turnkey-jenkins-18.1 (1) turnkey; urgency=low * Install latest Jenkins LTS from upstream apt repo - 2.462.2. * v18.1 rebuild - includes latest Debian & TurnKey packages. * Reduce log noise by creating ntpsec log dir - closes #1952. -- Jeremy Davis Sat, 14 Sep 2024 07:12:58 +0000 turnkey-jenkins-18.0 (1) turnkey; urgency=low * Install latest Jenkins LTS from upstream apt repo - 2.459 [Anton Pyrogovskyi ] * Ensure hashfile includes URL to public key - closes #1864. * Include webmin-logviewer module by default - closes #1866. * Upgraded base distribution to Debian 12.x/Bookworm. * Configuration console (confconsole): - Support for DNS-01 Let's Encrypt challenges. [ Oleh Dmytrychenko github: @NitrogenUA ] - Support for getting Let's Encrypt cert via IPv6 - closes #1785. - Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi). - Show error message rather than stacktrace when window resized to incompatable resolution - closes #1609. [ Stefan Davis ] - Bugfix exception when quitting configuration of mail relay. [ Oleh Dmytrychenko github: @NitrogenUA ] - Improve code quality: implement typing, fstrings and make (mostly) PEP8 compliant. [Stefan Davis & Jeremy Davis * Firstboot Initialization (inithooks): - Refactor start up (now hooks into getty process, rather than having it's own service). [ Stefan Davis ] - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks. - Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl. - Refactor run script - use bashisms and general tidying. - Show blacklisted password characters more nicely. - Misc packaging changes/improvements. - Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB). * Web management console (webmin): - Upgraded webmin to v2.105. - Replace webmin-shell with webmin-xterm module by default - closes #1904. - Removed stunnel reverse proxy (Webmin hosted directly now). - Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem). - Disabled Webmin Let's Encrypt (for now). * Web shell (shellinabox): - Completely removed in v18.0 (Webmin now has a proper interactive shell). - Note: previous v18.0 releases did not include webmin-xterm pkg - see above webmin note &/or #1904. * Backup (tklbam): - Ported dependencies to Debian Bookworm; otherwise unchanged. * Security hardening & improvements: - Generate and use new TurnKey Bookworm keys. - Automate (and require) default pinning for packages from Debian backports. Also support non-free backports. * IPv6 support: - Adminer (only on LAMP based apps) listen on IPv6. - Nginx/NodeJS (NodeJS based apps only) listen on IPv6. * Misc bugfixes & feature implementations: - Remove rsyslog package (systemd journal now all that's needed). - Include zstd compression support. - Enable new non-free-firmware apt repo by default. - Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps). -- Jeremy Davis Tue, 21 May 2024 00:42:45 +0000 turnkey-jenkins-17.1 (1) turnkey; urgency=low * Updated all Debian packages to latest. [ autopatched by buildtasks ] * Patched bugfix release. Closes #1734. [ autopatched by buildtasks ] -- Jeremy Davis Fri, 11 Nov 2022 02:00:48 +0000 turnkey-jenkins-17.0 (1) turnkey; urgency=low * Install latest Jenkins LTS from upstream apt repo - 2.361.1. * Fixes #888 (Automated plugin dependency fulfilment) * Provides jenkins-cli utility script `/usr/local/bin/jenkins-cli` * Updated all relevant Debian packages to Bullseye/11 versions * Note: Please refer to turnkey-core's 17.0 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Stefan Davis Mon, 19 Sep 2022 19:34:49 +0000 turnkey-jenkins-16.1 (1) turnkey; urgency=low * Install latest Jenkins LTS from upstream apt repo - 2.277.3. * Update all current plugins, plus include dependencies: - bootstrap4-api - checks-api - font-awesome-api - popper-api - workflow-support * Install previous minor version (1.18.1) of ssh-credentials plugin. Latest version requires latest Jenkins (not compatible with Jenkins LTS). * Note: Please refer to turnkey-core's 16.1 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Tue, 27 Apr 2021 15:42:47 +1000 turnkey-jenkins-16.0 (1) turnkey; urgency=low * Install latest Jenkins LTS from upstream - 2.235.2. * Update/include additional plugins (new/updated plugin dependencies): - echarts-api - jaxb - trilead-api - jackson2-api - jquery3-api - plugin-util-api - snakeyaml-api * Change default Jenkins username to 'jenkins-admin'. This is to avoid possible clash with sudoadmin on AWSMP (default username is 'admin'). [ Jeremy Daivs ] * Explcitly disable TLS<1.2 (i.e. SSLv3, TLSv1, TLSv1.1). (v15.x TurnKey releases supported TLS 1.2, but could fallback as low as TLSv1). * Update SSL/TLS cyphers to provide "Intermediate" browser/client support (suitable for "General-purpose servers with a variety of clients, recommended for almost all systems"). As provided by Mozilla via https://ssl-config.mozilla.org/. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Stefan Davis Tue, 04 Aug 2020 15:46:51 +1000 turnkey-jenkins-15.4 (1) turnkey; urgency=low * Install latest Jenkins LTS from upstream (2.150.1). * Remove broken TurnKey credit footer (and the markup plugin that was providing it) - closes #1215. To be reimplemented at a later date (see #1281). -- Jeremy Davis Wed, 19 Dec 2018 10:12:50 +1100 turnkey-jenkins-15.3 (1) turnkey; urgency=low * Install latest Jenkins LTS from upstream (2.138.3). * Rebuild to resolve inadvertant removal of mariadb during sec-updates - part of #1246. -- Jeremy Davis Wed, 21 Nov 2018 18:20:15 +1100 turnkey-jenkins-15.2 (1) turnkey; urgency=low * Latest version of Jenkins from upstream LTS repo (2.138.2). -- Jeremy Davis Mon, 15 Oct 2018 18:40:16 +1100 turnkey-jenkins-15.1 (1) turnkey; urgency=low * Latest version of Jenkins from upstream LTS repo (2.138.1). -- Jeremy Davis Mon, 17 Sep 2018 14:11:40 +1000 turnkey-jenkins-15.0 (1) turnkey; urgency=low * Latest version of Jenkins from upstream Long Term Support repo (2.121.3). * Replace MySQL with MariaDB * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Vlad Kuzmenko Thu, 12 Jul 2018 04:59:42 +0200 turnkey-jenkins-14.2 (1) turnkey; urgency=low * Latest version of Jenkins from upstream Long Term Support repo. * Upgraded to OpenJDK v8. * jenkins-cli: - '-remoter' mode disabled by default (security) - JENKINS_URL env var set to http://localhost:8080 (convenience) - jenkins-cli bash wrapper - can now use 'jenkins-cli' instead of 'java -jar path/to/jenkins-cli.jar' (convenience) [jeremy@turnkeylinux.org] * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Anton Pyrogovskyi Tue, 11 Jul 2017 23:05:29 +0200 turnkey-jenkins-14.1 (1) turnkey; urgency=low * Jenkins: -Latest version of Jenkins from upstream Long Term Support repo. -Included scm_api dependency (#507). -Fix reverse proxy (#untracked bug). -Redirect HTTP to HTTPS. * Latest versions of Debian packages (from repos). * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Wed, 17 Feb 2016 16:33:08 +1100 turnkey-jenkins-14.0 (2) turnkey; urgency=low * Latest version of Jenkins from Long Term Support release version. Fixes remote code execution vulnerability. -- Jeremy Davis Thu, 26 Nov 2015 19:28:32 +1000 turnkey-jenkins-14.0 (1) turnkey; urgency=low * Jenkins: - Latest version of Jenkins from official package repository. * Tomcat/JDK: - Upgraded to Tomcat7 (Jessie). - Upgraded to OpenJDK7 (Jessie). * Debian component versions: tomcat7 7.0.56-3 openjdk-7-jdk 7u79-2.5.5-1~deb8u1 * Hardened default SSL settings * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Sun, 24 May 2015 04:37:32 +1000 turnkey-jenkins-13.0 (1) turnkey; urgency=low * Jenkins: - Latest version of Jenkins from official package repository. - Bugfixed plugin permissions [#42]. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Thu, 10 Oct 2013 18:07:35 +0300 turnkey-jenkins-12.1 (1) turnkey; urgency=low * Jenkins: - Installing latest version of Jenkins from official package repository, and pinning for security. - Latest plugins versions are installed at build time. - Transitioned to jenkins daemon localhost, removed tomcat related. - Regenerate jenkins secrets/keys on firstboot (security). - Configured authentication via pam (admin posix user, disabled login). * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Sun, 07 Apr 2013 08:00:00 +0200 turnkey-jenkins-12.0 (1) turnkey; urgency=low * Initial public release of TurnKey Jenkins, based on TKLPatch submitted by Adrian Moya. * Jenkins is preconfigured with PrivateSecurityRealm, providing users full control once logged in (signup is disabled by default). * Set Jenkins admin password on firstboot (convenience, security). * Regenerates all secrets during installation / firstboot (security). * Includes all popular VCS clients and related Jenkins plugins for Git, Bazaar, Mercurial and Subversion. * JENKINS_HOME configured in environment: /var/local/lib/jenkins. * SSL support out of the box. * Tomcat, Apache and Java configurations - Apache2 Jk loadbalancer connector to Tomcat (performance). - JkMounts for jenkins, admin, manager, host-manager applications. - Configured Tomcat admin/manager roles and admin user. - Configured Tomcat AJP connector to bind to localhost (security). - Removed tomcat HTTP connector listener (security). - Tomcat and Java environment variables configuration system wide. * Includes postfix MTA (bound to localhost) for sending of email (e.g. password recovery). Also includes webmin postfix module for convenience. * Major component versions tomcat6 6.0.35-1+squeeze2 apache2 2.2.16-6+squeeze7 libapache2-mod-jk 1:1.2.30-1squeeze1 openjdk-6-jdk 6b18-1.8.13-0+squeeze2 openjdk-6-jre 6b18-1.8.13-0+squeeze2 ant 1.8.0-4 mysql-server 5.1.63-0+squeeze1 libmysql-java 5.1.10+dfsg-2 git-core 1:1.7.2.5-3 bzr 2.1.2-1 subversion 1.6.12dfsg-6 mercurial 1.6.4-1 build-essential 11.5 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Wed, 01 Aug 2012 08:00:00 +0200