jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
15,779 Commits 33 Branches 583 Tags
aecc16af5d8d9bab4d118657d10934b04ac3a738
Commit Graph

8393 Commits

Author SHA1 Message Date
Girish Ramakrishnan
d326d05ad6 sysinfo: add noop provider 2022-03-01 12:05:01 -08:00
Girish Ramakrishnan
eb0662b245 Up the json size to 2mb for block list route 
https://forum.cloudron.io/topic/6575/cloudron-7-1-2-firewall-not-ipv6-ready
 2022-03-01 11:57:50 -08:00
Johannes Zellner
71dac64c4c Only allow impersonation for equal or less powerful roles 2022-02-28 20:42:33 +01:00
Girish Ramakrishnan
aab6f222b3 better log 2022-02-28 11:04:44 -08:00
Girish Ramakrishnan
1cb1be321c remove usage of deprecated fs.rmdir 2022-02-25 16:43:20 -08:00
Girish Ramakrishnan
2434e81383 backups: fix incorrect mountpoint check with managed mounts 2022-02-25 12:53:05 -08:00
Girish Ramakrishnan
62142c42ea Fix crash 2022-02-25 11:03:16 -08:00
Girish Ramakrishnan
0ae30e6447 disable routes/test/apps-test for now 2022-02-24 20:50:35 -08:00
Girish Ramakrishnan
1a87856655 eventlog: log event on alias update 2022-02-24 20:30:42 -08:00
Girish Ramakrishnan
a3e097d541 add missing awaits for eventlog.add 2022-02-24 20:04:46 -08:00
Girish Ramakrishnan
9a6694286a eventlog: event type typo 2022-02-24 19:59:29 -08:00
Girish Ramakrishnan
a662a60332 eventlog: add event for certificate cleanup 2022-02-24 19:55:43 -08:00
Girish Ramakrishnan
69f3b4e987 better debugs 2022-02-24 12:57:56 -08:00
Girish Ramakrishnan
481586d7b7 add missing return 2022-02-24 12:51:27 -08:00
Girish Ramakrishnan
34c3a2b42d mail: increase pool_timeout 2022-02-24 12:25:38 -08:00
Johannes Zellner
c4a9295d3e Fix typo 2022-02-24 19:10:04 +01:00
Girish Ramakrishnan
ba5c2f623c remove supererror, not really used 2022-02-21 17:34:51 -08:00
Girish Ramakrishnan
24a16cf8b4 redis: fix issue where protected mode was enabled with no password 2022-02-21 12:21:37 -08:00
Girish Ramakrishnan
91dc91a390 fix dns tests 2022-02-18 11:36:14 -08:00
Johannes Zellner
b886a35cff Fixup gcdns calls. The api returns an array as result 
https://github.com/googleapis/google-cloud-node/issues/2556
https://github.com/googleapis/google-cloud-node/issues/2896
 2022-02-18 19:46:03 +01:00
Girish Ramakrishnan
e59efc7e34 bump free space requirement to 2GB 2022-02-18 09:56:42 -08:00
Johannes Zellner
2160644124 Lets not stretch our luck 2022-02-18 18:40:49 +01:00
Johannes Zellner
b54c4bb399 Fixup cn attribute for ldap to be according to spec 2022-02-18 17:43:47 +01:00
Girish Ramakrishnan
feaa5585e1 mailbox: fix crash when domain not found 2022-02-17 18:03:56 -08:00
Girish Ramakrishnan
6f7bede7bd listen on ipv6 as well for port 53 2022-02-17 11:56:08 -08:00
Girish Ramakrishnan
eb3e87c340 add debug 2022-02-17 11:08:22 -08:00
Girish Ramakrishnan
26a8738b21 make user listing return non-private fields 
this was from a time when normal users could install apps
 2022-02-16 21:22:38 -08:00
Girish Ramakrishnan
012a3e2984 ensure certificate of secondary domains 2022-02-16 20:32:04 -08:00
Girish Ramakrishnan
dfebda7170 Remove deprecated fs.rmdirSync 2022-02-16 20:30:33 -08:00
Girish Ramakrishnan
149f778652 wildcard: better error message 2022-02-16 20:22:50 -08:00
Girish Ramakrishnan
773dfd9a7b ipv6 support in firewall allow and block lists 2022-02-16 13:39:35 -08:00
Girish Ramakrishnan
426ed435a4 userdirectory: move the validation and apply logic 2022-02-16 13:00:06 -08:00
Girish Ramakrishnan
2ed770affd mountpoint: allow chown flag to be set 2022-02-16 11:48:37 -08:00
Girish Ramakrishnan
9d2d5d16f3 return 200 for immediate setters which require no further processing 2022-02-16 10:09:23 -08:00
Girish Ramakrishnan
9dbb299bb9 user directory: listen on ipv4 and ipv6 2022-02-15 14:27:51 -08:00
Girish Ramakrishnan
661799cd54 typo 2022-02-15 13:25:14 -08:00
Girish Ramakrishnan
0f25458914 rename key to match other json keys 2022-02-15 13:12:34 -08:00
Girish Ramakrishnan
d0c59c1f75 add separate route to get ipv4 and ipv6 2022-02-15 12:47:16 -08:00
Girish Ramakrishnan
c6da8c8167 make ipv4 and ipv6 settings separate 2022-02-15 12:36:05 -08:00
Girish Ramakrishnan
0dbe8ee8f2 godaddy: invalid ipv6 2022-02-15 12:01:52 -08:00
Girish Ramakrishnan
f8b124caa6 do not check if we have ipv6 to enable ipv6 2022-02-15 11:57:27 -08:00
Girish Ramakrishnan
125325721f add mail manager tests 2022-02-15 10:30:26 -08:00
Johannes Zellner
ac57e433b1 Improve errorhandling in netcup dns 2022-02-14 10:57:06 +01:00
Girish Ramakrishnan
de84cbc977 add note on turn container host mode 2022-02-11 23:08:56 -08:00
Girish Ramakrishnan
8f4779ad2f Update addons to listen on ipv6 
docker sets up the hostname DNS to be ipv4 and ipv6

Part of #264
 2022-02-10 10:53:46 -08:00
Girish Ramakrishnan
6aa034ea41 platform: Only re-create docker network on version change 2022-02-10 09:32:22 -08:00
Girish Ramakrishnan
ca83deb761 Docker IPv6 support 
Docker's initial IPv6 support is based on allocating public IPv6 to containers.
This approach has many issues:
* The server may not get a block of IPv6 assigned to it
* It's complicated to allocate a block of IPv6 to cloudron server on home setups
* It's unclear how dynamic IPv6 is. If it's dynamic, then should containers be recreated?
* DNS setup is complicated
* Not a issue for Cloudron itself, but with -P, it just exposed the full container into the world

Given these issues, IPv6 NAT is being considered. Even though NAT is not a security mechanism as such,
it does offer benefits that we care about:
* We can allocate some private IPv6 to containers
* Have docker NAT66 the exposed ports
* Works similar to IPv4

Currently, the IPv6 ports are always mapped and exposed. The "Enable IPv6" config option is only whether
to automate AAAA records or not. This way, user can enable it and 'sync' dns and we don't need to
re-create containers etc. There is no inherent benefit is not exposing IPv6 at all everywhere unless we find
it unstable.

Fixes #264
 2022-02-09 23:54:53 -08:00
Girish Ramakrishnan
ff664486ff do not start if platform.start does not work 2022-02-09 23:15:37 -08:00
Girish Ramakrishnan
852eebac4d move cloudron network creation to platform code 
this gives us more control on re-creating the network with different
arguments/options when needed.
 2022-02-09 23:15:37 -08:00
Girish Ramakrishnan
f0f9ade972 sftp: listen on ipv6 2022-02-09 23:15:37 -08:00