diff --git a/.version b/.version index 860487c..37c2961 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.7.1 +2.7.2 diff --git a/README.md b/README.md index a6e99bc..8fb3081 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- + @@ -205,6 +205,30 @@ Special thanks to the following contributors:
Philip Mooney + + + +
WaterCalm + + + + + +
lebrou34 + + + + + +
Mário Franco + + + + + +
Kyle Harding + + diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js index 3725c1c..030b344 100644 --- a/backend/internal/certificate.js +++ b/backend/internal/certificate.js @@ -615,18 +615,26 @@ const internalCertificate = { checkPrivateKey: (private_key) => { return tempWrite(private_key, '/tmp') .then((filepath) => { - let key_type = private_key.includes('-----BEGIN RSA') ? 'rsa' : 'ec'; - return utils.exec('openssl ' + key_type + ' -in ' + filepath + ' -check -noout 2>&1 ') - .then((result) => { - if (!result.toLowerCase().includes('key ok') && !result.toLowerCase().includes('key valid') ) { - throw new error.ValidationError('Result Validation Error: ' + result); - } - fs.unlinkSync(filepath); - return true; - }).catch((err) => { - fs.unlinkSync(filepath); - throw new error.ValidationError('Certificate Key is not valid (' + err.message + ')', err); - }); + return new Promise((resolve, reject) => { + const failTimeout = setTimeout(() => { + reject(new error.ValidationError('Result Validation Error: Validation timed out. This could be due to the key being passphrase-protected.')); + }, 10000); + utils + .exec('openssl pkey -in ' + filepath + ' -check -noout 2>&1 ') + .then((result) => { + clearTimeout(failTimeout); + if (!result.toLowerCase().includes('key is valid')) { + reject(new error.ValidationError('Result Validation Error: ' + result)); + } + fs.unlinkSync(filepath); + resolve(true); + }) + .catch((err) => { + clearTimeout(failTimeout); + fs.unlinkSync(filepath); + reject(new error.ValidationError('Certificate Key is not valid (' + err.message + ')', err)); + }); + }); }); }, diff --git a/backend/internal/host.js b/backend/internal/host.js index a8abf32..58e1d09 100644 --- a/backend/internal/host.js +++ b/backend/internal/host.js @@ -106,7 +106,7 @@ const internalHost = { response_object.total_count += response_object.redirection_hosts.length; } - if (promises_results[1]) { + if (promises_results[2]) { // Dead Hosts response_object.dead_hosts = internalHost._getHostsWithDomains(promises_results[2], domain_names); response_object.total_count += response_object.dead_hosts.length; @@ -158,7 +158,7 @@ const internalHost = { } } - if (promises_results[1]) { + if (promises_results[2]) { // Dead Hosts if (internalHost._checkHostnameRecordsTaken(hostname, promises_results[2], ignore_type === 'dead' && ignore_id ? ignore_id : 0)) { is_taken = true; diff --git a/backend/yarn.lock b/backend/yarn.lock index 8e3d3df..8152980 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -1548,9 +1548,9 @@ inherits@2.0.3: integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4= ini@^1.3.4, ini@^1.3.5, ini@~1.3.0: - version "1.3.5" - resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927" - integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw== + version "1.3.8" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c" + integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew== inquirer@^7.0.0: version "7.3.3" diff --git a/docker/Dockerfile b/docker/Dockerfile index acac5fa..f243208 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -34,7 +34,7 @@ EXPOSE 443 COPY docker/rootfs / ADD backend /app ADD frontend/dist /app/frontend -COPY global /app/global +COPY global /app/global WORKDIR /app RUN yarn install diff --git a/docker/docker-compose.ci.yml b/docker/docker-compose.ci.yml index 89c3857..771b829 100644 --- a/docker/docker-compose.ci.yml +++ b/docker/docker-compose.ci.yml @@ -47,8 +47,8 @@ services: cypress-mysql: image: ${IMAGE}-cypress:ci-${BUILD_NUMBER} build: - context: ../ - dockerfile: test/cypress/Dockerfile + context: ../test/ + dockerfile: cypress/Dockerfile environment: CYPRESS_baseUrl: "http://fullstack-mysql:81" volumes: @@ -58,8 +58,8 @@ services: cypress-sqlite: image: ${IMAGE}-cypress:ci-${BUILD_NUMBER} build: - context: ../ - dockerfile: test/cypress/Dockerfile + context: ../test/ + dockerfile: cypress/Dockerfile environment: CYPRESS_baseUrl: "http://fullstack-sqlite:81" volumes: diff --git a/docker/rootfs/etc/nginx/nginx.conf b/docker/rootfs/etc/nginx/nginx.conf index ed58a5f..4524d2d 100644 --- a/docker/rootfs/etc/nginx/nginx.conf +++ b/docker/rootfs/etc/nginx/nginx.conf @@ -84,6 +84,9 @@ http { stream { # Files generated by NPM include /data/nginx/stream/*.conf; + + # Custom + include /data/nginx/custom/stream[.]conf; } # Custom diff --git a/docs/advanced-config/README.md b/docs/advanced-config/README.md index 30daf25..7c622d5 100644 --- a/docs/advanced-config/README.md +++ b/docs/advanced-config/README.md @@ -24,6 +24,7 @@ You can add your custom configuration snippet files at `/data/nginx/custom` as f - `/data/nginx/custom/root.conf`: Included at the very end of nginx.conf - `/data/nginx/custom/http.conf`: Included at the end of the main http block + - `/data/nginx/custom/stream.conf`: Included at the end of the main stream block - `/data/nginx/custom/server_proxy.conf`: Included at the end of every proxy server block - `/data/nginx/custom/server_redirect.conf`: Included at the end of every redirection server block - `/data/nginx/custom/server_stream.conf`: Included at the end of every stream server block diff --git a/docs/yarn.lock b/docs/yarn.lock index f87d492..0911a23 100644 --- a/docs/yarn.lock +++ b/docs/yarn.lock @@ -5125,9 +5125,9 @@ inherits@2.0.3: integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4= ini@^1.3.5, ini@~1.3.0: - version "1.3.5" - resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927" - integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw== + version "1.3.8" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c" + integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew== internal-ip@^4.3.0: version "4.3.0" diff --git a/frontend/js/app/nginx/certificates/form.ejs b/frontend/js/app/nginx/certificates/form.ejs index 4e40e0b..c8b1369 100644 --- a/frontend/js/app/nginx/certificates/form.ejs +++ b/frontend/js/app/nginx/certificates/form.ejs @@ -129,6 +129,9 @@ <% } else if (provider === 'other') { %> +

+
<%= i18n('ssl', 'passphrase-protection-support-info') %>
+
diff --git a/frontend/js/i18n/messages.json b/frontend/js/i18n/messages.json index eb0f2d2..202e94a 100644 --- a/frontend/js/i18n/messages.json +++ b/frontend/js/i18n/messages.json @@ -112,7 +112,8 @@ "stored-as-plaintext-info": "This data will be stored as plaintext in the database and in a file!", "propagation-seconds": "Propagation Seconds", "propagation-seconds-info": "Leave empty to use the plugins default value. Number of seconds to wait for DNS propagation.", - "processing-info": "Processing... This might take a few minutes." + "processing-info": "Processing... This might take a few minutes.", + "passphrase-protection-support-info": "Key files protected with a passphrase are not supported." }, "proxy-hosts": { "title": "Proxy Hosts", diff --git a/global/certbot-dns-plugins.js b/global/certbot-dns-plugins.js index d0afafd..7bea831 100644 --- a/global/certbot-dns-plugins.js +++ b/global/certbot-dns-plugins.js @@ -20,6 +20,16 @@ */ module.exports = { + aliyun: { + display_name: 'Aliyun', + package_name: 'certbot-dns-aliyun', + package_version: '0.38.1', + dependencies: '', + credentials: `certbot_dns_aliyun:dns_aliyun_access_key = 12345678 +certbot_dns_aliyun:dns_aliyun_access_key_secret = 1234567890abcdef1234567890abcdef`, + full_plugin_name: 'certbot-dns-aliyun:dns-aliyun', + }, + //####################################################// cloudflare: { display_name: 'Cloudflare', package_name: 'certbot-dns-cloudflare', @@ -110,6 +120,15 @@ certbot_dns_dnspod:dns_dnspod_api_token = "DNSPOD-API-TOKEN"`, full_plugin_name: 'certbot-dns-dnspod:dns-dnspod', }, //####################################################// + gandi: { + display_name: 'Gandi Live DNS', + package_name: 'certbot_plugin_gandi', + package_version: '1.2.5', + dependencies: '', + credentials: 'certbot_plugin_gandi:dns_api_key = APIKEY', + full_plugin_name: 'certbot-plugin-gandi:dns', + }, + //####################################################// google: { display_name: 'Google', package_name: 'certbot-dns-google', @@ -272,4 +291,4 @@ aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY`, credentials: 'certbot_dns_vultr:dns_vultr_key = YOUR_VULTR_API_KEY', full_plugin_name: 'certbot-dns-vultr:dns-vultr', }, -}; \ No newline at end of file +}; diff --git a/test/.dockerignore b/test/.dockerignore new file mode 100644 index 0000000..b512c09 --- /dev/null +++ b/test/.dockerignore @@ -0,0 +1 @@ +node_modules \ No newline at end of file diff --git a/test/cypress/Dockerfile b/test/cypress/Dockerfile index 107fa96..be04748 100644 --- a/test/cypress/Dockerfile +++ b/test/cypress/Dockerfile @@ -1,6 +1,11 @@ -FROM cypress/included:4.12.1 +FROM cypress/included:5.6.0 -COPY --chown=1000 ./test /test +COPY --chown=1000 ./ /test + +# mkcert +ENV MKCERT=1.4.2 +RUN wget -O /usr/bin/mkcert "https://github.com/FiloSottile/mkcert/releases/download/v${MKCERT}/mkcert-v${MKCERT}-linux-amd64" \ + && chmod +x /usr/bin/mkcert WORKDIR /test RUN yarn install diff --git a/test/package.json b/test/package.json index 4dd0224..781597b 100644 --- a/test/package.json +++ b/test/package.json @@ -7,7 +7,7 @@ "@jc21/cypress-swagger-validation": "^0.0.9", "@jc21/restler": "^3.4.0", "chalk": "^4.1.0", - "cypress": "^4.12.1", + "cypress": "^5.6.0", "cypress-multi-reporters": "^1.4.0", "cypress-plugin-retries": "^1.5.2", "eslint": "^7.6.0", diff --git a/test/yarn.lock b/test/yarn.lock index 65dd862..c1fe005 100644 --- a/test/yarn.lock +++ b/test/yarn.lock @@ -1293,9 +1293,9 @@ inherits@2, inherits@^2.0.3, inherits@~2.0.3: integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== ini@^1.3.5: - version "1.3.5" - resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927" - integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw== + version "1.3.8" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c" + integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew== is-arguments@^1.0.4: version "1.0.4"