New TurnKey Nextcloud version (18.1)

Changes:

  • Update Nextcloud to latest upstream version - v29.0.4.
  • Update Nextcloud specific inithook to manage password setting better - closes #1898 & #1901.
  • Improve turnkey-occ script.
  • Override some systemd service hardening in containers that include redis.
  • v18.1 rebuild - includes latest Debian & TurnKey packages.
  • Configuration console (confconsole) - v2.1.6:
    • Bugfix broken DNS-01 Let's Encrypt challenge - closes #1876 & #1895. Fixed in v2.1.5.
    • Let's Encrypt/Dehydrated - bugfix cron failure - closes #1962.
    • General dehydrated-wrapper code cleanup - now passes shellcheck.
  • Ensure hashfile includes URL to public key - closes #1864.
  • Web management console (webmin):
    • Include webmin-logviewer module by default - closes #1866.
    • Upgraded webmin to v2.105.
    • Replace webmin-shell with webmin-xterm module by default - closes #1904.
  • Reduce log noise by creating ntpsec log dir - closes #1952.
  • Apache mod_evasive config improvements:
    • Bump DOSPageCount from (default) 2 -> 5 - closes #1951.
    • DOSLogDir - use default log dir & fix permissions - closes #1950.
    • Add DOSWhitelist example - commented out.
  • Includes new 'tkl-upgrade-php' helper script - to allow easy update/change of PHP version - closes #1892. [Marcos Méndez @ POPSOLUTIONS ]
  • DEV: Add support for setting max_execution_time & max_input_vars in php.ini via appliance Makefile (PHP_MAX_EXECUTION_TIME & PHP_MAX_INPUT_VARS).

Links

New TurnKey Nextcloud version (18.0)

Changes:

  • Updated Nextcloud to latest upstream version - 27.1.1
  • Implement turnkey-php wrapper/helper script (included in all apps with PHP). Closes #1691. It can be used to run the Nextcloud updater, like this:: turnkey-php nextcloud/updater/updater.phar
  • Improve Nextcloud password setting. Specifically note that password requires 10 chars. Also ensure that failed password (when preseeded) doesn't make firstboot hang. Note if invalid pass is preseeded, then user will need to re-run turnkey-init interactively. Closes #1773 & #1838.
  • Include and enable mod_evasive and mod_security2 by default in Apache. [ Stefan Davis ]
  • Debian default PHP updated to v8.2.
  • Use MariaDB (MySQL replacement) v10.11.3 (from debian repos).
  • Upgraded base distribution to Debian 12.x/Bookworm.
  • Configuration console (confconsole):
    • Support for DNS-01 Let's Encrypt challenges. [ Oleh Dmytrychenko github: @NitrogenUA ]
    • Support for getting Let's Encrypt cert via IPv6 - closes #1785.
    • Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi).
    • Show error message rather than stacktrace when window resized to incompatable resolution - closes #1609. [ Stefan Davis ]
    • Bugfix exception when quitting configuration of mail relay. [ Oleh Dmytrychenko github: @NitrogenUA ]
    • Improve code quality: implement typing, fstrings and make (mostly) PEP8 compliant. [Stefan Davis & Jeremy Davis
  • Firstboot Initialization (inithooks):
    • Refactor start up (now hooks into getty process, rather than having it's own service). [ Stefan Davis ]
    • Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks.
    • Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl.
    • Refactor run script - use bashisms and general tidying.
    • Show blacklisted password characters more nicely.
    • Misc packaging changes/improvements.
    • Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB).
  • Web management console (webmin):
    • Upgraded webmin to v2.0.21.
    • Removed stunnel reverse proxy (Webmin hosted directly now).
    • Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem).
    • Disabled Webmin Let's Encrypt (for now).
  • Web shell (shellinabox):
    • Completely removed in v18.0 (Webmin now has a proper interactive shell).
  • Backup (tklbam):
    • Ported dependencies to Debian Bookworm; otherwise unchanged.
  • Security hardening & improvements:
    • Generate and use new TurnKey Bookworm keys.
    • Automate (and require) default pinning for packages from Debian backports. Also support non-free backports.
  • IPv6 support:
    • Adminer (only on LAMP based apps) listen on IPv6.
    • Nginx/NodeJS (NodeJS based apps only) listen on IPv6.
  • Misc bugfixes & feature implementations:
    • Remove rsyslog package (systemd journal now all that's needed).
    • Include zstd compression support.
    • Enable new non-free-firmware apt repo by default.
    • Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps).

Links

New TurnKey Nextcloud version (17.2)

Changes:

  • Updated Nextcloud to latest upstream version - 26.0.0
  • Includes PHP 8.1 (Nextcloud recommends 8.0+ since v24+ & requires 8.0+ since v26).

Links

Pages