turnkey-nextcloud-18.1 (1) turnkey; urgency=low

  * Update Nextcloud to latest upstream version - v29.0.4.

  * Update Nextcloud specific inithook to manage password setting better -
    closes #1898 & #1901.

  * Improve turnkey-occ script.

  * Override some systemd service hardening in containers that include redis.

  * v18.1 rebuild - includes latest Debian & TurnKey packages.

  * Configuration console (confconsole) - v2.1.6:
     - Bugfix broken DNS-01 Let's Encrypt challenge - closes #1876 & #1895.
      Fixed in v2.1.5.
    - Let's Encrypt/Dehydrated - bugfix cron failure - closes #1962.
    - General dehydrated-wrapper code cleanup - now passes shellcheck.

  * Ensure hashfile includes URL to public key - closes #1864.

  * Web management console (webmin):
    - Include webmin-logviewer module by default - closes #1866.
    - Upgraded webmin to v2.105.
    - Replace webmin-shell with webmin-xterm module by default - closes #1904.

  * Reduce log noise by creating ntpsec log dir - closes #1952.

  * Apache mod_evasive config improvements:
    - Bump DOSPageCount from (default) 2 -> 5 - closes #1951.
    - DOSLogDir - use default log dir & fix permissions - closes #1950.
    - Add DOSWhitelist example - commented out.

  * Includes new 'tkl-upgrade-php' helper script - to allow easy update/change
    of PHP version - closes #1892.
    [Marcos Méndez @ POPSOLUTIONS <https://github.com/marcos-mendez>]

  * DEV: Add support for setting max_execution_time & max_input_vars in
    php.ini via appliance Makefile (PHP_MAX_EXECUTION_TIME &
    PHP_MAX_INPUT_VARS).

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Mon, 22 Jul 2024 07:39:49 +0000

turnkey-nextcloud-18.0 (1) turnkey; urgency=low

  * Updated Nextcloud to latest upstream version - 27.1.1

  * Implement turnkey-php wrapper/helper script (included in all apps with
    PHP). Closes #1691. It can be used to run the Nextcloud updater, like
    this::

        turnkey-php nextcloud/updater/updater.phar

  * Improve Nextcloud password setting. Specifically note that password
    requires 10 chars. Also ensure that failed password (when preseeded)
    doesn't make firstboot hang. Note if invalid pass is preseeded, then user
    will need to re-run turnkey-init interactively. Closes #1773 & #1838.

  * Include and enable mod_evasive and mod_security2 by default in Apache.
    [ Stefan Davis <Stefan@turnkeylinux.org> ]

  * Debian default PHP updated to v8.2.

  * Use MariaDB (MySQL replacement) v10.11.3 (from debian repos).

  * Upgraded base distribution to Debian 12.x/Bookworm.

  * Configuration console (confconsole):
    - Support for DNS-01 Let's Encrypt challenges.
      [ Oleh Dmytrychenko <dmytrychenko.oleh@gmail.com> github: @NitrogenUA ]
    - Support for getting Let's Encrypt cert via IPv6 - closes #1785.
    - Refactor network interface code to ensure that it works as expected and
      supports more possible network config (e.g. hotplug interfaces & wifi).
    - Show error message rather than stacktrace when window resized to
      incompatable resolution - closes  #1609.
      [ Stefan Davis <stefan@turnkeylinux.org> ]
    - Bugfix exception when quitting configuration of mail relay.
      [ Oleh Dmytrychenko <dmytrychenko.oleh@gmail.com> github: @NitrogenUA ]
    - Improve code quality: implement typing, fstrings and make (mostly) PEP8
      compliant.
      [Stefan Davis <stefan@turnkeylinux.org> & Jeremy Davis

  * Firstboot Initialization (inithooks):
    - Refactor start up (now hooks into getty process, rather than having it's
      own service).
      [ Stefan Davis <stefan@turnkeylinux.org> ]
    - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname
      is included in dhcp info when set via inithooks.
    - Package turnkey-make-ssl-cert script (from common overlay - now packaged
      as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl.
    - Refactor run script - use bashisms and general tidying.
    - Show blacklisted password characters more nicely.
    - Misc packaging changes/improvements.
    - Support returning output from MySQL - i.e. support 'SELECT'. (Only
      applies to apps that include MySQL/MariaDB).

  * Web management console (webmin):
    - Upgraded webmin to v2.0.21.
    - Removed stunnel reverse proxy (Webmin hosted directly now).
    - Ensure that Webmin uses HTTPS with default cert
      (/etc/ssl/private/cert.pem).
    - Disabled Webmin Let's Encrypt (for now).

  * Web shell (shellinabox):
    - Completely removed in v18.0 (Webmin now has a proper interactive shell).

  * Backup (tklbam):
    - Ported dependencies to Debian Bookworm; otherwise unchanged.

  * Security hardening & improvements:
    - Generate and use new TurnKey Bookworm keys.
    - Automate (and require) default pinning for packages from Debian
      backports. Also support non-free backports.

  * IPv6 support:
    - Adminer (only on LAMP based apps) listen on IPv6.
    - Nginx/NodeJS (NodeJS based apps only) listen on IPv6.

  * Misc bugfixes & feature implementations:
    - Remove rsyslog package (systemd journal now all that's needed).
    - Include zstd compression support.
    - Enable new non-free-firmware apt repo by default.
    - Improve turnkey-artisan so that it works reliably in cron jobs (only
      Laravel based LAMP apps).

 -- Stefan Davis <stefan@turnkeylinux.org>  Fri, 22 Sep 2023 02:54:24 +0000

turnkey-nextcloud-17.2 (1) turnkey; urgency=low

  * Updated Nextcloud to latest upstream version - 26.0.0

  * Includes PHP 8.1 (required by Nextcloud v24+).

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Sun, 26 Mar 2023 22:54:22 +0000

turnkey-nextcloud-17.1 (1) turnkey; urgency=low

  * Updated all Debian packages to latest.
    [ autopatched by buildtasks ]

  * Patched bugfix release. Closes #1734.
    [ autopatched by buildtasks ]

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Fri, 11 Nov 2022 02:15:46 +0000

turnkey-nextcloud-17.0 (1) turnkey; urgency=low

  * Changing nextcloud.py file to use subprocess.run instead of call for 
    password and to check for return code.
    [Mattie Darden <mattie@turnkeylinux.org>]

  * Added php-bcmath package to plan/main file.
    Closes tracker #1767.
    [Mattie Darden <mattie@turnkeylinux.org>]

  * Updated Nextcloud to latest upstream version - 23.0.1. 
    [Zhenya Hvorostian <zhenya@turnkeylinux.org>]

  * Include fail2ban config (security).
    [ The Right Honourable Reverend <https://github.com/trhr> ]

  * Note: Please refer to turnkey-core's 17.0 changelog for changes common to
    all appliances. Here we only describe changes specific to this appliance.

 -- Stefan Davis <stefan@turnkeylinux.org>  Tue, 08 Nov 2022 21:49:27 +0000

turnkey-nextcloud-16.1 (1) turnkey; urgency=low

  * Updated Nextcloud to latest upstream version - 21.0.1.

  * Fix cron job path - closes #1569.

  * Include 'turnkey-occ' wrapper script (for occ command). Runs 'php occ' as
    www-data user.

  * Move Nextcloud data folder outside webroot - /var/www/nextcloud-data -
    closes #1436.

  * Set default permissions more permissively, so that the webUI updater will
    work OOTB - closes #1182.

  * Remove redundant 3rd party sury.org repo - part of #1578.

  * Note: Please refer to turnkey-core's 16.1 changelog for changes common to
    all appliances. Here we only describe changes specific to this appliance.

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Wed, 14 Apr 2021 15:29:51 +1000

turnkey-nextcloud-16.0 (1) turnkey; urgency=low

  * Updated Nextcloud to latest upstream version - 18.0.4.

  * Explcitly disable TLS<1.2 (i.e. SSLv3, TLSv1, TLSv1.1). (v15.x
    TurnKey releases supported TLS 1.2, but could fallback as low as TLSv1).

  * Update SSL/TLS cyphers to provide "Intermediate" browser/client support
    (suitable for "General-purpose servers with a variety of clients,
    recommended for almost all systems"). As provided by Mozilla via
    https://ssl-config.mozilla.org/.

  * Updated all relevant Debian packages to Buster/10 versions; including
    PHP 7.3.

  * Updated version of mysqltuner script - now installed as per upstream
    recommendation.

  * Note: Please refer to turnkey-core's changelog for changes common to all
    appliances. Here we only describe changes specific to this appliance.

 -- Stefan Davis <stefan@turnkeylinux.org>  Tue, 28 Apr 2020 17:31:47 +1000

turnkey-nextcloud-15.2 (1) turnkey; urgency=low

  * Updated Nextcloud to latest upstream version - 16.0.1.

  * Auto-detect latest upstream version (temporarily disabled - additional
    config required).
    [ Stefan Davis ]

  * Updated PHP to 7.2 as required by Nextcloud v16.x (installed via
    deb.suy.org).
    [ Stefan Davis ]

  * Include and configure Redis.
    [ Stefan Davis ]

  * Bump default PHP max memory to 512MB (as recommended by Nextcloud).

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Fri, 07 Jun 2019 11:12:50 +1000

turnkey-nextcloud-15.1 (1) turnkey; urgency=low

  * Upgraded to the latest upstream Nextcloud - v14.0.3.

  * Rebuild to resolve inadvertent removal of mariadb during sec-updates
    - part of #1246.

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Thu, 22 Nov 2018 13:57:10 +1100

turnkey-nextcloud-15.0 (1) turnkey; urgency=low

  * Upgraded to the latest upstream source version (v13.0.4).

  * Install Adminer directly from stretch/main repo

  * Provide "adminer" root-like user for Adminer MySQL access

  * Replace MySQL with MariaDB (drop-in MySQL replacement)

  * Updated version of mysqltuner script

  * Includes PHP7.0 (installed from Debian repos)

  * Updated PHP default settings

  * Remove phpsh (no longer maintained)

  * LibreOffcie-writer removed (part of #1082).
    [ Zhenya Hvorostian  ]

  * Note: Please refer to turnkey-core's changelog for changes common to all
    appliances. Here we only describe changes specific to this appliance.

 -- Vlad Kuzmenko <vlad@turnkeylinux.org>  Fri, 15 Jun 2018 15:29:42 +0200

turnkey-nextcloud-14.2 (1) turnkey; urgency=low

  * Initial release of Nextcloud appliance, forked from ownCloud app.

  * Nextcloud:

    - Installed latest stable version (11.0.3).

    - Installed from upstream zip archive (no Debian packages).

    - Using command-line tool to set up installation

  * Note: Please refer to turnkey-core's changelog for changes common to all
    appliances. Here we only describe changes specific to this appliance.

 -- Tomas Vondra <wondra@volny.cz>  Thu, 04 May 2017 20:55:31 -0700
