0ct0pu5/healthchecks
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3239 commits 2 branches 66 tags 26 MiB
Commit graph

3239 commits

This branch
This branch
All branches
Author SHA1 Message Date
Pēteris Caune
3d728325fe
Fix the SameSite and Secure attributes on the "auto-login" cookie 
The "auto-login" cookie is a part of a work-around for
some email clients automatically clicking links in emails:

- when sending an one-time sign-in link, server also sends the
  "auto-login" cookie to the client
- when end user clicks on the sign-in link, the server checks
  if client's request contains the "auto-login" cookie
- if the "auto-login" cookie is present, log the user in
- if the "auto-login" cookie is absent, serve a HTTP POST form
  with a submit button. The user must click the button to log in.

This commit fixes attributes on the "auto-login" cookie:

- it sets SameSite=Lax
- it sets Secure=true if SESSION_COOKIE_SECURE=True
 2023-02-15 09:17:09 +02:00
Pēteris Caune
c8750ad05b
Fix the signup form to work with httpOnly CSRF cookies 2023-02-14 14:20:27 +02:00
Pēteris Caune
8531ef89b5
Bump Django version to 4.1.7 2023-02-14 14:02:06 +02:00
Pēteris Caune
e46cf3725b
Add CSRF protection in the signup view 2023-02-14 09:15:46 +02:00
Pēteris Caune
f27e7c82a2
Optimize SQL query in hc.front.views.status 
Filter checks by project.id instead of project.code,
this avoids a JOIN in the query.
 2023-02-10 12:06:56 +02:00
Pēteris Caune
0d0087d898
Update Telegram notification template to include more data 2023-02-08 15:28:39 +02:00
Pēteris Caune
b1d47abd97
Fix tests when TELEGRAM_BOT_NAME has a custom value 2023-02-08 14:22:55 +02:00
Pēteris Caune
311f7064dc
Fix a race condition in Check.ping method 
The code in Check.ping() updates a Check object, then
creates a Ping object. There's a possible race condition
where the "sendalerts" command sees# the updated Check object
before the Ping object is created. This is especially likely
when offloading ping bodies to S3, because Ping gets created
*after* the upload completes, which can take some time.

To avoid this, put both operations inside a transaction,
but keep the S3 upload *outside* the transaction--uploads
can hang, and we want to avoid long transactions.
 2023-02-08 13:12:05 +02:00
Fabrizio Ferrai
9939e45c5a
Add body to Telegram notifications (#783) 
Add body to Telegram notifications

---------

Co-authored-by: Pēteris Caune <cuu508@gmail.com>
 2023-02-08 12:52:36 +02:00
Pēteris Caune
08849d6f22
Update Docker image's uwsgi.ini to use SMTPD_PORT env var 
Fixes: #791
 2023-02-07 13:38:05 +02:00
Pēteris Caune
42a47463f9
Add a note about private ips in the http_proxy section 2023-02-03 10:26:51 +02:00
Pēteris Caune
19383d0414
Improve the error message about rejected private IPs 2023-02-03 10:08:06 +02:00
Pēteris Caune
e79fc0bdc2
Fix Mattermost and Matrix icon display in dark mode 2023-02-01 13:59:47 +02:00
Pēteris Caune
ac354179ac
Upgrade to Django==4.1.6 2023-02-01 13:32:13 +02:00
Pēteris Caune
ba9ebc5a96
Update CHANGELOG 2023-02-01 13:25:15 +02:00
boopzz
55361d5ae2
Amended Mattermost class to include the BODY in the message (#785) 
Add last ping body in Mattermost notifications

---------

Co-authored-by: Pēteris Caune <cuu508@gmail.com>
 2023-02-01 13:22:54 +02:00
Pēteris Caune
8fa932470f
Improve the example in docs/attaching_logs.md 2023-02-01 12:11:24 +02:00
Pēteris Caune
73c46a7ac1
Add another example in docs/attaching_logs.md 2023-02-01 12:09:25 +02:00
Pēteris Caune
e995d299b8
Improve hc.lib.s3 tests 2023-02-01 10:25:17 +02:00
Pēteris Caune
3992c0927b
Add handling for ProtocolError exceptions in hc.lib.s3.get_object 2023-02-01 09:31:15 +02:00
Pēteris Caune
091310f34b
Add HiDPI Telegram setup illustrations 2023-01-30 15:37:42 +02:00
Pēteris Caune
114faf1d42
Improve type hints 2023-01-30 13:07:03 +02:00
Pēteris Caune
88325b4d90
Fix mypy warnings 2023-01-30 13:02:00 +02:00
Pēteris Caune
f4bd1d69f2
Fix URL validation to allow hostnames with no TLD 
Fixes: #782
 2023-01-30 11:19:51 +02:00
Pēteris Caune
09593c80d9
Fix a crash in the "createsuperuser" management command 
Fixes: #779
 2023-01-26 09:20:35 +02:00
Pēteris Caune
f406ce8d4d
Improve title 2023-01-25 14:08:31 +02:00
Pēteris Caune
7099305df5
Document exported metrics in Prometheus docs 2023-01-25 13:53:53 +02:00
Pēteris Caune
6c40ff8684
Update package versions 2023-01-24 09:14:20 +02:00
Pēteris Caune
1660e8076c
Remove unused bit 2023-01-24 09:06:02 +02:00
Pēteris Caune
d67144ed3a
Update CHANGELOG for release 2023-01-23 15:01:53 +02:00
Pēteris Caune
737405679f
Fix EmailLoginForm initialization 2023-01-23 14:53:49 +02:00
Pēteris Caune
2cfb37f097
Add rate limiting by client IP in the signup and login views 2023-01-23 14:35:45 +02:00
Pēteris Caune
359edbd270
Fix login and signup views to make email enumeration harder 2023-01-23 13:05:49 +02:00
Pēteris Caune
e8c226220a
Upgrade to django==4.1.5 2023-01-23 13:05:46 +02:00
Pēteris Caune
58c6bd0a86
Create SECURITY.md 
Fixes: #777
 2023-01-21 11:20:19 +02:00
Pēteris Caune
a9b084ec9a
Add "Start Keyword" filtering for inbound emails 
Fixes: #716
 2023-01-16 13:19:35 +02:00
Pēteris Caune
f849c5e1a1
Fix wording in the invite email when inviting read-only users 2023-01-12 10:14:18 +02:00
Pēteris Caune
4716168da2
Fix check transfer between same account's projects when at check limit 2023-01-12 09:46:02 +02:00
Pēteris Caune
a161498e85
Tighten Signal number verification rate limiting 2023-01-11 15:33:04 +02:00
Pēteris Caune
188b261000
Improve the "Send test message!" button 2023-01-11 14:50:01 +02:00
Pēteris Caune
8d06a3e896
Add a "verify number" step in the Signal onboarding flow 2023-01-10 12:54:25 +02:00
Pēteris Caune
39baf36340
Update the bundled dashboard to use api v2 2022-12-22 16:40:16 +02:00
Pēteris Caune
afbce84731
Reduce SQL queries in "status_single", "details", "log" views 2022-12-22 14:35:24 +02:00
Pēteris Caune
2bf0d0dbc5
Fix special character encoding in project invite emails 2022-12-22 12:05:37 +02:00
Pēteris Caune
18c17fb4b5
Fix project sort order to be case-insensitive everywhere in the UI 
Fixes: #768
 2022-12-22 11:39:20 +02:00
Pēteris Caune
d19156801f
Fix special character encoding in Signal notifications 
Fixes: #767
 2022-12-21 15:58:52 +02:00
Pēteris Caune
a49bc4ef3a
Fix the Signal integration to handle unexpected RPC messages better 
Fixes: #763
cc: #758
 2022-12-21 12:18:03 +02:00
Pēteris Caune
70a7024cf2
Remove support for obsolete signal-cli versions 
Due to Signal server-side changes, signal-cli versions
before 0.11.2 do not work any more. Hence there is no point
supporting them.
 2022-12-21 10:43:25 +02:00
Pēteris Caune
bc19f87be5
Improve signal-cli instructions in README 2022-12-21 10:30:39 +02:00
Pēteris Caune
ad481cf932
Optimize pagertree setup illustrations 2022-12-21 09:53:42 +02:00