hermes-seg-18.04 tagshttp://gitlab.deeztek.com/dedwards/hermes-seg-18.04/-/tags2021-12-02T17:58:52Zhttp://gitlab.deeztek.com/dedwards/hermes-seg-18.04/-/tags/build-211019build-211019<p data-sourcepos="1:1-1:17" dir="auto"><strong>NEW FEATURES:</strong></p>
<ul data-sourcepos="3:1-12:0" dir="auto">
<li data-sourcepos="3:1-3:44">Added Nginx HTTP Server in lieu of Apache.</li>
<li data-sourcepos="4:1-4:80">Added Lets Encrypt (Acme) Certificates support for HTTP and SMTP TLS (future).</li>
<li data-sourcepos="5:1-5:43">Added Wildcard CSR generation capability.</li>
<li data-sourcepos="6:1-6:77">Added Authelia Authentication Server for authentication into Admin Console.</li>
<li data-sourcepos="7:1-7:58">Added 2FA (Two Factor Authentication) for Admin Console.</li>
<li data-sourcepos="8:1-8:148">Added ability to add multiple System User accounts in addition to the default "admin" user. Will be expanded in the future to include permissions.</li>
<li data-sourcepos="9:1-9:103">Added Basic API for internal system functions. Will be expanded in the future for more functionality.</li>
<li data-sourcepos="10:1-10:78">Added support for checking System User passwords against haveibeenpwned.com.</li>
<li data-sourcepos="11:1-12:0">Re-worked Admin Console Firewall to work through Nginx. It now includes the ability to allow IPs to Hermes and/or Ciphermail Admin consoles.</li>
</ul>
<p data-sourcepos="13:1-13:90" dir="auto">Enabled Uncomplicated Firewall (UFW) with the following allowed incoming ports by default:</p>
<ul data-sourcepos="15:1-22:0" dir="auto">
<li data-sourcepos="15:1-15:15">22/tcp (SSH)</li>
<li data-sourcepos="16:1-16:16">25/tcp (SMTP)</li>
<li data-sourcepos="17:1-17:38">9080/tcp (Hermes Old Web GUI HTTPS)</li>
<li data-sourcepos="18:1-18:35">80/tcp (Hermes New Web GUI HTTP)</li>
<li data-sourcepos="19:1-19:37">443/tcp (Hermes New Web GUI HTTPS)</li>
<li data-sourcepos="20:1-22:0">3306/tcp (MySQL)</li>
</ul>
<p data-sourcepos="23:1-23:40" dir="auto"><strong>THE FOLLOWING PAGES HAVE BEEN ADDED:</strong></p>
<ul data-sourcepos="25:1-27:0" dir="auto">
<li data-sourcepos="25:1-25:43">System --> System Certificates (Pro Only)</li>
<li data-sourcepos="26:1-27:0">System --> Admin Authentication</li>
</ul>
<p data-sourcepos="28:1-28:58" dir="auto"><strong>THE FOLLOWING PAGES HAVE BEEN UPGRADED TO VERSION 2.0:</strong></p>
<ul data-sourcepos="30:1-39:0" dir="auto">
<li data-sourcepos="30:1-30:29">System --> Network Settings</li>
<li data-sourcepos="31:1-31:46">System --> Admin Console Firewall (Pro Only)</li>
<li data-sourcepos="32:1-32:38">System --> AD Integration (Pro Only)</li>
<li data-sourcepos="33:1-33:89">System --> Console SSL Settings RENAMED/MOVED TO System --> Console Settings (Pro Only)</li>
<li data-sourcepos="34:1-34:73">System --> Change Password --> RENAMED/MOVED TO System --> System Users</li>
<li data-sourcepos="35:1-35:100">Gateway --> Certificate Signing Request RENAMED/MOVED TO System --> System Certificates (Pro Only)</li>
<li data-sourcepos="36:1-36:33">Gateway --> Internal Recipients</li>
<li data-sourcepos="37:1-37:98">Content Checks --> Message History & Archive RENAMED/MOVED TO Content Checks --> Message History</li>
<li data-sourcepos="38:1-39:0">Encryption --> Internal Recipients Encryption RENAMED/MOVED TO Gateway --> Internal Recipients</li>
</ul>
<p data-sourcepos="40:1-40:10" dir="auto"><strong>FIXES:</strong></p>
<ul data-sourcepos="42:1-44:40" dir="auto">
<li data-sourcepos="42:1-42:96">Improved error handling in System --> System Backup for permission related errors in SMB Share</li>
<li data-sourcepos="43:1-43:134">Added functions to disable firewall and reset all MySQL username/passwords in System --> System Settings when running System Restore</li>
<li data-sourcepos="44:1-44:40">Fixed bugs in system_restore.sh script</li>
</ul>2021-12-02T17:58:52Zdeeztekdino.edwards@mydirectmail.net