All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
- acme challenge config is done within le container and should not be added in the gen container
- fix delete dunder method of Capp
- fix listing priviledged public keys
- fix permissions for certficates keys
- Modern dca compose file
- Allow to show priviledged public keys on listing
- certificates and vhost files are now in named volumes
- ComposeSystemd upgraded to 1.6.2
- docker-gen upgraded to version 0.14.6
- Panubo sshd upgraded to version 1.9.0, hosted on quay.io
- proxy services updated
- Certbot-companion instead of Acme-companion to enable DNS-01 challenge
- Fix old config removal
- Allow to have a private/internal /prometheus endpoint for some containers (QE-709)
- Security updates for docker-gen
- Vhost specific
app-serverorapp_locationshould be deleted if non-existant in current dca
- nohttps should just comment out the https section instead of delete it
- Use FDN DNS to prevent any surprise
- nginx versions between docker-gen and nginx container should be the same
- Detect error on system service reload and restart it instead
- fix old docker compose python command. One can use
docker composeordocker-compose.
- Allow the reload command and deploy a bit faster (Added)
- Example app as DCA
- Instructions on how to local test this
- Fix hook chaining failed if one hook fails
- Also don’t resolve symbolic links, so hooks can rely on them (backup hook)
- Per-environment configuration resource (QE-589)
- New compose-systemd version to
1.5.0, allows to delay app start when node reboot
docker-genupdate
- Openssl PEM keys should be specified directly with header/footer/new lines
- Allow to directly use openssl public keys for privileged deployement
- Fix
max_procnot being taken into account in the installer
- Security updates and docker-gen build and patch from source
- Check for
vhostvalidity before deploying. - Check nginx config generated by
docker-genbefore sumbit - Allow to specify
loggingkey for a service.
- Updated
le-genimage versions for security reason (version2.1.3is issue-free).
- Fix
rmdirthat was too soon in the installer - Updated image versions (
le-genstill need an still-unreleased upgraded version).
- Updated image versions.
compose-dirsupdated to version1.4.0.
cappcan be tested in docker.- More verbose tasks on
deploy/undeploy.
- Fix
undeploycommand on non-existant app/env. - Fix parsing metadata version on
undeploy.
- Do not use cache when using
buildcommand.
buildcommand to force build and pull application services.- better
execcommand, with multiple arguments supported and you can inject environment variables, change the working directory or the current user.
- Let’s encrypt companion update
- Security updates (docker images)
- Support for multiple (ssh) keys per user (
listkey,addkey,delkey) - Support for
execaction to enter an application service
- Rights and user management
- Generate
authorized_keyson login attempt - Updated docker versions
- Pull images on deploy
/etc/capp/le_blacklist.txtfile to list host that should NOT be processed by Let's Encrypt
- Fix Hooks invocation (as-root, string-only parameters)
- Usage of
verify_dca.pyincapp. - Hash check on deploy is now a bit quicker and use less memory
- Hooks on deploy/undeploy action
- DCA format version 2