TurnKey v15.0 RC1 is LIVE!

UPDATE: Stage 1 of v15.0 stable release is now available. It includes 47 updated appliance ISOs. Stage 2 includes OVA/VM, OpenStack and Xen. Docker and Proxmox/LXC builds published too. Stage 3 includes 35 additional appliances; including info on 3 new v15.0 appliances, plus other notes of interest. All appliances so far released are available in ISO, OVA/VM, OpenStack, Xen, Docker and Proxmox/LXC builds. More to come soon!

It is with great pleasure - and a huge sense of relief - that I announce the release of Core v15.0RC1 and TKLDev v15.0RC1!

As I look back over my shoulder reflecting on the development process of v15.0, I honestly wonder where the time has gone?! With Debian Stretch out now for about 8 months, I had hoped to have this release finished long ago and perhaps even be working on v15.1. But unfortunately, wishes and hopes don't always have much to do with reality!

Whilst I've more or less been in the release development driver seat since v14.0, this release has been my first full development of an TurnKey OS base transition. Alon did most of the initial development work migrating from a Wheezy base to Jessie, for Core and TKLDev v14.0RC1. It taken me a lot more effort that I had anticipated. We've now gone from Debian 8/Jessie (basis of v14.x) to 9/Stretch (basis of v15.x). As I said, it's taken much longer than I might have liked, but we're on the home stretch now (please excuse the pun).

Core and TKLDev

As per the v14.0RC1 release, we're providing both Core and TKLDev as release candidates. This means that you wonderful community members can not only test drive the Core appliance (the base of all other appliances), but you can also test building any of the other appliances in the library via TKLDev.

There is a tutorial in the docs on how to build ISOs with TKLDev. I wrote that tutorial some time ago (for the v14.0RC1 release) but it has had a couple of minor updates and should still be relevant for v15.0. If you find any issues and can fix them, please feel free to edit it (the website docs are a wiki and all logged in users should be able to edit them). If you hit any other snags along the way and aren't sure how to resolve or workaround them, please let us know in the comments below, or start a new thread in the forums.

There are still a couple of appliances that need their buildcode updated, but most are ready to go for v15.0. Usually the best way to check is have a quick peek at the changelog. If the first line looks something like this (WordPress changelog):

turnkey-wordpress-15.0 (1) turnkey; urgency=low

Then you should be good to go. If it still has 14.2 in the title, then it most likely hasn't been completed yet. Having said that, it may be worth checking for Pull Requests on GitHub. It might just be that I haven't yet merged a pending pull request.

Download the RCs and help us test them

Core (64bit / amd64 build)252MB ISO  ( changeloghash filemanifest )

TKLDev (64bit / amd64 build)301MB ISO  ( changeloghash filemanifest )

Quick overview of significant changes

I'll do a full outline of the changes when we do the final stable release of v15.0, but here's a bit or an overview:

  • Rebase on Debian Stretch
  • Use of new union filesystem (running live and in TKLDev) OverlayFS - new default in Stretch; v14.x and earlier used auFS
  • Updates for Confconsole; Let's Encrypt module (we also hope to backport these to the Jessie package)
  • Webmin - Update to latest v1.881; new modern default theme: 'Authentic'. Authentic theme uses a few more resources, but looks very sexy!
  • Webshell - now using Debian's package (rather than our own fork)
  • SystemD now default init system on all builds (SysvInit was still used on some v14.x builds)
  • Security - Reproducible TurnKey packages; thanks to Chris Lamb for his efforts there
  • Security hardening - courtesy of long time TurnKey contributor; John Carver, we have some nice hardening tweaks, including security improvements to: postfix, ssh & kernel sysctl variables/options (plus easy way to disable kernel hardening)
  • Inclusion of fail2ban - only an MVP implementation protecting SSH, but it's a start!

  • There is still other stuff on the wishlist that we'd love to include, but at this late stage, we're going to be pushing v15.0 out the door ASAP. It's ready for prime time and the other items will have to wait. Thanks tons for all the work contributed so far. Special mention to long term contributors John Carver and Ken Robinson, plus newer TurnKey team members Chris Lamb, Vlad Kuzmenko and Zhenya Hvorostian, plus the not-so-new Stefan. Big thanks to Alon for all his support, encouragement, patience and understanding. Thanks too to MPTMG for all the new appliances (hopefully we'll add some more real soon!) and Mitchell Urgero for his ideas and CI scripts (which I plan to implement once v15.0 is done). Deep apologies to anyone I should have mentioned and haven't (please email me and I'll update this post).

    Please help test the release candidates and give us your feedback

    As with previous "point-oh" releases, this is a major OS transition. As such, we need plenty of testing! We've already done a fair bit of testing in house, but the more the merrier! So hopefully you get a chance to give the RCs a test drive. We welcome all feedback, especially constructive critique. Please post below, or bugs can be reported directly to the Issue tracker (free GitHub user account required). Look forward to hearing from you! :)


    Jeremy Davis's picture

    I was a bit overzealous when cleaning up spam today and accidentally deleted a legitimate guest comment. Here it is reposted:

    As a comparative novice, thought I would give this a try by testing the LAMP VM.

    Followed the instructions and created a VM on ESXi but "make" command gives an error. Googled the error and found I needed to run *"tkldev-setup"*. So it does not seem to be setting up automatically.

    Make has now completed and the resultant LAMP iso has installed without error.
    Jeremy Davis's picture

    Thanks for testing it out and posting back.

    It should automatically set itself up on firstboot. If it doesn't have an internet connection, that can sometimes cause the issue.

    But thanks so much for reporting. I'll definitely double check and see if there is anything we can do to improve things.

    Jeremy Davis's picture

    As you would have seen by now, I've responded to the bug report you've added to our tracker. Thanks so much for testing it out and providing your feedback. It's really appreciated! :)

    nathan Kenady's picture

    It is Jeremy.

    Thank you too!!


    Add new comment