jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
15,753 Commits 33 Branches 583 Tags
41f92c52e9beb7684e99c26a67adbf23625116f8
Commit Graph

15753 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Girish Ramakrishnan
41f92c52e9 add to changes 2024-02-23 17:47:21 +01:00
Girish Ramakrishnan
d0dc104ede logs: make logPaths work 
we have to tail via sudo script

Fixes #811
 2024-02-23 17:46:22 +01:00
Girish Ramakrishnan
ce42680888 update mail container (solr, spam acl) 2024-02-23 11:37:08 +01:00
Girish Ramakrishnan
4ebff09f73 lint 2024-02-22 16:50:35 +01:00
Girish Ramakrishnan
8fd7daade6 rsync: empty check was removed by mistake 2024-02-22 14:47:44 +01:00
Girish Ramakrishnan
e6aef755e3 shell: merge spawn into sudo 2024-02-22 12:43:23 +01:00
Girish Ramakrishnan
c4b8d3b832 restore: add help link to backup path 2024-02-22 12:03:21 +01:00
Girish Ramakrishnan
c38457b48d restore: better placeholder text for backup id 2024-02-22 12:01:03 +01:00
Girish Ramakrishnan
60994f9ed1 shell: docker run needs shell 
don't want to get into parsing quotes!
 2024-02-22 10:59:39 +01:00
Girish Ramakrishnan
a6f078330f shell: no need to promise scoping 2024-02-21 19:40:27 +01:00
Girish Ramakrishnan
cfd5c0f82b shell: rewrite exec to use execFile 
this also renames execFile to execArgs
 2024-02-21 18:54:43 +01:00
Girish Ramakrishnan
14c9260ab0 shell: exec encoding is utf8 by default and no shell 
explicitly mark calls that require the shell
 2024-02-21 17:47:25 +01:00
Girish Ramakrishnan
23cac99fe9 shell: remove spawn 2024-02-21 13:35:56 +01:00
Girish Ramakrishnan
2237d2bbb7 shell: remove usage of .spawn 2024-02-21 13:27:04 +01:00
Girish Ramakrishnan
62ca0487dc cloudron-support: docker info output 2024-02-21 12:54:08 +01:00
Girish Ramakrishnan
0e858dc333 cloudron-support: dump cloudron version 2024-02-21 12:51:50 +01:00
Girish Ramakrishnan
fa3e908afc df can hang 2024-02-21 12:47:30 +01:00
Girish Ramakrishnan
c1bb4de6a3 reverseproxy: use async exec 2024-02-21 12:33:04 +01:00
Girish Ramakrishnan
9b94cf18d0 convert more execSync to async 2024-02-21 11:00:12 +01:00
Girish Ramakrishnan
b51071155a Use the async shell exec 2024-02-20 22:57:36 +01:00
Girish Ramakrishnan
1128edc23e update: remove dead pre-flight checks 2024-02-20 22:48:12 +01:00
Johannes Zellner
df9c7010e2 Make backup memory limit slider more predictable with a minimum of 1 GB 2024-02-20 22:12:20 +01:00
Girish Ramakrishnan
54c7757e38 Fix crash 2024-02-20 21:53:52 +01:00
Girish Ramakrishnan
3da3ccedcb volumes: only wait for 5 seconds for mount status 
mountpoint -q can never exit if the nfs mount disappears, for example
 2024-02-20 21:38:57 +01:00
Girish Ramakrishnan
26eb739b46 shell: add options to exec 2024-02-20 21:11:09 +01:00
Johannes Zellner
7ce5b53753 dashboard: use snap bounds instead of ticks for memory slider 2024-02-20 14:37:18 +01:00
Girish Ramakrishnan
298d446e5f backups: make ui show min 1GB 2024-02-19 17:06:38 +01:00
Girish Ramakrishnan
450dd70ea2 backups: up min memory limit to 1GB 2024-02-19 17:02:14 +01:00
Girish Ramakrishnan
1d1a7af48e rsync: bump the buffer size to 80MB 2024-02-19 14:15:28 +01:00
Girish Ramakrishnan
003bc457bf setupdns: fix typo with bunny DNS 2024-02-18 18:45:20 +01:00
Girish Ramakrishnan
bfafcea0b9 Update changes 2024-02-17 16:42:37 +01:00
Johannes Zellner
66da8dd4dc Always resetup oidc client record for apps 2024-02-15 12:40:58 +01:00
Girish Ramakrishnan
307a3ee015 apps: rename the config functions 2024-02-10 11:53:25 +01:00
Girish Ramakrishnan
95be147eb4 make config.json readable 2024-02-10 10:40:56 +01:00
Girish Ramakrishnan
2bf711f1f7 acme2: default to using secp256r1 key 
the secp384r1 is not getting accepted by a few mail servers.

the upstream server is TLS 1.2 and advertises:
        {0xC0, 0x2C} TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        {0xCC, 0xA9} TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
        {0xC0, 0x2B} TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        {0xC0, 0x24} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
        {0xC0, 0x23} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
        {0xC0, 0x09} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

the connection fails with:
client connection error: Error: C0E703901F7F0000:error:0A0000C1:SSL routines:tls_post_process_client_hello:no shared cipher:../deps/openssl/openssl/ssl/statem/statem_srvr.c:2241:

node's current cipher list is https://nodejs.org/api/tls.html#modifying-the-default-tls-cipher-suite.
It says default cipher suite prefers GCM ciphers. ECDHE-ECDSA-AES256-GCM-SHA384 and ECDHE-ECDSA-AES128-GCM-SHA256
are the valid TLS 1.2 options but neither of these are selected.

the public key strength is somehow tied to cipher selection, I am not entirely sure how. from what i remember
`ecdsa_secp384r1_sha384` was listed in signature_algorithms extension.

Note that one document I found said that exchange server has a further _P256 and _P384 to cipher combinations.
Which suggests to me that one can also select specific curve+cipher combination.

anyway, with this curve, atleast the connection work with TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 2024-02-09 22:01:55 +01:00
Johannes Zellner
c3d2c7bcde Update minior version dependency updates 2024-02-09 19:54:50 +01:00
Johannes Zellner
38e32942cb oidc: remove env var for disabled session/end route 2024-02-09 19:37:54 +01:00
Johannes Zellner
febd24b203 Expose port count as _COUNT env varible 2024-02-09 15:49:29 +01:00
Johannes Zellner
d1afa3fdca Update package.lock 2024-02-08 18:41:30 +01:00
Johannes Zellner
a82d1ea832 Use portCount from manifest with 1 as default 2024-02-08 18:25:25 +01:00
Johannes Zellner
7d9e8da660 Update manifest format for portCount support 2024-02-08 18:17:08 +01:00
Johannes Zellner
ec990bd16a WIP: Add some portrange support 2024-02-08 17:39:22 +01:00
Girish Ramakrishnan
fb12c0e499 typo 2024-02-08 11:51:56 +01:00
Girish Ramakrishnan
3d1a4f8802 mongodb: update mongo to 6.0 2024-02-08 11:37:03 +01:00
Girish Ramakrishnan
c978e3b7ea scheduler: add debug if scheduler is running too long 2024-02-08 10:54:07 +01:00
Girish Ramakrishnan
0b201cee71 mail: update haraka to 3.0.3 2024-02-08 10:36:56 +01:00
Johannes Zellner
8b7c5a65d6 Fixup profile avatar tests 2024-02-06 20:48:27 +01:00
Girish Ramakrishnan
8a63f0368e Fix parsing of displayName 
Currently, we only have one field for the name. The first part is
first name. The rest is last name. Obviously, this won't work in all
cases but is the best we can do for the moment.
 2024-02-06 16:53:03 +01:00
Girish Ramakrishnan
ce4bf7e10c Fix cloudron installation on netcup 
https://forum.cloudron.io/topic/10097/cloudron-install-error-dpkg-error/
https://twitter.com/netcup/status/1735265955364720757
 2024-01-31 17:24:29 +01:00
Girish Ramakrishnan
479946173f df: run async 
df hangs on some systems and this brings down the box code

happens on erroneous cifs/sshfs volumes
 2024-01-30 12:23:20 +01:00