Customized version of FreshRSS, a self-hosted RSS feed aggregator https://git.rdnlsmith.com/fresh-rss-custom/atom?h=1.22.0 2023-09-23T22:39:50+00:00 2023-09-23T22:39:50+00:00 Alexandre Alapetite alexandre@alapetite.fr 2023-09-23T22:39:50+00:00 urn:sha1:86d713478b25816340aebeeacca704f3aeee17af https://www.postgresql.org/about/news/postgresql-16-released-2715/ Watch out, there are no auto-updates between major versions 2023-09-09T09:15:09+00:00 Alexandre Alapetite alexandre@alapetite.fr 2023-09-09T09:15:09+00:00 urn:sha1:24be95756ff6946d3b4a3e1ccb0dfed844a8ead9 Remove obsolete parameter not needed anymore now that all our images are using PHP 8+ 2023-07-30T10:59:18+00:00 Alexandre Alapetite alexandre@alapetite.fr 2023-07-30T10:59:18+00:00 urn:sha1:e7689459f25663e00b4f5814a3608872ff36b582 * Rework trusted proxies Fix https://github.com/FreshRSS/FreshRSS/issues/5502 Follow-up of https://github.com/FreshRSS/FreshRSS/pull/3226 New environment variable `TRUSTED_PROXY`: set to 0 to disable, or to a list of trusted IP ranges compatible with https://httpd.apache.org/docs/current/mod/mod_remoteip.html#remoteiptrustedproxy New internal environment variable `CONN_REMOTE_ADDR` to remember the true IP address of the connection (e.g. last proxy), even when using mod_remoteip. Current working setups should not observe any significant change. * Minor whitespace * Safer trusted sources during install Rework of https://github.com/FreshRSS/FreshRSS/pull/5358 https://github.com/FreshRSS/FreshRSS/issues/5357 * Minor readme 2023-07-19T21:36:13+00:00 Zhaofeng Li hello@zhaofeng.li 2023-07-19T21:36:13+00:00 urn:sha1:c35a9ee061a31b5d4b19e63bbe9882a7ecdcb053 2023-07-16T12:50:42+00:00 otaconix stefanhetzwaantje@gmail.com 2023-07-16T12:50:42+00:00 urn:sha1:a066be93b0dbb70ead9b7ab758c332b764b98400 * Add OIDC_X_FORWARDED_HEADERS environment variable (fixes #5516) The mod_auth_oidc needs an additional directive (`OIDCXForwardedHeaders`) in case FreshRSS is running behind a reverse proxy, so it knows what host, protocol and port were used to access it. This information is then used in the `redirect_uri` when directing the user agent (browser) to the identity provider for authentication. Please note that, if you are running FreshRSS behind a reverse proxy that handles TLS, you may need to update your identity provider's configuration so it accepts `https://...` as a `redirect_uri`. * Add link to mod_auth_openidc's documentation for the OIDCXForwardedHeaders Apache configuration directive * Minor spelling --------- Co-authored-by: Stefan Zwanenburg <stefan@zwanenburg.info> Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> 2023-06-30T10:58:20+00:00 otaconix stefanhetzwaantje@gmail.com 2023-06-30T10:58:20+00:00 urn:sha1:fc579bd2bc5406abcaa9f8dfffe4232a2e256116 * Allow choosing the OIDC remote user claim and scopes to request from the identity provider * Added comment to explain how checking whether an environment variable is set is done * Use apostrophe's instead of single quotes for verb contractions in docs * Move variables used for checking presence of environment variables inside IfDefine block 2023-06-14T13:18:26+00:00 Alexandre Alapetite alexandre@alapetite.fr 2023-06-14T13:18:26+00:00 urn:sha1:644427b9b1a0cf525b84f4a2aac2d6a5a2f55045 Quiet output for a2enmod, a2dismod, a2disconf, a2dissite, a2ensite to avoid many messages the following, which are not even relevant because Apache is not yet started at this stage: ``` To activate the new configuration, you need to run: systemctl restart apache2 ``` Related to https://github.com/FreshRSS/FreshRSS/pull/5463 2023-06-14T13:18:03+00:00 Alexandre Alapetite alexandre@alapetite.fr 2023-06-14T13:18:03+00:00 urn:sha1:dd5a02106184e72e42c06a139793088ee955fb00 https://www.debian.org/releases/bookworm/ With PHP 8.2.5 and Apache 2.4.57 2023-06-13T14:28:51+00:00 Alexandre Alapetite alexandre@alapetite.fr 2023-06-13T14:28:51+00:00 urn:sha1:ae8dfc1b1b610eff36b7e1b004a60601e08da309 Only enable the Apache auth_openidc module when actually used Fix https://github.com/FreshRSS/FreshRSS/issues/5460 Follow-up of https://github.com/FreshRSS/FreshRSS/pull/5351 2023-06-12T08:22:46+00:00 Aaron Schif aaronschif@gmail.com 2023-06-12T08:22:46+00:00 urn:sha1:58b254f9cb923d5d0dfe53df4bca8a0f00bbcf0b * Add OIDC * Update documentation. * Update apache conf adding IfModule * Use IfDefine for OIDC in apache conf * Fix non-oidc support * Fix typing * Use IfDefine to enable OIDC * Add OIDC support to all dockerfiles * Re add apache Require option * Fixes and documentation * A few more fixes * A bit more doc * Change type of environment variable * Update readme * Correct apache config for OIDC support. * Fix README formatting * Update oidc control path * Fix oidc endpoint being cached * A bit more review * Simplify ExpiresActive * Add session refresh and improve caching * Allow more different setups * A bit more documentation * A bit more readme --------- Co-authored-by: Aaron Schif <aschif@netdevgroup.com> Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> Co-authored-by: maTh <math-home@web.de>