David Duque
1ba62c6112
v0.47
...
v0.47 (July 29, 2020)
---------------------
Security fixes:
* Roundcube is updated to version 1.4.7 fixing a cross-site scripting (XSS) vulnerability with HTML messages with malicious svg/na$
* SSH connections are now rate-limited at the firewall level (in addition to fail2ban).
-----BEGIN PGP SIGNATURE-----
iQFDBAABCgAtFiEEX0wOcxPM10RpOyrquSBB9MEL3YEFAl8hh4APHGp0QG9jY2Ft
cy5pbmZvAAoJELkgQfTBC92BD8EIAKuNEHxgL0C0kkpAhuTlVXuoNEH/2FF6hYS7
7NqVrqOO1iVPGkGPhAh77CLpnvvJEhu9GeSWFhTrpI//5CvfafUQowmELClmDcYL
yxHqgoHX9O0PAd+uCLgO3MdAzFMVLNbPmt/uPgEHufnrrQGIGieB2iGWnf9xnnpf
wFSyQQnLofFpq7nH6qQvLNvh//zPQd7l/YV3ieEuT0dV4izg/Sr7Q5W6Zwn/q/ed
Btp4CizRFRFTmulIEM8an+jSXMMvdVkut6WDcl6ct8LZLoWwtEkWVeru9IVu4n9L
Lj8Bkt+8aRR6updnI/2tm0d7ZgFXWHc/+dfLCaK+aOlMD3qV9p0=
=xsgn
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEAKK/toPAcMkE+dinLzJ3OKPArjoFAl8i0EQACgkQLzJ3OKPA
rjopbg//T75ZyceGJVvDnzylhW65bIL8oUYiFLy/GOA39rmR1gjcwzHSaIP0kOtX
HPpm6rhPhVUKo8pjuWSvLnnNfz9QfJ4b6SqAN2Zg/hiqFdMEShGZNqvSQVvLkfxi
HHwa1C+TlRTD57HlVi9Y6TLX7YH65T9YmJol6KO30dGJRMIPssLg6K5k0Wf2Y2uG
E+6tipkiTPcHEaKIHUPdi5xxTL/QHVn+c+C0nsiflX7i9vC6P30e3yNsOvpk3q7V
XwD/bJfycUq8Qc5WhPsKoo287QY9XrkUco8vsVMDJJ1oCSIO1Ek5H/tgu2qB1QNJ
EGtcAYr09Fi8+5PLhmbTgRRWJ6ez6SaNnxsh8W5FhRpymgujoe4ghMiuYCwfHW13
ESB1KKZHGUiqP4nxHIgYyANrSP97qsZmVWUEQcwqhcP8BZY4NOzEsUKgIjTCTpVJ
CbRUJlgQow7s/R76aH3Crb7xhbE+2eQPDgKQ6AwDySWbPTDd3T6MtL0Oe2MZS8Wg
8mv02U+eqDfQ0TfD30vGIESARXJ1UJWfsLQzyyg7jBCTrIfSQt1IwFzXCASm78hs
kHN0/gmXUULQq0FslKV/zrfOsNEzKX+sCwjOMG7RMlWVcEVkRyXFvcajBj72mvZl
3kFOEqah8nErTStsP89Z+ltwfkVsWehu+vwP67NryRy4/B3y9fQ=
=CTVK
-----END PGP SIGNATURE-----
Merge upstream v0.47
2020-07-30 14:51:00 +01:00
hija
56d0289ed9
v0.47
2020-07-29 10:24:56 -04:00
Marcus Bointon
f253c40012
[backport] Add rate limiting of SSH in the firewall ( #1770 )
...
See #1767 . Backport of cfc8fb484c
.
2020-07-29 10:24:23 -04:00
Hilko
2c34a6df2b
Update roundcube to 1.4.7
2020-07-29 10:15:12 -04:00
David Duque
dd7899acca
Version bump
2020-07-26 01:03:28 +01:00
David Duque
5e597bb536
Update deprecated function from dnspython
2020-07-26 01:00:17 +01:00
David Duque
60911515fd
Support Ubuntu LTS point releases
2020-07-26 00:26:35 +01:00
David Duque
ac8c0ae762
Release v0.46.POWER.4
2020-07-22 12:45:18 +01:00
David Duque
16ae3038b3
Merge branch 'development'
2020-07-22 12:44:04 +01:00
David Duque
fc0bd12631
Acquire pools with the 'with' statement
2020-07-22 12:42:10 +01:00
David Duque
311e6c63e8
Render the 'Backup now' buttons even if there are already backups
2020-07-21 19:25:48 +01:00
David Duque
a0da88834c
Terminate the status checks process pool before exiting
2020-07-21 19:21:46 +01:00
David Duque
20b4f26e42
Use ubuntu/focal64 as main testbed
2020-07-15 15:28:47 +01:00
David Duque
c8fbe2dd5d
Determine the PHP version at runtime (instead of at setup-time)
2020-07-15 15:28:02 +01:00
David Duque
515a74ba11
Render the lsb_release at flask init time
...
Don't change the index.html file at setup time
2020-07-14 11:51:25 +01:00
David Duque
b562e7eefa
Hide the 'Create Backup' buttons when backups are turned off
2020-07-11 15:45:50 +01:00
David Duque
ccf60c7017
Backups: User-initiated and cron-initiated jobs will have the same lockname
...
So that some poor timing (initiating a backup when there's a cron-initiated backup)
doesn't screw everything up.
2020-07-11 09:16:32 +01:00
David Duque
e224b6b3b2
Update project status
2020-07-11 08:43:46 +01:00
David Duque
79e2398d71
Fix comment
2020-07-11 08:30:05 +01:00
David Duque
af9ef186b3
Add manual backup option
2020-07-10 15:48:37 +01:00
David Duque
199c2c50ba
Backups: Fix backup target selector width
2020-07-08 19:32:24 +01:00
David Duque
4a85250242
Revert vagrantfile to upstream config
2020-07-08 19:31:35 +01:00
David Duque
dd017c44c7
Update ideas section and roadmap
2020-07-08 15:00:04 +01:00
David Duque
3dfdb9a309
Update Vagrantfile to pull from development branch
2020-07-03 19:01:16 +01:00
David Duque
1d4d03637f
Version bump
2020-06-29 09:47:38 +01:00
David Duque
b98111b4e1
Fix unassigned php version
2020-06-29 09:13:50 +01:00
David Duque
3876cbac8a
Version bump
2020-06-28 10:06:50 +01:00
David Duque
ffc7e8d77e
Add comments explaining
2020-06-28 10:05:25 +01:00
David Duque
7f305ee02e
Add /.well-known/mta-sts.txt to all nginx dotfiles
2020-06-28 09:57:28 +01:00
David Duque
fcb44dafa3
Let's encrypt certbot hotfix
2020-06-27 21:32:36 +01:00
David Duque
7af4ab0f4f
Version bump
2020-06-27 20:27:49 +01:00
David Duque
7864055490
Upgrade Nextcloud
2020-06-27 19:39:03 +01:00
David Duque
7b357fa71b
Version bump (v0.46 rc)
2020-06-21 22:49:14 +01:00
David Duque
9a4cf4d7af
Update dependencies
2020-06-21 16:02:17 +01:00
David Duque
022a11e159
Merge remote-tracking branch 'up/master'
2020-06-21 15:52:31 +01:00
David Duque
74554bcbf3
Version bump
2020-06-21 15:45:34 +01:00
David Duque
5d6c23cff9
Finalize php configuration
2020-06-21 15:18:46 +01:00
David Duque
0ccbf1b809
Only spawn a thread pool when strictly needed
...
For --check-primary-hostname, the pool is not used.
When exiting, the other processes are left alive and will hang.
2020-06-21 15:05:17 +01:00
Joshua Tauberer
6fd3195275
Fix MTA-STS policy id so it does not have invalid characters, fixes #1779
2020-06-12 13:09:11 -04:00
David Duque
d01069f7f2
Automatically agree to ToS on SSL provision
2020-06-12 09:27:08 +01:00
Joshua Tauberer
224242dfde
Merge v0.46 point release branch
2020-06-11 12:25:49 -04:00
Joshua Tauberer
049bfb6f7f
v0.46
2020-06-11 12:23:18 -04:00
Joshua Tauberer
12d60d102b
Update Roundcube to 1.4.6
...
Fixes #1776
2020-06-11 12:21:17 -04:00
Joshua Tauberer
9db2fc7f05
In web proxies, add X-{Forwarded-{Host,Proto},Real-IP} and 'proxy_set_header Host' when there is a flag
...
Merges #1432 , more or less.
2020-06-11 12:20:17 -04:00
Joshua Tauberer
e03a6541ce
Don't make autoconfig/autodiscover subdomains and SRV records when the parent domain has no user accounts
...
These subdomains/records are for automatic configuration of mail clients, but if there are no user accounts on a domain, there is no need to publish a DNS record, provision a TLS certificate, or create an nginx server config block.
2020-06-11 12:20:17 -04:00
Faye Duxovni
41642f2f59
[backport] Fix roundcube error log file path in setup script ( #1775 )
2020-06-11 12:16:53 -04:00
Vasek Sraier
df9bb263dc
daily_tasks.sh: redirect stderr to stdout ( #1768 )
...
When the management commands fail, they can print something to the standard error output.
The administrator would never notice, because it wouldn't be send to him with the usual emails.
Fixes #1763
2020-06-07 09:56:45 -04:00
Faye Duxovni
339c330b4f
Fix roundcube error log file path in setup script ( #1775 )
2020-06-07 09:50:04 -04:00
Marcus Bointon
cfc8fb484c
Add rate limiting of SSH in the firewall ( #1770 )
...
See #1767 .
2020-06-07 09:47:51 -04:00
Joshua Tauberer
bc1be9d70a
readme fixes
2020-05-30 08:15:31 -04:00