turnkey-domain-controller-18.0 (1) turnkey; urgency=low
* Include some "getting started" docs on the landing page (tklweb-cp) -
closes #1810.
[Jeremy Davis <jeremy@turnkeylinux.org>]
* Support Domain Controller with 'dc1' name, joining an existing domain -
so long as it doesn't already exist (checked via DNS) - untracked bug.
[Jeremy Davis <jeremy@turnkeylinux.org>]
* Ensure hashfile includes URL to public key - closes #1864.
* Include webmin-logviewer module by default - closes #1866.
* Upgraded base distribution to Debian 12.x/Bookworm.
* Configuration console (confconsole) - v2.1.6:
- Support for DNS-01 Let's Encrypt challenges.
[ Oleh Dmytrychenko <dmytrychenko.oleh@gmail.com> github: @NitrogenUA ]
- Support for getting Let's Encrypt cert via IPv6 - closes #1785.
- Refactor network interface code to ensure that it works as expected and
supports more possible network config (e.g. hotplug interfaces & wifi).
- Show error message rather than stacktrace when window resized to
incompatable resolution - closes #1609.
[ Stefan Davis <stefan@turnkeylinux.org> ]
- Bugfix exception when quitting configuration of mail relay.
[ Oleh Dmytrychenko <dmytrychenko.oleh@gmail.com> github: @NitrogenUA ]
- Improve code quality: implement typing, fstrings and make (mostly) PEP8
compliant.
[Stefan Davis <stefan@turnkeylinux.org> & Jeremy Davis
- General dehydrated-wrapper code cleanup - now passes shellcheck.
* Firstboot Initialization (inithooks):
- Refactor start up (now hooks into getty process, rather than having it's
own service).
[ Stefan Davis <stefan@turnkeylinux.org> ]
- Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname
is included in dhcp info when set via inithooks.
- Package turnkey-make-ssl-cert script (from common overlay - now packaged
as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl.
- Refactor run script - use bashisms and general tidying.
- Show blacklisted password characters more nicely.
- Misc packaging changes/improvements.
- Support returning output from MySQL - i.e. support 'SELECT'. (Only
applies to apps that include MySQL/MariaDB).
* Web management console (webmin):
- Upgraded webmin to v2.105.
- Replace webmin-shell with webmin-xterm module by default - closes #1904.
- Include webmin-logviewer module by default - closes #1866.
- Removed stunnel reverse proxy (Webmin hosted directly now).
- Ensure that Webmin uses HTTPS with default cert
(/etc/ssl/private/cert.pem).
- Disabled Webmin Let's Encrypt (for now).
* Web shell (shellinabox):
- Completely removed in v18.0 (Webmin now has a proper interactive shell).
* Backup (tklbam):
- Ported dependencies to Debian Bookworm; otherwise unchanged.
* Security hardening & improvements:
- Generate and use new TurnKey Bookworm keys.
- Automate (and require) default pinning for packages from Debian
backports. Also support non-free backports.
* IPv6 support:
- Adminer (only on LAMP based apps) listen on IPv6.
- Nginx/NodeJS (NodeJS based apps only) listen on IPv6.
* Misc bugfixes & feature implementations:
- Remove rsyslog package (systemd journal now all that's needed).
- Include zstd compression support.
- Enable new non-free-firmware apt repo by default.
- Improve turnkey-artisan so that it works reliably in cron jobs (only
Laravel based LAMP apps).
* Reduce log noise by creating ntpsec log dir - closes #1952.
-- Jeremy Davis <jeremy@turnkeylinux.org> Fri, 05 Jul 2024 11:19:03 +0000
turnkey-domain-controller-17.1 (1) turnkey; urgency=low
* Updated all Debian packages to latest.
[ autopatched by buildtasks ]
* Patched bugfix release. Closes #1734.
[ autopatched by buildtasks ]
-- Jeremy Davis <jeremy@turnkeylinux.org> Thu, 30 Mar 2023 00:37:16 +0000
turnkey-domain-controller-17.0 (1) turnkey; urgency=low
* Install Samba v4.17.3 from Bullseye backports - supports latest Win11
joining domain. Samba pinned to backports for easier maintence.
* Add support for setting admin username when joining domain - closes #1671.
* Allow dash in realm - closes #1670.
* Disable systemd-resolved.service in LXC builds - closes #1766.
* Update inithook for libinithook refactoring in v17.x.
* Note: Please refer to turnkey-core's 17.0 changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Jeremy Davis <jeremy@turnkeylinux.org> Mon, 20 Feb 2023 03:28:24 +0000
turnkey-domain-controller-16.2 (1) turnkey; urgency=low
* Rebuild on latest Debian Buster.
* Adjust service name that Webmin "Start/Stop/Restart Samba" buttons use.
Closes #1618.
-- Jeremy Davis <jeremy@turnkeylinux.org> Thu, 22 Jul 2021 14:15:47 +1000
turnkey-domain-controller-16.1 (1) turnkey; urgency=low
* Refactor of Domain Controller specific inithook (domain-controller.py) to
make 'join' functionality work.
* Rebuild on latest Debian Buster.
* Note: Please refer to turnkey-core's 16.1 changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Jeremy Davis <jeremy@turnkeylinux.org> Mon, 17 May 2021 15:58:41 +1000
turnkey-domain-controller-16.0 (1) turnkey; urgency=low
* Update packages to latest Debian Buster versions; including Samba v4.9.5.
* Major rewrite of python inithook amd removal of old bash inithook scripts.
* Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Jeremy Davis <jeremy@turnkeylinux.org> Fri, 16 Oct 2020 15:55:43 +1100
turnkey-domain-controller-15.0 (1) turnkey; urgency=low
* Initialization (specific to domain-controller - via inithooks):
- support joining existing AD domain (closes #790)
- separate out commandline usage into bash scripts (commands were
previously run direct from python)
- don't acccept parentheses in Samba admin password (closes #861)
* Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Vlad Kuzmenko <vlad@turnkeylinux.org> Tue, 26 Jun 2018 00:30:42 +0200
turnkey-domain-controller-14.2 (1) turnkey; urgency=low
* Updated first boot inithooks to use updated Dialog password prompt
* Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Ken Robinson <ken@turnkeylinux.org> Sun, 16 Jul 2017 12:08:19 -0400
turnkey-domain-controller-14.1 (1) turnkey; urgency=low
* Add additional required ports to the firewall config [#573]
* Fix LigHTTPd bug in 15regen-sllcert [#512].
* Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.i
-- Jeremy Davis <jeremy@turnkeylinux.org> Thu, 18 Feb 2016 15:19:03 +1100
turnkey-domain-controller-14.0 (1) turnkey; urgency=low
* Debian Jessie package version of Samba4.
* Configured as Active Directory Domain Controller.
* AjaXplorer/fileserver functionality removed.
* Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Jeremy Davis <jeremy@turnkeylinux.org> Thu, 10 Sept 2015 20:50:12 +1000
turnkey-domain-controller-13.0 (1) turnkey; urgency=low
* Latest Debian Wheezy package version of Samba.
* Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Alon Swartz <alon@turnkeylinux.org> Thu, 10 Oct 2013 17:44:56 +0300
turnkey-domain-controller-12.1 (1) turnkey; urgency=low
* AjaXplorer related:
- Upgraded to latest version
- Removed smb-root-write-fix patch (included in new version).
- Added USER_BASE_DRIVER to plugins multi-auth (required in new version).
- Force SSL and set locale to en_US.UTF-8.
* Upstream source component versions:
ajaxplorer 4.2.3
* Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Alon Swartz <alon@turnkeylinux.org> Sun, 07 Apr 2013 08:00:00 +0200
turnkey-domain-controller-12.0 (1) turnkey; urgency=low
* Added web-based file manager (AjaXplorer)
- Pre-configured multi-authentication (Local and Samba).
- Pre-configured repositories (storage, user home directory).
- Set local admin password on firstboot.
* Printing via CUPS
- Package name transition: cupsys -> cups
- Added administrator user to lpadmin group (bugfix).
- Pre-configured cups-pdf printer.
* Configured automatic unix/smb user/group synchronization in Webmin.
* Major component versions
ajaxplorer 4.0.4 (upstream archive)
samba 2:3.5.6~dfsg-3squeeze8
cups 1.4.4-7+squeeze1
cups-pdf 2.5.0-16
lighttpd 1.4.28-2+squeeze1
* Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Alon Swartz <alon@turnkeylinux.org> Wed, 01 Aug 2012 08:00:00 +0200
turnkey-domain-controller-11.3 (1) turnkey; urgency=low
* Installed security updates.
* Enabled etckeeper garbage collection by default.
* Upgraded to latest inithooks version (adhoc re-initialization via turnkey-init)
-- Alon Swartz <alon@turnkeylinux.org> Mon, 05 Dec 2011 10:48:44 +0000
turnkey-domain-controller-11.2 (1) turnkey; urgency=low
* Installed security updates.
* Added HubDNS package and firstboot configuration.
-- Alon Swartz <alon@turnkeylinux.org> Fri, 15 Jul 2011 07:47:08 +0000
turnkey-domain-controller-11.1 (1) turnkey; urgency=low
* Set domain and administrator password on firstboot (convenience, security).
* Major component versions:
samba 2:3.4.7~dfsg-1ubuntu3.2
cupsys 1.4.3-1ubuntu1.3
cups-pdf 2.5.0-12
lighttpd 1.4.26-1.1ubuntu3
* Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Alon Swartz <alon@turnkeylinux.org> Sun, 19 Dec 2010 15:01:05 +0200
turnkey-domain-controller-2009.10 (2) hardy; urgency=low
* Installed all security updates (see manifest for package versions).
* Install security updates on firstboot (except when running live).
* Trick webmin into not checking for upgrades (managed by apt).
* Included latest version of inithooks and updated scripts.
* Included wget as per common request.
-- Alon Swartz <alon@turnkeylinux.org> Mon, 29 Mar 2010 09:02:11 +0200
turnkey-domain-controller-2009.10 (1) hardy; urgency=low
* Initial public release of TurnKey Domain Controller
* SSL support out of the box
* Domain controller configurations:
- Preconfigured domain: DOMAIN
- Preconfigured netbios name: PDC
- Includes custom samba-config script to change domain and set administrator
password (included as part of installation).
- Created administrator account and added to Domain Users and Domain Admins.
- Granted Domain Admins full permissions on the domain.
- Created smbgroups (smbusers, smbadmins, smbmachines).
- Created group mapping for smbusers: Domain Users
- Created group mapping for smbadmins: Domain Admins
- Configured samba user accounts to synchronize with unix user accounts.
- Configured netlogon service:
- Limit domain login to Domain Users and Domain Admins.
- Logon/home drive mapped to H:
- Synchronize time at login with PDC.
- Default permissions set owner full permissions, only.
- Configured roaming profiles:
- Public storage mapped to S:
- Default permissions set owner full permissions, everyone read.
- Configured printing support:
- Setup Point-and-Print (PnP).
- Installed PDF printer (drops printed docs to $HOME/PDF).
- Configured cupsys web interface to bind to all interfaces and
support SSL.
- Bugfixed samba-docs (manpage and missing links).
- Includes flip to convert text file endings between UNIX and DOS formats.
* Includes Turnkey web control panel (convenience).
* Regenerates all secrets during installation / firstboot (security).
* Major component versions:
samba 3.0.28a-1ubuntu4.8
cupsys 1.3.7-1ubuntu3.5
cups-pdf 2.4.6-4ubuntu2
lighttpd 1.4.19-0ubuntu3.1
* Note: Please refer to turnkey-core's changelog for changes common to all
appliances. Here we only describe changes specific to this appliance.
-- Alon Swartz <alon@turnkeylinux.org> Tue, 29 Sep 2009 15:39:41 +0200