jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
4,873 Commits 33 Branches 583 Tags
51d5b96fa1e48f6a8a41c88118b6ba4fc25e6261
Commit Graph

4873 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Johannes Zellner 51d5b96fa1 use "mountpoint" to check if we have the user data mounted v0.109.0 2017-04-05 14:34:18 +02:00
Girish Ramakrishnan 11d12c591e Add 0.109.0 changes 2017-04-05 00:36:24 -07:00
Girish Ramakrishnan 245d17ad25 Fix test image version 2017-04-04 19:13:03 -07:00
Girish Ramakrishnan e05e9c3ead Use latest test-app 2017-04-04 14:47:54 -07:00
Girish Ramakrishnan 8102d431e8 use debug instead 2017-04-04 14:07:28 -07:00
Girish Ramakrishnan 0f76cbbb95 remove temporary authorized_keys file 2017-04-04 14:00:41 -07:00
Girish Ramakrishnan 2a45a9bbd4 test: rate limit is now in nginx 2017-04-04 13:12:50 -07:00
Girish Ramakrishnan e68d627f72 tests: data -> platformdata 2017-04-04 13:11:44 -07:00
Girish Ramakrishnan 1a3e3638ff iptables-restore is not used anymore 2017-04-04 13:00:48 -07:00
Girish Ramakrishnan 8f912d8a1b add note on how to view graphite browser 2017-04-04 12:35:29 -07:00
Girish Ramakrishnan d891058f8c Restore apps if the existingInfra version is not semver (as in, old infra) 2017-04-04 12:15:29 -07:00
Girish Ramakrishnan 71fe094be1 Make platform version a semver 2017-04-04 12:07:53 -07:00
Johannes Zellner da857f520b Only stop apps and addons on data migration 2017-04-04 14:30:45 +02:00
Johannes Zellner 39ff21bdf4 Bump infra version now with a explicit minor version 2017-04-04 12:34:55 +02:00
Johannes Zellner 72dd7c74d5 Introduce major/minor infra versions 
The strategy now is that major infra version changes make apps restore,
whereas minor infra version changes only reconfigure and thus restart
them
 2017-04-04 12:34:55 +02:00
Johannes Zellner 7c7ef15e1c Do not collect data for btrfs file systems 2017-04-04 12:34:55 +02:00
Johannes Zellner b320e15ea7 No need to install btrfs-tools in the base image 2017-04-04 12:34:55 +02:00
Johannes Zellner aa22ab8847 Cleanup the btrfs mounts and the user data file 2017-04-04 12:34:55 +02:00
Johannes Zellner 3e23c3efce Do not move the whole mail folder but only its content 2017-04-04 12:34:55 +02:00
Johannes Zellner c4f96bbd6b Some directory creation fixes 2017-04-04 12:34:55 +02:00
Johannes Zellner 649092ecb0 Fix typo PLATFORM_CONFIG_DIR -> PLATFORM_DATA_DIR 2017-04-04 12:34:55 +02:00
Johannes Zellner 128a3b03c9 Do not use btrfs snapshots for mail on box backup 2017-04-04 12:34:55 +02:00
Johannes Zellner 847ef6626f Also use appsdir in rmappdir.sh 2017-04-04 12:34:55 +02:00
Johannes Zellner 4643daeeec Use appsdata in createappdir.sh 2017-04-04 12:34:55 +02:00
Johannes Zellner 38178afd31 Do not use btrfs snapshots for app backups 2017-04-04 12:34:55 +02:00
Johannes Zellner 9c6324631d Use APPS_DATA_DIR in app backup and restore scripts 2017-04-04 12:34:55 +02:00
Johannes Zellner 3a17bf9a0f Ensure apps and platform data dirs exist 2017-04-04 12:34:55 +02:00
Johannes Zellner 602f8bcd04 Split platform and app data folders and get rid of btrfs volumes 2017-04-04 12:34:55 +02:00
Girish Ramakrishnan 785ae765a4 better error text 2017-04-03 16:54:06 -07:00
Girish Ramakrishnan c85120834c refactor ngTld so it can be used with plain strings 2017-04-03 16:20:32 -07:00
Johannes Zellner 89d36b8ad4 Reset the dns error states on resubmission 2017-04-03 22:36:02 +02:00
Johannes Zellner b9711d7b47 Move AMI instanceId verification to DNS setup 2017-04-03 22:19:01 +02:00
Johannes Zellner 4f9273819a Ensure autofocus on setup.html 2017-04-03 16:45:04 +02:00
Johannes Zellner e0d7850135 Add a tooltip to email field during setup 2017-04-03 16:33:07 +02:00
Girish Ramakrishnan 2c871705c7 Add a referrer policy 2017-03-31 16:11:54 -07:00
Girish Ramakrishnan 2bb99db2c7 Add another blacklist tester 2017-03-30 19:42:14 -07:00
Girish Ramakrishnan 3fc5757e97 doc: Add note on OS updates 2017-03-30 08:35:18 -07:00
Girish Ramakrishnan 92ff19ffce Add 0.108.0 changes 2017-03-29 22:20:13 -07:00
Girish Ramakrishnan e9456f70f9 use connlimit module to rate limit 
hitcount cannot be more than 255 in recent module
 2017-03-29 21:51:24 -07:00
Girish Ramakrishnan ffbda22145 Fine tune rate limits a bit more 2017-03-29 16:03:08 -07:00
Girish Ramakrishnan b92ae44578 Generate 128 byte passwords 2017-03-29 15:38:15 -07:00
Girish Ramakrishnan b6ffc966cd Bump mysql (for increasing multidb password len) 2017-03-29 15:21:49 -07:00
Girish Ramakrishnan b42bc52093 doc: improve rate limit wording 2017-03-29 10:40:02 -07:00
Girish Ramakrishnan 806b458ff1 Move it to the selfhosting guide instead 2017-03-29 10:33:51 -07:00
Girish Ramakrishnan d5d4e237bd doc: add security section 2017-03-29 10:23:08 -07:00
Girish Ramakrishnan 956fe86250 Add firewall service 
Docker really insists on adding itself to the top of the FORWARD
chain. Making our firewall side-steps this docker design.
 2017-03-29 02:31:53 -07:00
Girish Ramakrishnan 4d000e377f Enable iptables based ratelimit for cloudron auth services 
The goal here is to simply add a rate limit to prevent brute
force password attacks.

Covered services includes:
    (public) http, https, ssh, smtp, msa, imap, sieve
    (private) postgres, redis, mysql, ldap, mongodb. msa

The private limits are higher because some apps will create
a db connection for each page request.  Some apps like mailtrain
will send out lots of emails etc.

Note that apps that use SSO are ratelimited by the ldap limit.

Part of #187
 2017-03-29 00:02:05 -07:00
Johannes Zellner 39e827be04 Add rosehosting to the help output if no provider is specified 2017-03-28 10:38:00 +02:00
Girish Ramakrishnan e50b4cb7ec doc: fixup the best practices docs 
Fixes #232
 2017-03-27 15:29:07 -07:00
Johannes Zellner 1938ec635b Remove bestpractices.md as this was already incorporated into the main packaging guide 2017-03-27 16:05:03 +02:00