jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
15,830 Commits 33 Branches 583 Tags
ab035a2afe170cc0f9ce64dae76e28ca52e4e4f4
Commit Graph

8424 Commits

Author SHA1 Message Date
Girish Ramakrishnan
d2f0bb2b44 sftp: ed25519 keys 2023-03-09 11:03:13 +01:00
Girish Ramakrishnan
d20958760b rename constant to have RSA in it 2023-03-09 10:36:49 +01:00
Girish Ramakrishnan
d1398659a3 Move sftp to new base image 2023-03-09 09:18:26 +01:00
Girish Ramakrishnan
5d425fbce5 Update graphite 2023-03-09 01:55:12 +01:00
Girish Ramakrishnan
2402bf45f4 hold off on mongodb update because it needs avx 2023-03-09 00:44:58 +01:00
Girish Ramakrishnan
b9a484f72e Update mongodb 2023-03-08 23:44:21 +01:00
Girish Ramakrishnan
8448d28f6f Implement HSTS preload 
This allows browsers to query https directly instead of the initial http redirect

https://hstspreload.org/#opt-in says it should be explicitly opt in
 2023-03-06 11:46:05 +01:00
Girish Ramakrishnan
5bbeb1196a add root as reserved name for gogs 2023-03-05 10:52:30 +01:00
Girish Ramakrishnan
9cd3874b57 mysql: set secure_file_priv 2023-03-02 21:20:46 +01:00
Girish Ramakrishnan
03a77ddf01 Fix validation of hostPath 
When adding a volume, this comes in mountOptions. The hostPath in the
database is the computed host path.
 2023-02-25 23:41:11 +01:00
Girish Ramakrishnan
abacc60181 tls: fix wildcard alias cert file names 
also, do not provision redirect certs. redirect domains can never
hit the server anyway.
 2023-02-25 20:22:09 +01:00
Girish Ramakrishnan
dbbe93955c acme2: add bare domain to altNames when requesting wildcard cert 
this is primarily to support DoT + ClientID. the adguard package
can now use this cert when the DoT port is enabled.

we thought of adding a "dot: true" flag for the manifest. that flag
would request a special wildcard cert as well as setup the dns. setting
up the dns is complicated ux wise because it would be totally hidden
from the user. It's better they add an alias and thus we make things
a bit more explicit (what if user was using the wildcard domain for something
else etc).
 2023-02-25 20:22:09 +01:00
Johannes Zellner
bfeea414d8 Use sftp 3.6.2 2023-02-25 15:38:41 +01:00
Girish Ramakrishnan
edf87739fc eventlog: only prune login and logout events 2023-02-25 01:20:43 +01:00
Girish Ramakrishnan
582994b9d6 addons: stable IPv4 addresses 
give addons static IPv4 so one can reliably connect from outside via
SSH tunnel
 2023-02-21 12:20:44 +01:00
Girish Ramakrishnan
8c59528cc2 eventlog: keep 3 months 2023-02-21 10:38:15 +01:00
Girish Ramakrishnan
f9ec2bc06a cloudflare: add config for default value of proxied 2023-02-11 10:07:46 +01:00
Girish Ramakrishnan
3bdc5731ea syncDns: sync secondary dns records 2023-02-08 23:16:48 +01:00
Girish Ramakrishnan
c33266ce03 dyndns: update secondary/redirect/alias domains as well 2023-02-08 23:07:53 +01:00
Girish Ramakrishnan
d4be2b54a2 typo 2023-02-02 11:32:42 +01:00
Girish Ramakrishnan
e856681b3a typo 2023-02-01 21:52:15 +01:00
Girish Ramakrishnan
c07c8b5bb8 ubuntu 18: systemd kill ends up killing the script itself 
This is because KillMode=control-group by default
 2023-02-01 18:50:45 +01:00
Girish Ramakrishnan
7bbc7c2306 ubuntu 18: ExecReload does not work 2023-02-01 17:28:05 +01:00
Girish Ramakrishnan
c2a7e0f092 lint 2023-02-01 15:43:59 +01:00
Girish Ramakrishnan
54add73d2a reverseproxy: LE backdates certs by an hour 
https://community.letsencrypt.org/t/valid-from-date-on-cert-off-by-1-hour/103239
 2023-02-01 12:52:37 +01:00
Girish Ramakrishnan
3f70edf3ec print subject and fix notBefore parsing 2023-02-01 12:38:29 +01:00
Girish Ramakrishnan
c63e0036cb typo 2023-02-01 12:28:46 +01:00
Girish Ramakrishnan
3b9486596d reverseproxy: force renewal only renews if not issued in last 5 mins 
otherwise, this leads to repeated renewals in checkCerts
 2023-02-01 11:18:39 +01:00
Girish Ramakrishnan
eddfd20f24 reverseproxy: get dates 2023-02-01 11:05:50 +01:00
Girish Ramakrishnan
690df0e5c4 reverseproxy: add option to force renewal for e2e 2023-01-31 23:45:17 +01:00
Girish Ramakrishnan
ce9e78d23b reverseproxy: fix issue where renewed certs are not written to disk 2023-01-31 17:58:28 +01:00
Girish Ramakrishnan
2759b6268e backup cleaner: use object.assign instead 2023-01-31 11:46:46 +01:00
Johannes Zellner
6f84fd3f71 Use correct error object to avoid crash 2023-01-31 11:29:55 +01:00
Girish Ramakrishnan
02b6aa93cb backup cleaner: do not delete mail snapshot 2023-01-31 10:58:51 +01:00
Girish Ramakrishnan
ebd970d3f4 backup cleaner: better error messages 2023-01-31 10:56:37 +01:00
Girish Ramakrishnan
af7a5d2182 updater: better error message 2023-01-30 12:54:25 +01:00
Girish Ramakrishnan
5fc92240bb proxyauth: ensure ascii in x-remote-name 2023-01-30 12:45:24 +01:00
Johannes Zellner
10e07fa300 Add disk speeds to disk usage data 2023-01-27 21:05:25 +01:00
Johannes Zellner
016e0e8809 Give correct error if appstore login requires 2fa 2023-01-27 12:15:03 +01:00
Girish Ramakrishnan
2b260c873f cname fix again 
e4d9dbb558 left out this line by mistake
 2023-01-26 12:55:38 +01:00
Girish Ramakrishnan
e4d9dbb558 dns: resolve cname records using unbound 
cname record can be external and the original NS may not respond to
recursive queries
 2023-01-25 09:57:57 +01:00
Johannes Zellner
917b6d113b lsblk output changes based on query flags 2023-01-24 15:59:18 +01:00
Johannes Zellner
8298e26881 Only list ext4 block devices 2023-01-24 15:59:18 +01:00
Girish Ramakrishnan
b2d072f2e6 backups: always test the mount 
It's possible that the current credentials do not work. For example,
CIFS is disabled in hetzner's control panel. In such cases, we skip the
mount check and then fail later in some filesystem error. This misleads
the user.

https://forum.cloudron.io/topic/8391/cloudronbackup-folder-disappears-when-trying-to-restore
 2023-01-24 15:06:15 +01:00
Johannes Zellner
8ab7a4ff58 Stay compatible with ubuntu's util-linux package 2023-01-23 18:50:13 +01:00
Johannes Zellner
a6fdb96fbf Add route to list all blockdevices 2023-01-23 17:56:01 +01:00
Girish Ramakrishnan
3dcd4f9da3 typo 2023-01-23 10:20:19 +01:00
Girish Ramakrishnan
69d4404b05 mail: update haraka to 3.0.1 2023-01-23 09:48:02 +01:00
Girish Ramakrishnan
4aa67ba1f8 mysql: fix default collation during restore 2023-01-20 18:03:11 +01:00
Johannes Zellner
2cca9c8a90 Add some backup schedulePattern tests 2023-01-19 19:05:44 +01:00