New TurnKey Drupal 10 version (18.0)

Changes:

  • New Drupal10 appliance, based on Drupal9. Includes Drupal 10.1.4.
  • All other changes below relate to since most recent Drupal9 release.
  • Improved turnkey-drush wrapper/helper script.
  • drupal-console no longer included (not compatible with drupal10).
  • Fix drush-mail-securityupdates cron job - closes #1748. (Bug inherrited from drupal9).
  • Special thanks to UncleDan (Daniele Lolli - https://github.com/UncleDan) for starting work on this (and many other appliances).
  • Include and enable mod_evasive and mod_security2 by default in Apache. [ Stefan Davis ]
  • Debian default PHP updated to v8.2.
  • Use MariaDB (MySQL replacement) v10.11.3 (from debian repos).
  • Install composer from Debian repos (previously installed from source) [ Stefan Davis ]
  • Upgraded base distribution to Debian 12.x/Bookworm.
  • Configuration console (confconsole):
    • Support for DNS-01 Let's Encrypt challenges. [ Oleh Dmytrychenko github: @NitrogenUA ]
    • Support for getting Let's Encrypt cert via IPv6 - closes #1785.
    • Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi).
    • Show error message rather than stacktrace when window resized to incompatable resolution - closes #1609. [ Stefan Davis ]
    • Bugfix exception when quitting configuration of mail relay. [ Oleh Dmytrychenko github: @NitrogenUA ]
    • Improve code quality: implement typing, fstrings and make (mostly) PEP8 compliant. [Stefan Davis & Jeremy Davis
  • Firstboot Initialization (inithooks):
    • Refactor start up (now hooks into getty process, rather than having it's own service). [ Stefan Davis ]
    • Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks.
    • Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl.
    • Refactor run script - use bashisms and general tidying.
    • Show blacklisted password characters more nicely.
    • Misc packaging changes/improvements.
    • Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB).
  • Web management console (webmin):
    • Upgraded webmin to v2.0.21.
    • Removed stunnel reverse proxy (Webmin hosted directly now).
    • Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem).
    • Disabled Webmin Let's Encrypt (for now).
  • Web shell (shellinabox):
    • Completely removed in v18.0 (Webmin now has a proper interactive shell).
  • Backup (tklbam):
    • Ported dependencies to Debian Bookworm; otherwise unchanged.
  • Security hardening & improvements:
    • Generate and use new TurnKey Bookworm keys.
    • Automate (and require) default pinning for packages from Debian backports. Also support non-free backports.
  • IPv6 support:
    • Adminer (only on LAMP based apps) listen on IPv6.
    • Nginx/NodeJS (NodeJS based apps only) listen on IPv6.
  • Misc bugfixes & feature implementations:
    • Remove rsyslog package (systemd journal now all that's needed).
    • Include zstd compression support.
    • Enable new non-free-firmware apt repo by default.
    • Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps).

Links

New TurnKey Bagisto version (18.0)

Changes:

  • Update Bagisto to latest upstream stable - v1.5.1.
  • Include and enable mod_evasive and mod_security2 by default in Apache. [ Stefan Davis ]
  • Debian default PHP updated to v8.2.
  • Use MariaDB (MySQL replacement) v10.11.3 (from debian repos).
  • Improvments to 'turnkey-artisan' wrapper/helper script. [ Stefan Davis ]
  • Install composer from Debian repos (previously installed from source) [ Stefan Davis ]
  • Upgraded base distribution to Debian 12.x/Bookworm.
  • Configuration console (confconsole):
    • Support for DNS-01 Let's Encrypt challenges. [ Oleh Dmytrychenko github: @NitrogenUA ]
    • Support for getting Let's Encrypt cert via IPv6 - closes #1785.
    • Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi).
    • Show error message rather than stacktrace when window resized to incompatable resolution - closes #1609. [ Stefan Davis ]
    • Bugfix exception when quitting configuration of mail relay. [ Oleh Dmytrychenko github: @NitrogenUA ]
    • Improve code quality: implement typing, fstrings and make (mostly) PEP8 compliant. [Stefan Davis & Jeremy Davis
  • Firstboot Initialization (inithooks):
    • Refactor start up (now hooks into getty process, rather than having it's own service). [ Stefan Davis ]
    • Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks.
    • Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl.
    • Refactor run script - use bashisms and general tidying.
    • Show blacklisted password characters more nicely.
    • Misc packaging changes/improvements.
    • Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB).
  • Web management console (webmin):
    • Upgraded webmin to v2.0.21.
    • Removed stunnel reverse proxy (Webmin hosted directly now).
    • Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem).
    • Disabled Webmin Let's Encrypt (for now).
  • Web shell (shellinabox):
    • Completely removed in v18.0 (Webmin now has a proper interactive shell).
  • Backup (tklbam):
    • Ported dependencies to Debian Bookworm; otherwise unchanged.
  • Security hardening & improvements:
    • Generate and use new TurnKey Bookworm keys.
    • Automate (and require) default pinning for packages from Debian backports. Also support non-free backports.
  • IPv6 support:
    • Adminer (only on LAMP based apps) listen on IPv6.
    • Nginx/NodeJS (NodeJS based apps only) listen on IPv6.
  • Misc bugfixes & feature implementations:
    • Remove rsyslog package (systemd journal now all that's needed).
    • Include zstd compression support.
    • Enable new non-free-firmware apt repo by default.
    • Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps).

Links

New TurnKey TKLDev version (18.0)

Changes:

  • Upgraded base distribution to Debian 12.x/Bookworm.
  • Configuration console (confconsole):
    • Support for DNS-01 Let's Encrypt challenges. [ Oleh Dmytrychenko github: @NitrogenUA ]
    • Support for getting Let's Encrypt cert via IPv6 - closes #1785.
    • Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi).
    • Show error message rather than stacktrace when window resized to incompatable resolution - closes #1609. [ Stefan Davis ]
    • Bugfix exception when quitting configuration of mail relay. [ Oleh Dmytrychenko github: @NitrogenUA ]
    • Improve code quality: implement typing, fstrings and make (mostly) PEP8 compliant. [Stefan Davis & Jeremy Davis
  • Firstboot Initialization (inithooks):
    • Refactor start up (now hooks into getty process, rather than having it's own service). [ Stefan Davis ]
    • Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks.
    • Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl.
    • Refactor run script - use bashisms and general tidying.
    • Show blacklisted password characters more nicely.
    • Misc packaging changes/improvements.
    • Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB).
  • Web management console (webmin):
    • Upgraded webmin to v2.0.21.
    • Removed stunnel reverse proxy (Webmin hosted directly now).
    • Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem).
    • Disabled Webmin Let's Encrypt (for now).
  • Web shell (shellinabox):
    • Completely removed in v18.0 (Webmin now has a proper interactive shell).
  • Backup (tklbam):
    • Ported dependencies to Debian Bookworm; otherwise unchanged.
  • Security hardening & improvements:
    • Generate and use new TurnKey Bookworm keys.
    • Automate (and require) default pinning for packages from Debian backports. Also support non-free backports.
  • IPv6 support:
    • Adminer (only on LAMP based apps) listen on IPv6.
    • Nginx/NodeJS (NodeJS based apps only) listen on IPv6.
  • Misc bugfixes & feature implementations:
    • Remove rsyslog package (systemd journal now all that's needed).
    • Include zstd compression support.
    • Enable new non-free-firmware apt repo by default.
    • Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps).
  • TKLDev specific updates/tweaks below:
  • fab:
    • Improve typing and implemnt fstrings.
    • Improved code styling (mostly PEP8 compliant now).
    • Support debug logging via '-d|--debug' switch. [ Stefan Davis & Jeremy Davis ]
    • Ensure that pool doesn't choke on invalid versions generated from git tags.
    • Default pool-info to use '--registered' - closes #1699. [ Stefan Davis ]
    • Properly handle branch names that include a slash ('/') - closes #1761. [ Stefan Davis ]
  • autoversion:
    • Typing and code style updates/improvements (mostly PEP8 compliant now).
    • Now defaults to 'autoversion HEAD' if no args given.
    • support for debian style branch/tag names (i.e. owner/branch or owner/tag - e.g. debian/dev or debian/2.1.4).
  • bootstrap:
    • Update to streamline build process - add install target to install bootstrap into tkldev. [ Stefan Davis ]
    • add lsb_release as bootstrap dependency. [ Stefan Davis ]
  • misc:
    • Require RELEASE to be set (rather than CODENAME). Falls back to current host if not set (eases transition).
    • Include tkldev-changelog, fab-rewind & fab-investigate scripts in TKLDev by default.
    • Support setting NODE_VER / RBY_VER (NodeJS / Ruby versions respectively) from Makefile (only applies to apps that include NodeJS/Ruby).

Links

Pages