14:59:26 +02:00
Johannes Zellner ca2cc0b86c Make cloudron-support --owner-login use the settings table 2021-09-20 13:20:41 +02:00
Johannes Zellner c6c62de68a Move ghosts into settings table 2021-09-20 13:05:42 +02:00
Girish Ramakrishnan f66af19458 page number starts from 1 2021-09-19 18:36:08 -07:00
Girish Ramakrishnan 50c68cd499 notifications: better oom message for redis 
fixes #795
 2021-09-19 17:34:41 -07:00
Girish Ramakrishnan 05b4f96854 eslint: bump ecmaVersion 
we can now use the optional chaining operator ?. that is available
in node 14
 2021-09-19 17:32:01 -07:00
Girish Ramakrishnan 8c66ec5d18 tokens: ID_CLI is never used 2021-09-17 15:21:56 -07:00
Girish Ramakrishnan 66a907ef48 Logout users without 2FA when mandatory 2fa is enabled 
Fixes #803
 2021-09-17 14:52:24 -07:00
Girish Ramakrishnan e8aaad976b backups: make test config funcs return error 2021-09-17 10:14:26 -07:00
Girish Ramakrishnan 2554c47632 add missing apps.delPortBinding 
this got lost in async/db translation
 2021-09-17 09:52:21 -07:00
Girish Ramakrishnan c5794b5ecd get rid of all the NOOP_CALLBACKs 2021-09-17 09:40:26 -07:00
Johannes Zellner b3fe2a4b84 Set correct default ghost expiration 2021-09-17 16:08:03 +02:00
Johannes Zellner 2ea5786fcc Fix setGhost api usage 2021-09-17 15:52:52 +02:00
Johannes Zellner f75b0ebff9 Add set ghost route 2021-09-17 12:52:41 +02:00
Johannes Zellner 8fde4e959c Support ghost password expiration in ghost file 2021-09-17 11:48:56 +02:00
Girish Ramakrishnan ac59a7dcc2 disable col stats in test mode (mysql 5.7) or non-ubuntu 20 2021-09-16 17:25:09 -07:00
Girish Ramakrishnan 9a2ed4f2c8 apptask: asyncify 2021-09-16 17:25:05 -07:00
Girish Ramakrishnan b5539120f1 tests: cache dhparams in /tmp 2021-09-16 16:39:13 -07:00
Johannes Zellner 7277727307 Fixup some of app route tests 2021-09-16 17:20:19 +02:00
Johannes Zellner f13e641af4 Also generate dhparams in test to let the platform finish startup 2021-09-16 17:19:59 +02:00
Johannes Zellner da23bae09e return error if purchase fails 2021-09-16 17:19:38 +02:00
Johannes Zellner 9da18d3acb Fixup user tests 2021-09-16 15:38:06 +02:00
Johannes Zellner d92f4c2d2b Ensure a whole test run succeeds for me on archlinux 2021-09-16 15:20:26 +02:00
Johannes Zellner 6785253377 Invitation is now also just a single route like password reset 2021-09-16 15:03:48 +02:00
Johannes Zellner 074ce574dd Return password reset link on reset request route 2021-09-16 14:34:56 +02:00
Johannes Zellner ecd35bd08d Fixup 2fa reset route 2021-09-16 13:18:22 +02:00
Johannes Zellner df864a8b6e Add missing safe() call 2021-09-16 08:40:01 +02:00
Girish Ramakrishnan 48eab7935c sftp: add missing safe() 2021-09-15 15:31:20 -07:00
Johannes Zellner 4080d111c1 We now map ldap users instead of ignoring them if usernames match 2021-09-15 11:44:39 +02:00
Girish Ramakrishnan a78178ec47 redact password immediately after verify 2021-09-14 10:36:14 -07:00
Girish Ramakrishnan d947be8683 Add to changes 2021-09-14 09:16:20 -07:00
Johannes Zellner 48056d7451 If we detect a local user with the same username as found on LDAP/AD we map it 2021-09-13 21:17:41 +02:00
Girish Ramakrishnan 2f0297d97e Use the debug argument 2021-09-13 11:29:55 -07:00
Girish Ramakrishnan cdf6988156 Update node to 14.17.6 2021-09-10 14:34:11 -07:00
Girish Ramakrishnan ae13fe60a7 make startBackupTask async 2021-09-10 12:10:10 -07:00
Girish Ramakrishnan 242fad137c update safetydance 2021-09-10 11:51:44 -07:00
Girish Ramakrishnan bb7eb6d50e database: remove callback support 2021-09-10 11:40:01 -07:00
Johannes Zellner 59cbac0171 Require password for fallback email change 2021-09-09 23:22:00 +02:00
Johannes Zellner d3d22f0878 Directly use users.verify() instead of another db lookup 2021-09-09 22:50:35 +02:00
Johannes Zellner 2d5eb6fd62 Remove unused require 2021-09-09 22:15:12 +02:00
Girish Ramakrishnan fefd4abf33 Fix logger to log exceptions 
this is similar to the fix in taskworker
 2021-09-07 11:23:57 -07:00
Girish Ramakrishnan 7709e155e0 more async'ification 2021-09-07 11:21:06 -07:00
Girish Ramakrishnan e7f51d992f acme: getCertificate can be async now 2021-09-07 09:34:23 -07:00