Commit Graph

31 Commits (9fb4505abfcdbcce5194bb4822bbb91d837a7207)

Author SHA1 Message Date
Evilham 01b4155a65 [NC] Upgrade to Nextcloud 25.0.4
This still uses a fork of nextcloud/forms and reenables that plugin.

Since version 25 of Nextcloud uses the 2.X line of the nextcloud/mail
plugin, which already includes our patches, we can get rid of them to
easen future maintenance.
2023-06-07 15:09:06 +02:00
Jose Antonio Exposito Garcia bf3f9178f7 issue DDSUP-19 2023-04-14 08:59:07 +00:00
elena 0888c2ba05 changes suggested 2023-02-27 10:53:11 +00:00
elena 92c5828b33 admin avatar added 2023-02-27 10:53:11 +00:00
Jose Antonio Exposito Garcia 358004899b add yoututbe video in wp 2023-02-21 09:24:32 +00:00
elena 895bd122ef new font LeagueSpartan added 2023-02-17 14:16:44 +00:00
elena 7ac06ef82c new megamenu style 2023-02-17 13:22:24 +00:00
elena d449bff1d1 Merge branch 'main' into feature/menuandfonts 2023-02-17 12:26:03 +00:00
Evilham ed44b8d3d2
[sso-api] Fix SocketIO transitive dependency (dnspython)
Flask-SocketIO depends on dnspython but dnspython 2.3 removes
dns.rdtypes.ANY, which is needed by Flask-SocketIO so we keep it below
version 2.3

We had missed Flask-SocketIO being a dependency on API when fixing the
issue for admin.
2023-02-03 11:40:13 +01:00
elena c7b032ec2e feature/menuandfonts: new menu styles and fonts 2023-01-02 13:46:01 +00:00
Evilham bbc8051260
[dd-sso] Fix regression in API
Recent simplifications to the API contained a typo which resulted in
the logo not being visible.

Reported by:	Gwido
2022-12-13 21:51:01 +01:00
Evilham cdfa4c5724
[api] Give operators the ability to easily add custom CSS
This enables various use-cases like custom icons and other personalisations.
2022-12-10 11:53:28 +01:00
Evilham f3108ac3dc
[api] Add type hints and cleanup
This makes modifying the existing code easier
2022-12-06 19:26:08 +01:00
Evilham 53674bfb24
[api] Reorganise and be more forgiving on yml
This allows for more flexible settings in
custom/menu/[custom|system].yml

And it makes the default values explicit
2022-12-06 18:15:05 +01:00
Evilham 740f799b9c
[WP] Add CSP and Content-Type-Options headers
We do this more reliably on HAProxy, as doing it from WP requires
specialised plugins and in DD we are sure that traffic goes through
the corresponding HAProxy backend.
2022-12-02 11:13:33 +01:00
Evilham 8f5de8af6a
[network] Fix handling of forwarded headers
This fixes several issues where services would see the internal IP of
the proxy and not that of the client.

It works by first unsetting any proxy-related headers that arrive from
the internet, then setting those as seen by HAProxy's entrypoint
frontend.
And finally making sure that neither WAF when enabled nor other
HAProxy backends touch these headers, while they are actually used by
the final services.

Services affected:	Netcloud, Keycloak, Moodle
2022-12-02 06:49:56 +01:00
Manolo Caballero e45eec6822 [dd-waf] block external access to sensible URLs 2022-12-01 10:49:56 +00:00
Evilham 09fec74915
[WAF] Consolidate proxies and documentation
The environment / dd.conf variables: PROXY_PROTOCOL and DISABLE_WAF
determine how DD and HAProxy will behave.

- PROXY_PROTOCOL: whether or not the PROXY protocol will be accepted
- DISABLE_WAF: whether or not WAF will be enabled

This simplifies maintenance, as well as the overall architecture and operation.

While at it, we now publish images for DD's HAProxy as well.
2022-11-24 12:54:46 +01:00
Manuel Caballero 392f8e0ee9
Volume to modsecurity 2022-11-24 10:01:37 +01:00
Manuel Caballero 26728a3c72
configure deploy modsecurity 2022-11-24 10:01:37 +01:00
Manuel Caballero 1375f4c102
remove cerbot service 2022-11-24 10:01:35 +01:00
Manuel Caballero b10178f0f7
Initial config modsecurity 2022-11-24 10:01:35 +01:00
Evilham ca8b29dd5e
[dd-sso/api] Cover all cases, add docs for megamenu internal links
These documentation convering these changes should be visible in:
https://dd.digitalitzacio-democratica.xnet-x.net/docs/customising.ca/
2022-11-23 12:54:21 +01:00
elena 97b4916983 new validation to create href 2022-11-15 11:47:04 +00:00
elena 0b03efc73e changes recommended by evilham 2022-11-15 08:58:57 +00:00
elena ec4f4587d4 new megamenu link: DD manual 2022-11-14 15:07:40 +00:00
Evilham b92dc23557
[sso] Allow for Keycloak login footer customisation
This enables more advanced customisation by allowing for
administrators to fully replace the footer of the login theme.

We try to take into account maintainability, at the same time mention
that it is the administrators' responsibility to keep their
customisations compatible with newer versions of DD.
2022-11-13 10:03:49 +01:00
Evilham 075529f472
[haproxy] Remove leftovers, fix config selection
dd-apps/docker/haproxy seems to be a leftover and is not being used
anywhere.

Also fix the config selection for HAProxy.
2022-08-30 22:17:57 +02:00
Evilham 72f9d927e1
[haproxy] Support other HAProxy configurations
This can be used by setting up HAPROXY_CONF in dd.conf, which will
determine which config file will be used.

We also add haproxy.proxy-protocol.conf which is cleaner than
haproxy.conf and allows the PROXY protocol on certain ports.
With this setup it is possible to e.g. run DD without a public IPv4
address by proxying it from an edge server.
2022-08-30 20:47:42 +02:00
Evilham 3f08973d7c
[wordpress] Reduce diff / upstream contribution
Now that https://github.com/keycloak/keycloak/pull/12966 has landed on
keycloak we can use that commit as a base for our file, therefore
reducing the resulting diff.
2022-08-29 12:08:42 +02:00
Evilham 78b0254ba0
DD education workspace
DD is the education workspace generated within the framework of Xnet's
Democratic Digitalisation Plan. It has been created and powered by Xnet,
families and promoting centres, IsardVDI, 3iPunt, MaadiX, eXO.cat,
Evilham and funded by the Directorate for Democratic Innovation, the
Barcelona City Council's Digital Innovation Commissioner, Social Economy
Commissioner, in collaboration with the Barcelona Education Consortium,
aFFaC and AirVPN.

DD can be used freely as long as this footer is included and the AGPLv3
license (https://www.gnu.org/licenses/agpl-3.0.en.html) is respected.

Trobareu meś informació en català a la documentació:
[https://dd.digitalitzacio-democratica.xnet-x.net/docs/index.ca/](https://dd.digitalitzacio-democratica.xnet-x.net/docs/index.ca/).

Más información en castellano en la documentación:
[https://dd.digitalitzacio-democratica.xnet-x.net/docs/index.es/](https://dd.digitalitzacio-democratica.xnet-x.net/docs/index.es/).

More info in English in the documentation:
[https://dd.digitalitzacio-democratica.xnet-x.net/docs/](https://dd.digitalitzacio-democratica.xnet-x.net/docs/).

We thank the help of Miriam Carles, Cristian Ruiz, Anna Francàs,
Christopher Millard.
2022-07-10 12:15:47 +02:00