YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity
4530 commits 33 branches 409 tags 24 MiB
Commit graph

296 commits

Author SHA1 Message Date
Alexandre Aubin
22b9565eb7 Forgot to check that these headers are different from the default in security.conf ... maybe we want to keep them as is? Not clear why they have different values tan the domain configs... 2020-04-06 16:56:53 +02:00
Alexandre Aubin
4d99cbe870 Add ref for security headers 2020-04-06 16:55:20 +02:00
Alexandre Aubin
128577686a Forgot to make yunohost_admin.conf to also use the common securit.conf.inc 2020-04-03 03:09:46 +02:00
Alexandre Aubin
14ff4c6725
Merge pull request #831 from pitchum/xmpp-http-upload 
XMPP http upload
 2020-03-30 20:53:11 +02:00
pitchum
5e6e53142b Improve nginx config for xmpp-upload subdomain. 2020-03-25 12:09:53 +01:00
pitchum
1f09abfa51 Rationalize some nginx config into security.conf.inc. 2020-03-25 11:51:57 +01:00
Alexandre Aubin
6ed3ba97ce Add permission to stuff to be indexed by slapd to avoid it flooding complains in syslog 2020-03-24 20:22:47 +01:00
Alexandre Aubin
af415e38e6 Factorize ciphers and headers configuration into a common file for all vhosts 2020-03-23 22:43:29 +01:00
Alexandre Aubin
27f6899b65 /var/www/xmpp-upload.{domain} -> /var/xmpp-upload/{domain} 2020-03-23 22:15:03 +01:00
pitchum
994f0ca1ef nginx + metronome config for http_upload 2020-03-22 08:36:33 +01:00
pitchum
c6e8bb5d26 Always expect subdomain xmpp-upload.domain.net. 
This subdomain will be part of Letsencrypt certificate so
it MUST be defined in DNS zone otherwise certificate renewal will fail.
 2020-03-22 08:35:02 +01:00
Alexandre Aubin
937d339631 Add category to services to have more meaningful messages in reports about port forwarding checks 2020-03-21 23:09:47 +01:00
ljf (zamentur)
5c2748ba85
[fix] This DNS resolver in ipv6 is unreachable 2019-12-02 22:32:59 +01:00
Alexandre Aubin
615a164c06
Merge pull request #791 from decentral1se/add-pop3-setting 
Add pop3.enabled setting
 2019-11-25 16:19:36 +01:00
Alexandre Aubin
7986f61b14 Specific shit for mysql 2019-11-17 16:59:35 +01:00
Alexandre Aubin
a7a3e7b6ba Try to keep this service list in alphabetic order or something 2019-11-17 16:39:41 +01:00
Alexandre Aubin
bb8b1b052d Using /var/log/daemon.log or /var/log/syslog is pointless, these files logs many different things. Instead, we shall always return the logs from journalctl 2019-11-17 16:39:12 +01:00
Luke Murphy
83b4be5345
Add setting to configure pop3 for dovecot 2019-11-10 20:57:46 +07:00
Alexandre Aubin
5a68250322 test-conf -> test_conf, and test-status -> test_status 2019-11-08 22:35:25 +01:00
Alexandre Aubin
a9dd701824 Improve port diagnosis by adding a relation between ports and services 2019-11-08 22:29:21 +01:00
Alexandre Aubin
e15d8e7262 Add test about configuration validity 2019-11-07 11:34:20 +01:00
Alexandre Aubin
d879d27208 Add test-status to have a custom status check for service like postfix and yunohost-firewall 2019-11-07 11:34:20 +01:00
Alexandre Aubin
5818de3a82 Remove the whole monitoring / glances stuff 2019-10-14 04:48:56 +02:00
Alexandre Aubin
f050b3c5b8 First version of http exposure diagnosis 2019-10-10 16:13:13 +02:00
Alexandre Aubin
fe8fd1b2c5 Change from #802 was only about the yunohost jail ... this should be global >.> 2019-10-08 20:04:08 +02:00
Alexandre Aubin
8533103788
Merge pull request #803 from YunoHost/burn-etckeeper 
Get rid of etckeeper
 2019-10-08 18:33:12 +02:00
Alexandre Aubin
93d383b957
Merge branch 'stretch-unstable' into improve-permission-interface 2019-09-22 18:38:15 +02:00
Alexandre Aubin
eb57a4ad9e Get rid of etckeeper 2019-09-19 19:51:27 +02:00
J. Doe
f18cff9dba change maxretry of fail2ban from 6 to 10 2019-09-19 13:01:22 +02:00
Alexandre Aubin
0f688caccd Swap 'main' in permission namespace 2019-09-13 16:31:02 +02:00
Alexandre Aubin
51171b84bf main.metronome -> main.xmpp 2019-09-13 16:31:02 +02:00
Alexandre Aubin
2dc809548b Fixing again the whole permission / cert situation for slapd ... for good this time hopefully 2019-08-13 17:32:55 +02:00
Alexandre Aubin
dde3a19350 Fix some critical permissions issues with ssl / slapd configuration 2019-08-12 01:56:24 +02:00
yalh76
ca95035f72 Adding openldap TLS support 2019-07-14 12:26:59 +02:00
Alexandre Aubin
59e2db99ba
Merge branch 'stretch-unstable' into group_permission 2019-07-05 20:59:10 +02:00
Alexandre Aubin
fbfa249ff5 Remove binding to IPv6 ::1 as it makes ipv4-only instances crash... (unable to bind to ::1) 2019-07-05 20:50:13 +02:00
Alexandre Aubin
d8b086a06a [fix] Running slapindex seems to fix the previous issues about LDAP indexing stuff 2019-06-06 19:26:49 +02:00
Alexandre Aubin
e63d3986b2 [fix] This need quotes because this can be sourced by another program 2019-06-05 17:33:53 +02:00
Alexandre Aubin
7ecd606d04 [fix] Do not index cn,mail and virtualdomain as it's causing some weird issues in the mail stack ... 2019-06-05 16:25:25 +02:00
Alexandre Aubin
769ba5771d Indexing gidNumber / uidNumber trigger weird issues when logging in through SSH (or the 'I have no name' shell when loggin in as admin) 2019-06-04 15:09:09 +02:00
Alexandre Aubin
24cfc15536 Merge branch 'stretch-unstable' into group_permission 2019-05-31 18:15:09 +02:00
MCMic
a1ab50dcf1
Add indexes for fields listed by slapd in the logs 
I get lots of suggestion of indexes by slapd in my logs:

 <= mdb_equality_candidates: (cn) not indexed
 <= mdb_equality_candidates: (gidNumber) not indexed
 <= mdb_equality_candidates: (mail) not indexed
 <= mdb_equality_candidates: (member) not indexed
 <= mdb_equality_candidates: (memberUid) not indexed
 <= mdb_equality_candidates: (sudoUser) not indexed
 <= mdb_equality_candidates: (uidNumber) not indexed
 <= mdb_equality_candidates: (uniqueMember) not indexed
 <= mdb_equality_candidates: (virtualdomain) not indexed
 <= mdb_substring_candidates: (sudoUser) not indexed

Since Yunohost makes it hard to edit LDAP server configuration (see https://github.com/YunoHost/issues/issues/1350), the default configuration should contain indexes for the fields used by Yunohost a lot.
 2019-05-23 14:49:27 +00:00
Alexandre Aubin
b3d29238c4
Merge pull request #721 from YunoHost/authenticate-as-root 
[enh] Simplify the whole LDAP interface thing
 2019-05-22 17:51:04 +02:00
Maximilien Thiel
d31c81b18d [fix] Update censurfridns ipv6 
Previous Unicast IPV6 for censurfridns,dk was out of date
 2019-05-21 16:35:52 +01:00
Alexandre Aubin
53fa313c62
Merge branch 'stretch-unstable' into enh-email-rate-limit 2019-05-17 19:06:07 +02:00
Alexandre Aubin
f49b74f835
Merge pull request #722 from YunoHost/disable_vrfy_command_postfix 
Disable VRFY command in Postfix command
 2019-05-17 19:05:21 +02:00
Alexandre Aubin
331bdb53aa
Merge branch 'stretch-unstable' into authenticate-as-root 2019-05-16 17:08:48 +02:00
Alexandre Aubin
c077b8def3
5s rate delay instead of 12s 2019-05-14 19:31:47 +02:00
Alexandre Aubin
93d0fbc4cf
Merge pull request #696 from rds13/featurePostfixRemoveTLSv1Support 
[enh] Propose a setting to remove support for TLSv1 and TLSv1.1 in Postfix
 2019-05-14 19:19:25 +02:00
Josué Tille
fde8cafa4e
Merge remote-tracking branch 'upstream/stretch-unstable' into group_permission 2019-05-10 22:53:06 +02:00