jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
15,779 Commits 33 Branches 583 Tags
aecc16af5d8d9bab4d118657d10934b04ac3a738
Commit Graph

8393 Commits

Author SHA1 Message Date
Johannes Zellner
47e45808a3 Give the addons a lot more time to initiate a connection 2022-04-06 13:05:09 +02:00
Girish Ramakrishnan
0280c2baba keep the backup if preserveSecs is -1 2022-04-05 11:08:38 -07:00
Girish Ramakrishnan
2f8f5fcb7d Typo 2022-04-05 10:26:05 -07:00
Girish Ramakrishnan
709d4041b2 backups: fix restore code path after backup id changes 2022-04-05 09:55:57 -07:00
Johannes Zellner
b4b999bd74 Fix await safe usage 2022-04-05 13:17:49 +02:00
Girish Ramakrishnan
ea3fd27123 backups: recursively update the dep preserveSecs 
One idea was to compute this at cleanup time, but this has two problems:

* the UI won't reflect this value. can be good or bad
* the cleaner has no easy way to find out the "parent". I guess we should
  change our data structure, if we want to go down this route...
 2022-04-04 21:29:35 -07:00
Girish Ramakrishnan
452a4d9a75 backups: add remotePath 
the main motivation is that id can be used in REST API routes. previously,
the id was a path and this had a "/" in it. This made /api/v1/backups/:backupId
not work.
 2022-04-04 20:40:40 -07:00
Girish Ramakrishnan
54934c41a7 storage: rename getBackupPath to getBasePath 2022-04-04 14:08:24 -07:00
Girish Ramakrishnan
a05e564ae6 Fix expectation in test 2022-04-04 14:03:07 -07:00
Girish Ramakrishnan
57ac94bab6 Fix appstore test 2022-04-04 13:55:23 -07:00
Girish Ramakrishnan
6839ff4cf6 reverseproxy: fix typo 
this type was causing nginx configs of the primary domain being re-written
everytime we try to renew certs
 2022-04-04 10:30:32 -07:00
Girish Ramakrishnan
993dda9121 rename function 2022-04-03 08:29:59 -07:00
Girish Ramakrishnan
70695b1b0f backups: set label of backup and control it's retention 2022-04-02 19:30:54 -07:00
Girish Ramakrishnan
d47b39d90b eventlog: distinguish install vs update finish 2022-04-01 14:19:53 -07:00
Girish Ramakrishnan
37a4e8d5c5 cloudron-setup: add --setup-token 2022-03-31 23:38:54 -07:00
Girish Ramakrishnan
81728f4202 appstore: make the args of updateCloudron clear 2022-03-31 23:27:00 -07:00
Girish Ramakrishnan
bc49f64a0c appstore: it never returns 422 
I think I meant 402 which is subscription expired/billing error
 2022-03-31 22:51:40 -07:00
Girish Ramakrishnan
52fc031516 Log error message if updateCloudron failed 2022-03-31 22:46:14 -07:00
Girish Ramakrishnan
cae528158c appstore: check login response 2022-03-31 22:43:34 -07:00
Girish Ramakrishnan
566a03cd59 remove unnecessary temp variables 2022-03-31 22:41:48 -07:00
Girish Ramakrishnan
ad2221350f Add appstore web token 
* For existing installs, migrate using the soon to be obsoleted user_token route
* For new installs, the token post login is stashed during registration time
 2022-03-31 22:35:45 -07:00
Girish Ramakrishnan
656dca7c66 rename cloudron_token to appstore_api_token 2022-03-31 22:18:08 -07:00
Girish Ramakrishnan
638fe2e6c8 ldap: add rootDSE test 2022-03-31 21:18:56 -07:00
Girish Ramakrishnan
3295d2b727 settings: remove licenseKey 
this is unused
 2022-03-31 12:47:45 -07:00
Johannes Zellner
c4689a8385 Add registerWithSetupToken() to be used 2022-03-31 17:29:44 +02:00
Girish Ramakrishnan
d09d6c21fa sshfs: fix bug where sshfs mounts were generated without unbound dependancy 2022-03-30 21:39:15 -07:00
Girish Ramakrishnan
7ec1594428 create a separate support user 
This creates a separate user named 'cloudron-support' using which we
can provide remote support. The hyphen username convention follows the
systemd sytem username convention.

With a separate user, we don't need to ask users to keep changing PermitRootLogin
(and remind them to change it back).

Using a sudo user has various advantages:

* https://askubuntu.com/questions/687249/why-does-ubuntu-have-a-disabled-root-account
* https://wiki.debian.org/sudo
* https://askubuntu.com/questions/16178/why-is-it-bad-to-log-in-as-root

The yellowtent user is also locked down further - no password and no shell login.
 2022-03-30 15:08:20 -07:00
Girish Ramakrishnan
529f6fb2cd sftp: fix private key file permissions on restore 2022-03-30 11:58:21 -07:00
Girish Ramakrishnan
74e849e2a1 backup cleaner: do not clean when provider is not mounted 2022-03-30 10:17:20 -07:00
Girish Ramakrishnan
dbb803ff5e cifs: use credentials file 
this supports special characters in passwords better

https://forum.cloudron.io/topic/6577/failed-to-mount-inactive-mount-error-13-when-mounting-cifs-from-synology
 2022-03-29 21:26:58 -07:00
Girish Ramakrishnan
0dea2d283b move sshfs key write logic to renderMountFile 2022-03-29 20:15:55 -07:00
Girish Ramakrishnan
cbc44da102 create sshfs dir in start.sh 2022-03-29 20:13:41 -07:00
Girish Ramakrishnan
3f633c9779 dns: check for CNAME record 
Check if CNAME record exists and remove it if overwrite is set
 2022-03-29 13:53:34 -07:00
Girish Ramakrishnan
54aeff1419 ldap: send rootDSE response 
some apps like osTicket require this
 2022-03-25 14:15:18 -07:00
Girish Ramakrishnan
144e98abab image name cannot start with '/' 
https://forum.cloudron.io/topic/6689/cannot-uninstall-custom-app
https://stackoverflow.com/questions/43091075/docker-restrictions-regarding-naming-image
 2022-03-24 10:03:40 -07:00
Girish Ramakrishnan
e0e0c049c8 add link to upstream issue 2022-03-23 09:52:17 -07:00
Johannes Zellner
ef0f9c5298 Fixup cn attribute for ldap to be according to spec 
Bring back b54c4bb399
 2022-03-22 10:19:21 -07:00
Girish Ramakrishnan
f48690ee11 dyndns: fix typo 2022-03-15 09:53:54 -07:00
Girish Ramakrishnan
3b0bdd9807 support: send the server IPv4 when remote support enabled 2022-03-14 21:30:54 -07:00
Girish Ramakrishnan
6dc5c4f13b ldap: add dummy apps search route for directus 2022-03-14 09:17:49 -07:00
Girish Ramakrishnan
9bb5096f1c nginx: enable underscores in headers 
chatwoot requires this

https://www.chatwoot.com/docs/self-hosted/deployment/caprover#api-requests-failing-with-you-need-to-sign-in-or-sign-up-before-continuing

They are apparently disabled by default since they conflict with some CGI headers:

https://stackoverflow.com/questions/22856136/why-do-http-servers-forbid-underscores-in-http-header-names
https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/?highlight=disappearing%20http%20headers#missing-disappearing-http-headers
 2022-03-13 23:04:34 -07:00
Girish Ramakrishnan
af42008fd3 Enable IPv6 on new interfaces with net_admin cap 2022-03-12 09:14:37 -08:00
Girish Ramakrishnan
4396bd3ea7 wildcard: handle ENODATA 2022-03-08 17:14:42 -08:00
Girish Ramakrishnan
db03053e05 cloudflare: remove async 2022-03-08 14:30:27 -08:00
Girish Ramakrishnan
193dff8c30 Better log 2022-03-03 10:08:34 -08:00
Girish Ramakrishnan
59582d081a port25check: log the error message 2022-03-03 09:58:58 -08:00
Girish Ramakrishnan
ef684d32a2 port25checker: Use random tick to not bombard our checker service 2022-03-03 09:57:41 -08:00
Girish Ramakrishnan
fc2a326332 mysql: Fix default collation 
https://github.com/mattermost/mattermost-server/issues/19602#issuecomment-1057360142

> SELECT @@character_set_database, @@collation_database;

This will show utf8mb4 and utf8mb4_0900_ai_ci (was utf8mb4_unicode_ci)

To see the table schemas:

> SELECT table_schema, table_name, table_collation FROM information_schema.tables;
 2022-03-02 22:34:30 -08:00
Girish Ramakrishnan
5afa7345a5 route53: check permissions to perform route53:ListResourceRecordSets 
otherwise, at install time we see "DNS credentials for xx are invalid. Update it in Domains & Certs view"

the exact error from route 53 is:

User: arn:aws:iam::xx:user/yy is not authorized to perform: route53:ListResourceRecordSets on resource: arn:aws:route53:::hostedzone/zz because no identity-based policy allows the route53:ListResourceRecordSets action
 2022-03-02 10:44:52 -08:00
Girish Ramakrishnan
c100be4131 dns: filter out link local addresses 
Unlike IPv4, IPv6 requires a link-local address on every network interface on which the IPv6 protocol is enabled, even when routable addresses are also assigned
 2022-03-01 12:13:59 -08:00