aherman
/
the-bastion
mirror of https://github.com/ovh/the-bastion
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • a05c413947
         Merge 0353c05238 into 306d1304e7 Jonah 2026-02-10 16:46:44 +0100
  • 0353c05238
         fix: simplify more checks wanted variables jon4hz 2026-02-10 16:46:35 +0100
  • 741b675d3e
         fix: simplify checks wanted variables Jonah 2026-02-10 16:40:48 +0100
  • 1eb96e4f20
         fix: use logical or when checking for mandatory params Jonah 2026-02-10 16:38:22 +0100
  • 1a5a2bf352
         fix: move proxy option check out of loop jon4hz 2026-02-10 16:34:51 +0100
  • 61eda562b6
         fix: improve error handling in proxy validation subroutine jon4hz 2026-02-10 14:19:20 +0100
  • 96f902a54c
         fix: use proxyIp and not proxyHost jon4hz 2026-02-10 14:18:32 +0100
  • 147265352c
         chore: fix tests with proxyjump feature opt-in jon4hz 2026-02-10 11:53:56 +0100
  • 558165a8c4
         Merge 3545b17616 into 306d1304e7 Jonah 2026-02-06 10:52:41 +0000
  • 3545b17616
         fix: missing syslog-ng config for bastion-scripts jon4hz 2026-02-06 11:49:54 +0100
  • 6271570123
         Merge 9b8baf1607 into 306d1304e7 Jonah 2026-02-04 02:00:24 +0800
  • cd4d9ec671
         Merge d4b3ddc29e into 306d1304e7 Jonah 2026-02-04 02:00:20 +0800
  • df85ff91b7 Deploy to GitHub pages gh-pages github-actions[bot] 2026-01-30 09:38:25 +0000
  • 306d1304e7 chore: add relnotes for v3.23.01 master v3.23.01 Stéphane Lesimple 2026-01-30 09:32:32 +0000
  • 3fc057e0c0
         chore: add relnotes for v3.23.01 Stéphane Lesimple 2026-01-30 09:32:32 +0000
  • 01c896ba63 release v3.23.01 Stéphane Lesimple 2026-01-29 15:23:30 +0000
  • 11cbf63be8 chore: deprecate the use of -f and -l in selfListIngressKeys Stéphane Lesimple 2026-01-29 15:21:28 +0000
  • c85b21ad82
         release v3.23.01 Stéphane Lesimple 2026-01-29 15:23:30 +0000
  • 305426c8e6
         chore: deprecate the use of -f and -l in selfListIngressKeys Stéphane Lesimple 2026-01-29 15:21:28 +0000
  • 2b75792318 feat: accept -l as user option jon4hz 2026-01-28 09:23:29 +0100
  • b0868c1f29 enh: better interaction between systemd units and /home encryption Stéphane Lesimple 2026-01-02 14:29:07 +0000
  • 8653d98ac5
         enh: better interaction between systemd units and /home encryption Stéphane Lesimple 2026-01-02 14:29:07 +0000
  • 44488e8300 fix: add accountGidMin to avoid stealing an account's GID Stephane Lesimple 2026-01-26 10:17:59 +0100
  • 552b5f0cb3
         feat: accept -l as user option jon4hz 2026-01-28 09:23:29 +0100
  • 8a73639f3d fix: add accountGidMin to avoid stealing an account's GID Stephane Lesimple 2026-01-26 10:17:59 +0100
  • a471dc055d
         chore: perl tidy jon4hz 2026-01-22 15:04:45 +0100
  • 97cbea114f
         feat: make proxyJump and opt-in feature jon4hz 2026-01-22 15:03:31 +0100
  • 004e8ce19b
         fix: placement of proxyUser option jon4hz 2026-01-22 13:14:10 +0100
  • f6bc787070
         fix: consistent flag naming in selfListSessions jon4hz 2026-01-22 13:13:11 +0100
  • 14187eef49
         fix: correctly check json output Jonah 2026-01-22 11:30:53 +0100
  • ffcbd5d68e
         chore: add missing closing bracket Jonah 2026-01-22 11:30:25 +0100
  • 84e6fbf7bd
         Revert "fix: use quotemeta to join command parts" jon4hz 2026-01-22 11:26:20 +0100
  • 8f87388c7d
         fix: only check for valid ip in acl check jon4hz 2026-01-22 10:48:25 +0100
  • 053aad1922
         fix: proxyIP can't be a subnet Jonah 2026-01-22 10:43:58 +0100
  • 08d440717e
         fix: use quotemeta to join command parts Jonah 2026-01-22 10:40:12 +0100
  • 30d7be5987
         fix: remove unneccessary osh_command check Jonah 2026-01-22 10:39:01 +0100
  • 9be9f67c20
         fix: move proxy parsing to mosh and improve exit codes jon4hz 2026-01-22 10:37:40 +0100
  • 7b3240e47a Fix missing `-regex` following @cdbd6c7 from #550 Mathieu MD 2026-01-12 09:37:14 +0100
  • a6c52a84bd
         Fix missing `-regex` following @cdbd6c7 from #550 Mathieu MD 2026-01-12 09:37:14 +0100
  • 7275605565
         release v3.23.00 (#605) v3.23.00 Stéphane Lesimple 2025-12-22 14:23:01 +0100
  • a499337edc
         Update doc/release-notes/v3.23.00.md Stéphane Lesimple 2025-12-22 12:04:41 +0100
  • d03625b5c5
         release v3.23.00 Stéphane Lesimple 2025-12-22 10:10:24 +0000
  • 41bcbe3cd0
         fix: stop banner service, not restart (#603) Jonah 2025-12-18 22:03:20 +0100
  • 7457f3db0d
         feat: add admin script apply-ingress-keys-from-globally.pl (#604) Stéphane Lesimple 2025-12-18 17:59:52 +0100
  • aade9787f0
         feat: add admin script apply-ingress-keys-from-globally.pl Stéphane Lesimple 2025-12-18 15:16:15 +0000
  • 06a3ba856d
         fix: stop banner service, not restart jon4hz 2025-12-16 19:16:05 +0100
  • 98336fdafe
         feat: httpproxy: add support for more HTTP methods (#601) Stéphane Lesimple 2025-12-16 14:02:45 +0100
  • 53507b6a3e
         feat: httpproxy: add support for more HTTP methods Stéphane Lesimple 2025-11-05 10:22:53 +0000
  • 38d883c654
         scp: more robust parsing for remote users with special chars (#600) Stéphane Lesimple 2025-12-15 19:16:18 +0100
  • aa14c0e14f
         enh: allow colon in remote user names (#602) Stéphane Lesimple 2025-12-15 18:12:07 +0100
  • 7ff1a4352a
         enh: allow colon in remote user names Stéphane Lesimple 2025-11-27 16:16:39 +0100
  • 2ceab97ef9
         docs(dev,setup): fix the pre-commit example and script helper (#599) François Magimel 2025-12-15 17:32:54 +0100
  • 1232ba993e
         scp: more robust parsing for remote users with special chars Stéphane Lesimple 2025-12-15 16:27:50 +0000
  • 63c74d539e
         docs(dev,setup): update the script helper François Magimel 2025-12-11 10:01:04 +0000
  • c84f2c4df2
         docs(dev,setup): fix the pre-commit example François Magimel 2025-12-11 09:57:37 +0000
  • bd9ba6fc4d
         fix: return accountInfo if grace period is set (#594) Jonah 2025-12-10 11:59:03 +0100
  • d558552c55
         fix: hide mfa info msg in quiet mode (#598) toutoen 2025-12-10 11:58:35 +0100
  • 0d4aebe755 fix: hide mfa info msg in quiet mode Antoine Guerrée 2025-12-08 11:08:27 +0100
  • 9cb87d3d89
         feat(portforwarding): allow portforwarding on master instances only jon4hz 2025-12-04 16:30:56 +0100
  • fa73b11e45
         fix(portforwarding): correctly cleanup unused local ports jon4hz 2025-12-04 14:52:45 +0100
  • 120fbd0b0d
         feat(portforwarding): enforce account and group limits jon4hz 2025-12-04 13:42:19 +0100
  • 6cd3b2aeed
         fix(portforwarding): undefined var when managing group port forwards jon4hz 2025-12-04 13:41:40 +0100
  • f438a0aeaa
         fix(portforwarding): no ControlMaster for portforwarding sessions jon4hz 2025-11-26 19:05:28 +0100
  • 471b55f463
         chore(portforwarding): update description jon4hz 2025-11-26 19:03:45 +0100
  • a1e6dea372
         fix(portforwarding): prevent local ports from being assigned if its unsafe jon4hz 2025-11-19 20:39:13 +0100
  • 936af2ede0
         feat(portforwarding): improve machine_display to show local port jon4hz 2025-11-19 20:37:34 +0100
  • 89a68a13c4
         feat(portforwarding): reload sshd after config change and ha support jon4hz 2025-11-17 22:31:26 +0100
  • a5e085eecc
         fix(portforwarding): use correct target jon4hz 2025-11-17 21:29:14 +0100
  • a23226543e
         feat(portforwarding): check if feature is enabled jon4hz 2025-11-17 14:30:36 +0100
  • 946e70adbb
         chore(portforwarding): adjust default portforwarding local port range jon4hz 2025-11-17 11:25:20 +0100
  • dc672945b1
         feat(portforwarding): doublecheck if local port is in use jon4hz 2025-11-16 11:53:45 +0100
  • 33054c268e
         feat(portforwarding): generate sshd config for portforwarding jon4hz 2025-11-16 11:27:15 +0100
  • 6c11d3655d
         fix(portforwarding): make acl more restrictive jon4hz 2025-11-14 13:56:03 +0100
  • 5a7eee8dc1
         fix(portforwarding): improve acl check jon4hz 2025-11-14 13:46:48 +0100
  • 6764f49af0
         fix(portforwarding): make sure portforwarding lock can be used by any user jon4hz 2025-11-14 13:31:58 +0100
  • 0751909027
         fix(portforwarding): aquire portallocation lock only if remotePort is defined jon4hz 2025-11-13 20:22:21 +0100
  • 980d000325
         fix(portforwarding): handle deletion correctly jon4hz 2025-11-13 19:41:53 +0100
  • ba48fa8c90
         feat(portforwarding): implement all commands, access checks, logging and ssh flag parsing jon4hz 2025-11-13 19:14:18 +0100
  • 77346ef819
         feat(portforwarding): acl and random local port allocation jon4hz 2025-11-11 23:02:27 +0100
  • 03e435f07a
         chore: regenerate docs jon4hz 2025-12-04 11:58:29 +0100
  • 66aa63883b
         chore: perl tidy jon4hz 2025-12-04 11:36:52 +0100
  • 9b8baf1607
         fix: return booleans as 1 and 0 in the api jon4hz 2025-12-02 19:34:22 +0100
  • ed01b3321b
         chore: fix perlcritic warnings jon4hz 2025-12-04 11:27:10 +0100
  • b45c856087
         chore: fix perlcritic warnings jon4hz 2025-12-04 11:23:19 +0100
  • 9742d85826
         fix: return booleans as 1 and 0 in the api (#6) Jonah 2025-12-02 20:15:45 +0100
  • d713c224b1
         fix: return accountInfo if grace period is set (#5) Jonah 2025-12-02 11:27:05 +0100
  • aaea138ab5
         fix: return accountInfo if grace period is set jon4hz 2025-12-01 19:03:47 +0100
  • 8238ccedf6
         ci: publish to ghcr jon4hz 2025-11-27 21:20:30 +0100
  • 2a60b3e68c
         feat: implement proxy jump for egress connections (#3) Jonah 2025-11-18 15:50:51 +0100
  • 107a6592a1
         feat: add try-personal-keys policy for groups (#2) Jonah 2025-11-18 15:49:44 +0100
  • dbbd0e43fe
         fix: handle proxy options correctly when deleting accesses jon4hz 2025-11-13 19:37:00 +0100
  • cebf897679
         refactor: function to validate proxy options jon4hz 2025-11-06 22:51:14 +0100
  • 42c2c86533
         chore: autocompletions jon4hz 2025-11-06 22:24:35 +0100
  • dfb5b4a6dd
         fix: add ignoreProxyUser to is_access_granted jon4hz 2025-11-06 21:52:31 +0100
  • e3647227ac
         feat: whoHasAccessTo can now check for proxy info jon4hz 2025-11-06 21:47:37 +0100
  • e5521cbf1a
         fix: only set proxyPort default value if proxyJump is defined jon4hz 2025-11-06 21:39:26 +0100
  • 743867cf79
         feat: log proxy info jon4hz 2025-11-06 21:30:58 +0100
  • ee6e8f0217
         fix: include proxy info in ttyrec filename jon4hz 2025-11-05 23:38:30 +0100
  • f8a9a62273
         feat: proxy support for guest accesses jon4hz 2025-11-05 21:47:04 +0100
  • 213f28cc4c
         chore: improve log output jon4hz 2025-11-05 21:15:48 +0100