Evilham
09fec74915
[WAF] Consolidate proxies and documentation
...
The environment / dd.conf variables: PROXY_PROTOCOL and DISABLE_WAF
determine how DD and HAProxy will behave.
- PROXY_PROTOCOL: whether or not the PROXY protocol will be accepted
- DISABLE_WAF: whether or not WAF will be enabled
This simplifies maintenance, as well as the overall architecture and operation.
While at it, we now publish images for DD's HAProxy as well.
2022-11-24 12:54:46 +01:00
Manuel Caballero
e6325c9618
enable and disable modsecurity env_var
2022-11-24 10:01:37 +01:00
Manuel Caballero
8050fb4fe4
fix shellcheck docker-compose command
2022-11-24 10:01:37 +01:00
Manuel Caballero
392f8e0ee9
Volume to modsecurity
2022-11-24 10:01:37 +01:00
Manuel Caballero
c19872dadb
update README.md
2022-11-24 10:01:37 +01:00
Manuel Caballero
d3c78c5bb0
config vhost and dd rules modsecurity on volumen
2022-11-24 10:01:37 +01:00
Manuel Caballero
5f1d0acf27
update documentation
2022-11-24 10:01:37 +01:00
Manuel Caballero
26728a3c72
configure deploy modsecurity
2022-11-24 10:01:37 +01:00
Manuel Caballero
2af96ac3c0
update haproxy and image from repository
2022-11-24 10:01:36 +01:00
Manuel Caballero
2395789c9d
update readme
2022-11-24 10:01:36 +01:00
Manuel Caballero
fcff698f6f
exclude rules
2022-11-24 10:01:36 +01:00
Manuel Caballero
cb183de9cf
config owasp exclusion wordpress and nextcloud and config stdout sterr in apache
2022-11-24 10:01:36 +01:00
Manuel Caballero
8a71165817
fix config.php file permissions
2022-11-24 10:01:36 +01:00
Manuel Caballero
e2815d8151
update path and fix write error
2022-11-24 10:01:36 +01:00
Manuel Caballero
1375f4c102
remove cerbot service
2022-11-24 10:01:35 +01:00
Manuel Caballero
b10178f0f7
Initial config modsecurity
2022-11-24 10:01:35 +01:00
elena
b26ceba71a
hide element icon-onlyoffice-new-docxf_element from menu by css using data-action
2022-11-24 08:43:06 +00:00
elena
9a7389da46
Merge branch 'feature/nextcloud_hide_icon-onlyoffice-new-docxf_element' of https://gitlab.com/DD-workspace/DD into feature/nextcloud_hide_icon-onlyoffice-new-docxf_element
2022-11-24 08:38:07 +00:00
elena
c6bc45cb96
Nextcloud - hide element: Nueva plantilla de formulario
2022-11-24 08:05:13 +00:00
Evilham
596bc4ef5d
[dd-ctl] Actually pull images, else we might not use them
...
This performs a pull on docker-compose build as well
2022-11-23 20:51:27 +01:00
elena
56c8537b98
Nextcloud - hide element: Nueva plantilla de formulario
2022-11-23 15:12:38 +00:00
Evilham
ca8b29dd5e
[dd-sso/api] Cover all cases, add docs for megamenu internal links
...
These documentation convering these changes should be visible in:
https://dd.digitalitzacio-democratica.xnet-x.net/docs/customising.ca/
2022-11-23 12:54:21 +01:00
elena
97b4916983
new validation to create href
2022-11-15 11:47:04 +00:00
elena
0b03efc73e
changes recommended by evilham
2022-11-15 08:58:57 +00:00
elena
ec4f4587d4
new megamenu link: DD manual
2022-11-14 15:07:40 +00:00
Evilham
b92dc23557
[sso] Allow for Keycloak login footer customisation
...
This enables more advanced customisation by allowing for
administrators to fully replace the footer of the login theme.
We try to take into account maintainability, at the same time mention
that it is the administrators' responsibility to keep their
customisations compatible with newer versions of DD.
2022-11-13 10:03:49 +01:00
Evilham
75e314ff7e
[NC] Remove jQuery dependency for theme's navbar.js
...
It wasn't really necessary and could lead to the whole megamenu not
being loaded under certain circumstances.
2022-11-13 10:03:47 +01:00
Evilham
f355b160a1
Revert "DD- facilita la instalacion desde el dd-ctl"
...
This reverts commit bd27ef4b6a
.
Which is generating various installation issues.
2022-11-13 10:02:24 +01:00
elena
bd27ef4b6a
DD- facilita la instalacion desde el dd-ctl
2022-10-30 20:09:09 +01:00
Evilham
651d5f8e90
[dd-ctl] Fix previously introduced shellcheck issue
...
Caught in CI and introduced when disabling the circles app.
2022-10-30 20:04:49 +01:00
Evilham
071bcd827f
[dd-admin] Fix issue propagating changes to NC
...
There was erroneous logic that only propagated the first attribute of
many, so some attribute changes were never propagated to NextCloud.
2022-10-30 20:01:44 +01:00
Evilham
895a20abba
[dd-admin] Fix email schemas in certain API endpoints
...
Dot character was not being properly escaped, we switch to using
bracket expressions to avoid possible future issues.
2022-10-23 19:45:40 +02:00
Evilham
d2fb24379a
[nextcloud] Disable circles app
...
People get confused, and we really only use circles.
2022-10-18 11:05:11 +02:00
elena
089876ff28
moodle new atto plugin
2022-10-18 08:37:26 +00:00
elena
226d0f7861
new moodle plugins to install
2022-10-18 08:37:26 +00:00
Evilham
559a90fba9
[mail] Refactor queue for easier maintenance, use name
...
We thought the name parameter was the account name to be shown in the
plugin, but it is the contents of the "From" email header instead.
While changing that, we also update the code to better match the open
Pull Request upstream that adds the update-account to the mail plugin
for nextcloud.
2022-10-17 19:06:59 +02:00
elena
3102b3c1f4
conflicts resolved
2022-09-26 07:37:39 +00:00
Evilham
fdc3d74958
[saml] Rework SAML handling
...
This separates stages more efficiently, and we are e.g. able to
support newer versions of Nextcloud's SAML plugin.
2022-09-23 19:14:02 +02:00
Evilham
8cbff5b8c6
[saml] Rework SAML handling
...
This separates stages more efficiently, and we are e.g. able to
support newer versions of Nextcloud's SAML plugin.
2022-09-23 08:39:40 +02:00
Evilham
ede83e1514
[moodle] Reduce unnecessary diff against upstream
2022-09-23 06:52:33 +02:00
Evilham
3ae974432a
[registry] Add dd-sso-admin as an image
...
This would be the first image that is already distributed directly
from the registry to improve setup and maintenance.
2022-09-22 12:48:13 +02:00
Evilham
3c53a5aead
[wp] Fix multisite installation
...
While there we also simplify DD by removing an the unnecessary wp-cli
container.
2022-09-22 12:40:31 +02:00
Evilham
7d7c2ddfcf
[containers] Add healthcheck for SSO redirections
...
This will help us catch issues in e.g. moodle, nextcloud and wp.
2022-09-22 11:52:15 +02:00
Evilham
397655232f
[dd-ctl] Moodle plugins install: reduce verbosity
...
This was polluting the logs making debugging difficult.
2022-09-06 19:37:29 +02:00
Evilham
66e009abff
[dd-ctl] Fix installation
...
By toying with the new CI we discover that:
Commit 075529f472
gets into an endless
loop:
WARNING:root:Could not get moodle SAML2 crt certificate. Retrying...
See: https://ci.dd-work.space/#/builders/4/builds/62/steps/8/logs/stdio
But by reverting 52f99c38bb
it works as
expected.
See: https://ci.dd-work.space/#/builders/4/builds/67/steps/8/logs/stdio
Upon investigation, we were not waiting for moodle to be fully up
because 'healthy' is a substring of 'unhealthy' and grep wasn't taking
that into account.
2022-09-06 19:35:23 +02:00
Evilham
08a36cce9f
[dd-ctl] Bundle up some docker commands
...
This ought to be faster and is easier to read.
2022-09-06 19:30:12 +02:00
Evilham
34761e028b
[sso-admin] Improve postup's idempotency
...
The class was only checking whether or not a specific token exists in
moodle, and it should ensure that it has access to the right permissions
Reported by: @elena61
2022-09-06 19:29:37 +02:00
Evilham
075529f472
[haproxy] Remove leftovers, fix config selection
...
dd-apps/docker/haproxy seems to be a leftover and is not being used
anywhere.
Also fix the config selection for HAProxy.
2022-08-30 22:17:57 +02:00
Evilham
72f9d927e1
[haproxy] Support other HAProxy configurations
...
This can be used by setting up HAPROXY_CONF in dd.conf, which will
determine which config file will be used.
We also add haproxy.proxy-protocol.conf which is cleaner than
haproxy.conf and allows the PROXY protocol on certain ports.
With this setup it is possible to e.g. run DD without a public IPv4
address by proxying it from an edge server.
2022-08-30 20:47:42 +02:00
elena
993b5f0e24
fixed mysql-connector-python version. fixed mariadb conection user and pwd
2022-08-30 16:58:30 +02:00