jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
11,130 Commits 33 Branches 583 Tags
ac00225a75e61b3b5eb85df69a49adf80000eb4e
Commit Graph

892 Commits

Author SHA1 Message Date
Girish Ramakrishnan
c9f7b9a8a6 backups: make filename encryption optional 2022-06-26 09:37:22 -07:00
Girish Ramakrishnan
69e0f2f727 7.2.5 changes 
(cherry picked from commit 131f823e57)
 2022-06-23 10:27:57 -07:00
Girish Ramakrishnan
1f2d596a4a 7.2.4 changes 
(cherry picked from commit 61a1ac6983)
 2022-06-10 13:31:46 -07:00
Girish Ramakrishnan
544ca6e1f4 initial xfs support 2022-06-08 10:58:00 -07:00
Girish Ramakrishnan
dddc5a1994 migrate app dataDir to volumes 2022-06-02 16:29:01 -07:00
Girish Ramakrishnan
2dea7f8fe9 sendmail: restrict few characters in the display name 2022-06-01 08:13:19 -07:00
Girish Ramakrishnan
176e917f51 update 7.2.3 changes 2022-05-31 13:27:00 -07:00
Girish Ramakrishnan
5ee9feb0d2 If disk name has '.', replace with '_' 
graphite uses . as the separator between different metric parts

see #348
 2022-05-27 16:00:08 -07:00
Girish Ramakrishnan
723453dd1c 7.2.3 changes 2022-05-27 12:04:01 -07:00
Girish Ramakrishnan
c7956872cb Add to changes 2022-05-25 15:14:01 -07:00
Girish Ramakrishnan
17910584ca cron: add extensions 
https://www.man7.org/linux/man-pages/man5/crontab.5.html#EXTENSIONS
 2022-05-20 10:53:30 -07:00
Girish Ramakrishnan
b5c2a0ff44 exec: rework API to get exit code 2022-05-16 11:23:58 -07:00
Girish Ramakrishnan
c5c62ff294 Add to changes 2022-05-14 09:36:56 -07:00
Girish Ramakrishnan
7ed8678d50 mongodb: fix import timeout 2022-05-09 17:20:16 -07:00
Girish Ramakrishnan
7ceb307110 Add 7.2.1 changes 2022-05-03 09:15:21 -07:00
Girish Ramakrishnan
6371b7c20d dns: add hetzner 2022-05-02 22:33:30 -07:00
Girish Ramakrishnan
80d91e5540 Add missing changelog 2022-04-29 09:58:17 -07:00
Girish Ramakrishnan
32153ed47d nginx: switch to ubuntu's repo package 
ubuntu 18.04 has nginx 1.14
ubuntu 20.04, 22.04 has nginx 1.18

We used a custom nginx for TLSv1.3 support (ssl_protocols TLSv1.3).

OpenSSL itself has TLS 1.3 only from Ubuntu 18.10. This is why we
installed custom packages on Ubuntu 18.04
 2022-04-27 10:59:27 -07:00
Girish Ramakrishnan
9b6733fd88 godaddy: there is now a delete API 2022-04-26 18:44:50 -07:00
Girish Ramakrishnan
c63709312d proxyAuth: set X-Remote-User, X-Remote-Email headers 
Apps like firefly-iii support https://datatracker.ietf.org/doc/html/rfc3875#section-4.1.10
 2022-04-25 22:24:41 -07:00
Girish Ramakrishnan
5d440d55c3 Add to changes 2022-04-25 09:07:27 -07:00
Girish Ramakrishnan
4306e20a8e Update docker to 20.10.14 2022-04-21 12:30:14 -07:00
Girish Ramakrishnan
5870f949a3 Update changes 2022-04-13 11:39:23 -05:00
Girish Ramakrishnan
70695b1b0f backups: set label of backup and control it's retention 2022-04-02 19:30:54 -07:00
Girish Ramakrishnan
d47b39d90b eventlog: distinguish install vs update finish 2022-04-01 14:19:53 -07:00
Girish Ramakrishnan
a292393a43 7.2 changes 2022-03-31 23:45:14 -07:00
Girish Ramakrishnan
d09d6c21fa sshfs: fix bug where sshfs mounts were generated without unbound dependancy 2022-03-30 21:39:15 -07:00
Girish Ramakrishnan
7ec1594428 create a separate support user 
This creates a separate user named 'cloudron-support' using which we
can provide remote support. The hyphen username convention follows the
systemd sytem username convention.

With a separate user, we don't need to ask users to keep changing PermitRootLogin
(and remind them to change it back).

Using a sudo user has various advantages:

* https://askubuntu.com/questions/687249/why-does-ubuntu-have-a-disabled-root-account
* https://wiki.debian.org/sudo
* https://askubuntu.com/questions/16178/why-is-it-bad-to-log-in-as-root

The yellowtent user is also locked down further - no password and no shell login.
 2022-03-30 15:08:20 -07:00
Girish Ramakrishnan
529f6fb2cd sftp: fix private key file permissions on restore 2022-03-30 11:58:21 -07:00
Girish Ramakrishnan
74e849e2a1 backup cleaner: do not clean when provider is not mounted 2022-03-30 10:17:20 -07:00
Girish Ramakrishnan
bfb233eca1 installer.sh: move installation of docker/node/nginx etc 
no need to dup the code in two places. i think this will also
fix the unbound/resolvconf DNS resolution issue. this way unbound is configured
and is what gets used when docker is installed.

https://forum.cloudron.io/topic/6660/help-please-failing-setup-of-cloudron
https://forum.cloudron.io/topic/6632/help-me-please-got-error-while-installing-the-cloudron-on-a-fresh-ubuntu-20-04-x64-server
https://forum.cloudron.io/topic/6561/that-install-script-fails-74-times-out-of-75
 2022-03-29 22:34:03 -07:00
Girish Ramakrishnan
dbb803ff5e cifs: use credentials file 
this supports special characters in passwords better

https://forum.cloudron.io/topic/6577/failed-to-mount-inactive-mount-error-13-when-mounting-cifs-from-synology
 2022-03-29 21:26:58 -07:00
Girish Ramakrishnan
3f633c9779 dns: check for CNAME record 
Check if CNAME record exists and remove it if overwrite is set
 2022-03-29 13:53:34 -07:00
Girish Ramakrishnan
6933ccefe2 Update nginx to 1.20.0-1 2022-03-28 13:25:05 -07:00
Girish Ramakrishnan
54aeff1419 ldap: send rootDSE response 
some apps like osTicket require this
 2022-03-25 14:15:18 -07:00
Girish Ramakrishnan
d13905377c firewall: do not add duplicate ldap redirect rules 2022-03-21 12:25:30 -07:00
Girish Ramakrishnan
6f1023e0cd Add to changes 2022-03-18 10:27:04 -07:00
Girish Ramakrishnan
eeddc233dd more changes 2022-03-16 09:05:41 -07:00
Girish Ramakrishnan
f48690ee11 dyndns: fix typo 2022-03-15 09:53:54 -07:00
Girish Ramakrishnan
af42008fd3 Enable IPv6 on new interfaces with net_admin cap 2022-03-12 09:14:37 -08:00
Girish Ramakrishnan
4396bd3ea7 wildcard: handle ENODATA 2022-03-08 17:14:42 -08:00
Girish Ramakrishnan
fc2a326332 mysql: Fix default collation 
https://github.com/mattermost/mattermost-server/issues/19602#issuecomment-1057360142

> SELECT @@character_set_database, @@collation_database;

This will show utf8mb4 and utf8mb4_0900_ai_ci (was utf8mb4_unicode_ci)

To see the table schemas:

> SELECT table_schema, table_name, table_collation FROM information_schema.tables;
 2022-03-02 22:34:30 -08:00
Girish Ramakrishnan
e66a804012 ufw may not be installed 2022-03-02 19:36:32 -08:00
Girish Ramakrishnan
c100be4131 dns: filter out link local addresses 
Unlike IPv4, IPv6 requires a link-local address on every network interface on which the IPv6 protocol is enabled, even when routable addresses are also assigned
 2022-03-01 12:13:59 -08:00
Girish Ramakrishnan
eb0662b245 Up the json size to 2mb for block list route 
https://forum.cloudron.io/topic/6575/cloudron-7-1-2-firewall-not-ipv6-ready
 2022-03-01 11:57:50 -08:00
Girish Ramakrishnan
7912d521ca 7.1.3 changes 2022-02-28 14:26:37 -08:00
Girish Ramakrishnan
2434e81383 backups: fix incorrect mountpoint check with managed mounts 2022-02-25 12:53:05 -08:00
Girish Ramakrishnan
1a87856655 eventlog: log event on alias update 2022-02-24 20:30:42 -08:00
Girish Ramakrishnan
a662a60332 eventlog: add event for certificate cleanup 2022-02-24 19:55:43 -08:00
Girish Ramakrishnan
993ff50681 cloudron-firewall: fix crash when ports are whitelisted 
it failed with:
Feb 22 08:52:30 strawberry cloudron-firewall.sh[14300]: /home/yellowtent/box/setup/start/cloudron-firewall.sh: line 14: iptables --wait 120 --wait-interval 1: command not found

the root cause was that IFS was getting set but not getting reset later.
the IFS=xx line is not line local as it seems to appear (just a bash statement)
 2022-02-22 00:56:57 -08:00