jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
15,649 Commits 33 Branches 583 Tags
8771158f10d659b75453b16b4f71a3b6e6bafce2
Commit Graph

15649 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Girish Ramakrishnan 8771158f10 Fix test 2024-01-13 21:29:40 +01:00
Girish Ramakrishnan 46a589f794 Use BAD_STATE consistently for demo mode 2024-01-13 21:15:41 +01:00
Girish Ramakrishnan a007a8e40c externalldap: sync log history 2024-01-13 16:50:10 +01:00
Girish Ramakrishnan 6e42cf4ec5 externalldap: available on all plans 
looks like an oversight that this needs a subscription
 2024-01-13 16:49:35 +01:00
Girish Ramakrishnan 257dc4e271 external ldap: run syncer every 4 hours 
hardcoded for now but we should make this configurable
 2024-01-13 15:53:14 +01:00
Girish Ramakrishnan 4136272382 externalldap: add eventlog 2024-01-13 13:22:26 +01:00
Girish Ramakrishnan 4f9e43859c directoryserver: comments can be provided in allowlist 2024-01-13 12:54:10 +01:00
Girish Ramakrishnan b57ad9b8c1 directoryserver: allowlist always needs a single IP/range 2024-01-13 12:30:43 +01:00
Girish Ramakrishnan b8c297b178 ldap allow list is not a json 2024-01-13 12:29:00 +01:00
Girish Ramakrishnan a389b863f9 directory server: add eventlog entry 2024-01-13 12:24:28 +01:00
Girish Ramakrishnan 40c82b3e48 external directory: reset auth source when disabled 
this allows existing users to login (including the owner itself)

The alternative is to have some system where we have unique superadmin users across cloudrons which don’t get trampled upon by a sync. This is a bit unrealistic. For the future, we could also design this such that ldap auth is asked for in the initial step i.e at superadmin creation time.

If LDAP connection is lost/down, user can always use 'cloudron-support —owner-login'
 2024-01-13 11:51:12 +01:00
Girish Ramakrishnan 2ca94f3159 user: remove make local feature 
we discussed a bit on what this does and it's confusing as it stands:

* Use case of this is lost in the realms of time
* Possible guess by is that it was to move users of different Cloudron to a central cloudron
* Currently, the design is a bit flawed because the make user local button doesn’t pin the user. The state is lost in next synchronization.
* Maybe, one should use export/import user for this use case
* Let’s disable this button for now, feature is not complete.
 2024-01-13 11:02:25 +01:00
Girish Ramakrishnan 33a97d0e50 cloudflare: validate response fields 2024-01-12 14:52:24 +01:00
Girish Ramakrishnan cef0b6d0d8 test: bump retries 2024-01-11 16:31:12 +01:00
Girish Ramakrishnan 7a5e990ad4 email: rewrite loading of email status using async 
we start a bunch of requests in the background for each domain. when
we switch views immediately, to say the eventlog, these requests are
still active in the background.

canceling the requests will require a much bigger refactor.

https://forum.cloudron.io/topic/10434/email-event-log-loading-very-slowly-seems-tied-to-overall-email-domain-list-health-checks
 2024-01-09 17:34:54 +01:00
Girish Ramakrishnan ca31dc8d78 namecheap: fix TLD 
continuation of 6cdb448f62
 2024-01-09 09:44:24 +01:00
Girish Ramakrishnan 5b7667fa4d external ldap: ensure dashboard login does totp check 2024-01-08 11:55:35 +01:00
Girish Ramakrishnan 6cdb448f62 namecheap: pass the TLD correctly 
this is safe because namecheap does not allow external domains to be hosted.
otherwise, we would have to use tldjs
 2024-01-08 11:54:37 +01:00
Girish Ramakrishnan 053f81a53e externalldap: add tests 2024-01-07 22:04:22 +01:00
Girish Ramakrishnan c842d02d6f namecheap: slow down requests for rate limit 
https://www.namecheap.com/support/knowledgebase/article.aspx/9739/63/api-faq/#z
 2024-01-07 22:01:42 +01:00
Girish Ramakrishnan 4ddcd547ba directoryserver: leave it to client to decide totp check 
initially, the idea was to make the server enforce it. this is more secure. however,
we have 3 kinds of clients - an external cloudron dashboard which needs totp,
an external cloudron app, which doesn't have totp and external apps that don't have totp either.

given that the directory server is IP restricted, this is a reasonable compromise until
we move wholesale to oidc.

a directoryserver setting like "enforce totp" also does not work since this policy will be
applied to all clients.
 2024-01-07 20:38:36 +01:00
Girish Ramakrishnan 7bb68ea6b5 rename ldap.js to ldapserver.js 
this makes it clearer it is server module and not some generic ldap thing
 2024-01-06 13:31:32 +01:00
Girish Ramakrishnan e13f427267 directoryserver: 2fa validation tests 2024-01-06 13:25:12 +01:00
Girish Ramakrishnan c422e2d570 users: add tests for 2fa and relaxed 2fa 2024-01-06 13:15:55 +01:00
Girish Ramakrishnan b3f91c4868 make branding and email config available to admin 2024-01-04 21:46:46 +01:00
Johannes Zellner 19dd56c160 filemanager: Skip rename if name didn't change 2024-01-04 16:00:28 +01:00
Johannes Zellner c577d3d91f filemanager: ask user for confirmation on rename conflict 2024-01-04 15:47:26 +01:00
Johannes Zellner 4f57bed03a Update translation 2024-01-04 15:46:59 +01:00
Johannes Zellner 29663a1229 Update sftp addon 2024-01-04 11:59:56 +01:00
Johannes Zellner d9d4798f69 frontend: update dependencies 2024-01-04 11:59:48 +01:00
Girish Ramakrishnan 32d3c0b920 cloudron-support: suppress mysql message 2024-01-03 22:01:53 +01:00
Girish Ramakrishnan 2224ccab7c fix doc links 2024-01-03 21:25:37 +01:00
Johannes Zellner 8d3d3ba875 dashboard: fix crash on uninstalled app 2024-01-03 18:49:49 +01:00
Johannes Zellner 4ad2b2829b dashboard: remove console.log 2024-01-03 18:48:49 +01:00
Girish Ramakrishnan 1ca46a064c ldap: use proper error message instead of dn 
the dn is already in lde_dn field of the error object.
lde_message is the message
 2024-01-03 15:23:22 +01:00
Girish Ramakrishnan e42579521c Fix tests 2024-01-03 15:12:07 +01:00
Girish Ramakrishnan 96be06188b ldap: send proper error messages 2024-01-03 15:12:07 +01:00
Johannes Zellner 10172e0211 Add login busy indicator 2024-01-03 14:55:07 +01:00
Girish Ramakrishnan 70c8a5a6be directoryserver: totp check must be enforced 2024-01-03 14:40:51 +01:00
Johannes Zellner af42f150f2 Update sftp addon 2024-01-03 13:20:32 +01:00
Girish Ramakrishnan ba16fdaf60 domain: handle alias domain conflict during deletion 2024-01-02 17:18:37 +01:00
Girish Ramakrishnan c5480bfcc1 mail: update limit plugin 2024-01-02 15:50:34 +01:00
Girish Ramakrishnan 79448e9ff9 oidc: fix error message with correct username but bad password 2023-12-29 18:15:33 +01:00
Girish Ramakrishnan e49398eb47 Bump request timeout to a minute, some servers are just too slow 2023-12-29 16:19:52 +01:00
Girish Ramakrishnan fa842034ed update: continue to update apps if box update never starts 
https://forum.cloudron.io/topic/10699/no-automatic-app-updates-with-pending-box-update
v7.6.3 		2023-12-28 12:16:03 +01:00
Girish Ramakrishnan 672b472359 hetzner: typo in error message 2023-12-27 20:41:34 +01:00
Girish Ramakrishnan 37ed87f9c1 route53: retry on rate limit 
route53 has a limit of 5 req/sec/region - https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html#limits-api-requests

see https://forum.cloudron.io/topic/10656/improve-dns-updates-to-avoid-rate-limits/
 2023-12-27 12:23:09 +01:00
Johannes Zellner 25ba312636 Use postgres addon with pgvecto_rs extension 2023-12-22 22:45:41 +01:00
Johannes Zellner 340ea3fe9b Fix variable usage bug for noop backup provider 2023-12-18 13:23:40 +01:00
Girish Ramakrishnan d264f8b05c cloudron-support: box check 2023-12-15 15:45:29 +01:00