Fabio/nginx-proxy-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
1522 commits 8 branches 74 tags 26 MiB
Commit graph

322 commits

Author SHA1 Message Date
renovate[bot]
c425ff14c0 Update dependency eslint to v8.54.0 2023-11-17 23:32:53 +01:00
Zoey
334127494e
fix Alt-Svc header 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-11-12 15:11:16 +01:00
Zoey
6548a7aea6
fix stream/allow editing modsec conf/readme changes/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-11-11 19:04:55 +01:00
renovate[bot]
8987ff9c6d
dep updates/header changes/tls changes 
Signed-off-by: Zoey <zoey@z0ey.de>

- dep updates
- upodate nginx/certbot
- improve headers
- change NPM to NPMplus in launch.sh
- when using https backend, only TLSv1 to TLSv1.3 is now allowed, whith secure ciphers
 2023-10-25 22:54:11 +02:00
Zoey
efcca74d67 fix security headers and sockets 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-10-10 19:55:42 +02:00
Zoey
dec9dc990f renewer certbot certs after launch/load env from file/listen on socket/disable http in AIO mode 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-10-10 15:52:14 +02:00
Zoey
fb0bb721f7 rebrand to NPMplus/improve security headers/upsteam changes/dockerlint 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-10-09 20:32:37 +02:00
renovate[bot]
6e62aa2ea1
dep updates/merge #3190 from upstream/fix #407 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-09-25 22:03:10 +02:00
Zoey
c943ccdd87
fix latest release 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-09-02 13:26:56 +02:00
GitHub
55b173a744
fix certbot run on launch/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>

Update dependency jsonwebtoken to v9.0.2
Update dependency liquidjs to v10.9.2
Update dependency jquery to v3.7.1
 2023-09-02 13:04:35 +02:00
renovate[bot]
f9971aa9d5
remove wait/dep updates 
Update zoeyvid/nginx-quic Docker tag to v183
Update caddy Docker tag to v2.7.4

Update dependency archiver to v5.3.2

Update python Docker tag to v3.11.5

Update dependency eslint to v8.48.0

remove wait

Signed-off-by: Zoey <zoey@z0ey.de>

Update dependency @babel/core to v7.22.11

Update dependency liquidjs to v10.9.1

Update dependency liquidjs to v10.9.0

Update dependency archiver to v6
 2023-08-26 13:14:13 +02:00
Devedse
6f8db95249 Added force renewal + --dns-duckdns-no-txt-restore 2023-08-24 13:21:01 +02:00
renovate[bot]
390b58d0ef
caddy/bcrypt/nginx update 
Update caddy Docker tag to v2.7.3
Update dependency bcrypt to v5.1.1
Update zoeyvid/nginx-quic Docker tag to v181
 2023-08-16 13:34:28 +02:00
renovate[bot]
e8fe12ae91
dep updates 
Update zoeyvid/nginx-quic Docker tag to v180
Update dependency @babel/core to v7.22.10
Update dependency eslint to v8.47.0
Update alpine Docker tag to v3.18.3
 2023-08-12 22:09:28 +02:00
Zoey
f3775aad21
merge upstream 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-08-02 15:02:30 +02:00
Zoey
da025cedaa
Merge branch 'develop-o' into develop 2023-08-02 10:40:13 +02:00
renovate[bot]
66bfcf8f6c
improve many things/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-08-02 10:26:01 +02:00
jc21
3333a32612
Merge pull request #2971 from wolviex/certbot-dnsplugin-user-site-fix 
drop --user on pip install dns plugin
 2023-07-31 07:21:18 +10:00
jc21
f38cb5b500
Merge pull request #2942 from wrouesnel/444_default_support 
Add support for nginx 444 default response
 2023-07-20 12:23:57 +10:00
jc21
a984a68065
Merge pull request #3051 from NginxProxyManager/dependabot/npm_and_yarn/backend/semver-5.7.2 
Bump semver from 5.7.1 to 5.7.2 in /backend
 2023-07-19 10:02:04 +10:00
dependabot[bot]
c8caaa56d9
Bump word-wrap from 1.2.3 to 1.2.4 in /backend 
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-18 20:59:11 +00:00
dependabot[bot]
f458730d87
Bump semver from 5.7.1 to 5.7.2 in /backend 
Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-11 02:29:25 +00:00
renovate[bot]
c6ecb61c9b
dep updates/enable ssl_dyn_rec_enable/fix nginx in background/remove tempwrite 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-07-08 20:22:17 +02:00
renovate[bot]
cd058f1382
dep updates/nginxbeautifier/fix quic/http3 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-06-15 22:27:17 +02:00
Joe Manifold
f39e527680
drop --user on pip install dns plugin godaddy 
Do not install dns_plugin into the user site because it will lack sys.path precedence to urllib3 in /opt/certbot/lib/python3.7/site-packages
 2023-06-01 11:02:06 -07:00
Zoey
cabf78faa8
support connection drop 
Inspired by #2942 (original NPM)
 2023-05-30 18:29:13 +02:00
Zoey
677b30d25e
add new darkmode/enable hide_server_tokens/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
Signed-off-by: ƬHE ЯAW ☣ <daraw665@gmail.com>
Co-Authored-By: ƬHE ЯAW ☣ <raw@dopehosting.net>
 2023-05-29 21:00:49 +02:00
Zoey
7e6612467f
add modsec 
Signed-off-by: Zoey <zoey@z0ey.de>

Update Dockerfile
 2023-05-29 20:45:08 +02:00
Will Rouesnel
2dd4434ceb
Add support for nginx 444 default response 
The default nginx 444 response drops the inbound connection without
sending any response to the client.
 2023-05-22 11:59:50 +10:00
Jamie Curnow
05307aa253
Fix certbot plugins install when using PUID/PGID 2023-05-10 14:39:08 +10:00
Zoey
57abc84f4a
"new" versioning system/dep updates 
Update zoeyvid/nginx-quic Docker tag to v114
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-05-08 23:01:56 +02:00
renovate[bot]
24db873c34
fix access list/dep updates 
Update dependency @babel/core to v7.21.5
 2023-04-30 15:04:07 +02:00
Zoey
9ca59b9a38
allow to run as non-root (#246) 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-04-24 23:12:44 +02:00
renovate[bot]
ec29d4ce8d
dep updates/remove useless files/fix reachability test? 
Update zoeyvid/nginx-quic Docker tag to v110
Update zoeyvid/nginx-quic Docker tag to v109
Update zoeyvid/nginx-quic Docker tag to v107
Update dependency liquidjs to v10.7.1
Update dependency eslint to v8.38.0
remove empty folder
Delete Hosts.spec.js

Fix for SSL certificate error #2011 by @S-T-3-V-3
 - Keepalive, User Agent + Accept headers
 - Catch added for failed JSON parsing
 - More accurate errors displayed to user

Signed-off-by: Zoey <zoey@z0ey.de>
 2023-04-24 23:12:43 +02:00
Zoey
0d9da2b72a
merge upstream 2023-04-06 19:07:38 +02:00
Zoey
395909c5cd
Merge branch 'developo' into develop 2023-04-06 18:04:57 +02:00
renovate[bot]
80d49cd2a2
dep updates/fix quic 
Update zoeyvid/nginx-quic Docker tag to v103
Update zoeyvid/nginx-quic Docker tag to v101
Update zoeyvid/nginx-quic Docker tag to v99
Update zoeyvid/nginx-quic Docker tag to v97
Update zoeyvid/nginx-quic Docker tag to v96
Update dependency @babel/core to v7.21.4
Update dependency nodemon to v2.0.22
Update dependency eslint to v8.37.0
Update alpine Docker tag to v3.17.3
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-04-04 11:47:50 +02:00
Jamie Curnow
5d03ede100
Add test for creating a host 2023-03-30 12:44:28 +10:00
Zoey
256a068791
merge upstream 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-03-22 12:30:58 +01:00
Jamie Curnow
124cb18e17
Fix renewing certs because of permission errors 2023-03-22 13:40:36 +10:00
Jamie Curnow
77eb618758
Fix pip installs running as non-root user 2023-03-22 09:41:59 +10:00
Jamie Curnow
4fdc80be01
Fix logical error with keys and mysql config 2023-03-21 17:59:27 +10:00
Jamie Curnow
c3469de61b
Linting fixes 2023-03-21 17:11:16 +10:00
Jamie Curnow
2a07445005
Refactor configuration 
- No longer use config npm package
- Prefer config from env vars, though still has support for config file
- No longer writes a config file for database config
- Writes keys to a new file in /data folder
- Removes a lot of cruft and improves config understanding
 2023-03-21 16:53:39 +10:00
Jamie Curnow
dad3e1da7c
Adds support to run processes as a user/group, defined 
with PUID and PGID environment variables

- Detects if image is run with a user in docker command and fails if so
- Adds s6 prepare scripts for adding a 'npmuser'
- Split up and refactor the s6 prepare scripts
- Runs nginx and backend node as 'npmuser'
- Changes ownership of files required at startup
 2023-03-20 16:56:52 +10:00
Zoey
1d9c7b0570
Merge branch 'developo' into develop 2023-03-18 11:30:42 +01:00
Zoey
4af50b7ef5
build everything inside dockerfile/add some scripts 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-03-18 03:14:56 +01:00
Jamie Curnow
fccbde1371
fix linting 2023-03-17 14:23:12 +10:00
Jamie Curnow
fec36834f7
- Updated objection, knex, liquidjs, signale and sqlite3 packages 
- Changes for objection migration
- Moved common access template code to an include
- Fixed access rules configuration generation
 2023-03-17 14:18:51 +10:00
Jamie Curnow
00aeef75b6
Refactor nginx config functions, some don't need to report errors, save error'd config files as .err for debugging later 2023-03-17 11:34:27 +10:00
Jamie Curnow
b30fcb50c8
Args weren't being passed to htpasswd command, fixes #2692 2023-03-17 08:49:18 +10:00
Zoey
bdae896baf
rename ssl to tls/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
Update dependency sqlite3 to v5.1.6
Update dependency style-loader to v3.3.2
Update dependency @babel/core to v7.21.3
 2023-03-15 18:41:19 +01:00
Zoey
7c32b466f6
docker hub changes/disable 0-rtt/enable request limits 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-03-13 20:55:53 +01:00
Zoey
309e81747e
upstream changes (npm/nginx/dependencies) + add eslint 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-03-09 20:57:13 +01:00
jc21
09d1d3744c
Merge pull request #2530 from jmerdich/jmerdich/fix-acl-edit-ssl 2023-03-08 21:08:52 +10:00
jc21
84e0b30f8d
Merge pull request #2411 from plantysnake/fix-certbot-plugins 
Bugfix: Fix certbot plugin installation issues
 2023-03-08 20:40:15 +10:00
jc21
30076a0e66
Merge pull request #2635 from skarlcf/security/CVE-2023-23596 
Mitigate CVE-2023-23596
 2023-03-08 08:25:38 +10:00
jc21
42bd39163a
Merge pull request #2638 from jlesage/case-insensitive-email-login 
Make sure to lowercase email address entered by the user during login.
 2023-03-08 08:25:09 +10:00
Kamil Skrzypinski
2ff66ee238 Add style required by linter 2023-03-07 17:15:03 +01:00
dependabot[bot]
7b48488c29
Bump express from 4.17.1 to 4.17.3 in /backend 
Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.17.3.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.17.1...4.17.3)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-07 10:49:22 +00:00
jc21
edba369ae8
Merge pull request #2497 from NginxProxyManager/dependabot/npm_and_yarn/backend/jsonwebtoken-9.0.0 
Bump jsonwebtoken from 8.5.1 to 9.0.0 in /backend
 2023-03-07 20:48:45 +10:00
jc21
b77d916bdd
Merge pull request #2498 from NginxProxyManager/dependabot/npm_and_yarn/backend/liquidjs-10.0.0 
Bump liquidjs from 9.15.0 to 10.0.0 in /backend
 2023-03-07 20:48:36 +10:00
dependabot[bot]
e227f4177b
Bump minimist from 1.2.5 to 1.2.8 in /backend 
Bumps [minimist](https://github.com/minimistjs/minimist) from 1.2.5 to 1.2.8.
- [Release notes](https://github.com/minimistjs/minimist/releases)
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/minimistjs/minimist/compare/v1.2.5...v1.2.8)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-07 06:51:09 +00:00
dependabot[bot]
88fa7cdfff
Bump liquidjs from 9.15.0 to 10.0.0 in /backend 
Bumps [liquidjs](https://github.com/harttle/liquidjs) from 9.15.0 to 10.0.0.
- [Release notes](https://github.com/harttle/liquidjs/releases)
- [Changelog](https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/harttle/liquidjs/compare/v9.15.0...v10.0.0)

---
updated-dependencies:
- dependency-name: liquidjs
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-07 06:51:08 +00:00
dependabot[bot]
cf6cc7dcc5
Bump jsonwebtoken from 8.5.1 to 9.0.0 in /backend 
Bumps [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) from 8.5.1 to 9.0.0.
- [Release notes](https://github.com/auth0/node-jsonwebtoken/releases)
- [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](https://github.com/auth0/node-jsonwebtoken/compare/v8.5.1...v9.0.0)

---
updated-dependencies:
- dependency-name: jsonwebtoken
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-07 06:50:55 +00:00
jc21
448c8a2dd5
Merge pull request #2523 from NginxProxyManager/dependabot/npm_and_yarn/backend/json5-2.2.3 
Bump json5 from 2.1.3 to 2.2.3 in /backend
 2023-03-07 16:50:37 +10:00
jc21
634cfe13f1
Merge pull request #2534 from NginxProxyManager/dependabot/npm_and_yarn/backend/knex-2.4.0 
Bump knex from 0.20.15 to 2.4.0 in /backend
 2023-03-07 16:50:30 +10:00
Jocelyn Le Sage
b0fd976b97 Make sure to lowercase email address entered by the user during login. 2023-02-26 22:24:58 -05:00
Kamil Skrzypinski
7fe7e94fbd Mitigate CVE-2023-23596 by changing child_process.exec to child_process.execFile 2023-02-26 20:10:25 +01:00
Zoey
14c2253721
make image smaller + allow long passwd + dep updates + fix compression/misspellings 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-02-24 21:10:51 +01:00
dependabot[bot]
23326895b2
Bump http-cache-semantics from 4.1.0 to 4.1.1 in /backend 
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/kornelski/http-cache-semantics/releases)
- [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1)

---
updated-dependencies:
- dependency-name: http-cache-semantics
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-03 12:12:01 +00:00
Zoey
45895ac53e
enable ssl_early_data, default enable http2, option to enable brotli, fix shellcheck 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-01-26 18:01:25 +01:00
Zoey
e0be3a5ea3
allow to change dummycert 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-01-14 17:13:17 +01:00
dependabot[bot]
7ca3a9e7a6
Bump knex from 0.20.15 to 2.4.0 in /backend 
Bumps [knex](https://github.com/knex/knex) from 0.20.15 to 2.4.0.
- [Release notes](https://github.com/knex/knex/releases)
- [Changelog](https://github.com/knex/knex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/knex/knex/compare/0.20.15...2.4.0)

---
updated-dependencies:
- dependency-name: knex
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-11 02:35:51 +00:00
Jake Merdich
c80d099193
ACL changes should not blow away cert config 
When editing an access list, all affected sites get their config updated without certificates, functionally breaking https on those sites until they get a manual config change that rewrites the config properly. Properly fetch the certificate from the DB before `bulkGenerateConfigs` so it gets updated right.

I am not certain whether there are similar bugs in other places that use `bulkGenerateConfigs`.

Should fix #2254
 2023-01-10 01:59:04 -05:00
Zoey
5a89e9e8e8
change paths and make quic be enabled sepperat 2023-01-06 18:06:49 +01:00
dependabot[bot]
b69e493c54
Bump json5 from 2.1.3 to 2.2.3 in /backend 
Bumps [json5](https://github.com/json5/json5) from 2.1.3 to 2.2.3.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](https://github.com/json5/json5/compare/v2.1.3...v2.2.3)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-06 02:33:27 +00:00
Zoey
6c56070a46
rebrand SSL to TLS 
Signed-off-by: Zoey <zoey@z0ey.de>
 2023-01-03 01:09:44 +01:00
Zoey
d7db5527d9
changes on ssl 
Signed-off-by: Zoey <zoey@z0ey.de>
 2022-12-31 21:24:54 +01:00
Zoey
920bce627a add php 
Signed-off-by: Zoey <zoey@z0ey.de>
 2022-12-27 22:44:01 +01:00
Zoey
19a304d9ce init 
Signed-off-by: Zoey <zoey@z0ey.de>
 2022-12-17 14:25:32 +01:00
plantysnake
8dee139810 Fix linter issues 2022-11-21 01:46:42 +03:00
plantysnake
6349cb6094 Fix cerbot plugin installation issues 2022-11-18 15:06:19 +03:00
Jamie Curnow
fd30cfe98b Fix linting 2022-11-15 07:54:48 +10:00
Jamie Curnow
6f281fef42 Workaround for cloudflare plugin install (#2381) 2022-11-15 07:48:57 +10:00
jc21
b673ebe2ca
Merge pull request #2126 from NginxProxyManager/dependabot/npm_and_yarn/backend/async-3.2.4 
Bump async from 3.2.1 to 3.2.4 in /backend
 2022-08-23 20:44:21 +10:00
dependabot[bot]
e5966b54a8
Bump moment from 2.27.0 to 2.29.4 in /backend 
Bumps [moment](https://github.com/moment/moment) from 2.27.0 to 2.29.4.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.27.0...2.29.4)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-07 16:43:24 +00:00
dependabot[bot]
1e5916db28
Bump async from 3.2.1 to 3.2.4 in /backend 
Bumps [async](https://github.com/caolan/async) from 3.2.1 to 3.2.4.
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](https://github.com/caolan/async/compare/v3.2.1...v3.2.4)

---
updated-dependencies:
- dependency-name: async
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-22 17:38:17 +00:00
Ivan Kristianto
366fcf0bed Fix nginx/certificates search query 2022-02-12 12:46:06 +07:00
jc21
d7e0ae0fa0
Merge pull request #1701 from jc21/escape-credential-backslashes 
Correctly escape backslashes in dns plugin credentials
 2022-01-02 15:29:31 +10:00
jc21
29ee48530c
Merge pull request #1703 from luoweihua7/develop 
fetch cloudflare ipv4/ipv6 fail #1405
 2022-01-02 15:28:58 +10:00
chaptergy
c803ec7e26 Adds delay after reloading nginx before requesting ssl certificate using http challenge 2021-12-30 13:21:21 +01:00
Larify
7e67f33766 fetch cloudflare ipv4/ipv6 fail #1405 2021-12-30 11:50:21 +08:00
chaptergy
9dd5644183 Correctly escape backslashes in dns plugin credentials 2021-12-29 16:30:49 +01:00
jc21
adc5a2020a
Merge pull request #1666 from TobiasKneidl/patch-1 
Update default.conf to follow the default site setting also for ipv6
 2021-12-27 11:03:14 +10:00
Tobias Kneidl
bb422d4454
Update default.conf 2021-12-22 00:24:05 +01:00
jc21
d45f39aae3
Merge pull request #1538 from jc21/adds-http-challenge-test 
Adds buttons to test availability of server from public internet
 2021-11-10 09:15:26 +10:00
chaptergy
ddd538944a Skip migration if setting does not exist 2021-11-09 14:03:39 +01:00
chaptergy
1f879f67a9 Reverts back to proxy_pass without variables 2021-11-09 13:57:39 +01:00
Chaptergy
ee89dedd0f Adds migration to regenerate default host 2021-11-08 23:11:56 +01:00