Paul Mansfield
ddbfdf6f6e
Open up lets Encrypt acme challenge config ( #165 )
...
Since Lets Encrypt don't publish IP ranges that their acme challenge service will be sourced from, we need to allow free access to this location special to override any IP ACLs added by Advanced Custom Nginx Configuration. Due to the way Nginx config is applied, this only applies to the regex and below, keeping the IP ACLs working for the rest of the website.
2019-07-05 08:32:41 +10:00
OhHeyAlan
9e476e5b24
Only Secure TLS Ciphers & Protocols ( #134 )
...
Disable insecure SSL/TLS ciphers & protocols. Only TLS_1.2 and TLS_1.3 should be enabled.
2019-05-08 10:01:08 +10:00
Jamie Curnow
b49de0e23e
Enable TLS 1.3 by default
2019-05-02 13:03:16 +10:00
Jamie Curnow
dce6423c85
Fixes #103 - Allow for longer domain names
2019-03-15 07:49:08 +10:00
jc21
133d66c2fe
Default Site customisation and new Settings space ( #91 )
2019-03-04 21:19:36 +10:00
Jamie Curnow
2a3d792591
Fixes #68 - HSTS is now part of the UI
2019-02-18 18:21:45 +10:00
Jamie Curnow
48f2bb4cd8
Fix some ip range stuff
2019-01-03 20:25:01 +10:00
Jamie Curnow
aa270925e9
Additional nginx config for real ip determination
2019-01-03 08:18:48 +10:00
Jamie Curnow
3836f7c40a
Fetch ip ranges for CDN servers, Cloudfront and Cloudfare
2019-01-03 17:04:53 +10:00
Jamie Curnow
c97e6ada5b
Support for upstream ssl proxy hosts
2018-12-12 09:47:12 +10:00
Jocelyn Le Sage
7f8b185e48
Revert "Use default ciphers for default ssl host to prevent confusing browser errors"
...
This reverts commit f9876326c9
2018-11-26 06:38:24 -05:00
Jamie Curnow
a73cbc7116
Whoops, stupid missing semicolon
2018-11-05 13:10:55 +10:00
Jamie Curnow
f9876326c9
Use default ciphers for default ssl host to prevent confusing browser errors
2018-11-05 11:53:46 +10:00
Jamie Curnow
0335370cfb
Fixes #19 and also added debug output for dummy ssl generation
2018-11-05 10:58:22 +11:00
jc21
9b852f01e3
Merge pull request #23 from jlesage/default-https-site
...
Added default HTTPs site.
2018-11-05 09:36:29 +10:00
Jocelyn Le Sage
20fd185652
Added default HTTPs site.
2018-11-02 21:12:40 -04:00
Jamie Curnow
c826ed8c1f
Fix proto forwarded header to industry standard
2018-10-25 08:51:43 +10:00
Jamie Curnow
eb391959aa
Added resolvers auto generation in order for hostnames to work
2018-10-19 16:24:44 +10:00
Jamie Curnow
efa1424cad
Fixes #11 - After creating keys the app needs to completely restart due to aggressive module caching
2018-09-12 11:14:06 +10:00
Jamie Curnow
aea34bea75
Fix
2018-08-23 14:49:59 +10:00
Jamie Curnow
c1938f949d
Polish
2018-08-23 14:24:28 +10:00
Jamie Curnow
c543a1dc34
Finished importer, advanced nginx config for hosts, custom certs used in nginx templates
2018-08-22 14:31:03 +10:00
Jamie Curnow
8d925deeb0
Access polish, import v1 stsarted
2018-08-21 08:33:51 +10:00
Jamie Curnow
3a9fc8e2ea
certificates work
2018-08-17 13:52:47 +10:00
Jamie Curnow
1c57ccdc87
Certificates ui section and permissions
2018-08-02 19:48:47 +10:00
Jamie Curnow
66e25e315b
Audit Log items, backend stuff, help pages
2018-08-01 21:18:17 +10:00
Jamie Curnow
f9c003ad1f
Path changes
2018-08-01 11:17:31 +10:00
Jamie Curnow
8a2996f651
Split out docs, better error handling when database config doesn't exist
2018-08-01 10:04:34 +10:00
Jamie Curnow
1a23907d28
Update config path to data path
2018-07-31 15:18:09 +10:00
Jamie Curnow
3970d2891f
Docker build changes
2018-06-20 09:53:18 +10:00
Jamie Curnow
36896bcfc9
Bypass basic auth for letsencrypt acme requests, reload nginx after ssl renewals
2018-03-16 10:53:50 +10:00
Jamie Curnow
b324110c49
Trying something to fix the auto ssl renewal process
2018-03-16 10:32:35 +10:00
Jamie Curnow
b57d1e5a66
Added Stream forwarding support
2018-02-16 16:57:54 +10:00
Jamie Curnow
6e7435c35d
Initial commit
2017-12-21 09:02:37 +10:00
