jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
9,062 Commits 33 Branches 583 Tags
531d314e25aa86afbc8b26a77f1f7e87f43fb6c8
Commit Graph

5835 Commits

Author SHA1 Message Date
Girish Ramakrishnan
531d314e25 Show error message if gpg failed 2020-04-11 17:11:55 -07:00
Girish Ramakrishnan
1ab23d2902 fix indexOf value comparison 2020-04-11 14:21:05 -07:00
Girish Ramakrishnan
b3496e1354 Add ECDHE-RSA-AES128-SHA256 to cipher list 
one of our users had the site reverse proxied. it broke after the
5.1 cipher change and they nailed it down to using this cipher.

https://security.stackexchange.com/questions/72926/is-tls-ecdhe-rsa-with-aes-128-cbc-sha256-a-safe-cipher-suite-to-use
says this is safe

The following prints the cipher suite:

    log_format combined2 '$remote_addr - [$time_local] '
        '$ssl_protocol/$ssl_cipher '
        '"$request" $status $body_bytes_sent $request_time '
        '"$http_referer" "$host" "$http_user_agent"';
 2020-04-10 09:49:06 -07:00
Girish Ramakrishnan
2efa0aaca4 serve custom well-known documents via nginx 2020-04-09 00:15:56 -07:00
Girish Ramakrishnan
ef9aeb0772 Bump default version for tests 2020-04-08 14:24:58 -07:00
Girish Ramakrishnan
c382fc375e Set the resetTokenCreationTime in invitation links 2020-04-08 13:11:24 -07:00
Girish Ramakrishnan
2544acddfa Fix crash with misconfigured reverse proxy 
https://forum.cloudron.io/topic/2288/mastodon-terminal-not-starting
 2020-04-08 09:43:43 -07:00
Johannes Zellner
85a897c78c Remove console.log debug leftover 2020-04-08 11:48:12 +02:00
Girish Ramakrishnan
6adf5772d8 update turn config to prevent internal access 
https://www.rtcsec.com/2020/04/01-slack-webrtc-turn-compromise/
 2020-04-07 15:37:31 -07:00
Girish Ramakrishnan
5515324fd4 coturn -> turn in docker repo name 2020-04-02 19:51:14 -07:00
Girish Ramakrishnan
e72622ed4f Fix crash during auto-update 2020-04-02 19:47:29 -07:00
Girish Ramakrishnan
e821733a58 add note on exposed ports 2020-04-02 18:09:26 -07:00
Girish Ramakrishnan
a03c0e4475 mail: disable hostname validation 2020-04-02 15:00:11 -07:00
Girish Ramakrishnan
e7dc77e6de bump mail container for mailbox size fix 2020-04-01 16:31:07 -07:00
Girish Ramakrishnan
e240a8b58f add comment on the struct 2020-04-01 16:26:16 -07:00
Johannes Zellner
ef64b2b945 Use coturn addon tag 1.0.0 2020-04-01 21:50:21 +02:00
Johannes Zellner
f6cd33ae24 Set turn secret for apps 2020-04-01 21:50:09 +02:00
Girish Ramakrishnan
dd109f149f mail: fix eventlog db perms 2020-04-01 12:24:54 -07:00
Girish Ramakrishnan
5b62d63463 clear mailbox on update and restore 
part of #669
 2020-03-31 17:51:27 -07:00
Girish Ramakrishnan
3fec599c0c remove mail domain add/remove API 
merge this as a transaction into domains API

fixes #669
 2020-03-31 14:48:19 -07:00
Girish Ramakrishnan
e30ea9f143 make mailbox domain nullable 
for apps that do not use sendmail/recvmail addon, these are now null.
otherwise, there is no way to edit the mailbox in the UI

part of #669
 2020-03-31 11:26:19 -07:00
Johannes Zellner
7cb0c31c59 Also restart turn server on dashboard domain change 2020-03-31 14:52:09 +02:00
Johannes Zellner
b00a7e3cbb Update turn addon 2020-03-31 10:55:41 +02:00
Johannes Zellner
e63446ffa2 Support persistent turn secret 2020-03-31 09:28:57 +02:00
Girish Ramakrishnan
580da19bc2 Less strict dmarc validation 
fixes #666
 2020-03-30 19:32:25 -07:00
Girish Ramakrishnan
936f456cec make reset tokens only valid for a day 
fixes #563

mysql timestamps cannot be null. it will become current timestamp when
set as null
 2020-03-30 17:13:31 -07:00
Girish Ramakrishnan
5d6a02f73c mysql: create the my.cnf in run time dir 2020-03-30 16:32:54 -07:00
Girish Ramakrishnan
3e6b66751c typoe in assert 2020-03-30 15:17:34 -07:00
Johannes Zellner
f78571e46d Support reserved port ranges 2020-03-30 10:01:52 +02:00
Johannes Zellner
5ac9c6ce02 add turn,stun ports to RESERVED ones 
We still need to protect the TURN port range
 2020-03-30 08:30:06 +02:00
Johannes Zellner
1110a67483 Add turn addon setup and teardown calls 2020-03-30 08:24:52 +02:00
Girish Ramakrishnan
57bb1280f8 better error message 2020-03-29 20:12:59 -07:00
Girish Ramakrishnan
25c000599f Fix assert (appStoreId is optional) 2020-03-29 19:12:07 -07:00
Girish Ramakrishnan
86f45e2769 Fix failing test 2020-03-29 18:55:44 -07:00
Girish Ramakrishnan
7110240e73 Only a Cloudron owner can install/update/exec apps with the docker addon 
this should have been part of f1975d8f2b
 2020-03-29 18:52:37 -07:00
Girish Ramakrishnan
1da37b66d8 use resource pattern in apps routes 
this makes it easy to implement access control in route handlers
 2020-03-29 17:11:10 -07:00
Girish Ramakrishnan
f1975d8f2b only owner can install/repair/update/exec docker addon apps 2020-03-29 16:24:04 -07:00
Girish Ramakrishnan
f407ce734a restrict the app to bind mount under /app/data only 
rest have to be volumes
 2020-03-29 13:57:45 -07:00
Girish Ramakrishnan
f813cfa8db Listen only on the docker interface 2020-03-29 13:11:16 -07:00
Girish Ramakrishnan
d5880cb953 TODO block is obsolete 2020-03-29 13:10:19 -07:00
Girish Ramakrishnan
95da9744c1 Prefix env vars with CLOUDRON_ 2020-03-29 09:35:34 -07:00
Girish Ramakrishnan
85c3e45cde remove oauth addon code 2020-03-29 09:35:34 -07:00
Johannes Zellner
520a396ded Use turn server with certificates 2020-03-29 09:32:48 +02:00
Johannes Zellner
13ad611c96 Remove ssh related settings from the turn container config 2020-03-29 09:32:48 +02:00
Johannes Zellner
c1de62acef Update coturn 2020-03-29 07:30:42 +02:00
Girish Ramakrishnan
acc2b5a1a3 remove unused param 2020-03-28 22:05:43 -07:00
Johannes Zellner
710046a94f Add coturn addon service 2020-03-28 22:46:32 +01:00
Johannes Zellner
b366b0fa6a Stop container with isCloudronManged labels instead of by network 2020-03-28 22:46:32 +01:00
Johannes Zellner
6178bf3d4b Update sftp addon 2020-03-27 14:54:35 +01:00
Girish Ramakrishnan
9faae96d61 make app password work with sftp 2020-03-26 21:50:25 -07:00