148 commits

Author	SHA1	Message	Date
Nicola Murino	b989cdabe5	set version to 2.4.2 ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-11-25 15:06:12 +01:00
Nicola Murino	54f1946aba	OIDC: allow to skip JWT signature validation ... It's intended for special cases where providers,such as Azure, use the "none" algorithm Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-10-19 18:38:09 +02:00
Nicola Murino	4b4edef0ad	disable self connections by default ... now that the event manager can create files, self connections may create even more issues than before Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-10-12 18:12:12 +02:00
Nicola Murino	8a43486730	postgres driver: add multi hosts support ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-10-02 12:43:26 +02:00
Nicola Murino	76e89d07d4	add support for inter-node communications ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-09-25 19:48:55 +02:00
Nicola Murino	7ae9303c99	allow to disable REST API ... Fixes #987 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-09-22 17:27:00 +02:00
Nicola Murino	3ebdfa9b2d	data providers: allow to disable SNI for TLS connections ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-09-07 14:31:50 +02:00
Nicola Murino	6bfdf941bc	webdav: allow to disable the WWW-Authenticate header ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-08-02 19:06:49 +02:00
Nicola Murino	fdc10aa6c7	CORS: add support for more parameters ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-08-02 18:44:34 +02:00
Nicola Murino	e6bfbcd489	OIDC: allow to debug the received id_token ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-07-22 11:11:35 +02:00
Nicola Murino	d5946da1e2	OIDC: allow to enable only OIDC login for Web UIs ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-07-19 22:25:00 +02:00
Nicola Murino	b5894b257f	try to better highlight donations and sponsorships options ... ... ... and to better explain why they are required. Please don't say "someone else will help the project, I'll just use it" Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-07-11 16:14:44 +02:00
Nicola Murino	1b8f94c08f	add event manager ... auto backup removed from setting. You can now schedule backups with the event manager Fixes #762 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-07-11 08:17:36 +02:00
Nicola Murino	9a6b1a1315	Fix issues found in PR #887 ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-06-25 10:42:17 +02:00
Andre Mainka	90009a649d	Allow OAuth Scope to be configured (#887) ... Signed-off-by: BobSilent <andre_1@gmx.net>	2022-06-25 10:40:39 +02:00
Nicola Murino	93ce593ed0	squash database migrations and remove the credentials_path setting ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-06-13 20:08:49 +02:00
Nicola Murino	b774289c6d	change default value for naming_rules to 1 ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-06-03 16:09:02 +02:00
Nicola Murino	f6b11c2d01	httpd/webdav: allow to configure trusted proxy header and depth ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-28 19:47:23 +02:00
Nicola Murino	32da923dfe	httpd: add a setting to customize tokens validation ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-28 13:28:50 +02:00
Nicola Murino	7c724e18fe	add support for ACME compliant certificate authorities ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-27 07:39:55 +02:00
Nicola Murino	90c21458b8	OIDC: add support for implicit roles ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-22 14:38:25 +02:00
Nicola Murino	1a33b5bb53	allow different TLS certificates for each binding ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-21 16:34:47 +02:00
Nicola Murino	0ecaa862bd	web UIs: allow to replace the default CSS ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-21 11:05:58 +02:00
Nicola Murino	751946f47a	allow to customize timeout and env vars for program based hooks ... Fixes #847 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-20 19:30:54 +02:00
Nicola Murino	5d7f6960f3	web UIs: add branding support ... Fixes #829 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-13 19:40:52 +02:00
Nicola Murino	4995cf1b02	defender: allow to load blocklist/safelist also from config/env vars ... Fixes #831 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-05-13 14:46:07 +02:00
Nicola Murino	ecd488a840	data provider: remove prefer_database_credentials ... Google Cloud Storage credentials are now always stored within the data provider. Added a migration to read credentials from disk and store them inside the data provider. After v2.3 we can also remove credentials_path Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-28 12:55:01 +02:00
Nicola Murino	cacfffc5bf	OIDC: add support for custom fields ... These fields can be used in the pre-login hook to implement custom logics Fixes #787 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-12 19:31:25 +02:00
Nicola Murino	f9d8b83c2a	sshd: disable by default ssh-rsa host key algo ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-04 18:52:19 +02:00
Nicola Murino	55f8171dd1	sshd: add support for host key certificates ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-04-01 08:03:56 +02:00
Nicola Murino	a7b159aebb	ssh user certs: add a revoked list ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-31 21:49:06 +02:00
Nicola Murino	5cccb872bb	add support to redirect HTTP to HTTPS ... Fixes #777 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-26 10:00:02 +01:00
Nicola Murino	93b9c1617e	web UI: allow to load custom css ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-19 21:44:27 +01:00
Nicola Murino	d9f30e7ac5	add a global whitelist ... if defined only the listed IPs/networks can access the configured services, all other client connections will be dropped before they even try to authenticate Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-17 22:10:52 +01:00
Nicola Murino	7e7f662a23	ensure that defaults defined in code match the default config file ... Fixes #754 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-14 10:42:14 +01:00
Nicola Murino	0bec1c6012	change the default value for prefer_database_credentials to true ... ... ... and deprecate this setting. In the future we'll remove prefer_database_credentials and credentials_path and we will not allow the credentials to be saved on the filesystem Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-13 14:29:11 +01:00
Nicola Murino	5582f5c811	data provider: add automatic backups ... Automatic backup are enabled by default, a new backup will be saved each day at midnight. The backups_path setting was moved from the httpd section to the data_provider one, please adjust your configuration file and or your env vars Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-03-13 13:45:07 +01:00
Nicola Murino	dcc3292dbc	web setup: add an optional installation code ... The purpose of this code is to prevent anyone who can access to the initial setup screen from creating an admin user Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-27 13:08:47 +01:00
Nicola Murino	f1a255aa6c	httpd: allow to restrict allowed hosts ... ... ... and to add security headers to the responses Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-17 18:22:27 +01:00
Nicola Murino	1fccd05e9e	allow to configure the minimum version of TLS to be enabled ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 15:56:07 +01:00
Nicola Murino	66945c0a02	Web UIs: add OpenID Connect support ... Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-02-13 14:30:20 +01:00
Nicola Murino	02db00d008	dataprovider: add naming rules ... naming rules allow to support case insensitive usernames, trim trailing and leading white spaces, and accept any valid UTF-8 characters in usernames. If you were enabling `skip_natural_keys_validation` now you need to set `naming_rules` to `1` Fixes #687 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-31 18:01:37 +01:00
Nicola Murino	fb2d59ec92	data provider: add config options for certs validation/authentication ... Fixes #682 Signed-off-by: Nicola Murino <nicola.murino@gmail.com>	2022-01-30 18:04:03 +01:00
Nicola Murino	7d8823307f	defender: add provider driver ... Fixes #616	2021-12-25 12:08:07 +01:00
Nicola Murino	bedc8e288b	web client: add support for integrating external viewers/editors	2021-12-03 18:33:08 +01:00
Nicola Murino	0f8170c10f	improve some docs and disable telemetry server by default	2021-11-29 17:58:10 +01:00
Nicola Murino	4652f9ede8	FTPD: allow to set different passive IPs based on the client's IP address	2021-11-25 12:45:09 +01:00
Nicola Murino	8a8298ad46	web client: improve file upload	2021-11-22 12:25:36 +01:00
Nicola Murino	3d6b09e949	REST API: expose OpenAPI schema and render it using Swagger UI ... Fixes #609	2021-11-21 09:32:51 +01:00
Nicola Murino	0833b4698e	httpd service: add CORS support	2021-11-13 23:14:50 +01:00