jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
11,284 Commits 33 Branches 583 Tags
ca4e1e207c13c91e4ecb2ca4e3448082e834fcf8
Commit Graph

909 Commits

Author SHA1 Message Date
Girish Ramakrishnan
6933ccefe2 Update nginx to 1.20.0-1 2022-03-28 13:25:05 -07:00
Girish Ramakrishnan
54aeff1419 ldap: send rootDSE response 
some apps like osTicket require this
 2022-03-25 14:15:18 -07:00
Girish Ramakrishnan
d13905377c firewall: do not add duplicate ldap redirect rules 2022-03-21 12:25:30 -07:00
Girish Ramakrishnan
6f1023e0cd Add to changes 2022-03-18 10:27:04 -07:00
Girish Ramakrishnan
eeddc233dd more changes 2022-03-16 09:05:41 -07:00
Girish Ramakrishnan
f48690ee11 dyndns: fix typo 2022-03-15 09:53:54 -07:00
Girish Ramakrishnan
af42008fd3 Enable IPv6 on new interfaces with net_admin cap 2022-03-12 09:14:37 -08:00
Girish Ramakrishnan
4396bd3ea7 wildcard: handle ENODATA 2022-03-08 17:14:42 -08:00
Girish Ramakrishnan
fc2a326332 mysql: Fix default collation 
https://github.com/mattermost/mattermost-server/issues/19602#issuecomment-1057360142

> SELECT @@character_set_database, @@collation_database;

This will show utf8mb4 and utf8mb4_0900_ai_ci (was utf8mb4_unicode_ci)

To see the table schemas:

> SELECT table_schema, table_name, table_collation FROM information_schema.tables;
 2022-03-02 22:34:30 -08:00
Girish Ramakrishnan
e66a804012 ufw may not be installed 2022-03-02 19:36:32 -08:00
Girish Ramakrishnan
c100be4131 dns: filter out link local addresses 
Unlike IPv4, IPv6 requires a link-local address on every network interface on which the IPv6 protocol is enabled, even when routable addresses are also assigned
 2022-03-01 12:13:59 -08:00
Girish Ramakrishnan
eb0662b245 Up the json size to 2mb for block list route 
https://forum.cloudron.io/topic/6575/cloudron-7-1-2-firewall-not-ipv6-ready
 2022-03-01 11:57:50 -08:00
Girish Ramakrishnan
7912d521ca 7.1.3 changes 2022-02-28 14:26:37 -08:00
Girish Ramakrishnan
2434e81383 backups: fix incorrect mountpoint check with managed mounts 2022-02-25 12:53:05 -08:00
Girish Ramakrishnan
1a87856655 eventlog: log event on alias update 2022-02-24 20:30:42 -08:00
Girish Ramakrishnan
a662a60332 eventlog: add event for certificate cleanup 2022-02-24 19:55:43 -08:00
Girish Ramakrishnan
993ff50681 cloudron-firewall: fix crash when ports are whitelisted 
it failed with:
Feb 22 08:52:30 strawberry cloudron-firewall.sh[14300]: /home/yellowtent/box/setup/start/cloudron-firewall.sh: line 14: iptables --wait 120 --wait-interval 1: command not found

the root cause was that IFS was getting set but not getting reset later.
the IFS=xx line is not line local as it seems to appear (just a bash statement)
 2022-02-22 00:56:57 -08:00
Girish Ramakrishnan
24a16cf8b4 redis: fix issue where protected mode was enabled with no password 2022-02-21 12:21:37 -08:00
Girish Ramakrishnan
c15913a1b2 add to changes 2022-02-20 17:46:37 -08:00
Girish Ramakrishnan
c55d1f6a22 Add to changes 2022-02-19 15:27:51 -08:00
Girish Ramakrishnan
ca83deb761 Docker IPv6 support 
Docker's initial IPv6 support is based on allocating public IPv6 to containers.
This approach has many issues:
* The server may not get a block of IPv6 assigned to it
* It's complicated to allocate a block of IPv6 to cloudron server on home setups
* It's unclear how dynamic IPv6 is. If it's dynamic, then should containers be recreated?
* DNS setup is complicated
* Not a issue for Cloudron itself, but with -P, it just exposed the full container into the world

Given these issues, IPv6 NAT is being considered. Even though NAT is not a security mechanism as such,
it does offer benefits that we care about:
* We can allocate some private IPv6 to containers
* Have docker NAT66 the exposed ports
* Works similar to IPv4

Currently, the IPv6 ports are always mapped and exposed. The "Enable IPv6" config option is only whether
to automate AAAA records or not. This way, user can enable it and 'sync' dns and we don't need to
re-create containers etc. There is no inherent benefit is not exposing IPv6 at all everywhere unless we find
it unstable.

Fixes #264
 2022-02-09 23:54:53 -08:00
Girish Ramakrishnan
7bfa237d26 Update docker to 20.10.12 2022-02-08 10:57:24 -08:00
Johannes Zellner
4273c56b44 Add some changes 2022-02-05 21:09:14 +01:00
Girish Ramakrishnan
73f637be26 Add 2 more changes 2022-02-01 12:09:22 -08:00
Girish Ramakrishnan
37c8ca7617 mail: use port25check.cloudron.io to check outbound port 25 connectivity 2022-01-31 16:55:56 -08:00
Girish Ramakrishnan
5382e3d832 remove nginx config of stopped apps 
when the cert of a stopped app gets auto-cleaned up, nginx does not
start anymore since the config references the cert.

there are two possible fixes:
* do not cleanup cert of stopped apps
* remove the nginx config of stopped apps

this implements the second approach
 2022-01-28 10:23:56 -08:00
Girish Ramakrishnan
be9830d0d4 postgresql: enable postgis 2022-01-21 23:18:40 -08:00
Girish Ramakrishnan
d21d13afb0 Add to changes 2022-01-21 17:31:26 -08:00
Girish Ramakrishnan
4513b6de70 add a way for admins to set username when profiles are locked 2022-01-12 16:21:00 -08:00
Johannes Zellner
6cf7ae4788 Add changes 2022-01-10 16:45:44 +01:00
Girish Ramakrishnan
d8314d335a implement manifest.logPaths 2022-01-04 10:04:40 -08:00
Girish Ramakrishnan
bb2d9fca9b update manifest format for 'upstreamVersion' field 2021-12-21 11:24:04 -08:00
Girish Ramakrishnan
34d11f7f6e mongodb container update 
* upgrades mongodb to 4.4
* makes the service http based
* no more request module usage
 2021-12-16 22:49:38 -08:00
Girish Ramakrishnan
a3280a0e30 Update node to 16.13.1 
useful for using stream.promises
 2021-12-14 20:49:25 -08:00
Girish Ramakrishnan
e7f94b6748 Update base image to 3.1.0 2021-12-14 20:47:41 -08:00
Girish Ramakrishnan
fcdc53f7bd add flag to enable/disable mailbox sharing 2021-12-08 11:05:13 -08:00
Girish Ramakrishnan
683ac9b16e remove support for manifest version 1 
this is long untested by now
 2021-12-06 17:44:09 -08:00
Girish Ramakrishnan
2415e1ca4b Prefix email addon variables with CLOUDRON_EMAIL instead of CLOUDRON_MAIL 
otherwise, it's conflicting with the sendmail and recvmail addons
 2021-12-06 17:39:29 -08:00
Girish Ramakrishnan
39807e6ba4 domain: split the config and wellknown routes 
we want to add more stuff to the UI like the jitsi URL
 2021-12-03 18:14:46 -08:00
Girish Ramakrishnan
aab69772e6 mailbox: add app owner type 
this is useful when we create mailboxes for the recvmail addon
 2021-12-02 22:28:06 -08:00
Girish Ramakrishnan
e5fecdaabf Add mail manager role 
part of #807
 2021-12-02 09:24:09 -08:00
Girish Ramakrishnan
89389258d7 pass correct auditSource when raising notifications 
this fixes the bug where automatic app update notification were not
raised.
 2021-11-17 10:42:53 -08:00
Girish Ramakrishnan
0f04933dbf backups: fix issue where mail backups were not cleaned up 2021-11-16 19:52:51 -08:00
Girish Ramakrishnan
b6ee1fb662 mail: add non-tls ports for recvmail addon 2021-11-16 17:21:34 -08:00
Girish Ramakrishnan
178d93033f 7.0.4 changes 2021-11-15 23:51:06 -08:00
Girish Ramakrishnan
42eef42cf3 Add to changes 2021-11-15 13:58:59 -08:00
Girish Ramakrishnan
aa3ee2e180 cloudron-support: add option to reset account 
new cli option --reset-appstore-account
 2021-11-15 10:06:18 -08:00
Girish Ramakrishnan
68db4524f1 remove unused httpPaths from manifest 2021-11-09 21:50:33 -08:00
Girish Ramakrishnan
48b75accdd 7.0.4 changes 2021-11-09 09:31:58 -08:00
Girish Ramakrishnan
535a755e74 7.1.0 changes 2021-11-03 15:08:48 -07:00