NethServer 7.5 released


(Alessio Fattorini) #1

I'm excited to announce that NethServer 7.5 has been released and is publicly available.

We’re confident that it will be as always a great release and it will achieve our mission: making sysadmin’s life easier with Open Source. This is thanks to the most vibrant, supportive and friendly community in the Open Source space (and not only Open Source).

About NethServer

NethServer is an Open Source operating system for the Linux enthusiast, designed for small offices, medium enterprises and home users. It’s simple, secure and flexible. NethServer helps sysadmins being successful in the IT space by leveraging all the power of a Linux server without complexity

NethServer supports the community of sysadmins, be they home or business, with a powerful package of software to serve everyone, that will be free, open, dependable and sustainable for the long term.

NethServer is ready to deliver your messages, to protect your network with the built-in firewall, share your files and much more, everything on the same system.

Release highlights

Many new features were added since the last NethServer ISO was released, they are all available today with NethServer 7.5! Let’s see the most important improvements:

Subscription: Stable Updates Repository + Professional Support Services

The NethServer Subscription by Nethesis enables exclusive access to the Stable Updates repository, monitoring tools and immediate professional support services for your NethServer deployments.

The NethServer subscription module is available by default in new installations. Let’s subscribe your NethServer now following this guide!

ba9c205e644e08a5fca8fabed19091aae4b32cb4_1_443x500 png  443×500

Rspamd

A new email server and filter alternative based on Rspamd has been released and is now available from software center. What’s new? New antispam engine, DKIM signature, Greylist threshold, Rspamd web UI.

rspamd screenshot

OpenDKIM signature for outbound messages

Signing outbound mail messages with a DKIM key increases the trust of other mail servers with ours! It is now available from Email > Domains page

image

Software center configuration and system upgrade panels

We have deployed a new panel to manage the Software center. It allows to select how NethServer deals with upstream updates and configures automatic software updates

image

The “Locked” policy is selected automatically when CentOS releases a new minor version. It limits updates to repositories specific to the current version When NethServer is ready to upgrade, the new upgrade procedure can be started:

The Software center section of the Admin’s manual was updated accordingly. Read it carefully!

Icaro Hotspot

Hotspot main goal is to provide internet connectivity via wi-fi to casual users. Users are sent to a captive portal from which they can access the network by authenticating themselves via social login, sms or email. Icaro is complete Hotspot written in Go and Vue.js. It uses CoovaChilli as access controller which can be configured and installed inside NethServer.

Fail2Ban is now part of the core

Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs – too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc). Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents.

image

Backup data: include log files

The useris now able to add system log files inside the data backup. This behavior is useful when the sysadmin must complain to strict rules about log retention policy GDPR

NextCloud 13.02

Latest version is now integrated in NethServer. Some improvements has been added to improve performance and security: new php 7.1 version, "Strict-Transport-Security” HTTP header, opcache and others…

Mattermost

Open source, private cloud, Slack-alternative is now included in NethServer.
Workplace messaging for web, PCs and phones. Increase productivity while reducing shadow IT with a secure, configurable, scalable enterprise messaging solution on an open source platform.

NethServer HotSync

NethServer HotSync aims to reduce downtime in case of failure. Normally users are able to start working again with data from the night before failure after a few hours/days. Using hotsync, time 1 and 3 are 0, 2 is 5 minutes (time to activate spare server). Users are able to start working again in few minutes, using data from a few minutes before the crash.

Improved Quality of Service (QoS)

We improved current QoS implementation for better incoming and outgoing bandwidth control.
You’re able to limit and reserve the bandwith for specific host or protocol, examples:

  • 1Mb/s reserved for SIP protocol
  • 10Mb/s maximum speed for HTTP downloads

image

Wildcard DNS record

This is a new DNS override rule that matches the given host name (domain) and any sub-domain of it.

image

Manage TLS Security

TLS security can be hardened easily with the new policy selector

image

Each policy is described in detail in the Admin’s manual: TLS policy.

Windows File server page

Essential shared folder priviliges are now manageable via the web interface.

grafik

And so much more

These are just the major highlights in 7.5 RC1— there are literally hundreds of other tiny improvements, refinements, and bugfixes that we aren’t covering here like:

  • MX DNS record override for LAN hosts has been removed. Removed postfix/MxRecordStatus prop
  • Host name aliases are converted into hosts DB records. See Additional host name aliases
  • /etc/fstab is no longer an expanded template. See Requirements and User home directories for details
  • Default Server Manager session idle timeout is 60 minutes, session life time is 8 hours
  • The WebVirtMgr project is no longer maintained and the corresponding module has been removed along with nethserver-libvirt package.

Thank the overall NethServer community

Thanks to the greater Community community for posting support / bug request / feedback topics on community.nethserver.org… All your suggestions make NethServer better, not only for your community, but all of us.

Just mentioning a few of them:
@ibinetwork @mrmarkuz @compsos @danb35 @GG_jr @indra @fausp @dz00te @pfornara @zimny @ohifra @stephdl @robb @m.traeumner @saitobenkei @flatspin

We had a remarkable number of translators in 2018 as well, who contributed their time and effort translating NethServer into dozens of languages with more than 15k words translated.

Download and Install

  • You can install it on a virtual machine or on a bare-metal server using a DVD or USB stick
  • Upgrade from Beta1 or RC1 is supported through the Software center
  • For installations with Subscription enabled, 7.5 gonna be available over the next week

If you find a bug, please report it here – every bug you uncover is a chance to improve the experience for thousands of NethServer users worldwide, also our amazing beta testers team will be called upon to give its support on that!

Ready to check it out? Then head to the docs and download:

NethServer 7.5 (993MB)

Hashes

  • sha1 cdb9e302d563d5abb500286946e88e33ec81058d
  • md5 002228c20d0702b98568aff67319d5eb

Torrent

Documentation


MailServer Configuration (autodiscover, SPF, DKIM)
(Alessio Fattorini) #2

(Joel Clendineng) #3

Yassssss! Thank you all!


(Rob Bosch) #4

This is great news. So this also means that available official modules are considered ‘stable’?


(Jon) #5

Wow! Good news! The RC1 was already stable, so the Final looks better :grinning:


(fpausp) #6

Thank you all ! - :clap:


(Enrique D) #7

Thank you!


Question: In the Accounts section, how can I see the “Machine accounts” names?
Answer: # net ads search -P objectClass=Computer|grep distinguishedName
or : net ads -P search '(objectCategory=Computer)' dnsHostName

From a PC using Win8.1 and member of this domain a got this:

C:\Users\myself>net view
Server Name Remark
--------------------------------------------------------------
\ADS NethServer 7.5.1804 beta (Samba 4.7.1)


(Davide Principi) #8

:thinking: try with

  1. Remove “beta” from /var/lib/machines/nsdc/etc/samba/smb.conf

  2. Restart Samba DC service


(Enrique D) #9

Hello!. There isn’t “beta” word in the .conf file.
I restart the service and the “beta” word remains.


(Davide Principi) #10

Ops sorry:

signal-event nethserver-samba-update

Ignore my previous post


(Enrique D) #11

:crazy_face:

  • signal-event nethserver-sssd-update
  • signal-event nethserver-samba-update

Both, the “beta” text remains.
image


Fixed!
image

Ah, the proverbial fix :smile:


(Davide Principi) #12

Reboot Windows :wink:


(Jose G Jimenez S ) #13

Excellent!!! Downloading The Best of the Best :star_struck::star_struck::star_struck::heart_eyes::heart_eyes::heart_eyes:


(Zimny) #14

Hi guys

Anyone experience any problems after this update?

Also if you removed WebVirtMgr support is this mean that this update will remove this module from existing installation?


(Giacomo Sanchietti) #15

No, the module is not removed from existing installations.


(Zimny) #16

Great

Thank you Giacomo for quick info. Let’s do this update then :sunglasses:


(paul_marwick) #17

Just installed on my test machine. Looks good so far…

One small item - the web site has the md5 and sha1 checksums reversed - confused me no end after downloading the iso…


(Davide Principi) #18

Thank you for pointing it out! Just fixed the post above. Now @alefattorini, could you fix the blog post too?

https://www.nethserver.org/nethserver-7-5-released/


(Alessio Fattorini) #20

Fixed!


(Davide Principi) #21

We completely forgot the new virtual-host based reverse proxy panel! /cc @stephdl