turnkey-web2py-18.0 (1) turnkey; urgency=low * Install web2py from upstream git: v2.27.1. [Anton Pyrogovskyi ] * Ensure hashfile includes URL to public key - closes #1864. * Include webmin-logviewer module by default - closes #1866. * Upgraded base distribution to Debian 12.x/Bookworm. * Configuration console (confconsole): - Support for DNS-01 Let's Encrypt challenges. [ Oleh Dmytrychenko github: @NitrogenUA ] - Support for getting Let's Encrypt cert via IPv6 - closes #1785. - Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi). - Show error message rather than stacktrace when window resized to incompatable resolution - closes #1609. [ Stefan Davis ] - Bugfix exception when quitting configuration of mail relay. [ Oleh Dmytrychenko github: @NitrogenUA ] - Improve code quality: implement typing, fstrings and make (mostly) PEP8 compliant. [Stefan Davis & Jeremy Davis * Firstboot Initialization (inithooks): - Refactor start up (now hooks into getty process, rather than having it's own service). [ Stefan Davis ] - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks. - Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl. - Refactor run script - use bashisms and general tidying. - Show blacklisted password characters more nicely. - Misc packaging changes/improvements. - Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB). * Web management console (webmin): - Upgraded webmin to v2.105. - Removed stunnel reverse proxy (Webmin hosted directly now). - Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem). - Disabled Webmin Let's Encrypt (for now). * Web shell (shellinabox): - Completely removed in v18.0 (Webmin now has a proper interactive shell). * Backup (tklbam): - Ported dependencies to Debian Bookworm; otherwise unchanged. * Security hardening & improvements: - Generate and use new TurnKey Bookworm keys. - Automate (and require) default pinning for packages from Debian backports. Also support non-free backports. * IPv6 support: - Adminer (only on LAMP based apps) listen on IPv6. - Nginx/NodeJS (NodeJS based apps only) listen on IPv6. * Misc bugfixes & feature implementations: - Remove rsyslog package (systemd journal now all that's needed). - Include zstd compression support. - Enable new non-free-firmware apt repo by default. - Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps). * Set mod_evasive log location - makes debugging easier. [ Jeremy Davis ] * Include and enable mod_evasive and mod_security2 by default in Apache. [ Stefan Davis ] * Use MariaDB (MySQL replacement) v10.11.3 (from debian repos). -- Jeremy Davis Tue, 23 Jan 2024 04:28:45 +0000 turnkey-web2py-17.1 (1) turnkey; urgency=low * Updated all Debian packages to latest. [ autopatched by buildtasks ] * Patched bugfix release. Closes #1734. [ autopatched by buildtasks ] -- Jeremy Davis Thu, 15 Dec 2022 03:33:40 +0000 turnkey-web2py-17.0 (1) turnkey; urgency=low * Install latest Web2py (via git) - v2.22.5. [ Zhenya Hvorostian ] * Remove turnkey-web2py-pyver convenience script. [ Zhenya Hvorostian ] * Fix Apache conf so users can access /admin area - closes #1601. * Note: Please refer to turnkey-core's 17.0 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Thu, 15 Dec 2022 02:56:59 +0000 turnkey-web2py-16.1 (1) turnkey; urgency=low * Install latest Web2py (via git) - v2.21.1. * Note: Please refer to turnkey-core's 16.1 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Thu, 01 Apr 2021 17:30:48 +1100 turnkey-web2py-16.0 (1) turnkey; urgency=low * Latest upstream Web2py (via git) - v2.20.4. [ Stefan Davis ] * Provide helper script; 'turnkey-web2py-pyver`. A script to switch running Web2py between python2 & python3. This Web2py appliance defaults to python3. Closes #1371. * Explcitly disable TLS<1.2 (i.e. SSLv3, TLSv1, TLSv1.1). (v15.x TurnKey releases supported TLS 1.2, but could fallback as low as TLSv1). * Update SSL/TLS cyphers to provide "Intermediate" browser/client support (suitable for "General-purpose servers with a variety of clients, recommended for almost all systems"). As provided by Mozilla via https://ssl-config.mozilla.org/. * Updated version of mysqltuner script - now installed as per upstream recommendation. -- Jeremy Davis Thu, 16 Jul 2020 16:06:23 +1000 turnkey-web2py-15.1 (1) turnkey; urgency=low * Latest upstream version of Web2py (2.17.2). Rebuild to resolve inadvertent removal of mariadb during sec-updates - part of #1246. -- Jeremy Davis Thu, 22 Nov 2018 15:58:41 +1100 turnkey-web2py-15.0 (1) turnkey; urgency=low * Latest upstream version of Web2py (2.17.1). * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Zhenya Hvorostian Thu, 23 Aug 2018 03:08:35 +0300 turnkey-web2py-14.2 (1) turnkey; urgency=low * Latest upstream version of Web2py. * Installed security updates. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Mon, 08 May 2017 16:31:45 +1000 turnkey-web2py-14.1 (1) turnkey; urgency=low * Latest upstream version of Web2py. * Fixed turnkey pylib git.py and GitPython clash [#578]. - Stefan Davis * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Thu, 25 Feb 2016 11:43:55 +1100 turnkey-web2py-14.0 (1) turnkey; urgency=low * Web2py: - Latest upstream version of Web2py. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Anton Pyrogovskyi Tue, 19 May 2015 20:10:13 +0300 turnkey-web2py-13.0 (1) turnkey; urgency=low * Web2py: - Latest upstream version of Web2py. - Updated wsgihandler.py configuration due to changes in latest version. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Fri, 11 Oct 2013 11:34:17 +0300 turnkey-web2py-12.1 (1) turnkey; urgency=low * Web2py: - Latest version of Web2py will be installed at build time. - Disabled git import due to turnkey-pylib conflict: admin/controllers/default.py * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Fri, 05 Apr 2013 08:00:00 +0200 turnkey-web2py-12.0 (1) turnkey; urgency=low * Initial public release of TurnKey web2py. * Set web2py admin console password on firstboot (convenience, security). * Regenerates all secrets during installation / firstboot (security). * Apache related: - Configured to use WSGI to serve web2py applications (performance). - Force admin console to be served via SSL (security). * MySQL related: - Set MySQL root password on firstboot (convenience, security). - Force MySQL to use Unicode/UTF8. - Includes Webmin MySQL module for convenience. * SSL support out of the box. * Includes postfix MTA (bound to localhost) for sending of email. Also includes webmin postfix module for convenience. * Major component versions web2py 1.99.7 (upstream archive) apache2 2.2.16-6+squeeze7 libapache2-mod-wsgi 3.3-2 mysql-server 5.1.63-0+squeeze1 python-mysqldb 1.2.2-10+b1 ipython 0.10-2 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Wed, 01 Aug 2012 08:00:00 +0200