maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity
4,553 Commits 6 Branches 188 Tags
a31da97d66e89d78d50a57c065a815092fad7cf7
Commit Graph

697 Commits

Author SHA1 Message Date
Michael Kaufmann (d00p)
d40d1f30b6 make it a setting to switch between ACME v1 and v2 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 14:50:52 +01:00
Michael Kaufmann (d00p)
9aaadb1f8b implement lets-encrypt api-v02 (testing only currently; not activated in froxlor, test with 'php froxlor_master_cronjob.php --letsencrypt_v2 --debug' but set api endpoint to staging); no chain is returned currently, seems to be a known bug 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 14:40:36 +01:00
Michael Kaufmann (d00p)
d8abe30c44 create dummy pool-config whenever a fpm-daemons configdir is empty so it still restarts 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 09:25:56 +01:00
Michael Kaufmann (d00p)
07caf55f79 fixes to multi-fpm in cron 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-08 09:16:00 +01:00
Michael Kaufmann (d00p)
af55fe5b82 add possibility to add multiple php-fpm instances 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-07 14:55:25 +01:00
Andreas Grundler
64653a2bb1 nscd -i passwd in froxlor_master_cronjob.php eingefügt 2018-01-01 13:54:32 +01:00
Andreas Grundler
732c6e3a78 Added nscd -i passwd to clear user 2017-12-31 22:40:19 +01:00
Michael Kaufmann (d00p)
57277eb1e3 also add locked users to the passwd file for quota not to rage :P thx J-BBB 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-12-27 10:36:10 +01:00
Michael Kaufmann (d00p)
cf4f15a83c explicitly deactivate TLS (and auto-tls) when setting use-tls is OFF; fixes #496 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-12-19 08:00:39 +01:00
azerr
297f3f638c change sign direction 2017-12-08 17:47:09 +01:00
azerr
d2a9fa8632 extend nginx redirect regex to https 2017-12-08 15:39:05 +01:00
Michael Kaufmann (d00p)
e725b48c4c add default/global directory options in apache regardless of whether fcgid/fpm is being used or not; fixes #485 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-11-27 07:48:36 +01:00
Michael Kaufmann (d00p)
45c0915b59 fix ssl integration in lighttpd, thx to black-night for the info 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-11-17 15:15:09 +01:00
Michael Kaufmann (d00p)
1e03946df7 set sql_mode to disable STRICT_MODE usage for froxlor, thx to albech for the hint 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-11-08 07:49:40 +01:00
Michael Kaufmann (d00p)
bab982a0e6 add http2 support for froxlor-vhost and per-domain 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-08-24 13:21:21 +02:00
Michael Kaufmann (d00p)
56e8e32965 set correct permissions for extrausers files/folder, fixes #465 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-07-26 07:30:14 +02:00
Oliver Rahner
aa8a7ee0a9 nginx: add index directive to path options for secured directories 
`index` directives are now created for secured directory locations.
 2017-06-10 10:59:41 +02:00
Michael Kaufmann (d00p)
a3201481f6 beatufication in generated vhost configs 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-06-04 09:30:32 +02:00
Michael Kaufmann (d00p)
434f202832 minor fixes in traffic cron 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-05-12 12:22:04 +02:00
Michael Kaufmann (d00p)
552d58848c fix sql_mode=only_full_group_by in admin_admins.php; fix wrong webserver-user when using FCGID 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-05-09 13:17:50 +02:00
Michael Kaufmann (d00p)
a2e0de23e1 add libnss-extrausers for debian/ubuntu users 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-05-05 09:35:06 +02:00
Daniel Reichelt
ec1bd6e19a add OCSP stapling support for apache2 and nginx 2017-04-11 17:09:34 +02:00
Michael Kaufmann (d00p)
95a18be5c5 do not use HTTP_HOST variable if mod_rewrite is not used 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-01-24 09:41:45 +01:00
Michael Kaufmann (d00p)
8030aae37a fix directory options for deactivated users, fixes #1704 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-01-23 23:53:01 +01:00
Michael Kaufmann (d00p)
e00cb8926d set mail-sender to customer mail address when using mod_php, fixes #1707 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-01-23 08:12:44 +01:00
Michael Kaufmann (d00p)
ab18d94053 fix PR #407 - only works for apache-2.4 and missed the entry for customer-vhosts 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-01-17 11:29:40 +01:00
Laurens Stötzel
5e0270e6a8 Disable SSLCompression (CRIME attack) 
https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html#SSL_Compression_(CRIME_attack)
 2017-01-17 10:33:22 +01:00
Michael Kaufmann
602c38dbeb Merge branch 'master' into feature/letsencrypt-verbesserungen 2016-12-11 08:23:46 +01:00
Michael Kaufmann
3d4b56b233 Merge branch 'master' into master 2016-12-11 08:19:16 +01:00
Michael Kaufmann
d8994ca65b Merge pull request #399 from hypernics/alias_redirect 
Change redirect host from main domain name to requested domain name, refs #1670
 2016-12-11 08:05:57 +01:00
Michael Kaufmann (d00p)
18514f0180 fix undefined array when processing specialsettings, fixes #1684 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-12-10 21:43:28 +01:00
Janos Muzsi
1b18ec45be correcting lighttpd settings 2016-11-27 23:18:23 +01:00
Michael Wyraz
18b45c749d Better handling for letsencrypt errors after failed registration or changed license 2016-11-25 09:54:47 +01:00
Janos Muzsi
2c00f982d8 Change redirect host from main domain name to requested domain name 2016-11-24 22:55:57 +01:00
Michael Kaufmann (d00p)
9838ff4da5 fix hsts settings for lighttpd, fixes #1677 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-11-22 08:16:35 +01:00
Michael Kaufmann (d00p)
43ca4a28e4 add acme.conf alias also to froxlor vhost in case the acme-challenge path is not within the froxlor-docroot; fix empty redirect-code, fixes #1674 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-11-21 08:19:33 +01:00
Janos Muzsi
5f899a5510 Add support for http2 option to nginx 2016-11-17 22:50:11 +01:00
Michael Kaufmann (d00p)
432645431c allow CIDR values in AXFR setting, fixes #1672 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-11-15 08:03:34 +01:00
Dominic Schallert
e5053bad15 Introduced phpenabled_customer and phpenabled_vhost, updated cron scripts, updated dbversion 2016-11-13 15:15:43 +01:00
Michael Kaufmann (d00p)
d6b56262ce fix unnecessary idn encoding 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-11-04 18:28:32 +01:00
Michael Kaufmann (d00p)
60c1babd93 fix wrong protocol name for apache 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-10-31 20:44:31 +01:00
Michael Kaufmann (d00p)
76c200a56c disable tlsv1.1 for ssl settings 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-10-31 11:17:56 +01:00
Michael Kaufmann (d00p)
462fca7328 do not add www.[froxlorfqdn] to SAN list of certificate request for Let's Encrypt froxlor-vhost certificate; fixes #1662 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-10-28 10:57:51 +02:00
Michael Kaufmann (d00p)
884b2ed913 various fixes for idn converted domains + fix undefined index alias when editing a domain with alias 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-10-25 12:24:57 +02:00
Michael Kaufmann (d00p)
af77453bfe do not generate ssl-vhost-container without a certificate 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-10-20 09:23:44 +02:00
Michael Kaufmann (d00p)
ce31a0b3fd enable custom redirect codes also for lighttpd 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-10-13 10:16:17 +02:00
Michael Kaufmann (d00p)
fc2ae594cb enable custom redirect codes also for nginx 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-10-13 09:51:57 +02:00
Michael Kaufmann (d00p)
91c2d4efbe do not redirect when requesting let's encrypt certificates in nginx (same as we do in apache) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-10-11 07:49:52 +02:00
Florian Aders
75d8d0b397 Fix sslsettings in hsts for nginx 2016-10-07 19:08:32 +02:00
Michael Kaufmann (d00p)
4a3e02c1f0 add HSTS for domains (admin-side) and froxlor-vhost; fixes #1660 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-10-07 11:01:45 +02:00