jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
4,707 Commits 33 Branches 583 Tags
c8e377a9bd9f43072008b296a4f21c9e6dce4e86
Commit Graph

77 Commits

Author SHA1 Message Date
Johannes Zellner
101a44affd Add authorized_keys.sh 2017-03-07 15:16:18 +01:00
Girish Ramakrishnan
7f4f525551 dhparams.pem must be part of backup 2017-02-14 14:12:03 -08:00
Johannes Zellner
1d5465f21e Update the ssl ciphers and add dhparams.pem 
Fixes #218
 2017-02-13 00:28:22 +01:00
Girish Ramakrishnan
cd31e12bec Do not includeSubdomains in HSTS 
This prevents one from redirecting to some http-only subdomain.
For example, surfer in naked domain redirects to www subdomain
(which is on github pages...)
 2017-02-02 00:05:56 -08:00
Girish Ramakrishnan
56b0f57e11 Move unbound systemd config to separate file 2017-01-30 12:39:19 -08:00
Girish Ramakrishnan
08ffa99c78 Use %s instead of %d 
awk's %d behaves differently with mawk (scaleway) and gawk (do)

Fixes #200
 2017-01-30 10:24:26 -08:00
Girish Ramakrishnan
d93edc6375 box.service: start after nginx 2017-01-25 11:28:31 -08:00
Girish Ramakrishnan
f142d34f83 Move box data out of appdata volume 
This lets us restore the box if the app volume becomes full

Fixes #186
 2017-01-24 13:48:09 -08:00
Johannes Zellner
6eafac2cad Do not rely on fdisk's human readable unit output 
Using the bytes output will fix an issue where the disk size is reported
either as terrabyte or also megabyte.
So far we disallowed 1TB disks but allowed 20MB disks.
 2017-01-19 13:53:50 +01:00
Johannes Zellner
9b9d30c092 Remove commented out section of the nginx.conf 2017-01-11 00:09:51 +01:00
Johannes Zellner
fd479d04a0 Fix nginx config to make non vhost configs default_server 
Nginx does not match on the ip as a vhost. This no basically replaces
the commented out section in the nginx.conf
 2017-01-06 22:09:10 +01:00
Johannes Zellner
801c40420c Create setup nginx config and cert for ip setup 2017-01-05 16:02:03 +01:00
Girish Ramakrishnan
90c1fd4c31 rename the service to cloudron-resize-fs 2016-12-30 11:27:00 -08:00
Girish Ramakrishnan
fad6221750 Run cloudron-system-setup before box 2016-12-30 11:23:53 -08:00
Johannes Zellner
7d06f9e1e3 Add comment why the script might fail on unsupported small disks 2016-12-30 11:53:35 +01:00
Johannes Zellner
1e4e76b0dd give disk size a unit in cloudron-system-setup.sh 2016-12-30 11:49:57 +01:00
Girish Ramakrishnan
379042616f Ensure box.service starts after mysql.service 2016-12-29 14:24:29 -08:00
Girish Ramakrishnan
7de94fff1b Merge container logic into start.sh 
This whole container thinking is over-engineered and we will get to
it if and when we need to.
 2016-12-29 12:01:59 -08:00
Johannes
d39a84ea53 Do not redirect on app upstream error but show static error page 
Fixes #4
 2016-11-21 16:25:23 +01:00
Girish Ramakrishnan
94037e5266 remove oauth proxy backend logic 2016-11-19 17:13:08 +05:30
Girish Ramakrishnan
b932a9be10 Set X-Forwarded-Ssl to on 
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/nginx.md#supporting-proxied-ssl
http://stackoverflow.com/questions/16042647/whats-the-de-facto-standard-for-a-reverse-proxy-to-tell-the-backend-ssl-is-used
 2016-08-17 17:46:36 -07:00
Johannes Zellner
867e875707 Revert "Add basic 404 page" 
This reverts commit 3793220dd48356d5fe421312915a8392fcccca0e.
 2016-07-27 19:09:43 +02:00
Johannes Zellner
dcdca52dbd Add basic 404 page 2016-07-27 17:52:54 +02:00
Johannes Zellner
3331d1aa13 Ensure the X-Frame-Options header has a single string argument 2016-07-15 11:26:05 +02:00
Johannes Zellner
66049a9e2d Support x-frame-options in appconfig.ejs template 2016-07-14 16:28:59 +02:00
Johannes Zellner
ce116e56bf Remove webdav specific headers 
This is not actually doing anything in that directive
 2016-06-22 16:06:11 +02:00
Johannes Zellner
a37f87511b Prevent clickjacking by sending X-Frame-Options 2016-06-15 13:10:26 +02:00
Girish Ramakrishnan
dc31946e50 move webdav block outside location 
when inside location, nginx is redirecting to 127.0.0.1 (no clue why)
 2016-06-11 12:05:16 -07:00
Johannes Zellner
d06398dbfd Move webdav nginx fixes into app endpoint 
Not sure if this will now still work with oauth proxy though.
 2016-06-02 09:49:01 +02:00
Girish Ramakrishnan
dfa08469d6 set timeouts explicitly 2016-06-01 17:33:28 -07:00
Girish Ramakrishnan
d798073d95 fix comment of default_server 2016-06-01 17:28:15 -07:00
Girish Ramakrishnan
41632b8c11 fix favicon of naked domain 2016-06-01 17:27:39 -07:00
Girish Ramakrishnan
eb29bdd575 document keepalive_timeout 2016-06-01 16:51:52 -07:00
Johannes Zellner
47978436c2 Set Destination header for webdav in nginx proxy 2016-06-01 18:49:50 +02:00
Girish Ramakrishnan
27d2daae93 leave a note in nginx config 2016-05-19 12:27:54 -07:00
Girish Ramakrishnan
b4c15b1719 Let the box code initialize the infrastructure 
This is done because:
1. The box code can install certs for addons (like mail addon) when
   required.

2. The box code initialize/teardown addons on demand. This is not planned
   currently.
 2016-05-04 15:54:21 -07:00
Girish Ramakrishnan
4a04e0b52f use recommendation from raymii.org 2016-04-28 09:59:03 -07:00
Girish Ramakrishnan
8256f97e9d use latest mail image 2016-04-14 19:37:34 -07:00
Girish Ramakrishnan
9f443e2d07 should ideally use shutdown commands at some point (for mongodb) 2016-04-13 20:53:07 -07:00
Girish Ramakrishnan
5fbd1dae30 bump the mysql memory limit 
we hit this memory limit often in phabricator backup. this is all
very crude but should suffice for now.
 2016-03-05 18:35:28 -08:00
girish@cloudron.io
ce0a24a95d comment out public graphite paths 2016-01-25 12:51:37 -08:00
Johannes Zellner
63c06a508e Make /api available on just the IP 
We might want to also show something else than
the naked domain placeholder page when just
accessing the ip
 2016-01-24 12:08:10 +01:00
girish@cloudron.io
10f74349ca collectd: disable vmem plugin 2016-01-22 15:44:46 -08:00
girish@cloudron.io
05a771c365 collectd: disable process plugin 2016-01-22 15:43:47 -08:00
girish@cloudron.io
cfa2089d7b collectd: Remove ping metric 2016-01-22 15:36:13 -08:00
girish@cloudron.io
9706daf330 Just track ext4 and btrfs file systems 2016-01-22 14:33:02 -08:00
girish@cloudron.io
6dc11edafe make exec route more debugging friedly 
allow upto 30 minutes of idle connection
 2016-01-18 12:49:06 -08:00
Girish Ramakrishnan
1874c93c5c no need to template main nginx config 2015-12-10 13:54:53 -08:00
Girish Ramakrishnan
6fc972d160 set default response type to text/plain 2015-12-09 18:34:13 -08:00
Girish Ramakrishnan
88f0240757 serve acme directory from nginx 2015-12-08 19:04:48 -08:00