jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
9,025 Commits 33 Branches 583 Tags
b00a7e3cbbe273905833db14c66d7111d04791f2
Commit Graph

9025 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Johannes Zellner
b00a7e3cbb Update turn addon 2020-03-31 10:55:41 +02:00
Johannes Zellner
e63446ffa2 Support persistent turn secret 2020-03-31 09:28:57 +02:00
Girish Ramakrishnan
580da19bc2 Less strict dmarc validation 
fixes #666
 2020-03-30 19:32:25 -07:00
Girish Ramakrishnan
936f456cec make reset tokens only valid for a day 
fixes #563

mysql timestamps cannot be null. it will become current timestamp when
set as null
 2020-03-30 17:13:31 -07:00
Girish Ramakrishnan
5d6a02f73c mysql: create the my.cnf in run time dir 2020-03-30 16:32:54 -07:00
Girish Ramakrishnan
b345195ea9 add missing fields in users table 2020-03-30 16:32:28 -07:00
Girish Ramakrishnan
3e6b66751c typoe in assert 2020-03-30 15:17:34 -07:00
Johannes Zellner
f78571e46d Support reserved port ranges 2020-03-30 10:01:52 +02:00
Johannes Zellner
f52000958c Update manifest format to 5.1.1 2020-03-30 08:43:28 +02:00
Johannes Zellner
5ac9c6ce02 add turn,stun ports to RESERVED ones 
We still need to protect the TURN port range
 2020-03-30 08:30:06 +02:00
Johannes Zellner
1110a67483 Add turn addon setup and teardown calls 2020-03-30 08:24:52 +02:00
Girish Ramakrishnan
57bb1280f8 better error message 2020-03-29 20:12:59 -07:00
Girish Ramakrishnan
25c000599f Fix assert (appStoreId is optional) 2020-03-29 19:12:07 -07:00
Girish Ramakrishnan
86f45e2769 Fix failing test 2020-03-29 18:55:44 -07:00
Girish Ramakrishnan
7110240e73 Only a Cloudron owner can install/update/exec apps with the docker addon 
this should have been part of f1975d8f2b
 2020-03-29 18:52:37 -07:00
Girish Ramakrishnan
1da37b66d8 use resource pattern in apps routes 
this makes it easy to implement access control in route handlers
 2020-03-29 17:11:10 -07:00
Girish Ramakrishnan
f1975d8f2b only owner can install/repair/update/exec docker addon apps 2020-03-29 16:24:04 -07:00
Girish Ramakrishnan
f407ce734a restrict the app to bind mount under /app/data only 
rest have to be volumes
 2020-03-29 13:57:45 -07:00
Girish Ramakrishnan
f813cfa8db Listen only on the docker interface 2020-03-29 13:11:16 -07:00
Girish Ramakrishnan
d5880cb953 TODO block is obsolete 2020-03-29 13:10:19 -07:00
Girish Ramakrishnan
95da9744c1 Prefix env vars with CLOUDRON_ 2020-03-29 09:35:34 -07:00
Girish Ramakrishnan
85c3e45cde remove oauth addon code 2020-03-29 09:35:34 -07:00
Johannes Zellner
520a396ded Use turn server with certificates 2020-03-29 09:32:48 +02:00
Johannes Zellner
13ad611c96 Remove ssh related settings from the turn container config 2020-03-29 09:32:48 +02:00
Girish Ramakrishnan
85f58d9681 more changes 2020-03-28 23:10:17 -07:00
Johannes Zellner
c1de62acef Update coturn 2020-03-29 07:30:42 +02:00
Johannes Zellner
7e47e36773 Fix portrange notation in firewall service 2020-03-29 07:25:36 +02:00
Johannes Zellner
00b6217cab Fix turn tls port 2020-03-29 07:09:17 +02:00
Girish Ramakrishnan
acc2b5a1a3 remove unused param 2020-03-28 22:05:43 -07:00
Girish Ramakrishnan
b06feaa36b more changes 2020-03-28 17:48:55 -07:00
Johannes Zellner
89cf8a455a Allow turn and stun service ports 2020-03-28 23:33:44 +01:00
Johannes Zellner
710046a94f Add coturn addon service 2020-03-28 22:46:32 +01:00
Johannes Zellner
b366b0fa6a Stop container with isCloudronManged labels instead of by network 2020-03-28 22:46:32 +01:00
Girish Ramakrishnan
f9e7a8207a cloudron-support: make it --owner-login 2020-03-27 18:58:12 -07:00
Johannes Zellner
6178bf3d4b Update sftp addon 2020-03-27 14:54:35 +01:00
Girish Ramakrishnan
f3b979f112 More 5.0.6 changelog 2020-03-26 21:56:18 -07:00
Girish Ramakrishnan
9faae96d61 make app password work with sftp 2020-03-26 21:50:25 -07:00
Girish Ramakrishnan
2135fe5dd0 5.0.6 changelog 
(cherry picked from commit 3c1a1f1b81)
 2020-03-26 19:32:58 -07:00
Girish Ramakrishnan
007a8d248d make eventlog routes owner only 2020-03-26 18:54:16 -07:00
Girish Ramakrishnan
58d4a3455b email: add type filter to eventlog 2020-03-25 22:05:49 -07:00
Girish Ramakrishnan
8e3c14f245 5.0.5 changes 
(cherry picked from commit cc6ddf50b1)
 2020-03-25 08:13:38 -07:00
Girish Ramakrishnan
91af2495a6 Make key validation work for ecc certs 2020-03-24 21:20:21 -07:00
Girish Ramakrishnan
7d7df5247b Update cipher suite based on ssl-config recommendation 
ssl_prefer_server_ciphers off is the recommendation since the cpihers
are deprecated

https://serverfault.com/questions/997614/setting-ssl-prefer-server-ciphers-directive-in-nginx-config
 2020-03-24 19:24:58 -07:00
Girish Ramakrishnan
f99450d264 Enable TLSv1.3 and remove TLSv1 and 1.1 
IE10 does not have 1.2, so maybe we can risk it

As per Android documentaion TLS 1.2 is fully supported after API level 20/Android 5(Lolipop)

https://discussions.qualys.com/thread/17020-tls-12-support-for-android-devices
https://www.ryandesignstudio.com/what-is-tls/
 2020-03-24 14:37:08 -07:00
Girish Ramakrishnan
d3eeb5f48a mail: disable host and proto mismatch 2020-03-24 11:50:52 -07:00
Girish Ramakrishnan
1e8a02f91a Make token expiry a year 
we now have a UI to invalid all tokens easily, so this should be OK.
 2020-03-23 21:51:13 -07:00
Girish Ramakrishnan
97c3bd8b8e mail: incoming mail from dynamic hostnames was rejected 2020-03-23 21:50:36 -07:00
Girish Ramakrishnan
09ce27d74b bump default token expiry to a month 2020-03-21 18:46:38 -07:00
Girish Ramakrishnan
2447e91a9f mail: throttle denied events v5.0.4 2020-03-20 14:04:16 -07:00
Girish Ramakrishnan
e6d881b75d Use owner email for LE certs 
https://forum.cloudron.io/topic/2244/email-contact-on-let-s-encrypt-ssl-tls-certificates-uses-password-recovery-email-rather-than-primary-email-address
 2020-03-20 13:39:58 -07:00