FreshRSS (Customized)/Docker, branch 1.22.1

Export all environment variables to cron (#5772)

2023-10-29T21:18:06+00:00

fix https://github.com/FreshRSS/FreshRSS/issues/5770 Note, the syntax complying with https://www.shellcheck.net/wiki/SC2002 does not seem to work in ash / Alpine

Prepare Alpine OIDC (#5764)

2023-10-28T11:40:22+00:00

* Prepare Alpine OIDC * Prepare syntax for OpenID Connect in Alpine. * Update :newest Alpine development image to PHP 8.3 * Fix a little bug in test of OIDC_SCOPES * Changelog + syntax * shellchecks

OIDC_SCOPES compatibility colon (#5753)

2023-10-27T13:26:39+00:00

fix https://github.com/FreshRSS/FreshRSS/issues/5744

Use RemoteIPInternalProxy directive of remoteip Apache module (#5740)

2023-10-25T14:23:03+00:00

* Use RemoteIPInternalProxy directive of remoteip Apache module instead of RemoteIPTrustedProxy directive To allow internal IPs to be trusted: for internal clients, and also for the case of chained internal reverse-proxies Fixes #5726 * One last reference forgotten --------- Co-authored-by: Alexandre Alapetite

Avoid a warning on non-numeric TRUSTED_PROXY en var (#5733)

2023-10-25T13:57:27+00:00

* Update entrypoint.sh to avoid a warning on non-numeric TRUSTED_PROXY env var Fixes #5732 5732 * Use POSIX-compatible syntax * Fix POSIX syntax

docker-compose PostgreSQL 16 (#5661)

2023-09-23T22:39:50+00:00

https://www.postgresql.org/about/news/postgresql-16-released-2715/ Watch out, there are no auto-updates between major versions

Docker MySQL update doc (#5639)

2023-09-09T09:15:09+00:00

Remove obsolete parameter not needed anymore now that all our images are using PHP 8+

Rework trusted proxies (#5549)

2023-07-30T10:59:18+00:00

* Rework trusted proxies Fix https://github.com/FreshRSS/FreshRSS/issues/5502 Follow-up of https://github.com/FreshRSS/FreshRSS/pull/3226 New environment variable `TRUSTED_PROXY`: set to 0 to disable, or to a list of trusted IP ranges compatible with https://httpd.apache.org/docs/current/mod/mod_remoteip.html#remoteiptrustedproxy New internal environment variable `CONN_REMOTE_ADDR` to remember the true IP address of the connection (e.g. last proxy), even when using mod_remoteip. Current working setups should not observe any significant change. * Minor whitespace * Safer trusted sources during install Rework of https://github.com/FreshRSS/FreshRSS/pull/5358 https://github.com/FreshRSS/FreshRSS/issues/5357 * Minor readme

Docker: Add DATA_PATH to cron env (#5531)

2023-07-19T21:36:13+00:00

Add OIDC_X_FORWARDED_HEADERS environment variable (fixes #5516) (#5523)

2023-07-16T12:50:42+00:00

* Add OIDC_X_FORWARDED_HEADERS environment variable (fixes #5516) The mod_auth_oidc needs an additional directive (`OIDCXForwardedHeaders`) in case FreshRSS is running behind a reverse proxy, so it knows what host, protocol and port were used to access it. This information is then used in the `redirect_uri` when directing the user agent (browser) to the identity provider for authentication. Please note that, if you are running FreshRSS behind a reverse proxy that handles TLS, you may need to update your identity provider's configuration so it accepts `https://...` as a `redirect_uri`. * Add link to mod_auth_openidc's documentation for the OIDCXForwardedHeaders Apache configuration directive * Minor spelling --------- Co-authored-by: Stefan Zwanenburg Co-authored-by: Alexandre Alapetite