Moved v3 code from NginxProxyManager/nginx-proxy-manager-3 to NginxProxyManager/nginx-proxy-manager

docker/dev/Dockerfile

@@ -1,15 +1,34 @@
-FROM nginxproxymanager/nginx-full:certbot-node
+FROM nginxproxymanager/testca as testca
+FROM letsencrypt/pebble as pebbleca
+FROM nginxproxymanager/nginx-full:acmesh-golang
 LABEL maintainer="Jamie Curnow <jc@jc21.com>"
 
-ENV S6_LOGGING=0 \
-	SUPPRESS_NO_CONFIG_WARNING=1 \
-	S6_FIX_ATTRS_HIDDEN=1
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 
-RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
+ARG GOPROXY
+ARG GOPRIVATE
+
+ENV GOPROXY=$GOPROXY \
+	GOPRIVATE=$GOPRIVATE \
+	S6_LOGGING=0 \
+	SUPPRESS_NO_CONFIG_WARNING=1 \
+	S6_FIX_ATTRS_HIDDEN=1 \
+	ACMESH_CONFIG_HOME=/data/.acme.sh/config \
+	ACMESH_HOME=/data/.acme.sh \
+	CERT_HOME=/data/.acme.sh/certs \
+	LE_CONFIG_HOME=/data/.acme.sh/config \
+	LE_WORKING_DIR=/data/.acme.sh
+
+RUN echo "fs.file-max = 65535" > /etc/sysctl.conf
+
+# usql and node
+RUN curl -fsSL https://deb.nodesource.com/setup_14.x | bash - \
 	&& apt-get update \
-	&& apt-get install -y certbot jq python3-pip logrotate \
+	&& apt-get install -y --no-install-recommends nodejs vim dnsutils \
+	&& npm install -g yarn \
 	&& apt-get clean \
-	&& rm -rf /var/lib/apt/lists/*
+	&& rm -rf /var/lib/apt/lists/* \
+	&& go install github.com/xo/usql@master
 
 # Task
 RUN cd /usr \
@@ -18,12 +37,29 @@ RUN cd /usr \
 
 COPY rootfs /
 RUN rm -f /etc/nginx/conf.d/production.conf
-RUN chmod 644 /etc/logrotate.d/nginx-proxy-manager
 
 # s6 overlay
 RUN curl -L -o /tmp/s6-overlay-amd64.tar.gz "https://github.com/just-containers/s6-overlay/releases/download/v1.22.1.0/s6-overlay-amd64.tar.gz" \
 	&& tar -xzf /tmp/s6-overlay-amd64.tar.gz -C /
 
-EXPOSE 80 81 443
-ENTRYPOINT [ "/init" ]
+# Fix for golang dev:
+RUN chown -R 1000:1000 /opt/go
 
+COPY --from=pebbleca /test/certs/pebble.minica.pem /etc/ssl/certs/pebble.minica.pem
+COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/certs/NginxProxyManager.crt
+
+# Dummy cert
+RUN openssl req \
+	-new \
+	-newkey rsa:2048 \
+	-days 3650 \
+	-nodes \
+	-x509 \
+	-subj '/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost' \
+	-keyout /etc/ssl/certs/dummykey.pem \
+	-out /etc/ssl/certs/dummycert.pem \
+	&& chmod +r /etc/ssl/certs/dummykey.pem /etc/ssl/certs/dummycert.pem
+
+EXPOSE 80
+CMD [ "/init" ]
+HEALTHCHECK --interval=15s --timeout=3s CMD curl -f http://127.0.0.1:81/api || exit 1

docker/dev/dnsrouter-config.json

@@ -0,0 +1,28 @@
+{
+    "log": {
+        "format": "nice",
+        "level": "debug"
+    },
+    "servers": [
+        {
+            "host": "0.0.0.0",
+            "port": 53,
+            "upstreams": [
+                {
+                    "regex": "website[0-9]+.example\\.com",
+                    "upstream": "127.0.0.11"
+                },
+                {
+                    "regex": ".*\\.example\\.com",
+                    "upstream": "1.1.1.1"
+                },
+                {
+                    "regex": "local",
+                    "nxdomain": true
+                }
+            ],
+            "internal": null,
+            "default_upstream": "127.0.0.11"
+        }
+    ]
+}

docker/dev/pdns-db.sql

@@ -0,0 +1,87 @@
+CREATE TABLE `comments` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `domain_id` int(11) NOT NULL,
+  `name` varchar(255) NOT NULL,
+  `type` varchar(10) NOT NULL,
+  `modified_at` int(11) NOT NULL,
+  `account` varchar(40) CHARACTER SET utf8mb3 DEFAULT NULL,
+  `comment` text CHARACTER SET utf8mb3 NOT NULL,
+  PRIMARY KEY (`id`),
+  KEY `comments_name_type_idx` (`name`,`type`),
+  KEY `comments_order_idx` (`domain_id`,`modified_at`)
+);
+
+CREATE TABLE `cryptokeys` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `domain_id` int(11) NOT NULL,
+  `flags` int(11) NOT NULL,
+  `active` tinyint(1) DEFAULT NULL,
+  `published` tinyint(1) DEFAULT 1,
+  `content` text DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  KEY `domainidindex` (`domain_id`)
+);
+
+CREATE TABLE `domainmetadata` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `domain_id` int(11) NOT NULL,
+  `kind` varchar(32) DEFAULT NULL,
+  `content` text DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  KEY `domainmetadata_idx` (`domain_id`,`kind`)
+);
+
+INSERT INTO `domainmetadata` VALUES (1,1,'SOA-EDIT-API','DEFAULT');
+
+CREATE TABLE `domains` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `name` varchar(255) NOT NULL,
+  `master` varchar(128) DEFAULT NULL,
+  `last_check` int(11) DEFAULT NULL,
+  `type` varchar(6) NOT NULL,
+  `notified_serial` int(10) unsigned DEFAULT NULL,
+  `account` varchar(40) CHARACTER SET utf8mb3 DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `name_index` (`name`)
+);
+
+INSERT INTO `domains` VALUES (1,'example.com','',NULL,'NATIVE',NULL,'');
+
+CREATE TABLE `records` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `domain_id` int(11) DEFAULT NULL,
+  `name` varchar(255) DEFAULT NULL,
+  `type` varchar(10) DEFAULT NULL,
+  `content` TEXT DEFAULT NULL,
+  `ttl` int(11) DEFAULT NULL,
+  `prio` int(11) DEFAULT NULL,
+  `disabled` tinyint(1) DEFAULT 0,
+  `ordername` varchar(255) CHARACTER SET latin1 COLLATE latin1_bin DEFAULT NULL,
+  `auth` tinyint(1) DEFAULT 1,
+  PRIMARY KEY (`id`),
+  KEY `nametype_index` (`name`,`type`),
+  KEY `domain_id` (`domain_id`),
+  KEY `ordername` (`ordername`)
+);
+
+INSERT INTO `records` VALUES
+(1,1,'example.com','NS','ns1.pdns',1500,0,0,NULL,1),
+(2,1,'example.com','NS','ns2.pdns',1500,0,0,NULL,1),
+(4,1,'test.example.com','A','10.0.0.1',60,0,0,NULL,1),
+(5,1,'example.com','SOA','a.misconfigured.dns.server.invalid hostmaster.example.com 2022020702 10800 3600 604800 3600',1500,0,0,NULL,1);
+
+CREATE TABLE `supermasters` (
+  `ip` varchar(64) NOT NULL,
+  `nameserver` varchar(255) NOT NULL,
+  `account` varchar(40) CHARACTER SET utf8mb3 NOT NULL,
+  PRIMARY KEY (`ip`,`nameserver`)
+);
+
+CREATE TABLE `tsigkeys` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `name` varchar(255) DEFAULT NULL,
+  `algorithm` varchar(50) DEFAULT NULL,
+  `secret` varchar(255) DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `namealgoindex` (`name`,`algorithm`)
+);

docker/dev/pebble-config.json

@@ -0,0 +1,12 @@
+{
+	"pebble": {
+		"listenAddress": "0.0.0.0:443",
+		"managementListenAddress": "0.0.0.0:15000",
+		"certificate": "test/certs/localhost/cert.pem",
+		"privateKey": "test/certs/localhost/key.pem",
+		"httpPort": 80,
+		"tlsPort": 443,
+		"ocspResponderURL": "",
+		"externalAccountBindingRequired": false
+	}
+}