You are here
New TurnKey Drupal 10 version (18.0)
Changes:
- New Drupal10 appliance, based on Drupal9. Includes Drupal 10.1.4.
- All other changes below relate to since most recent Drupal9 release.
- Improved turnkey-drush wrapper/helper script.
- drupal-console no longer included (not compatible with drupal10).
- Fix drush-mail-securityupdates cron job - closes #1748. (Bug inherrited from drupal9).
- Special thanks to UncleDan (Daniele Lolli - https://github.com/UncleDan) for starting work on this (and many other appliances).
- Include and enable mod_evasive and mod_security2 by default in Apache.
[ Stefan Davis
] - Debian default PHP updated to v8.2.
- Use MariaDB (MySQL replacement) v10.11.3 (from debian repos).
- Install composer from Debian repos (previously installed from source)
[ Stefan Davis
] - Upgraded base distribution to Debian 12.x/Bookworm.
- Configuration console (confconsole):
- Support for DNS-01 Let's Encrypt challenges.
[ Oleh Dmytrychenko
github: @NitrogenUA ] - Support for getting Let's Encrypt cert via IPv6 - closes #1785.
- Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi).
- Show error message rather than stacktrace when window resized to
incompatable resolution - closes #1609.
[ Stefan Davis
] - Bugfix exception when quitting configuration of mail relay.
[ Oleh Dmytrychenko
github: @NitrogenUA ] - Improve code quality: implement typing, fstrings and make (mostly) PEP8
compliant.
[Stefan Davis
& Jeremy Davis
- Support for DNS-01 Let's Encrypt challenges.
[ Oleh Dmytrychenko
- Firstboot Initialization (inithooks):
- Refactor start up (now hooks into getty process, rather than having it's
own service).
[ Stefan Davis
] - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks.
- Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl.
- Refactor run script - use bashisms and general tidying.
- Show blacklisted password characters more nicely.
- Misc packaging changes/improvements.
- Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB).
- Refactor start up (now hooks into getty process, rather than having it's
own service).
[ Stefan Davis
- Web management console (webmin):
- Upgraded webmin to v2.0.21.
- Removed stunnel reverse proxy (Webmin hosted directly now).
- Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem).
- Disabled Webmin Let's Encrypt (for now).
- Web shell (shellinabox):
- Completely removed in v18.0 (Webmin now has a proper interactive shell).
- Backup (tklbam):
- Ported dependencies to Debian Bookworm; otherwise unchanged.
- Security hardening & improvements:
- Generate and use new TurnKey Bookworm keys.
- Automate (and require) default pinning for packages from Debian backports. Also support non-free backports.
- IPv6 support:
- Adminer (only on LAMP based apps) listen on IPv6.
- Nginx/NodeJS (NodeJS based apps only) listen on IPv6.
- Misc bugfixes & feature implementations:
- Remove rsyslog package (systemd journal now all that's needed).
- Include zstd compression support.
- Enable new non-free-firmware apt repo by default.
- Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps).
Links
New TurnKey Bagisto version (18.0)
Changes:
- Update Bagisto to latest upstream stable - v1.5.1.
- Include and enable mod_evasive and mod_security2 by default in Apache.
[ Stefan Davis
] - Debian default PHP updated to v8.2.
- Use MariaDB (MySQL replacement) v10.11.3 (from debian repos).
- Improvments to 'turnkey-artisan' wrapper/helper script.
[ Stefan Davis
] - Install composer from Debian repos (previously installed from source)
[ Stefan Davis
] - Upgraded base distribution to Debian 12.x/Bookworm.
- Configuration console (confconsole):
- Support for DNS-01 Let's Encrypt challenges.
[ Oleh Dmytrychenko
github: @NitrogenUA ] - Support for getting Let's Encrypt cert via IPv6 - closes #1785.
- Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi).
- Show error message rather than stacktrace when window resized to
incompatable resolution - closes #1609.
[ Stefan Davis
] - Bugfix exception when quitting configuration of mail relay.
[ Oleh Dmytrychenko
github: @NitrogenUA ] - Improve code quality: implement typing, fstrings and make (mostly) PEP8
compliant.
[Stefan Davis
& Jeremy Davis
- Support for DNS-01 Let's Encrypt challenges.
[ Oleh Dmytrychenko
- Firstboot Initialization (inithooks):
- Refactor start up (now hooks into getty process, rather than having it's
own service).
[ Stefan Davis
] - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks.
- Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl.
- Refactor run script - use bashisms and general tidying.
- Show blacklisted password characters more nicely.
- Misc packaging changes/improvements.
- Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB).
- Refactor start up (now hooks into getty process, rather than having it's
own service).
[ Stefan Davis
- Web management console (webmin):
- Upgraded webmin to v2.0.21.
- Removed stunnel reverse proxy (Webmin hosted directly now).
- Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem).
- Disabled Webmin Let's Encrypt (for now).
- Web shell (shellinabox):
- Completely removed in v18.0 (Webmin now has a proper interactive shell).
- Backup (tklbam):
- Ported dependencies to Debian Bookworm; otherwise unchanged.
- Security hardening & improvements:
- Generate and use new TurnKey Bookworm keys.
- Automate (and require) default pinning for packages from Debian backports. Also support non-free backports.
- IPv6 support:
- Adminer (only on LAMP based apps) listen on IPv6.
- Nginx/NodeJS (NodeJS based apps only) listen on IPv6.
- Misc bugfixes & feature implementations:
- Remove rsyslog package (systemd journal now all that's needed).
- Include zstd compression support.
- Enable new non-free-firmware apt repo by default.
- Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps).
Links
New TurnKey TKLDev version (18.0)
Changes:
- Upgraded base distribution to Debian 12.x/Bookworm.
- Configuration console (confconsole):
- Support for DNS-01 Let's Encrypt challenges.
[ Oleh Dmytrychenko
github: @NitrogenUA ] - Support for getting Let's Encrypt cert via IPv6 - closes #1785.
- Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi).
- Show error message rather than stacktrace when window resized to
incompatable resolution - closes #1609.
[ Stefan Davis
] - Bugfix exception when quitting configuration of mail relay.
[ Oleh Dmytrychenko
github: @NitrogenUA ] - Improve code quality: implement typing, fstrings and make (mostly) PEP8
compliant.
[Stefan Davis
& Jeremy Davis
- Support for DNS-01 Let's Encrypt challenges.
[ Oleh Dmytrychenko
- Firstboot Initialization (inithooks):
- Refactor start up (now hooks into getty process, rather than having it's
own service).
[ Stefan Davis
] - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks.
- Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl.
- Refactor run script - use bashisms and general tidying.
- Show blacklisted password characters more nicely.
- Misc packaging changes/improvements.
- Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB).
- Refactor start up (now hooks into getty process, rather than having it's
own service).
[ Stefan Davis
- Web management console (webmin):
- Upgraded webmin to v2.0.21.
- Removed stunnel reverse proxy (Webmin hosted directly now).
- Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem).
- Disabled Webmin Let's Encrypt (for now).
- Web shell (shellinabox):
- Completely removed in v18.0 (Webmin now has a proper interactive shell).
- Backup (tklbam):
- Ported dependencies to Debian Bookworm; otherwise unchanged.
- Security hardening & improvements:
- Generate and use new TurnKey Bookworm keys.
- Automate (and require) default pinning for packages from Debian backports. Also support non-free backports.
- IPv6 support:
- Adminer (only on LAMP based apps) listen on IPv6.
- Nginx/NodeJS (NodeJS based apps only) listen on IPv6.
- Misc bugfixes & feature implementations:
- Remove rsyslog package (systemd journal now all that's needed).
- Include zstd compression support.
- Enable new non-free-firmware apt repo by default.
- Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps).
- TKLDev specific updates/tweaks below:
- fab:
- Improve typing and implemnt fstrings.
- Improved code styling (mostly PEP8 compliant now).
- Support debug logging via '-d|--debug' switch.
[ Stefan Davis
& Jeremy Davis ] - Ensure that pool doesn't choke on invalid versions generated from git tags.
- Default pool-info to use '--registered' - closes #1699.
[ Stefan Davis
] - Properly handle branch names that include a slash ('/') - closes #1761.
[ Stefan Davis
]
- autoversion:
- Typing and code style updates/improvements (mostly PEP8 compliant now).
- Now defaults to 'autoversion HEAD' if no args given.
- support for debian style branch/tag names (i.e. owner/branch or owner/tag - e.g. debian/dev or debian/2.1.4).
- bootstrap:
- Update to streamline build process - add install target to install
bootstrap into tkldev.
[ Stefan Davis
] - add lsb_release as bootstrap dependency.
[ Stefan Davis
]
- Update to streamline build process - add install target to install
bootstrap into tkldev.
[ Stefan Davis
- misc:
- Require RELEASE to be set (rather than CODENAME). Falls back to current host if not set (eases transition).
- Include tkldev-changelog, fab-rewind & fab-investigate scripts in TKLDev by default.
- Support setting NODE_VER / RBY_VER (NodeJS / Ruby versions respectively) from Makefile (only applies to apps that include NodeJS/Ruby).