Commit Graph

45 Commits (d37b4dfa6a7e39c6372743f6aad317638c8bb97e)

Author SHA1 Message Date
Evilham cdfa4c5724
[api] Give operators the ability to easily add custom CSS
This enables various use-cases like custom icons and other personalisations.
2022-12-10 11:53:28 +01:00
Evilham 08ed2bb1bb
[moodle] Configure cookies to be HttpOnly
This is done with the cookiehttponly config set to 1.
2022-12-02 10:32:54 +01:00
Evilham c0c5ee79fc
[dd-ctl] Unify for loops for apps that have to be disabled 2022-11-24 21:55:46 +01:00
Evilham c38bf4caba
[dd-ctl] Remove leftover setup of dd-waf env
This is not needed since waf-modsecurity lives in dd-sso now.
2022-11-24 21:55:35 +01:00
Roger Garcia 8110da578b
Added disabled option in ClamAV 2022-11-24 21:55:29 +01:00
Roger Garcia 4de82fc041
Conditionally enable/disable ClamAV 2022-11-24 21:54:17 +01:00
Roger Garcia 07913ff7f8
Added clamav configuration in nextcloud 2022-11-24 16:35:09 +01:00
Roger Garcia fcfd5265a1
Added clamav image and configuration 2022-11-24 16:35:09 +01:00
Evilham 09fec74915
[WAF] Consolidate proxies and documentation
The environment / dd.conf variables: PROXY_PROTOCOL and DISABLE_WAF
determine how DD and HAProxy will behave.

- PROXY_PROTOCOL: whether or not the PROXY protocol will be accepted
- DISABLE_WAF: whether or not WAF will be enabled

This simplifies maintenance, as well as the overall architecture and operation.

While at it, we now publish images for DD's HAProxy as well.
2022-11-24 12:54:46 +01:00
Manuel Caballero e6325c9618
enable and disable modsecurity env_var 2022-11-24 10:01:37 +01:00
Manuel Caballero 8050fb4fe4
fix shellcheck docker-compose command 2022-11-24 10:01:37 +01:00
Manuel Caballero 392f8e0ee9
Volume to modsecurity 2022-11-24 10:01:37 +01:00
Manuel Caballero c19872dadb
update README.md 2022-11-24 10:01:37 +01:00
Manuel Caballero d3c78c5bb0
config vhost and dd rules modsecurity on volumen 2022-11-24 10:01:37 +01:00
Manuel Caballero 5f1d0acf27
update documentation 2022-11-24 10:01:37 +01:00
Manuel Caballero 26728a3c72
configure deploy modsecurity 2022-11-24 10:01:37 +01:00
Manuel Caballero 2395789c9d
update readme 2022-11-24 10:01:36 +01:00
Manuel Caballero fcff698f6f
exclude rules 2022-11-24 10:01:36 +01:00
Manuel Caballero e2815d8151
update path and fix write error 2022-11-24 10:01:36 +01:00
Manuel Caballero b10178f0f7
Initial config modsecurity 2022-11-24 10:01:35 +01:00
Evilham 596bc4ef5d
[dd-ctl] Actually pull images, else we might not use them
This performs a pull on docker-compose build as well
2022-11-23 20:51:27 +01:00
Evilham 75e314ff7e
[NC] Remove jQuery dependency for theme's navbar.js
It wasn't really necessary and could lead to the whole megamenu not
being loaded under certain circumstances.
2022-11-13 10:03:47 +01:00
Evilham f355b160a1
Revert "DD- facilita la instalacion desde el dd-ctl"
This reverts commit bd27ef4b6a.

Which is generating various installation issues.
2022-11-13 10:02:24 +01:00
elena bd27ef4b6a
DD- facilita la instalacion desde el dd-ctl 2022-10-30 20:09:09 +01:00
Evilham 651d5f8e90
[dd-ctl] Fix previously introduced shellcheck issue
Caught in CI and introduced when disabling the circles app.
2022-10-30 20:04:49 +01:00
Evilham d2fb24379a
[nextcloud] Disable circles app
People get confused, and we really only use circles.
2022-10-18 11:05:11 +02:00
elena 089876ff28 moodle new atto plugin 2022-10-18 08:37:26 +00:00
elena 226d0f7861 new moodle plugins to install 2022-10-18 08:37:26 +00:00
Evilham 8cbff5b8c6
[saml] Rework SAML handling
This separates stages more efficiently, and we are e.g. able to
support newer versions of Nextcloud's SAML plugin.
2022-09-23 08:39:40 +02:00
Evilham 3ae974432a
[registry] Add dd-sso-admin as an image
This would be the first image that is already distributed directly
from the registry to improve setup and maintenance.
2022-09-22 12:48:13 +02:00
Evilham 3c53a5aead
[wp] Fix multisite installation
While there we also simplify DD by removing an the unnecessary wp-cli
container.
2022-09-22 12:40:31 +02:00
Evilham 7d7c2ddfcf
[containers] Add healthcheck for SSO redirections
This will help us catch issues in e.g. moodle, nextcloud and wp.
2022-09-22 11:52:15 +02:00
Evilham 397655232f
[dd-ctl] Moodle plugins install: reduce verbosity
This was polluting the logs making debugging difficult.
2022-09-06 19:37:29 +02:00
Evilham 66e009abff
[dd-ctl] Fix installation
By toying with the new CI we discover that:
Commit 075529f472 gets into an endless
loop:
    WARNING:root:Could not get moodle SAML2 crt certificate. Retrying...
See: https://ci.dd-work.space/#/builders/4/builds/62/steps/8/logs/stdio

But by reverting 52f99c38bb it works as
expected.
See: https://ci.dd-work.space/#/builders/4/builds/67/steps/8/logs/stdio

Upon investigation, we were not waiting for moodle to be fully up
because 'healthy' is a substring of 'unhealthy' and grep wasn't taking
that into account.
2022-09-06 19:35:23 +02:00
Evilham 08a36cce9f
[dd-ctl] Bundle up some docker commands
This ought to be faster and is easier to read.
2022-09-06 19:30:12 +02:00
Evilham 52f99c38bb
[shellcheck] Fix ShellCheck issues
Detected on the CI we are testing.
2022-08-30 14:41:19 +02:00
Evilham 5bb3afe2aa
[dd-ctl] Fix installations without docker
When we improved the update process, we introduced a deadlock when not
having docker.

By separating update from repo-update we can differentiate those cases:
- update: full update of an existing installation
- repo-update: bring repository to latest stand
2022-08-30 12:42:08 +02:00
Jose Antonio Exposito Garcia b58e43f5d4 install package in worpdress docker for plugin gsite 2022-08-26 12:55:06 +00:00
Evilham 3fa0d48858
[dd-ctl] Adapt update subcommand with all actions
This way existing installations can just run ./dd-ctl update and have a
working environment with the latest version.
2022-08-08 11:58:04 +02:00
Evilham e3b1513725
[dd-ctl] [moodle] Do not use plugin dd.conf vars
This was a bad design choice since it doesn't allow us to easily manage
the intended plugin version and therefore keep them up to date.

As a short-term mechanism, we change the used variables to have the
_OVERRIDE suffix and default in dd-ctl to the actual URLs, while also
removing them from dd.conf.sample.

This solves the issue in both current and future installations; in a
near future we want to have these dependencies in a .tsv file where they
can easily be managed.
2022-08-08 11:42:28 +02:00
Evilham 80ff9cce22
[dd-ctl] [nc] forms plugin branch + occ upgrade
When installing / upgrading plugins it is often the case that occ
upgrade needs to run.
2022-08-08 11:40:57 +02:00
Evilham 71237cabb6
[dd-ctl] Remove some docker calls 2022-08-03 10:29:25 +02:00
Evilham 74b209b55b
[dd-ctl] [nc] Add patches while they land upstream
See: https://github.com/nextcloud/mail/pull/6908
2022-07-30 23:05:51 +02:00
Evilham 4324812807
[correu] Add registration for SAML client 2022-07-28 16:28:47 +02:00
Evilham 78b0254ba0
DD education workspace
DD is the education workspace generated within the framework of Xnet's
Democratic Digitalisation Plan. It has been created and powered by Xnet,
families and promoting centres, IsardVDI, 3iPunt, MaadiX, eXO.cat,
Evilham and funded by the Directorate for Democratic Innovation, the
Barcelona City Council's Digital Innovation Commissioner, Social Economy
Commissioner, in collaboration with the Barcelona Education Consortium,
aFFaC and AirVPN.

DD can be used freely as long as this footer is included and the AGPLv3
license (https://www.gnu.org/licenses/agpl-3.0.en.html) is respected.

Trobareu meś informació en català a la documentació:
[https://dd.digitalitzacio-democratica.xnet-x.net/docs/index.ca/](https://dd.digitalitzacio-democratica.xnet-x.net/docs/index.ca/).

Más información en castellano en la documentación:
[https://dd.digitalitzacio-democratica.xnet-x.net/docs/index.es/](https://dd.digitalitzacio-democratica.xnet-x.net/docs/index.es/).

More info in English in the documentation:
[https://dd.digitalitzacio-democratica.xnet-x.net/docs/](https://dd.digitalitzacio-democratica.xnet-x.net/docs/).

We thank the help of Miriam Carles, Cristian Ruiz, Anna Francàs,
Christopher Millard.
2022-07-10 12:15:47 +02:00