turnkey-syncthing-18.0 (1) turnkey; urgency=low

  * Update to latest upstream Syncthing (via upstream apt repo) - v1.27.4.
    [Stefan Davis <stefan@turnkeylinux.org>]

  * Confconsole: bugfix broken DNS-01 Let's Encrypt challenge- closes #1876 &
    #1895.
    [Jeremy Davis <jeremy@turnkeylinux.org>]

  * Ensure hashfile includes URL to public key - closes #1864.

  * Include webmin-logviewer module by default - closes #1866.

  * Upgraded base distribution to Debian 12.x/Bookworm.

  * Configuration console (confconsole):
    - Support for DNS-01 Let's Encrypt challenges.
      [ Oleh Dmytrychenko <dmytrychenko.oleh@gmail.com> github: @NitrogenUA ]
    - Support for getting Let's Encrypt cert via IPv6 - closes #1785.
    - Refactor network interface code to ensure that it works as expected and
      supports more possible network config (e.g. hotplug interfaces & wifi).
    - Show error message rather than stacktrace when window resized to
      incompatable resolution - closes  #1609.
      [ Stefan Davis <stefan@turnkeylinux.org> ]
    - Bugfix exception when quitting configuration of mail relay.
      [ Oleh Dmytrychenko <dmytrychenko.oleh@gmail.com> github: @NitrogenUA ]
    - Improve code quality: implement typing, fstrings and make (mostly) PEP8
      compliant.
      [Stefan Davis <stefan@turnkeylinux.org> & Jeremy Davis

  * Firstboot Initialization (inithooks):
    - Refactor start up (now hooks into getty process, rather than having it's
      own service).
      [ Stefan Davis <stefan@turnkeylinux.org> ]
    - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname
      is included in dhcp info when set via inithooks.
    - Package turnkey-make-ssl-cert script (from common overlay - now packaged
      as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl.
    - Refactor run script - use bashisms and general tidying.
    - Show blacklisted password characters more nicely.
    - Misc packaging changes/improvements.
    - Support returning output from MySQL - i.e. support 'SELECT'. (Only
      applies to apps that include MySQL/MariaDB).

  * Web management console (webmin):
    - Upgraded webmin to v2.105.
    - Replace webmin-shell with webmin-xterm module by default - closes #1904.
    - Removed stunnel reverse proxy (Webmin hosted directly now).
    - Ensure that Webmin uses HTTPS with default cert
      (/etc/ssl/private/cert.pem).
    - Disabled Webmin Let's Encrypt (for now).

  * Web shell (shellinabox):
    - Completely removed in v18.0 (Webmin now has a proper interactive shell).
    - Note: previous v18.0 releases did not include webmin-xterm pkg - see
      above webmin note &/or #1904.

  * Backup (tklbam):
    - Ported dependencies to Debian Bookworm; otherwise unchanged.

  * Security hardening & improvements:
    - Generate and use new TurnKey Bookworm keys.
    - Automate (and require) default pinning for packages from Debian
      backports. Also support non-free backports.

  * IPv6 support:
    - Adminer (only on LAMP based apps) listen on IPv6.
    - Nginx/NodeJS (NodeJS based apps only) listen on IPv6.

  * Misc bugfixes & feature implementations:
    - Remove rsyslog package (systemd journal now all that's needed).
    - Include zstd compression support.
    - Enable new non-free-firmware apt repo by default.
    - Improve turnkey-artisan so that it works reliably in cron jobs (only
      Laravel based LAMP apps).

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Fri, 15 Mar 2024 02:49:24 +0000

turnkey-syncthing-17.1 (1) turnkey; urgency=low

  * Updated all Debian packages to latest.
    [ autopatched by buildtasks ]

  * Patched bugfix release. Closes #1734.
    [ autopatched by buildtasks ]

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Tue, 12 May 2022 01:41:55 +0000

turnkey-syncthing-17.0 (1) turnkey; urgency=low

  * Update to latest upstream Syncthing (via upstream apt repo) - v1.19.0.

  * Note: Please refer to turnkey-core's 17.0 changelog for changes common to
    all appliances. Here we only describe changes specific to this appliance.

 -- Zhenya Hvorostian <zhenya@turnkeylinux.org>  Tue, 08 Feb 2022 13:40:00 +0300

turnkey-syncthing-16.1 (1) turnkey; urgency=low

  * Update to latest upstream Syncthing (via upstream apt repo) - v1.15.1.

  * Bump maximum receive buffer size to roughly 2.5 MB for Syncthing - closes
    #1584.

  * Note: Please refer to turnkey-core's 16.1 changelog for changes common to
    all appliances. Here we only describe changes specific to this appliance.

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Mon, 12 Apr 2021 15:34:00 +1000

turnkey-syncthing-16.0 (1) turnkey; urgency=low

  * Update to latest upstream Syncthing (via upstream apt repo) - v1.7.1.

  * Explcitly disable TLS<1.2 (i.e. SSLv3, TLSv1, TLSv1.1). (v15.x
    TurnKey releases supported TLS 1.2, but could fallback as low as TLSv1).

  * Update SSL/TLS cyphers to provide "Intermediate" browser/client support
    (suitable for "General-purpose servers with a variety of clients,
    recommended for almost all systems"). As provided by Mozilla via
    https://ssl-config.mozilla.org/.

  * Note: Please refer to turnkey-core's changelog for changes common to all
    appliances. Here we only describe changes specific to this appliance.

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Mon, 13 Jul 2020 09:18:39 +1000

turnkey-syncthing-15.1 (1) turnkey; urgency=low

  * Update to latest upstream v0.14.49 Syncthing.

  * Tweak to inithook to fix typo; plus ensure updated settings are applied
    on low power servers - closes #1222.

 -- Jeremy Davis <jeremy@turnkeylinux.org>  Wed, 17 Oct 2018 14:58:38 +1100

turnkey-syncthing-15.0 (1) turnkey; urgency=low

  * Initial appliance release based on Core appliance.

  * Includes Syncthing v0.14.48, installed from third party debian repo.

 -- Miles McQuiston <ptm@tapbop.com>  Mon, 02 Jul 2018 21:33:00 +0000