jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
16,009 Commits 33 Branches 583 Tags
7eda1136eab8c55ea2f34e6461db855fc850a899
Commit Graph

8504 Commits

Author SHA1 Message Date
Johannes Zellner
7eda1136ea oidc: starting with new .json model files is not worth a log line 2024-04-29 09:19:37 +02:00
Girish Ramakrishnan
efa1acddd4 dns: unregister domains if type is disabled 2024-04-27 18:43:31 +02:00
Girish Ramakrishnan
e00db115ad restore: fix crashes 2024-04-27 12:46:37 +02:00
Girish Ramakrishnan
366f247910 oidc: only start in set callback 2024-04-27 11:51:10 +02:00
Girish Ramakrishnan
2a6368af60 remove usage of constants.DASHBOARD_SUBDOMAIN 2024-04-27 11:10:24 +02:00
Girish Ramakrishnan
5420630453 oidc: start the server when dashboard domain is set 
the activation logic has changed to use oidc flow. this requires
the oidc server to be started and available. otherwise, the redirection
after owner creation fails.
 2024-04-27 11:02:50 +02:00
Girish Ramakrishnan
4e39eb89fd const 2024-04-27 10:48:23 +02:00
Girish Ramakrishnan
8a987db177 provision: add route to detect ipv4 and ipv6 2024-04-26 20:53:32 +02:00
Girish Ramakrishnan
126587ba82 lint: constness 2024-04-26 20:09:36 +02:00
Girish Ramakrishnan
860ebcbe6a provision: add activation guard 2024-04-26 20:06:56 +02:00
Girish Ramakrishnan
2da361a1f2 waitfordns: resolve and check against NS' IPv6 address 2024-04-26 19:12:53 +02:00
Girish Ramakrishnan
23e20b9b83 waitfordns: better debugs 2024-04-26 14:46:01 +02:00
Girish Ramakrishnan
2f425f8119 provision: add ipv6 config 2024-04-26 12:20:15 +02:00
Girish Ramakrishnan
f6e4f1aefc network: ipv4 can be disabled 2024-04-25 15:50:42 +02:00
Girish Ramakrishnan
cae2bfbdc2 domains: add desec provider 2024-04-24 21:29:42 +02:00
Girish Ramakrishnan
3787f90283 appstore: bump timeout to 60s instead of 30s 
this timeout is hit on some servers (which have some networking
issue). unfortunately, this triggers a bug in superagent -
https://github.com/ladjs/superagent/issues/1801
 2024-04-23 11:41:51 +02:00
Girish Ramakrishnan
c2326bc5cc oidc: add rate limit for login requests 2024-04-21 20:58:12 +02:00
Johannes Zellner
ec7dabc1c7 oidc: also allow login on aliased app domains 2024-04-19 19:03:23 +02:00
Girish Ramakrishnan
d137cdf881 update cron module 
CronJob -> CronJob.from
CronJob(time) -> CronTime
 2024-04-19 18:31:47 +02:00
Johannes Zellner
4516b0c57c Do not return but continue in a loop 2024-04-19 14:29:41 +02:00
Johannes Zellner
49243822af dashboard: show app checklist 2024-04-19 14:17:54 +02:00
Johannes Zellner
16521d5434 Fix updateChecklist usage 2024-04-19 12:15:13 +02:00
Girish Ramakrishnan
1afa2e87ec mailserver: a056bcfd broke mail server restart 
after proxying, we never restarted the mail server

also add note that restart has to reconfigure
 2024-04-19 10:48:08 +02:00
Johannes Zellner
7d6636bb54 Only add checklist items if they apply due to sso state 2024-04-18 16:05:38 +02:00
Johannes Zellner
3c7e6b59f0 Add initial support for apps.checklist 2024-04-17 16:54:54 +02:00
Johannes Zellner
daa8a60da2 oidc: Inject currently hardcoded CLOUDRON_OIDC_PROVIDER_NAME env var 
This is designed to be used in the packages for the login button:
"Login with ${CLOUDRON_OIDC_PROVIDER_NAME}"
 2024-04-17 15:06:22 +02:00
Johannes Zellner
f231d51d0b Make oidc authproxy login button translatable 2024-04-17 14:21:07 +02:00
Girish Ramakrishnan
a572374ad7 updatechecker: deep compare update object from appstore 
When 'changelog' , 'unstable' fields change the box code is not
getting it.
 2024-04-16 19:30:14 +02:00
Girish Ramakrishnan
1cf315634c appstore: check the type of unstable field 2024-04-16 19:19:27 +02:00
Johannes Zellner
b0d2bdbad9 Make it login with cloudron in authproxy 2024-04-16 14:56:18 +02:00
Johannes Zellner
255fb0cac0 proxyauth: show intermediate login button page 2024-04-16 13:43:12 +02:00
Johannes Zellner
c3be0018fe proxyauth: send user to oidc login instead of /login 2024-04-16 11:29:00 +02:00
Johannes Zellner
1008ec4fa1 proxyauth: remove basic auth login form 2024-04-15 18:52:07 +02:00
Johannes Zellner
21d7438bbe proxyauth: user OpenID instead of basic auth 2024-04-15 15:59:16 +02:00
Girish Ramakrishnan
0a748ac78a better AVX error message 2024-04-15 10:10:13 +02:00
Johannes Zellner
76c4002a04 oidc: Add profile picture claim 2024-04-14 12:05:45 +02:00
Johannes Zellner
36ab5800a3 oidc: enable CORS for internal apps 2024-04-11 19:10:29 +02:00
Girish Ramakrishnan
f11becfcc8 async'ify 
crazy this has gone unnoticed for so long!
 2024-04-10 18:52:39 +02:00
Johannes Zellner
87ae95aa4f Add per-app notes feature 2024-04-10 18:34:58 +02:00
Girish Ramakrishnan
b4e4f26361 Rework cpuShares into cpuQuota 
cpuShares is the relative weight wrt other apps. This is used when
there is contention for CPU. If we want this, maybe we implement
a UI where we show all the apps and let the user re-order them.
As it stands, it is confusing.

cpuQuota is a more straightforward "hard limit" of the CPU% that you
want the app to consume.

Can be tested with : stress -c 8 -t 20s
 2024-04-10 18:25:14 +02:00
Girish Ramakrishnan
efd0be5e2c services: send the default memory limit 2024-04-10 12:42:25 +02:00
Girish Ramakrishnan
8b7dca00af app memory: make slider go till RAM 
anything above RAM is useless
 2024-04-10 12:12:49 +02:00
Girish Ramakrishnan
be2775e12e memoryLimit: redefine to not include swap 
Currently, we allocate 50% as RAM and 50% as swap. The manifest is
usually quite conservative on memory values. This means that we set
up a system where the app is applying memory pressure almost immediately.
This then swaps things randomly and increases cpu usage (kswapd shows
up in the profile).

To rethink the whole situation: we should not cap apps with a swap limit at all.
The memory hard limit is what is important. By redefining memoryLimit , we are
doubling every container's memory and it's good that we over allocate this.
 2024-04-09 18:59:40 +02:00
Girish Ramakrishnan
2b1b304c6e backup/import/restore: fix crash with root path calcuation 
rootPath was calculated before the arguments were validated
 2024-04-09 13:53:48 +02:00
Girish Ramakrishnan
62faf616c5 import: acceptSelfSignedCerts is validated at provider 2024-04-09 13:24:33 +02:00
Girish Ramakrishnan
3f2f4c7c6b restore: acceptSelfSignedCerts is validated by provider 2024-04-09 13:20:01 +02:00
Girish Ramakrishnan
5e49a33e8f backups: rootPath is needed only when testing storage 2024-04-09 13:03:31 +02:00
Girish Ramakrishnan
5fb7d53018 backups: encryptedFilenames and mountOptions are validated at provider level 2024-04-09 12:31:10 +02:00
Girish Ramakrishnan
424a3c2b53 validateEncryptionPassword need not by exported or async 2024-04-09 12:23:43 +02:00
Girish Ramakrishnan
6e629b984b typo in error message 2024-04-09 11:53:58 +02:00