sr2/link-stack
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
link-stack/packages/zammad-addon-hardening
History
Exact
Darren Clarke d93797172a Add preference for signal notifications to bot setup screen
2026-01-28 14:46:34 +01:00
..
src Remove attachment-related initializer 2025-11-21 17:29:21 +01:00
package.json Bump version to 3.5.0-beta.1 2026-01-12 10:44:49 +01:00
README.md Organize directories 2023-02-13 13:10:48 +00:00
turbo.json Add preference for signal notifications to bot setup screen 2026-01-28 14:46:34 +01:00

README.md

zammad-addon-hardening

A Zammad addon that hardens a Zammad instance according to CDR's needs.

The hardening applied consists of:

  • Prevent sensitive information from being leaked in notification emails
  • Zammad external services for geoip, maps, image, and calendar are disabled
  • Disable client side stats
  • Set minimum password length to 10
  • Prevent customers from creating tickets in the web ui
  • Disable user registration
  • Remove default "nicole.braun@zammad.org" account

Development

  1. Edit the files in src/

    Migration files should go in src/db/addon/hardening (see this post)

  2. Update version and changelog in hardening-skeleton.szpm

  3. Build a new package make

    This outputs dist/hardening-vXXX.szpm

  4. Install the szpm using the zammad package manager.

  5. Repeat

Create a new migration

Included is a helper script to create new migrations. You must have the python inflection library installed.

  • debian/ubuntu: apt install python3-inflection
  • pip: pip install --user inflection
  • or create your own venv

To make a new migration simply run:

make new-migration

License

License GNU AGPL v3.0

This is a free software project licensed under the GNU Affero General Public License v3.0 (GNU AGPLv3) by The Center for Digital Resilience and Guardian Project.

🤠