Commits · 91cf2d1f191f3858587656bf14d583f9bd78c4d9 · Ivan Tyagov / slapos

06 Oct, 2023 1 commit

software/theia: require credentials to serve the manifest · 91cf2d1f

Jérome Perrin authored Oct 05, 2023

favicon, manifest and service worker do not need to be public, for
manifest it's required to explicitly make the link use credential.

91cf2d1f

05 Oct, 2023 2 commits
- component/theia: version up theia 1.42.1 · 81775aec
  Jérome Perrin authored Sep 29, 2023
```
also update related python packages in stack/slapos.cfg
```
  81775aec
- component/nodejs: version up 18.18.0 · 949e79e3
  Jérome Perrin authored Sep 26, 2023
```
adjust peertube to explicitly use 16.19.0 as this version does not
support nodejs 18

drop some unused versions
```
  949e79e3
04 Oct, 2023 3 commits
- component/git: version up 2.42.0 · e5892c7a
  Jérome Perrin authored Sep 26, 2023
  
  e5892c7a
- stack/slapos.cfg: version up eggs (requests 2.31.0 and friends) · 1c4a3c69
  Jérome Perrin authored Oct 04, 2023
  
  1c4a3c69
- software/mail-server: remove PID files created by dovecot and postfix · cfd38dbe
  Joanne Hugé authored Oct 04, 2023
  
  cfd38dbe
02 Oct, 2023 2 commits
- Publish IPv6 URL to SlapOs master. · 6e8b97ee
  Ivan Tyagov authored Oct 02, 2023
```
See merge request nexedi/slapos!1438
```
  6e8b97ee
- Publish IPv6 URL to SlapOs master. · 5eac88ee
  Ivan Tyagov authored Oct 02, 2023
  
  5eac88ee
29 Sep, 2023 3 commits

software/re6stnet: fix restart of registry · 87b81684
Thomas Gambier authored Sep 29, 2023
```
this is a fixup of 54a08186
```
87b81684
component/glib: fix compilation on older Debian · e0944b42
Thomas Gambier authored Sep 29, 2023

e0944b42

component/binutils: fix compilation on OBS · 8b82cdb1

Thomas Gambier authored Sep 29, 2023

For slapos-node package compilation, we use DESTDIR pointing to temp
location and PREFIX pointing to future /opt/slapos.

Without this commit, bison look at wrong directory for data:

bison: cannot open file `/opt/slapos/parts/bison/share/bison/m4sugar/m4sugar.m4'

8b82cdb1

28 Sep, 2023 3 commits

component/firewalld: fix compilation of gobject-introspection · 5f086912
Thomas Gambier authored Sep 28, 2023

5f086912

stack/erp5: serve balancer requests when client certificate is not verified · d58bbbba

Jérome Perrin authored Sep 21, 2023

We configure haproxy with "verify optional", which makes haproxy request
a client certificate, but accept the case where client does not present
a certificate, but as described in [1], if client present a certificate
and this certificate can not be verified, handshake is aborted. This is
not what we want, we want to treat the case of a non verified
certificate same as the case of the absence of certificate.

This configures haproxy accordingly, using "crt-ignore-err all" to allow
handshake anyway.

Once this was fixed, there was a remaining problem with
client_cert_verified acl, haproxy acl are OR, but this rule was supposed
to be a AND (client present a certificate AND it is verified), this was
rewritten to use inline condition which are AND.

[1]: https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.1-verify

Also adjust test_x_forwarded_for_stripped_when_no_certificate to assert
that there is no X-Forwarded-For header at all when no client
certificate.

d58bbbba

stack/slapos: Version up slapos.core 1.10.3 · 2ffda605
Xavier Thompson authored Sep 28, 2023

2ffda605

27 Sep, 2023 9 commits
- component/webp: version up 1.3.2, including security fixes. · e1878f14
  Kazuhiko Shiozaki authored Sep 27, 2023
  
  e1878f14
- component/imagemagick: disable webp. · e6f167ad
  Kazuhiko Shiozaki authored Sep 27, 2023
  
  e6f167ad
- component/gdap: disable webp. · 1051a53a
  Kazuhiko Shiozaki authored Sep 27, 2023
  
  1051a53a
- component/pillow: disable webp. · ca571293
  Kazuhiko Shiozaki authored Sep 27, 2023
  
  ca571293
- component/leptonica: disable webp. · fbcab202
  Kazuhiko Shiozaki authored Sep 27, 2023
  
  fbcab202
- software/ors-amarisoft: update slapos-render-config.py parameters · 525c02f6
  Joanne Hugé authored Sep 27, 2023
  
  525c02f6
- software/ors-amarisoft: fix option name for max upload · 6df76e7c
  Thomas Gambier authored Sep 27, 2023
  
  6df76e7c
- stack/erp5: backport Zope fix (Username not in access log for error requests) · 83f2436c
  Jérome Perrin authored Sep 19, 2023
  
  83f2436c
- stack/erp5: version up Zope 4.8.9 · b48b0ed7
  Jérome Perrin authored Sep 26, 2023
  
  b48b0ed7
26 Sep, 2023 4 commits

stack/erp5: disable innodb_change_buffering for safety. · d3ce078f
Kazuhiko Shiozaki authored Sep 26, 2023
```
See merge request nexedi/slapos!1433
```
d3ce078f

stack/erp5: disable innodb_change_buffering for safety. · c395c272

Kazuhiko Shiozaki authored Sep 26, 2023

  https://archive.fosdem.org/2023/schedule/event/innodb_change_buffer/
  https://jira.mariadb.org/browse/MDEV-27734
  https://mariadb.com/kb/en/innodb-change-buffering/

c395c272

monitor: Allow httpd to restart after the sever reboot from poweroff · ee35dc1c

Boxiang Sun authored Aug 09, 2023

If a server reboots brutally, there will be a legacy httpd pid file stay
in the file system, and the OS may reuse the PID that remains in that
file, which will cause httpd service to fail to start even if there is
no such httpd service is running.

This commit implemented the following logic:
0. If there is no existing PID file, then run the httpd service directly
1. If the PID file exists and contains the PID used by another process,
we delete the PID file, then restart the httpd service
2. If the PID file exists and contains the PID used by another running
httpd service, we allow the httpd report the "already running" error
normally

ee35dc1c

software/re6stnet: restart registry when configuration changes · 54a08186
Thomas Gambier authored Sep 21, 2023

54a08186

25 Sep, 2023 2 commits
- stack/erp5: version up Products.PluginRegistry 1.11 for Zope4 ZMI. · 31300998
  Kazuhiko Shiozaki authored Sep 25, 2023
```
This is the last version supporting python 2.7.
```
  31300998
- Implement ors-amarisoft for lopcomm RU · b9ce538e
  Lu Xu authored Sep 25, 2023
```
See merge request nexedi/slapos!1428
```
  b9ce538e
22 Sep, 2023 9 commits
- software/kvm: remove deprecate scsi disk-type from input schema · 9b80bf6c
  Lu Xu authored Sep 22, 2023
  
  9b80bf6c
- software/ors-amarisoft: update changelog.rst · 8baf732e
  Lu Xu authored Sep 22, 2023
  
  8baf732e
- software/ors-amarisoft: don't publish ssh unless for lopcomm · 9e019355
  Joanne Hugé authored Sep 15, 2023
  
  9e019355
- software/ors-amarisoft: remove lopcomm from 5G · 383ba496
  Joanne Hugé authored Sep 15, 2023
  
  383ba496
- software/ors-amarisoft: general improvement for RU (logs/promises/input parameters) · b32b4a8e
  Lu Xu authored Sep 14, 2023
  
  b32b4a8e
- software/ors-amarisoft: add firmware auto-upgrade over netconf · 48db30d9
  Lu Xu authored Sep 14, 2023
  
  48db30d9
- version up: libjpeg 9f, libzmq 4.1.6, perl-Image-ExifTool 12.60, subversion 1.14.2 · aff6a8d9
  Titouan Soulard authored Sep 22, 2023
  
  aff6a8d9
- update dead links · 00d9a3ba
  Titouan Soulard authored Sep 22, 2023
  
  00d9a3ba
- stack/slapos: version up slapos.toolbox 0.139 and 0.128.1 on py2 · 5a3896d9
  Jérome Perrin authored Sep 22, 2023
  
  5a3896d9
20 Sep, 2023 1 commit
- software/erp5/test: organize imports · 8772b31f
  Jérome Perrin authored Sep 17, 2023
  
  8772b31f
18 Sep, 2023 1 commit
- software/theia: add jq as a dependency · 3c8e9a00
  Titouan Soulard authored Sep 18, 2023
  
  3c8e9a00