webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-20 16:02:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,129 Commits 2 Branches 1 Tag
440cd2cbfdfb2d386c200a05deb14fcd3a7cb1e6
Commit Graph

5566 Commits

Author SHA1 Message Date
Michael Tremer
440cd2cbfd Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-17 12:29:22 +01:00
Michael Tremer
7207d80c4e core115: Ship logrotate 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-16 19:20:20 +01:00
Michael Tremer
b62c826fd8 PDF-API2: Add optional dependencies to read TrueType fonts 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-16 17:43:32 +01:00
Michael Tremer
e3c3625c34 Make perl-PDF-API2 part of the base system 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-16 17:31:51 +01:00
Michael Tremer
30b0e0ca1b PDF-API2: Update to 2.033 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-16 17:28:51 +01:00
Michael Tremer
c484679bb3 Download sources via HTTPS 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-12 15:56:34 +01:00
Matthias Fischer
e735d91f03 unbound: Update to 1.6.7 
For details see:
http://www.unbound.net/download.html

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 20:06:48 +01:00
Peter Müller
50846453cb also force TLS when requiring user authentication in WebUI 
Force TLS _and_ a valid login when accessing protected directories.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 20:06:27 +01:00
Peter Müller
78fa47700d generate ECDSA key on existing installations 
This is required since Apache crashes if any of the key/certificate files
does not exist.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 20:05:55 +01:00
Peter Müller
fbc9cfd769 ship changed files for Apache and ECDSA 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 20:05:53 +01:00
Peter Müller
73ba228620 enable dual-stack ECDSA and RSA certificates in Apache 
Note: Apache crashes if any of these files does not exist. Thereof it
is necessary to generate missing keys on existing installations.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 20:05:37 +01:00
Peter Müller
f227ae4fd2 prefer ECDSA over RSA and remove clutter 
Priorize ECDSA before RSA and remove unused cipher suites.
Remove redundant OpenSSL directives to make SSL configuration more readable.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 20:05:16 +01:00
Michael Tremer
2f27148cbb core115: Ship updated extrahd.pl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 12:20:44 +01:00
Matthias Fischer
3c3dfd165e Remove PRINT-line in extrahd.pl 
As shown in https://forum.ipfire.org/viewtopic.php?f=50&t=19563#p111055
PRINT-output somehow garbles bash-prompt.

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 12:19:58 +01:00
Michael Tremer
ebf697a097 core115: Ship latest OpenVPN changes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 11:56:07 +01:00
Erik Kapfer
b66b02ab73 OpenVPN: Fix for '--ns-cert-type server is deprecated' . 
- Added extended key usage based on RFC3280 TLS rules for OpenVPNs OpenSSL configuration,
so '--remote-cert-tls' can be used instead of the old and deprecated '--ns-cert-type'
if the host certificate are newely generated with this options.
Nevertheless both directives (old and new) will work also with old CAs.

- Automatic detection if the host certificate uses the new options.
If it does, '--remote-cert-tls server' will be automatically set into the client
configuration files for Net-to-Net and Roadwarriors connections.

If it does NOT, the old '--ns-cert-type server' directive will be set in the client
configuration file.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 11:55:16 +01:00
Peter Müller
b0b4d09c56 remove unused dial.cgi directives from Apache vhosts config 
Remove configuration lines in Apache vhosts files which
are not used anymore (old dial.cgi stuff).

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-11 11:12:00 +01:00
Peter Müller
dc6ed83537 delete unused dial.cgi file 
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-10 12:22:19 +01:00
Michael Tremer
436479a29f core115: No need to reload apache after it has been restarted 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-09 14:58:41 +01:00
Michael Tremer
c8e03c7c53 core115: Regenerate IPsec configuration 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-09 14:58:26 +01:00
Michael Tremer
bfa0f1dfc0 core115: Rebuild language cache during update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-09 14:50:29 +01:00
Michael Tremer
2ac90665e8 core115: Ship updated apache 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-09 14:49:34 +01:00
Michael Tremer
6772cc8035 Download ISO images from https://downloads.ipfire.org 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-06 13:03:40 +01:00
Michael Tremer
1294c52ca5 core115: Include captive portal in updater 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-06 11:48:49 +01:00
Michael Tremer
112a09508e core115: Add captive portal cron jobs to updater 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-05 11:38:05 +01:00
Michael Tremer
027614d2dc Merge branch 'captive-portal' into next 2017-10-04 16:10:07 +01:00
Michael Tremer
1f06098ba7 captive-portal: Serve Ubuntu font files locally 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-04 12:55:17 +01:00
Michael Tremer
70f6cba43e Add Ubuntu font family package 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-10-04 12:47:28 +01:00
Michael Tremer
e2d934cf2b core115: Ship update for OpenVPN 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-30 12:34:37 +01:00
Michael Tremer
36f5d20ef7 core115: Ship cosmetic improvements in proxy.cgi 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-24 20:23:06 +01:00
Arne Fitzenreiter
c42237247a start core115 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-09-24 15:51:12 +02:00
Arne Fitzenreiter
2083519a64 core114: add php to updater 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-09-24 13:35:01 +02:00
Arne Fitzenreiter
595c6470dd core114: force update addons after core update 
apache needs new vhost configs so all addons must updated to work with new
apache.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2017-09-23 10:34:54 +02:00
Michael Tremer
fb96829a74 captive: Update configuration for Apache 2.4 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:34:29 +01:00
Michael Tremer
afd0cd232f Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:00:05 +01:00
Michael Tremer
5f1b951102 captive: Show access page in browser language 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Tested-by: Daniel Weismüller <daniel.weismüller@ipfire.org>
 2017-09-22 19:00:04 +01:00
Michael Tremer
1d68e28753 captive: Do not try to execute the favicon 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:00:04 +01:00
Michael Tremer
78148cc1e5 captive: Run apache in HTTP/1.0 mode 
Reported-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Tested-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:00:04 +01:00
Michael Tremer
9b6227cc2a captive: Let apache follow symlinks to load bootstrap 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:00:04 +01:00
Michael Tremer
c91899797b captive: Logo directory no longer exists 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:00:04 +01:00
Michael Tremer
b020b6190f Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:00:04 +01:00
Michael Tremer
733de0e4a0 bootstrap: Install map files, too 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:56:04 +01:00
Michael Tremer
a0b271e474 captive: Redesign generated coupons table 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:56:04 +01:00
Michael Tremer
8802d70a28 captive: Serve logo through an extra CGI script 
This CGI script makes saving the logo easier (especially for
backup purposes).

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:56:04 +01:00
Michael Tremer
dbfd2622f5 captive: Get MAC address of a device without calling arp 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:55:27 +01:00
Michael Tremer
48fb1d3b69 captive: Import new design 
This is the new design of the access page of the captive
portal. It is based on the Bootstrap 4 grid system and
reboot but does not use anything else from it.

It is responsive and customisable.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00
Michael Tremer
050ce75678 bootstrap: New package 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00
Michael Tremer
a2c26388db captive-portal: Use template engine to render HTML template 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00
Michael Tremer
0a02d9bb0c captive-portal: Move CGI files to CGI directory 
Previously the assets directory has ExecCGI privileges
which is not at all required and potentially dangerous.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00
Michael Tremer
4ddf453804 captive: Reindent apache configuration 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00