jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
9,650 Commits 33 Branches 583 Tags
d703d1cd13aa45a578ad5bf876f4e63d4ac2b0a8
Commit Graph

6322 Commits

Author SHA1 Message Date
Girish Ramakrishnan
d703d1cd13 remove httpPort 
we can just use container IP instead of all this httpPort exporting magic.
this is also required for exposing httpPaths feature (we have to otherwise
have multiple httpPorts).
 2020-11-19 00:38:52 -08:00
Girish Ramakrishnan
bd9c664b1a Free up port 53 
It's all very complicated.

Approach 1: Simple move unbound to not listen on 0.0.0.0 and only the internal
ones. However, docker has no way to bind only to the "public" interface.

Approach 2: Move the internal unbound to some other port. This required a PR
for haraka - https://github.com/haraka/Haraka/pull/2863 . This works and we use
systemd-resolved by default. However, it turns out systemd-resolved with hog the
lo and thus docker cannot bind again to port 53.

Approach 3: Get rid of systemd-resolved and try to put the dns server list in
/etc/resolv.conf. This is surprisingly hard because the DNS listing can come from
DHCP or netplan or wherever. We can hardcode some public DNS servers but this seems
not a good idea for privacy.

Approach 4: So maybe we don't move the unbound away to different port after all.
However, all the work for approach 2 is done and it's quite nice that the default
resolver is used with the default dns server of the network (probably a caching
server + also maybe has some home network firewalled dns).

So, the final solution is to bind to the make docker bind to the IP explicity.
It's unclear what will happen if the IP changes, maybe it needs a restart.
 2020-11-18 23:25:56 -08:00
Johannes Zellner
ae94ff1432 Send Cloudron default language via status call 2020-11-18 23:45:16 +01:00
Johannes Zellner
cbc5ec7d89 List languages from dashboard dist/translation 2020-11-18 18:39:55 +01:00
Johannes Zellner
784c8b2bd2 Add route to get available languages 2020-11-18 00:10:06 +01:00
Johannes Zellner
2388fe5047 Add cloudron global language setting 2020-11-17 22:44:03 +01:00
Girish Ramakrishnan
b5c933494a linode: cannot destructure null/undefined 
if we have an error, the destructure will fail
 2020-11-16 22:37:53 -08:00
Girish Ramakrishnan
8c0bd97064 mail: owner can be a group 2020-11-13 00:31:34 -08:00
Girish Ramakrishnan
2ca9534715 add some comments on the ldap routes 2020-11-12 22:13:24 -08:00
Girish Ramakrishnan
641704a741 proxyauth: support basic auth 
this is required for apps like transmission
 2020-11-11 15:11:36 -08:00
Girish Ramakrishnan
82d88d375e sftp: fix crash 2020-11-11 11:13:30 -08:00
Johannes Zellner
751caa7b3b Prefix base64 image data 2020-11-11 11:24:20 +01:00
Girish Ramakrishnan
7e16128b11 proxyauth: render as ejs tos end app title and icon 2020-11-11 00:36:02 -08:00
Girish Ramakrishnan
008fa09877 proxyauth: redirect correctly after login 2020-11-11 00:01:36 -08:00
Girish Ramakrishnan
045963afe5 serve proxyauth login file from the dashboard 2020-11-10 21:18:50 -08:00
Girish Ramakrishnan
b799df3626 authproxy -> proxyauth 2020-11-10 20:04:31 -08:00
Girish Ramakrishnan
772df6f9af typo 2020-11-10 19:49:57 -08:00
Girish Ramakrishnan
72cb383f2c proxy auth: create token secret 2020-11-10 17:20:27 -08:00
Girish Ramakrishnan
625dc7c49b Add proxyAuth as an addon 2020-11-10 16:50:36 -08:00
Girish Ramakrishnan
86916a94de allow 401 and 403 errors to pass health check 
way too many WP sites use some plugin to block health check routes.
maybe some day we will have dynamic health check route settable by user.
 2020-11-10 16:50:36 -08:00
Girish Ramakrishnan
71666a028b add support for protected sites 
https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-subrequest-authentication/
https://gock.net/blog/2020/nginx-subrequest-authentication-server/
https://github.com/andygock/auth-server
 2020-11-10 01:06:39 -08:00
Girish Ramakrishnan
01e6301332 collectd: adjust collectd config when app is stopped and started 2020-11-09 10:37:22 -08:00
Johannes Zellner
13050f7bff Give log files better names on download 2020-11-09 11:07:16 +01:00
Girish Ramakrishnan
bedcd6fccf Disable the timeout altogether for chunk to upload 2020-11-06 14:47:14 -08:00
Girish Ramakrishnan
df8a71cd8b Each chunk can take up to 30 mins to upload 2020-11-06 00:05:53 -08:00
Girish Ramakrishnan
a113ece22b Still have to preserveEnv for the env vars to make it across sudo 2020-11-05 16:13:42 -08:00
Girish Ramakrishnan
a63c2cfdf2 reverse this since it makes better reading 2020-11-05 16:08:57 -08:00
Girish Ramakrishnan
8f78a9dcde No need to pass --expose-gc 
http://sambal.org/2014/02/passing-options-node-shebang-line/ was a cool trick but not needed at all.

https://bitbucket.org/chromiumembedded/cef/issues/483/dont-always-add-the-expose-gc-v8-flag
says it will change behavior in ways we don't want.
 2020-11-05 16:07:28 -08:00
Girish Ramakrishnan
02eb362f37 Set the heap size with large backup memory limits 
I had to also give the server some more swap for the backup to succeed
 2020-11-05 16:06:12 -08:00
Girish Ramakrishnan
f79263a92a backups: periodically dump heap space info 2020-11-05 16:06:09 -08:00
Girish Ramakrishnan
cd95da6d35 Typo in message 2020-11-05 09:59:13 -08:00
Johannes Zellner
5ab2c9afaa Use new sftp image to fix chown 2020-11-04 15:11:41 +01:00
Johannes Zellner
e77201099d Encode filemanager route paths correctly and do not expect starts with / 2020-11-04 13:58:53 +01:00
Johannes Zellner
30a4c00f35 Update sftp addon to avoid crash when overwrite property is missing 2020-11-03 21:27:24 +01:00
Girish Ramakrishnan
e68db4ce57 Aim for 60% used space 2020-11-02 23:42:53 -08:00
Girish Ramakrishnan
b5a83ab902 demo: blacklist alltube as well 2020-11-02 15:16:21 -08:00
Girish Ramakrishnan
2c9efea733 Use debug instead of console.error 2020-10-30 11:07:51 -07:00
Girish Ramakrishnan
9615dc1458 Mount volumes into the file browser 2020-10-30 11:05:47 -07:00
Girish Ramakrishnan
f50a8482c3 Fix error code handling 2020-10-30 10:04:00 -07:00
Girish Ramakrishnan
cd3dc00f2f Do not allow duplicate mounts 2020-10-29 23:07:48 -07:00
Girish Ramakrishnan
65eae30a48 Mount API fixes 2020-10-29 22:04:38 -07:00
Girish Ramakrishnan
fa4392df09 Fix docker.getBinds() 2020-10-29 11:47:37 -07:00
Johannes Zellner
f8d6fd80d5 Do not crash if app.volumes does not exist 2020-10-29 12:09:15 +01:00
Girish Ramakrishnan
88ed545830 rename appVolumes to appMounts 2020-10-28 22:06:33 -07:00
Girish Ramakrishnan
4388f6e87c Send volumes in REST response 2020-10-28 19:33:32 -07:00
Girish Ramakrishnan
6157364e20 Cannot update a volume (otherwise, we have to re-configure apps) 2020-10-28 17:04:24 -07:00
Girish Ramakrishnan
96999e399d volume: use the load pattern 
this way we can stash info in the eventlog
 2020-10-28 15:56:54 -07:00
Girish Ramakrishnan
6a3df679fa Add volume management 
the volumes table can later have backup flag, mount options etc
 2020-10-28 15:31:21 -07:00
Johannes Zellner
03e49c59e2 Revert "more changes" 
This reverts commit d69af56c90.
 2020-10-28 16:16:10 +01:00
Girish Ramakrishnan
b525b6e4fa fix code style 2020-10-27 17:15:19 -07:00