| Age | Commit message (Collapse) | Author |
|---|
|
* Update .htaccess
Add check for Apache mod_filter to ensure "AddOutputFilterByType" works.
* Explicit enabling mod_filter in our Docker images
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Minor doc
|
|
I just saw some users getting confused about the build section despite of the comment, so commented out by default
https://github.com/FreshRSS/FreshRSS/discussions/7246#discussioncomment-11908948
|
|
|
|
Use :3 instead of `3.0` to avoid having to update the documentation too often.
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/6401
|
|
* Adds BASE_URL to example .env file
I found without specifying a BASE_URL then the installation command gets confused
❌ FreshRSS error during installation!
FreshRSS error: invalid input: default-user cannot be empty
The provided example base url may not be desired, but the readme should be updated with 'something' to make first use more user friendly.
* Update Docker/README.md
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
PHP 8.3.14, Apache/2.4.62
https://alpinelinux.org/posts/Alpine-3.21.0-released.html
|
|
* Apache protect more non-public folders
* Also protect root
* Do the same for /p/
* Simplify Require all denied
In case of Apache 2.2, it will just make an error 500 instead of 403
* .htaccess.dist
* Simplify
* Better comment
|
|
https://www.postgresql.org/about/news/postgresql-17-released-2936/
|
|
Single `find` and single `sed` command instead of 3
|
|
* Docker LegacyKeyValueFormat
https://docs.docker.com/reference/build-checks/legacy-key-value-format/
* Also for devcontainer
|
|
* Upgrade to PHP 8.1
As discussed in https://github.com/FreshRSS/FreshRSS/discussions/5474
https://www.php.net/releases/8.0/en.php
https://www.php.net/releases/8.1/en.php
Upgrade to available native type declarations
https://php.net/language.types.declarations
Upgrade to https://phpunit.de/announcements/phpunit-10.html which requires PHP 8.1+ (good timing, as version 9 was not maintained anymore)
Upgrade `:oldest` Docker dev image to oldest Alpine version supporting PHP 8.1: Alpine 3.16, which includes PHP 8.1.22.
* Include 6736
https://github.com/FreshRSS/FreshRSS/pull/6736
|
|
+fix minor whitespace from https://github.com/FreshRSS/FreshRSS/pull/6730
|
|
* Fix OIDC session params definition
- standardize environment variable names
- group all in the same configuration file
- use mod_auth_openidc default values
- fix `OIDCSessionMaxDuration` because it was not set with the previous
code
- add documentation
* Add double quoting to prevent globbing and word splitting
* Revert line deleted by mistake
|
|
|
|
* add OIDCSessionMaxDuration and OIDCSessionInactivityTimeout
* entrypoint.sh OIDCSessionMaxDuration and Session fix
* fix: entrypoint.sh OIDCSessionMaxDuration and OIDCSessionInactivityTimeout and Alpine support
* Use Apache config file instead
* Spelling
* fixed after restarting the double OIDC lines
* Refactor
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Support https://www.php.net/index.php#2024-07-18-1
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/6615
Bug https://github.com/php/php-src/issues/14873 was fixed https://github.com/nielsdos/php-src/commit/3d0885f9e54ba46bbb082df4c9c32f0be98ee423
|
|
* Initial support for PHP 8.4
Sole fix needed so far seems to be related to https://wiki.php.net/rfc/deprecate-implicitly-nullable-types
See also upstream PR https://github.com/PhpGt/CssXPath/pull/227
We are also hitting was seems to be a PHP bug https://github.com/php/php-src/issues/14873
* Fix return type
* Disable OPCache while waiting for PHP fix
|
|
https://alpinelinux.org/posts/Alpine-3.20.0-released.html
Moving from PHP 8.2.19 to PHP 8.3.7, still with Apache/2.4.59
|
|
https://github.com/traefik/traefik/releases/tag/v3.0.0
https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/
|
|
* CLI database backup and restore
Can also be used to migrate from one database to another (e.g. MySQL to PostgreSQL) or to ease upgrade to a major PostgreSQL version (e.g. 15 to 16).
* +x
* Fix some cases
* Update to docker-compose-v2
* More documentation
|
|
* Fix CLI install with prefix
It was not possible to pass a blank prefix
* Fix regression EXIT_CODE_ALREADY_EXISTS
The dedicated exit code was not sent anymore when a user already exists
|
|
https://github.com/traefik/traefik/releases/tag/v2.11.0
|
|
https://github.com/FreshRSS/FreshRSS/issues/5993
|
|
https://alpinelinux.org/posts/Alpine-3.19.0-released.html
Apache/2.4.58, PHP 8.2.13
|
|
Avoid keeping environment variables used for init.
Improvement of https://github.com/FreshRSS/FreshRSS/pull/5795
Spotted when checking https://github.com/FreshRSS/FreshRSS/issues/5894
|
|
* Fix PHP 7 compatibility
https://github.com/FreshRSS/FreshRSS/discussions/5892
* Multiple PHP 7 fixes
* PHPStan
|
|
|
|
* Update WebSub documentation a bit
* Marien prefers not to promote his hub too much :-)
|
|
The link resolution does not seem to be supported automatically
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/5819
|
|
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/5819
|
|
* Add multi arch container build
Co-authored-by: EdJoPaTo <rfc-conform-git-commit-email@funny-long-domain-label-everyone-hates-as-it-is-too-long.edjopato.de>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* using label from github action
* dont remove static labels and split docker readme in seperate action
* pin 3rd party action to a commit
* enable pushing to dockerhub
* Update .github/workflows/build-images.yml
Co-authored-by: EdJoPaTo <github@edjopato.de>
* remove not needed checkout
* set github token permissions
* Update .github/workflows/push-dockerhub-readme.yml
* update docker readme to match new tags
* Apply suggestions from code review
* fix suffix for alpine image
* fix suffix for alpine image
* push images only at upstream repo
* push images only at upstream repo
* push images only at upstream repo
* tag latest-alpine as alpine
* tag latest-alpine as alpine
* remove no needed falvor
* keep falvor for build
* Clean more things
* Rename action
To use same default name than https://github.com/actions/starter-workflows/blob/main/ci/docker-publish.yml
* Rename readme action
To use same default name than https://github.com/peter-evans/dockerhub-description/blob/main/.github/workflows/dockerhub-description.yml
* Use default name for dockerhub-description
https://github.com/peter-evans/dockerhub-description/blob/main/.github/workflows/dockerhub-description.yml
Plus minor wording
* Experiment with build-args
* Debug
* Add checkout back
* Revert back to metadata-action
* Remove quotes in version
* Try to fix variables
* Experiment with automatic label values again
* Delete last Docker Hub hooks
* Use only git SHA for org.opencontainers.image.revision
https://specs.opencontainers.org/image-spec/annotations/#pre-defined-annotation-keys
* Comment out semver for now
Might be enabled later if desired
* Enable major semver
---------
Co-authored-by: EdJoPaTo <rfc-conform-git-commit-email@funny-long-domain-label-everyone-hates-as-it-is-too-long.edjopato.de>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Co-authored-by: EdJoPaTo <github@edjopato.de>
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/5792
regression from https://github.com/FreshRSS/FreshRSS/pull/5772
|
|
* Require PHP 7.4+
https://github.com/FreshRSS/FreshRSS/discussions/5474
* Update Docker oldest
Alpine 3.13 with PHP 7.4.26
* Add missing packets to Docker oldest
* Update to typed properties
https://php.net/migration74.new-features#migration74.new-features.core.typed-properties
* More types
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/5770
Note, the syntax complying with https://www.shellcheck.net/wiki/SC2002 does not seem to work in ash / Alpine
|
|
* Prepare Alpine OIDC
* Prepare syntax for OpenID Connect in Alpine.
* Update :newest Alpine development image to PHP 8.3
* Fix a little bug in test of OIDC_SCOPES
* Changelog + syntax
* shellchecks
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/5744
|
|
* Use RemoteIPInternalProxy directive of remoteip Apache module
instead of RemoteIPTrustedProxy directive
To allow internal IPs to be trusted: for internal clients,
and also for the case of chained internal reverse-proxies
Fixes #5726
* One last reference forgotten
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Update entrypoint.sh to avoid a warning on non-numeric TRUSTED_PROXY env var
Fixes #5732 5732
* Use POSIX-compatible syntax
* Fix POSIX syntax
|
|
https://www.postgresql.org/about/news/postgresql-16-released-2715/
Watch out, there are no auto-updates between major versions
|
|
Remove obsolete parameter not needed anymore now that all our images are using PHP 8+
|
|
* Rework trusted proxies
Fix https://github.com/FreshRSS/FreshRSS/issues/5502
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/3226
New environment variable `TRUSTED_PROXY`: set to 0 to disable, or to a list of trusted IP ranges compatible with https://httpd.apache.org/docs/current/mod/mod_remoteip.html#remoteiptrustedproxy
New internal environment variable `CONN_REMOTE_ADDR` to remember the true IP address of the connection (e.g. last proxy), even when using mod_remoteip.
Current working setups should not observe any significant change.
* Minor whitespace
* Safer trusted sources during install
Rework of https://github.com/FreshRSS/FreshRSS/pull/5358
https://github.com/FreshRSS/FreshRSS/issues/5357
* Minor readme
|
|
|
|
* Add OIDC_X_FORWARDED_HEADERS environment variable (fixes #5516)
The mod_auth_oidc needs an additional directive (`OIDCXForwardedHeaders`)
in case FreshRSS is running behind a reverse proxy, so it knows what host,
protocol and port were used to access it. This information is then used
in the `redirect_uri` when directing the user agent (browser) to the identity
provider for authentication.
Please note that, if you are running FreshRSS behind a reverse proxy that
handles TLS, you may need to update your identity provider's configuration so
it accepts `https://...` as a `redirect_uri`.
* Add link to mod_auth_openidc's documentation for the OIDCXForwardedHeaders Apache configuration directive
* Minor spelling
---------
Co-authored-by: Stefan Zwanenburg <stefan@zwanenburg.info>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
identity provider (#5481)
* Allow choosing the OIDC remote user claim and scopes to request from the identity provider
* Added comment to explain how checking whether an environment variable is set is done
* Use apostrophe's instead of single quotes for verb contractions in docs
* Move variables used for checking presence of environment variables inside IfDefine block
|
|
Quiet output for a2enmod, a2dismod, a2disconf, a2dissite, a2ensite to avoid many messages the following, which are not even relevant because Apache is not yet started at this stage:
```
To activate the new configuration, you need to run:
systemctl restart apache2
```
Related to https://github.com/FreshRSS/FreshRSS/pull/5463
|
|
https://www.debian.org/releases/bookworm/
With PHP 8.2.5 and Apache 2.4.57
|
|
Only enable the Apache auth_openidc module when actually used
Fix https://github.com/FreshRSS/FreshRSS/issues/5460
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/5351
|
|
* Add OIDC
* Update documentation.
* Update apache conf adding IfModule
* Use IfDefine for OIDC in apache conf
* Fix non-oidc support
* Fix typing
* Use IfDefine to enable OIDC
* Add OIDC support to all dockerfiles
* Re add apache Require option
* Fixes and documentation
* A few more fixes
* A bit more doc
* Change type of environment variable
* Update readme
* Correct apache config for OIDC support.
* Fix README formatting
* Update oidc control path
* Fix oidc endpoint being cached
* A bit more review
* Simplify ExpiresActive
* Add session refresh and improve caching
* Allow more different setups
* A bit more documentation
* A bit more readme
---------
Co-authored-by: Aaron Schif <aschif@netdevgroup.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Co-authored-by: maTh <math-home@web.de>
|
|
Provide example of how to easily tune selected PostgreSQL settings
https://wiki.postgresql.org/wiki/Tuning_Your_PostgreSQL_Server
|
Dezponia
Alexandre Alapetite
Max Bretschneider
Christopher Moss
pando85
нездалисько
Benjamin Reich
Mossroy
Zhaofeng Li
otaconix
Aaron Schif
