Drum roll please... May I proudly introduce: The TurnKey Linux v14.0 release!
A long time coming...
Wow is it mid September already!? What has happened to the year?!
To be honest I had expected that the TurnKey v14.0 release would have been finished months ago. But after witnessing first hand how much effort a release takes; I really wonder how Alon managed past releases mostly solo?! It has been a steep learning curve but I have been lucky to have Alon and Liraz supporting, guiding and nudging me in the right direction all along the way. Thanks tons guys! :)
Biggest Community effort to date!
TurnKey has always aimed to be a community production. And we have certainly had some awesome community contributions over the years. But never has a TurnKey release been touched by the hands of so many contributors.
Not only has the community provided some new appliances; but also helped drive feature development and implementation. When we also factor in all the bug reports, feature requests and other community input there are more than a hundred contributors! So congratulations to all of you wonderful and generous TurnKey community people! Backslapping all round! :)
These people especially deserve a mention (if you think your name should be here and I missed it; please accept my deep apologies and email me so I can fix it!).
|Ken Robinson (@DocCyblade) | TKL)||John Carver (@Dude4Linux) | TKL)|
|Landis Arnold (@l-arnold) | TKL)||Tim Hibberd (@OnePressTech)|
|Anton Pyrogovskyi (@qrntz)||Stefan Davis (@OnGle)|
|Jonathan Struebel (@jstruebel)||Jeroen Peters (@jeroenpeters1986)|
|Alfonso Valdes (@ponchov)||Vinitha Cejo John (@vinithacejo)|
|Peter Liven (@plieven) | KAMP.de)||Oleksiy Avramenko (@AlexAv | EspoCRM)|
|Lloyd Ernst (CloudStaff CEO)||Adrian Del Rosario (CloudStaff)|
|Bryan Santos (CloudStaff Manager)||Rodolfo Lansangan (CloudStaff)|
|Justin Ashley (CloudStaff)||Mark Krueg (@markkrueg)|
|Richard van Dijk (@richard-vd)||Rob Fantini (TKL)|
|Kevin Destrem (@kefniark)||pee (TKL)|
Adminer (replaces PHPMyAdmin & PHPPgAdmin)
Troubles forcing the Debian Jessie version of PHPMyAdmin to stay bound to port 12322 (without hardcoding a full URL) lead me to consider Adminer (as suggested on the tracker). Following some testing we decided to go for it. No sooner had the decision been made; community superstar Ken Robinson (@DocCyblade | TKL) swung into action and took the project on!
Hardened default SSL/TLS settings
After the SSL troubles of the last year or so, default webserver settings have been slowly getting better. However nowhere near good enough for community powerhouse John Carver (@Dude4Linux | TKL). John took it upon himself to drive the hardening of default TurnKey webserver SSL settings (technically TLS settings as all versions of SSL are now disabled).
The result is that now TurnKey appliances have Webmin and Webshell hidden behind stunnel (TLS only) and the 3 webservers we use across appliances (Apache, LigHTTPd & Nginx) are all configured to use consistent hardened TLS cipher suite and settings. Tomcat too has hardened TLS settings for v14.0.
Security & System Alerts
For a long time TurnKey appliances have been auto installing security updates. But have you ever wondered what has been updated and when? Well wonder no more! TurnKey appliances will now alert you via email when updates have been installed. This should make questions of "am I vulnerable to such-and-such?" much easier to answer.
TurnKey v14.0 appliances also include a minimalist monitoring system (Monit) which also alerts via email when RAM, CPU and/or HDD limits are hit (75%, 90% & 90% respectively). The email address for all these features can be set at firstboot. As a bonus you will also be automatically subscribed to TurnKey's "Security and News Alerts" email list. This is a very low traffic e-newletter which will only email you with important security and/or news announcements. You can unsubscribe at any time if you'd rather not.
We have lost a few appliances since last release. Some upstream software has been abandoned, some is broken and others have changed their licence (so no longer open source). That's always a pity, but let's focus on the positives!
So not only has John got a passion for security; he also has an interest in automation and orchestration. So he developed the Ansible appliance. According to the words on the box:
Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.
EspoCRM is light-weight CRM platform targeted at small to medium business. It provides plenty of features with a clean responsive design. Thanks to Alex (Oleksiy Avramenko | @AlexAv) from EspoCRM (upstream) for doing most of the work.
The Foodsoft appliance has been a long time coming. Despite only just being officially released, the Foodsoft code has been avaialble for some time now. Development of the appliance build code (by @wvengen - also the upstream Foodsoft dev) motivated Liraz to rewrite the TKLDev docs! @wvengen has also contributed to the Rails appliance code (the base on which Foodsoft is built).
Laravel is a PHP framework with the tagline of "The PHP Framework For Web Artisans". TBH I've never used it but I'v heard great things and I must say it looks pretty sexy! Arguably a product of the "php renaissance".
Some time ago Kevin Destrem (@kefniark) developed a Laravel appliance. Unfortunately it is only seeing the light of day now. We couldn't get in touch with Kevin so Anton (Pyrogovskyi - @qrntz) updated it to the current version of Laravel for a v14.0 release.
SuiteCRM is a CRM suite forked from SugarCRM provided with additional modules. A question from Bill Goodall prompted me to have a quick look at SuiteCRM, by the time I had worked out the build code would be almost identical to SugarCRM, TurnKey had a new appliance! :)
Drupal8 (beta) & Joomla3
Whilst generally TurnKey only includes stable (non-beta) software we decided to make an exception for Drupal8. Drupal 8 has been in development for some time now and is slated for a stable release later this year. The Drupal7 appliance (which utilises drush) has been very popular with developers and now that the Drupal8 API should be essentially stable; we thought perhaps our dev users may find a TurnKey Druapl8 appliance useful? Let's see! :)
The new Joomla appliance is a fork of the previous Joomla2.5 appliance. Whilst it is technically a new appliance it is more of an update. The only significant difference is that it will track the 3.x branch of Joomla. As previously, the Joomla appliance includes the latest stable release. Once Joomla 4.x is in beta, we may also consider releasing an additional Joomla beta appliance. But that will be some time away...
There a few limitations of this release.
- Release build formats - currently there are only ISO downloads and Hub deployments available. The other builds are coming but we need to make some tweaks.
- 64 bit only - as mentioned in the v14.0 RC1 announcement
- Web browser considerations - due to SSL/TLS hardening, Windows XP users will need to use either Firefox or Chrome to visit HTTPS on TurnKey appliances. Other Windows users will need at least IE9 (or Firefox or Chrome).
- Hub: EBS deployments only - due to technical limitations v14.0 appliances are only available for EBS backed instances. So unfortunately Budget plan users won't yet be able to launch v14.0 (with the exception of micro servers). We will be looking into a workaround at some point in the future. If you are affected by this and need v14.0 appliances in larger sizes please contact us direct (try me on jeremy AT turnkeylinux.org) and we can investigate workaround options.
Still work to do...
As mentioned above there is still work to do before I can legitimately say that the release is finished. Even then, there will no doubt be bugs reported, features requested and support required. And by then I'll probably need to start thinking about v14.1... Oh well, onwards and upwards! :)
Remember that all contributions are warmly welcome. Bugs and feature requests go on our issue tracker. Questions and support go in our support forum. Other content (e.g. tutorials, ideas, general discussions) can go in our "general" forum. And last but definitely not least; devs and coders please have a look at TKLDev and/or the existing appliance build code and/or other TurnKey software. Hope to see you soon! :)