jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
10,363 Commits 33 Branches 583 Tags
ba3a93e648d44cc2f0652cc95c4e73cb2e01a3b3
Commit Graph

10363 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Girish Ramakrishnan 25c000599f Fix assert (appStoreId is optional) 2020-03-29 19:12:07 -07:00
Girish Ramakrishnan 86f45e2769 Fix failing test 2020-03-29 18:55:44 -07:00
Girish Ramakrishnan 7110240e73 Only a Cloudron owner can install/update/exec apps with the docker addon 
this should have been part of f1975d8f2b
 2020-03-29 18:52:37 -07:00
Girish Ramakrishnan 1da37b66d8 use resource pattern in apps routes 
this makes it easy to implement access control in route handlers
 2020-03-29 17:11:10 -07:00
Girish Ramakrishnan f1975d8f2b only owner can install/repair/update/exec docker addon apps 2020-03-29 16:24:04 -07:00
Girish Ramakrishnan f407ce734a restrict the app to bind mount under /app/data only 
rest have to be volumes
 2020-03-29 13:57:45 -07:00
Girish Ramakrishnan f813cfa8db Listen only on the docker interface 2020-03-29 13:11:16 -07:00
Girish Ramakrishnan d5880cb953 TODO block is obsolete 2020-03-29 13:10:19 -07:00
Girish Ramakrishnan 95da9744c1 Prefix env vars with CLOUDRON_ 2020-03-29 09:35:34 -07:00
Girish Ramakrishnan 85c3e45cde remove oauth addon code 2020-03-29 09:35:34 -07:00
Johannes Zellner 520a396ded Use turn server with certificates 2020-03-29 09:32:48 +02:00
Johannes Zellner 13ad611c96 Remove ssh related settings from the turn container config 2020-03-29 09:32:48 +02:00
Girish Ramakrishnan 85f58d9681 more changes 2020-03-28 23:10:17 -07:00
Johannes Zellner c1de62acef Update coturn 2020-03-29 07:30:42 +02:00
Johannes Zellner 7e47e36773 Fix portrange notation in firewall service 2020-03-29 07:25:36 +02:00
Johannes Zellner 00b6217cab Fix turn tls port 2020-03-29 07:09:17 +02:00
Girish Ramakrishnan acc2b5a1a3 remove unused param 2020-03-28 22:05:43 -07:00
Girish Ramakrishnan b06feaa36b more changes 2020-03-28 17:48:55 -07:00
Johannes Zellner 89cf8a455a Allow turn and stun service ports 2020-03-28 23:33:44 +01:00
Johannes Zellner 710046a94f Add coturn addon service 2020-03-28 22:46:32 +01:00
Johannes Zellner b366b0fa6a Stop container with isCloudronManged labels instead of by network 2020-03-28 22:46:32 +01:00
Girish Ramakrishnan f9e7a8207a cloudron-support: make it --owner-login 2020-03-27 18:58:12 -07:00
Johannes Zellner 6178bf3d4b Update sftp addon 2020-03-27 14:54:35 +01:00
Girish Ramakrishnan f3b979f112 More 5.0.6 changelog 2020-03-26 21:56:18 -07:00
Girish Ramakrishnan 9faae96d61 make app password work with sftp 2020-03-26 21:50:25 -07:00
Girish Ramakrishnan 2135fe5dd0 5.0.6 changelog 
(cherry picked from commit 3c1a1f1b81)
 2020-03-26 19:32:58 -07:00
Girish Ramakrishnan 007a8d248d make eventlog routes owner only 2020-03-26 18:54:16 -07:00
Girish Ramakrishnan 58d4a3455b email: add type filter to eventlog 2020-03-25 22:05:49 -07:00
Girish Ramakrishnan 8e3c14f245 5.0.5 changes 
(cherry picked from commit cc6ddf50b1)
 2020-03-25 08:13:38 -07:00
Girish Ramakrishnan 91af2495a6 Make key validation work for ecc certs 2020-03-24 21:20:21 -07:00
Girish Ramakrishnan 7d7df5247b Update cipher suite based on ssl-config recommendation 
ssl_prefer_server_ciphers off is the recommendation since the cpihers
are deprecated

https://serverfault.com/questions/997614/setting-ssl-prefer-server-ciphers-directive-in-nginx-config
 2020-03-24 19:24:58 -07:00
Girish Ramakrishnan f99450d264 Enable TLSv1.3 and remove TLSv1 and 1.1 
IE10 does not have 1.2, so maybe we can risk it

As per Android documentaion TLS 1.2 is fully supported after API level 20/Android 5(Lolipop)

https://discussions.qualys.com/thread/17020-tls-12-support-for-android-devices
https://www.ryandesignstudio.com/what-is-tls/
 2020-03-24 14:37:08 -07:00
Girish Ramakrishnan d3eeb5f48a mail: disable host and proto mismatch 2020-03-24 11:50:52 -07:00
Girish Ramakrishnan 1e8a02f91a Make token expiry a year 
we now have a UI to invalid all tokens easily, so this should be OK.
 2020-03-23 21:51:13 -07:00
Girish Ramakrishnan 97c3bd8b8e mail: incoming mail from dynamic hostnames was rejected 2020-03-23 21:50:36 -07:00
Girish Ramakrishnan 09ce27d74b bump default token expiry to a month 2020-03-21 18:46:38 -07:00
Girish Ramakrishnan 2447e91a9f mail: throttle denied events v5.0.4 2020-03-20 14:04:16 -07:00
Girish Ramakrishnan e6d881b75d Use owner email for LE certs 
https://forum.cloudron.io/topic/2244/email-contact-on-let-s-encrypt-ssl-tls-certificates-uses-password-recovery-email-rather-than-primary-email-address
 2020-03-20 13:39:58 -07:00
Girish Ramakrishnan 36f963dce8 remove unncessary debug in routes 2020-03-19 17:05:31 -07:00
Girish Ramakrishnan 1b15d28212 eventlog: add start/stop/restart logs 2020-03-19 17:02:55 -07:00
Girish Ramakrishnan 4e0c15e102 use short form syntax 2020-03-19 16:48:31 -07:00
Girish Ramakrishnan c9e40f59de bump the timeout for really slow disks 2020-03-19 13:33:53 -07:00
Girish Ramakrishnan 38cf31885c Make backup configure owner only 2020-03-18 17:23:23 -07:00
Girish Ramakrishnan 4420470242 comcast does not allow port 25 check anymore 2020-03-17 13:55:35 -07:00
Girish Ramakrishnan 9b05786615 appstore: add whitelist/blacklist 2020-03-15 17:20:48 -07:00
Girish Ramakrishnan 725b2c81ee custom.yml is obsolete 2020-03-15 16:50:42 -07:00
Girish Ramakrishnan 661965f2e0 Add branding tests 2020-03-15 16:38:15 -07:00
Girish Ramakrishnan 7e0ef60305 Fix incorrect role comparison 2020-03-15 16:19:22 -07:00
Girish Ramakrishnan 2ac0fe21c6 ghost file depends on base dir 2020-03-15 11:41:39 -07:00
Girish Ramakrishnan b997f2329d make branding route for owner only 2020-03-15 11:39:02 -07:00