4c6f7de10a
more debug messages
2022-11-23 22:03:18 +01:00
28f3b697a1
tokens: add test for readonly token
2022-11-23 18:16:03 +01:00
f728971479
add test that only owner can open tickets
2022-11-23 17:56:24 +01:00
30fb1aa351
proxy: do not set Host header when proxying
...
The default when proxying is $proxy_host.
Proxied apps must used X-Forwarded-Host header to determine the intended
target. I think we overwrote the Host header back in the day because apps
had varied support for this. Ideally, it can be removed across all our configurations.
2022-11-23 16:50:38 +01:00
a5d244b593
Add tests for proxy app upstreamUri
2022-11-23 14:36:57 +01:00
817e950d47
Fix upstreamUri verification
2022-11-23 12:58:17 +01:00
258eea4318
Fix appstore-test
2022-11-22 22:14:59 +01:00
1b0c33fc73
Fix system-test
2022-11-22 21:38:22 +01:00
1d56bcb2e0
Update node to 16.18.1
2022-11-22 19:29:54 +01:00
35ea3b1575
Also include potential swap files in the disk usage stats
2022-11-22 12:15:17 +01:00
c639559a6d
Update docker 20.10.21
...
many users reporting hangs in docker, maybe this solves it
2022-11-21 13:20:49 +01:00
b437466f8c
mail: send quota value as raw bytes
2022-11-21 09:45:17 +01:00
3b8221190d
Better error mesasge
2022-11-20 18:16:16 +01:00
250d54f157
postgresql: fix issue with pg_ctl timing out
2022-11-20 18:05:37 +01:00
5d0309f1ca
reverseproxy: check renewal against cert instead of the files
2022-11-17 16:40:14 +01:00
00771d8197
reverseproxy: move dashboard config to subdir as well
2022-11-17 15:50:34 +01:00
641752a222
reverseproxy: remove getAcmeApiOptions
2022-11-17 12:39:23 +01:00
e3b0d3960a
reverseproxy: create configs in subdirectories for easy management
2022-11-17 12:16:11 +01:00
cd90864bc3
typos
2022-11-17 11:46:29 +01:00
23cc0d6f0e
acme2: do not pass around paths
2022-11-17 11:44:36 +01:00
51f43597bc
Make location have subdomain just like in the database
2022-11-17 10:22:46 +01:00
28b5457e9c
Fix validateLocations return value
2022-11-17 10:22:46 +01:00
35076b0e93
use vhost naming for nginx config terminology
2022-11-17 10:22:46 +01:00
293b8a0d34
remove location type from nginx filename
...
this will keep it consistent with upcoming cert filenames
2022-11-17 10:22:46 +01:00
0c8b8346f4
Move getLocationsSync into apps.js
2022-11-17 10:22:43 +01:00
8c2a1906ba
Add to changes
2022-11-17 08:00:44 +01:00
720bafaf02
logrotate: only keep 14 days of logs
...
https://unix.stackexchange.com/questions/261696/logrotation-rotate-and-maxage-command
https://blog.gsterling.de/2017/10/03/logrotate-misconceptions-about-maxsize-and-size/
2022-11-17 00:47:39 +01:00
0b6bbf4cc2
Set exec LANG via rest API only
2022-11-16 16:14:54 +01:00
013e15e361
reverseproxy: do deep compare in tlsConfig
...
wildcard field might change
2022-11-16 16:04:26 +01:00
9da4f55754
Set default LANG in exec container to make umlauts and other special characters work
2022-11-16 15:49:06 +01:00
e3642f4278
reverse proxy: rebuild configs on provider change
2022-11-16 12:42:06 +01:00
19b0d47988
remove obsolete fixme
2022-11-16 11:46:31 +01:00
f82f533f36
Add SIGHUP handler to reload certs
...
we have to reload directory server certs out of process
2022-11-16 08:24:42 +01:00
15d5dfd406
reverseproxy: move the reload out of the write functions
2022-11-16 07:55:26 +01:00
af870d0eac
mail: fix dnsbl count
...
empty string was parsed as [''] leading the UI to think there is one zone
2022-11-14 22:06:33 +01:00
7b7e5d24de
domains: update event not generated
2022-11-14 10:58:47 +01:00
0843baad8b
reverseproxy: remove options from renewCerts
2022-11-14 08:13:47 +01:00
5e2a55ecad
add debug
2022-11-13 22:10:01 +01:00
c597d9fbaa
add fixme
2022-11-13 21:55:13 +01:00
8b43d43e35
reverseproxy: compare the cert path on cert renewal
...
fqdn will not match for wildcard certs
2022-11-13 18:06:34 +01:00
5447181e41
cert: add some asserts
2022-11-13 17:27:05 +01:00
3caf77cee6
cert: add message for fallback cert
2022-11-13 16:59:22 +01:00
2515a0f18f
cert: do not autoclean default cert
2022-11-13 16:56:51 +01:00
9c8f78a059
reverseproxy: simplify certificate renewal
...
An issue was that mail container was not getting refreshed with the up to
date certs. The root cause is that it is refreshed only in the renewCerts()
cron job. If cert renewal was caused by an app task, then the cron job will
skip the restart (since cert is fresh).
The other issue is that we keep hitting 0 length certs when we run out of disk
space. The root cause is that when out of disk space, a cert renewal will
cause cert to be written but since it has no space it is 0 length. Then, when
the user tries to restart the server, the box code does not write the cert again.
This change fixes the above two including:
* To simplify, we use the fallback cert only if we failed to get a LE cert. Expired LE certs
will continue to be used. nginx is fine with this.
* restart directory as well on renewal
2022-11-13 11:55:12 +01:00
f917eb8f13
rename variable
2022-11-11 16:21:28 +01:00
d19c7ac3e3
Return repository info in app rest api
2022-11-10 20:00:55 +01:00
f61131babf
Amend app.repository depending on presence and value of dockerImage
2022-11-10 18:12:13 +01:00
e9eeab074a
Clarify error message further
2022-11-10 13:50:28 +01:00
3477cf474f
security: do not password reset mail to cloudron owned mail domain
...
https://forum.cloudron.io/topic/7951/privilege-escalation-through-mail-manager-role
2022-11-10 12:59:03 +01:00
d49c171c79
mail: fix 100% cpu use with unreachable servers
2022-11-09 23:04:05 +01:00
Girish Ramakrishnan