c905adde1e
Revert "Limit ldap queries per client to 60 per minute"
...
This reverts commit 466dfdf81f
2017-03-22 19:35:06 +01:00
0e7efa77a5
Bump the mail container
2017-03-22 09:55:04 -07:00
875ca0307f
Fix the node tutorial to export the node PATH and use latest node release
2017-03-22 16:20:48 +01:00
543c9843ba
Use df instead of fdisk
...
some disk types do not contain proper partition tables like on time4vps
the type is simfs. On those fdisk fails to access the partition table,
thus being unable to determine the size of the volume.
df does only return the real usable disk space by the user, thus we
lower the 20GB threshold to 18
Fixes #275
2017-03-22 14:23:59 +01:00
83254a16f9
Do not restrict CSP img-src as 3rd party apps might use other origins for medialinks
2017-03-21 20:20:16 +01:00
466dfdf81f
Limit ldap queries per client to 60 per minute
...
Part of #187
2017-03-21 16:43:22 +01:00
3d60a04b36
Add ldapjs-rate-limit module
2017-03-21 16:43:02 +01:00
103cb10cad
Ignore upstream headers for security headers we set in nginx
...
Apps like nextcloud set their own security headers ending up with having
them set twice. I am not 100% sure if our headers should win or if we
should not inject headers with nginx if the upstream app sets them already.
This looks like the more permissive case where we simply enforce our
values, regardless what the apps sets.
This also fixes the nextcloud/owncloud security checks which were
failing because the header values were duplicated, which results in
string concatenation of values from same headers.
2017-03-21 14:18:39 +01:00
29ef079a83
Do not let the invite link overflow the dialog
2017-03-21 13:36:36 +01:00
a55645770e
Add missing csp img-src policy for app icons
2017-03-21 13:25:29 +01:00
132ddd2671
Add 0.107.0 changes
2017-03-21 11:15:51 +01:00
fa5891b149
Also put csp meta tag in oauth views
2017-03-21 11:12:04 +01:00
d01929debc
Be more permissive with csp header values
2017-03-21 11:12:04 +01:00
7c01ee58b5
Template the cloudron origin for csp to support local development
2017-03-21 11:12:04 +01:00
ec89f8719c
Add CSP meta tag for webadmin
2017-03-21 11:12:04 +01:00
9145022a2c
Put scope in the end since it is pre-filled
2017-03-20 20:06:24 -07:00
9ae8ce3296
Change default oauth client scope to profile
2017-03-20 20:05:22 -07:00
eabf27f0c9
More OAuth wording changes
2017-03-20 19:55:27 -07:00
3102a15dff
doc: add oauth note in user manual
2017-03-20 19:52:34 -07:00
7747c482d4
Fix oauth wording in the tokens UI
2017-03-20 19:12:32 -07:00
444ca1888b
remove dead comment
2017-03-20 15:14:06 -07:00
86ccf5ea84
doc: add kimsufi note
...
Fixes #261
2017-03-20 14:32:35 -07:00
ef088293b6
Do not show repair and configure together
2017-03-20 08:48:50 -07:00
e0df19c888
Remove unused api wrapper for getAppLogStream()
2017-03-20 10:46:27 +01:00
6a523606ca
Revert "Bump version to Nginx IPv6 support."
...
This reverts commit 5555321cf5f087ebbee0d04f64d3d4#264
2017-03-19 14:25:30 -07:00
b6cd40e63c
Use latest manifestformat
2017-03-19 14:20:00 -07:00
b421866bf5
Remove simpleauth
...
Simple Auth used to provide auth over HTTP. The original motivation
behind this was this was a simple way to add Cloudron Auth integration.
Back in the day, Cloudron Auth was a requirement for apps but this is
not the case anymore.
This is currently not used by any app and having this might encourage
people to make Cloudron specific un-upstreamable changes.
2017-03-19 01:31:38 -07:00
fe06075816
more CHANGES
2017-03-17 13:49:47 -07:00
2b73eb90ec
Merge branch 'ipv6' into 'master'
...
Add IPv6 Support
See merge request !3
2017-03-17 19:55:30 +00:00
5555321cf5
Bump version to Nginx IPv6 support.
2017-03-17 19:43:54 +00:00
f087ebbee0
Add listen [::]:80; for IPv6 redirects.
2017-03-17 19:13:18 +00:00
d04f64d3d4
Add IPv6 listen directives
2017-03-17 19:12:25 +00:00
777a5a0929
Add 0.106.0 changes
2017-03-17 10:23:17 -07:00
6c297f890e
Bump mail container
2017-03-17 10:23:17 -07:00
3c8d0b1b37
Never hide the busy state on setup when it suceeded
...
In that case the whole page gets redirected and to avoid page flickering
we keep it at busy until the browser tears the whole page apart.
2017-03-16 09:58:21 +01:00
74f2cd156f
Only send setupToken on admin creation if it was actually specified
2017-03-16 09:37:28 +01:00
a9fdffa9af
0.105.1 changes
2017-03-15 21:15:15 -07:00
e6f8e8eb94
ami field is only required if shown
2017-03-15 21:10:22 -07:00
1bd89ca055
Wait for platform ready after box restarts
...
This is required for the case where the box restarts apptasks.
For example, the server can reboot mid-way when apptask is running
(as in cloudron-setup + appBundle case) and then when it comes back
up it doesn't wait for the platform to be ready. And the apps fail
to install (mysql takes a bit to startup)
2017-03-15 20:35:44 -07:00
0e226d0314
Download icon (for repair case)
2017-03-15 20:35:44 -07:00
e8d4e2c792
send more logs
2017-03-15 19:35:42 -07:00
4cfbed8273
Use inline docker pgp key
...
The one from keyserver keeps failing sporadically
https://github.com/docker/docker/issues/13555
https://github.com/docker/docker/issues/20022
http://askubuntu.com/questions/720517/key-server-times-out-while-installing-docker-on-ubuntu-14-04
2017-03-15 18:04:44 -07:00
0410ac9780
doc: activate api
2017-03-15 16:14:25 -07:00
82fcf6a770
setupToken is not required in activate
2017-03-15 15:55:31 -07:00
a1332865c0
Fix wording (should be prove otherwise)
2017-03-15 15:42:06 -07:00
ae0e4de93e
No semicolons in bash code
2017-03-15 15:40:43 -07:00
02a6525558
Add changes for 0.105.0
2017-03-15 14:56:35 +01:00
5afef14760
Actually send emails for responsive apps
2017-03-14 13:42:28 -07:00
890d589a36
Do not show Route53 in dns setup for AMIs
2017-03-14 16:54:46 +01:00
89a50c4b83
Use ami provider in ami creation script
2017-03-14 13:48:11 +01:00
Johannes Zellner