jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
19,749 Commits 33 Branches 583 Tags
2a2a5ffb66b934ed9da85156b959677c8f4ec9e4
Commit Graph

9801 Commits

Author SHA1 Message Date
Girish Ramakrishnan 2a2a5ffb66 filesystem: remove shell usage 
recent version of node throws this error:

(node:210013) [DEP0190] DeprecationWarning: Passing args to a child process with shell option true can lead to security vulnerabilities, as the arguments are not escaped, only concatenated.
 2026-04-08 17:29:56 +02:00
Girish Ramakrishnan b84ef57d58 appstore: language counts 2026-04-08 15:00:56 +02:00
Girish Ramakrishnan 81fd472bb3 Fix typo crash 2026-04-07 13:21:48 +02:00
Girish Ramakrishnan 4ba9c63eb4 docker: attempt container start a few times 
Docker Error: (HTTP code 500) server error - failed to set up container networking: driver failed programming external connectivity on endpoint a877975d-38be-4088-bc92-e0d7a486a818 (2e5adaa635a95bd65ca0f290712065d444528e3420c49f2f88323b40c62caaa5): failed to bind host port for 0.0.0.0:40014:172.18.16.130:40014/tcp: address already in use

This happens during app updates. Can only be two reasons:

- some race in docker not freeing up ports (unlikely)
- ephemeral port got reallocated between destroy and create as part of app update

A future commit will reserve net.ipv4.ip_local_reserved_ports as well

Similar fix as b08e3a5128
 2026-04-07 13:04:56 +02:00
Girish Ramakrishnan 9e20c5a3e3 logs: escape and unescape new lines 2026-04-07 12:54:51 +02:00
Girish Ramakrishnan 053f26cd02 apppasswords: list oidc apps in the ui 2026-04-07 11:41:23 +02:00
Girish Ramakrishnan cc82a088a9 apppassword: 16 lowercase letters in groups of 4, to make it easier to type 2026-04-07 11:01:43 +02:00
Girish Ramakrishnan e30e384cec services: stop turn if unused by apps 2026-04-05 11:49:18 +02:00
Girish Ramakrishnan 83917f98f5 backup sites: disable del in demo mode 2026-04-04 11:01:52 +02:00
Johannes Zellner dab9bcb9db Add local authserver to provide /verify-credentials route 
This is used for apps which are using OpenID to login but still need to
be able to verify the users password or app password
 2026-04-02 22:02:45 +02:00
Johannes Zellner 918c2f8587 Move to @cloudron/safetydance 2026-04-01 09:49:34 +02:00
Girish Ramakrishnan 8f851164d6 reboot: fix dashboard link 2026-04-01 09:25:10 +02:00
Girish Ramakrishnan 75e3256497 mail: update haraka to 3.1.4 2026-03-31 12:22:37 +02:00
Girish Ramakrishnan 58f5a17a83 mail: remove queue proxy 
this has never worked well
 2026-03-31 11:36:16 +02:00
Girish Ramakrishnan e7c3d797be rsync: reupload files with corrupt integrity 
we found sha256: null as the integrity in some of the cache files.
not sure how this happenned. for now, we just mark files with invalid
or missing sha256 for re-upload.
 2026-03-31 11:31:17 +02:00
Girish Ramakrishnan 8b138d14bb backup site: remove the local disk provider 
we already have ext4, xfs, mountpoint and filesystem to cover all cases

fixes #879
 2026-03-30 14:37:48 +02:00
Girish Ramakrishnan b40a10da7b restore: prune portBindings whose tcpPorts/udpPorts no longer exist 
fixes #871
 2026-03-27 18:47:52 +01:00
Girish Ramakrishnan 25f5b33d17 Remove unused secondaryDomains in update and restore code paths 
fixes #814
 2026-03-27 17:46:28 +01:00
Girish Ramakrishnan f57c39bba2 repair: rebuild image 2026-03-27 16:17:41 +01:00
Girish Ramakrishnan 99b234eca8 source install: persist buildConfig so restore, import, clone work correctly 2026-03-27 16:10:43 +01:00
Girish Ramakrishnan 9c3c8cc9d1 rename promise-retry to retry 2026-03-27 11:39:38 +01:00
Girish Ramakrishnan b08e3a5128 docker: attempt container recreate a few times 
Docker Error: (HTTP code 500) server error - failed to set up container networking: driver failed programming external connectivity on endpoint a877975d-38be-4088-bc92-e0d7a486a818 (2e5adaa635a95bd65ca0f290712065d444528e3420c49f2f88323b40c62caaa5): failed to bind host port for 0.0.0.0:40014:172.18.16.130:40014/tcp: address already in use

This happens during app updates. Can only be two reasons:

- some race in docker not freeing up ports (unlikely)
- ephemeral port got reallocated between destroy and create as part of app update

A future commit will reserve net.ipv4.ip_local_reserved_ports as well
 2026-03-27 10:29:26 +01:00
Girish Ramakrishnan e48cdc85f7 notifications: subscribe owner and users to all by default 2026-03-27 09:14:18 +01:00
Girish Ramakrishnan 4859059eba source install: support dockerfileName and build options 2026-03-21 17:29:47 +01:00
Girish Ramakrishnan f2949c1836 notifications: send email when manual app update is required 2026-03-21 15:59:41 +01:00
Girish Ramakrishnan cd6acfb91d notifications: send email when manual platform update is required 2026-03-21 15:38:12 +01:00
Johannes Zellner ba0bb62fa3 hardcode CLI name for cid-cli in device auth flow 2026-03-18 14:37:15 +01:00
Johannes Zellner 1ca62dd38e Restyle oidc device login views 2026-03-18 14:28:28 +01:00
Girish Ramakrishnan e3d76ea9f4 uninstall: must continue to teardown other addons 2026-03-18 15:26:06 +05:30
Girish Ramakrishnan d7212e69b5 unprovision: clear the default backup site 2026-03-18 15:14:11 +05:30
Girish Ramakrishnan ead58bd6f6 test: use profile to check for passkey 2026-03-18 15:00:45 +05:30
Girish Ramakrishnan fbe13b75df passkey: fix tests 2026-03-18 14:53:00 +05:30
Girish Ramakrishnan 6085a8231f uninstall: ignore services error as services may never have started 2026-03-18 14:38:47 +05:30
Girish Ramakrishnan 3d55423deb Fix usage of safe() 2026-03-18 14:26:42 +05:30
Girish Ramakrishnan f62df52c1d passkey: disallow in demo mode 2026-03-18 12:28:57 +05:30
Girish Ramakrishnan 1f05a8d92a network: fix crash 2026-03-18 07:04:45 +05:30
Girish Ramakrishnan ea7647f43c oidcserver: fix jwks_rsaonly response 2026-03-17 17:49:52 +05:30
Girish Ramakrishnan bc5737b9b0 passkey: implement passwordless login 2026-03-16 20:10:59 +05:30
Girish Ramakrishnan d0745d1914 2fa: provider passkey or totp 2026-03-16 18:49:12 +05:30
Girish Ramakrishnan 2b4c926a70 only clear passkeys on location change 
calling this on initialize makes it lose all passkeys
 2026-03-16 18:49:01 +05:30
Girish Ramakrishnan 67500a7689 profile: hasPasskey 2026-03-16 17:20:22 +05:30
Girish Ramakrishnan 189e3d5599 allow totp and passkey to co-exist 2026-03-16 16:38:48 +05:30
Girish Ramakrishnan 009d0b39f9 rename twoFactor* to totp 2026-03-16 16:38:42 +05:30
Girish Ramakrishnan f334c696cb update: add policy to update apps separately from platform 2026-03-16 10:19:18 +05:30
Girish Ramakrishnan db974d72d5 oidcserver: permit origin "*" from localhost testing 2026-03-16 07:21:55 +05:30
Girish Ramakrishnan c15e342bb8 webadmin: remove the implicit flow 
we now use pkce . main advantage is that we don't see the access token
in the url anymore.

in pkce, the auth code by itself is useless. need the verifier.

fixes #844
 2026-03-15 17:38:27 +05:30
Girish Ramakrishnan dc1449c7b6 oidcserver: convert to trace 2026-03-15 17:32:03 +05:30
Girish Ramakrishnan 0b305caf58 sites: add conflict detection 
Fixes #863
 2026-03-15 14:59:35 +05:30
Girish Ramakrishnan 8f1f3645b2 app update: if backup fails, provide a notification 
fixes #851
 2026-03-15 14:48:07 +05:30
Girish Ramakrishnan 7afec06d4c apps: operators can now view backup logs and manage the backup task 
we spun off the app backup as a separate task and this is not tracked
by app.taskId .

fixes #856
 2026-03-15 10:18:31 +05:30