f6e4f1aefc
network: ipv4 can be disabled
2024-04-25 15:50:42 +02:00
cae2bfbdc2
domains: add desec provider
2024-04-24 21:29:42 +02:00
3787f90283
appstore: bump timeout to 60s instead of 30s
...
this timeout is hit on some servers (which have some networking
issue). unfortunately, this triggers a bug in superagent -
https://github.com/ladjs/superagent/issues/1801
2024-04-23 11:41:51 +02:00
c2326bc5cc
oidc: add rate limit for login requests
2024-04-21 20:58:12 +02:00
ec7dabc1c7
oidc: also allow login on aliased app domains
2024-04-19 19:03:23 +02:00
d137cdf881
update cron module
...
CronJob -> CronJob.from
CronJob(time) -> CronTime
2024-04-19 18:31:47 +02:00
4516b0c57c
Do not return but continue in a loop
2024-04-19 14:29:41 +02:00
49243822af
dashboard: show app checklist
2024-04-19 14:17:54 +02:00
16521d5434
Fix updateChecklist usage
2024-04-19 12:15:13 +02:00
1afa2e87ec
mailserver: a056bcfd broke mail server restart
...
after proxying, we never restarted the mail server
also add note that restart has to reconfigure
2024-04-19 10:48:08 +02:00
7d6636bb54
Only add checklist items if they apply due to sso state
2024-04-18 16:05:38 +02:00
3c7e6b59f0
Add initial support for apps.checklist
2024-04-17 16:54:54 +02:00
daa8a60da2
oidc: Inject currently hardcoded CLOUDRON_OIDC_PROVIDER_NAME env var
...
This is designed to be used in the packages for the login button:
"Login with ${CLOUDRON_OIDC_PROVIDER_NAME}"
2024-04-17 15:06:22 +02:00
f231d51d0b
Make oidc authproxy login button translatable
2024-04-17 14:21:07 +02:00
a572374ad7
updatechecker: deep compare update object from appstore
...
When 'changelog' , 'unstable' fields change the box code is not
getting it.
2024-04-16 19:30:14 +02:00
1cf315634c
appstore: check the type of unstable field
2024-04-16 19:19:27 +02:00
b0d2bdbad9
Make it login with cloudron in authproxy
2024-04-16 14:56:18 +02:00
255fb0cac0
proxyauth: show intermediate login button page
2024-04-16 13:43:12 +02:00
c3be0018fe
proxyauth: send user to oidc login instead of /login
2024-04-16 11:29:00 +02:00
1008ec4fa1
proxyauth: remove basic auth login form
2024-04-15 18:52:07 +02:00
21d7438bbe
proxyauth: user OpenID instead of basic auth
2024-04-15 15:59:16 +02:00
0a748ac78a
better AVX error message
2024-04-15 10:10:13 +02:00
76c4002a04
oidc: Add profile picture claim
2024-04-14 12:05:45 +02:00
36ab5800a3
oidc: enable CORS for internal apps
2024-04-11 19:10:29 +02:00
f11becfcc8
async'ify
...
crazy this has gone unnoticed for so long!
2024-04-10 18:52:39 +02:00
87ae95aa4f
Add per-app notes feature
2024-04-10 18:34:58 +02:00
b4e4f26361
Rework cpuShares into cpuQuota
...
cpuShares is the relative weight wrt other apps. This is used when
there is contention for CPU. If we want this, maybe we implement
a UI where we show all the apps and let the user re-order them.
As it stands, it is confusing.
cpuQuota is a more straightforward "hard limit" of the CPU% that you
want the app to consume.
Can be tested with : stress -c 8 -t 20s
2024-04-10 18:25:14 +02:00
efd0be5e2c
services: send the default memory limit
2024-04-10 12:42:25 +02:00
8b7dca00af
app memory: make slider go till RAM
...
anything above RAM is useless
2024-04-10 12:12:49 +02:00
be2775e12e
memoryLimit: redefine to not include swap
...
Currently, we allocate 50% as RAM and 50% as swap. The manifest is
usually quite conservative on memory values. This means that we set
up a system where the app is applying memory pressure almost immediately.
This then swaps things randomly and increases cpu usage (kswapd shows
up in the profile).
To rethink the whole situation: we should not cap apps with a swap limit at all.
The memory hard limit is what is important. By redefining memoryLimit , we are
doubling every container's memory and it's good that we over allocate this.
2024-04-09 18:59:40 +02:00
2b1b304c6e
backup/import/restore: fix crash with root path calcuation
...
rootPath was calculated before the arguments were validated
2024-04-09 13:53:48 +02:00
62faf616c5
import: acceptSelfSignedCerts is validated at provider
2024-04-09 13:24:33 +02:00
3f2f4c7c6b
restore: acceptSelfSignedCerts is validated by provider
2024-04-09 13:20:01 +02:00
5e49a33e8f
backups: rootPath is needed only when testing storage
2024-04-09 13:03:31 +02:00
5fb7d53018
backups: encryptedFilenames and mountOptions are validated at provider level
2024-04-09 12:31:10 +02:00
424a3c2b53
validateEncryptionPassword need not by exported or async
2024-04-09 12:23:43 +02:00
6e629b984b
typo in error message
2024-04-09 11:53:58 +02:00
9e05a4eab7
Show background in all oidc pages
2024-04-06 10:52:25 +02:00
86986d8f34
Allow img-src blob:
2024-04-05 19:59:38 +02:00
2515b032d0
Add branding background UI
2024-04-05 14:31:41 +02:00
6086b0e797
typo
2024-04-05 12:11:43 +02:00
2760e25c0f
users: validate groupIds items
2024-04-05 11:59:16 +02:00
028b820d48
oidc: Reload the login view if session is gone
2024-04-04 17:32:58 +02:00
2c81458954
Show branding background image in login view
2024-04-04 15:38:44 +02:00
030e468829
docker: prune volumes on infra change
2024-04-04 11:36:26 +02:00
68724bcb4f
Revert "oidc: enable rpInitiated logout"
...
This reverts commit a6f4b2896a
2024-04-04 10:41:00 +02:00
6186bb54e4
Revert "oidc: allow post logout redirect back to the app"
...
This reverts commit 3ddf72a24d
2024-04-04 10:40:53 +02:00
a4e822dec2
Make autologin token only one-time use
2024-04-04 10:29:36 +02:00
5744cb7318
auto login from activation
2024-04-04 10:26:48 +02:00
2f6a66dbd7
oidc: enable auto login when a token is provided
2024-04-03 18:11:21 +02:00
Girish Ramakrishnan