CHANGELOG 6.49 KB
Newer Older
1
2
CHANGELOG
---------
Paul Cammish's avatar
Paul Cammish committed
3

Paul Cammish's avatar
Paul Cammish committed
4
5
6
2019-12-16
  sympl-web
    * Added cron to clean up old PHP sessions
Paul Cammish's avatar
Paul Cammish committed
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226

2019-12-05
  sympl-core
    * Updated IPv6 Only workaround for sympl-ssl.

2019-10-17
  sympl-core
    * Updated sympl-ssl to use Let's Encrypt ACME v02 API.

2019-10-04
  sympl-mail
    * Fixed permission issue with configuration.

2019-09-18
  sympl-firewall
    * Fixed missing version increment.

2019-09-17
  sympl-mail
    * Adds full chain support to Dovecot SNI, needed by some clients.

2019-09-08
  sympl-core
    * Set default threshold for LE cert renewal to suggested 30 days.
  sympl-backup
    * Added backup2l driver to prevent warnings from tar.

2019-08-16
  sympl-core
    * Adds detection of NAT64 environments for sympl-ssl wrapper.
  sympl-firewall
    * Removed incrond, re-instated old manual triggers on changes.
    * Fixed warning message from nftables.

2019-07-31
  sympl-backup
    * Force backups to be run as root.
    * Updated backup paths, exclude backups of /var/lib/docker.
  sympl-mysql
    * Updated sympl-sqldump to use sympl user correctly.

2019-07-29
  sympl-core
    * Copy root user authorized_keys to sympl user on first install.

2019-07-25
  sympl-core
    * Fixed typo in sympl CLI

2019-07-19
  sympl-cron
    * Updated sympl-crontab --test output

2019-07-18
  sympl-firewall
    * Updated sympl-firewall-whitelist to more sane defaults.
    * Only whitelist SSH access for a week once logged in.
    * Only whitelist IPv6 address at /128 rather than /64.

2019-07-09
  sympl-web
    * Updated sympl-web-rotate-logs to support new ownership
    * Reload Apache when rotating logs, rather than the loggers.

2019-07-08
  sympl-mail
    * Re-enable Dovecot SNI

2019-07-07
  sympl-mail
    * Fixed unhandled input

2019-07-06
  sympl-mail
    * Resolved potential race condition
    * Updated sympl-mail-dovecot-sni for edge cases
    * Improved sympl-mail ssl-hook

2019-07-05
  sympl-core
    * Removed beta flag from MOTD
    * Updated 'sympl' parser, added 'sympl update' function.

2019-07-04
  sympl-core
    * Workaround for sympl-ssl bug #249 under IPv6 only.
  sympl-monit
    * Updated monit tests to use TLSv1.2
  sympl-web
    * Rewrote Apache configs
    * Moved phpMyAdmin specifics to sympl-phpmyadmin
    * Deprecated Apache vhost_sympl module

2019-07-03
  sympl-web
    * Updated path for PHP config
    * Reverted default PHP lockdown
    * Reverted vhost rewrites

2019-07-02
  sympl-core
    * Removed mailbox permission rewriting
    * Disabled hostname enforcement
    * Adjusted security permissions for domains Exim config files
  sympl-mail
    * Adjusted exim config group
    * Permissions adjustment for Debian-exim user

2019-07-01
  sympl-mail
    * Fixes for Roundcube/Dovecot changes in Buster.
    * Enables SMTP AUTH on localhost without TLS.

2019-06-30
  sympl-web
    * Reworked apache templates
    * Added fallback for zz-mass-hosting

2019-06-28
  sympl-core
    * Adjusted permissions for config/dkim

2019-06-26
  sympl-mail
    * Fix for non-selfsigned certs with Dovecot SNI
    * Fixed SNI configuration in Exim and Dovecot

2019-06-25
  sympl-core
    * First update for sympl command line
    * Fixed edge case in sympl-filesystem-security

2019-06-24
  sympl-core
    * Adjusted MOTD Banner
    * Updated sympl-filesystem-security with tweaks to paths/logic
  sympl-ftp
    * Adjusted configuration to allow www-data
  sympl-mail
    * Updated Dovecot configuration for Debian Buster
    * Migrated links into existing file
  sympl-web
    * Adjusted ssl-hook so it doesn't fire before sympl-web is installed.
    * Adjusted Apache templates slightly.

2019-06-21
  All Packages
    * Created Sympl v10.0 (Debian Buster)
  sympl-core
    * Moved sympl-ssl to sbin to avoid permissions/hook issues.
  sympl-web
    * Updated dependencies/build-dependencies
    * Fixed typo in apache template

2019-06-20
  sympl-mail
    * Merged legacy Symbiosis patch for SNI on Exim
    * Updated configuration for SNI in Dovecot
  sympl-core
    * Updated recommended packages
    * Updated MOTD banner

2019-06-19
  sympl-web
    * Massively improved security for PHP
    * PHP is now restricted to public/, and has domain-specific tmp and
      sessions directories which are automatically created.
    * PHP is now disabled in a path that matches 'wp-content/uploads'
      significantly securing all WordPress sites.
    * Enables OSCP stapling by default. Disables HSTS by default.
    * zz-mass-hosting now configures all sites, not just SSL sites.
    * sympl-web-logger now only used for the zz-mass-hosting fallbacks.
    * PHP can block dangerous functions such as eval() and exec() which
      should not be needed typically. This can be enabled manually
      but effects all sites on the server.
    * new config files: config/disable-php-security and config/hsts.
  sympl-webmail
    * Updated configuration to restrict PHP directory access

2019-06-14
  sympl-mysql
    * Fixed typos

2019-06-13
  sympl-backup
    * Removed deprecated backup scripts
  sympl-mysql
    * Added sympl-sqldump

2019-06-12
  sympl-web
    * Massively improved security for web stats.
    * new config files: config/stats and config/stats-htpasswd
  sympl-webmail
    * Improved webmail auto-configuration

2019-06-11
  All Packages
    * Merged sympl-common into sympl-core

2019-06-10
  All Packages
    * Adjusted Dependencies
  sympl-mail
    * Re-implimented password strength testing
  sympl-webmail
    * Moved configuration of roundcube to sympl-common

2019-06-09
  All Packages
    * Renamed admin user to sympl.
  sympl-ftp
    * FTP user now logs in as owner of the chrooted dir
    * Added Umask so files are +rw by the relevant group
  sympl-web
    * Removed skel.d files.
  sympl-mysql
    * .my.cnf and 'mysql_password' files now created in /home/sympl
  sympl-backup
    * Updated backup paths
Paul Cammish's avatar
Paul Cammish committed
227

Paul Cammish's avatar
Paul Cammish committed
228
229
230
231
232
233
234
235
* 2019-06-06 - First Public Build
  - Renamed packages and files, replaced references to Symbiosis with Sympl.
      bytemark-symbiosis -> sympl-core
      symbiosis-httpd -> sympl-web
      symbiosis-email -> sympl-mail
      symbiosis-ftpd -> sympl-ftp
      symbiosis-meta -> sympl-core
      symbiosis-* -> sympl-*
Paul Cammish's avatar
Paul Cammish committed
236
237
  - Renamed command-line tools, with new package names, added symlinks
    from old names.
Paul Cammish's avatar
Paul Cammish committed
238
239
240
241
242
  - /etc/symbiosis is now /etc/sympl, with symlink for compatibilty.
  - Folded old metapackages into relevant packages.
  - Dropped support for old Exchange Activesync.
  - Dropped support for XMPP.
  - A lot of tidying up.
Paul Cammish's avatar
Paul Cammish committed
243

Paul Cammish's avatar
Paul Cammish committed
244
* 2019-05-28 - Implemented autotest suite, updated docs.
Paul Cammish's avatar
Paul Cammish committed
245

Paul Cammish's avatar
Paul Cammish committed
246
* 2019-04-16 - Fixed Gitlab CI
Paul Cammish's avatar
Paul Cammish committed
247

Paul Cammish's avatar
Paul Cammish committed
248
* 2019-04-13 - Initial fork from GitHub