Commit Graph

90 Commits

Author SHA1 Message Date
Jaap-Jan de Wit
c5aa2b9f77 add cloudflare renew and make revoke working for both by deleting unnecessary config command 2020-08-23 18:29:16 +00:00
Jaap-Jan de Wit
077cf75ef2 wildcard support 2020-08-23 13:24:20 +00:00
Jaap-Jan de Wit
ff1770204c request via cloudflare dns working 2020-08-23 12:50:41 +00:00
dependabot[bot]
f78a4c6ad1
Bump bcrypt from 4.0.1 to 5.0.0 in /backend
Bumps [bcrypt](https://github.com/kelektiv/node.bcrypt.js) from 4.0.1 to 5.0.0.
- [Release notes](https://github.com/kelektiv/node.bcrypt.js/releases)
- [Changelog](https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kelektiv/node.bcrypt.js/compare/v4.0.1...v5.0.0)

Signed-off-by: dependabot[bot] <support@github.com>
2020-08-20 17:01:00 +00:00
Jocelyn Le Sage
83fad8bcda Removed usage of FROM_UNIXTIME mysql-specific function.
This provide better interoperability with different databases (e.g. sqlite).
Fixes #557
2020-08-14 19:31:05 -04:00
Jocelyn Le Sage
f539e813aa Removed the hardcoded --webroot certbot argument to better support DNS challenge. Also, this option is already set in the default letsencrypt.ini. 2020-08-14 14:28:03 -04:00
Jocelyn Le Sage
01660b5b80 Fixed now_helper for sqlite: it should also returns the time. 2020-08-06 17:16:22 -04:00
Jamie Curnow
ae06b2da75 Updated deps and added contributor 2020-08-06 14:40:54 +10:00
Jamie Curnow
492d450d26 Sqlite Tweaks
- Added cypress testing in CI for sqlite
- Cleaned up promises in setup
- Ensure check for settings is strict
2020-08-06 08:58:20 +10:00
Gergo Torcsvari
6690b7735d sqlite3 and psql support 2020-07-19 20:04:29 +02:00
Gergo Torcsvari
a9e7222e5e introduced now_helper for multidb capabilities 2020-07-19 20:03:53 +02:00
Gergo Torcsvari
f8edeb2775 fixed migration and setup
more info: https://github.com/knex/knex/issues/2820
2020-07-19 20:02:20 +02:00
Subv
d95861e1fb Don't use duplicate relations when eager-loading access list items and clients.
This fixes an Objection warning: 'Duplicate relation "proxy_hosts" in a relation expression. You should use "a.[b, c]" instead of "[a.b, a.c]". This will cause an error in objection 2.0'.

It also fixes the access list clients not being properly eager-loaded when building the proxy host nginx configuration files. Closes #434
2020-05-29 20:29:34 -05:00
jc21
84d8fb0899
Merge pull request #403 from Indemnity83/empty-auth
Don't ask for username/password if none are defined
2020-05-28 09:18:50 +10:00
Jamie Curnow
2ebfdcf0c9 Fix LE certs for IPv6 only domains Fixes 394 2020-05-20 22:21:26 +10:00
Kyle Klaus
df73c2a458 skip auth check if no users defined 2020-05-09 15:51:11 -07:00
Kyle Klaus
96c5c79aef
Fix address validation rule to allow 'all' keyword
The rule was looking for the keyword 'any' but should have been looking for 'all' 

http://nginx.org/en/docs/http/ngx_http_access_module.html
2020-05-09 09:31:58 -07:00
Jamie Curnow
0702a4e58e Fix incorrect var 2020-05-05 10:00:41 +10:00
Jamie Curnow
c0e9d1eb2f Fix satisy typo 2020-04-22 11:11:20 +10:00
spalger
3af560c2d0 switch to 255 limit to match db 2020-04-16 15:14:49 -07:00
spalger
995db12f22 remove arbitrary length limit of forward_host 2020-04-16 14:00:22 -07:00
jc21
a9f068daa8
Merge pull request #360 from Indemnity83/ip-access-control
Client Access Lists
2020-04-15 08:29:40 +10:00
Kyle Klaus
f5ee91aeb3 write access list to proxy host config 2020-04-13 23:32:00 -07:00
Kyle Klaus
e2ee2cbf2d enforce a 'deny all' default rule
this ensures that an access list is 'secure by default' and requires the user to create exceptions or holes in the proection instead of building the wall entirely. This also means that we no longer require the user to input any username/passwords or client addressses and can avoid internal errors which generate unhelpful user errors.
2020-04-13 23:31:54 -07:00
Jamie Curnow
b783602786 Support ipv6 address as a origin header, hopefully fixes #149 2020-04-14 13:01:13 +10:00
Kyle Klaus
005e64eb9f valite auth/access rules in backend 2020-04-13 19:23:55 -07:00
Kyle Klaus
e9e5d293cc expand address format
now accepts CIDR notation, IPv6 or the string 'any'
2020-04-13 19:16:18 -07:00
Kyle Klaus
907e9e182d remove testing cruft 2020-04-11 00:42:58 -07:00
Kyle Klaus
0f238a5021 add satisfy configuration to the ui 2020-04-11 00:26:54 -07:00
Kyle Klaus
fd932c7678 fix bugs preventing client rules from being updated 2020-04-10 17:42:44 -07:00
Kyle Klaus
f990d3f674 add access list clients to back-end 2020-04-10 16:38:54 -07:00
Jamie Curnow
bdb591af9e - Add ability to disable ipv6, fixes #312
- Added ipv6 listening to hosts when configured, fixes #236 and #149
- Added documentation about disabling ipv6
- Updated npm packages
2020-04-07 10:43:19 +10:00
jc21
e4286c96a7
Merge pull request #342 from damianog/patch-1
Update proxy_host.conf
2020-04-06 08:32:48 +10:00
dependabot[bot]
b09f201819
Bump acorn from 7.1.0 to 7.1.1 in /backend
Bumps [acorn](https://github.com/acornjs/acorn) from 7.1.0 to 7.1.1.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/7.1.0...7.1.1)

Signed-off-by: dependabot[bot] <support@github.com>
2020-04-04 12:29:15 +00:00
Damiano
3e7d2b216b
Update proxy_host.conf
FIX as explained on #340
2020-03-27 19:01:21 +01:00
jc21
256bd2336f
v2.2.0 New Brand (#319)
* Tweaks and backend vscode settings

* Version bump

* Updated Icon to be more vibrant

* New logo and new login screen layout, version bump

* New documentation!

* Use CI to update package versions

because I was sick of changing it everywhere

* Generate docs

* Docs upload

* Fix pipeline

* Fix pipeline

* Update readme version before generating docs

* Testing docs deploy

* Fix pipeline

* Updated CI link

* Fix docs upload

* Docs upload fixes

* Fix s3 upload grrr

* Docs tweaks

* Updated readme

* Updated screenshots

Co-authored-by: Jamie Curnow <jamiec@benon.com>
2020-03-11 16:54:10 +10:00
jc21
93f29734b7
Version 2.1.2 (#317)
* Tweaks and backend vscode settings

* Version bump
2020-03-06 11:04:42 +10:00
Jamie Curnow
f040de5788 Update backend packages
Liquid required some changes
Version bump
2020-02-20 09:17:45 +10:00
dependabot[bot]
26a8e234fa
Bump knex from 0.15.2 to 0.19.5 in /backend (#294)
Bumps [knex](https://github.com/knex/knex) from 0.15.2 to 0.19.5.
- [Release notes](https://github.com/knex/knex/releases)
- [Changelog](https://github.com/knex/knex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/knex/knex/compare/0.15.2...0.19.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: jc21 <jc@jc21.com>
2020-02-19 17:32:19 +11:00
jc21
bb0f4bfa62
v2.1.0 (#293)
* Fix wrapping when too many hosts are shown (#207)

* Update npm packages, fixes CVE-2019-10757

* Revert some breaking packages

* Major overhaul

- Docker buildx support in CI
- Cypress API Testing in CI
- Restructured folder layout (insert clean face meme)
- Added Swagger documentation and validate API against that (to be completed)
- Use common base image for all supported archs, which includes updated nginx with ipv6 support
- Updated certbot and changes required for it
- Large amount of Hosts names will wrap in UI
- Updated packages for frontend
- Version bump 2.1.0

* Updated documentation

* Fix JWT expire time going crazy. Now set to 1day

* Backend JS formatting rules

* Remove v1 importer, I doubt anyone is using v1 anymore

* Added backend formatting rules and enforce them
in Jenkins builds

* Fix CI, doesn't need a tty

* Thanks bcrypt. Why can't you just be normal.

* Cleanup after syntax check

Co-authored-by: Marcelo Castagna <margaale@users.noreply.github.com>
2020-02-19 15:55:06 +11:00