cloudron-box

Author	SHA1	Message	Date
Girish Ramakrishnan	15e0f11bb9	acme: handle LE validation type cache logic LE stores the validation type for 60 days. So, if we authorized via http previously, we won't get a DNS challenge for that duration. There are two ways to fix this: * Deactivate the challenges - https://community.letsencrypt.org/t/authorization-deactivation/19860 and https://community.letsencrypt.org/t/deactivate-authorization/189526 * Just be able to handle dns or http challenge, whatever is asked. This is what this commit does. It prefers DNS challenge when possible Other relevant threads: https://community.letsencrypt.org/t/flush-of-authorization-cache/188043 https://community.letsencrypt.org/t/let-s-encrypt-s-vulnerability-as-a-feature-authz-reuse-and-eternal-account-key/21687 https://community.letsencrypt.org/t/http-01-validation-cache/22529	2023-05-02 23:07:32 +02:00
Girish Ramakrishnan	057e4db6c1	use debug instead of console.error	2023-04-30 21:49:34 +02:00
Girish Ramakrishnan	883915c9d3	backups: move mount status to separate route	2023-04-30 17:21:18 +02:00
Girish Ramakrishnan	898413bfd4	convert console.log to debug	2023-04-30 10:18:48 +02:00
Girish Ramakrishnan	aa02d839a7	remove console.log	2023-04-30 10:18:48 +02:00
Girish Ramakrishnan	a4ba3a4dd0	import: backupConfig cannot be null	2023-04-30 10:18:48 +02:00
Johannes Zellner	d2b12ff1ab	oidc: discovery document is explicitly on openid/.well-known instead of .well-known	2023-04-29 14:09:31 +02:00
Girish Ramakrishnan	d7c5e36627	sftp: delete any existing keys since we are committed to regenerating at this point in code	2023-04-27 20:03:56 +02:00
Johannes Zellner	aaf31efd0f	Improve oidc login popup style layout	2023-04-27 16:58:55 +02:00
Johannes Zellner	5b6e6a556a	Apply ACLs to internal oidc clients	2023-04-25 19:35:59 +02:00
Girish Ramakrishnan	2e38e1a79c	nginx: refactor the config	2023-04-24 21:13:01 +02:00
Johannes Zellner	90b5d240a8	Filter internal oidc clients for rest api	2023-04-24 17:16:57 +02:00
Johannes Zellner	0036bf1e2f	Add addon hook to get dynamic environment variables	2023-04-24 15:29:57 +02:00
Johannes Zellner	828e77ad80	Also set sso in configure accordingly for oidc	2023-04-21 15:36:05 +02:00
Johannes Zellner	bd7e931674	Do not throw if oidc addon client already exists	2023-04-21 15:09:49 +02:00
Johannes Zellner	5ac8e89c8e	Set some oidc addon loginRedirectUri default	2023-04-21 12:36:20 +02:00
Girish Ramakrishnan	a846dc5bf1	add bunny	2023-04-21 12:14:06 +02:00
Johannes Zellner	f24e8b7132	Allow csp for form action on openId connect views Only because of chrome and https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action	2023-04-19 18:45:44 +02:00
Girish Ramakrishnan	c4f4f3e914	logs: use %o to format error otherwise, they are printed as multi-line and this messes up tail+date formatting	2023-04-16 10:49:59 +02:00
Johannes Zellner	da38d8a045	oidc: support app addon oidc configs as normal clients	2023-04-14 22:22:04 +02:00
Johannes Zellner	5688b51abc	Add oidc addon configs	2023-04-14 21:18:52 +02:00
Girish Ramakrishnan	b95427cc09	mongodb: allow more time for startup	2023-04-11 10:46:08 +02:00
Girish Ramakrishnan	04bc1e8f56	Wait double the time for container to start up	2023-04-11 09:36:09 +02:00
Girish Ramakrishnan	354eff93b7	disable slowloris prevention: https://github.com/nodejs/node/issues/47421	2023-04-10 10:35:25 +02:00
Girish Ramakrishnan	d26c86f60f	Fix bug where node 18 is returning 408 incorrectly with low header timeouts sporadically	2023-04-07 00:50:55 +02:00
Johannes Zellner	badcc0ac2c	oidc: set application_type to native to skip elaborate web redirect URIs	2023-04-06 13:28:24 +02:00
Johannes Zellner	de72400706	oidc: Allow multiple redirectUris	2023-04-06 12:42:51 +02:00
Johannes Zellner	909c68b924	Only respond to dashboardFqdn for oidc well-known	2023-04-06 10:27:37 +02:00
Johannes Zellner	3b0442c972	Only serve oidc well-known from dashboard domain	2023-04-05 18:11:46 +02:00
Girish Ramakrishnan	4ad26d8874	Set timeout properly in addons (again)	2023-04-05 12:14:35 +02:00
Girish Ramakrishnan	c9f0f300a6	put timeout settings when creating the server	2023-04-05 11:07:15 +02:00
Girish Ramakrishnan	61b7dfa58c	log: date is iso string	2023-04-04 19:12:30 +02:00
Girish Ramakrishnan	42a4912cc7	logs: prepend date and append newline	2023-04-04 18:58:50 +02:00
Johannes Zellner	8f4c86c1b4	oidc: add clients.tokenSignatureAlgorithm	2023-04-04 16:43:10 +02:00
Johannes Zellner	187389638c	oidc: add RSA-SHA256 aka rs256 signature algorithm	2023-04-04 11:32:43 +02:00
Girish Ramakrishnan	f40c4b9b2c	notifications: clear email status when message is empty	2023-04-04 11:26:20 +02:00
Girish Ramakrishnan	ca2ebac694	Increase timeout even more	2023-04-04 10:28:15 +02:00
Girish Ramakrishnan	4d12a948ce	Some databases are really big	2023-04-04 09:08:10 +02:00
Girish Ramakrishnan	ab19e58c6d	addons: timeout fix the default value of server.requestTimeout changed to 5mins from 0 in node 18!	2023-04-04 00:20:29 +02:00
Girish Ramakrishnan	cc811522e0	reverseproxy: prevent duplication of STS header	2023-04-02 20:03:57 +02:00
Girish Ramakrishnan	746d5fbf1e	Fix typo (`481b599628`)	2023-04-02 18:19:07 +02:00
Girish Ramakrishnan	8f1c1df48f	support: fix issue where app error tickets cannot be opened	2023-04-02 18:19:03 +02:00
Johannes Zellner	481b599628	Move avatar.png	2023-03-29 23:15:59 +02:00
Girish Ramakrishnan	7af44e1fdd	typo	2023-03-29 22:29:26 +02:00
Girish Ramakrishnan	91a1cbac3e	logs: files can be missing	2023-03-27 18:53:47 +02:00
Girish Ramakrishnan	e4e36ff90c	make it clear it is the flipped IP	2023-03-27 12:11:59 +02:00
Girish Ramakrishnan	b63d6c87ce	logs: order existing logs by date	2023-03-27 11:56:51 +02:00
Girish Ramakrishnan	603f92251e	refactor tail invokation into logtail.sh	2023-03-27 11:39:34 +02:00
Girish Ramakrishnan	456da972e9	stop the oidc server, if it is running	2023-03-27 11:39:34 +02:00
Girish Ramakrishnan	0c4d851492	unbound: take into account dig resolve status	2023-03-26 20:57:15 +02:00

1 2 3 4 5 ...

7949 Commits