c4f96bbd6b
Some directory creation fixes
2017-04-04 12:34:55 +02:00
649092ecb0
Fix typo PLATFORM_CONFIG_DIR -> PLATFORM_DATA_DIR
2017-04-04 12:34:55 +02:00
128a3b03c9
Do not use btrfs snapshots for mail on box backup
2017-04-04 12:34:55 +02:00
847ef6626f
Also use appsdir in rmappdir.sh
2017-04-04 12:34:55 +02:00
4643daeeec
Use appsdata in createappdir.sh
2017-04-04 12:34:55 +02:00
38178afd31
Do not use btrfs snapshots for app backups
2017-04-04 12:34:55 +02:00
9c6324631d
Use APPS_DATA_DIR in app backup and restore scripts
2017-04-04 12:34:55 +02:00
3a17bf9a0f
Ensure apps and platform data dirs exist
2017-04-04 12:34:55 +02:00
602f8bcd04
Split platform and app data folders and get rid of btrfs volumes
2017-04-04 12:34:55 +02:00
785ae765a4
better error text
2017-04-03 16:54:06 -07:00
c85120834c
refactor ngTld so it can be used with plain strings
2017-04-03 16:20:32 -07:00
89d36b8ad4
Reset the dns error states on resubmission
2017-04-03 22:36:02 +02:00
b9711d7b47
Move AMI instanceId verification to DNS setup
2017-04-03 22:19:01 +02:00
4f9273819a
Ensure autofocus on setup.html
2017-04-03 16:45:04 +02:00
e0d7850135
Add a tooltip to email field during setup
2017-04-03 16:33:07 +02:00
2c871705c7
Add a referrer policy
2017-03-31 16:11:54 -07:00
2bb99db2c7
Add another blacklist tester
2017-03-30 19:42:14 -07:00
3fc5757e97
doc: Add note on OS updates
2017-03-30 08:35:18 -07:00
92ff19ffce
Add 0.108.0 changes
2017-03-29 22:20:13 -07:00
e9456f70f9
use connlimit module to rate limit
...
hitcount cannot be more than 255 in recent module
2017-03-29 21:51:24 -07:00
ffbda22145
Fine tune rate limits a bit more
2017-03-29 16:03:08 -07:00
b92ae44578
Generate 128 byte passwords
2017-03-29 15:38:15 -07:00
b6ffc966cd
Bump mysql (for increasing multidb password len)
2017-03-29 15:21:49 -07:00
b42bc52093
doc: improve rate limit wording
2017-03-29 10:40:02 -07:00
806b458ff1
Move it to the selfhosting guide instead
2017-03-29 10:33:51 -07:00
d5d4e237bd
doc: add security section
2017-03-29 10:23:08 -07:00
956fe86250
Add firewall service
...
Docker really insists on adding itself to the top of the FORWARD
chain. Making our firewall side-steps this docker design.
2017-03-29 02:31:53 -07:00
4d000e377f
Enable iptables based ratelimit for cloudron auth services
...
The goal here is to simply add a rate limit to prevent brute
force password attacks.
Covered services includes:
(public) http, https, ssh, smtp, msa, imap, sieve
(private) postgres, redis, mysql, ldap, mongodb. msa
The private limits are higher because some apps will create
a db connection for each page request. Some apps like mailtrain
will send out lots of emails etc.
Note that apps that use SSO are ratelimited by the ldap limit.
Part of #187
2017-03-29 00:02:05 -07:00
39e827be04
Add rosehosting to the help output if no provider is specified
2017-03-28 10:38:00 +02:00
e50b4cb7ec
doc: fixup the best practices docs
...
Fixes #232
2017-03-27 15:29:07 -07:00
1938ec635b
Remove bestpractices.md as this was already incorporated into the main packaging guide
2017-03-27 16:05:03 +02:00
03a3d367a4
Incorporate best practices into app package guide
...
Part of #232
2017-03-27 16:03:19 +02:00
38c2f75b5e
Also patch the cloudron-setup to match the resize script
...
Part of #278
2017-03-27 13:51:37 +02:00
9d98b55881
Merge branch 'tobru/fix_278' into 'master'
...
get disk_size_bytes by directly querying df /. fixes #278
Closes #278
See merge request !4
2017-03-27 11:46:49 +00:00
18e59c4754
Rate limit nginx routes that verify the password
...
Also remove rate-limit middleware
Test using something like:
ab -v 1 -n 1000 -c 10 -s 5 -m POST https://my .<doamain>/api/v1/developer/login
Part of #187
2017-03-27 00:06:42 -07:00
64cb951206
Fix failing dns test
2017-03-26 22:07:28 -07:00
77df520b07
addons is optional in manifest
2017-03-26 21:55:31 -07:00
32f94a03ce
Fix failing test
2017-03-26 21:53:45 -07:00
fc6ce4945f
add sendmail/recvmail ldap tests
2017-03-26 20:42:46 -07:00
17b7d89db9
Generate password for mailboxes
...
Fixes #109
2017-03-26 20:07:59 -07:00
6ea741e92f
Verify password for sendmail/recvmail addon
...
Part of #109
2017-03-26 20:07:55 -07:00
790ad4e74d
Add getAddonConfigByName
2017-03-26 19:06:36 -07:00
f92297cc99
Store env vars as name, value pairs
...
Part of #109
2017-03-26 12:22:19 -07:00
0c6c835a39
get disk_size_bytes by directly querying df /. fixes #278
...
This simplifies the logic to get the available space the root
mountpoint has available and makes it more robust.
2017-03-26 18:03:10 +02:00
514341172c
Add name to appAddonConfigs
...
Part of #109
2017-03-25 18:06:56 -07:00
e535ffa778
Disable bind9 as it conflicts with unbound
...
part of #194
2017-03-25 17:36:10 -07:00
b86cfabd17
Do not allocate more than 4GB swap
...
Also resize existing swap file, if necessary. Note that if the user
allocates more than what we expect, we don't do anything.
Fixes #277
2017-03-24 16:03:30 -07:00
b44f0b78a1
remove spurious console.log
2017-03-24 14:55:22 -07:00
76d234d0bf
Also allow data: uri to be loaded for images
2017-03-24 17:23:20 +01:00
a694acba44
Redirect to /setupdns.html if cloudron is activated but no domain is set
...
This happens in the restore case where no domain is provided to
cloudron-setup
Fixes #273
2017-03-23 15:40:18 +01:00
Johannes Zellner