Changelog

Below you can see the 5 most recent changes to Uberspace 7. For older changes, please refer to the Changelog Archive.

Note

Sometimes the version shown on your host may be higher than the newest version here. In this case we might have applied additional fixes shortly after a release or did internal changes without user impact. We deem updates like these hotfixes and they are not necessarily included in this changelog.


[7.8.1] - 2020-12-22

Added

Changed

  • Increased the Rspamd reject score to 15 (up from 10).
  • Reduced the Rspamd score for INVALID_RCPT_8BIT to 3 (down from 6).
  • We limit the Spam Assassin rules we use with Rspamd to ZMI.
  • Deprecated PHP 7.2. It will be removed early next year.
  • We added a connection timeout on port 587 (hard capped at two hours, or one hour for idle connections). Our SMTP submit queue suffered from lingering connections, we hope this helps to mitigate it.
  • The output of uberspace mail domain add now ends domain names with a dot (.). We hope this helps avoiding situations, where it could otherwise be interpreted as relative to an origin (this mostly effects c/p to bind configurations, but also some web based GUIs).

Internal

  • We migrated a lot of hosts to SSD storage.
  • fstrim now runs about weekly on the hosts. Concrete times are distributed randomly, to minimize the impact on the cluster.
  • While creating SQL backup dumps, we now log and monitor MariaDB errors.
  • We moved the Rspamd logs out of the journal (for now). This allows us to have a longer retention policy for those, while still keeping them pretty verbose. We will fine tune our Spam filtering over the next releases, so this might come in handy.

[7.8.0] - 2020-12-01

Added

  • Support for managed Sieve
  • Mails from spam folder are now auto-expunged after 30 days.
  • Add special RFC 6154 folders to Dovecot config, so mail clients detect trash, spam, and other default folders automatically.

Changed

  • We now keep logs for incoming mails for 10 days instead of one day to aid debugging of missing mails in support.
  • System logs are now kept for one to two days, instead of just one.
  • The default values of max_execution_time and max_input_time are now 90 seconds and 60 seconds respectively, to free up stuck php-fpm workers more quickly. Higher values can be set using a config file in ~/etc/php.d. CLI invocations like cronjobs are not affected.

Internal

  • MySQL backups are now monitored, alerting us when the process stops working.
  • Optimized log output of our scripts, so we can keep the useful logs for longer.
  • Instead of reloading nginx after log rotation, we now call nginx -s reopen to reduce load spikes and thus increase reliability.
  • We now run fstrim regularly to free unused storage in our ceph cluster. This enables us to use it more efficiently.

[7.7.10] - 2020-11-17

Added

  • mg: a tiny Emacs-like editor
  • numactl command to please MongoDB
  • modern TLS settings for POP3/IMAP/SMTP-SUBMIT (reverted because they block connections from thunderbird)
  • opus, opus-tools, and opus-devel
  • many fonts to support non-western scripts

Fixed

  • MariaDB backups now includestored routines
  • table_definition_cache is now 20000 to meet friendica’s requirements
  • The SMTP connection limit introduced in v7.7.7 now actually works.
  • $user.uber.space is now correctly displayed in uberspace mail domain list
  • uberspace * domain list output is now sorted

Internal

  • Log rotation is now randomized to happen between 4 and 5 am. The time is constant for each host, so they are always rotated at the same time for a given host. This reduces the IO load on our storage and therefore improves performance and reliabilty at night.
  • Prometheus’ node_exporter can now be monitored by our icinga2 setup, leading to more complete graphs for us and better performance for you.
  • Sometimes our internal CI amassed a lot of temporary DNS records, which exceeded the quota of our DNS provider, griding our CI and development to a halt. The records are now purged reguarly.

[7.7.9] - 2020-10-14

Fixed

  • Apache workers are now restarted after a number of requests to ensure the web sever’s RAM usage does not grow unreasonably fast. This increases stability overall.

Internal

  • PHP errors for accounts were logged globally by accident. They are now never logged globally. But still user-local, if the user enables them.

[7.7.8] - 2020-09-29

Added

  • deno JavaScript/TypeScript runtime
  • nagios-plugins-http
  • rclone
  • re-added support for Sieve. We had to remove it shortly after the rollout in v7.7.7 because it was incompatible with mailboxes that contain a dot, e.g. isabell.hacker@something.org. This is now fixed. Documentation and an announcement will follow.

Fixed

  • When we do not know a domain, we display a helpful “sorry, unknown domain. here is how you add it” page. This page doesn’t have a valid certificate, but HTTPS was still enforced. The page can now also be opened using HTTP.
  • MX records can be in any case, i.e. 10 TUTTLe.uberspace.DE is now considered valid.
  • The default “there is no content” page is no longer shown, if there is a index.php providing content. In the past the index.html added by us was considered more important by httpd. We now add a nocontent.html, which is always queried last.

Changed

  • ruby 2.4 users have been migrated to version 2.7.
  • nodejs 13 users have been migrated to version 14.
  • The 500 Internal Server Error page now shows information on how to disable it.
  • Updated HTTPS ciphers and settings to match current mozilla recommendations.

Internal

  • Removed an unused 3rd-party YUM repo
  • We continued to restructure our repository to split it up into smaller modules in the future. This will enable us to make quicker releases in the future.