YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity
6093 commits 33 branches 409 tags 24 MiB
Commit graph

387 commits

Author SHA1 Message Date
Alexandre Aubin
5e4484ddcc
Merge pull request #1008 from larchange/stretch-unstable 
Add logging and persistent as default config for new muc room
 2020-05-27 23:54:43 +02:00
Alexandre Aubin
b3db4d92fc Bump server_names_hash_bucket_size to 128 to avoid nginx exploding for stupid reasons 2020-05-27 17:10:39 +02:00
Gabriel
a2b85b7523 Add logging and persistent as default config for new muc room 2020-05-26 19:07:09 +01:00
SohKa
d4bea7dd34 Add pre-defined DHE group and set up Nginx to use it 2020-05-26 19:17:03 +02:00
Josué Tille
226bd15c55
Merge remote-tracking branch 'upstream/stretch-unstable' into permission_protection 2020-05-22 15:12:32 +02:00
Julien Rabier
7ccd6e1348
fix destination concurrency 
Hi,
Postfix has this very peculiar behavior where the target of some config keys changes depending on the value. 
Here, if `smtp_destination_concurrency_limit` is set to 1, then according to http://www.postfix.org/postconf.5.html#default_destination_concurrency_limit it doesn't mean "1 concurrent mail per domain, but per recipiend address".

So, if set to 1, it means we can send any volume of e-mails concurrently (with a 5s delay) if all recipient addresses are different.
In order to avoid this, we should increase the value to restore the expected behavior (concurrency per domain, not per recipient).
 2020-05-11 21:37:17 +00:00
Bram
dbac27cc38
Merge pull request #961 from YunoHost/add-wss-to-default-src 
[enh] Real CSP headers for the webadmin
 2020-05-07 21:35:24 +02:00
ljf
fae6b3f3f4 [fix] Unrelevant obsolete config params 2020-05-04 14:45:47 +02:00
ljf
64066f85b0 [enh] Allow admin to specify an smtp relay 2020-05-04 14:45:47 +02:00
Alexandre Aubin
0fba21f924 Enforce CSP rules for real on webadmin 2020-04-29 01:07:07 +02:00
Josué Tille
73e2ede910
Merge branch 'stretch-unstable' into permission_protection 2020-04-28 14:20:25 +02:00
Alexandre Aubin
ceab9bd1b3
Merge branch 'stretch-unstable' into fix-1516-separate-xmpp-vhosts 2020-04-27 18:03:34 +02:00
Alexandre Aubin
c0c026613f Add wss: to default to get rid of angry CSP on webadmin 2020-04-27 02:15:14 +02:00
Josué Tille
84e275ea97
Merge branch 'stretch-unstable' into permission_protection 2020-04-22 21:59:06 +02:00
Alexandre Aubin
1a828c725f
Fix postfix ciphers 2020-04-21 20:20:53 +02:00
Alexandre Aubin
194a0bb187
We need that trailing / for the download of files to actually work, c.f. feedback in 3.8 post on the forum 2020-04-21 15:46:03 +02:00
Alexandre Aubin
3b0bd2e8f2
Merge pull request #923 from YunoHost/misc-enh-diagnosis 
[enh] Misc improvements for diagnosis
 2020-04-19 05:34:27 +02:00
Kayou
9af942afa0
Merge pull request #925 from YunoHost/kay0u-patch-1 
[fix] custom_portal and custom_overlay redirect
 2020-04-18 01:42:58 +02:00
Alexandre Aubin
7061c4c3fe
Improve systemd settings for slapd (#933) 2020-04-17 14:40:53 +02:00
Alexandre Aubin
8e46b536dc Somewhat cleaner hack to check the status of those damn services that aren't the real services... 2020-04-17 03:20:40 +02:00
Alexandre Aubin
1e6da91c78 Add automail conf for https, + increase priority for automail conf and diagnosis 2020-04-11 00:29:49 +02:00
Kayou
887304919e
Merge pull request #917 from YunoHost/fix-acme-challenge-snippet 
Get rid of domain-specific acme-challenge snippet, use a single snippet included in every conf
 2020-04-09 21:07:50 +02:00
Kayou
a9af94b960
Merge pull request #913 from YunoHost/update-nginx-ciphers 
Update nginx SSL conf with new Mozilla recommendation
 2020-04-09 21:07:29 +02:00
Kayou
4b7abd3cde
Merge pull request #914 from YunoHost/update-mailstack-ciphers 
Update mailstack ciphers
 2020-04-09 21:07:16 +02:00
Kayou
4968f1aa7d
[fix] custom_portal and custom_overlay redirect 2020-04-09 18:08:51 +02:00
Josué Tille
52e2be8fe6
Merge branch 'stretch-unstable' into permission_protection 2020-04-09 16:22:08 +02:00
Alexandre Aubin
c06fe42078 Hmgn don't change the value for the session cache size otherwise that break test for restore from old version for stupid reasons -.- 2020-04-08 21:33:34 +02:00
Alexandre Aubin
71cc4fde97 We in fact only have ssl 1.1.0l, not 1.1.1l on Stretch. 2020-04-08 19:59:27 +02:00
Alexandre Aubin
f390f02077 Update nginx security.conf.inc with new Mozilla recommendation 2020-04-08 19:59:27 +02:00
pitchum
cf3b98b523 Fix nginx config for xmpp-upload. 2020-04-06 20:43:32 +02:00
pitchum
748dcfd8c5 Setup XMPP components for each domain, not only the main domain. 2020-04-06 20:43:32 +02:00
Alexandre Aubin
3a7b93d8aa Get rid of domain-specific acme-challenge snippet, use a single snippet including in every conf 2020-04-06 18:09:14 +02:00
Alexandre Aubin
22b9565eb7 Forgot to check that these headers are different from the default in security.conf ... maybe we want to keep them as is? Not clear why they have different values tan the domain configs... 2020-04-06 16:56:53 +02:00
Alexandre Aubin
4d99cbe870 Add ref for security headers 2020-04-06 16:55:20 +02:00
Alexandre Aubin
151d9d3c6f
We in fact only have ssl 1.1.0l, not 1.1.1l on Stretch. 2020-04-05 18:31:33 +02:00
Alexandre Aubin
f7ac93b0b7
We in fact only have ssl 1.1.0l, not 1.1.1l on Stretch. 2020-04-05 18:31:16 +02:00
Alexandre Aubin
aaa5365fa6 Update postfix SSL conf according to Moz^Cla recommentation 2020-04-03 03:41:52 +02:00
Alexandre Aubin
23617a9386 Update dovecot SSL conf according to Mozilla recommentation 2020-04-03 03:41:37 +02:00
Alexandre Aubin
128577686a Forgot to make yunohost_admin.conf to also use the common securit.conf.inc 2020-04-03 03:09:46 +02:00
Josué Tille
fdce1e1676
Merge remote-tracking branch 'upstream/stretch-unstable' into permission_protection 2020-03-31 11:49:30 +02:00
Alexandre Aubin
14ff4c6725
Merge pull request #831 from pitchum/xmpp-http-upload 
XMPP http upload
 2020-03-30 20:53:11 +02:00
Josué Tille
d2edc162fd
Update LDAP schema for label and tile support, authentication header and multiple URL support 2020-03-30 17:40:01 +02:00
Josué Tille
6f179afa82
Merge branch 'stretch-unstable' into permission_protection 2020-03-27 16:14:30 +01:00
pitchum
5e6e53142b Improve nginx config for xmpp-upload subdomain. 2020-03-25 12:09:53 +01:00
pitchum
1f09abfa51 Rationalize some nginx config into security.conf.inc. 2020-03-25 11:51:57 +01:00
Alexandre Aubin
6ed3ba97ce Add permission to stuff to be indexed by slapd to avoid it flooding complains in syslog 2020-03-24 20:22:47 +01:00
Alexandre Aubin
af415e38e6 Factorize ciphers and headers configuration into a common file for all vhosts 2020-03-23 22:43:29 +01:00
Alexandre Aubin
27f6899b65 /var/www/xmpp-upload.{domain} -> /var/xmpp-upload/{domain} 2020-03-23 22:15:03 +01:00
pitchum
994f0ca1ef nginx + metronome config for http_upload 2020-03-22 08:36:33 +01:00
pitchum
c6e8bb5d26 Always expect subdomain xmpp-upload.domain.net. 
This subdomain will be part of Letsencrypt certificate so
it MUST be defined in DNS zone otherwise certificate renewal will fail.
 2020-03-22 08:35:02 +01:00