YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity
9360 commits 33 branches 409 tags 24 MiB
Commit graph

53 commits

Author SHA1 Message Date
Alexandre Aubin
3957b10e92 nginx: replace $http_host by $host, cf https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md / Credit to A.Wolski 2023-07-04 15:00:02 +02:00
Alexandre Aubin
d42c99835a nginx: use /var/www/.well-known folder for ynh diagnosis and acme challenge, because /tmp/ could be manipulated by user to serve maliciously crafted files 2023-06-09 22:30:32 +02:00
Yann Autissier
e8dd243218 update Content-Security-Policy header for chromium 
Chromium fails to load a jitsi video conference, refusing to create a
worker because it violates the Content Security Policy directive:
"script-src https: data: 'unsafe-inline' 'unsafe-eval'".
 2023-05-19 20:39:29 +00:00
Alexandre Aubin
e458d8813e nginx/security: fix empty webadmin allowlist breaking nginx conf... 2023-02-26 15:11:18 +01:00
John Hackett
013aff3d0c
Add push notification plugins 
This is reasonably important for the performance of clients such as Delta Chat. The plugins are bundled with dovecot by default (see https://wiki2.dovecot.org/Plugins ) so this should not be disruptive.
 2023-02-10 00:14:57 +00:00
Alexandre Aubin
0da6370d62 postfix complains about unused parameter: exclude_internal=yes / search_timeout=30 2023-02-10 00:15:02 +01:00
Kayou
c444dee4fe
add xmpp-upload. and muc. server_name only if xmpp_enabled is enabled 2023-01-23 15:18:44 +01:00
Alexandre Aubin
95173e5bde
Merge branch 'dev' into enh-apps-v2 2023-01-05 19:39:13 +01:00
Alexandre Aubin
bb6f8ef41c
Merge pull request #1450 from zeroheure/patch-1 
Fix flag case sensitivity in dovecot and rspamd sieve filter
 2023-01-03 15:07:43 +01:00
Alexandre Aubin
e9b5ec90a4 Yoloimplementation of app logo support (require change in app catalog build) 2023-01-03 00:46:14 +01:00
Alexandre Aubin
59405ef4c6
Merge pull request #1552 from Ddataa/patch-1 
Add postfix SASL login failure to a fail2ban jail
 2022-12-20 23:20:58 +01:00
Alexandre Aubin
47b9b8b520 configpanels: fix inconsistent return format for boolean, sometimes 1/0, sometimes True/False -> force normalization of values when calling get() for a single setting from a config panel 2022-12-20 19:51:21 +01:00
DDATAA
b3940f199e
Create postfix-sasl.conf 2022-12-20 10:20:21 +00:00
DDATAA
34628d450f
Add SASL login failure jail 
in order to prevent those 
```
Aug 31 22:23:52 hostxyz postfix/smtpd[38697]: warning: unknown[192.168.xx.xx]: SASL LOGIN authentication failed: authentication failure
Aug 31 22:23:52 hostxyz postfix/smtpd[38697]: lost connection after AUTH from unknown[192.168.xx.xx]
```
 2022-12-20 10:15:00 +00:00
Alexandre Aubin
80a060dd94 postfix: fix typo breaking relays 2022-12-18 15:24:13 +01:00
Alexandre Aubin
4d211335ed
Merge branch 'dev' into dev_on_muc 2022-12-04 18:36:25 +01:00
Alexandre Aubin
9ac7c32393
Merge pull request #1541 from YunoHost/disable-unecessary-domain-features 
domains: propagate mail/xmpp enable/disable toggle to actual system configs
 2022-12-03 12:38:21 +01:00
Alexandre Aubin
0f9d938853
groups: add mail-aliases management (#1539) 2022-12-01 21:34:36 +01:00
Alexandre Aubin
30a18a4ec0 domains: propagate mail/xmpp enable/disable toggle to actual system configurations 2022-11-27 15:51:20 +01:00
Alexandre Aubin
a5a2a15351 Merge branch 'dev_on_muc' of github.com:larchange/yunohost into larchange-dev_on_muc 2022-11-27 03:02:42 +01:00
Alexandre Aubin
867632d355 domains: propagate mail/xmpp enable/disable toggle to actual system configurations 2022-11-27 02:54:35 +01:00
Alexandre Aubin
68c6e58e9c
Fix tip to regen slapd conf 2022-11-20 18:12:28 +01:00
Alexandre Aubin
afdc2ad5b4 nginx: fix broken postinstall, yunohost_http_errors.conf.inc was not actually copied to /etc/nginx/conf.d. Moving to plain/ subfolder where all files in this folder are copied during nginx regenconf 2022-11-19 20:20:26 +01:00
tituspijean
5063e12835
Add 502 custom error page (#1530) 2022-11-14 23:24:08 +01:00
Alexandre Aubin
4f5cc166e2 ldap: re-allow member of the admins group to edit ldap db 2022-11-06 15:38:42 +01:00
Alexandre Aubin
d1d203726b Merge remote-tracking branch 'origin/enh-actions' into 11.1 2022-10-04 22:33:28 +02:00
Alexandre Aubin
47543b19b7 configpanels: Iterating on action POC to create a certificat section in domain config panels 2022-09-30 15:03:03 +02:00
Alexandre Aubin
1037508fb5
Merge branch '11.1' into admins 2022-09-04 20:28:59 +02:00
Alexandre Aubin
a2d0a1445d Merge branch 'dev' into admins 2022-09-04 20:25:42 +02:00
Alexandre Aubin
38234c9501
Merge branch 'dev' into enh-global-settings-configpanel 2022-09-03 22:33:46 +02:00
Alexandre Aubin
1246fcf8f6 nginx: I'm tired of people reporting the 'Report-Only' error message they see in the console. This is useless. Just get rid of it. 2022-08-14 18:56:20 +02:00
Alexandre Aubin
87abbe678d Merge remote-tracking branch 'origin/dev' into admins 2022-08-09 18:29:59 +02:00
Alexandre Aubin
cae7e5b5af Merge branch 'dev' into enh-global-settings-configpanel 2022-08-04 18:27:12 +02:00
Keoma Brun
b32bc3a034
Content Security Policies Report and Websockets 
Add the `wss:` field so that Nginx does not create warning when using Websocket over TLS.

This modification only affects the `Report-Only` part of the CSP, that takes care of creating warnings in the logs.

Warning ex (fr only sorry):
```
Content Security Policy: Les paramètres de la page ont empêché le chargement d’une ressource à wss://your.website.tld (« default-src »). Un rapport CSP est en cours d’envoi.
```
 2022-05-15 18:33:44 +02:00
Tagadda
f0bf8dd1fd settings: use email.smtp.smtp_relay_enabled 2022-04-26 17:26:48 +00:00
Tagadda
eb747cc15e Search and replace old settings, first pass 2022-04-26 17:26:48 +00:00
Xavier Brochard
726e0467e9
fix case of flag value 
same as previous commit on dovecot.sieve
 2022-03-23 23:32:16 +01:00
Xavier Brochard
4359aad89f
Fix flag case sensitivity 
AFAIK this value is case sensitive. It is written as "Yes" in rspamd/milter_headers.conf
 2022-03-23 23:22:55 +01:00
Kayou
08be0ee020
[fix] postfix sni tls_server_chain_sni_maps -> tls_server_sni_maps 2022-02-09 13:33:22 +01:00
tituspijean
67cce15d02 Enhance yunomdns service startup 
Make it rely on network-online.target instead of network.target

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>
 2022-01-26 20:59:56 +00:00
Alexandre Aubin
9a3a208809
Merge pull request #1413 from Tagadda/enh-sni 
[enh] Add SNI support for postfix and dovecot
 2022-01-21 18:22:40 +01:00
tituspijean
11b7e5c0f8
[mdns] Set the StandardOutput to journal 2022-01-20 11:46:01 +01:00
Tagadda
9ef3a1bfff [enh] Add SNI support to postfix and dovecot 2022-01-19 23:28:43 +00:00
Alexandre Aubin
767b5c3d7e mail: Add ldap-groups virtual aliases 2022-01-11 15:09:01 +01:00
Alexandre Aubin
6cae524910 Drop the 'admin' user, have 'admins' be a group of Yunohost users instead 2022-01-11 14:53:04 +01:00
Alexandre Aubin
26b837b085 Merge branch 'dev' into bullseye 2022-01-07 02:54:55 +01:00
Alexandre Aubin
8eaa701230 Fuckit I don't understand how to properly manage systemctl service with debian files while having flexibility on when the api restart happens, let's manage everything with the regen conf 2021-12-01 21:06:53 +01:00
Alexandre Aubin
6622a9f264 Typo in conf/yunohost/services.yml ? 2021-12-01 19:08:16 +01:00
Alexandre Aubin
45584b44a6 Merge branch 'dev' into bullseye 2021-11-28 16:27:22 +01:00
Alexandre Aubin
9c28c07af4 Fix overly complex location for ssl workdir 2021-11-22 08:10:14 +01:00