jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
10,454 Commits 33 Branches 583 Tags
212d025579d96efcaa2d8a20b79231ffb0b71f84
Commit Graph

342 Commits

Author SHA1 Message Date
Girish Ramakrishnan
949b2e2530 postgresql: bump shm size and disable parallel queries 
https://forum.cloudron.io/topic/5604/nextcloud-take-very-long-time-to-respond/5
 2021-09-03 08:02:06 -07:00
Johannes Zellner
5b10cb63f4 sftp: update addon to fix symlink deletion 2021-08-11 09:32:30 +02:00
Girish Ramakrishnan
882a7fce80 redis: suppress password warning 2021-07-24 08:51:00 -07:00
Girish Ramakrishnan
dd5737f948 mail: enable editheader sieve extension and upgrade solr 2021-06-25 16:38:44 -07:00
Girish Ramakrishnan
097a7d6b60 sftp: rework appdata and volume mounting logic 
this tries to solve two issues:

* the current approach mounts the data directories of apps/volumes individually.
this causes a problem with volume mounts that mount after the container is started i.e not
network time/delay but systemd ordering. With CIFS, the mount is a hostname. This requires
unbound to be running but unbound can only start after docker because it wants to bind to
the docker network. one way to fix is to not start sftp automatically and only start sftp
container in the box code. This results in the sftp container attaching itself of the
directory before mounting and it appears empty. (on the host, the directory will appear
to have mount data!)

* every time apptask runs we keep rebuilding this sftp container. this results in much race.

the fix is: mount the parent directory of apps and volumes. in addition, then any specialized appdata
paths and volume paths are mounted individually. this greatly minimized rebuilding and also since we don't rely
on binding to the mount point itself. the child directories can mount in leisure. this limits the race
issue to only no-op volume mounts.

part of #789
 2021-06-24 16:51:58 -07:00
Girish Ramakrishnan
406b3394cb mail: fix issue where spam to internal lists was not blocked 2021-06-18 10:35:42 -07:00
Girish Ramakrishnan
9e34a95732 postgresql: fix backup hogging connections 
This fixes the "FATAL: remaining connection slots are reserved for non-replication superuser connections"
 2021-06-05 09:43:53 -07:00
Girish Ramakrishnan
3ba62f2ba1 mail: do not forward spam 2021-05-27 22:21:17 -07:00
Girish Ramakrishnan
0342865129 sieve: redirects do not do SRS 2021-05-26 15:22:10 -07:00
Girish Ramakrishnan
76d0abae43 postgresql: set max conn limit per db 2021-05-18 09:04:29 -07:00
Girish Ramakrishnan
31503e2625 postgresql: bump max connections 2021-05-06 10:58:48 -07:00
Girish Ramakrishnan
c17743d869 migrate secrets into the database 
the infra version is bumped because the nginx's dhparams path has changed
and the sftp server key path has changed.
 2021-05-03 22:11:18 -07:00
Girish Ramakrishnan
cd300bb6e2 graphite: carbon crash fix 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923464
https://forum.cloudron.io/topic/4797/graphite-keeps-crashing-oom/34
 2021-04-27 14:25:12 -07:00
Girish Ramakrishnan
8b99af952a turn: turn off verbose logging 2021-04-20 11:30:31 -07:00
Girish Ramakrishnan
e613452058 mysql: remove use of mysql_upgrade 2021-04-01 11:50:03 -07:00
Girish Ramakrishnan
32f385741a graphite: implement upgrade 
for the moment, we wipe out the old data and start afresh. this is because
the graphite web app keeps changing quite drastically.
 2021-03-23 16:34:32 -07:00
Girish Ramakrishnan
c3d30a1d99 mail: rework STARTTLS strategy 
instead of fixing all apps which is a royal pain, we instead make Haraka
offer STARTTLS for 2587 and no STARTTLS for 2525.
 2021-03-21 20:38:05 -07:00
Girish Ramakrishnan
8048e68eb6 graphite: disable tagdb 2021-03-18 18:03:45 -07:00
Girish Ramakrishnan
098da7426c Add CLOUDRON_MAIL_SMTP_STARTTLS env 
starting 6.3, the internal mail server will do STARTTLS. this env
allows apps to configure themselves appropriately for pre 6.3 and
post 6.3 appropriately.

we trigger a re-configure which ensures that the new env gets put
in the database and then in the container.
 2021-03-16 16:20:08 -07:00
Girish Ramakrishnan
79d37cf361 update redis 2021-03-12 14:29:57 -08:00
Girish Ramakrishnan
8cc9fe5504 addons: better error handling 2021-03-12 14:17:19 -08:00
Girish Ramakrishnan
825835b3d1 mail: allow TLS from internal hosts 
We need to only provide a cert that matches the MX record

https://serverfault.com/questions/389413/what-host-name-should-the-ssl-certificate-for-an-smtp-server-contain
 2021-03-12 10:44:42 -08:00
Girish Ramakrishnan
0067766284 Fix addon crashes with missing databases 
this happens because we have some bug in sftp container causing uninstall(s) to
fail. the database of those apps are gone but the export logic then tries to export
them and it all fails.
 2021-03-10 15:09:15 -08:00
Girish Ramakrishnan
bb0b5550e0 Update mail container for LMTP cert fix 2021-03-10 09:50:09 -08:00
Girish Ramakrishnan
376e070b72 update mail container 
new solr and higher concurrency
 2021-02-28 18:45:43 -08:00
Girish Ramakrishnan
f0e0372127 Update addons (move code to /app/code convention) 2021-02-28 15:52:06 -08:00
Girish Ramakrishnan
5e2c655ccb update mongodb 
fixes #767
 2021-02-28 12:49:44 -08:00
Girish Ramakrishnan
03a59cd500 mysql: disable binlogs altogether 
this is useful primarily for replication

http://dimitrik.free.fr/blog/archives/2018/04/mysql-performance-testing-80-with-less-blood.html
 2021-02-26 09:53:37 -08:00
Girish Ramakrishnan
b71ab187ff mysql: update binlog in addon 2021-02-25 19:10:28 -08:00
Girish Ramakrishnan
9ccd82ce4e set binlog config in mysql 
keep max binlog file size to 100M. and rotate then in 10 days
 2021-02-23 14:24:58 -08:00
Girish Ramakrishnan
013669e872 Update mail container 
this disables TLSv1 and 1.1 in dovecot
 2021-02-22 14:16:55 -08:00
Girish Ramakrishnan
ab2d246945 Update graphite to base image 2021-02-16 16:56:33 -08:00
Girish Ramakrishnan
615198cd36 mail: use latest base image 2021-02-11 15:35:04 -08:00
Girish Ramakrishnan
664b3ab958 sftp: multiparty fix for node 14 2021-02-09 23:35:32 -08:00
Girish Ramakrishnan
fd2087d7e4 Fix mysql auth issue 
only PHP 7.4 supports the caching_sha2_password mechanism. so we
make the default as mysql_native_password
 2021-02-09 17:31:45 -08:00
Girish Ramakrishnan
283f1aac21 Update base image because of mongodb issue 2021-02-06 21:57:37 -08:00
Girish Ramakrishnan
8ba1f3914c Update postgresql for latest base image 2021-02-06 11:14:23 -08:00
Girish Ramakrishnan
a262b08887 Update redis for latest base image 2021-02-06 10:26:54 -08:00
Girish Ramakrishnan
925408ffcd Update turn image to use latest base image 2021-02-06 10:20:31 -08:00
Girish Ramakrishnan
04d4375297 Update sftp image to use latest base image 2021-02-06 10:10:03 -08:00
Girish Ramakrishnan
691b15363a base image: fix yq typo 2021-02-05 21:15:07 -08:00
Girish Ramakrishnan
caadb1d418 new base image 3.0 2021-02-05 20:25:17 -08:00
Girish Ramakrishnan
6073d2ba7e Use new base image 3.0.0 2021-02-04 16:22:23 -08:00
Johannes Zellner
14b2fa55c3 Update sftp 3.1.0 addon image 2021-02-01 19:20:58 +01:00
Johannes Zellner
04e103a32d Do not bump infra version 2021-02-01 19:06:13 +01:00
Johannes Zellner
0b0c02e421 Update sftp image for copy function 2021-02-01 16:13:46 +01:00
Girish Ramakrishnan
19fcabd32b mail: data.headers is now headers 2021-01-29 00:02:03 -08:00
Girish Ramakrishnan
953c65788c mail: haraka update 2021-01-15 11:22:27 -08:00
Girish Ramakrishnan
dbf3d3abd7 mail: better event log for bounces 2021-01-13 23:12:14 -08:00
Girish Ramakrishnan
d67598ab7e turn: use correct base image 2021-01-12 17:06:48 -08:00