From e733ae78f3e81e1396024b28d622ada943318e9b Mon Sep 17 00:00:00 2001 From: shrkz1 Date: Thu, 10 Oct 2024 13:24:50 +0200 Subject: [PATCH 01/10] Updated mysql and redis --- docker-compose.simple-install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.simple-install.yml b/docker-compose.simple-install.yml index 06a5769..c21f1fd 100644 --- a/docker-compose.simple-install.yml +++ b/docker-compose.simple-install.yml @@ -2,7 +2,7 @@ version: '3.9' services: mysql: container_name: mysql - image: mysql:8.0.28-oracle + image: mysql:9.0.1-oracle command: ["mysqld", "--disable-log-bin"] restart: always volumes: @@ -16,7 +16,7 @@ services: MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} redis: container_name: redis - image: redis:6.0.16-alpine + image: redis:7.4.1-alpine restart: always eramba: container_name: eramba From 6c5e407fc85bd58b1c237c5c9ab662e2ddf40d64 Mon Sep 17 00:00:00 2001 From: shrkz1 Date: Tue, 21 Jan 2025 10:49:05 +0100 Subject: [PATCH 02/10] Went back to mysql 8.x --- docker-compose.simple-install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.simple-install.yml b/docker-compose.simple-install.yml index c21f1fd..db79aba 100644 --- a/docker-compose.simple-install.yml +++ b/docker-compose.simple-install.yml @@ -2,7 +2,7 @@ version: '3.9' services: mysql: container_name: mysql - image: mysql:9.0.1-oracle + image: mysql:8.0.40-oracle command: ["mysqld", "--disable-log-bin"] restart: always volumes: From 1ae0f3196971411bed60f2a315952eb33f162a94 Mon Sep 17 00:00:00 2001 From: shrkz1 Date: Tue, 21 Jan 2025 11:18:01 +0100 Subject: [PATCH 03/10] updated redis --- docker-compose.simple-install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.simple-install.yml b/docker-compose.simple-install.yml index db79aba..4325409 100644 --- a/docker-compose.simple-install.yml +++ b/docker-compose.simple-install.yml @@ -16,7 +16,7 @@ services: MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} redis: container_name: redis - image: redis:7.4.1-alpine + image: redis:7.4.2-alpine restart: always eramba: container_name: eramba From 1f4ddd77cabcc7799a0246a43491408b20f9e2c5 Mon Sep 17 00:00:00 2001 From: shrkz1 Date: Tue, 21 Jan 2025 14:56:27 +0100 Subject: [PATCH 04/10] mysql updated to 8.4.3 --- docker-compose.simple-install.yml | 2 +- mysql/conf.d/custom.cnf | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/docker-compose.simple-install.yml b/docker-compose.simple-install.yml index 4325409..e5d87e6 100644 --- a/docker-compose.simple-install.yml +++ b/docker-compose.simple-install.yml @@ -2,7 +2,7 @@ version: '3.9' services: mysql: container_name: mysql - image: mysql:8.0.40-oracle + image: mysql:8.4.3-oracle command: ["mysqld", "--disable-log-bin"] restart: always volumes: diff --git a/mysql/conf.d/custom.cnf b/mysql/conf.d/custom.cnf index 1f7459a..a8fdb86 100644 --- a/mysql/conf.d/custom.cnf +++ b/mysql/conf.d/custom.cnf @@ -8,11 +8,9 @@ innodb_stats_on_metadata=OFF binlog_row_image=MINIMAL sync_binlog=1 local_infile=OFF -master_verify_checksum=ON +source_verify_checksum=ON relay_log_purge=1 -binlog_expire_logs_seconds=604800 -slave_sql_verify_checksum=1 -skip-host-cache +replica_sql_verify_checksum=1 skip-name-resolve slow_query_log=1 slow_query_log_file=/tmp/mysql-slow.log From b325cc4cbb2c74006481d90ef4f5d2436fbc5684 Mon Sep 17 00:00:00 2001 From: shrkz1 Date: Mon, 16 Jun 2025 12:21:38 +0200 Subject: [PATCH 05/10] eramba image that is compatible with new mysql --- docker-compose.simple-install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.simple-install.yml b/docker-compose.simple-install.yml index e5d87e6..d15f0bf 100644 --- a/docker-compose.simple-install.yml +++ b/docker-compose.simple-install.yml @@ -20,7 +20,7 @@ services: restart: always eramba: container_name: eramba - image: ghcr.io/eramba/eramba:latest + image: ghcr.io/eramba/eramba:pr-5135 restart: always ports: - 8443:443 @@ -56,7 +56,7 @@ services: - mysql cron: container_name: cron - image: ghcr.io/eramba/eramba:latest + image: ghcr.io/eramba/eramba:pr-5135 command: ["cron", "-f"] entrypoint: ["/docker-cron-entrypoint.sh"] restart: always From ce73bb5692ca0f4d66f930224e230ec688fca899 Mon Sep 17 00:00:00 2001 From: shrkz1 Date: Thu, 31 Jul 2025 11:28:15 +0200 Subject: [PATCH 06/10] possible fix for obsolete version attribute --- docker-compose.simple-install.enterprise.yml | 1 - docker-compose.simple-install.yml | 1 - 2 files changed, 2 deletions(-) diff --git a/docker-compose.simple-install.enterprise.yml b/docker-compose.simple-install.enterprise.yml index 3da5957..b977aab 100644 --- a/docker-compose.simple-install.enterprise.yml +++ b/docker-compose.simple-install.enterprise.yml @@ -1,4 +1,3 @@ -version: '3.9' services: eramba: image: ghcr.io/eramba/eramba-enterprise:latest diff --git a/docker-compose.simple-install.yml b/docker-compose.simple-install.yml index d15f0bf..46f2e31 100644 --- a/docker-compose.simple-install.yml +++ b/docker-compose.simple-install.yml @@ -1,4 +1,3 @@ -version: '3.9' services: mysql: container_name: mysql From 39a2c8e677f6c5ae14e0cdf08ccf8344e5a2123d Mon Sep 17 00:00:00 2001 From: shrkz1 Date: Thu, 31 Jul 2025 11:28:40 +0200 Subject: [PATCH 07/10] rls 27 pre-production image --- docker-compose.simple-install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.simple-install.yml b/docker-compose.simple-install.yml index 46f2e31..d338679 100644 --- a/docker-compose.simple-install.yml +++ b/docker-compose.simple-install.yml @@ -19,7 +19,7 @@ services: restart: always eramba: container_name: eramba - image: ghcr.io/eramba/eramba:pr-5135 + image: ghcr.io/eramba/eramba:pr-5350 restart: always ports: - 8443:443 @@ -55,7 +55,7 @@ services: - mysql cron: container_name: cron - image: ghcr.io/eramba/eramba:pr-5135 + image: ghcr.io/eramba/eramba:pr-5350 command: ["cron", "-f"] entrypoint: ["/docker-cron-entrypoint.sh"] restart: always From 56b717538b7617c6ea8c31594d030b5dca38ca11 Mon Sep 17 00:00:00 2001 From: shrkz1 Date: Thu, 31 Jul 2025 11:44:13 +0200 Subject: [PATCH 08/10] rollback to `:latest` --- docker-compose.simple-install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.simple-install.yml b/docker-compose.simple-install.yml index d338679..7e97ee4 100644 --- a/docker-compose.simple-install.yml +++ b/docker-compose.simple-install.yml @@ -19,7 +19,7 @@ services: restart: always eramba: container_name: eramba - image: ghcr.io/eramba/eramba:pr-5350 + image: ghcr.io/eramba/eramba:latest restart: always ports: - 8443:443 @@ -55,7 +55,7 @@ services: - mysql cron: container_name: cron - image: ghcr.io/eramba/eramba:pr-5350 + image: ghcr.io/eramba/eramba:latest command: ["cron", "-f"] entrypoint: ["/docker-cron-entrypoint.sh"] restart: always From c6ab835d8a60b9ba66b699dbc742a9b6ffe85e06 Mon Sep 17 00:00:00 2001 From: shrkz1 Date: Thu, 31 Jul 2025 19:52:50 +0200 Subject: [PATCH 09/10] ciphers fixed --- apache/vhost-ssl.conf | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/apache/vhost-ssl.conf b/apache/vhost-ssl.conf index 6c599a9..bfb4da9 100644 --- a/apache/vhost-ssl.conf +++ b/apache/vhost-ssl.conf @@ -7,8 +7,18 @@ ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined + SSLEngine on SSLCertificateFile /etc/ssl/certs/mycert.crt SSLCertificateKeyFile /etc/ssl/private/mycert.key + # 🔐 SSL Security Hardening + SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 + SSLCipherSuite HIGH:!aNULL:!MD5:!3DES:!RSA:!AES128-SHA:!AES256-SHA:!AES256-CCM:!AES256-CCM8 + SSLHonorCipherOrder on + + # Optional: Better compatibility for TLS 1.3 + SSLCompression off + + # For large requests (Eramba imports/exports) LimitRequestLine 20000 From 991a3ee13c6260bf71d6342df7acea11d9af7aa5 Mon Sep 17 00:00:00 2001 From: shrkz1 Date: Wed, 10 Sep 2025 10:41:10 +0200 Subject: [PATCH 10/10] Added mysql ports exposure --- docker-compose.simple-install.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose.simple-install.yml b/docker-compose.simple-install.yml index 7e97ee4..9ce173c 100644 --- a/docker-compose.simple-install.yml +++ b/docker-compose.simple-install.yml @@ -4,6 +4,8 @@ services: image: mysql:8.4.3-oracle command: ["mysqld", "--disable-log-bin"] restart: always + ports: + - 13306:3306 volumes: - db-data:/var/lib/mysql - ./mysql/conf.d:/etc/mysql/conf.d