diff --git a/SECURITY.md b/SECURITY.md index dc4ff81..8792314 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -12,10 +12,6 @@ The lack of signature verification means GitHub as a company could backdoor the During the beta phase we are making use of Node.js and its rich ecosystem of npm packages to rapidly build out features. However the npm ecosystem tends to make use of a large number of small focused modules. This can make audibility difficult as you end up with a huge dependency tree for even relatively simple projects. -**Unauthenticated streaming of logs.** - -The lack of authentication on the logs page means that, in the correct circumstances, if someone could convince you to visit a malicious website, the website may be able to read the logs of your Umbrel. - **Assuming the local network is secure** Umbrel currently makes the assumption that the local network is secure. This means local network communication is unencrypted using plain text HTTP. (Remote access via Tor is encrypted) diff --git a/docker-compose.yml b/docker-compose.yml index a557bcf..9b886b3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -161,16 +161,6 @@ services: networks: default: ipv4_address: $NEUTRINO_SWITCHER_IP - frontail: - container_name: frontail - image: getumbrel/frontail:v4.9.1@sha256:9fa345b7a947361e2732909db8bd316b8157749d7dd9949abd8150eb023906db - restart: on-failure - command: "/var/log/syslog --url-path /logs --number 100 --disable-usage-stats" - volumes: - - /var/log:/var/log:ro - networks: - default: - ipv4_address: $FRONTAIL_IP electrs: container_name: electrs image: getumbrel/electrs:v0.8.9@sha256:592fb50cdf16fa2b2e20f7c0a28d4a132c2ee636d89d4b9c24f14886763b5478 diff --git a/scripts/configure b/scripts/configure index 505f7a4..85e4bd2 100755 --- a/scripts/configure +++ b/scripts/configure @@ -110,7 +110,6 @@ DASHBOARD_IP="10.21.21.3" MANAGER_IP="10.21.21.4" MIDDLEWARE_IP="10.21.21.5" NEUTRINO_SWITCHER_IP="10.21.21.6" -FRONTAIL_IP="10.21.21.7" BITCOIN_IP="10.21.21.8" BITCOIN_RPC_PORT="8332" BITCOIN_P2P_PORT="8333" @@ -273,7 +272,6 @@ for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" " sed -i "s//${MANAGER_IP}/g" "${template}" sed -i "s//${MIDDLEWARE_IP}/g" "${template}" sed -i "s//${NEUTRINO_SWITCHER_IP}/g" "${template}" - sed -i "s//${FRONTAIL_IP}/g" "${template}" sed -i "s//${BITCOIN_IP}/g" "${template}" sed -i "s//${LND_IP}/g" "${template}" sed -i "s//${LND_GRPC_PORT}/g" "${template}" diff --git a/templates/.env-sample b/templates/.env-sample index 22514c7..559eb2d 100644 --- a/templates/.env-sample +++ b/templates/.env-sample @@ -7,7 +7,6 @@ DASHBOARD_IP= MANAGER_IP= MIDDLEWARE_IP= NEUTRINO_SWITCHER_IP= -FRONTAIL_IP= BITCOIN_NETWORK= BITCOIN_IP= BITCOIN_RPC_PORT= diff --git a/templates/nginx-sample.conf b/templates/nginx-sample.conf index 1668154..706156e 100644 --- a/templates/nginx-sample.conf +++ b/templates/nginx-sample.conf @@ -25,13 +25,6 @@ http { proxy_pass http://:3006/; } - location /logs { - proxy_pass http://:9001/logs; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - } - location / { proxy_pass http://:3004/; proxy_http_version 1.1;