jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
18,518 Commits 33 Branches 583 Tags
ab0f8fc08163b6e00a4e6f414003d2d1a20d8c7d
Commit Graph

731 Commits

Author SHA1 Message Date
Girish Ramakrishnan
e39a5c8872 preserve env in backuptask.js 2017-09-22 11:19:44 -07:00
Johannes Zellner
e50e0f730b Make nginx listen on :: for ipv6 2017-09-20 16:33:25 +02:00
Girish Ramakrishnan
84649b9471 Bring back backuptask 
This is required for various small reasons:

* dir iteration with a way to pass messagein back to the upload() easily
* can be killed independently of box code
* allows us to run sync (blocking) commands in the upload logic
 2017-09-19 12:32:38 -07:00
Girish Ramakrishnan
44435559ab Typo 2017-09-19 10:37:45 -07:00
Girish Ramakrishnan
c351660a9a Implement backup rotation 
Always upload to 'snapshot' dir and then rotate it. This will allow
us to keep pushing incrementally to 'snapshot' and do server side
rotations.
 2017-09-18 21:17:34 -07:00
Girish Ramakrishnan
9bed14a3e8 Enable IP6 in unbound 
On some provider (https://www.nine.ch) disabling IPv6 makes unbound
not respond to the DNS queries.

Also, I was unable to test with prefer-ip6 to 'no' because unbound fails:

unbound[5657]: /etc/unbound/unbound.conf.d/cloudron-network.conf:8: error: unknown keyword 'no'
unbound[5657]: read /etc/unbound/unbound.conf failed: 3 errors in configuration file
 2017-09-18 11:41:02 -07:00
Girish Ramakrishnan
5b77d2f0cf Add commented out debugging section for unbound 2017-09-18 10:38:22 -07:00
Girish Ramakrishnan
6525a467a2 Rework backuptask into tar.js 
This makes it easy to integrate another backup strategy
as the next step
 2017-09-17 18:50:26 -07:00
Girish Ramakrishnan
c8750a3bed merge the logrotate scripts 2017-09-12 22:03:24 -07:00
Girish Ramakrishnan
9710f74250 remove collectd stats when app is uninstalled 2017-09-12 21:34:15 -07:00
Girish Ramakrishnan
9906ed37ae Move mail data inside boxdata directory 
This also makes the noop backend more useful because it will dump things
in data directory and user can back it up as they see fit.
 2017-09-10 00:07:44 -07:00
Girish Ramakrishnan
9026c555f9 snapshots dir is not used anymore 2017-09-09 22:13:15 -07:00
Girish Ramakrishnan
8d2f3b0217 Add note on disabling ssh password auth 2017-09-06 11:36:23 -07:00
Girish Ramakrishnan
fd91ccc844 Update the unbound anchor key 
This helps the unbound recover from any previous out of disk space
situation.

part of #269
 2017-09-03 17:48:26 -07:00
Girish Ramakrishnan
b81a92d407 disable ip6 in unbound as well 
part of #412
 2017-08-31 11:41:35 -07:00
Girish Ramakrishnan
57d5c2cc47 Use IPv4 address to connect to mysql 
Fixes #412
 2017-08-31 10:59:14 -07:00
Girish Ramakrishnan
f34840d127 remove old data migration paths 2017-08-29 13:08:31 -07:00
Girish Ramakrishnan
3aebf51360 Fix upload of large files to apps 
6a0ef7a1c1 broke the upload for apps

e2e test is being added
 2017-08-23 10:22:54 -07:00
Girish Ramakrishnan
6a0ef7a1c1 Allow larger files to be uploaded 
Note that other upload APIs like avatar are still limited to 1m by
the nginx config
 2017-08-20 19:15:54 -07:00
Girish Ramakrishnan
9e558924bb df plugin replaces with _ and not - 
Part of #348
 2017-08-15 09:32:42 -07:00
Girish Ramakrishnan
57891c64b5 use check_output instead 
Aug 14 19:10:46 collectd[12651]: close failed in file object destructor:
Aug 14 19:10:46 collectd[12651]: IOError: [Errno 10] No child processes
 2017-08-14 12:31:58 -07:00
Johannes Zellner
2f51088e67 Add logrotate support for *.log files in /run mounts of apps 
logrotate config files may contain arbitrary commands which are
exectued as root, thus the config files have to be owned by root.
This is the reason we need the sudo scripts :-/

To test the generated scripts, just run:
$ logrotate /etc/logrotate.conf -v

Fixes #396
 2017-08-12 00:04:00 +02:00
Girish Ramakrishnan
5fe73c5a46 Replace df plugin with custom df plugin 
The built-in df plugin cannot do the following:
    * if we choose by type ext4, we want to skip devicemapper (on scaleway)
    * the MountPoint of the appsdata directory is not possible to know at install time

Fixes #398
 2017-08-11 01:39:51 -07:00
Girish Ramakrishnan
86d23a4d35 Switch default storage backend to overlay2 
This does not try to migrate existing cloudrons from devicemapper.
We will possibly do that in a future version.

61e130fb7 takes care of checking that we run on ext4

https://cloudron.io/documentation/server/#using-overlay2-backend-for-docker

Fixes #364
 2017-08-10 14:11:03 -07:00
Girish Ramakrishnan
f17bde2d97 Add motd message for cloudron admins about updates 
Fixes #351
 2017-08-10 12:14:51 -07:00
Girish Ramakrishnan
392492be04 Only collect info on the / mountpoint 
The original intention was to collect information on the data
dirs as well but we have long moved away from that design.
On some VPS like scaleway, this ends up collecting info on
devicemapper stuff (which are on ext4, not sure why).

In future, we should collect info of other disks as well (#348)

Fixes #389
 2017-08-03 11:45:23 -07:00
Girish Ramakrishnan
eb99f8b844 escape and quote the robotsTxt when templating 
for now, we restrict the string length to 4096 since that is what
nginx allows
 2017-07-23 19:56:28 -07:00
Girish Ramakrishnan
db7a4b75ae log the host in nginx logs 2017-07-21 09:43:44 -07:00
Girish Ramakrishnan
b5aed7b00a Set full path for nginx access log 2017-07-18 21:49:12 -07:00
Dick Tang
67486b8177 add X-Forwarded-Port in nginx reverse proxy for jetpack 
jetpack require X-Forward for the port, or "requested method jetpack.jsonAPI does not exist"
ref: https://github.com/ViBiOh/docker-wordpress/issues/1
 2017-07-18 15:58:46 +00:00
Girish Ramakrishnan
6dd4d40692 parse and save zoneName to cloudron.conf 
part of #377
 2017-07-17 09:16:06 -07:00
Girish Ramakrishnan
acd00222e5 Allow per-app configuration of robots.txt 
https://developers.google.com/search/reference/robots_txt has
the specification

Part of #344
 2017-07-14 15:25:05 -05:00
Girish Ramakrishnan
49de39a1f3 Set max ttl to 5 minutes 
This means the web ui will atleast work in 5 minutes.

Fixes #373
 2017-07-07 09:50:29 -05:00
Girish Ramakrishnan
50e712a93e preserve existing docker storage driver 
fixes #364
 2017-06-30 16:50:31 -05:00
Girish Ramakrishnan
f45da2efc4 Merge branch 'http2' into 'master' 
Add HTTP/2 support to NGINX configs

See merge request !9
 2017-05-12 23:23:41 +00:00
Girish Ramakrishnan
180cafad0c Fix restore of unencrypted backups 2017-05-08 15:48:32 -07:00
Ian Fijolek
788004245a Add HTTP/2 support to NGINX configs 
This easy fix should improve performance with newer browsers especially
for applications that require many files to be sent over the wire
*cough*Nextcloud11*cough*

NGINX blog post about HTTP/2 support: https://www.nginx.com/blog/nginx-1-9-5/
 2017-05-02 22:00:55 +00:00
Girish Ramakrishnan
be5221d5b8 bash gymnastics for password with spaces 2017-05-01 11:40:08 -07:00
Girish Ramakrishnan
b531922175 do not quote the argument 2017-04-30 22:17:23 -07:00
Girish Ramakrishnan
6cbf64b88e use openssl password only when restore key is non-empty or backup ends with .enc 2017-04-28 15:00:17 -07:00
Girish Ramakrishnan
8deadece05 handle null tlsCert and tlsKey 2017-04-25 17:29:26 -07:00
Girish Ramakrishnan
41edd3778d Merge branch 'dns-fixes' into 'master' 
Set DNS per container rather than the daemon

Closes #307

See merge request !6
 2017-04-25 17:06:31 +00:00
Girish Ramakrishnan
a0e122e578 Try to make tests work again 2017-04-23 18:03:40 -07:00
Girish Ramakrishnan
8c011ea9b0 setup: do not dump sensitive fields in args 2017-04-22 11:57:00 -07:00
Johannes Zellner
8a76788e7a From this version on encrypted backups don't use the openssl implicit salt 2017-04-21 10:58:52 +02:00
Ian Fijolek
f0ba126156 Move dns-search from daemon to client as well 
Verified no regression of #130
 2017-04-20 21:33:16 +00:00
Ian Fijolek
9dd51575ab Set DNS per container rather than the daemon 
All Cloudron containers need to have the nameserver 172.18.0.1. This was
being done at the daemon level, however since there are also iptables
rules restricting access to the nameserver from containers that aren't
on the Cloudron Docker network, this broke DNS for non-Cloudron
containers.

Since the DNS is only required for Cloudron containers in the first
place, this patch specifies 172.18.0.1 as the nameserver when Cloudron
creates a container and reverts the change at the daemon level
 2017-04-20 19:02:10 +00:00
Johannes Zellner
d9a0bf457d Don't make backup files executable 2017-04-20 16:02:13 +02:00
Johannes Zellner
a94d44da75 Add generic node.sh to run node apps as root and with memory limitations 2017-04-20 15:20:11 +02:00
Johannes Zellner
dda16331f6 Remove unused rmbackup.sh 2017-04-17 20:26:06 +02:00