YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity
6785 commits 33 branches 409 tags 24 MiB
Commit graph

424 commits

Author SHA1 Message Date
Alexandre Aubin
650232b1c3
Merge branch 'stretch-unstable' into group_permission 2019-03-05 02:59:05 +01:00
Alexandre Aubin
b782b9c0ed Merge remote-tracking branch 'origin/update-dns-resolver-list' into stretch-unstable 2019-03-04 16:42:31 +01:00
Alexandre Aubin
a1d85b6350
Merge branch 'stretch-unstable' into featureCipherStrategy 2019-02-25 00:56:20 +01:00
Alexandre Aubin
198919adc8 Don't add Strict-Transport-Security header in nginx conf if using a self-signed cert 2019-02-22 16:24:19 +01:00
Alexandre Aubin
8f50bdeb28
Merge pull request #622 from ABLD/frju365-patch2 
Improve protection against indexation from the robots.
 2019-02-19 17:09:09 +01:00
Alexandre Aubin
0ebbb83191 Add migration for services.yml on existing instance 2019-02-18 19:27:40 +01:00
Romuald du Song
5d48640f3c Adapt comment to new context 2019-02-14 23:12:59 +01:00
Romuald du Song
a899102efc don't share setting for nginx and ssh 2019-02-14 22:57:24 +01:00
Romuald du Song
e9274ee443 Handle yunohost admin nginx config 2019-02-14 22:27:49 +01:00
Romuald du Song
7b01ccfefb remove whitespace control attempt 2019-02-14 21:33:36 +01:00
Romuald du Song
a267e1bc74 what a cumbersome whitespace control 2019-02-14 21:28:56 +01:00
Romuald du Song
3251189ab8 what a cumbersome whitespace control 2019-02-14 21:26:25 +01:00
Romuald du Song
e776c777e6 remove strip whitespace syntax 2019-02-14 21:17:58 +01:00
Taekiro
d0fbcb4345
Update dnsmasq.conf 2019-02-09 16:42:59 +01:00
Taekiro
fc0e3d4830
Allow query to local IPv6 2019-02-09 16:37:23 +01:00
Alexandre Aubin
a2ce1e108b
Merge pull request #636 from YunoHost/update-dns-resolver-list 
[fix] Update DNS resolver list according to diyisp.org
 2019-02-05 17:50:14 +01:00
Alexandre Aubin
b4fb7b094d
Merge pull request #637 from YunoHost/1283-remove-old-smtp-port-from-jail 
[fix] Remove old SMTP port (465) from Fail2ban jail.conf
 2019-02-05 16:47:51 +01:00
Romuald du Song
8e1034771a use setting security_ciphers_compatibility to define security configurations 2019-02-04 23:01:16 +01:00
Taekiro
66ef3e208b
Add IPv6 nameserver to resolv.dnsmasq.conf 2019-02-03 09:54:48 +01:00
Alexandre Aubin
4a7e33a145 #564 broke the autoconfig, nginx was lookin for mailconfig.xml instead of main/config.xml 2019-01-30 17:34:51 +01:00
Alexandre Aubin
4e7a4f6827 Update IP for CCC Berlin 2019-01-30 15:25:02 +01:00
Alexandre Aubin
40382acbfb Update gozmail IP 2019-01-30 15:24:09 +01:00
opi
d5bf9a61b8
[fix] Remove old SMTP port (465) from Fail2ban jail.conf. Fix #1283 2019-01-30 14:10:16 +01:00
Alexandre Aubin
a26994fd70 Update DNS resolver list according to diyisp.org 2019-01-29 23:04:14 +01:00
frju365
7b70305448
Update yunohost_admin.conf 2019-01-26 23:51:22 +01:00
Alexandre Aubin
8ec7d361a4 Old comment from when http2 was disabled 2019-01-26 20:11:17 +01:00
frju365
a42df2d8fe
Update yunohost_admin.conf 2019-01-21 21:39:07 +01:00
frju365
08869c329c
Update yunohost_admin.conf 2019-01-21 21:17:33 +01:00
Alexandre Aubin
bd0eef1b36
Remove old comment about jessie 2019-01-18 17:54:26 +01:00
frju365
2e460cb4d6
Update yunohost_admin.conf 2019-01-18 17:31:28 +01:00
Josué Tille
ad628b7620
Use root UID to authenticate to LDAP 2019-01-17 22:15:13 +01:00
Josué Tille
c5c482c16c
Use permission for all services 2019-01-17 22:15:13 +01:00
Josué Tille
d975ed2689
Update LDAP config 2019-01-17 22:14:24 +01:00
Alexandre Aubin
a7dbdc3f48
Merge branch 'stretch-unstable' into fix-standardize-sshd-config 2018-12-09 21:20:50 +01:00
Alexandre Aubin
447372d07c
[enh] Clean + harden sshd config using Mozilla recommendation (#590) 
* Clean sshd_config + harden using Mozilla recommendation
* Order of keys matter, ed25519 is recommended
 2018-12-03 17:03:22 +01:00
ljf (zamentur)
847d18293a
[enh] Add other private ip network and link local 2018-11-30 15:47:42 +01:00
Alexandre Aubin
90e542a931 Allow root login on local networks 2018-11-28 21:30:26 +00:00
Alexandre Aubin
4db65682eb Fix IPv6 handling in ssh regen conf script 2018-11-28 20:42:39 +00:00
Alexandre Aubin
3d81f032e9 Fixes following tests (some sshd_config options do not exists or are deprecated) 2018-11-28 17:50:20 +00:00
frju365
8cb029a55e Better Configuration of nginx (#564) 
* path-traversal

* [fix] try a patch for path-traversal

* Use more_set_headers insta
 2018-11-28 01:21:28 +01:00
Alexandre Aubin
fad4ff090a Use templating for more robustness about which SSH keys are enabled 2018-11-28 00:26:25 +01:00
ljf
8e0086d493 [fix] Allow user to trigger the moment when they remove dsa 2018-11-28 00:00:30 +01:00
ljf
c2b225d376 [fix] A lot of bug on the wip work on sshd migration 2018-11-27 23:59:36 +01:00
liberodark
1906692289 Remove ECDH curve or change it ? (#579) 
Update ECDH curves recommended by Mozilla, now that we are on stretch
 2018-11-27 18:30:39 +01:00
liberodark
76121ea084 HTTP2 On (#580) 
* HTTP2 On

for better security

* Remove old lines
 2018-11-27 18:27:01 +01:00
Alexandre Aubin
b5afd0abc4 We do need to use the serial file and to generate it ourselves 2018-11-18 17:56:19 +01:00
frju365
d77b157bcc [enh] Set Path as full-path (#563) 
* [fix] Set Path as full-path
* same
* Update yunohost_admin.conf
 2018-10-27 17:47:12 +02:00
frju365
fa66a7b8c7 OCSP Stapling (#533) 
* [enh] Jinja templating
* [enh] try to enable OCSP
* typo
* [mod] use jq (json parsing)
* typo
* well escaping "" :)
* [fix] if 2d part condition
* We need to include this for ynh_render_template to be available >.> ...
* Simplify code
* Gotta export domain too...
* Remove quotes in variable itself..
* Replace previous code blocks by new code
 2018-10-27 16:38:25 +02:00
Gabriel Corona
8691017b46 Pass Host header to YunoHost API 
This is useful to validate Origin/Referer headers in order to prevent
CSRF.
 2018-10-24 19:44:24 +00:00
ljf (zamentur)
1c5b93f532 [fix] Set random serial number for CA (#557) 
[fix] Use random serial number for CA
 2018-10-24 21:15:25 +02:00