| Age | Commit message (Collapse) | Author |
|---|
|
* More robust application of access permissions
We were in particular missing directory traversal `+X` in our current recommendations.
Extracted to own shell script so it can easily be invoked.
Update access permissions in Docker to account to be more robust.
#fix https://github.com/FreshRSS/FreshRSS/discussions/5037
* Minor simplification
* Restrict mkdir permissions
Default mkdir permissions are 0777, which is not good for security, so downgrade to 0770.
|
|
* Safer timezone set
Add missing tzdata in Docker :newest
Fallback to UTC if no timezone is defined at all
#fix https://github.com/FreshRSS/FreshRSS/pull/4906#issuecomment-1386747169
* Better refactoring
Show fallback timezone everywhere
|
|
* API avoid logging passwords
* Strip passwords and tokens from API logs
* Only log failed requests information when in debug mode
* Remove debug SHA
* Clean also Apache logs
* Better comments
* Redact also token parameters
* shfmt
* Simplify whitespace
* redacted
|
|
To ease adding custom extensions such as in https://github.com/FreshRSS/Extensions/issues/37#issuecomment-1363474585
|
|
* Docker Alpine timezone for :newest and :oldest
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/4903
Forgot the development images Newest and Oldest
* Uniform timezone behaviour
* shellcheck
* A bit more documentation
|
|
Allow setting the timezone with a `TZ` environment variable in our Alpine-based Docker images just like for our Debian-based Doker images.
See https://github.com/FreshRSS/FreshRSS/discussions/4898#discussioncomment-4245991
|
|
* Docker Alpine 3.17
Update alternative Docker image to Alpine 3.17 with PHP 8.1.12 (and still Apache 2.4.54)
https://alpinelinux.org/posts/Alpine-3.17.0-released.html
* Fix developer access rights
Put developer in www-data group
|
|
I have just received an e-mail with a security concern.
Although most likely an obsolete concern (old browsers with Java applets), and the Apache team saying that there is no problem, let's disable the TRACE method by default in our Docker images until we hear anybody actually wanting this feature.
https://httpd.apache.org/docs/current/mod/core.html#traceenable
https://owasp.org/www-community/attacks/Cross_Site_Tracing
|
|
Drop PHP 7.0- as planned https://github.com/FreshRSS/FreshRSS/discussions/3321#discussioncomment-835704
|
|
* Added PHP extensions `php-openssl` (used by PHPMailer) and php-xml (used by SimplePie)
* Upgraded dev image `freshrss/freshrss:newest` to PHP 8.2.
|
|
Remove output buffering during auto-install of FreshRSS and auto-creation of the default user.
We were only getting outputs at the end of each command, which was a problem for getting errors and progress, for instance when automatically importing a very large OPML
|
|
* Docker readme volume for extensions
Forgotten from https://github.com/FreshRSS/FreshRSS/pull/4320
Keeping https://github.com/FreshRSS/FreshRSS/pull/2837
* Minor whitespace
* No extension volume for development
|
|
https://alpinelinux.org/posts/Alpine-3.16.0-released.html
Apache 2.4.53, PHP 8.0.19
|
|
* Custom logo HTML
Add option for custom HTML logo/title in the main Web UI view.
Can potentially be different per user.
#fix https://github.com/FreshRSS/FreshRSS/pull/3830/files#r850472247
* logo_html in main config
With new `./data/config.custom.php` to provide custom values before install
* Docker documentation
* whitespace
* Auto relax CSP to allow images for HTML logo
* Documentation
|
|
* Update Docker readme
#fix https://github.com/FreshRSS/FreshRSS/issues/3351
* A few more headers
https://github.com/FreshRSS/FreshRSS/issues/3649
https://doc.traefik.io/traefik/middlewares/http/headers/
* Another docker logs example
* More uniform
* Minor details
|
|
* Use typographic quotes
* A few fixes
* Fix
* Fix not saved
* Implement feedback
* Detail
* Revert spoken English fixes
Left for a future dedicated discussion
* More reverts
* Final reverts
* Final minor
|
|
(#4134)
|
|
* Docker :newest Alpine PHP 8.1
Update our `:newest` development image to use PHP 8.1 in alpine:edge
* Increase memory for tests
|
|
Related to https://github.com/FreshRSS/FreshRSS/issues/4073
In our Docker configuration, `.htaccess` files are included only once at startup. The one for themes was missing.
|
|
Alpine 3.15 with PHP 8.0.13 and Apache 2.4.51
https://alpinelinux.org/posts/Alpine-3.15.0-released.html
|
|
Should be done during build and not during entrypoint, to avoid modifying a potential volume (e.g. mounting the source code as a volume is used during development).
|
|
#fix https://github.com/FreshRSS/FreshRSS/pull/3927/files#r735146297
The path `/var/www/FreshRSS/` might be a Docker volume, breaking files created there during Docker build
|
|
Adding the crontab as part of the image build makes it more complicated
to add custom entries to the crontab. Adjusting the image and entrypoint
to make it so that the crontab is only added when CRON_MIN is set
simplifies having a custom crontab.
|
|
* Improved markdownlint
* Relaxed rules slighlty
* `npm run markdownlint` for automatic tests
* `npm run markdownlint_fix` for automatic syntax fixing
* Applied the fixes on all our Markdown files
|
|
FreshRSS switched to Debian as the parent For the Image but there
were still a couple references in the README to Ubuntu.
|
|
PHP 7.4.21, Apache/2.4.48
|
|
* Add .env file for docker-compose (fix #3755)
Adding a .env has the advantage that the configuration can be stored in a separate file and it'll be possible to just get the newest docker-compose.yml file.
* Update documentation for the .env file
* Update Docker/README.md
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
|
|
|
|
https://alpinelinux.org/posts/Alpine-3.14.0-released.html
* Apache updated to Apache/2.4.48 (from 2.4.46) https://downloads.apache.org/httpd/CHANGES_2.4.48
* PHP updated to PHP 8.0.8 (from 8.0.2) https://www.php.net/ChangeLog-8.php#8.0.8
|
|
* Drop PHP5 and IE11
https://github.com/FreshRSS/FreshRSS/discussions/3321
Our Docker :oldest is now based on Alpine 3.5 (2016-12-22)
* More uniform
* More changelog
|
|
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3495
|
|
alpine:3.13 require php5-openssl for some https features.
Otherwise, fail on e.g. the extension page:
```
file_get_contents(): php Unable to find the wrapper "https" - did you
forget to enable it when you configured PHP? in
/var/www/FreshRSS/app/Controllers/extensionController.php on line 45
PHP Warning:
file_get_contents(https://raw.githubusercontent.com/FreshRSS/Extensions/master/extensions.json):
failed to open stream: No such file or directory in
/var/www/FreshRSS/app/Controllers/extensionController.php on line 45
[error] --- Could not fetch available extension from GitHub
```
Does not seem required for newer Alpine versions using PHP7 / PHP8
|
|
* Fix nginx config
* Remove `proxy_cookie_path`
* Add `proxy_set_header X-Forwarded-Prefix` for the subdirectory config
* Add nginx config when hosted as domain root
* Add `/` at the end of `proxy_pass`
|
|
* Docker: Alppine 3.13 with PHP 8
PHP 8.0.1, Apache 2.4.46
Bug https://bugs.php.net/bug.php?id=78681 fixed in Alpine, so workaround
removed from our Dockefile(s)
Supports MySQL 8+
#fix https://github.com/FreshRSS/FreshRSS/issues/3191
* Changelog
* Update CHANGELOG.md
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
|
|
* Possiblity to autoinstall in Docker Compose
#fix https://github.com/FreshRSS/FreshRSS/issues/3349
It is simply calling our existing CLI: do-install.php and
create-user.php
https://github.com/FreshRSS/FreshRSS/tree/master/cli
FreshRSS will typically be ready a few seconds before the database, so
introduce a tolerance when the database is not available / up (yet) by
trying a few times to connect. Also useful to avoid service interruption
when DB service is restarted.
Example:
```yml
freshrss-app:
image: freshrss/freshrss
container_name:
freshrss-app
hostname: freshrss-app
restart: unless-stopped
ports:
- "8080:80"
depends_on:
- freshrss-db
volumes:
- data:/var/www/FreshRSS/data
-
extensions:/var/www/FreshRSS/extensions
environment:
CRON_MIN:
'*/20'
FRESHRSS_ENV: development
FRESHRSS_INSTALL: |-
--api_enabled
--base_url https://rss.example.net
--db-base freshrss
--db-host freshrss-db
--db-password
freshrss
--db-type pgsql
--db-user freshrss
--default_user admin
--language en
FRESHRSS_USER: |-
--api_password freshrss
--email user@example.net
--language en
--password freshrss
--user admin
TZ:
Europe/Paris
```
* Minor type f in find
* shellcheck
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3341
New environment variable `LISTEN='0.0.0.0:8080'`
```
docker run -d --network host --uts host -e LISTEN='0.0.0.0:8080' -e
TZ=Europe/Paris --name freshrss freshrss/freshrss
```
|
|
* Docker new :Edge image
New optional Docker image to test upcoming software versions, using
Alpine:Edge
Similar than https://github.com/FreshRSS/FreshRSS/pull/3274 (oldest
image) but for newest.
Usefull for e.g. testing PHP8
https://github.com/FreshRSS/FreshRSS/issues/3082 , MySQL 8
https://github.com/FreshRSS/FreshRSS/issues/3191
* Syntax if symlink already exists in future edge
* Rename to newest
Better match our "Oldest" version, and to avoid conflicts with the
potential renaming of our master branch
* Update Docker/Dockerfile-Newest
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
|
|
Add a Docker file, which can be used to test FreshRSS with our oldest
supported PHP version.
See
https://pkgs.alpinelinux.org/packages?name=php5&branch=v3.4&arch=x86_64
PHP 5.6.36-r0
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3233
In Alpine, we need to enable mod_logio.c to use %O. Revert to more
standard %b
https://httpd.apache.org/docs/2.4/mod/mod_log_config.html#logformat
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3224
Log the client remote IP instead of the local proxy IP
https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html
|
|
* Update Dockerfile
Remove heathcheck
* Update Dockerfile-Alpine
Remove heathcheck
* Update Dockerfile-QEMU-ARM
Remove heathcheck
|
|
https://github.com/FreshRSS/FreshRSS/pull/3159
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3026
Ubuntu 19.10 has expired.
I still cannot get Ubuntu 20.04 to work on ARM (Raspberry Pi) https://github.com/FreshRSS/FreshRSS/pull/2943
Move to Debian 10 Buster instead of our current Ubuntu 19.10 (which was based on Debian 10 Buster).
|
|
This proposed change includes tweaks to the names of the services and volumes, and adds an explicit label to the postgres and freshrss containers.
Using a more generic "freshrss-db" instead of "freshrss_postgresql" seems more standard among other docker projects and makes it a bit easier to switch databases later.
Removing the "freshrss_" prefix from the volume names solves a problem where the docker-compose automatically prepends a "project name" to volume names upon running "up". So if your docker-compose.yml file is stored in a folder named "freshrss", you would end up with a redundant volume name of "freshrss_freshrss_data".
This also adds a restart policy to the db container.
|
|
https://alpinelinux.org/posts/Alpine-3.12.0-released.html
With PHP 7.3.18 (from 7.3.17) (and Apache 2.4.43 unchanged).
No other significant change spotted
|
|
|
|
|
|
cron job was not passed the environment variable FRESHRSS_ENV as it
should
This resulted in messages during cron to not be logged according to
FRESHRSS_ENV level
|
|
* Fix tty error on cron with docker
* remove interactive option in cron command
|
Alexandre Alapetite
Thomas Renes
Chris Francy
caminsha
proletarius101
Creak
Jucgshu
Germs2004
Marien Fressinaud
Mike Vanbuskirk
pofilo
