NethServer 7.6 released

Today, we’re happy to announce that NethServer 7.6 has been released and is publicly available.

This release marks a big step forward for communication, collaboration and security, introducing:

  • Multiple backups, with new storage backends and encryption
  • New modern look and feel for NethServer user interface (alpha)
  • Email: Rspamd is now the default, with quarantine support
  • WebTop Groupware: CalDAV/CarDAV server, optimized layout for tablets, favorite folder and video calls
  • Fail2Ban: track the activity of the attackers with new jails
  • nDPI: performance and security improved
  • Accounts: easily delete a list of users, DC container upgraded and password expiration management improved

We’re confident that it will be as always a great release and it will achieve our mission: making sysadmin’s life easier. This is thanks to the most vibrant, supportive and friendly community in the Open Source space (and not only Open Source).

About NethServer

NethServer is an Open Source operating system designed for small offices and medium enterprises. It’s simple, secure and flexible.

NethServer is ready to deliver your messages, to protect your network with the built-in firewall, share your files and much more, everything on one system.

Release highlights

Many new features were added since the last NethServer ISO was released, they are all available today with NethServer 7.6. Let’s see the most important improvements:

Multiple backups, new storage backends and encryption

We have strongly improved our backup adding some feature such as:

  • new storage backends
  • encryption
  • multiple scheduled backups

The data backup can be performed using different engines:

  • duplicity (default)
  • restic
  • rsync

According to the engine selected, you can:

  • schedule backups multiple times a day
  • customize the list of files included and excluded from the backup
  • send email notifications about the backup status
  • define retention policies of old backups
  • verify data integrity
  • save space thanks to deduplication

More info available inside the manual

New modern look and feel for NethServer user interface (alpha)

The new NethServer GUI - based on Cockpit - is now ready to be tested.
It makes the server administration easier providing a modern looking and user-friendly interface.

The UI should cover most of the basic usage scenarios without extra modules. Main core modules are already available: account provider, DNS, DHCP, FQDN, Date and time, Organization contact, Multiple backup, TLS policy, Trusted networks, Network configuration, System settings (log rotation, mail notification, etc), Software center and applications, Storage (RAID and partitions), SSH, SSL certificates.

Subscription management is currently missing and will be added later as a core module.

Would you like to know more? Please check this

Email: Rspamd is now the default, with quarantine support

  • since NethServer 7.5.1804 new Email, POP3 connector and POP3 proxy installations are based on the Rspamd filter engine. Previous NethServer installations are automatically upgraded to Rspamd!
  • it’s possible to create a quarantine account to receive spam and let the sysadmin review emails for further investigation or to forward them again to the recipient, mainly in case of false positive.
    More info

Other enhancements to the mail module

  • Hosts inside the trusted networks can now directly access the SMTP server
  • dovecot-antispam plugin has been replaced by a better and standard implementation based on Sieve

Email%20filtering%20statistics%20%20%20Testimonials%20%20%20NethServer%20Community

WebTop Groupware: CalDAV/CarDAV server, optimized layout for tablets, favorite folder and video calls

  • Runs on top of Tomcat 8.5 to improve web sockets performance
  • Remote calendars and contacts auto-sync
  • WebRTC Voice and Video call on chat (beta)
  • Favorite folder
  • CalDAV/CarDAV server implementation using SabreDAV
  • New recursive rule-based calendar recurrences and new full-featured GUI
  • Show quota for the mailbox
  • Optimized layout for tablets
  • Attachments support on Events, Contacts and Tasks

Fail2Ban: track the activity of the attackers with new jails

  • A new Statistics page has been created in the status section to count how many bans each jail has done. This allows you to track the activity of the attackers and help to protect your server.
  • The unban page has been moved to the status section of Fail2ban, the backend engine has been enhanced, now when an IP is set in the IP whitelist menu, it is automatically unbanned. We want to ease the sysadmin life.
  • Several new jails have been created
    • rspamd: the web application for the administrative task is now protected
    • webtop: the groupware is protected against brute force attack
    • postfix sasl: the jail protects against the bad login attempt of your SMTP server
    • postfix sasl abuse: the jail protects against IPs (except for trusted network) who use your SMTP server to send an abusive number of emails
    • asterisk: the login to your SIP server are protected
  • Shorewall integration with fail2ban has been enhanced, this is a backend work

Updates to our major modules: NextCloud, Mattermost

  • Nextcloud has been upgraded to release 14.0.4.
  • Mattermost has been upgraded to release 5.5.0 and it’s the first Cockpit-ready application.

nDPI: performance and security improved

NDPI implementation has been updated to release 2.4 bringing improved performance and better protocol recognition.
Shorewall configuration has been refactored to better prioritize and block NDPI traffic.

Accounts: easily delete a list of users, DC container upgraded and password expiration management improved

  • The Server Manager displays locked Active Directory account and improves the password expiration management
  • A new script has been added to easily delete a list of users
  • The user-cleanup event has been introduced to ease the implementation of advanced data retention policies for deleted users
  • Samba 4 DC container has been upgraded to release 4.8.6

PHP 5.6 has been deprecated

PHP 5.6 from SCL has reached end-of-life but it will be still available from the NethServer repositories during the 7.6.1810 lifetime. Read the release notes for more information.

Other improvements:

  • More GDPR-friendly home user deletion
  • New SOGo panel
  • Firewall: logging of port forwards
  • Firewall objects: services with port range
  • Default systems log retention has been increased to 52 weeks
  • Janus gateway has been updated to release 0.5.0
  • ufdbGuard has been updated to release 1.33.7
  • Added support for TLS certificates based on Elliptic-curve Cryptography (ECC)

OpenVPN

  • Deprecated comp-lzo option has been removed, it’s now possible to choose between LZO and LZ4 compression
  • The roadwarrior server can now be hardened by setting a minimum TLS version (TlsVersionMin) and stronger Digest and Cipher algorithms

IPS

  • By default, Evebox events are retained for 30 days. The new default is applied to upgraded systems as a bug fix
  • Pulledpork cron job has been improved to minimize download errors

Network

  • Zeroconf is now disabled by default
  • PPPoE connections use the rp-pppoe plugin by default to improve network speed

Download and install

Who wouldn’t want all these fantastic new features?

  • You can install NethServer on a virtual machine or on a bare-metal server using a DVD or USB stick
  • Upgrade from 7 versions are supported through the Software center for community installations
  • Automatic upgrades to 7.6 for #subscription will be rolled out in January 2019

Ready to check it out? Then head to the docs and download:

Documentation

Did you find a bug? Please report it here – every bug you uncover is a chance to improve the experience for thousands of NethServer users worldwide, also our amazing beta testers team will be called upon to give its support on that!

Roadmap

Would you like to know what we are working on? Check this post out

18 Likes

Stop. Would you like to contribute to the project?

Do you think it’s worth putting the word out? Please help us following this advice

Its a great pleasure for us, thank you all for your hard work ! - :slightly_smiling_face:

2 Likes

We love Nethserver!

3 Likes

Thank you for this great software!! You deserve a gold-:medal_sports: !

2 Likes

First thing: Thank you!
After update/upgrade, the dashboard shows 7.6.1810 (final)
And I got this warnings during the process:

warning: /etc/krb5.conf created as /etc/krb5.conf.rpmnew
warning: /etc/shadow created as /etc/shadow.rpmnew
warning: /etc/shells created as /etc/shells.rpmnew

Need to be concerned about those warnings?

And why I don’t see the new GUI (Cockpit)?
image

1 Like

How to contribute

As a user , play with the new interface, find common usage scenarios, ask for new features, share your thoughts!
To install:

yum install nethserver-cockpit

or via Software Center clicking on

New Server Manager (Alpha)

Then, you can access the web interface: https://<your_server>:9090

As a developer , read the brand new developer guide for the web interface: https://nethserver.github.io/nethserver-cockpit
You need to know only some HTML, CSS and Javascript basics!

Get your hands dirty:

  • try to improve an existing page
  • create a new page (@edoardo_spadoni a wonderful tool to scaffold a whole new module)
  • port an old module to the new interface
7 Likes

As Federico said it’s still alpha you have to install it manually

@federico.ballarini , Thank you.
I will wait a little longer.
Currently this server is in production :wink: :sunny: as an AD with some samba shares.
(fingers crossed) At this moment I *don’t want to use any option that I don’t need, this *server needs to work for life.

I need to research about the subscriptions. (need to deploy another server in a branch location)

  • clarification
1 Like

Please note that simply installing cockpit will not modify the system configuration.
Using cockpit to change some settings may incorrectly change the configuration (in case of a bug) but you could easily fix a problem using the classic NethGUI server-manager.

3 Likes

WOW Christmas Day!!! Love NethServer!

2 Likes

Feel free to ask whatever you need

What a f**ing nice interface, incredibly fast … wow thanks for that present right for X-Mas.

5 Likes

Congratulations to everyone for making the nethserver so great.

1 Like

Thank you and Congratulation in the New Release ! Merry Christmas and a Blessed New Year to the Nethserver Community ! Cheers…

1 Like

Can I change the port 9090? I already use a service on this port

Yes, haven’t tried but it should be possible with:

config setprop cockpit.socket TCPPort 9090
signal-event nethserver-cockpit-update
2 Likes

I Think that @dnutan solution is correct. It doesn’t work try also

config setprop cockpit.socket TCPPort <new port>
signal-event firewall-adjust
signal-event nethserver-cockpit-update
1 Like

You need also to change the cockpit listening port: https://cockpit-project.org/guide/latest/listen.html

2 Likes