jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
15,840 Commits 33 Branches 583 Tags
8e07b3c96de8c736d91d13a61775c1930abcf9b2
Commit Graph

250 Commits

Author SHA1 Message Date
Girish Ramakrishnan
a6f078330f shell: no need to promise scoping 2024-02-21 19:40:27 +01:00
Girish Ramakrishnan
14c9260ab0 shell: exec encoding is utf8 by default and no shell 
explicitly mark calls that require the shell
 2024-02-21 17:47:25 +01:00
Girish Ramakrishnan
2237d2bbb7 shell: remove usage of .spawn 2024-02-21 13:27:04 +01:00
Girish Ramakrishnan
9b94cf18d0 convert more execSync to async 2024-02-21 11:00:12 +01:00
Johannes Zellner
febd24b203 Expose port count as _COUNT env varible 2024-02-09 15:49:29 +01:00
Johannes Zellner
a82d1ea832 Use portCount from manifest with 1 as default 2024-02-08 18:25:25 +01:00
Johannes Zellner
ec990bd16a WIP: Add some portrange support 2024-02-08 17:39:22 +01:00
Johannes Zellner
5ac9a7f1ef Do not bind to ipv6 for port 53 apps (adguard) 2023-12-14 18:00:03 +01:00
Girish Ramakrishnan
5bae308cae docker: Fix crah when docker has no space 2023-10-09 07:38:57 +05:30
Girish Ramakrishnan
51409d3031 runtimedirs: .cache is already symlinked in base image 2023-09-27 22:21:39 +05:30
Girish Ramakrishnan
eee49a8291 move dashboard setting into dashboard.js 2023-08-11 21:04:10 +05:30
Girish Ramakrishnan
c6db1c70c0 docker: fix image prune 
it seems docker images --digests cloudron/sftp --format "{{.ID}} {{.Repository}}:{{.Tag}}@{{.Digest}}
broke at some point
 2023-08-08 21:21:00 +05:30
Girish Ramakrishnan
67ee82abb9 remove settings.dashboardOrigin 2023-08-04 22:10:14 +05:30
Girish Ramakrishnan
d79d24efad remove settings route entirely, redundant by now 2023-08-04 14:03:04 +05:30
Girish Ramakrishnan
a5e83a4d84 Expose alias domains as CLOUDRON_ALIAS_DOMAINS 
This can be useful for app to set them in trusted hosts. Or alternately,
show different text when accessed from different domains.
 2023-05-25 11:47:41 +02:00
Girish Ramakrishnan
e6ba2a6e7a replace usage of _.extend with Object.assign 2023-05-25 11:45:14 +02:00
Girish Ramakrishnan
500d2361ec replace delay.js with timers/promises 2023-05-14 10:53:50 +02:00
Girish Ramakrishnan
c4f4f3e914 logs: use %o to format error 
otherwise, they are printed as multi-line and this messes up tail+date formatting
 2023-04-16 10:49:59 +02:00
Girish Ramakrishnan
d242afd9fc pass debug object 2023-03-10 12:10:40 +01:00
Girish Ramakrishnan
5e606c50a4 docker: better error message when out of disk space 2023-03-10 12:09:23 +01:00
Girish Ramakrishnan
89127e1df7 reverseproxy: rework cert logic 
9c8f78a059 already fixed many of the cert issues.

However, some issues were caught in the CI:

* The TLS addon has to be rebuilt and not just restarted. For this reason, we now
  move things to a directory instead of mounting files. This way the container is just restarted.

* Cleanups must be driven by the database and not the filesystem . Deleting files on disk or after a restore,
  the certs are left dangling forever in the db.

* Separate the db cert logic and disk cert logic. This way we can sync as many times as we want and whenever we want.
 2022-11-29 11:07:23 +01:00
Girish Ramakrishnan
549cb92ce7 return swap listing in the disk route 2022-11-04 15:25:12 +01:00
Girish Ramakrishnan
2f946de775 make cache folders always writable 2022-10-24 23:58:20 +02:00
Girish Ramakrishnan
d8eb8d23bb manifest: add runtimeDirs 2022-10-24 22:34:06 +02:00
Girish Ramakrishnan
760301ce02 Add docker.df 2022-10-11 23:06:51 +02:00
Girish Ramakrishnan
0250661402 Revert spurious change 2022-09-14 17:59:44 +02:00
Johannes Zellner
bead9589a1 Move app graphs graphite query to backend 2022-09-14 14:39:28 +02:00
Girish Ramakrishnan
d33fd7b886 do not use bundle terminology 
apparently, bundle is also like a cert chain
 2022-07-14 12:39:41 +05:30
Girish Ramakrishnan
6c67f13d90 Use bind mount instead of volume 
see also c76b211ce0
 2022-06-06 15:59:59 -07:00
Girish Ramakrishnan
c76b211ce0 localstorage: remove usage of docker volumes 
just move bind mounts. the initial idea was to use docker volume backends
but we have no plans for this. in addition, usage of volumes means that
files get copied from the image and into volume on first run which is
not desired. people are putting /app/data stuff into images which ideally
should break.
 2022-06-02 11:09:27 -07:00
Girish Ramakrishnan
d366f3107d net_admin: enable IPv6 forwarding in the container 2022-05-19 17:10:05 -07:00
Girish Ramakrishnan
b5c2a0ff44 exec: rework API to get exit code 2022-05-16 11:23:58 -07:00
Girish Ramakrishnan
765f6d1b12 Revert "proxyAuth: use default fallback icon when no appstore icon or custom icon" 
This reverts commit 045c3917c9.

This was committed by mistake, not sure how. 3d28833c35 is the commit
that fixes this issue.
 2022-04-28 17:05:46 -07:00
Girish Ramakrishnan
045c3917c9 proxyAuth: use default fallback icon when no appstore icon or custom icon 2022-04-28 10:48:25 +02:00
Girish Ramakrishnan
43f86674b4 Remove delay module 2022-04-15 07:52:35 -05:00
Girish Ramakrishnan
05d7a7f496 constness 2022-04-14 17:50:41 -05:00
Girish Ramakrishnan
144e98abab image name cannot start with '/' 
https://forum.cloudron.io/topic/6689/cannot-uninstall-custom-app
https://stackoverflow.com/questions/43091075/docker-restrictions-regarding-naming-image
 2022-03-24 10:03:40 -07:00
Girish Ramakrishnan
e0e0c049c8 add link to upstream issue 2022-03-23 09:52:17 -07:00
Girish Ramakrishnan
af42008fd3 Enable IPv6 on new interfaces with net_admin cap 2022-03-12 09:14:37 -08:00
Girish Ramakrishnan
c100be4131 dns: filter out link local addresses 
Unlike IPv4, IPv6 requires a link-local address on every network interface on which the IPv6 protocol is enabled, even when routable addresses are also assigned
 2022-03-01 12:13:59 -08:00
Girish Ramakrishnan
6f7bede7bd listen on ipv6 as well for port 53 2022-02-17 11:56:08 -08:00
Girish Ramakrishnan
ca83deb761 Docker IPv6 support 
Docker's initial IPv6 support is based on allocating public IPv6 to containers.
This approach has many issues:
* The server may not get a block of IPv6 assigned to it
* It's complicated to allocate a block of IPv6 to cloudron server on home setups
* It's unclear how dynamic IPv6 is. If it's dynamic, then should containers be recreated?
* DNS setup is complicated
* Not a issue for Cloudron itself, but with -P, it just exposed the full container into the world

Given these issues, IPv6 NAT is being considered. Even though NAT is not a security mechanism as such,
it does offer benefits that we care about:
* We can allocate some private IPv6 to containers
* Have docker NAT66 the exposed ports
* Works similar to IPv4

Currently, the IPv6 ports are always mapped and exposed. The "Enable IPv6" config option is only whether
to automate AAAA records or not. This way, user can enable it and 'sync' dns and we don't need to
re-create containers etc. There is no inherent benefit is not exposing IPv6 at all everywhere unless we find
it unstable.

Fixes #264
 2022-02-09 23:54:53 -08:00
Girish Ramakrishnan
964c1a5f5a remove field from errors 
we have standardized on indexOf in error.message by now
 2022-02-07 13:44:29 -08:00
Girish Ramakrishnan
43759061a4 set secondaryDomains environment variables 
part of #809
 2022-01-21 11:35:01 -08:00
Girish Ramakrishnan
3d57b2b47c docker: loop through the ip net addr output 
all of a sudden, my linux box has the actual address in [1].

ip -f inet -j addr show wlp2s0

[{
        "addr_info": [{}]
    },{
        "ifindex": 3,
        "ifname": "wlp2s0",
        "flags": ["BROADCAST","MULTICAST","UP","LOWER_UP"],
        "mtu": 1500,
        "qdisc": "mq",
        "operstate": "UP",
        "group": "default",
        "txqlen": 1000,
        "addr_info": [{
                "family": "inet",
                "local": "192.168.1.8",
                "prefixlen": 24,
                "broadcast": "192.168.1.255",
                "scope": "global",
                "dynamic": true,
                "noprefixroute": true,
                "label": "wlp2s0",
                "valid_life_time": 78146,
                "preferred_life_time": 78146
            }]
    },{
        "addr_info": [{}]
    },{
        "addr_info": [{}]
    }
]
 2021-12-22 16:48:00 -08:00
Girish Ramakrishnan
683ac9b16e remove support for manifest version 1 
this is long untested by now
 2021-12-06 17:44:09 -08:00
Girish Ramakrishnan
7413ccd22e Fix some more crashes 2021-08-26 21:29:40 -07:00
Girish Ramakrishnan
f5c169f881 Fix service status 2021-08-26 21:18:20 -07:00
Girish Ramakrishnan
42774eac8c docker.js and services.js: async'ify 2021-08-26 18:23:31 -07:00
Girish Ramakrishnan
62eb4ab90e Fix addon crash 
getAddonConfigByName returns null now when not found
 2021-08-22 15:41:42 -07:00