Open Hub
Open Hub

 Settings |  Report Duplicate

6
I Use This!
Moderate Activity

News

Analyzed about 2 hours ago. based on code collected 2 days ago.
New TurnKey SiT! Support Incident Tracker version (15.0)
Posted almost 7 years ago by Alon Swartz
Changes: Install Adminer directly from stretch/main repo Provide "adminer" root-like user for Adminer MySQL access Replace MySQL with MariaDB (drop-in MySQL replacement) Updated version of mysqltuner script Includes PHP5.6 (installed from ... [More] packages.sury.org repos) Updated PHP default settings Remove phpsh (no longer maintained) Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. Links Release meta-files (signature, manifest) [Less]
New TurnKey Mambo version (15.0)
Posted almost 7 years ago by Alon Swartz
Changes: Install Adminer directly from stretch/main repo Provide "adminer" root-like user for Adminer MySQL access Replace MySQL with MariaDB (drop-in MySQL replacement) Updated version of mysqltuner script Includes PHP5.6 (installed from ... [More] packages.sury.org repos) Updated PHP default settings Remove phpsh (no longer maintained) Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. Links Release meta-files (signature, manifest) [Less]
New TurnKey SilverStripe version (15.0)
Posted almost 7 years ago by Alon Swartz
Changes: Install latest stable SilverStripe from upstream (v4.1.1). Install Adminer directly from stretch/main repo Provide "adminer" root-like user for Adminer MySQL access Replace MySQL with MariaDB (drop-in MySQL replacement) Updated version of ... [More] mysqltuner script Includes PHP7.0 (installed from Debian repos) Updated PHP default settings Remove phpsh (no longer maintained) Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. Links Release meta-files (signature, manifest) [Less]
New TurnKey Joomla 3 version (15.0)
Posted almost 7 years ago by Alon Swartz
Changes: Upgraded to the latest upstream version (v3.8.10). Install Adminer directly from stretch/main repo Provide "adminer" root-like user for Adminer MySQL access Replace MySQL with MariaDB (drop-in MySQL replacement) Updated version of ... [More] mysqltuner script Includes PHP7.0 (installed from Debian repos) Updated PHP default settings Remove phpsh (no longer maintained) Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. Links Release meta-files (signature, manifest) [Less]
New TurnKey Core version (15.0)
Posted almost 7 years ago by Alon Swartz
Changes: Upgraded base distribution to Debian 9.4/Stretch. TurnKey Backup and Migration (tklbam): package and dependencies are now reproducible (security) [ Chris Lamb ] backup update fix - new dependency for Stretch; gnupg (closes #962) [ Ken ... [More] Robinson ] restore update fix - ensure patches are applied to tklbam-squid source code (TurnKey squid fork) (closes #970) [ Ken Robinson (troubleshooting) & Chris Lamb (fix) ] Installer (di-live): package is now reproducible (security) [ Chris Lamb ] fix di-live failing to install from live system (closes #1041) [ Stefan Davis ] Live environment (casper): package is now reproducible (security) [ Chris Lamb ] update to support overlayFS (default layering filesystem in stretch) [ Stefan Davis ] Configuration console (confconsole): general: - package is now reproducible (security) [ Chris Lamb ] Networking: - fix for static IP not sticking (since upgrade to stretch base) (closes #952) Let's Encrypt plugin: - install 'dehydrated' (ACME client) from Debian main repo (previously installed from jessie-backports) - significant refatoring of plugin - support for multiple domains (closes #843) - fix for updated ACME ToS; including dynamically discovered latest ToS; inc dialog display of url for current ToS (closes #976) - update dialog and readme for Debian Stretch (closes #1061) [ Stefan Davis ] Firstboot Initialization (inithooks): Updates for headless builds especially LXC/Proxmox & Xen: - include specific inithooks-lxc.service file - initialization SystemD service that works reliably inside an LXC container (and doesn't effect other builds) (closes #1071) - include specific inithooks-xen.service file - initialization SystemD service that works reliably with the Xen console (and doesn't effect other builds) - force non-interactive dpkg-reconfigure of openssh-server (closes #1085) - updated initfence index page to note that webshell not avaialble (closes #1087) - fix edge case bug where turnkey-sudoadmin would incorrectly adjust services.txt (closes #1124) Web management console (webmin): upgraded webmin to v1.881 package is reproducible (no changes required) (security) resolve stretch related install problem (closes #920) [ Ken Robinson ] new default theme, uses upstream default; 'Authentic' (closes #781) TurnKey theme customizations; TurnKey logos, default to show TKLBAM module on login remove webmin-file (java based filemanager) module (closes #965) remove webmin-texteditor module (upstream) include webmin-fail2ban module add convience symlinks to useful Webmin logs (in /var/log/webmin) reconfigure webmin-raid & webmin-lvm modules during build (workaround for #1091) TurnKey AMQ (tklamq) - only applies to Hub builds: python-carrot deprecated, move to dependency on python-kombu Web shell (shellinabox): install v2.20 direct from Debian main repo (no longer maintaining our own fork) (closes #918) version from Debian displays ncurses dialog properly (closes #317) white on black default webshell (aka shellinabox) theme (closes #1060) Security hardening: [ John Carver ] default config mods for: - postfix - ssh - kernel sysctl variables - inc easy option to override (via /etc/sysctl.conf) Optimized builds (buildtasks): VM builds (OVA & VMDK): - include open-vm-tools-dkms & linux-headers-amd64 in base builds (closes #1001) [ Stefan Davis ] Miscellaneous: update to support overlayFS (default layering filesystem in stretch) default to SystemD init system for all builds use traditional network interface names, e.g. 'eth0' (disable stretch default of "Predictable Network Interface Names") 'dpkg-vendor --query Vendor' now returns 'TurnKey` (closes #196) include fail2ban in all appliances (closes #630 & #991) - MVP uses default Debian conf, protects SSH only use http://deb.debian.org as Debian url in sources.list - as recommended by Debian (closes #927) upstream fix for MOTD not being updated dynamically (closes #1024) [ Stefan Davis ] Links Release meta-files (signature, manifest) [Less]
New TurnKey Trac version (15.0)
Posted almost 7 years ago by Alon Swartz
Changes: Latest Debian Stretch package version of Trac and related packages Mercurial (hg) support removed (& remaining Bazaar (bzr) components) (related to #1050) [ Anton Pyrogovskyi Note: Please refer to turnkey-core's changelog for changes ... [More] common to all appliances. Here we only describe changes specific to this appliance. Links Release meta-files (signature, manifest) [Less]
New TurnKey Redmine version (15.0)
Posted almost 7 years ago by Alon Swartz
Changes: Upgraded to latest stable version of Redmine (3.4.6) Install Adminer directly from stretch/main repo Replace MySQL with MariaDB Mercurial (hg) & Bazaar (bzr) support removed (related to #1050) [ Anton Pyrogovskyi Add workaround for ... [More] MariaDB 10.1 Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. Links Release meta-files (signature, manifest) [Less]
v15.0 Stable Release #1 - 47 ISOs including Core, LAMP and WordPress
Posted about 7 years ago by Jeremy Davis
UPDATE: Stage 2 includes OVA/VM, OpenStack and Xen. Docker and Proxmox/LXC builds published too. Stage 3 includes 35 additional appliances; including info on 3 new v15.0 appliances, plus other notes of interest. Stage 4; the 4th and final instalment ... [More] of v15.0, includes the remaining v15.0 appliances, plus a number of bugfixed and updated v15.0 apps - 31 in total. All appliances are available in ISO, OVA/VM, OpenStack, Xen, Docker and Proxmox/LXC builds. I am overjoyed to announce stage 1 of the TurnKey v15.0 stable release is now available. Stage 1 of the TurnKey GNU/Linux v15.0 stable release is finally available for public consumption! Stage 1 includes nearly half the library (47 appliances to be precise), albeit only in ISO format so far. We are busily preparing updated Hub builds, as well as Amazon MarketPlace builds which I hope to announce very soon too. All the other build types (i.e. VM/OVA, OpenStack, Proxmox/LXC, Xen & Docker) will follow soon after. The relevant v15.0 ISOs are all available for download via the "v15.0" links on their respective appliance pages. Updated appliances for this stage include Core LAMP, WordPress, Joomla3, Drupal 7, Drupal 8 [unpublished due to security issue], and more. v15.0 changes worthy of particular note include a new Debian base OS, inclusion of PHP7, MariaDB replaces MySQL, a new Webmin theme, Reproducible Packages and Website upgrades (work in progress), as well as many other tweaks, improvements and upgrades. Read on for details. Alternatively, jump straight to the list of upgraded appliances to jump straight in! :) v15.0 Highlights Based on Debian 9/Stretch As per previous major "point zero" releases of TurnKey, v15.0 is based on the most recent release of Debian. For v15.0, that is Debian 9/Stretch (v14.x was based on Debian 8/Jessie). Most (if not all) pre-installed software should be newer versions and the Debian apt repos are filled with literally thousands of updated packages. PHP 7.0 Possibly one of the most highly anticipated and significant changes for many TurnKey users this release, will be the provision of PHP 7.0. Many users have been asking for it for a while, and it's finally here as the default TurnKey PHP version! :) It's also worth noting, that there are a few appliances which are currently incompatible with PHP7. For those few, we're leveraging Ondřej Surý's third party Debian repo. Ondřej is trusted Debian and Ubuntu developer and a member of the official Debian PHP maintainers. Appliances that utilize Ondřej's PHP packages have (or at least will have) it clearly noted on their relevant appliance page and in the appliance changelog. MySQL replaced with MariaDB Debian have dropped MySQL as the default "MySQL database", in favour of MariaDB. MariaDB is provided as a "drop in MySQL replacement". As of Debian 9/Stretch, installing the "MySQL" Debian package, will actually install MariaDB. As TurnKey is based on Debian, we've followed suit. Whilst we've not changed the name of our MySQL appliance, it should be noted, that it is in fact a MariaDB appliance! Whilst MariaDB is provided as a "drop in replacement" for MySQL, it is important to highlight, that it contains some advanced features which aren't (yet?) available in MySQL. Moving forward, if you continue to use MariaDB on TurnKey (or any other distro for that matter) you should expect no issues. OTOH, if you for some reason decide to move back to MySQL, especially if you are using any of the advanced MariaDB features, then you would be well advised to do your homework and some solid testing first. For a fairly comprehensive list covering compatibility between MariaDB and MySQL, please see this page on the MariaDB site. For features in MariaDB vs MySQL, please see this page. It's also worth noting that as well as the change to MariaDB v10.1 in TurnKey v15.0, MariaDB (and MySQL 5.6 - essentially the basis for MariaDB 10.1) have a quirk. It's a result of the updated default MySQL character encoding format to "utf8mb" ("UTF-8 Multi-Byte" as opposed to "utf8"). Whilst it's a bit of a silly and somewhat misleading name ("utf8" already uses 3 bytes to store each character), the reality is that MySQL's previous "utf8" was itself incorrect and misleading! FWIW MySQL "utf8" character encoding is only a subset of UTF-8, whereas "uft8mb" is the full UFF-8 character set! But why does this matter? The change to the full UTF-8 character set means that MySQL/MariaDB now supports the full range of International/Asian characters, as well as mathematical symbols and emoji. The "utf8" character set has been the default MySQL character encoding for many years now. Problems can occur when app developers work on the assumption that each character requires 3 bytes. MySQL tables generally define how may bytes they will require (rather than how many characters), so a change to the default encoding can cause issues when these assumptions are broken. Details of how we've worked around this in our appliances and how TurnKey users may need to address this as they migrate existing data to v15.0 is beyond the scope of this post. It's a blog post for another day, but I figured well worth noting now. New Webmin Theme When TurnKey first started packaging Webmin (about 10 years ago!), we found the default Webmin theme a little clunky. The 3rd party "StressFree" theme was more to our liking. And we've been packaging the "StressFree" theme amd setting it as default ever since. It's served us well over the years, but as it has not had any serious maintenance for quite a few years now, it was getting a little tired. A quick google lead me to new (at least to me) default Webmin theme; "Authentic". It's quite attractive IMO and very functional. So for this release we have dropped "StressFree" in favour of "Authentic". The new theme provides a responsive layout so will render well on mobile devices (one of the complaints against StressFree). It also provides a handy system resource usage dashboard. It does use a few more resources, so users of lower resource servers may find it a little slow. But we hope that most TurnKey users find the improved look and functionality outweigh any downsides. Those who prefer the lower resource usage of "StressFree", or just prefer it's simplicity will be pleased to hear that "StressFree" is still packaged and can easily be installed via apt. Please see the docs for details. We have it configured it to open by default to the TKLBAM initialization module/page. But that can be easily changed (e.g. to the system resource dashboard). Please see the docs for details of that too. Reproducible Packages For those that are unaware, in recent years, Debian has embarked on a Reproducible Builds initiative. In a nutshell, Debian aims to make all binary packages byte-for-byte reproducible. In other words, you can build the package locally from source and it should EXACTLY match the binary package (of the same version) that you can download via apt. This has massive security benefits, in that users no longer need to trust the package distribution system. Users can verify that the binary package installed on their system is built from the source code available to view on the Debian version control system. This makes Debian an unlikely target for compiler level attacks, such as XcodeGhost (a MacOS/iOS malware distribution system implemented via hacked compiler). Debian note that they do not yet have full coverage, but according to the latest stats they have made significant progress. As I write this, over 94% of the packages in (64 bit) Debian Stretch are reproducible! As security fans, we asked one of the reproducible build experts, and current Debian Project Leader, Chris Lamb to work his reproducible magic on our packages! There are still a couple of packages that haven't had the attention, but most (if not all) of the TurnKey packages installed on TurnKey servers should currently be reproducible. Please feel free to test them out yourself, and if you notice anything amiss (e.g. a package that is not reproducible), please open a new bug on our issue tracker (although perhaps have a quick read of the existing meta issue &/or search first, just in case). For further background reading on Reproducible Builds, please see reproducible-builds.org. Website upgrade (work in progress) As any seasoned TurnKey user should have noticed, the website has had a major refresh with a shiny new responsive theme. Over the last few months, we have been tidying up a few minor flaws and imperfections, but we're almost there. As part of the v15.0 release, I also plan on tidying up the appliance pages a little. Part of that will involve updating the appliance page text itself, but also some of the other components. Many noticed that for v14.2 the changelogs weren't updated. That was due to the backend update semi-automation scripts broke with the update to a newer Drupal version. The scripts have now been updated to work with the current Drupal version we use so should be fully functional again. As such, I aim to get the website changelogs back up to date for the v15.0 release [see update below]. It's also worthy of note that many/most of the screenshots are old and outdated. I hope to fix that too as the release progresses - although it may be a little slower than ideal. [update] v14.2 changelogs have (finally) been uploaded and the v15.0 changelogs for the appliances released so far are now available. Plus much more As noted in the v15.0RC release announcement, there are numerous other updates, changes and fixes that have been applied in v15.0. Some specific to individual appliances, some more general TurnKey tweaks. I had intended to provide more details of them in this blog post but it has already grown much larger than I had intended. So I'll aim to highlight and discuss some of them in the announcements of future stages of the release and/or in their own blog posts. In the meantime, I'll simply restate those previously mentioned (that I haven't already mentioned above): Use of new union filesystem (running live and in TKLDev) OverlayFS - new default in Stretch; v14.x and earlier used auFS Updates for Confconsole; Let's Encrypt module Webmin - Update to latest v1.881 (plus new default theme: 'Authentic' - as noted above) Webshell - now using Debian's package (rather than our own fork) SystemD now default init system on all builds (SysvInit was still used on some v14.x builds) Security hardening - courtesy of long time TurnKey contributor; John Carver, we have some nice hardening tweaks, including security improvements to: postfix, ssh & kernel sysctl variables/options (plus easy way to disable kernel hardening) Inclusion of fail2ban - only an MVP implementation protecting SSH, but it's a start! Please browse the Core changelog for an overview of all library wide changes for v15.0. In the meantime, if you'd like to know more about anything that I've noted or hinted above, or you notice something that I haven't even mentioned, please feel free to post below in the comments, or open a new thread in the forums. Same goes if you have any problems or difficulties. The v15.0 stage 1 appliance ISOs B2evolution CakePHP CodeIgniter Collabtive Concrete5 Core Drupal7 Drupal8 [unpublished due to security issue] e107 EspoCRM Foswiki Gallery GNUsocial Joomla3 LAMPStack LAPPStack LighttpdPHPFastCGIServer LimeSurvey Magento Mahara Mambo Mantis MediaWiki Mibew Mumble MySQL Nextcloud NginxPHPFastCGIServer Observium Omeka OpenLDAP ownCloud phpList PostgreSQL Prestashop ProcessMaker Redmine Revision-control Roundup SilverStripe SiT!SupportIncidentTracker TKLDev Trac WordPress XOOPS ZenCart Zurmo Let us know what you think As per always, we welcome user feedback; back-slapping and constructive criticism alike! So spin them up, give them a go and let us know what you think. Comment below, open a new thread in the forums, or open a new feature request or bug report on our issue tracker (requires free GitHub user account). I hope to hear from you soon! :) Blog Tags:  news development debian community appliances release stable iso v15.x [Less]
v15.0 Stable Release #1 - 47 ISOs including Core, LAMP and WordPress
Posted about 7 years ago by Jeremy Davis
UPDATE: Stage 2 includes OVA/VM, OpenStack and Xen. Docker and Proxmox/LXC builds published too. Stage 3 includes 35 additional appliances; including info on 3 new v15.0 appliances, plus other notes of interest. Stage 4; the 4th and final instalment ... [More] of v15.0, includes the remaining v15.0 appliances, plus a number of bugfixed and updated v15.0 apps - 31 in total. All appliances are available in ISO, OVA/VM, OpenStack, Xen, Docker and Proxmox/LXC builds. I am overjoyed to announce stage 1 of the TurnKey v15.0 stable release is now available. Stage 1 of the TurnKey GNU/Linux v15.0 stable release is finally available for public consumption! Stage 1 includes nearly half the library (47 appliances to be precise), albeit only in ISO format so far. We are busily preparing updated Hub builds, as well as Amazon MarketPlace builds which I hope to announce very soon too. All the other build types (i.e. VM/OVA, OpenStack, Proxmox/LXC, Xen & Docker) will follow soon after. The relevant v15.0 ISOs are all available for download via the "v15.0" links on their respective appliance pages. Updated appliances for this stage include Core LAMP, WordPress, Joomla3, Drupal 7, Drupal 8 [unpublished due to security issue], and more. v15.0 changes worthy of particular note include a new Debian base OS, inclusion of PHP7, MariaDB replaces MySQL, a new Webmin theme, Reproducible Packages and Website upgrades (work in progress), as well as many other tweaks, improvements and upgrades. Read on for details. Alternatively, jump straight to the list of upgraded appliances to jump straight in! :) v15.0 Highlights Based on Debian 9/Stretch As per previous major "point zero" releases of TurnKey, v15.0 is based on the most recent release of Debian. For v15.0, that is Debian 9/Stretch (v14.x was based on Debian 8/Jessie). Most (if not all) pre-installed software should be newer versions and the Debian apt repos are filled with literally thousands of updated packages. PHP 7.0 Possibly one of the most highly anticipated and significant changes for many TurnKey users this release, will be the provision of PHP 7.0. Many users have been asking for it for a while, and it's finally here as the default TurnKey PHP version! :) It's also worth noting, that there are a few appliances which are currently incompatible with PHP7. For those few, we're leveraging Ondřej Surý's third party Debian repo. Ondřej is trusted Debian and Ubuntu developer and a member of the official Debian PHP maintainers. Appliances that utilize Ondřej's PHP packages have (or at least will have) it clearly noted on their relevant appliance page and in the appliance changelog. MySQL replaced with MariaDB Debian have dropped MySQL as the default "MySQL database", in favour of MariaDB. MariaDB is provided as a "drop in MySQL replacement". As of Debian 9/Stretch, installing the "MySQL" Debian package, will actually install MariaDB. As TurnKey is based on Debian, we've followed suit. Whilst we've not changed the name of our MySQL appliance, it should be noted, that it is in fact a MariaDB appliance! Whilst MariaDB is provided as a "drop in replacement" for MySQL, it is important to highlight, that it contains some advanced features which aren't (yet?) available in MySQL. Moving forward, if you continue to use MariaDB on TurnKey (or any other distro for that matter) you should expect no issues. OTOH, if you for some reason decide to move back to MySQL, especially if you are using any of the advanced MariaDB features, then you would be well advised to do your homework and some solid testing first. For a fairly comprehensive list covering compatibility between MariaDB and MySQL, please see this page on the MariaDB site. For features in MariaDB vs MySQL, please see this page. It's also worth noting that as well as the change to MariaDB v10.1 in TurnKey v15.0, MariaDB (and MySQL 5.6 - essentially the basis for MariaDB 10.1) have a quirk. It's a result of the updated default MySQL character encoding format to "utf8mb" ("UTF-8 Multi-Byte" as opposed to "utf8"). Whilst it's a bit of a silly and somewhat misleading name ("utf8" already uses 3 bytes to store each character), the reality is that MySQL's previous "utf8" was itself incorrect and misleading! FWIW MySQL "utf8" character encoding is only a subset of UTF-8, whereas "uft8mb" is the full UFF-8 character set! But why does this matter? The change to the full UTF-8 character set means that MySQL/MariaDB now supports the full range of International/Asian characters, as well as mathematical symbols and emoji. The "utf8" character set has been the default MySQL character encoding for many years now. Problems can occur when app developers work on the assumption that each character requires 3 bytes. MySQL tables generally define how may bytes they will require (rather than how many characters), so a change to the default encoding can cause issues when these assumptions are broken. Details of how we've worked around this in our appliances and how TurnKey users may need to address this as they migrate existing data to v15.0 is beyond the scope of this post. It's a blog post for another day, but I figured well worth noting now. New Webmin Theme When TurnKey first started packaging Webmin (about 10 years ago!), we found the default Webmin theme a little clunky. The 3rd party "StressFree" theme was more to our liking. And we've been packaging the "StressFree" theme amd setting it as default ever since. It's served us well over the years, but as it has not had any serious maintenance for quite a few years now, it was getting a little tired. A quick google lead me to new (at least to me) default Webmin theme; "Authentic". It's quite attractive IMO and very functional. So for this release we have dropped "StressFree" in favour of "Authentic". The new theme provides a responsive layout so will render well on mobile devices (one of the complaints against StressFree). It also provides a handy system resource usage dashboard. It does use a few more resources, so users of lower resource servers may find it a little slow. But we hope that most TurnKey users find the improved look and functionality outweigh any downsides. Those who prefer the lower resource usage of "StressFree", or just prefer it's simplicity will be pleased to hear that "StressFree" is still packaged and can easily be installed via apt. Please see the docs for details. We have it configured it to open by default to the TKLBAM initialization module/page. But that can be easily changed (e.g. to the system resource dashboard). Please see the docs for details of that too. Reproducible Packages For those that are unaware, in recent years, Debian has embarked on a Reproducible Builds initiative. In a nutshell, Debian aims to make all binary packages byte-for-byte reproducible. In other words, you can build the package locally from source and it should EXACTLY match the binary package (of the same version) that you can download via apt. This has massive security benefits, in that users no longer need to trust the package distribution system. Users can verify that the binary package installed on their system is built from the source code available to view on the Debian version control system. This makes Debian an unlikely target for compiler level attacks, such as XcodeGhost (a MacOS/iOS malware distribution system implemented via hacked compiler). Debian note that they do not yet have full coverage, but according to the latest stats they have made significant progress. As I write this, over 94% of the packages in (64 bit) Debian Stretch are reproducible! As security fans, we asked one of the reproducible build experts, and current Debian Project Leader, Chris Lamb to work his reproducible magic on our packages! There are still a couple of packages that haven't had the attention, but most (if not all) of the TurnKey packages installed on TurnKey servers should currently be reproducible. Please feel free to test them out yourself, and if you notice anything amiss (e.g. a package that is not reproducible), please open a new bug on our issue tracker (although perhaps have a quick read of the existing meta issue &/or search first, just in case). For further background reading on Reproducible Builds, please see reproducible-builds.org. Website upgrade (work in progress) As any seasoned TurnKey user should have noticed, the website has had a major refresh with a shiny new responsive theme. Over the last few months, we have been tidying up a few minor flaws and imperfections, but we're almost there. As part of the v15.0 release, I also plan on tidying up the appliance pages a little. Part of that will involve updating the appliance page text itself, but also some of the other components. Many noticed that for v14.2 the changelogs weren't updated. That was due to the backend update semi-automation scripts broke with the update to a newer Drupal version. The scripts have now been updated to work with the current Drupal version we use so should be fully functional again. As such, I aim to get the website changelogs back up to date for the v15.0 release [see update below]. It's also worthy of note that many/most of the screenshots are old and outdated. I hope to fix that too as the release progresses - although it may be a little slower than ideal. [update] v14.2 changelogs have (finally) been uploaded and the v15.0 changelogs for the appliances released so far are now available. Plus much more As noted in the v15.0RC release announcement, there are numerous other updates, changes and fixes that have been applied in v15.0. Some specific to individual appliances, some more general TurnKey tweaks. I had intended to provide more details of them in this blog post but it has already grown much larger than I had intended. So I'll aim to highlight and discuss some of them in the announcements of future stages of the release and/or in their own blog posts. In the meantime, I'll simply restate those previously mentioned (that I haven't already mentioned above): Use of new union filesystem (running live and in TKLDev) OverlayFS - new default in Stretch; v14.x and earlier used auFS Updates for Confconsole; Let's Encrypt module Webmin - Update to latest v1.881 (plus new default theme: 'Authentic' - as noted above) Webshell - now using Debian's package (rather than our own fork) SystemD now default init system on all builds (SysvInit was still used on some v14.x builds) Security hardening - courtesy of long time TurnKey contributor; John Carver, we have some nice hardening tweaks, including security improvements to: postfix, ssh & kernel sysctl variables/options (plus easy way to disable kernel hardening) Inclusion of fail2ban - only an MVP implementation protecting SSH, but it's a start! Please browse the Core changelog for an overview of all library wide changes for v15.0. In the meantime, if you'd like to know more about anything that I've noted or hinted above, or you notice something that I haven't even mentioned, please feel free to post below in the comments, or open a new thread in the forums. Same goes if you have any problems or difficulties. The v15.0 stage 1 appliance ISOs B2evolution CakePHP CodeIgniter Collabtive Concrete5 Core Drupal7 Drupal8 [unpublished due to security issue] e107 EspoCRM Foswiki Gallery GNUsocial Joomla3 LAMPStack LAPPStack LighttpdPHPFastCGIServer LimeSurvey Magento Mahara Mambo Mantis MediaWiki Mibew Mumble MySQL Nextcloud NginxPHPFastCGIServer Observium Omeka OpenLDAP ownCloud phpList PostgreSQL Prestashop ProcessMaker Redmine Revision-control Roundup SilverStripe SiT!SupportIncidentTracker TKLDev Trac WordPress XOOPS ZenCart Zurmo Let us know what you think As per always, we welcome user feedback; back-slapping and constructive criticism alike! So spin them up, give them a go and let us know what you think. Comment below, open a new thread in the forums, or open a new feature request or bug report on our issue tracker (requires free GitHub user account). I hope to hear from you soon! :) Blog Tags:  news development debian community appliances release stable iso [Less]
v15.0 Stable Release #1 - 47 ISOs including Core, LAMP and WordPress
Posted about 7 years ago by Jeremy Davis
UPDATE: Stage 2 includes OVA/VM, OpenStack and Xen. Docker and Proxmox/LXC builds published too. Stage 3 includes 35 additional appliances; including info on 3 new v15.0 appliances, plus other notes of interest. Stage 4; the 4th and final instalment ... [More] of v15.0, includes the remaining v15.0 appliances, plus a number of bugfixed and updated v15.0 apps - 31 in total. All appliances are available in ISO, OVA/VM, OpenStack, Xen, Docker and Proxmox/LXC builds. I am overjoyed to announce stage 1 of the TurnKey v15.0 stable release is now available. Stage 1 of the TurnKey GNU/Linux v15.0 stable release is finally available for public consumption! Stage 1 includes nearly half the library (47 appliances to be precise), albeit only in ISO format so far. We are busily preparing updated Hub builds, as well as Amazon MarketPlace builds which I hope to announce very soon too. All the other build types (i.e. VM/OVA, OpenStack, Proxmox/LXC, Xen & Docker) will follow soon after. The relevant v15.0 ISOs are all available for download via the "v15.0" links on their respective appliance pages. Updated appliances for this stage include Core LAMP, WordPress, Joomla3, Drupal 7, Drupal 8 [unpublished due to security issue], and more. v15.0 changes worthy of particular note include a new Debian base OS, inclusion of PHP7, MariaDB replaces MySQL, a new Webmin theme, Reproducible Packages and Website upgrades (work in progress), as well as many other tweaks, improvements and upgrades. Read on for details. Alternatively, jump straight to the list of upgraded appliances to jump straight in! :) v15.0 Highlights Based on Debian 9/Stretch As per previous major "point zero" releases of TurnKey, v15.0 is based on the most recent release of Debian. For v15.0, that is Debian 9/Stretch (v14.x was based on Debian 8/Jessie). Most (if not all) pre-installed software should be newer versions and the Debian apt repos are filled with literally thousands of updated packages. PHP 7.0 Possibly one of the most highly anticipated and significant changes for many TurnKey users this release, will be the provision of PHP 7.0. Many users have been asking for it for a while, and it's finally here as the default TurnKey PHP version! :) It's also worth noting, that there are a few appliances which are currently incompatible with PHP7. For those few, we're leveraging Ondřej Surý's third party Debian repo. Ondřej is trusted Debian and Ubuntu developer and a member of the official Debian PHP maintainers. Appliances that utilize Ondřej's PHP packages have (or at least will have) it clearly noted on their relevant appliance page and in the appliance changelog. MySQL replaced with MariaDB Debian have dropped MySQL as the default "MySQL database", in favour of MariaDB. MariaDB is provided as a "drop in MySQL replacement". As of Debian 9/Stretch, installing the "MySQL" Debian package, will actually install MariaDB. As TurnKey is based on Debian, we've followed suit. Whilst we've not changed the name of our MySQL appliance, it should be noted, that it is in fact a MariaDB appliance! Whilst MariaDB is provided as a "drop in replacement" for MySQL, it is important to highlight, that it contains some advanced features which aren't (yet?) available in MySQL. Moving forward, if you continue to use MariaDB on TurnKey (or any other distro for that matter) you should expect no issues. OTOH, if you for some reason decide to move back to MySQL, especially if you are using any of the advanced MariaDB features, then you would be well advised to do your homework and some solid testing first. For a fairly comprehensive list covering compatibility between MariaDB and MySQL, please see this page on the MariaDB site. For features in MariaDB vs MySQL, please see this page. It's also worth noting that as well as the change to MariaDB v10.1 in TurnKey v15.0, MariaDB (and MySQL 5.6 - essentially the basis for MariaDB 10.1) have a quirk. It's a result of the updated default MySQL character encoding format to "utf8mb" ("UTF-8 Multi-Byte" as opposed to "utf8"). Whilst it's a bit of a silly and somewhat misleading name ("utf8" already uses 3 bytes to store each character), the reality is that MySQL's previous "utf8" was itself incorrect and misleading! FWIW MySQL "utf8" character encoding is only a subset of UTF-8, whereas "uft8mb" is the full UFF-8 character set! But why does this matter? The change to the full UTF-8 character set means that MySQL/MariaDB now supports the full range of International/Asian characters, as well as mathematical symbols and emoji. The "utf8" character set has been the default MySQL character encoding for many years now. Problems can occur when app developers work on the assumption that each character requires 3 bytes. MySQL tables generally define how may bytes they will require (rather than how many characters), so a change to the default encoding can cause issues when these assumptions are broken. Details of how we've worked around this in our appliances and how TurnKey users may need to address this as they migrate existing data to v15.0 is beyond the scope of this post. It's a blog post for another day, but I figured well worth noting now. New Webmin Theme When TurnKey first started packaging Webmin (about 10 years ago!), we found the default Webmin theme a little clunky. The 3rd party "StressFree" theme was more to our liking. And we've been packaging the "StressFree" theme amd setting it as default ever since. It's served us well over the years, but as it has not had any serious maintenance for quite a few years now, it was getting a little tired. A quick google lead me to new (at least to me) default Webmin theme; "Authentic". It's quite attractive IMO and very functional. So for this release we have dropped "StressFree" in favour of "Authentic". The new theme provides a responsive layout so will render well on mobile devices (one of the complaints against StressFree). It also provides a handy system resource usage dashboard. It does use a few more resources, so users of lower resource servers may find it a little slow. But we hope that most TurnKey users find the improved look and functionality outweigh any downsides. Those who prefer the lower resource usage of "StressFree", or just prefer it's simplicity will be pleased to hear that "StressFree" is still packaged and can easily be installed via apt. Please see the docs for details. We have it configured it to open by default to the TKLBAM initialization module/page. But that can be easily changed (e.g. to the system resource dashboard). Please see the docs for details of that too. Reproducible Packages For those that are unaware, in recent years, Debian has embarked on a Reproducible Builds initiative. In a nutshell, Debian aims to make all binary packages byte-for-byte reproducible. In other words, you can build the package locally from source and it should EXACTLY match the binary package (of the same version) that you can download via apt. This has massive security benefits, in that users no longer need to trust the package distribution system. Users can verify that the binary package installed on their system is built from the source code available to view on the Debian version control system. This makes Debian an unlikely target for compiler level attacks, such as XcodeGhost (a MacOS/iOS malware distribution system implemented via hacked compiler). Debian note that they do not yet have full coverage, but according to the latest stats they have made significant progress. As I write this, over 94% of the packages in (64 bit) Debian Stretch are reproducible! As security fans, we asked one of the reproducible build experts, and current Debian Project Leader, Chris Lamb to work his reproducible magic on our packages! There are still a couple of packages that haven't had the attention, but most (if not all) of the TurnKey packages installed on TurnKey servers should currently be reproducible. Please feel free to test them out yourself, and if you notice anything amiss (e.g. a package that is not reproducible), please open a new bug on our issue tracker (although perhaps have a quick read of the existing meta issue &/or search first, just in case). For further background reading on Reproducible Builds, please see reproducible-builds.org. Website upgrade (work in progress) As any seasoned TurnKey user should have noticed, the website has had a major refresh with a shiny new responsive theme. Over the last few months, we have been tidying up a few minor flaws and imperfections, but we're almost there. As part of the v15.0 release, I also plan on tidying up the appliance pages a little. Part of that will involve updating the appliance page text itself, but also some of the other components. Many noticed that for v14.2 the changelogs weren't updated. That was due to the backend update semi-automation scripts broke with the update to a newer Drupal version. The scripts have now been updated to work with the current Drupal version we use so should be fully functional again. As such, I aim to get the website changelogs back up to date for the v15.0 release [see update below]. It's also worthy of note that many/most of the screenshots are old and outdated. I hope to fix that too as the release progresses - although it may be a little slower than ideal. [update] v14.2 changelogs have (finally) been uploaded and the v15.0 changelogs for the appliances released so far are now available. Plus much more As noted in the v15.0RC release announcement, there are numerous other updates, changes and fixes that have been applied in v15.0. Some specific to individual appliances, some more general TurnKey tweaks. I had intended to provide more details of them in this blog post but it has already grown much larger than I had intended. So I'll aim to highlight and discuss some of them in the announcements of future stages of the release and/or in their own blog posts. In the meantime, I'll simply restate those previously mentioned (that I haven't already mentioned above): Use of new union filesystem (running live and in TKLDev) OverlayFS - new default in Stretch; v14.x and earlier used auFS Updates for Confconsole; Let's Encrypt module Webmin - Update to latest v1.881 (plus new default theme: 'Authentic' - as noted above) Webshell - now using Debian's package (rather than our own fork) SystemD now default init system on all builds (SysvInit was still used on some v14.x builds) Security hardening - courtesy of long time TurnKey contributor; John Carver, we have some nice hardening tweaks, including security improvements to: postfix, ssh & kernel sysctl variables/options (plus easy way to disable kernel hardening) Inclusion of fail2ban - only an MVP implementation protecting SSH, but it's a start! Please browse the Core changelog for an overview of all library wide changes for v15.0. In the meantime, if you'd like to know more about anything that I've noted or hinted above, or you notice something that I haven't even mentioned, please feel free to post below in the comments, or open a new thread in the forums. Same goes if you have any problems or difficulties. The v15.0 stage 1 appliance ISOs B2evolution CakePHP CodeIgniter Collabtive Concrete5 Core Drupal7 Drupal8 [unpublished due to security issue] e107 EspoCRM Foswiki Gallery GNUsocial Joomla3 LAMPStack LAPPStack LighttpdPHPFastCGIServer LimeSurvey Magento Mahara Mambo Mantis MediaWiki Mibew Mumble MySQL Nextcloud NginxPHPFastCGIServer Observium Omeka OpenLDAP ownCloud phpList PostgreSQL Prestashop ProcessMaker Redmine Revision-control Roundup SilverStripe SiT!SupportIncidentTracker TKLDev Trac WordPress XOOPS ZenCart Zurmo Let us know what you think As per always, we welcome user feedback; back-slapping and constructive criticism alike! So spin them up, give them a go and let us know what you think. Comment below, open a new thread in the forums, or open a new feature request or bug report on our issue tracker (requires free GitHub user account). I hope to hear from you soon! :) Blog Tags:  news development debian community appliances release stable iso [Less]