turnkey-domain-controller-18.0 (1) turnkey; urgency=low * Include some "getting started" docs on the landing page (tklweb-cp) - closes #1810. [Jeremy Davis ] * Support Domain Controller with 'dc1' name, joining an existing domain - so long as it doesn't already exist (checked via DNS) - untracked bug. [Jeremy Davis ] * Ensure hashfile includes URL to public key - closes #1864. * Include webmin-logviewer module by default - closes #1866. * Upgraded base distribution to Debian 12.x/Bookworm. * Configuration console (confconsole) - v2.1.6: - Support for DNS-01 Let's Encrypt challenges. [ Oleh Dmytrychenko github: @NitrogenUA ] - Support for getting Let's Encrypt cert via IPv6 - closes #1785. - Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi). - Show error message rather than stacktrace when window resized to incompatable resolution - closes #1609. [ Stefan Davis ] - Bugfix exception when quitting configuration of mail relay. [ Oleh Dmytrychenko github: @NitrogenUA ] - Improve code quality: implement typing, fstrings and make (mostly) PEP8 compliant. [Stefan Davis & Jeremy Davis - General dehydrated-wrapper code cleanup - now passes shellcheck. * Firstboot Initialization (inithooks): - Refactor start up (now hooks into getty process, rather than having it's own service). [ Stefan Davis ] - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks. - Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl. - Refactor run script - use bashisms and general tidying. - Show blacklisted password characters more nicely. - Misc packaging changes/improvements. - Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB). * Web management console (webmin): - Upgraded webmin to v2.105. - Replace webmin-shell with webmin-xterm module by default - closes #1904. - Include webmin-logviewer module by default - closes #1866. - Removed stunnel reverse proxy (Webmin hosted directly now). - Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem). - Disabled Webmin Let's Encrypt (for now). * Web shell (shellinabox): - Completely removed in v18.0 (Webmin now has a proper interactive shell). * Backup (tklbam): - Ported dependencies to Debian Bookworm; otherwise unchanged. * Security hardening & improvements: - Generate and use new TurnKey Bookworm keys. - Automate (and require) default pinning for packages from Debian backports. Also support non-free backports. * IPv6 support: - Adminer (only on LAMP based apps) listen on IPv6. - Nginx/NodeJS (NodeJS based apps only) listen on IPv6. * Misc bugfixes & feature implementations: - Remove rsyslog package (systemd journal now all that's needed). - Include zstd compression support. - Enable new non-free-firmware apt repo by default. - Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps). * Reduce log noise by creating ntpsec log dir - closes #1952. -- Jeremy Davis Fri, 05 Jul 2024 11:19:03 +0000 turnkey-domain-controller-17.1 (1) turnkey; urgency=low * Updated all Debian packages to latest. [ autopatched by buildtasks ] * Patched bugfix release. Closes #1734. [ autopatched by buildtasks ] -- Jeremy Davis Thu, 30 Mar 2023 00:37:16 +0000 turnkey-domain-controller-17.0 (1) turnkey; urgency=low * Install Samba v4.17.3 from Bullseye backports - supports latest Win11 joining domain. Samba pinned to backports for easier maintence. * Add support for setting admin username when joining domain - closes #1671. * Allow dash in realm - closes #1670. * Disable systemd-resolved.service in LXC builds - closes #1766. * Update inithook for libinithook refactoring in v17.x. * Note: Please refer to turnkey-core's 17.0 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Mon, 20 Feb 2023 03:28:24 +0000 turnkey-domain-controller-16.2 (1) turnkey; urgency=low * Rebuild on latest Debian Buster. * Adjust service name that Webmin "Start/Stop/Restart Samba" buttons use. Closes #1618. -- Jeremy Davis Thu, 22 Jul 2021 14:15:47 +1000 turnkey-domain-controller-16.1 (1) turnkey; urgency=low * Refactor of Domain Controller specific inithook (domain-controller.py) to make 'join' functionality work. * Rebuild on latest Debian Buster. * Note: Please refer to turnkey-core's 16.1 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Mon, 17 May 2021 15:58:41 +1000 turnkey-domain-controller-16.0 (1) turnkey; urgency=low * Update packages to latest Debian Buster versions; including Samba v4.9.5. * Major rewrite of python inithook amd removal of old bash inithook scripts. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Fri, 16 Oct 2020 15:55:43 +1100 turnkey-domain-controller-15.0 (1) turnkey; urgency=low * Initialization (specific to domain-controller - via inithooks): - support joining existing AD domain (closes #790) - separate out commandline usage into bash scripts (commands were previously run direct from python) - don't acccept parentheses in Samba admin password (closes #861) * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Vlad Kuzmenko Tue, 26 Jun 2018 00:30:42 +0200 turnkey-domain-controller-14.2 (1) turnkey; urgency=low * Updated first boot inithooks to use updated Dialog password prompt * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Ken Robinson Sun, 16 Jul 2017 12:08:19 -0400 turnkey-domain-controller-14.1 (1) turnkey; urgency=low * Add additional required ports to the firewall config [#573] * Fix LigHTTPd bug in 15regen-sllcert [#512]. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance.i -- Jeremy Davis Thu, 18 Feb 2016 15:19:03 +1100 turnkey-domain-controller-14.0 (1) turnkey; urgency=low * Debian Jessie package version of Samba4. * Configured as Active Directory Domain Controller. * AjaXplorer/fileserver functionality removed. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Thu, 10 Sept 2015 20:50:12 +1000 turnkey-domain-controller-13.0 (1) turnkey; urgency=low * Latest Debian Wheezy package version of Samba. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Thu, 10 Oct 2013 17:44:56 +0300 turnkey-domain-controller-12.1 (1) turnkey; urgency=low * AjaXplorer related: - Upgraded to latest version - Removed smb-root-write-fix patch (included in new version). - Added USER_BASE_DRIVER to plugins multi-auth (required in new version). - Force SSL and set locale to en_US.UTF-8. * Upstream source component versions: ajaxplorer 4.2.3 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Sun, 07 Apr 2013 08:00:00 +0200 turnkey-domain-controller-12.0 (1) turnkey; urgency=low * Added web-based file manager (AjaXplorer) - Pre-configured multi-authentication (Local and Samba). - Pre-configured repositories (storage, user home directory). - Set local admin password on firstboot. * Printing via CUPS - Package name transition: cupsys -> cups - Added administrator user to lpadmin group (bugfix). - Pre-configured cups-pdf printer. * Configured automatic unix/smb user/group synchronization in Webmin. * Major component versions ajaxplorer 4.0.4 (upstream archive) samba 2:3.5.6~dfsg-3squeeze8 cups 1.4.4-7+squeeze1 cups-pdf 2.5.0-16 lighttpd 1.4.28-2+squeeze1 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Wed, 01 Aug 2012 08:00:00 +0200 turnkey-domain-controller-11.3 (1) turnkey; urgency=low * Installed security updates. * Enabled etckeeper garbage collection by default. * Upgraded to latest inithooks version (adhoc re-initialization via turnkey-init) -- Alon Swartz Mon, 05 Dec 2011 10:48:44 +0000 turnkey-domain-controller-11.2 (1) turnkey; urgency=low * Installed security updates. * Added HubDNS package and firstboot configuration. -- Alon Swartz Fri, 15 Jul 2011 07:47:08 +0000 turnkey-domain-controller-11.1 (1) turnkey; urgency=low * Set domain and administrator password on firstboot (convenience, security). * Major component versions: samba 2:3.4.7~dfsg-1ubuntu3.2 cupsys 1.4.3-1ubuntu1.3 cups-pdf 2.5.0-12 lighttpd 1.4.26-1.1ubuntu3 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Sun, 19 Dec 2010 15:01:05 +0200 turnkey-domain-controller-2009.10 (2) hardy; urgency=low * Installed all security updates (see manifest for package versions). * Install security updates on firstboot (except when running live). * Trick webmin into not checking for upgrades (managed by apt). * Included latest version of inithooks and updated scripts. * Included wget as per common request. -- Alon Swartz Mon, 29 Mar 2010 09:02:11 +0200 turnkey-domain-controller-2009.10 (1) hardy; urgency=low * Initial public release of TurnKey Domain Controller * SSL support out of the box * Domain controller configurations: - Preconfigured domain: DOMAIN - Preconfigured netbios name: PDC - Includes custom samba-config script to change domain and set administrator password (included as part of installation). - Created administrator account and added to Domain Users and Domain Admins. - Granted Domain Admins full permissions on the domain. - Created smbgroups (smbusers, smbadmins, smbmachines). - Created group mapping for smbusers: Domain Users - Created group mapping for smbadmins: Domain Admins - Configured samba user accounts to synchronize with unix user accounts. - Configured netlogon service: - Limit domain login to Domain Users and Domain Admins. - Logon/home drive mapped to H: - Synchronize time at login with PDC. - Default permissions set owner full permissions, only. - Configured roaming profiles: - Public storage mapped to S: - Default permissions set owner full permissions, everyone read. - Configured printing support: - Setup Point-and-Print (PnP). - Installed PDF printer (drops printed docs to $HOME/PDF). - Configured cupsys web interface to bind to all interfaces and support SSL. - Bugfixed samba-docs (manpage and missing links). - Includes flip to convert text file endings between UNIX and DOS formats. * Includes Turnkey web control panel (convenience). * Regenerates all secrets during installation / firstboot (security). * Major component versions: samba 3.0.28a-1ubuntu4.8 cupsys 1.3.7-1ubuntu3.5 cups-pdf 2.4.6-4ubuntu2 lighttpd 1.4.19-0ubuntu3.1 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Tue, 29 Sep 2009 15:39:41 +0200