opendesk/CHANGELOG.md

1.1.2 (2025-02-19)

Bug Fixes

• dovecot: Add Dovecot Pro [EE] (6e343c7)
• element: Add Element EE components (61d94a8)
• helmfile: Add missing customizing option for Matrix widgets (9c79c44)
• helmfile: Add SSL option for Keycloak Extensions Proxy's PostgreSQL connection (91d0f98)
• helmfile: Fine-grained service types (de8b560)
• helmfile: Integrate oD EE (03ec704)
• helmfile: Introduce apps as top level in opendesk_main.yaml.gotmpl; Please check migrations.md for upgrades of existing installations (2fcf014)
• helmfile: Make openDesk IAM attributes optional with enabled as default (b32996d)
• helmfile: Provide toggle in functional.yaml.gotmpl for "new device notification" mails (284c9fe)
• helmfile: Remove reference to no longer required elementWeb chart (cd9c54b)
• helmfile: Set default for domain to opendesk.internal to avoid enforcing DOMAIN environment variable for deployments using YAML overrides (930ae9d)
• helmfile: Update/streamline theming (8eeaa23)
• jitsi: Support for phone dial-in into Jitsi conferences (1323ef1)
• nextcloud: Update groupfolders app to fix group selection in admin mode (ab49bf9)
• nextcloud: Update Nextcloud to 29.0.11 and support for Cron-Job specific resource definitions (09f4829)
• nubus: Disable unused notification feature (955f17e)
• nubus: Fix Keycloak dialogue background length on small screens (4662709)
• nubus: Only configure apps that are deployed to show up in IAM admin UI and Keycloak (1f051e7)
• nubus: Re-implement toggle for UDM-REST-API based on functional.externalServices.nubus.udmRestApi.enabled (777e7d2)
• nubus: Remove doublet resources key in udm-listener StatefulSet (10e0b0a)
• nubus: Support for custom UDM commands (aff8edb)
• nubus: Update Keycloak Extensions Proxy (601e649)
• open-xchange: Parameters to split read and write queries to MariaDB (370247b)
• open-xchange: Update OX App Suite to 8.33 (581c8ae)
• openproject: Update OpenProject to 15.2.1 (83c311b)
• oxconnector: Update to strict securityContext from upstream defaults (32df165)

1.1.1 (2025-01-27)

Bug Fixes

• docs: Add permissions.md (04ab28c)
• element: MatrixID for Element "Welcome User" to support deployments where matrix domain differs from homeserver FQDN (ccb51a0)
• element: Update Element to 1.11.90 (335806a)
• element: Update Helm chart to v6.0.2 for a fix when using non generated secrets in opendesk-synapse (d5e73fe)
• element: Update Synapse to 1.121.1 (33ff922)
• helmfile: Move the access restriction configuration for Keycloak client scopes into helmfile templating, instead of hardcoded Helm chart values (3662b5c)
• helmfile: Remove duplicate entries from secrets.yaml.gotmpl (a13cf63)
• helmfile: Support component specific storageClassNames. Note: Please check the migration.md if you upgrade a deployment that has set custom PVC sizes using persistence.size settings. (bacf51e)
• helmfile: Support PostgreSQL as alternative database backend for Nextcloud and XWiki. Note: PostgreSQL is likely to become the preferred option/default in the future and MariaDB might be deprecated at a later point. (a0f52ee)
• helmfile: Update opendesk-alerts and opendesk-dashboards to get predictable sort order, improving GitOps deployments (0c91117)
• helmfile: Update upstream images for k8s/kubectl to v1.32.0 (b71c2e5)
• intercom: Remove legacy OIDC claims (6796f32)
• nextcloud: Update image and Helm chart to support app toggles during deployment (1cdfcf2)
• nextcloud: Update to Nextcloud 29.0.10 (d096fb1)
• nubus: Fix pullPolicy setting for ldapServer.leaderElector to satisfy Kyverno linter (6f2f7cd)
• nubus: Merge yaml files for better maintainability (6c67eca)
• nubus: Pre-create groups in Keycloak to avoid race condition on group sync when initial users login parallel (5496317)
• nubus: Remove extra settings from ldapServer needed for openDesk 1.0.0 LDAP migration (fab862e)
• nubus: Remove b64 encoded files from CSS, instead use opendesk-static-files (2926e2c)
• nubus: Template secrets.nubus.masterpassword. Note: Please check migrations.md for details. (5aae75a)
• nubus: Update customizations for group cleanup (0b230fa)
• open-xchange: Add missing registryOpencodeDe to OX-Connector's waitForDependency image (a16d907)
• openproject: Update to 15.1.1 (b4b714f)
• openproject: Update to 15.2.0 (9d8e9c3)
• static-files: Update Helm chart to use more generic assets over theme.imagery.assets (63562c1)
• static-files: Update Helm chart to v4.0.1 to support longer domain names (b0e665b)
• xwiki: Update Helm chart to v1.4.1 to fix support for custom ingressClassName values. Ref #144 (033cb55)

1.1.0 (2024-12-24)

Bug Fixes

• cassandra: Prepare cassandra for openDesk Enterprise. (508e286)
• cassandra: Remove values in charts.yaml for enterprise components. (c0cbb76)
• ci: Explicitly set RELEASE_BRANCH (to main) for scan and release steps (e5ad0bb)
• ci: Reduce Kyverno linting issues (e4d9106)
• collabora: Add/update Helmfile for Collabora Controller to be used in EE deployments (a63d7cb)
• collabora: Update to 24.04.9.2. (407f2be)
• docs: Add architecture.md and apis.md (7710858)
• docs: Add GitOps / Argo CD documentation (bbe7550)
• docs: Update and streamline README.md and migrations.md. (a86c0af)
• element: Add extensive database options (9e102e2)
• element: Prepare element for openDesk Enterprise. (00a1a93)
• element: Rename release opendesk-element to opendesk-element-web (1213ecc)
• element: Switch element-web base image to Alpine (47ce294)
• element: Toggle IPv4-only mode depending on cluster.networking.ipFamilies (627b9c1)
• element: Update Matrix Meetings Bot to 2.8.2 (4403dfe)
• element: Update Synapse to 1.120.2 and Element to 1.11.87 update also related containers (9d7644d)
• helmfile: Add opendesk-static-files to opendesk-services to serve favicons (6438284)
• helmfile: Add Redis username and tls option (564fb2d)
• helmfile: Allow usage of pre-defined CA certificates. (0738fa0)
• helmfile: Auto-redirect user to login dialogue, please read migrations.md for more details (a9c8dfe)
• helmfile: Remove default.user and default.admin for new deployments. (54f9e4c)
• helmfile: Remove theme subtree from the migration's .Values secret to avoid a bloated secret hitting limits in certain clusters setups and GitOps tools. (b6725dd)
• helmfile: Splitting the directory ./helmfile/apps/services into -external and opendesk- services, please read migrations.md for more details (277a1f5)
• helmfile: Streamline commonLabels.deployStage. (f969425)
• helmfile: Streamline requests.cpu in resources.yaml (43f427e)
• helmfile: Streamline file extensions in /helmfile/environments/default to (0e3b661)
• helmfile: Unify templating name for Open-Xchange to openxchange and for OX App Suite to oxAppSuite. (6ff1fcd)
• helmfile: Use dictionaries for defining customization.yaml, please read migrations.md for more details (86ef0be)
• jitsi: Update Jitsi Helm chart and images. (5c691e4)
• jitsi: Update to 2.0.9823 and chart to 2.1.1 (56ce335)
• jitsi: Update to switch the colors of Hang up and End meeting for all buttons. (9dbb2b7)
• migrations: Cleanup of jobs (539a302)
• migrations: Update to support Nubus 1.5.1 (7f60ab3)
• nextcloud: Add Redis TLS option (1402593)
• nextcloud: Fix templating for nextcloud database name (7f1f6cd)
• nextcloud: Fix templating for nextcloud database user (c8c12a2)
• nextcloud: Support IPv4 only clusters (b25ada1)
• nextcloud: Trusted Proxy setting. (bc0ca8b)
• nextcloud: Update Chart to 3.6.1 and Image to 2.3.3 (including rollback to 29.0.8). Introducing setting for functional.filestore.sharing.external.sendPasswordMail (18fcaa0)
• nextcloud: Update to 29.0.9 incl. latest apps. (c63cca7)
• notes: Add favicon.ico via opendesk-static-files (669995b)
• notes: Add https to all endpoints (174951c)
• nubus: Add nginx s3 proxy when minio disabled (b3b6ab5)
• nubus: Enable Keycloak debug mode logging; add Keycloak specific section to debugging.md (3b3679b)
• nubus: Fix selfsigned certificate mounts (b90bff3)
• nubus: Leader election on re-deployments (b965677)
• nubus: Start ums keycloak bootstrap already during Sync phase (16dfd25)
• nubus: Update external portal links and login screen background. (901b1f5)
• nubus: Update to 1.4.0 (2a94f2d)
• nubus: Update to v1.5.1 (4c7422a)
• nubus: Use favicon with transparent background for portal (1b13c3e)
• open-xchange: Extend Dovecot LDAP filter to also match OX-Resources (31ea6e0)
• open-xchange: Fix truststore decrypt error on self-signed deployments (8611d95)
• open-xchange: Update AppSuite to 8.30, update Helm chart to 2.12.85 (0c88699)
• opendesk-services: Update minio to 2024.12.13 (4cda827)
• opendesk-services: Update otterize Network Policies (4602396)
• openproject: Bump Helm chart to 9.2 (718eb45)
• openproject: Bump version to 15.0.2 (c06e0bb)
• openproject: Update 15.1.0 image (6d329e1)
• openproject: Update branding and Helm chart to 9.0.1 (d3b1916)
• openproject: Update to 14.6.3 incl. latest Helm chart (8.3.2). (4c82adf)
• postfix: Added service type definition analogous to dovecot (31ec100)
• services: Add template for certificate issuerRef.kind (df144fe)
• services: Update MariaDB chart to v3.0.3 in preparation for the use of external secrets. (08feab1)
• services: Update Redis to 7.4.1 as required by OX Appsuite, please read migrations.md for more details (5e0b2e2)
• xwiki: Fix templating for xwiki database port (de15071)
• xwiki: Set superadmin password account only when debug is enabled (e2b3bd5)

Features

• helmfile: Add grafana dashboards (1441c57)
• helmfile: Add openDesk specific alerts (f630a36)
• helmfile: Add template support for antivirus icap/milter (83da87e)
• helmfile: Allow custom/self-signed ca-certificates (c71faf5)
• jitsi: Enable Jitsi room history by default. (45add79)
• Newsfeed in Portal based on XWiki blog feature (3ad285a)
• notes: Integrate Preview of Notes app (96f1819)

1.0.0 (2024-10-14)

Bug Fixes

• ci: Add TESTS_GRACE_PERIOD variable for run-tests job. (1023f3d)
• ci: Re-enable e2e test trigger. (603b102)
• ci: Remove K8s secret creation for EXTERNAL_REGISTRY_USERNAME / EXTERNAL_REGISTRY_PASSWORD. (cbe6b1a)
• ci: Trigger e2e tests for multiple languages. (9d7d89f)
• collabora: Add ipFamilies cluster.networking option (add2ab1)
• collabora: Reduce Collabora's securityContext capabilities. (a7ea701)
• collabora: Set Nextcloud URL for custom font support. (370c7cd)
• collabora: Update to 24.04.6.1.1. (97f7a1c)
• collabora: Update to 24.04.6.2.1. (3d44193)
• collabora: Update to 24.04.7.1.2. (11ebb80)
• collabora: Update to 24.04.7.2. (5f72da4)
• docs: Update replicas.yaml and docs/scaling.md. (45715a2)
• docs: Various updates. (8aa1a7f)
• element: Feature toggle for user controlled updates of their Element display name; new default for generating MatrixID, check docs/migrations.md for details. (efc41cb)
• element: Set Synapse rate limit. (4ff720d)
• element: Update 'capabilities_approved' for NeoBoard Widget (ade8535)
• element: Update NeoBoard to 1.20.0 and synapse-guest-module to 2.0.0. (11b0d44)
• element: Update NeoDateFix translations. (71f21dc)
• element: Update Synapse to v0.1150. (12680e5)
• element: Use Element upstream without widgets. (bdc6ad2)
• helmfile: Add cluster.networking.proxies. Deployments need to set this if their load balancer or reverse proxy IPs are not part of the cluster.networking.cidr. (a395759)
• helmfile: Add sample.yaml.gotmpl to dev and prod env directories. (dd80abe)
• helmfile: Add new settings to functional.yaml for fileshare expiry dates. (6b88f73)
• helmfile: Check imagePullSecrets templates for all resources (13e0bb8)
• helmfile: Move Intercom-Service to Nubus component. (ef1dad7)
• helmfile: Move OX-Connector to Open-Xchange component. (751f578)
• helmfile: Remove NET_RAW capabilities (e512486)
• helmfile: Remove some YAML linter warnings. (d641359)
• helmfile: Remove toggle functional.email.systemGenerated.useComponentInSenderdomain. Mails will no longer use a component subdomain in their sender address. (b60fe39)
• helmfile: Switch fom dep5 to REUSE.toml. (592f031)
• helmfile: Update portal and branding. (6ba6923)
• helmfile: Update replicas.yaml. (8ef69ec)
• helmfile: Update to support Helmfile 1.0.0-rc5. (f4b9395)
• intercom-service: Customizable user mapper. (a7e5f64)
• jitsi: Improve handling of non authorized users. (8bca56d)
• jitsi: Update chart for improved openDesk look & feel. (f297d8c)
• jitsi: Update Helm chart and Keycloak Adapter image. (3ad81e6)
• jitsi: Update images to 9646-stable. (49ad36e)
• jitsi: Updated branding and new option functional.dataProtection.jitsiRoomHistory.enabled defaulting to [secure]. (67d52c7)
• nextcloud: Add support for secret keys for administrator and ldap credentials (7aee88e)
• nextcloud: Bump image to incorporate latest PHP fixes. (c9ae039)
• nextcloud: Remove /index.php. (3baf37c)
• nextcloud: Update to 29.0.5 and support for new functional settings regarding sharing of files. See the options related to functional.filestore.sharing in functional.yaml and also migrations.md regarding their defaults that differ from the previous standard behaviour of openDesk. (ac148d0)
• nextcloud: Update to 29.0.6 including latest app updates. (9950b73)
• nubus: Add interim ingress configuration fixing UMC in German (6a60c6d)
• nubus: Only use one LDAP Primary and make replica count of Secondary and Proxy others configurable (31753ff)
• nubus: Reduce lint failures, especially take care of pullSecrets (e923468)
• nubus: Remove duplicated "nubusPortalFrontend" (8cd2f3a)
• nubus: Remove superfluous variables (a7d3d25)
• nubus: Update "openDesk Standard" OX profile. (fdb37c3)
• nubus: Update customization for improved UX. (b9db81f)
• nubus: Update LDAP openDesk schemas and add related openDesk config options to user. (e3238f9)
• nubus: Update LDAP to openLDAP 2.5. (c63e725)
• nubus: Update opendesk-nubus to set default OXContext and improved OXProfile, update migrations to (optionally) ldap-patch OXContext for Administrator/default.admin as well as patch the OXProfile to 1.0 default state. (e619db6)
• nubus: Update to 0.63.2 (28dd762)
• nubus: Update to 0.64.2. (fc7099a)
• nubus: Update to Nubus 0.62.2. (8229949)
• nubus: Update to version 0.57.3. (11f750e)
• open-xchange: DisplayName settings for OX-Connector. (b7faa24)
• open-xchange: Update cluster internal Nextcloud URL. (b1946d0)
• open-xchange: Update Migrations for OX-Connector. (6325b69)
• open-xchange: Update OpenXchange Appsuite Bootstrap to v2.1.0 (fb8f7cd)
• open-xchange: Update OX AppSuite to 8.26 and improve configuration including server-side Element integration. (61d7496)
• openproject: Bump OpenProject to 14.5.1. (deacbc9)
• openproject: Remove OPENPROJECT_PER__PAGE__OPTIONS to enable functional administration of the setting. (df9380b)
• openproject: Update Helm chart to v8.0.0 and explicitly template resources. (91e34aa)
• openproject: Update to 14.6.0. (560aa30)
• openproject: Update to 14.6.1. (cc4b359)
• openproject: Updated bootstrap image does not fail on rerun. (7d0d6ea)
• services: Bump Postfix Helm chart to 2.2.0. (f194f24)
• services: Support application based connection limits and password updates for PostgreSQL and MariaDB. (c03566d)
• xwiki: Disable check for local Office component. (a91f181)
• xwiki: Enable IAM controlled functional admin role. (fa8572f)
• xwiki: Update to 16.4.4 - updated. (6347966)
• xwiki: Update to 16.4.4. (d693ff9)

Features

• element: Add feature flag functional.dataProtection.matrixPresence.enabled that defaults to [secure] to avoid that openDesk provides presence information on users unintended. We include the hardcoded configuration in openDesk Synapse that users cannot change their displayname. (4b99357)
• helmfile: Add customization.yaml to define custom files for helmfile releases (180ccdd)
• helmfile: Add fine-granular registry overwrites (7348547)
• helmfile: Add support for argocd git-ops deployment (9f081d8)
• helmfile: Change default subdomain names. Attention, consult docs/migrations.md for upgrade deployments. (3d84e80)
• helmfile: Full ArgoCD support (7bf8e69)
• helmfile: Support feature toggle email.systemGenerated.useComponentInSenderdomain. (a46a632)
• nextcloud: Use nextcloud image with bundled nginx (81f5969)
• nubus: Update IAM components. (ce03400)
• nubus: Update to Nubus 0.39.2 chart (7345563)
• open-xchange: Support for email migration feature toggle enabling masterpassword authentication in Dovecot and AppSuite. Requires openDesk Enterprise. (356d8df)
• services: [bmi/opendesk/deployment/opendesk#66] Add dkimpy-milter to sign outgoing emails with DKIM and use local postfix as mail relay in all components. (fbe4909)

BREAKING CHANGES

• helmfile: Upgrading from previous releases requires manual steps, read ./docs/migrations.md carefully.

0.9.0 (2024-07-24)

Bug Fixes

• collabora: Update to 24.04.5.1.1. (8a2d951)
• collabora: Update to 24.04.5.1.2. (74d444e)
• docs: Update workflow.md. (fd3df7d)
• docu: Update documentation on integration uses cases (#95). (382af1d)
• helmfile: Add S3 bucket for migrations. (972020f)
• helmfile: Streamline prefixes for customizable defaults. UPGRADES: See ./docs/migrations.md for more details. (26a7641)
• jitsi: Raise memory limit for jicofo and jvb as required by upstream product. (fe923bb)
• keycloak: Support for custom OIDC Clients and ClientScopes. (46412d1)
• nextcloud: Support templating of default quota and *_retention_obligation settings (#93). (23ef1d5)
• nextcloud: Update to 28.0.7 including latest apps for 28. (671f57a)
• nextcloud: Update to 28.0.7 including the apps, fix admin panel warnings (#94). Updated cluster.networking.cidr potentially requires manual migration, see docs/migrations.md for details. (63f8394)
• openproject: Bump to 14.3.0 and update Helm chart to 7.0.0. (6b609ed)
• openproject: Support for adding token to enable OpenProject Premium. (dfaf4be)
• xwiki: Add email address mapping to LDAP sync; Fix hostname null value in notification links. (1067e72)
• xwiki: Remove .rtf and .odt export options as they are currently non functional. (b806d51)
• xwiki: Update to 16.4. (db7f5d6)
• xwiki: Update to 16.4.1. (e54aaab)

Features

• authentication: Avoid that users can open a app they do not have the appropriate LDAP group set for. Implementation is based on role based client scopes. Introducing also an openDesk migration approach with a pre and post deployment stage. (b4570a9)

0.8.1 (2024-07-01)

Bug Fixes

• collabora: Bump image to 24.04.4.1.1. (368fe13)
• collabora: Bump image to 24.04.4.2.1. (01767d3)
• docs: Add Ports section to getting started. (c07b25c)
• docs: Correction regarding the currently supported ingress controller. (8514908)
• docs: Update regarding the currently supported ingress controller. (064a5ad)
• element: Provide the internal cluster domain to synapse-web. (a8692d5)
• helmfile: Add script to ease local development of platform charts. (d8f3e05)
• helmfile: Enable SMTP for XWiki and Element/Synapse; Streamline mail sender addresses within platform based on <localpart>@<component>.<domain> and allow configuration of <localpart>. (01c5e6b)
• helmfile: Include all .yaml.gotmpl files for the envs in environments.yaml. (e523434)
• helmfile: Streamline functional.yaml. Upgrade notice: If you set a non default value for .Values.portal.enableDeploymentInformation please change it to .Values.admin.portal.deploymentInformation.enabled with this version. (e89b16a)
• jitsi: Update PatchJVB bitnami/kubectl image to 1.30.2. (6ef3641)
• nubus: Enable Keycloak's user account console. (c03e4a5)
• nubus: Remove doublette ingress annotations. (890b36e)
• open-xchange: Fixing YAML indentation of updater resources (0ce346b)
• openproject: Bump image to 14.2.0. (1ad35f1)
• openproject: Switch DBInit container image to Alpine based version to reduce footprint. (c90f7c1)
• openproject: Update PostgreSQL image for DB init to 16.3. (45e5699)
• services: Allow Postfix "relayHost" to be empty. (7268f60)

0.8.0 (2024-06-10)

Bug Fixes

• ci: Allow CI to be triggered by API authorized personal access token. (b95fd11)
• collabora: Semi-disable update checker. (d7a127f)
• collabora: Update to 24.04.3.1.1. (5869316)
• docs: Spell check and streamline. (4d99bf3)
• element: Bump container images (widgets, community artifacts). (f856205)
• element: Bump to v1.11.67. (a4ff89b)
• element: Update Synapse. (9fa8ace)
• helmfile: Remove unused ox-provisioning hostname. (e31a0a2)
• jitsi: Update jitsi-keycloak-adapter image to Docker tag v20240314. (6202bc4)
• nubus: Change to new Univention upstream registry. (d7fbc57)
• nubus: Disable UDM REST API routing by default and always disable UMC local login. (e1e8a7f)
• nubus: Guardian version bump and refactoring. (2f88752)
• nubus: Re-add selfservice-listener image configuration. (af711b0)
• open-xchange: Set Nubus LDAP attribute to render manager_name in address book. See https://forge.univention.org/bugzilla/show_bug.cgi?id=53741 for reference. (4f92001)
• openproject: Bump library/postgres image to v16. (742c293)
• openproject: Bump to 14.1.0, set default timezone on deployment to Europe/Berlin and raise default memory limit to 2Gi. (6e49721)
• openproject: Update Helm chart to v5.1.4. (75cd077)
• openproject: Update to 14.1.1 and bump PostgreSQL 13 image for InitDB. (bd2d7cf)
• services: Update opendesk-home to v1.0.2 to fix issue with Element .well-known ingress collision. (b0eb28b)
• univention-management-stack: Add functional switch to disable deployment information. (a31c5f5)

Features

• element: Enable Matrix federation via https. (ecb566f)
• helmfile: Add support for Ingress parameter configuration (proxy-body-size, proxy-read-timeout, proxy-send-timeout). (dc39b94)
• helmfile: Create child helmfile for GitOps approach. (a899699)
• nubus: Cleanup Keycloak values. (f3d8cf0)

0.7.1 (2024-05-21)

Bug Fixes

• ci: Add Renovate dependency update automation. (650c41c)
• cryptpad: Update Helm chart v0.0.19 and include CryptPad app in Helmfile deployment. (931ed95)
• docu: Add IdP federation documentation. (7167055)
• docu: Rename SYNAPSE_DOMAIN to MATRIX_DOMAIN. If you use SYNAPSE_DOMAIN in your deployment, ensure you set the MATRIX_DOMAIN accordingly before upgrading. (96baa6c)
• element: Provide certificate for alternative Synapse domain. (88ac239)
• helmfile: Use Open CoDE as default registry for Univention helm chart (#71). (4e56ce4)
• jitsi: Bump images to stable-9457-2. (1d47fa6)
• jitsi: Raise Jibri memory limits to fullfil Jibri's 2Gi /dev/shm requirement and update Helm chart; To update an existing installation you need to manually delete the jitsi-prosody stateful set before the update e.g. kubectl -n <your_namespace> delete --cascade=orphan statefulsets jitsi-prosody. Ensure you use the --cascade=orphan part, otherwise you have to remove and reinstall the complete deployment. (6570c13)
• nextcloud: Bump to 28.0.5 incl. latest app versions. (04d9372)
• nubus: Bump Keycloak to 24.0.3. (923533d)
• nubus: Enable 2FA for group "Domain Admins" by default. (1179669)
• nubus: Update keycloak-bootstap and keycloak-extensions. (1c6666f)
• open-xchange: Support change of username. (b2cfa8b)
• openproject: Bump version to 14.0.1, update Helm chart to 4.5.0. (e085211)

0.7.0 (2024-05-06)

Bug Fixes

• ci: Add debug option. Has to be supported by stage specific configuration containing: debug.enabled: {{ env "DEBUG_ENABLED" | default false }} (3dc6484)
• element: Provide the internal cluster domain to synapse web (b9ac5ec)
• univention-management-stack: Add the image configuration for NATS (e9ec2f3)
• univention-management-stack: Fix #55, #35 by updating chart "ums" to 0.11.2 and image "portal-listener" to 0.20.6; To update an existing installation you need to manually delete the ums-portal-listener stateful set before the update: kubectl -n <your_namespace> delete statefulsets ums-portal-listener (2ad0270)
• univention-management-stack: Migrate UDM-REST-API image to new Univention registry (9be3b78)
• univention-management-stack: Objectstore credentials (d1bd43f)
• univention-management-stack: Update Helm chart to 0.12.0 including required changes to openDesk Helmfile deployment. (fefd2f6)
• univention-management-stack: Use the NATS related image configuration (cd22570)

Features

• element: Add support for Matrix federation (36139b4)
• helmfile: Introduce additional variables for mailDomain and synapseDomain (e6fe2a7)
• services: Add opendesk-home service, which redirects on domain to portal (c7e2172)

0.6.0 (2024-04-11)

Bug Fixes

• helmfile: Improve support for external Objectstore, and fix issue with DoveCot storageClassName (1b748b6), closes #57 #60 #56
• nextcloud: Bump to 28.0.4 (cb33a92)
• univention-management-stack: add Guardian provisioning job image (79c52d0)
• univention-management-stack: Update UMC to 0.11.8 (5e3f4fa)
• univention-management-stack: Use umbrella helm chart (10ecb44)
• xwiki: Bump to 15.10.8 and enable OIDC backchannel logout (c395d35)

Features

• open-xchange: Bump to 8.23 and remove Istio prerequisite (3be3564)

0.5.81 (2024-03-28)

Bug Fixes

• docs: Various updates (50e2638)
• element: Update Element Web to v1.11.59 with widget sync fix and NeoBoard v1.14.0 (0fd4a26)
• helmfile: Fix OpenAPI validations for Kubernetes v1.28 (0aa4cfb)
• nextcloud: Bump to 28.0.3 (34d2c05)
• nextcloud: Rename default shared folder to __Shared_with_me__ (5f9d015)
• open-xchange: Bump to 8.22 (5ebf291)
• openproject: Bump OpenProject to 13.4.0 (d565c05)
• openproject: Bump version to 13.4.1 (7cc3964)
• services: Update Otterize Policies (42f63e3)
• univention-management-stack: Add missing authenticator secret mount to portal-server (5a39e87)
• univention-management-stack: Update LDAP server for BSI base security compliance (8e889db)
• univention-management-stack: Update ldap-notifier and ldap-server (a41ddd5)
• univention-management-stack: Update provisioning charts, images and helm value to add authentication (8c97bcf)

0.5.80 (2024-03-11)

Bug Fixes

• ci: Remove creation of release artefacts, use the images.yaml and charts.yaml in ./helmfile/environments/default for information about the artefacts instead. (ee99eef)
• collabora: Bump image to 23.05.9.4.1 (9c32058)
• docs: Add development.md and refactor images.yaml and charts.yaml (a2b333b)
• helmfile: YAML handling of seLinuxOptions and align overall toYaml syntax (011ad2c)
• nextcloud: Update images digests (bc18724)
• openproject: Bump to 13.3.1 (7ee9e47)

0.5.79 (2024-02-29)

Bug Fixes

• collabora: Bump image to 23.05.9.2.1 (f4b8226)
• collabora: Fix aliasgroups configuration whitelisting the Nextcloud host (8b065fd)
• docs: Update version numbers of functional components for release in README.md (31e5cf3)
• element: Provide end-to-end encryption as user controlled option (3d31127)
• helmfile: Enhance objectore environment variables to allow external Object Store (d444226)
• helmfile: Set debuglevel to WARN instead of INFO when debug is not enabled. (2efceef)
• nextcloud: Bump images to enable password_policy and fix email with groupware (8807b24)
• univention-management-stack: Bump Keycloak Extensions chart and configure the /univention/meta.json to be retrieved from ums-stack-gateway to avoid the inline 404 during Keycloak login. (2023d5b)
• univention-management-stack: Provisioning version bump (410a023)
• univention-management-stack: Template more Keycloak Extension values incl. logLevel (7ec123b)

0.5.78 (2024-02-23)

Bug Fixes

• ci: Move main development repo OpenCoDE (43718b8)
• ci: Run release pipeline only on pushes to main (13dcb00)
• ci: Update kyverno rules (d9263c9)
• docs: Add missing footnote regarding Nubus (bc6e4f8)
• nextcloud: Set admin priviledges for users in central IAM (a3e415d)
• univention-management-stack: Scaling udm-rest-api (57d0f61)
• univention-management-stack: Set Keycloak CSP header to allow session continuation in admin portal. (a398e5a)
• univention-management-stack: UMS portal-server scalability (b1b4c28)
• univention-management-stack: Univention Portal upstream codefixes version bump (c2f62f7)
• univention-management-stack: Update provisioning to fix high CPU usage when in idle (d9c23bd)

0.5.77 (2024-02-16)

Bug Fixes

• ci: Complete CI var usage for external registry (3bcdcd0)
• ci: Update openDesk CI Lint to v2.3.1 (250ef2b)
• collabora: Add chart validation (0159902)
• collabora: Bump to 23.05.9.1.1 (b525a81)
• cryptpad: Update chart to v0.0.18 (6f0b1f3)
• docs: Add functional component table referencing the component versions to README.md (bc7eeb8)
• docs: Add generated security-context.md (d9e07ff)
• element: Change name of neodatefix bot job (dd535da)
• element: Disable e2ee (ba0824b)
• helmfile: Add additional provisioning components and configuration (110ff56)
• helmfile: Add seLinuxOptions for all applications (02d04fa)
• helmfile: Annotations in image.yaml (7ebbd03)
• helmfile: Bump Collabora Chart to 1.11.1 and Image to 23.05.8.4.1 (d2b1f0b)
• helmfile: Fix annotations in images.yaml (acaec3b)
• helmfile: Fix umsPortalFrontend image annotation (8f83261)
• helmfile: Improve debugging (56f5e35)
• nextcloud: Bump openincryptpad to 0.3.3 and disable circles app (f2b8acf)
• nextcloud: Set backchannel logout url (c0fc225)
• nextcloud: Update image, nextcloud apps and chart (fd2a66f)
• nextcloud: Update nextcloud image and chart to support upgrades (5d95e7a)
• nextcloud: Update to Nextcloud to v28 (7c9f38f)
• open-xchange: Bump Gotenberg image (49f126d)
• open-xchange: Dovecot image on OpenCoDE without mirror (1396071)
• openproject: Bump version to 13.3.0 (c2087ef)
• univention-management-stack: New device login notifications on first login with 2FA (ee1a337)
• univention-management-stack: Patches not applied to uldap (2909e1d)
• univention-management-stack: Support for object-storage icons and portal files (83ac645)
• univention-management-stack: Update NGINX Helm chart to 15.9.3 (c16c0ac)
• univention-management-stack: Update otterize to allow umc-server communication with memcached (6c15dc1)
• xwiki: Add bottom border to top nav bar to be aligned with the other components (affa92c)
• xwiki: Bump XWiki chart to 1.3.0 (cabee0c)

0.5.76 (2024-01-24)

Bug Fixes

• nextcloud: Correct indent in monitoring resources (bea1413)
• services: Monitoring for minio with correct labels and there are no prometheusRule (af63e5c)
• univention-management-stack: Fix external registry for nats charts (cbb33b9)

0.5.75 (2024-01-24)

Bug Fixes

• ci: Add Kyverno CI Lint (e778a59)
• helmfile: Cleanup and small conformity fixes (db0a544)
• helmfile: Merge .yaml and .gotmpl files for Services, Provisioning, Cryptpad, Intercom-Service and Element (a49daa6)
• helmfile: Split image and helm registry (89c149a)
• univention-management-stack: UMC secure session cookie (67f7c05)
• univention-management-stack: Update guardian to version 2 (a99f338)

0.5.74 (2024-01-12)

Bug Fixes

• ci: Add opendesk-ci linter (b23152b)
• ci: Scan all images for malware on release (807b73c)
• ci: Switch to 'on_success' instead of 'always' (e1f6370)
• collabora: Migrate collabora to yaml.gotmpl file (09d001b)
• cryptpad: Bump image (90152bd)
• cryptpad: Bump image to 5.6.0 (1c4db30)
• cryptpad: Verify against GPG key (fec0d1f)
• docs: Update Helm Chart Trust Chain information (f894370)
• element: Fix rights & roles of neoboard (7daa93f)
• element: Fix rights and roles configuration (452624c)
• helmfile: Add image annotations for mirroring (41e777c)
• helmfile: Add logLevel to globals (8db9bf3)
• helmfile: Add XWiki GPG key (712605e)
• helmfile: Increase timeouts for deployment of services (3b557a8)
• helmfile: Merge fix values filename for Jitsi (7a14531)
• helmfile: Remove oci flag from charts.yaml and move user/password (2ad48b6)
• helmfile: Sort images and charts (acf6816)
• helmfile: Switch artefacts to be pulled from Open CoDE or upstream (6b3d99d)
• intercom-service: Add scaling option. (969c42a)
• jitsi: Add available securityContexts here (8f09740)
• nextcloud: Replace community Nextcloud with openDesk Nextcloud (813a2e2)
• open-xchange: Enable ICAP and merge yaml and gotmpl files (306252d)
• openproject: Consolidate env values set by Helm chart (08754cc)
• openproject: Merge yaml and gotmpl value files (45967c7)
• services: Add scaling to all services (0492420)
• univention-management-stack: Add guardian components (db749d8)
• univention-management-stack: Add missing image template for ums stack gateway and imagePullSecrets to keycloak extensions (0bf059e)
• univention-management-stack: Add ums provisioning service (d039c65)
• univention-management-stack: Bump Keycloak Bootstrap image (bb289d5)
• univention-management-stack: Bump Keycloak chart and image and provide settings for IT-Grundschutz (c2e9204)
• univention-management-stack: Keycloak clients for guardian (b30b29d)
• univention-management-stack: Provide openDesk version info for admins in portal menu (5f5a65f)
• univention-management-stack: SAML join using internal Keycloak hostname (acbef3a)
• univention-management-stack: Streamline timeouts for deployment (506ef4a)
• univention-management-stack: Updated base image (78993e1)
• xwiki: Bump Helm chart und image, fix favicon (87b6fcf)
• xwiki: Ldap group sync filter (9aa907a)
• xwiki: Update default XWiki configuration (f13f39a)
• xwiki: Update Image to include XWiki 15.10.4 (9ff6056)
• xwiki: Update to 1.2.6 and add imagePullSecrets (2d2455f)
• xwiki: Verify against GPG key (a0d5fb8)

0.5.73 (2023-12-21)

Bug Fixes

• docs: Add and reference workflow.md (0e1e875)
• helmfile: Make GPG keys to use CC0-1.0 (006e20f)
• helmfile: Pull Univention Helm charts from OCI (8d6503c)
• helmfile: Switch Helm charts to Open CoDE (0952221)
• open-xchange: Disable debug container (appsuite-toolkit) (40fb9dc)
• univention-management-stack: Add extended timeouts to Helm deployment (1f7b3ca)

0.5.72 (2023-12-18)

Bug Fixes

• collabora: Update image to 23.05.6.3.1 (8c378c6)
• docs: Update scaling.md (d342efe)
• open-xchange: Update Helm chart removing yaml templating doublettes (c21dd46)

0.5.71 (2023-12-15)

Bug Fixes

• docs: Security.md (36bbbae)
• univention-management-stack: Switch to Univention Keycloak (902076c)

0.5.70 (2023-12-14)

Bug Fixes

• univention-management-stack: Remove UCS container monolith and make UMS standard IAM (450c434)

0.5.69 (2023-12-12)

Bug Fixes

• univention-management-stack: Functional replacement for UCS container monolith, still optional. (ce38714)

0.5.68 (2023-12-11)

Bug Fixes

• jitsi: Disable IP Blacklist (6a649cb)
• open-xchange: Update to latest version (db4bfa4)

0.5.67 (2023-12-11)

Bug Fixes

• services: Use Charts from openCoDE registry (cc0daa2)

0.5.66 (2023-12-08)

Bug Fixes

• element: Update Element and Widgets (6a26299)

0.5.65 (2023-12-08)

Bug Fixes

• univention-management-stack: Bump OX Connector (83192b7)

0.5.64 (2023-12-06)

Bug Fixes

• openproject: Switch to release container and set home url link (e67ab8f)

0.5.63 (2023-12-06)

Bug Fixes

• nextcloud: Remove Talk folder (0ea5856)

0.5.62 (2023-12-06)

Bug Fixes

• nextcloud: Bump image to 27.1.4 and update Helm chart to configure "Shared_with_me" folder (d04a603)
• univention-management-stack: Update optional UMS preview state (94ae3da)

0.5.61 (2023-12-05)

Bug Fixes

• services: Fix port declaration for Postfix (bf5dcda)

0.5.60 (2023-12-05)

Bug Fixes

• ci: Ensure release creation with artifacts (dc7ce0b)

0.5.59 (2023-12-05)

Bug Fixes

• helmfile: Add configurable objectstore (3b5493d)

0.5.58 (2023-12-01)

Bug Fixes

• cryptpad: Add websocket annotation (c41643e)
• openproject: Add seederJob intent (05cc82d)
• openproject: Bump to 2.6.2 (c8bc8b3)
• services: Add NetworkPolicy section to docs/security.md (24812b6)
• services: Add Otterize based security settings (bec9a2d)
• univention-management-stack: Add Otterize annotations for jobs (2628a0e)

0.5.57 (2023-12-01)

Bug Fixes

• helmfile: Using correct private registry for postfix helm-chart (d367739)

0.5.56 (2023-11-30)

Bug Fixes

• element: Raise treshold for login rate limit to avoid too early barrier hitting normal users (466e741)

0.5.55 (2023-11-30)

Bug Fixes

• cryptpad: Update Helm chart to enable readiness and liveness probes (6d3e484)

0.5.54 (2023-11-29)

Bug Fixes

• helmfile: Add and document security context for components (519db51)

0.5.53 (2023-11-29)

Bug Fixes

• univention-managemen-stack: Integrate Attribute to Group Mapper into the containerized stack (7bbab22)
• univention-management-stack: Add Announcements icon into "umc-gateway" (7a9ecf7)
• univention-management-stack: Add Announcements module into "umc-server" (4c52a5a)
• univention-management-stack: Add branding related configuration to stack-gateway (a5f263c)
• univention-management-stack: Apply styling (b3d45c4)
• univention-management-stack: Configure openDesk branding in frontend chart (cbe8fb2)
• univention-management-stack: Document database of UMS Notifications API (3cf348c)
• univention-management-stack: Move static settings from gotmpl into yaml for umc-gateway (b3ac0ae)
• univention-management-stack: Quote all composed strings (1c35ca6)
• univention-management-stack: Remove frontend-custom (8b6a4b2)
• univention-management-stack: Set SMTP host for self-service notifications (0c7a77c)
• univention-management-stack: UMC uses external memcached (211bee9)
• univention-management-stack: Update ums-dependencies (e0c6c14)
• univention-management-stack: Update ums-dependencies (c246edd)
• univention-management-stack: Update ums-dependencies (86b4818)
• univention-management-stack: Use "stack-gateway" in all deployments (c19bca2)

0.5.52 (2023-11-28)

Bug Fixes

• ci: Open automatic MRs for new branches (735fec3)

0.5.51 (2023-11-28)

Bug Fixes

• nextcloud: Bump chart to fix central navigation (cac6abe)
• openproject: Update container and prepare for OIDC based user admin role setting (6dc92df)

0.5.50 (2023-11-27)

Bug Fixes

• ci: Add metadata for renovate processing (36aa3ed)

0.5.49 (2023-11-27)

Bug Fixes

• nextcloud: Bump image to incorporate fix for https://github.com/nextcloud/security-advisories/security/advisories/GHSA-f962-hw26-g267 (efbd814)

0.5.48 (2023-11-24)

Bug Fixes

• services: Update resource requests and remove cpu limits (f86a74b)

0.5.47 (2023-11-24)

Bug Fixes

• helmfile: Rename absolute paths on OpenCoDE to new 'opendesk' base group name (7ac2e0f)
• xwiki: Enable the sync of user profile picture from LDAP (6aa3d38)

0.5.46 (2023-11-23)

Bug Fixes

• element: Fix quotes in element chart (a447c13)

0.5.45 (2023-11-22)

Bug Fixes

• open-xchange: Add security context (db48140)

0.5.44 (2023-11-21)

Bug Fixes

• ci: Remove default BASE_DOMAIN in .gitlab-ci.yml (7ae65a3)

0.5.43 (2023-11-20)

Bug Fixes

• univention-management-stack: Update optional UMS preview state (061e588)

0.5.42 (2023-11-20)

Bug Fixes

• nextcloud: Add exporter and serviceMonitor (feed270)
• nextcloud: Bump openDesk bootstrap to 3.2.3 to support serverinfo token (ea14f95)

0.5.41 (2023-11-16)

Bug Fixes

• helmfile: Split README into docs (cd0e94f)

0.5.40 (2023-11-14)

Bug Fixes

• open-xchange: Bump Dovecot and fix out-of-office replys (55f6ba2)

0.5.39 (2023-11-14)

Bug Fixes

• univention-management-stack: Update optional UMS preview state (e231e57)

0.5.38 (2023-11-13)

Bug Fixes

• collabora: Update image to 23.05.5.4.1 (c460467)

0.5.37 (2023-11-12)

Bug Fixes

• openproject: Add bootstrapping of Nextcloud filestore (1971dfb)

0.5.36 (2023-11-10)

Bug Fixes

• element: Update Element and Widgets (97034a5)

0.5.35 (2023-11-10)

Bug Fixes

• helmfile: Eliminate some yamllint errors (1d03a6e)
• helmfile: Move ldap host variable into helpers (08811de)
• helmfile: Update charts to use proper quoting (69ea840)
• services: Add minio as service and consume by OpenProject (baa5827)

0.5.34 (2023-11-09)

Bug Fixes

• openproject: Bump helmchart and properly template OP's initdb image (0d8e92f)

0.5.33 (2023-11-09)

Bug Fixes

• cryptpad: Update security context (89ae1d9)

0.5.32 (2023-11-09)

Bug Fixes

• collabora: Resource definitions (65ce9a1)

0.5.31 (2023-11-08)

Bug Fixes

• univention-management-stack: Update optional UMS preview state (d0a0799)

0.5.30 (2023-11-06)

Bug Fixes

• collabora: Init monitoring in defaults and in collabora (for prometheus-monitor, -rules and grafana dashboard) (0ad0434)
• helmfile: Add monitoring.yaml for optional monitoring (385d81b)

0.5.29 (2023-11-06)

Bug Fixes

• xwiki: Update XWiki Helm configuration to enable LDAP and OIDC user synchronization (7c56c72)

0.5.28 (2023-11-06)

Bug Fixes

• open-xchange: Add Document- and ImageConverter, improve LDAP address book filters (899a8c5)

0.5.27 (2023-11-04)

Bug Fixes

• docs: Re-include release artefacts (4359b21)

0.5.26 (2023-11-02)

Bug Fixes

• element: Enables user directory search for all users (8fafd90)

0.5.25 (2023-11-01)

Bug Fixes

• cryptpad: Add CryptPad to support editing of diagrams.net files from within Nextcloud (ab6014f)

0.5.24 (2023-11-01)

Bug Fixes

• collabora: Update image to 23.05.5.3.1 (38336d0)

0.5.23 (2023-11-01)

Bug Fixes

• element: Update Element Web to latest release (b47de62)

0.5.22 (2023-10-31)

Bug Fixes

• openproject: Nextcloud integration within K8s instances (d249d0e)

0.5.21 (2023-10-30)

Bug Fixes

• helmfile: Deinstall components if disabled (7feaadf)
• helmfile: Put enviroments in first document inside of a yaml (034e98c)

0.5.20 (2023-10-30)

Bug Fixes

• helmfile: Remove old XWiki image, set explicit timeout for OP deployment, bump Jitsi Helm chart to enable chat for stand-alone Jitsi (5d01f8c)

0.5.19 (2023-10-30)

Bug Fixes

• element: Update Element Web and Nordeck Widgets to latest releases (2313f75)

0.5.18 (2023-10-28)

Bug Fixes

• xwiki: Switch to Alpine/Jetty slim image (b399869)

0.5.17 (2023-10-28)

Bug Fixes

• nextcloud: Update swp_integration app and prepare CryptPad integration (a046dea)

0.5.16 (2023-10-26)

Bug Fixes

• openproject: Slim container with upgraded helm-chart (535823e)

0.5.15 (2023-10-25)

Bug Fixes

• helmfile: Add XWiki Jetty and UniventionKeycloak to image.yaml for Compliance checks. They are not yet part of standard deployment. (8e376bb)

0.5.14 (2023-10-20)

Bug Fixes

• element: Support for openDesk top bar with central navigation (e609b75)

0.5.13 (2023-10-20)

Bug Fixes

• element: Configure rights and roles (59d58e3)

0.5.12 (2023-10-19)

Bug Fixes

• element: Add an application service for the intercom-service (1a4eced)
• element: Add the Matrix NeoBoard Widget deployment (5afd233)
• element: Add the Matrix NeoChoice Widget deployment (7756d35)
• element: Add the Matrix NeoDateFix Bot deployment (785989e)
• element: Add the Matrix NeoDateFix Widget deployment (27b6796)
• element: Add the Matrix User Verification Service deployment (30405d1)
• element: Upgrade Element to v1.11.46 (82a037e)
• element: Upgrade the opendesk-element charts to 2.3.0 (fd9e04d)
• element: Upgrade the opendesk-matrix-widgets charts to 2.3.0 (cbe5141)
• element: Use a separate image configuration for the bootstrap tasks (7f7c364)
• intercom-service: Allow access from the non-istio domain and reference to the correct synapse hostname (16f2ac4)
• intercom-service: Fix the nordeck configuration (06dcdd7)
• jitsi: Use template for the cluster networking domain (0898d96)
• keycloak: Use the correct backchannel logout configuration for element (86657b1)
• open-xchange: Enable Element calendar integration (f564efd)

0.5.11 (2023-10-11)

Bug Fixes

• helmfile: Quote all password template strings (fb7dba7)
• services: Add memcached service (72e3afd)

0.5.10 (2023-10-11)

Bug Fixes

• intercom-service: Update intercom-service chart to v2.0.0 (c3129f1)

0.5.9 (2023-10-10)

Bug Fixes

• element: Enable the guest module in Synapse (da1bf35)

0.5.8 (2023-10-10)

Bug Fixes

• helmfile: Add default port for SMTP in environment (74f9ec2)

0.5.7 (2023-10-09)

Bug Fixes

• openproject: Mail sender address (711d29e)

0.5.6 (2023-10-09)

Bug Fixes

• helmfile: Use signed bitnami charts from openDesk Mirror Builds (70744d0)
• services: Bump redis chart to 18.1.2 (d4c751d)

0.5.5 (2023-10-09)

Bug Fixes

• openproject: Switch image to fix central navigation; set email sender address (e42feb4)

0.5.4 (2023-10-02)

Bug Fixes

• helmfile: Add third environment (test) (7dbcbfe)

0.5.3 (2023-09-28)

Bug Fixes

• open-xchange: Rollback MariaDB version to fix OX Guard initialization (e33acd3)

0.5.2 (2023-09-28)

Bug Fixes

• ci: Add Gitlab-CI sledgehammer deployment removal (6fd655a)

0.5.1 (2023-09-28)

Bug Fixes

• docs: Add 'Helm Chart Trust Chain' section (b6b4972)
• docs: Highlight that Helmfile >= 0.157.0 is required (d86f516)
• element: Use OCI registry and verify chart signatures (a41b9a6)
• helmfile: Add cleanup flag for job resources (0f01b94)
• helmfile: Create directory for gpg pubkeys (4c5731e)
• intercom-service: Use OCI registry and verify chart signatures (74b3d41)
• jitsi: Verify chart signatures (1dd6582)
• keycloak-bootstrap: Use OCI registry and verify chart signatures (ca5d5f8)
• keycloak: Use OCI registry and verify chart signatures (095059c)
• nextcloud: Use OCI registry and verify chart signatures (41dfdc0)
• open-xchange: Use OCI registry and verify chart signatures (2d5d370)
• open-xchange: Use renamed istio gateway (65d2642)
• openproject: Use OCI registry and verify chart signatures (5343840)
• services: Add wildcard certifcate request support (15ad8ca)
• services: Bump opendesk-certificates to 2.1.0 (4372f06)
• services: Only create istio gateway with webmail domain (6a39011)
• services: Use OCI registry for all services and add gpg verify mechanism (892920b)
• univention-corporate-container: Use OCI registry and verify chart signatures (424317e)

0.5.0 (2023-09-27)

Bug Fixes

• element: Move the static configuration into the values.yaml (f22619b)
• element: Specify resources for the guest module init container (275798c)

Features

• element: Activate the guest module (5ad25ac)

0.4.9 (2023-09-27)

Bug Fixes

• nextcloud: Bump Helm chart to add app "groupfolders" (62b767e)

0.4.8 (2023-09-26)

Bug Fixes

• openproject: Digest rollback (9acce08)

0.4.7 (2023-09-26)

Bug Fixes

• helmfile: Add timeout for database services (98ec02f)
• openproject: Image digest (b340373)

0.4.6 (2023-09-26)

Bug Fixes

• openproject: Use renamed registry open_desk (a37faf3)

0.4.5 (2023-09-26)

Bug Fixes

• helmfile: Streamline timeouts (2703615)

0.4.4 (2023-09-25)

Bug Fixes

• open-xchange: Updates for mail templates and mail export (ae3d0da)

0.4.3 (2023-09-25)

Bug Fixes

• nextcloud: Update image to 27.1.1 (ce7e5f6)

0.4.2 (2023-09-21)

Bug Fixes

• nextcloud: Add Nextcloud app for OpenProject integration; Bump Collabora Image (f46c8a9)

0.4.1 (2023-09-19)

Bug Fixes

• univention-management-stack: Remove doublette triple dashes in helmfile.yaml (41b9afb)

0.4.0 (2023-09-18)

Features

• ci: Optionally trigger E2E tests of the SouvAP Dev team (a99c088)

0.3.2 (2023-09-14)

Bug Fixes

• helmfile: Fix linter issues (1514678)
• univention-management-stack: Add "commonLabels" into helmfile (16c08f8)
• univention-management-stack: Add Helm charts (a74d662)
• univention-management-stack: Add switch "univentionManagementStack.enabled" (471a2fa)
• univention-management-stack: Adjust Ingress configuration for portal-server (13bcd78)
• univention-management-stack: Adjust Ingress configuration for umc (320da3b)
• univention-management-stack: Adjust Ingress configuration of notifications-api (5e1a7b1)
• univention-management-stack: Adjust ingress configuration of the portal-frontend (c54bab1)
• univention-management-stack: Adjust Ingress configuration of udm-rest-api (c61b1b8)
• univention-management-stack: Adjust Ingress conifguration of store-dav (96097e4)
• univention-management-stack: Configure cookie banner data (12c931f)
• univention-management-stack: Define resource requests and limits (2f8a298)
• univention-management-stack: Disable istio for the stack (4835a2b)
• univention-management-stack: Prepare persistence configuration (7ab1cb5)
• univention-management-stack: Process bases before releases (ec3f1d9)
• univention-management-stack: Set externalDomainName for bootstrapping the stack (0ba71f2)
• univention-management-stack: Split templated from static values (09079a1)
• univention-management-stack: Split values into templated and static (d3c4390)
• univention-management-stack: Update portal-listener to leverage dependency waiting (c840608)
• univention-management-stack: Use global secrets to fill initialPasswordAdministrator (a4bab40)
• univention-management-stack: Use global secrets to populate ldap related secrets (9409ad8)
• univention-management-stack: Use global secrets to set store-dav related passwords (90019e3)
• univention-management-stack: Use ldap base DN "dc=swp-ldap,dc=internal" (77e362f)
• univention-management-stack: Use postgresql service for notifications-api (fe0e0cd)
• univention-management-stack: Use the prefix "ums-" for all releases (edb25bd)
• univention-management-stack: Use the value "global.imagePullPolicy" (15db5dc)

0.3.1 (2023-09-14)

Bug Fixes

• collabora: Update Ingress annotations and set securityContext (b5583ca)
• element: Improve default container security settings (882f1fb)
• element: Update opendesk element version to 2.0.1 (d725b93)
• helmfile: Remove default SMTP credentials and create docs for SMTP/TURN (e120f5f)
• helmfile: Update images and use a tag and digest together (c7fc187)
• services: Explicitly set securityContexts (a799db0)
• services: Update Postfix to 2.0.2 fixing security gaining (e1070ee)

0.3.0 (2023-09-12)

Features

• ci: Selective tests (d2e7ac9)

0.2.10 (2023-09-06)

Bug Fixes

• helmfile: Add imagePullPolicy default env variable (f988644)
• helmfile: Update images and add jitsi, keycloak to security section in docs (0eceb85)
• jitsi: Update chart to 1.4.2 with improved security and fixed change on each deployment (1349181)
• jitsi: Update jitsi to 1.5.1 and fix prosody image (ed7e5e4)
• keycloak: Improve default security settings (3b90533)
• nextcloud: Fix yamllint disable comment (4380e78)
• services: Disable https redirect in istio to fix cert-manager issues (1ef4a86)
• services: Fix capabilities of postifix (a6fa846)
• services: Fix OCI registry address of postgresql, mariadb (be82243)

0.2.10 (2023-09-06)

Bug Fixes

• helmfile: Add imagePullPolicy default env variable (f988644)
• helmfile: Update images and add jitsi, keycloak to security section in docs (0eceb85)
• jitsi: Update chart to 1.4.2 with improved security and fixed change on each deployment (1349181)
• keycloak: Improve default security settings (3b90533)
• nextcloud: Fix yamllint disable comment (4380e78)
• services: Disable https redirect in istio to fix cert-manager issues (1ef4a86)
• services: Fix capabilities of postifix (a6fa846)
• services: Fix OCI registry address of postgresql, mariadb (be82243)

0.2.9 (2023-09-05)

Bug Fixes

• collabora: Add websocket support for NGINX Inc. Ingress (6e5ef63)
• docs: Add security part in README (ff462ab)
• docs: Update scaling docs (63a1e25)
• helmfile: Reduce icap resources in default enviroment (c5ab1b8)
• helmfile: Update clamav and nextcloud images in default environment (4f2a8ae)
• nextcloud: Add support for up to 4G large upload for Ingress NGINX and NGINX Inc. Ingress (6e68f7f)
• nextcloud: Rename sovereign-workplace-nextcloud-bootstrap to opendesk-nextcloud-bootstrap and use OCI (cef11ac)
• nextcloud: Use clamav-icap when clamavDistributed is activated (41d40c9)
• services: Enable security context and use default increased security settings (9a6d240)
• services: Fix image registry templates for postfix (6321ff5)
• services: Replace image digest by tag (f758293)
• services: Set readOnlyRootFilesystem to true on master (5fbf86b)
• services: Update clamav to 4.0.0, redis to 18.0.0, postgresql to 2.0.2, mariadb to 2.0.2 and use OCI registries (9d78664)

0.2.8 (2023-08-31)

Bug Fixes

• open-xchange: Update images and Helm chart (39565c7)

0.2.7 (2023-08-30)

Bug Fixes

• jitsi: Update Jitsi Helm chart to set the user's display name as default (387bd87)

0.2.6 (2023-08-30)

Bug Fixes

• ci: Change path of asset_generator (6ab4fa0)
• ci: Include deployment environments (0f59736)
• ci: Release artefacts (2a61b5f)

0.2.6 (2023-08-30)

Bug Fixes

• ci: Change path of asset_generator (6ab4fa0)
• ci: Include deployment environments (0f59736)
• ci: Release artefacts (2a61b5f)

0.2.6 (2023-08-30)

Bug Fixes

• ci: Change path of asset_generator (6ab4fa0)
• ci: Release artefacts (2a61b5f)

0.2.5 (2023-08-30)

Bug Fixes

• xwiki: Theming and language of central navigation (3d4d45f)

0.2.4 (2023-08-29)

Bug Fixes

• element: Apply the global theme to Element (7f7eae8)

0.2.3 (2023-08-29)

Bug Fixes

• ci: Add central branding information (a14c42f)

0.2.2 (2023-08-16)

Bug Fixes

• jitsi: Allow configuration of LoadBalancer status field for patchJVB job (7491582)
• open-xchange: Explicitly disable core-ui-middleware ingress (06dc7a1)

0.2.1 (2023-08-16)

Bug Fixes

• keycloak: Increase proxy-buffer-size for ingress-nginx (d8adcc4)

0.2.0 (2023-08-15)

Bug Fixes

• helmfile: Replace bitnami repositories with OCI (4c21fd2)

Features

• helmfile: Implement private image/chart registry variables (5788323)

0.1.2 (2023-08-15)

Bug Fixes

• jitsi: Update support for NodePort setups with different ingress/egress ips (de25789)

0.1.1 (2023-08-14)

Bug Fixes

• open-xchange: Bump dovecot and sovereign-workplace-open-xchange-bootstrap to 1.3.0 with image digest support (53796da)
• open-xchange: Bump sovereign-workplace-open-xchange-bootstrap to 1.3.1 (390f2de)

0.1.0 (2023-08-14)

Bug Fixes

• docs: Typo (ee684a7)

Features

• element: Add element component (5f0ca92)

0.0.6 (2023-08-14)

Bug Fixes

• open-xchange: Functional mailboxes auth settings update in AppSuite and Dovecot (53948ea)

0.0.5 (2023-08-11)

Bug Fixes

• keycloak: Improve digest image pinning (b8a8932)

0.0.4 (2023-08-11)

Bug Fixes

• jitsi: Fix identifiers in resources (3a0b246)

0.0.3 (2023-08-10)

Bug Fixes

• keycloak: Keycloak extensions sha256 image pinning, includes fix for failing keycloak extension handler on unavailable SMTP relay. (27ce715)

0.0.2 (2023-08-10)

Bug Fixes

• services: Remove fqdn from dovecot in postfix (2033c76)

0.0.1 (2023-08-10)

Bug Fixes

• ci: Add 'qa' cluster (43e94f8)
• ci: Deploy provisioning in separate/later stage (ef1cb75)
• collabora: Bump to 23.05.2.2.1 and add capabilites to non containerd k8s clusters (2652b26)
• collabora: Image version bump from 23.05.1.2.1 to 23.05.1.2.2 (3bf7dae)
• collabora: Remove MKNOD capabilities (2f18734)
• docs: Cleanup and enhance README.md and CONTRIBUTING.md (cc5f88c)
• helmfile: Allow selection of environments when installing from root helmfile (8ce01df)
• helmfile: Comment out Open-Xchange Appsuite 8 Deployment until is publicly available (cb65baa)
• jitsi: Fix wrong parameter for jitsiPatchJVB tag (fb3fca2)
• nextcloud: Add Istio domain on integration for read/write contacts with Open-Xchange (b235685)
• provisioning: OX-Connector inits contexts and accessprofiles first, profile pictures are now provisioned (94552a3)
• provisioning: Update OX-Connector image (3cc7ba9)
• services: Bump postgresql chart to 2.0.0 (e609bf3)
• services: Specify dovecot with fqdn (59d64de)
• services: Update mariadb Chart to 2.0.0 (f39811c)
• univention-corporate-server: Update image to improve pod restarting behaviour (57dea1e)
• xwiki: Remove init job as XWiki now does the required bootstrapping internally; Restartability works now as expected (8425c10)
• xwiki: Use external-registry for image download (841bfb6)

Features

• ci: Add release-automation and linting (82bf038)
• ci: Support for MASTER_PASSWORD to be set on Gitlab Settings > CI/CD > Variables (e7d68ea)
• ci: Triggered tests (23fc3c4)
• docs: Update various chapters and structure (42232db)
• helmfile: Add capabilities for a RWO deployment (d5190cd)
• helmfile: Remove environment specific values to use cluster defaults (4fb86b5)
• helmfile: Remove environments and replace with generic one (ef7d75f)
• nextcloud: Rename to sovereign-workplace-nextcloud-bootstrap and bump to 2.2.0 (84de627)
• open-xchange: Add service type for dovecot (c9a763f)
• open-xchange: OX AppSuite 8 within SWP is now publicly available (6dc470f)
• services: Add clamav-simple deployment (505f25c)
• sovereign-workplace: Initial commit (533c504)