turnkey-nextcloud-18.1 (1) turnkey; urgency=low * Update Nextcloud to latest upstream version - v29.0.4. * Update Nextcloud specific inithook to manage password setting better - closes #1898 & #1901. * Improve turnkey-occ script. * Override some systemd service hardening in containers that include redis. * v18.1 rebuild - includes latest Debian & TurnKey packages. * Configuration console (confconsole) - v2.1.6: - Bugfix broken DNS-01 Let's Encrypt challenge - closes #1876 & #1895. Fixed in v2.1.5. - Let's Encrypt/Dehydrated - bugfix cron failure - closes #1962. - General dehydrated-wrapper code cleanup - now passes shellcheck. * Ensure hashfile includes URL to public key - closes #1864. * Web management console (webmin): - Include webmin-logviewer module by default - closes #1866. - Upgraded webmin to v2.105. - Replace webmin-shell with webmin-xterm module by default - closes #1904. * Reduce log noise by creating ntpsec log dir - closes #1952. * Apache mod_evasive config improvements: - Bump DOSPageCount from (default) 2 -> 5 - closes #1951. - DOSLogDir - use default log dir & fix permissions - closes #1950. - Add DOSWhitelist example - commented out. * Includes new 'tkl-upgrade-php' helper script - to allow easy update/change of PHP version - closes #1892. [Marcos Méndez @ POPSOLUTIONS ] * DEV: Add support for setting max_execution_time & max_input_vars in php.ini via appliance Makefile (PHP_MAX_EXECUTION_TIME & PHP_MAX_INPUT_VARS). -- Jeremy Davis Mon, 22 Jul 2024 07:39:49 +0000 turnkey-nextcloud-18.0 (1) turnkey; urgency=low * Updated Nextcloud to latest upstream version - 27.1.1 * Implement turnkey-php wrapper/helper script (included in all apps with PHP). Closes #1691. It can be used to run the Nextcloud updater, like this:: turnkey-php nextcloud/updater/updater.phar * Improve Nextcloud password setting. Specifically note that password requires 10 chars. Also ensure that failed password (when preseeded) doesn't make firstboot hang. Note if invalid pass is preseeded, then user will need to re-run turnkey-init interactively. Closes #1773 & #1838. * Include and enable mod_evasive and mod_security2 by default in Apache. [ Stefan Davis ] * Debian default PHP updated to v8.2. * Use MariaDB (MySQL replacement) v10.11.3 (from debian repos). * Upgraded base distribution to Debian 12.x/Bookworm. * Configuration console (confconsole): - Support for DNS-01 Let's Encrypt challenges. [ Oleh Dmytrychenko github: @NitrogenUA ] - Support for getting Let's Encrypt cert via IPv6 - closes #1785. - Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi). - Show error message rather than stacktrace when window resized to incompatable resolution - closes #1609. [ Stefan Davis ] - Bugfix exception when quitting configuration of mail relay. [ Oleh Dmytrychenko github: @NitrogenUA ] - Improve code quality: implement typing, fstrings and make (mostly) PEP8 compliant. [Stefan Davis & Jeremy Davis * Firstboot Initialization (inithooks): - Refactor start up (now hooks into getty process, rather than having it's own service). [ Stefan Davis ] - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks. - Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl. - Refactor run script - use bashisms and general tidying. - Show blacklisted password characters more nicely. - Misc packaging changes/improvements. - Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB). * Web management console (webmin): - Upgraded webmin to v2.0.21. - Removed stunnel reverse proxy (Webmin hosted directly now). - Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem). - Disabled Webmin Let's Encrypt (for now). * Web shell (shellinabox): - Completely removed in v18.0 (Webmin now has a proper interactive shell). * Backup (tklbam): - Ported dependencies to Debian Bookworm; otherwise unchanged. * Security hardening & improvements: - Generate and use new TurnKey Bookworm keys. - Automate (and require) default pinning for packages from Debian backports. Also support non-free backports. * IPv6 support: - Adminer (only on LAMP based apps) listen on IPv6. - Nginx/NodeJS (NodeJS based apps only) listen on IPv6. * Misc bugfixes & feature implementations: - Remove rsyslog package (systemd journal now all that's needed). - Include zstd compression support. - Enable new non-free-firmware apt repo by default. - Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps). -- Stefan Davis Fri, 22 Sep 2023 02:54:24 +0000 turnkey-nextcloud-17.2 (1) turnkey; urgency=low * Updated Nextcloud to latest upstream version - 26.0.0 * Includes PHP 8.1 (required by Nextcloud v24+). -- Jeremy Davis Sun, 26 Mar 2023 22:54:22 +0000 turnkey-nextcloud-17.1 (1) turnkey; urgency=low * Updated all Debian packages to latest. [ autopatched by buildtasks ] * Patched bugfix release. Closes #1734. [ autopatched by buildtasks ] -- Jeremy Davis Fri, 11 Nov 2022 02:15:46 +0000 turnkey-nextcloud-17.0 (1) turnkey; urgency=low * Changing nextcloud.py file to use subprocess.run instead of call for password and to check for return code. [Mattie Darden ] * Added php-bcmath package to plan/main file. Closes tracker #1767. [Mattie Darden ] * Updated Nextcloud to latest upstream version - 23.0.1. [Zhenya Hvorostian ] * Include fail2ban config (security). [ The Right Honourable Reverend ] * Note: Please refer to turnkey-core's 17.0 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Stefan Davis Tue, 08 Nov 2022 21:49:27 +0000 turnkey-nextcloud-16.1 (1) turnkey; urgency=low * Updated Nextcloud to latest upstream version - 21.0.1. * Fix cron job path - closes #1569. * Include 'turnkey-occ' wrapper script (for occ command). Runs 'php occ' as www-data user. * Move Nextcloud data folder outside webroot - /var/www/nextcloud-data - closes #1436. * Set default permissions more permissively, so that the webUI updater will work OOTB - closes #1182. * Remove redundant 3rd party sury.org repo - part of #1578. * Note: Please refer to turnkey-core's 16.1 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Wed, 14 Apr 2021 15:29:51 +1000 turnkey-nextcloud-16.0 (1) turnkey; urgency=low * Updated Nextcloud to latest upstream version - 18.0.4. * Explcitly disable TLS<1.2 (i.e. SSLv3, TLSv1, TLSv1.1). (v15.x TurnKey releases supported TLS 1.2, but could fallback as low as TLSv1). * Update SSL/TLS cyphers to provide "Intermediate" browser/client support (suitable for "General-purpose servers with a variety of clients, recommended for almost all systems"). As provided by Mozilla via https://ssl-config.mozilla.org/. * Updated all relevant Debian packages to Buster/10 versions; including PHP 7.3. * Updated version of mysqltuner script - now installed as per upstream recommendation. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Stefan Davis Tue, 28 Apr 2020 17:31:47 +1000 turnkey-nextcloud-15.2 (1) turnkey; urgency=low * Updated Nextcloud to latest upstream version - 16.0.1. * Auto-detect latest upstream version (temporarily disabled - additional config required). [ Stefan Davis ] * Updated PHP to 7.2 as required by Nextcloud v16.x (installed via deb.suy.org). [ Stefan Davis ] * Include and configure Redis. [ Stefan Davis ] * Bump default PHP max memory to 512MB (as recommended by Nextcloud). -- Jeremy Davis Fri, 07 Jun 2019 11:12:50 +1000 turnkey-nextcloud-15.1 (1) turnkey; urgency=low * Upgraded to the latest upstream Nextcloud - v14.0.3. * Rebuild to resolve inadvertent removal of mariadb during sec-updates - part of #1246. -- Jeremy Davis Thu, 22 Nov 2018 13:57:10 +1100 turnkey-nextcloud-15.0 (1) turnkey; urgency=low * Upgraded to the latest upstream source version (v13.0.4). * Install Adminer directly from stretch/main repo * Provide "adminer" root-like user for Adminer MySQL access * Replace MySQL with MariaDB (drop-in MySQL replacement) * Updated version of mysqltuner script * Includes PHP7.0 (installed from Debian repos) * Updated PHP default settings * Remove phpsh (no longer maintained) * LibreOffcie-writer removed (part of #1082). [ Zhenya Hvorostian ] * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Vlad Kuzmenko Fri, 15 Jun 2018 15:29:42 +0200 turnkey-nextcloud-14.2 (1) turnkey; urgency=low * Initial release of Nextcloud appliance, forked from ownCloud app. * Nextcloud: - Installed latest stable version (11.0.3). - Installed from upstream zip archive (no Debian packages). - Using command-line tool to set up installation * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Tomas Vondra Thu, 04 May 2017 20:55:31 -0700