Guillaume Vincent
ecddb4f29e
Apply black
3 jaren geleden
Bianca Rosa
68625c8455
Add backend code for encrypting passworld profiles
closes #580
3 jaren geleden
Guillaume Vincent
3168380ff0
edit hsts configuration
The header must contain the `includeSubDomains` directive.
The header must contain the `preload` directive.
3 jaren geleden
Guillaume Vincent
cfed362a77
Use less restrictive TLS configuration
Until the day TLS 1.3 becomes widely supported, web servers must rely on a fallback to TLS 1.2 with correctly configured server directives and strong cipher suites.
* https://www.cloudinsidr.com/content/tls-1-3-and-tls-1-2-cipher-suites-demystified-how-to-pick-your-ciphers-wisely/
* (fr) https://www.ssi.gouv.fr/guide/recommandations-de-securite-relatives-a-tls/
* https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.1.1d&guideline=5.6
3 jaren geleden
Peter Dave Hello
071c3934d4
Fix a few places with wrong indentation ( #578 )
3 jaren geleden
Peter Dave Hello
96af69af3b
Ensure final newline char in text files, following .editorconfig ( #575 )
3 jaren geleden
Peter Dave Hello
7ce7be6451
Remove trailing spaces in text files, following .editorconfig ( #573 )
3 jaren geleden
Guillaume Vincent
4bb32d9664
Use modern ssl configuration and fix HSTS
3 jaren geleden
Peter Dave Hello
0a824a9748
Minimize Apache ServerTokens for lesspass-site, cc #568 ( #571 )
3 jaren geleden
Peter Dave Hello
2a7c018dc9
Enable Apache OCSP stapling ( #569 )
This will speed up the website loading, and make the website more
reliable to the users when the client fails to connect to the CA for an
OCSP response.
Reference:
- https://en.wikipedia.org/wiki/OCSP_stapling
4 jaren geleden
Peter Dave Hello
cc7bac7c9b
Enable Apache HTTP/2 for better performance ( #570 )
4 jaren geleden
Guillaume Vincent
b7047be7bf
Remove blog from main repo and fix links
4 jaren geleden
John Steel
4c703e69ae
Container SSL README.md changed to create_ca_and_ee.sh ( #559 )
* Rename README.md
README.md wasn't actually a readme but an example for how
to make a simple pki.
* Updating ssl script
+ Adding shebang line (#!/usr/bin/env bash)
+ Adding variables for key type and subject
+ Adding comments
+ Adding openssl verify
4 jaren geleden
Guillaume Vincent
ab3c6969d7
Rebuild containers
4 jaren geleden
Guillaume Vincent
e70c4bdfe1
Fix authentication workflow
* use refresh token to refresh access token if expired
* change access token duration to 15 minutes
* change refresh token validity to 1 week
Fixes: 539
Fixes: 236
4 jaren geleden
Guillaume Vincent
876c0edcc9
Set X-Frame-Options header to deny
4 jaren geleden
Guillaume Vincent
a4fec4b5b7
Fix authentication with old JWT header type
4 jaren geleden
Guillaume Vincent
ee30d0528c
Fix preflight CORS redirect issue
4 jaren geleden
Guillaume Vincent
5d1aa73633
Fix proxy pass for old requests
4 jaren geleden
Guillaume Vincent
c8361afd73
Update Dockerfile
4 jaren geleden
dependabot[bot]
3f10d92a48
Bump django from 3.0.6 to 3.0.7 in /containers/backend ( #531 )
Bumps [django](https://github.com/django/django ) from 3.0.6 to 3.0.7.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/3.0.6...3.0.7 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 jaren geleden
Guillaume Vincent
442cf93b78
Add backward compatible url for auth
4 jaren geleden
Guillaume Vincent
9b35717e4a
Use multistage build for frontend container
4 jaren geleden
Guillaume Vincent
6a246608ca
Remove old self hosted files and add affiliate link in README
4 jaren geleden
Guillaume Vincent
1845f4691a
Minor fixes on CICD
* Remove blog container from container deploy until Dockerfile is present
* Do not stop pushing package after an error
4 jaren geleden
Guillaume Vincent
ef93386f07
Update backend container python modules to the latest versions
4 jaren geleden
Guillaume Vincent
a73daf6a1e
CICD for packages and containers
4 jaren geleden
Guillaume Vincent
fbd7e024ed
Add blog container wip
4 jaren geleden
Guillaume Vincent
e063e38355
wip refactor containers
4 jaren geleden
Guillaume Vincent
451a5d6779
Create release script
5 jaren geleden
Guillaume Vincent
99b0bdbb6f
Add deploy actions
5 jaren geleden
Guillaume Vincent
e488713eff
Start moving site in packages and prepare for netlify
5 jaren geleden
Guillaume Vincent
d969c775e8
Fix ci for the backend
5 jaren geleden
dependabot[bot]
9aa2123416
Bump django from 1.11 to 1.11.23 in /containers/backend ( #458 )
Bumps [django](https://github.com/django/django ) from 1.11 to 1.11.23.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/1.11...1.11.23 )
Signed-off-by: dependabot[bot] <support@github.com>
5 jaren geleden
Guillaume Vincent
167f81aefa
LessPass version 9.0.0
5 jaren geleden
Guillaume Vincent
d87c6fbcfc
Clean node modules and migrate e2e tests to cypress
5 jaren geleden
Guillaume Vincent
d88ed8aca1
Update psycopg2 in backend container
5 jaren geleden
Guillaume Vincent
062e406531
LessPass version 8.1.1
5 jaren geleden
Guillaume Vincent
cbe415f7ee
Clean deploy script
5 jaren geleden
Guillaume Vincent
0e0cfabd9d
Clean and fix broken links on the web site
Fixes: https://github.com/lesspass/lesspass/issues/430
5 jaren geleden
Guillaume Vincent
a8ec9422b2
LessPass version 8.1.0
5 jaren geleden
Daniel Koć
719cb7c40f
Fixing en/de mismatch with LengthDeprecationWarning
5 jaren geleden
Guillaume Vincent
0f345e2996
LessPass version 8.0.2
5 jaren geleden
Guillaume Vincent
a25bfbbc4f
Add CICD for containers
5 jaren geleden
Guillaume Vincent
0881a8d132
Move LessPass web site in containers folder
5 jaren geleden
Guillaume Vincent
407668671c
Improve containers
5 jaren geleden
Guillaume Vincent
fe9ce4f252
Construct container with based images compatible with ARM
Fixes: https://github.com/lesspass/lesspass/issues/371
5 jaren geleden
Guillaume Vincent
fc3ca6b3ba
Fix travis issue
5 jaren geleden
Guillaume Vincent
29156429af
Move from EPEL to SCL and upgrade python to 3.6
5 jaren geleden
Guillaume Vincent
65cdbda022
Add auto push on docker registry
5 jaren geleden