YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity
9643 commits 33 branches 409 tags 24 MiB
Commit graph

80 commits

Author SHA1 Message Date
Alexandre Aubin
db30b3acb8
Merge branch 'bookworm' into portal-api 2023-09-27 18:57:02 +02:00
Kayou
2bd3dd2bba
set maxretry to 10 2023-09-08 22:31:08 +02:00
Kay0u
d0b65d5661
revert important variables in fail2ban jail.conf 2023-09-08 15:17:25 +02:00
Kay0u
8eb2e72282
Update Fail2ban jail.conf file from https://sources.debian.org/src/fail2ban/1.0.2-2/config/jail.conf/ 2023-09-08 15:13:20 +02:00
selfhoster1312
26d4d9420c Allow inline scripts for yunohost-portal (nginx CSP) 2023-08-15 14:12:08 +02:00
Alexandre Aubin
afd7b37ebc Tweak nginx portal conf to serve html/css/js/assets from /usr/share/yunohost/portal, similar to webadmin 2023-07-30 23:53:43 +02:00
Alexandre Aubin
09c5a4cfb9 admin and portalapi: propagate new configurable CORS mechanism from moulinette 2023-07-29 19:15:30 +02:00
Alexandre Aubin
ae37b5fc24 portalapi: Add new yunohost-portal-api to yunohost services 2023-07-17 19:47:24 +02:00
Alexandre Aubin
f69f87fa65 Merge remote-tracking branch 'origin/dev' into portal-api 2023-07-17 18:56:05 +02:00
Alexandre Aubin
f4dfb56006 portal refactoring: the 'yunohost tile' thingy won't work anymore, gotta discuss what we want to do exactly 2023-07-15 16:01:03 +02:00
Alexandre Aubin
0cb673c125 portalapi: woopsies 2023-07-14 19:35:05 +02:00
Alexandre Aubin
5104c2a79f portalapi: add CORS headers ... though gotta revisit this later, I don't know what I'm doing 2023-07-14 19:11:32 +02:00
Alexandre Aubin
5e1d69a2cb portalapi: harden systemd service configuration 2023-07-14 18:55:33 +02:00
Alexandre Aubin
a1cf770e1b Merge branch 'dev' into portal-api 2023-07-11 17:11:02 +02:00
Alexandre Aubin
7ba6c37eb8 Merge branch '11.2' into bookworm 2023-07-11 15:56:52 +02:00
Alexandre Aubin
432a9ab544 regenconf/ssh: disable Banner by default 2023-07-10 19:19:28 +02:00
Alexandre Aubin
961dc5a6ee
Merge pull request #815 from YunoHost/allow-system-user-to-auth-on-mail-stack 
Allow system users to auth on the mail stack and send emails
 2023-07-10 19:14:30 +02:00
Alexandre Aubin
6b24412910
Merge pull request #1534 from YunoHost/fix-ocsp-stapling 
Fix OCSP stapling ... but using tech giant resolvers :|
 2023-07-10 19:12:19 +02:00
Alexandre Aubin
c0c0fcaf54
ocsp stapling: Use 1.1.1.1 and 9.9.9.9 instead of 8.8.8.8 2023-07-10 19:10:54 +02:00
Alexandre Aubin
bdc296f858 Merge remote-tracking branch 'origin/dev' into bookworm 2023-07-04 18:10:25 +02:00
Alexandre Aubin
3957b10e92 nginx: replace $http_host by $host, cf https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md / Credit to A.Wolski 2023-07-04 15:00:02 +02:00
Alexandre Aubin
194eb9c6c7 conf: Update ciphers for nginx, postfix, dovecot 2023-06-13 20:39:56 +02:00
Alexandre Aubin
d42c99835a nginx: use /var/www/.well-known folder for ynh diagnosis and acme challenge, because /tmp/ could be manipulated by user to serve maliciously crafted files 2023-06-09 22:30:32 +02:00
Yann Autissier
e8dd243218 update Content-Security-Policy header for chromium 
Chromium fails to load a jitsi video conference, refusing to create a
worker because it violates the Content Security Policy directive:
"script-src https: data: 'unsafe-inline' 'unsafe-eval'".
 2023-05-19 20:39:29 +00:00
Alexandre Aubin
c48d9ec483 appsv2/mail: add new 'allow_email' flag on app system users that will autogenerate a passwd-like file to be used by dovecot + map for postfix 2023-02-28 17:56:49 +01:00
Alexandre Aubin
f0751aff17 Allow system users to auth on the mail stack and send emails 2023-02-28 13:52:22 +01:00
Alexandre Aubin
e458d8813e nginx/security: fix empty webadmin allowlist breaking nginx conf... 2023-02-26 15:11:18 +01:00
John Hackett
013aff3d0c
Add push notification plugins 
This is reasonably important for the performance of clients such as Delta Chat. The plugins are bundled with dovecot by default (see https://wiki2.dovecot.org/Plugins ) so this should not be disruptive.
 2023-02-10 00:14:57 +00:00
Alexandre Aubin
0da6370d62 postfix complains about unused parameter: exclude_internal=yes / search_timeout=30 2023-02-10 00:15:02 +01:00
Kayou
c444dee4fe
add xmpp-upload. and muc. server_name only if xmpp_enabled is enabled 2023-01-23 15:18:44 +01:00
Alexandre Aubin
95173e5bde
Merge branch 'dev' into enh-apps-v2 2023-01-05 19:39:13 +01:00
Alexandre Aubin
bb6f8ef41c
Merge pull request #1450 from zeroheure/patch-1 
Fix flag case sensitivity in dovecot and rspamd sieve filter
 2023-01-03 15:07:43 +01:00
Alexandre Aubin
e9b5ec90a4 Yoloimplementation of app logo support (require change in app catalog build) 2023-01-03 00:46:14 +01:00
Alexandre Aubin
59405ef4c6
Merge pull request #1552 from Ddataa/patch-1 
Add postfix SASL login failure to a fail2ban jail
 2022-12-20 23:20:58 +01:00
Alexandre Aubin
47b9b8b520 configpanels: fix inconsistent return format for boolean, sometimes 1/0, sometimes True/False -> force normalization of values when calling get() for a single setting from a config panel 2022-12-20 19:51:21 +01:00
DDATAA
b3940f199e
Create postfix-sasl.conf 2022-12-20 10:20:21 +00:00
DDATAA
34628d450f
Add SASL login failure jail 
in order to prevent those 
```
Aug 31 22:23:52 hostxyz postfix/smtpd[38697]: warning: unknown[192.168.xx.xx]: SASL LOGIN authentication failed: authentication failure
Aug 31 22:23:52 hostxyz postfix/smtpd[38697]: lost connection after AUTH from unknown[192.168.xx.xx]
```
 2022-12-20 10:15:00 +00:00
Alexandre Aubin
80a060dd94 postfix: fix typo breaking relays 2022-12-18 15:24:13 +01:00
Alexandre Aubin
4d211335ed
Merge branch 'dev' into dev_on_muc 2022-12-04 18:36:25 +01:00
Alexandre Aubin
9ac7c32393
Merge pull request #1541 from YunoHost/disable-unecessary-domain-features 
domains: propagate mail/xmpp enable/disable toggle to actual system configs
 2022-12-03 12:38:21 +01:00
Alexandre Aubin
0f9d938853
groups: add mail-aliases management (#1539) 2022-12-01 21:34:36 +01:00
Alexandre Aubin
30a18a4ec0 domains: propagate mail/xmpp enable/disable toggle to actual system configurations 2022-11-27 15:51:20 +01:00
Alexandre Aubin
a5a2a15351 Merge branch 'dev_on_muc' of github.com:larchange/yunohost into larchange-dev_on_muc 2022-11-27 03:02:42 +01:00
Alexandre Aubin
867632d355 domains: propagate mail/xmpp enable/disable toggle to actual system configurations 2022-11-27 02:54:35 +01:00
Alexandre Aubin
dc5fbd5555 Fix OCSP stapling ... but using Google resolver :| 2022-11-26 23:47:50 +01:00
Alexandre Aubin
68c6e58e9c
Fix tip to regen slapd conf 2022-11-20 18:12:28 +01:00
Alexandre Aubin
afdc2ad5b4 nginx: fix broken postinstall, yunohost_http_errors.conf.inc was not actually copied to /etc/nginx/conf.d. Moving to plain/ subfolder where all files in this folder are copied during nginx regenconf 2022-11-19 20:20:26 +01:00
tituspijean
5063e12835
Add 502 custom error page (#1530) 2022-11-14 23:24:08 +01:00
Alexandre Aubin
4f5cc166e2 ldap: re-allow member of the admins group to edit ldap db 2022-11-06 15:38:42 +01:00
Alexandre Aubin
d1d203726b Merge remote-tracking branch 'origin/enh-actions' into 11.1 2022-10-04 22:33:28 +02:00