# [1.0.0](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v0.9.0...v1.0.0) (2024-10-14)
### Bug Fixes
* **ci:** Add TESTS_GRACE_PERIOD variable for run-tests job. ([1023f3d](1023f3d081))
* **ci:** Re-enable e2e test trigger. ([603b102](603b102f41))
* **ci:** Remove K8s secret creation for `EXTERNAL_REGISTRY_USERNAME` / `EXTERNAL_REGISTRY_PASSWORD`. ([cbe6b1a](cbe6b1ae6c))
* **ci:** Trigger e2e tests for multiple languages. ([9d7d89f](9d7d89f74f))
* **collabora:** Add ipFamilies cluster.networking option ([add2ab1](add2ab1a41))
* **collabora:** Reduce Collabora's securityContext capabilities. ([a7ea701](a7ea701cc6))
* **collabora:** Set Nextcloud URL for custom font support. ([370c7cd](370c7cd836))
* **collabora:** Update to 24.04.6.1.1. ([97f7a1c](97f7a1cafd))
* **collabora:** Update to 24.04.6.2.1. ([3d44193](3d441933ca))
* **collabora:** Update to 24.04.7.1.2. ([11ebb80](11ebb80494))
* **collabora:** Update to 24.04.7.2. ([5f72da4](5f72da4e57))
* **docs:** Update `replicas.yaml` and `docs/scaling.md`. ([45715a2](45715a2059))
* **docs:** Various updates. ([8aa1a7f](8aa1a7fa7d))
* **element:** Feature toggle for user controlled updates of their Element display name; new default for generating MatrixID, check docs/migrations.md for details. ([efc41cb](efc41cb3aa))
* **element:** Set Synapse rate limit. ([4ff720d](4ff720d36f))
* **element:** Update 'capabilities_approved' for NeoBoard Widget ([ade8535](ade8535c44))
* **element:** Update NeoBoard to 1.20.0 and `synapse-guest-module` to 2.0.0. ([11b0d44](11b0d441e0))
* **element:** Update NeoDateFix translations. ([71f21dc](71f21dc433))
* **element:** Update Synapse to v0.1150. ([12680e5](12680e5c1a))
* **element:** Use Element upstream without widgets. ([bdc6ad2](bdc6ad2864))
* **helmfile:** Add `cluster.networking.proxies`. Deployments need to set this if their load balancer or reverse proxy IPs are not part of the `cluster.networking.cidr`. ([a395759](a395759551))
* **helmfile:** Add `sample.yaml.gotmpl` to `dev` and `prod` env directories. ([dd80abe](dd80abe622))
* **helmfile:** Add new settings to `functional.yaml` for fileshare expiry dates. ([6b88f73](6b88f731eb))
* **helmfile:** Check imagePullSecrets templates for all resources ([13e0bb8](13e0bb8d68))
* **helmfile:** Move Intercom-Service to Nubus component. ([ef1dad7](ef1dad7433))
* **helmfile:** Move OX-Connector to Open-Xchange component. ([751f578](751f5783d0))
* **helmfile:** Remove NET_RAW capabilities ([e512486](e512486e74))
* **helmfile:** Remove some YAML linter warnings. ([d641359](d641359c29))
* **helmfile:** Remove toggle `functional.email.systemGenerated.useComponentInSenderdomain`. Mails will no longer use a component subdomain in their sender address. ([b60fe39](b60fe39b5c))
* **helmfile:** Switch fom dep5 to REUSE.toml. ([592f031](592f03135f))
* **helmfile:** Update portal and branding. ([6ba6923](6ba6923612))
* **helmfile:** Update replicas.yaml. ([8ef69ec](8ef69ecaf2))
* **helmfile:** Update to support Helmfile 1.0.0-rc5. ([f4b9395](f4b9395b41))
* **intercom-service:** Customizable user mapper. ([a7e5f64](a7e5f64b50))
* **jitsi:** Improve handling of non authorized users. ([8bca56d](8bca56d4ac))
* **jitsi:** Update chart for improved openDesk look & feel. ([f297d8c](f297d8c0b7))
* **jitsi:** Update Helm chart and Keycloak Adapter image. ([3ad81e6](3ad81e6b92))
* **jitsi:** Update images to `9646-stable`. ([49ad36e](49ad36ef4e))
* **jitsi:** Updated branding and new option `functional.dataProtection.jitsiRoomHistory.enabled` defaulting to `[secure]`. ([67d52c7](67d52c771e))
* **nextcloud:** Add support for secret keys for administrator and ldap credentials ([7aee88e](7aee88ec94))
* **nextcloud:** Bump image to incorporate latest PHP fixes. ([c9ae039](c9ae0391b0))
* **nextcloud:** Remove `/index.php`. ([3baf37c](3baf37c509))
* **nextcloud:** Update to 29.0.5 and support for new functional settings regarding sharing of files. See the options related to `functional.filestore.sharing` in `functional.yaml` and also `migrations.md` regarding their defaults that differ from the previous standard behaviour of openDesk. ([ac148d0](ac148d0c28))
* **nextcloud:** Update to 29.0.6 including latest app updates. ([9950b73](9950b73ae3))
* **nubus:** Add interim ingress configuration fixing UMC in German ([6a60c6d](6a60c6dd43))
* **nubus:** Only use one LDAP Primary and make replica count of Secondary and Proxy others configurable ([31753ff](31753ffb19))
* **nubus:** Reduce lint failures, especially take care of pullSecrets ([e923468](e923468cd6))
* **nubus:** Remove duplicated "nubusPortalFrontend" ([8cd2f3a](8cd2f3a993))
* **nubus:** Remove superfluous variables ([a7d3d25](a7d3d2585c))
* **nubus:** Update "openDesk Standard" OX profile. ([fdb37c3](fdb37c3943))
* **nubus:** Update customization for improved UX. ([b9db81f](b9db81f69d))
* **nubus:** Update LDAP openDesk schemas and add related openDesk config options to user. ([e3238f9](e3238f96f7))
* **nubus:** Update LDAP to openLDAP 2.5. ([c63e725](c63e725525))
* **nubus:** Update opendesk-nubus to set default OXContext and improved OXProfile, update migrations to (optionally) ldap-patch OXContext for `Administrator`/`default.admin` as well as patch the OXProfile to 1.0 default state. ([e619db6](e619db6da2))
* **nubus:** Update to 0.63.2 ([28dd762](28dd762db3))
* **nubus:** Update to 0.64.2. ([fc7099a](fc7099a8a6))
* **nubus:** Update to Nubus 0.62.2. ([8229949](8229949b47))
* **nubus:** Update to version 0.57.3. ([11f750e](11f750e1d6))
* **open-xchange:** DisplayName settings for OX-Connector. ([b7faa24](b7faa24d76))
* **open-xchange:** Update cluster internal Nextcloud URL. ([b1946d0](b1946d0c1d))
* **open-xchange:** Update Migrations for OX-Connector. ([6325b69](6325b69a91))
* **open-xchange:** Update OpenXchange Appsuite Bootstrap to v2.1.0 ([fb8f7cd](fb8f7cd28a))
* **open-xchange:** Update OX AppSuite to 8.26 and improve configuration including server-side Element integration. ([61d7496](61d74966d0))
* **openproject:** Bump OpenProject to 14.5.1. ([deacbc9](deacbc9db5))
* **openproject:** Remove `OPENPROJECT_PER__PAGE__OPTIONS` to enable functional administration of the setting. ([df9380b](df9380b924))
* **openproject:** Update Helm chart to v8.0.0 and explicitly template resources. ([91e34aa](91e34aabaa))
* **openproject:** Update to 14.6.0. ([560aa30](560aa30cba))
* **openproject:** Update to 14.6.1. ([cc4b359](cc4b359124))
* **openproject:** Updated bootstrap image does not fail on rerun. ([7d0d6ea](7d0d6ea8d1))
* **services:** Bump Postfix Helm chart to 2.2.0. ([f194f24](f194f24845))
* **services:** Support application based connection limits and password updates for PostgreSQL and MariaDB. ([c03566d](c03566dd63))
* **xwiki:** Disable check for local Office component. ([a91f181](a91f181c46))
* **xwiki:** Enable IAM controlled functional admin role. ([fa8572f](fa8572f785))
* **xwiki:** Update to 16.4.4 - updated. ([6347966](6347966765))
* **xwiki:** Update to 16.4.4. ([d693ff9](d693ff94f4))
### Features
* **element:** Add feature flag `functional.dataProtection.matrixPresence.enabled` that defaults to `[secure]` to avoid that openDesk provides presence information on users unintended. We include the hardcoded configuration in openDesk Synapse that users cannot change their displayname. ([4b99357](4b99357b21))
* **helmfile:** Add customization.yaml to define custom files for helmfile releases ([180ccdd](180ccddfaa))
* **helmfile:** Add fine-granular registry overwrites ([7348547](7348547d96))
* **helmfile:** Add support for argocd git-ops deployment ([9f081d8](9f081d8567))
* **helmfile:** Change default subdomain names. Attention, consult docs/migrations.md for upgrade deployments. ([3d84e80](3d84e804c2))
* **helmfile:** Full ArgoCD support ([7bf8e69](7bf8e6976a))
* **helmfile:** Support feature toggle `email.systemGenerated.useComponentInSenderdomain`. ([a46a632](a46a632616))
* **nextcloud:** Use nextcloud image with bundled nginx ([81f5969](81f5969653))
* **nubus:** Update IAM components. ([ce03400](ce03400043))
* **nubus:** Update to Nubus 0.39.2 chart ([7345563](73455630fd))
* **open-xchange:** Support for email migration feature toggle enabling masterpassword authentication in Dovecot and AppSuite. Requires openDesk Enterprise. ([356d8df](356d8dfbfd))
* **services:** [bmi/opendesk/deployment/opendesk[#66](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/issues/66)] Add dkimpy-milter to sign outgoing emails with DKIM and use local postfix as mail relay in all components. ([fbe4909](fbe4909a8e))
### BREAKING CHANGES
* **helmfile:** Upgrading from previous releases requires manual steps, read `./docs/migrations.md` carefully.
## [0.8.1](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v0.8.0...v0.8.1) (2024-07-01)
### Bug Fixes
* **collabora:** Bump image to 24.04.4.1.1. ([368fe13](368fe13ddb))
* **collabora:** Bump image to 24.04.4.2.1. ([01767d3](01767d3806))
* **docs:** Add Ports section to getting started. ([c07b25c](c07b25c4b9))
* **docs:** Correction regarding the currently supported ingress controller. ([8514908](85149086ae))
* **docs:** Update regarding the currently supported ingress controller. ([064a5ad](064a5ad246))
* **element:** Provide the internal cluster domain to `synapse-web`. ([a8692d5](a8692d5506))
* **helmfile:** Add script to ease local development of platform charts. ([d8f3e05](d8f3e05e58))
* **helmfile:** Enable SMTP for XWiki and Element/Synapse; Streamline mail sender addresses within platform based on `<localpart>@<component>.<domain>` and allow configuration of `<localpart>`. ([01c5e6b](01c5e6b359))
* **helmfile:** Include all `.yaml.gotmpl` files for the envs in `environments.yaml`. ([e523434](e52343440d))
* **helmfile:** Streamline `functional.yaml`. *Upgrade notice:* If you set a non default value for `.Values.portal.enableDeploymentInformation` please change it to `.Values.admin.portal.deploymentInformation.enabled` with this version. ([e89b16a](e89b16a747))
* **jitsi:** Update PatchJVB bitnami/kubectl image to 1.30.2. ([6ef3641](6ef3641d82))
* **nubus:** Enable Keycloak's user account console. ([c03e4a5](c03e4a5340))
* **nubus:** Remove doublette ingress annotations. ([890b36e](890b36ecbb))
* **open-xchange:** Fixing YAML indentation of updater resources ([0ce346b](0ce346b162))
* **openproject:** Bump image to 14.2.0. ([1ad35f1](1ad35f1e12))
* **openproject:** Switch DBInit container image to Alpine based version to reduce footprint. ([c90f7c1](c90f7c1742))
* **openproject:** Update PostgreSQL image for DB init to 16.3. ([45e5699](45e569955d))
* **services:** Allow Postfix "relayHost" to be empty. ([7268f60](7268f607a5))
## [0.7.1](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v0.7.0...v0.7.1) (2024-05-21)
### Bug Fixes
* **ci:** Add Renovate dependency update automation. ([650c41c](650c41c3f0))
* **cryptpad:** Update Helm chart v0.0.19 and include CryptPad app in Helmfile deployment. ([931ed95](931ed95ce1))
* **docu:** Add IdP federation documentation. ([7167055](7167055303))
* **docu:** Rename SYNAPSE_DOMAIN to MATRIX_DOMAIN. If you use SYNAPSE_DOMAIN in your deployment, ensure you set the MATRIX_DOMAIN accordingly before upgrading. ([96baa6c](96baa6cc15))
* **element:** Provide certificate for alternative Synapse domain. ([88ac239](88ac2396e6))
* **helmfile:** Use Open CoDE as default registry for Univention helm chart ([#71](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/issues/71)). ([4e56ce4](4e56ce4073))
* **jitsi:** Bump images to stable-9457-2. ([1d47fa6](1d47fa681a))
* **jitsi:** Raise Jibri memory limits to fullfil Jibri's 2Gi /dev/shm requirement and update Helm chart; To update an existing installation you need to manually delete the `jitsi-prosody` stateful set before the update e.g. `kubectl -n <your_namespace> delete --cascade=orphan statefulsets jitsi-prosody`. Ensure you use the `--cascade=orphan` part, otherwise you have to remove and reinstall the complete deployment. ([6570c13](6570c13f3a))
* **nextcloud:** Bump to 28.0.5 incl. latest app versions. ([04d9372](04d9372cfc))
* **nubus:** Bump Keycloak to 24.0.3. ([923533d](923533d7b7))
* **nubus:** Enable 2FA for group "Domain Admins" by default. ([1179669](11796699bb))
* **nubus:** Update keycloak-bootstap and keycloak-extensions. ([1c6666f](1c6666fe45))
* **open-xchange:** Support change of username. ([b2cfa8b](b2cfa8b996))
* **openproject:** Bump version to 14.0.1, update Helm chart to 4.5.0. ([e085211](e0852119e8))
# [0.7.0](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v0.6.0...v0.7.0) (2024-05-06)
### Bug Fixes
* **ci:** Add debug option. Has to be supported by stage specific configuration containing: `debug.enabled: {{ env "DEBUG_ENABLED" | default false }}` ([3dc6484](3dc648421b))
* **element:** Provide the internal cluster domain to synapse web ([b9ac5ec](b9ac5ecf2d))
* **univention-management-stack:** Add the image configuration for NATS ([e9ec2f3](e9ec2f3a6e))
* **univention-management-stack:** Fix [#55](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/issues/55), [#35](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/issues/35) by updating chart "ums" to 0.11.2 and image "portal-listener" to 0.20.6; To update an existing installation you need to manually delete the `ums-portal-listener` stateful set before the update: `kubectl -n <your_namespace> delete statefulsets ums-portal-listener` ([2ad0270](2ad027082f))
* **univention-management-stack:** Migrate UDM-REST-API image to new Univention registry ([9be3b78](9be3b78761))
* **univention-management-stack:** Objectstore credentials ([d1bd43f](d1bd43fa95))
* **univention-management-stack:** Update Helm chart to 0.12.0 including required changes to openDesk Helmfile deployment. ([fefd2f6](fefd2f6cae))
* **univention-management-stack:** Use the NATS related image configuration ([cd22570](cd225703eb))
### Features
* **element:** Add support for Matrix federation ([36139b4](36139b42f1))
* **helmfile:** Introduce additional variables for mailDomain and synapseDomain ([e6fe2a7](e6fe2a7c18))
* **services:** Add opendesk-home service, which redirects on domain to portal ([c7e2172](c7e217208c))
## [0.5.79](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v0.5.78...v0.5.79) (2024-02-29)
### Bug Fixes
* **collabora:** Bump image to 23.05.9.2.1 ([f4b8226](f4b8226ea1))
* **collabora:** Fix aliasgroups configuration whitelisting the Nextcloud host ([8b065fd](8b065fd9d7))
* **docs:** Update version numbers of functional components for release in README.md ([31e5cf3](31e5cf317c))
* **element:** Provide end-to-end encryption as user controlled option ([3d31127](3d31127a6a))
* **helmfile:** Enhance objectore environment variables to allow external Object Store ([d444226](d4442261aa))
* **helmfile:** Set debuglevel to WARN instead of INFO when debug is not enabled. ([2efceef](2efceef076))
* **nextcloud:** Bump images to enable password_policy and fix email with groupware ([8807b24](8807b24ce0))
* **univention-management-stack:** Bump Keycloak Extensions chart and configure the `/univention/meta.json` to be retrieved from `ums-stack-gateway` to avoid the inline 404 during Keycloak login. ([2023d5b](2023d5bce4))
* **univention-management-stack:** Provisioning version bump ([410a023](410a023714))
* **univention-management-stack:** Template more Keycloak Extension values incl. logLevel ([7ec123b](7ec123b9a1))
## [0.5.77](https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/compare/v0.5.76...v0.5.77) (2024-02-16)
### Bug Fixes
* **ci:** Complete CI var usage for external registry ([3bcdcd0](3bcdcd06b7))
* **ci:** Update openDesk CI Lint to v2.3.1 ([250ef2b](250ef2bc3f))
* **collabora:** Add chart validation ([0159902](01599022f1))
* **collabora:** Bump to 23.05.9.1.1 ([b525a81](b525a814fc))
* **cryptpad:** Update chart to v0.0.18 ([6f0b1f3](6f0b1f37fc))
* **docs:** Add functional component table referencing the component versions to README.md ([bc7eeb8](bc7eeb8c9d))
* **docs:** Add generated security-context.md ([d9e07ff](d9e07ff7bd))
* **element:** Change name of neodatefix bot job ([dd535da](dd535daac0))
* **element:** Disable e2ee ([ba0824b](ba0824bac3))
* **helmfile:** Add additional provisioning components and configuration ([110ff56](110ff56f74))
* **helmfile:** Add seLinuxOptions for all applications ([02d04fa](02d04faa2a))
* **helmfile:** Annotations in image.yaml ([7ebbd03](7ebbd03bdc))
* **helmfile:** Bump Collabora Chart to 1.11.1 and Image to 23.05.8.4.1 ([d2b1f0b](d2b1f0b07b))
* **helmfile:** Fix annotations in images.yaml ([acaec3b](acaec3b8ac))
* **helmfile:** Fix umsPortalFrontend image annotation ([8f83261](8f83261986))
* **helmfile:** Improve debugging ([56f5e35](56f5e35895))
* **nextcloud:** Bump openincryptpad to 0.3.3 and disable circles app ([f2b8acf](f2b8acfba8))
* **nextcloud:** Set backchannel logout url ([c0fc225](c0fc225349))
* **nextcloud:** Update image, nextcloud apps and chart ([fd2a66f](fd2a66f8f2))
* **nextcloud:** Update nextcloud image and chart to support upgrades ([5d95e7a](5d95e7ab2a))
* **nextcloud:** Update to Nextcloud to v28 ([7c9f38f](7c9f38f06e))
* **open-xchange:** Bump Gotenberg image ([49f126d](49f126d169))
* **open-xchange:** Dovecot image on OpenCoDE without mirror ([1396071](1396071865))
* **openproject:** Bump version to 13.3.0 ([c2087ef](c2087efcf9))
* **univention-management-stack:** New device login notifications on first login with 2FA ([ee1a337](ee1a337ab5))
* **univention-management-stack:** Patches not applied to uldap ([2909e1d](2909e1d821))
* **univention-management-stack:** Support for object-storage icons and portal files ([83ac645](83ac645fae))
* **univention-management-stack:** Update NGINX Helm chart to 15.9.3 ([c16c0ac](c16c0ac795))
* **univention-management-stack:** Update otterize to allow umc-server communication with memcached ([6c15dc1](6c15dc1d66))
* **xwiki:** Add bottom border to top nav bar to be aligned with the other components ([affa92c](affa92cde2))
* **xwiki:** Bump XWiki chart to 1.3.0 ([cabee0c](cabee0c9da))
