ac57e433b1
Improve errorhandling in netcup dns
2022-02-14 10:57:06 +01:00
de84cbc977
add note on turn container host mode
2022-02-11 23:08:56 -08:00
d6d7bc93e8
firewall: add ipxtables helper
2022-02-11 22:56:23 -08:00
8f4779ad2f
Update addons to listen on ipv6
...
docker sets up the hostname DNS to be ipv4 and ipv6
Part of #264
2022-02-10 10:53:46 -08:00
6aa034ea41
platform: Only re-create docker network on version change
2022-02-10 09:32:22 -08:00
ca83deb761
Docker IPv6 support
...
Docker's initial IPv6 support is based on allocating public IPv6 to containers.
This approach has many issues:
* The server may not get a block of IPv6 assigned to it
* It's complicated to allocate a block of IPv6 to cloudron server on home setups
* It's unclear how dynamic IPv6 is. If it's dynamic, then should containers be recreated?
* DNS setup is complicated
* Not a issue for Cloudron itself, but with -P, it just exposed the full container into the world
Given these issues, IPv6 NAT is being considered. Even though NAT is not a security mechanism as such,
it does offer benefits that we care about:
* We can allocate some private IPv6 to containers
* Have docker NAT66 the exposed ports
* Works similar to IPv4
Currently, the IPv6 ports are always mapped and exposed. The "Enable IPv6" config option is only whether
to automate AAAA records or not. This way, user can enable it and 'sync' dns and we don't need to
re-create containers etc. There is no inherent benefit is not exposing IPv6 at all everywhere unless we find
it unstable.
Fixes #264
2022-02-09 23:54:53 -08:00
ff664486ff
do not start if platform.start does not work
2022-02-09 23:15:37 -08:00
c5f9c80f89
move comment to unbound.conf
2022-02-09 23:15:37 -08:00
852eebac4d
move cloudron network creation to platform code
...
this gives us more control on re-creating the network with different
arguments/options when needed.
2022-02-09 23:15:37 -08:00
f0f9ade972
sftp: listen on ipv6
2022-02-09 23:15:37 -08:00
f3ba1a9702
unbound: always disable ip6 during install
...
this was br0ken anway because "-s" is always false here. this is because
/proc/net/if_inet6 which has 0 size (but has contents!).
2022-02-09 23:15:37 -08:00
c2f2a70d7f
vultr has ufw enabled by default
2022-02-09 23:15:37 -08:00
f18d108467
nginx: add listen note
2022-02-09 23:15:37 -08:00
566def2b64
Disable IPv6 temporary address
2022-02-09 12:17:42 -08:00
c9e3da22ab
Revert "Disable userland proxy in new installations"
...
This reverts commit 430f5e939bhttps://github.com/moby/moby/issues/14856
2022-02-09 09:45:04 -08:00
430f5e939b
Disable userland proxy in new installations
...
https://github.com/moby/moby/issues/8356
The initial motivation for userland proxy is to enable localhost
connections since the linux kernel did not allow loopback connections
to be routed.
With hairpin NAT support (https://github.com/moby/moby/pull/6810 ), this
seems to be solved.
2022-02-08 11:51:37 -08:00
7bfa237d26
Update docker to 20.10.12
2022-02-08 10:57:24 -08:00
85964676fa
Fix location conflict error message
2022-02-07 16:09:43 -08:00
68c2f6e2bd
Fix users test
2022-02-07 14:22:34 -08:00
75c0caaa3d
rename subdomains table to locations
2022-02-07 14:04:11 -08:00
46b497d87e
rename SUBDOMAIN_ to LOCATION_
...
location is { subdomain, domain } pair
2022-02-07 13:48:08 -08:00
964c1a5f5a
remove field from errors
...
we have standardized on indexOf in error.message by now
2022-02-07 13:44:29 -08:00
d5481342ed
Add ability to filter users by state
2022-02-07 17:18:13 +01:00
e3a0a9e5dc
Hack to allow SOGo logins for more than 1k mailboxes
2022-02-07 16:22:05 +01:00
23b3070c52
add percent info when switching dashboard
2022-02-06 11:21:32 -08:00
5048f455a3
Misplaced brackets
2022-02-06 10:58:49 -08:00
e27bad4bdd
Fix incorrect brackets
2022-02-06 10:22:04 -08:00
4273c56b44
Add some changes
2022-02-05 21:09:14 +01:00
0af9069f23
make linode async
2022-02-04 16:01:41 -08:00
e1db45ef81
remove callback asserts
2022-02-04 15:47:38 -08:00
59b2bf72f7
make gcdns async
2022-02-04 15:46:17 -08:00
8802b3bb14
make namecheap async
2022-02-04 15:34:02 -08:00
ee0cbb0e42
make route53 async
2022-02-04 15:20:49 -08:00
5d415d4d7d
make cloudflare, gandi, manual, noop, wildcard, netcup, godaddy, namecom async
2022-02-04 14:36:30 -08:00
3b3b510343
Check if we get IPv6 when enabling
2022-02-04 11:15:53 -08:00
5c56cdfbc7
Revert "tld.isValid is deprecated"
...
This reverts commit bd4097098d
2022-02-04 10:49:19 -08:00
7601b4919a
make upsert remove the additional records
2022-02-04 10:22:22 -08:00
856b23d940
asyncify the vultr and DO backend
2022-02-04 10:15:35 -08:00
bd4097098d
tld.isValid is deprecated
2022-02-04 10:09:24 -08:00
1441c59589
Remove left over assert
2022-02-04 17:35:44 +01:00
0373fb70d5
make waitForDns async
...
cloudflare is partly broken
2022-02-03 17:35:45 -08:00
da5b5aadbc
typo in debug
2022-02-02 15:07:50 -08:00
b75afaf5d5
clone: secondary domains are required
2022-02-01 23:36:41 -08:00
26bfa32c7b
Fix display of task error
2022-02-01 21:47:49 -08:00
67fe17d20c
Fix crash with alias domains
2022-02-01 21:28:43 -08:00
150f89ae43
proxyauth: on invalid token, redirect user
...
https://forum.cloudron.io/topic/6425/403-in-proxyauth-apps-after-server-migration
2022-02-01 17:58:05 -08:00
944d364e1a
turn: secret is a string
2022-02-01 17:36:51 -08:00
aeef815bf7
proxyAuth: persist the secret token
2022-02-01 17:35:21 -08:00
46144ae07a
lint
2022-02-01 17:35:21 -08:00
8f08ed1aed
Fix blobs schema
2022-02-01 17:29:25 -08:00
Johannes Zellner