Use correct var when returning updated certificate

Add cert renewals to audit log
Don't use LE staging when debug mode is on in production
2019-05-09 10:03:41 +10:00 · 2019-05-09 09:20:49 +10:00 · 2019-05-09 08:58:10 +10:00 · 2019-05-08 15:34:14 +10:00 · 2019-05-08 15:33:54 +10:00 · 2019-05-08 15:25:48 +10:00
153 changed files with 596 additions and 495 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -0,0 +1,36 @@
 ---
 name: Bug report
 about: Create a report to help us improve
 title: ''
 labels: bug
 assignees: ''
 ---
 **Checklist**
 - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image?
 - Are you sure you're not using someone else's docker image?
 - If having problems with Lets Encrypt, have you made absolutely sure your site is accessible from outside of your network?
 **Describe the bug**
 - A clear and concise description of what the bug is.
 - What version of Nginx Proxy Manager is reported on the login page?
 **To Reproduce**
 Steps to reproduce the behavior:
 1. Go to '...'
 2. Click on '....'
 3. Scroll down to '....'
 4. See error
 **Expected behavior**
 A clear and concise description of what you expected to happen.
 **Screenshots**
 If applicable, add screenshots to help explain your problem.
 **Operating System**
 - Please specify if using a Rpi, Mac, orchestration tool or any other setups that might affect the reproduction of this error.
 **Additional context**
 Add any other context about the problem here, docker version, browser version if applicable to the problem. Too much info is better than too little.
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@ -0,0 +1,20 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
 title: ''
 labels: enhancement
 assignees: ''
 ---
 **Is your feature request related to a problem? Please describe.**
 A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
 **Describe the solution you'd like**
 A clear and concise description of what you want to happen.
 **Describe alternatives you've considered**
 A clear and concise description of any alternative solutions or features you've considered.
 **Additional context**
 Add any other context or screenshots about the feature request here.
--- a/Dockerfile.armv6l
+++ b/Dockerfile.armv6l
--- a/Dockerfile.armv7l
+++ b/Dockerfile.armv7l
--- a/345
+++ b/345
@ -6,13 +6,16 @@ pipeline {
  agent any
  environment {
    IMAGE            = "nginx-proxy-manager"
-    BASE_IMAGE       = "jc21/nginx-proxy-manager-base"
+    BASE_IMAGE       = "jc21/${IMAGE}-base"
-    TEMP_IMAGE       = "nginx-proxy-manager-build_${BUILD_NUMBER}"
+    TEMP_IMAGE       = "${IMAGE}-build_${BUILD_NUMBER}"
    TEMP_IMAGE_ARM   = "nginx-proxy-manager-arm-build_${BUILD_NUMBER}"
    TEMP_IMAGE_ARM64 = "nginx-proxy-manager-arm64-build_${BUILD_NUMBER}"
    TAG_VERSION      = getPackageVersion()
    MAJOR_VERSION    = "2"
    BRANCH_LOWER     = "${BRANCH_NAME.toLowerCase()}"
    // Architectures:
    AMD64_TAG        = "amd64"
    ARMV6_TAG        = "armv6l"
    ARMV7_TAG        = "armv7l"
    ARM64_TAG        = "arm64"
  }
  stages {
    stage('Build PR') {
@ -29,19 +32,19 @@ pipeline {
          sh 'docker run --rm -v $(pwd):/data ${DOCKER_CI_TOOLS} node-prune'
          // Docker Build
-          sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE} .'
+          sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE}-${AMD64_TAG} .'
          // Dockerhub
-          sh 'docker tag ${TEMP_IMAGE} docker.io/jc21/${IMAGE}:github-${BRANCH_LOWER}'
+          sh 'docker tag ${TEMP_IMAGE}-${AMD64_TAG} docker.io/jc21/${IMAGE}:github-${BRANCH_LOWER}-${AMD64_TAG}'
          withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
            sh "docker login -u '${duser}' -p '${dpass}'"
-            sh 'docker push docker.io/jc21/${IMAGE}:github-${BRANCH_LOWER}'
+            sh 'docker push docker.io/jc21/${IMAGE}:github-${BRANCH_LOWER}-${AMD64_TAG}'
          }
-          sh 'docker rmi ${TEMP_IMAGE}'
+          sh 'docker rmi ${TEMP_IMAGE}-${AMD64_TAG}'
          script {
-            def comment = pullRequest.comment("Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/jc21/${IMAGE}) as `jc21/${IMAGE}:github-${BRANCH_LOWER}`")
+            def comment = pullRequest.comment("Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/jc21/${IMAGE}) as `jc21/${IMAGE}:github-${BRANCH_LOWER}-${AMD64_TAG}`")
          }
        }
      }
@ -60,23 +63,16 @@ pipeline {
          sh 'docker run --rm -v $(pwd):/data ${DOCKER_CI_TOOLS} node-prune'
          // Docker Build
-          sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE} .'
+          sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE}-${AMD64_TAG} .'
          // Dockerhub
-          sh 'docker tag ${TEMP_IMAGE} docker.io/jc21/${IMAGE}:develop'
+          sh 'docker tag ${TEMP_IMAGE}-${AMD64_TAG} docker.io/jc21/${IMAGE}:develop-${AMD64_TAG}'
          withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
            sh "docker login -u '${duser}' -p '${dpass}'"
-            sh 'docker push docker.io/jc21/${IMAGE}:develop'
+            sh 'docker push docker.io/jc21/${IMAGE}:develop-${AMD64_TAG}'
          }
-          // Private Registry
+          sh 'docker rmi ${TEMP_IMAGE}-${AMD64_TAG}'
          sh 'docker tag ${TEMP_IMAGE} ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:develop'
          withCredentials([usernamePassword(credentialsId: 'jc21-private-registry', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
            sh "docker login -u '${duser}' -p '${dpass}' ${DOCKER_PRIVATE_REGISTRY}"
            sh 'docker push ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:develop'
          }
          sh 'docker rmi ${TEMP_IMAGE}'
        }
      }
    }
@ -85,7 +81,13 @@ pipeline {
        branch 'master'
      }
      parallel {
-        stage('x86_64') {
+        // ========================
        // amd64
        // ========================
        stage('amd64') {
          agent {
            label 'amd64'
          }
          steps {
            ansiColor('xterm') {
              // Codebase
@ -96,79 +98,27 @@ pipeline {
              sh 'docker run --rm -v $(pwd):/data ${DOCKER_CI_TOOLS} node-prune'
              // Docker Build
-              sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE} .'
+              sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE}-${AMD64_TAG} .'
              // Dockerhub
-              sh 'docker tag ${TEMP_IMAGE} docker.io/jc21/${IMAGE}:${TAG_VERSION}'
+              sh 'docker tag ${TEMP_IMAGE}-${AMD64_TAG} docker.io/jc21/${IMAGE}:${TAG_VERSION}-${AMD64_TAG}'
-              sh 'docker tag ${TEMP_IMAGE} docker.io/jc21/${IMAGE}:${MAJOR_VERSION}'
+              sh 'docker tag ${TEMP_IMAGE}-${AMD64_TAG} docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-${AMD64_TAG}'
-              sh 'docker tag ${TEMP_IMAGE} docker.io/jc21/${IMAGE}:latest'
+              sh 'docker tag ${TEMP_IMAGE}-${AMD64_TAG} docker.io/jc21/${IMAGE}:latest-${AMD64_TAG}'
              withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
                sh "docker login -u '${duser}' -p '${dpass}'"
-                sh 'docker push docker.io/jc21/${IMAGE}:${TAG_VERSION}'
+                sh 'docker push docker.io/jc21/${IMAGE}:${TAG_VERSION}-${AMD64_TAG}'
-                sh 'docker push docker.io/jc21/${IMAGE}:${MAJOR_VERSION}'
+                sh 'docker push docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-${AMD64_TAG}'
-                sh 'docker push docker.io/jc21/${IMAGE}:latest'
+                sh 'docker push docker.io/jc21/${IMAGE}:latest-${AMD64_TAG}'
              }
-              // Private Registry
+              sh 'docker rmi ${TEMP_IMAGE}-${AMD64_TAG}'
              sh 'docker tag ${TEMP_IMAGE} ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${TAG_VERSION}'
              sh 'docker tag ${TEMP_IMAGE} ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${MAJOR_VERSION}'
              sh 'docker tag ${TEMP_IMAGE} ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:latest'
              withCredentials([usernamePassword(credentialsId: 'jc21-private-registry', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
                sh "docker login -u '${duser}' -p '${dpass}' ${DOCKER_PRIVATE_REGISTRY}"
                sh 'docker push ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${TAG_VERSION}'
                sh 'docker push ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${MAJOR_VERSION}'
                sh 'docker push ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:latest'
              }
              sh 'docker rmi ${TEMP_IMAGE}'
            }
          }
        }
        stage('armhf') {
          agent {
            label 'armhf'
          }
          steps {
            ansiColor('xterm') {
              // Codebase
              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE}:armhf yarn install'
              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE}:armhf npm run-script build'
              sh 'rm -rf node_modules'
              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE}:armhf yarn install --prod'
              // Docker Build
              sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE_ARM} -f Dockerfile.armhf .'
              // Dockerhub
              sh 'docker tag ${TEMP_IMAGE_ARM} docker.io/jc21/${IMAGE}:${TAG_VERSION}-armhf'
              sh 'docker tag ${TEMP_IMAGE_ARM} docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-armhf'
              sh 'docker tag ${TEMP_IMAGE_ARM} docker.io/jc21/${IMAGE}:latest-armhf'
              withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
                sh "docker login -u '${duser}' -p '${dpass}'"
                sh 'docker push docker.io/jc21/${IMAGE}:${TAG_VERSION}-armhf'
                sh 'docker push docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-armhf'
                sh 'docker push docker.io/jc21/${IMAGE}:latest-armhf'
              }
              // Private Registry
              sh 'docker tag ${TEMP_IMAGE_ARM} ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${TAG_VERSION}-armhf'
              sh 'docker tag ${TEMP_IMAGE_ARM} ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${MAJOR_VERSION}-armhf'
              sh 'docker tag ${TEMP_IMAGE_ARM} ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:latest-armhf'
              withCredentials([usernamePassword(credentialsId: 'jc21-private-registry', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
                sh "docker login -u '${duser}' -p '${dpass}' ${DOCKER_PRIVATE_REGISTRY}"
                sh 'docker push ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${TAG_VERSION}-armhf'
                sh 'docker push ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${MAJOR_VERSION}-armhf'
                sh 'docker push ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:latest-armhf'
              }
              sh 'docker rmi ${TEMP_IMAGE_ARM}'
            }
          }
        }
        // ========================
        // arm64
        // ========================
        stage('arm64') {
          agent {
            label 'arm64'
@ -176,45 +126,219 @@ pipeline {
          steps {
            ansiColor('xterm') {
              // Codebase
-              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE}:arm64 yarn install'
+              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE} yarn install'
-              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE}:arm64 npm run-script build'
+              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE} npm run-script build'
              sh 'sudo rm -rf node_modules'
-              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE}:arm64 yarn install --prod'
+              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE} yarn install --prod'
              // Docker Build
-              sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE_ARM64} -f Dockerfile.arm64 .'
+              sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE}-${ARM64_TAG} -f Dockerfile.${ARM64_TAG} .'
              // Dockerhub
-              sh 'docker tag ${TEMP_IMAGE_ARM64} docker.io/jc21/${IMAGE}:${TAG_VERSION}-arm64'
+              sh 'docker tag ${TEMP_IMAGE}-${ARM64_TAG} docker.io/jc21/${IMAGE}:${TAG_VERSION}-${ARM64_TAG}'
-              sh 'docker tag ${TEMP_IMAGE_ARM64} docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-arm64'
+              sh 'docker tag ${TEMP_IMAGE}-${ARM64_TAG} docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-${ARM64_TAG}'
-              sh 'docker tag ${TEMP_IMAGE_ARM64} docker.io/jc21/${IMAGE}:latest-arm64'
+              sh 'docker tag ${TEMP_IMAGE}-${ARM64_TAG} docker.io/jc21/${IMAGE}:latest-${ARM64_TAG}'
              withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
                sh "docker login -u '${duser}' -p '${dpass}'"
-                sh 'docker push docker.io/jc21/${IMAGE}:${TAG_VERSION}-arm64'
+                sh 'docker push docker.io/jc21/${IMAGE}:${TAG_VERSION}-${ARM64_TAG}'
-                sh 'docker push docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-arm64'
+                sh 'docker push docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-${ARM64_TAG}'
-                sh 'docker push docker.io/jc21/${IMAGE}:latest-arm64'
+                sh 'docker push docker.io/jc21/${IMAGE}:latest-${ARM64_TAG}'
              }
-              // Private Registry
+              sh 'docker rmi ${TEMP_IMAGE}-${ARM64_TAG}'
              sh 'docker tag ${TEMP_IMAGE_ARM64} ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${TAG_VERSION}-arm64'
              sh 'docker tag ${TEMP_IMAGE_ARM64} ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${MAJOR_VERSION}-arm64'
              sh 'docker tag ${TEMP_IMAGE_ARM64} ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:latest-arm64'
              withCredentials([usernamePassword(credentialsId: 'jc21-private-registry', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
                sh "docker login -u '${duser}' -p '${dpass}' ${DOCKER_PRIVATE_REGISTRY}"
                sh 'docker push ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${TAG_VERSION}-arm64'
                sh 'docker push ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:${MAJOR_VERSION}-arm64'
                sh 'docker push ${DOCKER_PRIVATE_REGISTRY}/${IMAGE}:latest-arm64'
              }
              sh 'docker rmi ${TEMP_IMAGE_ARM64}'
              // Hack to clean up ec2 instance for next build
              sh 'sudo chown -R ec2-user:ec2-user *'
            }
          }
        }
        // ========================
        // armv7l
        // ========================
        stage('armv7l') {
          agent {
            label 'armv7l'
          }
          steps {
            ansiColor('xterm') {
              // Codebase
              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE} yarn install'
              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE} npm run-script build'
              sh 'rm -rf node_modules'
              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE} yarn install --prod'
              // Docker Build
              sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE}-${ARMV7_TAG} -f Dockerfile.${ARMV7_TAG} .'
              // Dockerhub
              sh 'docker tag ${TEMP_IMAGE}-${ARMV7_TAG} docker.io/jc21/${IMAGE}:${TAG_VERSION}-${ARMV7_TAG}'
              sh 'docker tag ${TEMP_IMAGE}-${ARMV7_TAG} docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-${ARMV7_TAG}'
              sh 'docker tag ${TEMP_IMAGE}-${ARMV7_TAG} docker.io/jc21/${IMAGE}:latest-${ARMV7_TAG}'
              withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
                sh "docker login -u '${duser}' -p '${dpass}'"
                sh 'docker push docker.io/jc21/${IMAGE}:${TAG_VERSION}-${ARMV7_TAG}'
                sh 'docker push docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-${ARMV7_TAG}'
                sh 'docker push docker.io/jc21/${IMAGE}:latest-${ARMV7_TAG}'
              }
              sh 'docker rmi ${TEMP_IMAGE}-${ARMV7_TAG}'
            }
          }
        }
        // ========================
        // armv6l - Disabled for the time being
        // ========================
        /*
        stage('armv6l') {
          agent {
            label 'armv6l'
          }
          steps {
            ansiColor('xterm') {
              // Codebase
              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE} yarn install'
              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE} npm run-script build'
              sh 'rm -rf node_modules'
              sh 'docker run --rm -v $(pwd):/app -w /app ${BASE_IMAGE} yarn install --prod'
              // Docker Build
              sh 'docker build --pull --no-cache --squash --compress -t ${TEMP_IMAGE}-${ARMV6_TAG} -f Dockerfile.${ARMV6_TAG} .'
              // Dockerhub
              sh 'docker tag ${TEMP_IMAGE}-${ARMV6_TAG} docker.io/jc21/${IMAGE}:${TAG_VERSION}-${ARMV6_TAG}'
              sh 'docker tag ${TEMP_IMAGE}-${ARMV6_TAG} docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-${ARMV6_TAG}'
              sh 'docker tag ${TEMP_IMAGE}-${ARMV6_TAG} docker.io/jc21/${IMAGE}:latest-${ARMV6_TAG}'
              withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
                sh "docker login -u '${duser}' -p '${dpass}'"
                sh 'docker push docker.io/jc21/${IMAGE}:${TAG_VERSION}-${ARMV6_TAG}'
                sh 'docker push docker.io/jc21/${IMAGE}:${MAJOR_VERSION}-${ARMV6_TAG}'
                sh 'docker push docker.io/jc21/${IMAGE}:latest-${ARMV6_TAG}'
              }
              sh 'docker rmi ${TEMP_IMAGE}-${ARMV6_TAG}'
            }
          }
        }
        */
      }
    }
    // ========================
    // latest manifest
    // ========================
    stage('Latest Manifest') {
      when {
        branch 'master'
      }
      steps {
        ansiColor('xterm') {
          // =======================
          // latest
          // =======================
          sh 'docker pull jc21/${IMAGE}:latest-${AMD64_TAG}'
          sh 'docker pull jc21/${IMAGE}:latest-${ARM64_TAG}'
          sh 'docker pull jc21/${IMAGE}:latest-${ARMV7_TAG}'
          //sh 'docker pull jc21/${IMAGE}:latest-${ARMV6_TAG}'
          sh 'docker manifest push --purge jc21/${IMAGE}:latest || echo ""'
          sh 'docker manifest create jc21/${IMAGE}:latest jc21/${IMAGE}:latest-${AMD64_TAG} jc21/${IMAGE}:latest-${ARM64_TAG} jc21/${IMAGE}:latest-${ARMV7_TAG}'
          sh 'docker manifest annotate jc21/${IMAGE}:latest jc21/${IMAGE}:latest-${AMD64_TAG} --arch ${AMD64_TAG}'
          sh 'docker manifest annotate jc21/${IMAGE}:latest jc21/${IMAGE}:latest-${ARM64_TAG} --os linux --arch ${ARM64_TAG}'
          sh 'docker manifest annotate jc21/${IMAGE}:latest jc21/${IMAGE}:latest-${ARMV7_TAG} --os linux --arch arm --variant ${ARMV7_TAG}'
          //sh 'docker manifest annotate jc21/${IMAGE}:latest jc21/${IMAGE}:latest-${ARMV6_TAG} --os linux --arch arm --variant ${ARMV6_TAG}'
          sh 'docker manifest push --purge jc21/${IMAGE}:latest'
          // =======================
          // major version
          // =======================
          sh 'docker pull jc21/${IMAGE}:${MAJOR_VERSION}-${AMD64_TAG}'
          sh 'docker pull jc21/${IMAGE}:${MAJOR_VERSION}-${ARM64_TAG}'
          sh 'docker pull jc21/${IMAGE}:${MAJOR_VERSION}-${ARMV7_TAG}'
          //sh 'docker pull jc21/${IMAGE}:${MAJOR_VERSION}-${ARMV6_TAG}'
          sh 'docker manifest push --purge jc21/${IMAGE}:${MAJOR_VERSION} || echo ""'
          sh 'docker manifest create jc21/${IMAGE}:${MAJOR_VERSION} jc21/${IMAGE}:${MAJOR_VERSION}-${AMD64_TAG} jc21/${IMAGE}:${MAJOR_VERSION}-${ARM64_TAG} jc21/${IMAGE}:${MAJOR_VERSION}-${ARMV7_TAG}'
          sh 'docker manifest annotate jc21/${IMAGE}:${MAJOR_VERSION} jc21/${IMAGE}:${MAJOR_VERSION}-${AMD64_TAG} --arch ${AMD64_TAG}'
          sh 'docker manifest annotate jc21/${IMAGE}:${MAJOR_VERSION} jc21/${IMAGE}:${MAJOR_VERSION}-${ARM64_TAG} --os linux --arch ${ARM64_TAG}'
          sh 'docker manifest annotate jc21/${IMAGE}:${MAJOR_VERSION} jc21/${IMAGE}:${MAJOR_VERSION}-${ARMV7_TAG} --os linux --arch arm --variant ${ARMV7_TAG}'
          //sh 'docker manifest annotate jc21/${IMAGE}:${MAJOR_VERSION} jc21/${IMAGE}:${MAJOR_VERSION}-${ARMV6_TAG} --os linux --arch arm --variant ${ARMV6_TAG}'
          // =======================
          // version
          // =======================
          sh 'docker pull jc21/${IMAGE}:${TAG_VERSION}-${AMD64_TAG}'
          sh 'docker pull jc21/${IMAGE}:${TAG_VERSION}-${ARM64_TAG}'
          sh 'docker pull jc21/${IMAGE}:${TAG_VERSION}-${ARMV7_TAG}'
          //sh 'docker pull jc21/${IMAGE}:${TAG_VERSION}-${ARMV6_TAG}'
          sh 'docker manifest push --purge jc21/${IMAGE}:${TAG_VERSION} || echo ""'
          sh 'docker manifest create jc21/${IMAGE}:${TAG_VERSION} jc21/${IMAGE}:${TAG_VERSION}-${AMD64_TAG} jc21/${IMAGE}:${TAG_VERSION}-${ARM64_TAG} jc21/${IMAGE}:${TAG_VERSION}-${ARMV7_TAG}'
          sh 'docker manifest annotate jc21/${IMAGE}:${TAG_VERSION} jc21/${IMAGE}:${TAG_VERSION}-${AMD64_TAG} --arch ${AMD64_TAG}'
          sh 'docker manifest annotate jc21/${IMAGE}:${TAG_VERSION} jc21/${IMAGE}:${TAG_VERSION}-${ARM64_TAG} --os linux --arch ${ARM64_TAG}'
          sh 'docker manifest annotate jc21/${IMAGE}:${TAG_VERSION} jc21/${IMAGE}:${TAG_VERSION}-${ARMV7_TAG} --os linux --arch arm --variant ${ARMV7_TAG}'
          //sh 'docker manifest annotate jc21/${IMAGE}:${TAG_VERSION} jc21/${IMAGE}:${TAG_VERSION}-${ARMV6_TAG} --os linux --arch arm --variant ${ARMV6_TAG}'
        }
      }
    }
    // ========================
    // develop
    // ========================
    stage('Develop Manifest') {
      when {
        branch 'develop'
      }
      steps {
        ansiColor('xterm') {
          sh 'docker pull jc21/${IMAGE}:develop-${AMD64_TAG}'
          //sh 'docker pull jc21/${IMAGE}:develop-${ARM64_TAG}'
          //sh 'docker pull jc21/${IMAGE}:develop-${ARMV7_TAG}'
          //sh 'docker pull jc21/${IMAGE}:${TAG_VERSION}-${ARMV6_TAG}'
          sh 'docker manifest push --purge jc21/${IMAGE}:develop || :'
          sh 'docker manifest create jc21/${IMAGE}:develop jc21/${IMAGE}:develop-${AMD64_TAG}'
          sh 'docker manifest annotate jc21/${IMAGE}:develop jc21/${IMAGE}:develop-${AMD64_TAG} --arch ${AMD64_TAG}'
          //sh 'docker manifest annotate jc21/${IMAGE}:develop jc21/${IMAGE}:develop-${ARM64_TAG} --os linux --arch ${ARM64_TAG}'
          //sh 'docker manifest annotate jc21/${IMAGE}:develop jc21/${IMAGE}:develop-${ARMV7_TAG} --os linux --arch arm --variant ${ARMV7_TAG}'
          //sh 'docker manifest annotate jc21/${IMAGE}:develop jc21/${IMAGE}:develop-${ARMV6_TAG} --os linux --arch arm --variant ${ARMV6_TAG}'
        }
      }
    }
    // ========================
    // cleanup
    // ========================
    stage('Latest Cleanup') {
      when {
        branch 'master'
      }
      steps {
        ansiColor('xterm') {
          sh 'docker rmi jc21/${IMAGE}:latest jc21/${IMAGE}:latest-${AMD64_TAG} jc21/${IMAGE}:latest-${ARM64_TAG} jc21/${IMAGE}:latest-${ARMV7_TAG} || echo ""'
          sh 'docker rmi jc21/${IMAGE}:${MAJOR_VERSION}-${AMD64_TAG} jc21/${IMAGE}:${MAJOR_VERSION}-${ARM64_TAG} jc21/${IMAGE}:${MAJOR_VERSION}-${ARMV7_TAG} || echo ""'
          sh 'docker rmi jc21/${IMAGE}:${TAG_VERSION}-${AMD64_TAG} jc21/${IMAGE}:${TAG_VERSION}-${ARM64_TAG} jc21/${IMAGE}:${TAG_VERSION}-${ARMV7_TAG} || echo ""'
        }
      }
    }
    stage('Develop Cleanup') {
      when {
        branch 'develop'
      }
      steps {
        ansiColor('xterm') {
          sh 'docker rmi jc21/${IMAGE}:develop jc21/${IMAGE}:develop-${AMD64_TAG} || echo ""'
        }
      }
    }
    stage('PR Cleanup') {
      when {
        changeRequest()
      }
      steps {
        ansiColor('xterm') {
          sh 'docker rmi jc21/${IMAGE}:github-${BRANCH_LOWER}-${AMD64_TAG} || echo ""'
        }
      }
    }
  }
@ -234,4 +358,3 @@ def getPackageVersion() {
  ver = sh(script: 'docker run --rm -v $(pwd):/data ${DOCKER_CI_TOOLS} bash -c "cat /data/package.json|jq -r \'.version\'"', returnStdout: true)
  return ver.trim()
 }
--- a/README.md
+++ b/README.md
@ -2,7 +2,7 @@
 # Nginx Proxy Manager
-![Version](https://img.shields.io/badge/version-2.0.11-green.svg?style=for-the-badge)
+![Version](https://img.shields.io/badge/version-2.0.13-green.svg?style=for-the-badge)
 ![Stars](https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge)
 ![Pulls](https://img.shields.io/docker/pulls/jc21/nginx-proxy-manager.svg?style=for-the-badge)
--- a/doc/DOCKERHUB.md
+++ b/doc/DOCKERHUB.md
@ -2,7 +2,7 @@
 # Nginx Proxy Manager
-![Version](https://img.shields.io/badge/version-2.0.11-green.svg?style=for-the-badge)
+![Version](https://img.shields.io/badge/version-2.0.13-green.svg?style=for-the-badge)
 ![Stars](https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge)
 ![Pulls](https://img.shields.io/docker/pulls/jc21/nginx-proxy-manager.svg?style=for-the-badge)
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "nginx-proxy-manager",
-  "version": "2.0.11",
+  "version": "2.0.13",
  "description": "A beautiful interface for creating Nginx endpoints",
  "main": "src/backend/index.js",
  "devDependencies": {
@ -28,7 +28,7 @@
    "numeral": "^2.0.6",
    "sass-loader": "^7.0.3",
    "style-loader": "^0.22.1",
-    "tabler-ui": "git+https://github.com/tabler/tabler.git",
+    "tabler-ui": "git+https://github.com/tabler/tabler.git#00f78ad823311bc3ad974ac3e5b0126198f0a813",
    "underscore": "^1.8.3",
    "webpack": "^4.25.1",
    "webpack-cli": "^3.1.2",
--- a/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf
+++ b/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf
@ -2,8 +2,8 @@ ssl_session_timeout 5m;
 ssl_session_cache shared:SSL:50m;
 # intermediate configuration. tweak to your needs.
-ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ssl_protocols TLSv1.2 TLSv1.3;
-ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-
+ssl_ciphers 'EECDH+AESGCM:AES256+EECDH:AES256+EDH:EDH+AESGCM:ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-
 ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AE
-S128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
+S128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES';
 ssl_prefer_server_ciphers on;
--- a/rootfs/etc/nginx/nginx.conf
+++ b/rootfs/etc/nginx/nginx.conf
@ -19,25 +19,26 @@ events {
 }
 http {
-  include                   /etc/nginx/mime.types;
+  include                       /etc/nginx/mime.types;
-  default_type              application/octet-stream;
+  default_type                  application/octet-stream;
-  sendfile                  on;
+  sendfile                      on;
-  server_tokens             off;
+  server_tokens                 off;
-  tcp_nopush                on;
+  tcp_nopush                    on;
-  tcp_nodelay               on;
+  tcp_nodelay                   on;
-  client_body_temp_path     /tmp/nginx/body 1 2;
+  client_body_temp_path         /tmp/nginx/body 1 2;
-  keepalive_timeout         65;
+  keepalive_timeout             65;
-  ssl_prefer_server_ciphers on;
+  ssl_prefer_server_ciphers     on;
-  gzip                      on;
+  gzip                          on;
-  proxy_ignore_client_abort off;
+  proxy_ignore_client_abort     off;
-  client_max_body_size      2000m;
+  client_max_body_size          2000m;
-  proxy_http_version        1.1;
+  server_names_hash_bucket_size 64;
-  proxy_set_header          X-Forwarded-Scheme $scheme;
+  proxy_http_version            1.1;
-  proxy_set_header          X-Forwarded-For $proxy_add_x_forwarded_for;
+  proxy_set_header              X-Forwarded-Scheme $scheme;
-  proxy_set_header          Accept-Encoding "";
+  proxy_set_header              X-Forwarded-For $proxy_add_x_forwarded_for;
-  proxy_cache               off;
+  proxy_set_header              Accept-Encoding "";
-  proxy_cache_path          /var/lib/nginx/cache/public  levels=1:2 keys_zone=public-cache:30m max_size=192m;
+  proxy_cache                   off;
-  proxy_cache_path          /var/lib/nginx/cache/private levels=1:2 keys_zone=private-cache:5m max_size=1024m;
+  proxy_cache_path              /var/lib/nginx/cache/public  levels=1:2 keys_zone=public-cache:30m max_size=192m;
  proxy_cache_path              /var/lib/nginx/cache/private levels=1:2 keys_zone=private-cache:5m max_size=1024m;
  # MISS
  # BYPASS
--- a/src/backend/app.js
+++ b/src/backend/app.js
@ -1,5 +1,3 @@
 'use strict';
 const path        = require('path');
 const express     = require('express');
 const bodyParser  = require('body-parser');
@ -48,7 +46,7 @@ app.use(function (req, res, next) {
    res.set({
        'Strict-Transport-Security': 'includeSubDomains; max-age=631138519; preload',
-        'X-XSS-Protection':          '0',
+        'X-XSS-Protection':          '1; mode=block',
        'X-Content-Type-Options':    'nosniff',
        'X-Frame-Options':           x_frame_options,
        'Cache-Control':             'no-cache, no-store, max-age=0, must-revalidate',
--- a/src/backend/db.js
+++ b/src/backend/db.js
@ -1,5 +1,3 @@
 'use strict';
 const config = require('config');
 if (!config.has('database')) {
--- a/src/backend/importer.js
+++ b/src/backend/importer.js
@ -1,10 +1,8 @@
 'use strict';
 const fs         = require('fs');
 const logger     = require('./logger').import;
 const utils      = require('./lib/utils');
 const batchflow  = require('batchflow');
-const debug_mode = process.env.NODE_ENV !== 'production';
+const debug_mode = process.env.NODE_ENV !== 'production' || !!process.env.DEBUG;
 const internalProxyHost       = require('./internal/proxy-host');
 const internalRedirectionHost = require('./internal/redirection-host');
--- a/src/backend/internal/access-list.js
+++ b/src/backend/internal/access-list.js
@ -1,5 +1,3 @@
 'use strict';
 const _                   = require('lodash');
 const fs                  = require('fs');
 const batchflow           = require('batchflow');
--- a/src/backend/internal/audit-log.js
+++ b/src/backend/internal/audit-log.js
@ -1,5 +1,3 @@
 'use strict';
 const error         = require('../lib/error');
 const auditLogModel = require('../models/audit-log');
@ -46,9 +44,9 @@ const internalAuditLog = {
     * @param   {Access}   access
     * @param   {Object}   data
     * @param   {String}   data.action
-     * @param   {Integer}  [data.user_id]
+     * @param   {Number}   [data.user_id]
-     * @param   {Integer}  [data.object_id]
+     * @param   {Number}   [data.object_id]
-     * @param   {Integer}  [data.object_type]
+     * @param   {Number}   [data.object_type]
     * @param   {Object}   [data.meta]
     * @returns {Promise}
     */
--- a/src/backend/internal/certificate.js
+++ b/src/backend/internal/certificate.js
@ -1,5 +1,3 @@
 'use strict';
 const fs               = require('fs');
 const _                = require('lodash');
 const logger           = require('../logger').ssl;
@ -9,19 +7,20 @@ const internalAuditLog = require('./audit-log');
 const tempWrite        = require('temp-write');
 const utils            = require('../lib/utils');
 const moment           = require('moment');
-const debug_mode       = process.env.NODE_ENV !== 'production';
+const debug_mode       = process.env.NODE_ENV !== 'production' || !!process.env.DEBUG;
 const le_staging       = process.env.NODE_ENV !== 'production';
 const internalNginx    = require('./nginx');
 const internalHost     = require('./host');
 const certbot_command  = '/usr/bin/certbot';
-function omissions () {
+function omissions() {
    return ['is_deleted'];
 }
 const internalCertificate = {
    allowed_ssl_files:   ['certificate', 'certificate_key', 'intermediate_certificate'],
-    interval_timeout:    1000 * 60 * 60 * 12, // 12 hours
+    interval_timeout:    1000 * 60 * 60, // 1 hour
    interval:            null,
    interval_processing: false,
@ -38,7 +37,7 @@ const internalCertificate = {
            internalCertificate.interval_processing = true;
            logger.info('Renewing SSL certs close to expiry...');
-            return utils.exec(certbot_command + ' renew -q ' + (debug_mode ? '--staging' : ''))
+            return utils.exec(certbot_command + ' renew -q ' + (le_staging ? '--staging' : ''))
                .then(result => {
                    logger.info(result);
@ -205,7 +204,7 @@ const internalCertificate = {
    /**
     * @param  {Access}  access
     * @param  {Object}  data
-     * @param  {Integer} data.id
+     * @param  {Number}  data.id
     * @param  {String}  [data.email]
     * @param  {String}  [data.name]
     * @return {Promise}
@ -251,7 +250,7 @@ const internalCertificate = {
    /**
     * @param  {Access}   access
     * @param  {Object}   data
-     * @param  {Integer}  data.id
+     * @param  {Number}   data.id
     * @param  {Array}    [data.expand]
     * @param  {Array}    [data.omit]
     * @return {Promise}
@ -297,7 +296,7 @@ const internalCertificate = {
    /**
     * @param {Access}  access
     * @param {Object}  data
-     * @param {Integer} data.id
+     * @param {Number}  data.id
     * @param {String}  [data.reason]
     * @returns {Promise}
     */
@ -381,7 +380,7 @@ const internalCertificate = {
    /**
     * Report use
     *
-     * @param   {Integer} user_id
+     * @param   {Number}  user_id
     * @param   {String}  visibility
     * @returns {Promise}
     */
@ -522,7 +521,7 @@ const internalCertificate = {
    /**
     * @param   {Access}  access
     * @param   {Object}  data
-     * @param   {Integer} data.id
+     * @param   {Number}  data.id
     * @param   {Object}  data.files
     * @returns {Promise}
     */
@ -719,9 +718,9 @@ const internalCertificate = {
        let cmd = certbot_command + ' certonly --cert-name "npm-' + certificate.id + '" --agree-tos ' +
            '--email "' + certificate.meta.letsencrypt_email + '" ' +
-            '--preferred-challenges "http" ' +
+            '--preferred-challenges "dns,http" ' +
            '-n -a webroot -d "' + certificate.domain_names.join(',') + '" ' +
-            (debug_mode ? '--staging' : '');
+            (le_staging ? '--staging' : '');
        if (debug_mode) {
            logger.info('Command:', cmd);
@ -734,6 +733,48 @@ const internalCertificate = {
            });
    },
    /**
     * @param   {Access}  access
     * @param   {Object}  data
     * @param   {Number}  data.id
     * @returns {Promise}
     */
    renew: (access, data) => {
        return access.can('certificates:update', data)
            .then(() => {
                return internalCertificate.get(access, data);
            })
            .then((certificate) => {
                if (certificate.provider === 'letsencrypt') {
                    return internalCertificate.renewLetsEncryptSsl(certificate)
                        .then(() => {
                            return internalCertificate.getCertificateInfoFromFile('/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem')
                        })
                        .then(cert_info => {
                            return certificateModel
                                .query()
                                .patchAndFetchById(certificate.id, {
                                    expires_on: certificateModel.raw('FROM_UNIXTIME(' + cert_info.dates.to + ')')
                                });
                        })
                        .then((updated_certificate) => {
                            // Add to audit log
                            return internalAuditLog.add(access, {
                                action:      'renewed',
                                object_type: 'certificate',
                                object_id:   updated_certificate.id,
                                meta:        updated_certificate
                            })
                                .then(() => {
                                    return updated_certificate;
                                });
                        })
                } else {
                    throw new error.ValidationError('Only Let\'sEncrypt certificates can be renewed');
                }
            })
    },
    /**
     * @param   {Object}  certificate   the certificate row
     * @returns {Promise}
@ -741,7 +782,7 @@ const internalCertificate = {
    renewLetsEncryptSsl: certificate => {
        logger.info('Renewing Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
-        let cmd = certbot_command + ' renew -n --force-renewal --disable-hook-validation --cert-name "npm-' + certificate.id + '" ' + (debug_mode ? '--staging' : '');
+        let cmd = certbot_command + ' renew -n --force-renewal --disable-hook-validation --cert-name "npm-' + certificate.id + '" ' + (le_staging ? '--staging' : '');
        if (debug_mode) {
            logger.info('Command:', cmd);
@ -762,17 +803,29 @@ const internalCertificate = {
    revokeLetsEncryptSsl: (certificate, throw_errors) => {
        logger.info('Revoking Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
-        let cmd = certbot_command + ' revoke --cert-path "/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem" ' + (debug_mode ? '--staging' : '');
+        let revoke_cmd = certbot_command + ' revoke --cert-path "/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem" ' + (le_staging ? '--staging' : '');
        let delete_cmd = certbot_command + ' delete --cert-name "npm-' + certificate.id + '" ' + (le_staging ? '--staging' : '');
        if (debug_mode) {
-            logger.info('Command:', cmd);
+            logger.info('Command:', revoke_cmd);
        }
-        return utils.exec(cmd)
+        return utils.exec(revoke_cmd)
-            .then(result => {
+            .then((result) => {
                logger.info(result);
                return result;
            })
            .then(() => {
                if (debug_mode) {
                    logger.info('Command:', delete_cmd);
                }
                return utils.exec(delete_cmd)
                    .then((result) => {
                        logger.info(result);
                        return result;
                    })
            })
            .catch(err => {
                if (debug_mode) {
                    logger.error(err.message);
@ -796,7 +849,7 @@ const internalCertificate = {
    /**
     * @param {Object}  in_use_result
-     * @param {Integer} in_use_result.total_count
+     * @param {Number}  in_use_result.total_count
     * @param {Array}   in_use_result.proxy_hosts
     * @param {Array}   in_use_result.redirection_hosts
     * @param {Array}   in_use_result.dead_hosts
@ -826,7 +879,7 @@ const internalCertificate = {
    /**
     * @param {Object}  in_use_result
-     * @param {Integer} in_use_result.total_count
+     * @param {Number}  in_use_result.total_count
     * @param {Array}   in_use_result.proxy_hosts
     * @param {Array}   in_use_result.redirection_hosts
     * @param {Array}   in_use_result.dead_hosts
--- a/src/backend/internal/dead-host.js
+++ b/src/backend/internal/dead-host.js
@ -1,5 +1,3 @@
 'use strict';
 const _                   = require('lodash');
 const error               = require('../lib/error');
 const deadHostModel       = require('../models/dead_host');
--- a/src/backend/internal/ip_ranges.js
+++ b/src/backend/internal/ip_ranges.js
@ -1,8 +1,5 @@
 'use strict';
 const https         = require('https');
 const fs            = require('fs');
 const _             = require('lodash');
 const logger        = require('../logger').ip_ranges;
 const error         = require('../lib/error');
 const internalNginx = require('./nginx');
--- a/src/backend/internal/nginx.js
+++ b/src/backend/internal/nginx.js
@ -4,7 +4,7 @@ const Liquid     = require('liquidjs');
 const logger     = require('../logger').nginx;
 const utils      = require('../lib/utils');
 const error      = require('../lib/error');
-const debug_mode = process.env.NODE_ENV !== 'production';
+const debug_mode = process.env.NODE_ENV !== 'production' || !!process.env.DEBUG;
 const internalNginx = {
@ -132,7 +132,7 @@ const internalNginx = {
    /**
     * Generates custom locations
-     * @param   {Object}  host 
+     * @param   {Object}  host
     * @returns {Promise}
     */
    renderLocations: (host) => {
@ -146,14 +146,23 @@ const internalNginx = {
                return;
            }
-            let renderer = new Liquid();
+            let renderer          = new Liquid();
            let renderedLocations = '';
            const locationRendering = async () => {
                for (let i = 0; i < host.locations.length; i++) {
-                    renderedLocations += await renderer.parseAndRender(template, host.locations[i]);
+                    let locationCopy = Object.assign({}, host.locations[i]);
                    if (locationCopy.forward_host.indexOf('/') > -1) {
                        const splitted = locationCopy.forward_host.split('/');
                        locationCopy.forward_host = splitted.shift();
                        locationCopy.forward_path = `/${splitted.join('/')}`;
                    }
                    renderedLocations += await renderer.parseAndRender(template, locationCopy);
                }
-            }
+            };
            locationRendering().then(() => resolve(renderedLocations));
        });
@ -198,10 +207,18 @@ const internalNginx = {
            }
            if (host.locations) {
-                origLocations = [].concat(host.locations);
+                origLocations    = [].concat(host.locations);
                locationsPromise = internalNginx.renderLocations(host).then((renderedLocations) => {
                    host.locations = renderedLocations;
                });
                // Allow someone who is using / custom location path to use it, and skip the default / location
                _.map(host.locations, (location) => {
                    if (location.path === '/') {
                        host.use_default_location = false;
                    }
                });
            } else {
                locationsPromise = Promise.resolve();
            }
--- a/src/backend/internal/proxy-host.js
+++ b/src/backend/internal/proxy-host.js
@ -25,7 +25,7 @@ const internalProxyHost = {
        }
        return access.can('proxy_hosts:create', data)
-            .then(access_data => {
+            .then(() => {
                // Get a list of the domain names and check each of them against existing records
                let domain_name_check_promises = [];
@ -52,7 +52,7 @@ const internalProxyHost = {
                    .omit(omissions())
                    .insertAndFetch(data);
            })
-            .then(row => {
+            .then((row) => {
                if (create_certificate) {
                    return internalCertificate.createQuickCertificate(access, data)
                        .then(cert => {
@ -69,21 +69,21 @@ const internalProxyHost = {
                    return row;
                }
            })
-            .then(row => {
+            .then((row) => {
                // re-fetch with cert
                return internalProxyHost.get(access, {
                    id:     row.id,
                    expand: ['certificate', 'owner', 'access_list']
                });
            })
-            .then(row => {
+            .then((row) => {
                // Configure nginx
                return internalNginx.configure(proxyHostModel, 'proxy_host', row)
                    .then(() => {
                        return row;
                    });
            })
-            .then(row => {
+            .then((row) => {
                // Audit log
                data.meta = _.assign({}, data.meta || {}, row.meta);
--- a/src/backend/internal/redirection-host.js
+++ b/src/backend/internal/redirection-host.js
@ -1,5 +1,3 @@
 'use strict';
 const _                    = require('lodash');
 const error                = require('../lib/error');
 const redirectionHostModel = require('../models/redirection_host');
--- a/src/backend/internal/report.js
+++ b/src/backend/internal/report.js
@ -1,5 +1,3 @@
 'use strict';
 const internalProxyHost       = require('./proxy-host');
 const internalRedirectionHost = require('./redirection-host');
 const internalDeadHost        = require('./dead-host');
--- a/src/backend/internal/stream.js
+++ b/src/backend/internal/stream.js
@ -1,5 +1,3 @@
 'use strict';
 const _                = require('lodash');
 const error            = require('../lib/error');
 const streamModel      = require('../models/stream');
--- a/src/backend/internal/token.js
+++ b/src/backend/internal/token.js
@ -1,5 +1,3 @@
 'use strict';
 const _          = require('lodash');
 const error      = require('../lib/error');
 const userModel  = require('../models/user');
--- a/src/backend/internal/user.js
+++ b/src/backend/internal/user.js
@ -1,5 +1,3 @@
 'use strict';
 const _                   = require('lodash');
 const error               = require('../lib/error');
 const userModel           = require('../models/user');
--- a/src/backend/lib/access.js
+++ b/src/backend/lib/access.js
@ -1,5 +1,3 @@
 'use strict';
 /**
 * Some Notes: This is a friggin complicated piece of code.
 *
--- a/src/backend/lib/error.js
+++ b/src/backend/lib/error.js
@ -1,5 +1,3 @@
 'use strict';
 const _    = require('lodash');
 const util = require('util');
--- a/src/backend/lib/express/cors.js
+++ b/src/backend/lib/express/cors.js
@ -1,5 +1,3 @@
 'use strict';
 const validator = require('../validator');
 module.exports = function (req, res, next) {
--- a/src/backend/lib/express/jwt-decode.js
+++ b/src/backend/lib/express/jwt-decode.js
@ -1,5 +1,3 @@
 'use strict';
 const Access = require('../access');
 module.exports = () => {
--- a/src/backend/lib/express/jwt.js
+++ b/src/backend/lib/express/jwt.js
@ -1,5 +1,3 @@
 'use strict';
 module.exports = function () {
    return function (req, res, next) {
        if (req.headers.authorization) {
--- a/src/backend/lib/express/pagination.js
+++ b/src/backend/lib/express/pagination.js
@ -1,5 +1,3 @@
 'use strict';
 let _ = require('lodash');
 module.exports = function (default_sort, default_offset, default_limit, max_limit) {
--- a/src/backend/lib/express/user-id-from-me.js
+++ b/src/backend/lib/express/user-id-from-me.js
@ -1,5 +1,3 @@
 'use strict';
 module.exports = (req, res, next) => {
    if (req.params.user_id === 'me' && res.locals.access) {
        req.params.user_id = res.locals.access.token.get('attrs').id;
--- a/src/backend/lib/helpers.js
+++ b/src/backend/lib/helpers.js
@ -1,7 +1,4 @@
 'use strict';
 const moment = require('moment');
 const _      = require('lodash');
 module.exports = {
--- a/src/backend/lib/migrate_template.js
+++ b/src/backend/lib/migrate_template.js
@ -1,5 +1,3 @@
 'use strict';
 const migrate_name = 'identifier_for_migrate';
 const logger       = require('../logger').migrate;
--- a/src/backend/lib/utils.js
+++ b/src/backend/lib/utils.js
@ -1,5 +1,3 @@
 'use strict';
 const exec = require('child_process').exec;
 module.exports = {
--- a/src/backend/lib/validator/api.js
+++ b/src/backend/lib/validator/api.js
@ -1,5 +1,3 @@
 'use strict';
 const error  = require('../error');
 const path   = require('path');
 const parser = require('json-schema-ref-parser');
--- a/src/backend/lib/validator/index.js
+++ b/src/backend/lib/validator/index.js
@ -1,5 +1,3 @@
 'use strict';
 const _           = require('lodash');
 const error       = require('../error');
 const definitions = require('../../schema/definitions.json');
--- a/src/backend/migrate.js
+++ b/src/backend/migrate.js
@ -1,5 +1,3 @@
 'use strict';
 const db     = require('./db');
 const logger = require('./logger').migrate;
--- a/src/backend/migrations/20180618015850_initial.js
+++ b/src/backend/migrations/20180618015850_initial.js
@ -1,5 +1,3 @@
 'use strict';
 const migrate_name = 'initial-schema';
 const logger       = require('../logger').migrate;
--- a/src/backend/migrations/20180929054513_websockets.js
+++ b/src/backend/migrations/20180929054513_websockets.js
@ -1,5 +1,3 @@
 'use strict';
 const migrate_name = 'websockets';
 const logger       = require('../logger').migrate;
--- a/src/backend/migrations/20181019052346_forward_host.js
+++ b/src/backend/migrations/20181019052346_forward_host.js
@ -1,5 +1,3 @@
 'use strict';
 const migrate_name = 'forward_host';
 const logger       = require('../logger').migrate;
--- a/src/backend/migrations/20181113041458_http2_support.js
+++ b/src/backend/migrations/20181113041458_http2_support.js
@ -1,5 +1,3 @@
 'use strict';
 const migrate_name = 'http2_support';
 const logger       = require('../logger').migrate;
--- a/src/backend/migrations/20181213013211_forward_scheme.js
+++ b/src/backend/migrations/20181213013211_forward_scheme.js
@ -1,5 +1,3 @@
 'use strict';
 const migrate_name = 'forward_scheme';
 const logger       = require('../logger').migrate;
--- a/src/backend/migrations/20190104035154_disabled.js
+++ b/src/backend/migrations/20190104035154_disabled.js
@ -1,5 +1,3 @@
 'use strict';
 const migrate_name = 'disabled';
 const logger       = require('../logger').migrate;
--- a/src/backend/migrations/20190215115310_customlocations.js
+++ b/src/backend/migrations/20190215115310_customlocations.js
@ -1,5 +1,3 @@
 'use strict';
 const migrate_name = 'custom_locations';
 const logger       = require('../logger').migrate;
--- a/src/backend/migrations/20190218060101_hsts.js
+++ b/src/backend/migrations/20190218060101_hsts.js
@ -1,5 +1,3 @@
 'use strict';
 const migrate_name = 'hsts';
 const logger       = require('../logger').migrate;
--- a/src/backend/models/access_list.js
+++ b/src/backend/models/access_list.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const db             = require('../db');
 const Model          = require('objection').Model;
 const User           = require('./user');
--- a/src/backend/models/access_list_auth.js
+++ b/src/backend/models/access_list_auth.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const db    = require('../db');
 const Model = require('objection').Model;
--- a/src/backend/models/audit-log.js
+++ b/src/backend/models/audit-log.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const db    = require('../db');
 const Model = require('objection').Model;
 const User  = require('./user');
--- a/src/backend/models/auth.js
+++ b/src/backend/models/auth.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const bcrypt = require('bcrypt');
 const db     = require('../db');
 const Model  = require('objection').Model;
--- a/src/backend/models/certificate.js
+++ b/src/backend/models/certificate.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const db    = require('../db');
 const Model = require('objection').Model;
 const User  = require('./user');
--- a/src/backend/models/dead_host.js
+++ b/src/backend/models/dead_host.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const db          = require('../db');
 const Model       = require('objection').Model;
 const User        = require('./user');
--- a/src/backend/models/proxy_host.js
+++ b/src/backend/models/proxy_host.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const db          = require('../db');
 const Model       = require('objection').Model;
 const User        = require('./user');
--- a/src/backend/models/redirection_host.js
+++ b/src/backend/models/redirection_host.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const db          = require('../db');
 const Model       = require('objection').Model;
 const User        = require('./user');
--- a/src/backend/models/stream.js
+++ b/src/backend/models/stream.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const db    = require('../db');
 const Model = require('objection').Model;
 const User  = require('./user');
--- a/src/backend/models/token.js
+++ b/src/backend/models/token.js
@ -3,8 +3,6 @@
 and then has abilities after that.
 */
 'use strict';
 const _      = require('lodash');
 const config = require('config');
 const jwt    = require('jsonwebtoken');
--- a/src/backend/models/user.js
+++ b/src/backend/models/user.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const db             = require('../db');
 const Model          = require('objection').Model;
 const UserPermission = require('./user_permission');
--- a/src/backend/models/user_permission.js
+++ b/src/backend/models/user_permission.js
@ -1,8 +1,6 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 'use strict';
 const db    = require('../db');
 const Model = require('objection').Model;
--- a/src/backend/routes/api/audit-log.js
+++ b/src/backend/routes/api/audit-log.js
@ -1,5 +1,3 @@
 'use strict';
 const express          = require('express');
 const validator        = require('../../lib/validator');
 const jwtdecode        = require('../../lib/express/jwt-decode');
--- a/src/backend/routes/api/main.js
+++ b/src/backend/routes/api/main.js
@ -1,5 +1,3 @@
 'use strict';
 const express = require('express');
 const pjson   = require('../../../../package.json');
 const error   = require('../../lib/error');
--- a/src/backend/routes/api/nginx/access_lists.js
+++ b/src/backend/routes/api/nginx/access_lists.js
@ -1,5 +1,3 @@
 'use strict';
 const express            = require('express');
 const validator          = require('../../../lib/validator');
 const jwtdecode          = require('../../../lib/express/jwt-decode');
--- a/src/backend/routes/api/nginx/certificates.js
+++ b/src/backend/routes/api/nginx/certificates.js
@ -1,5 +1,3 @@
 'use strict';
 const express             = require('express');
 const validator           = require('../../../lib/validator');
 const jwtdecode           = require('../../../lib/express/jwt-decode');
@ -94,13 +92,13 @@ router
                certificate_id: {
                    $ref: 'definitions#/definitions/id'
                },
-                expand:  {
+                expand:         {
                    $ref: 'definitions#/definitions/expand'
                }
            }
        }, {
            certificate_id: req.params.certificate_id,
-            expand:  (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null)
+            expand:         (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null)
        })
            .then(data => {
                return internalCertificate.get(res.locals.access, {
@ -181,6 +179,34 @@ router
        }
    });
 /**
 * Renew LE Certs
 *
 * /api/nginx/certificates/123/renew
 */
 router
    .route('/:certificate_id/renew')
    .options((req, res) => {
        res.sendStatus(204);
    })
    .all(jwtdecode())
    /**
     * POST /api/nginx/certificates/123/renew
     *
     * Renew certificate
     */
    .post((req, res, next) => {
        internalCertificate.renew(res.locals.access, {
            id: parseInt(req.params.certificate_id, 10)
        })
            .then(result => {
                res.status(200)
                    .send(result);
            })
            .catch(next);
    });
 /**
 * Validate Certs before saving
 *
--- a/src/backend/routes/api/nginx/dead_hosts.js
+++ b/src/backend/routes/api/nginx/dead_hosts.js
@ -1,5 +1,3 @@
 'use strict';
 const express          = require('express');
 const validator        = require('../../../lib/validator');
 const jwtdecode        = require('../../../lib/express/jwt-decode');
--- a/src/backend/routes/api/nginx/proxy_hosts.js
+++ b/src/backend/routes/api/nginx/proxy_hosts.js
@ -1,5 +1,3 @@
 'use strict';
 const express           = require('express');
 const validator         = require('../../../lib/validator');
 const jwtdecode         = require('../../../lib/express/jwt-decode');
--- a/src/backend/routes/api/nginx/redirection_hosts.js
+++ b/src/backend/routes/api/nginx/redirection_hosts.js
@ -1,5 +1,3 @@
 'use strict';
 const express                 = require('express');
 const validator               = require('../../../lib/validator');
 const jwtdecode               = require('../../../lib/express/jwt-decode');
--- a/src/backend/routes/api/nginx/streams.js
+++ b/src/backend/routes/api/nginx/streams.js
@ -1,5 +1,3 @@
 'use strict';
 const express        = require('express');
 const validator      = require('../../../lib/validator');
 const jwtdecode      = require('../../../lib/express/jwt-decode');
--- a/src/backend/routes/api/reports.js
+++ b/src/backend/routes/api/reports.js
@ -1,5 +1,3 @@
 'use strict';
 const express        = require('express');
 const jwtdecode      = require('../../lib/express/jwt-decode');
 const internalReport = require('../../internal/report');
--- a/src/backend/routes/api/tokens.js
+++ b/src/backend/routes/api/tokens.js
@ -1,5 +1,3 @@
 'use strict';
 const express       = require('express');
 const jwtdecode     = require('../../lib/express/jwt-decode');
 const internalToken = require('../../internal/token');
--- a/src/backend/routes/api/users.js
+++ b/src/backend/routes/api/users.js
@ -1,5 +1,3 @@
 'use strict';
 const express      = require('express');
 const validator    = require('../../lib/validator');
 const jwtdecode    = require('../../lib/express/jwt-decode');
--- a/src/backend/routes/main.js
+++ b/src/backend/routes/main.js
@ -1,8 +1,7 @@
 'use strict';
 const express = require('express');
 const fs      = require('fs');
 const PACKAGE = require('../../../package.json');
 const path    = require('path')
 const router = express.Router({
    caseSensitive: true,
@ -29,15 +28,22 @@ router.get(/(.*)/, function (req, res, next) {
            version: PACKAGE.version
        });
    } else {
-        fs.readFile('dist' + req.params.page, 'utf8', function (err, data) {
+        var p = path.normalize('dist' + req.params.page)
-            if (err) {
+        if (p.startsWith('dist')) { // Allow access to ressources under 'dist' directory only.
-                res.render('index', {
+            fs.readFile(p, 'utf8', function (err, data) {
-                    version: PACKAGE.version
+                if (err) {
-                });
+                    res.render('index', {
-            } else {
+                        version: PACKAGE.version
-                res.contentType('text/html').end(data);
+                    });
-            }
+                } else {
-        });
+                    res.contentType('text/html').end(data);
                }
            });
        } else {
            res.render('index', {
                version: PACKAGE.version
            });
        }
    }
 });
--- a/src/backend/schema/endpoints/proxy-hosts.json
+++ b/src/backend/schema/endpoints/proxy-hosts.json
@ -99,6 +99,9 @@
          "forward_port": {
            "$ref": "#/definitions/forward_port"
          },
          "forward_path": {
            "type": "string"
          },
          "advanced_config": {
            "type": "string"
          }
--- a/src/backend/setup.js
+++ b/src/backend/setup.js
@ -1,5 +1,3 @@
 'use strict';
 const fs                  = require('fs');
 const NodeRSA             = require('node-rsa');
 const config              = require('config');
@ -7,7 +5,7 @@ const logger              = require('./logger').setup;
 const userModel           = require('./models/user');
 const userPermissionModel = require('./models/user_permission');
 const authModel           = require('./models/auth');
-const debug_mode          = process.env.NODE_ENV !== 'production';
+const debug_mode          = process.env.NODE_ENV !== 'production' || !!process.env.DEBUG;
 module.exports = function () {
    return new Promise((resolve, reject) => {
--- a/src/backend/templates/_location.conf
+++ b/src/backend/templates/_location.conf
@ -3,7 +3,7 @@
    proxy_set_header X-Forwarded-Scheme $scheme;
    proxy_set_header X-Forwarded-Proto  $scheme;
    proxy_set_header X-Forwarded-For    $remote_addr;
-    proxy_pass       {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }};
+    proxy_pass       {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
    {{ advanced_config }}
  }
--- a/src/frontend/js/app/api.js
+++ b/src/frontend/js/app/api.js
@ -1,5 +1,3 @@
 'use strict';
 const $      = require('jquery');
 const _      = require('underscore');
 const Tokens = require('./tokens');
@ -11,8 +9,8 @@ const Tokens = require('./tokens');
 * @constructor
 */
 const ApiError = function (message, debug, code) {
-    let temp  = Error.call(this, message);
+    let temp     = Error.call(this, message);
-    temp.name = this.name = 'ApiError';
+    temp.name    = this.name = 'ApiError';
    this.stack   = temp.stack;
    this.message = temp.message;
    this.debug   = debug;
@ -35,7 +33,7 @@ ApiError.prototype = Object.create(Error.prototype, {
 * @param   {Object} [options]
 * @returns {Promise}
 */
-function fetch (verb, path, data, options) {
+function fetch(verb, path, data, options) {
    options = options || {};
    return new Promise(function (resolve, reject) {
@ -55,7 +53,7 @@ function fetch (verb, path, data, options) {
            contentType: options.contentType || 'application/json; charset=UTF-8',
            processData: options.processData || true,
            crossDomain: true,
-            timeout:     options.timeout ? options.timeout : 15000,
+            timeout:     options.timeout ? options.timeout : 30000,
            xhrFields:   {
                withCredentials: true
            },
@ -99,7 +97,7 @@ function fetch (verb, path, data, options) {
 * @param {Array} expand
 * @returns {String}
 */
-function makeExpansionString (expand) {
+function makeExpansionString(expand) {
    let items = [];
    _.forEach(expand, function (exp) {
        items.push(encodeURIComponent(exp));
@ -114,7 +112,7 @@ function makeExpansionString (expand) {
 * @param   {String}   [query]
 * @returns {Promise}
 */
-function getAllObjects (path, expand, query) {
+function getAllObjects(path, expand, query) {
    let params = [];
    if (typeof expand === 'object' && expand !== null && expand.length) {
@ -128,20 +126,7 @@ function getAllObjects (path, expand, query) {
    return fetch('get', path + (params.length ? '?' + params.join('&') : ''));
 }
-/**
+function FileUpload(path, fd) {
 * @param   {String}    path
 * @param   {FormData}  form_data
 * @returns {Promise}
 */
 function upload (path, form_data) {
    console.log('UPLOAD:', path, form_data);
    return fetch('post', path, form_data, {
        contentType: 'multipart/form-data',
        processData: false
    });
 }
 function FileUpload (path, fd) {
    return new Promise((resolve, reject) => {
        let xhr   = new XMLHttpRequest();
        let token = Tokens.getTopToken();
@ -214,7 +199,7 @@ module.exports = {
    Users: {
        /**
-         * @param   {Integer|String}  user_id
+         * @param   {Number|String}  user_id
         * @param   {Array}           [expand]
         * @returns {Promise}
         */
@ -639,6 +624,14 @@ module.exports = {
             */
            validate: function (form_data) {
                return FileUpload('nginx/certificates/validate', form_data);
            },
            /**
             * @param   {Number}  id
             * @returns {Promise}
             */
            renew: function (id) {
                return fetch('post', 'nginx/certificates/' + id + '/renew');
            }
        }
    },
--- a/src/frontend/js/app/audit-log/list/item.js
+++ b/src/frontend/js/app/audit-log/list/item.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn         = require('backbone.marionette');
 const Controller = require('../../controller');
 const template   = require('./item.ejs');
--- a/src/frontend/js/app/audit-log/list/main.js
+++ b/src/frontend/js/app/audit-log/list/main.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const ItemView = require('./item');
 const template = require('./main.ejs');
--- a/src/frontend/js/app/audit-log/main.js
+++ b/src/frontend/js/app/audit-log/main.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn            = require('backbone.marionette');
 const App           = require('../main');
 const AuditLogModel = require('../../models/audit-log');
--- a/src/frontend/js/app/audit-log/meta.js
+++ b/src/frontend/js/app/audit-log/meta.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const template = require('./meta.ejs');
--- a/src/frontend/js/app/cache.js
+++ b/src/frontend/js/app/cache.js
@ -1,5 +1,3 @@
 'use strict';
 const UserModel = require('../models/user');
 let cache = {
--- a/src/frontend/js/app/controller.js
+++ b/src/frontend/js/app/controller.js
@ -1,5 +1,3 @@
 'use strict';
 const Backbone = require('backbone');
 const Cache    = require('./cache');
 const Tokens   = require('./tokens');
@ -342,6 +340,19 @@ module.exports = {
        }
    },
    /**
     * Certificate Renew
     *
     * @param model
     */
    showNginxCertificateRenew: function (model) {
        if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
            require(['./main', './nginx/certificates/renew'], function (App, View) {
                App.UI.showModalDialog(new View({model: model}));
            });
        }
    },
    /**
     * Certificate Delete Confirm
     *
--- a/src/frontend/js/app/dashboard/main.js
+++ b/src/frontend/js/app/dashboard/main.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn         = require('backbone.marionette');
 const Cache      = require('../cache');
 const Controller = require('../controller');
--- a/src/frontend/js/app/empty/main.js
+++ b/src/frontend/js/app/empty/main.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const template = require('./main.ejs');
--- a/src/frontend/js/app/error/main.js
+++ b/src/frontend/js/app/error/main.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const template = require('./main.ejs');
--- a/src/frontend/js/app/help/main.js
+++ b/src/frontend/js/app/help/main.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const template = require('./main.ejs');
--- a/src/frontend/js/app/i18n.js
+++ b/src/frontend/js/app/i18n.js
@ -1,5 +1,3 @@
 'use strict';
 const Cache    = ('./cache');
 const messages = require('../i18n/messages.json');
--- a/src/frontend/js/app/main.js
+++ b/src/frontend/js/app/main.js
@ -1,5 +1,3 @@
 'use strict';
 const _          = require('underscore');
 const Backbone   = require('backbone');
 const Mn         = require('../lib/marionette');
--- a/src/frontend/js/app/nginx/access/delete.js
+++ b/src/frontend/js/app/nginx/access/delete.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const App      = require('../../main');
 const template = require('./delete.ejs');
--- a/src/frontend/js/app/nginx/access/form.js
+++ b/src/frontend/js/app/nginx/access/form.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn              = require('backbone.marionette');
 const App             = require('../../main');
 const AccessListModel = require('../../../models/access-list');
--- a/src/frontend/js/app/nginx/access/form/item.js
+++ b/src/frontend/js/app/nginx/access/form/item.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const template = require('./item.ejs');
--- a/src/frontend/js/app/nginx/access/list/item.js
+++ b/src/frontend/js/app/nginx/access/list/item.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const App      = require('../../../main');
 const template = require('./item.ejs');
--- a/src/frontend/js/app/nginx/access/list/main.js
+++ b/src/frontend/js/app/nginx/access/list/main.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const App      = require('../../../main');
 const ItemView = require('./item');
--- a/src/frontend/js/app/nginx/access/main.js
+++ b/src/frontend/js/app/nginx/access/main.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn              = require('backbone.marionette');
 const App             = require('../../main');
 const AccessListModel = require('../../../models/access-list');
--- a/src/frontend/js/app/nginx/certificates/delete.js
+++ b/src/frontend/js/app/nginx/certificates/delete.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const App      = require('../../main');
 const template = require('./delete.ejs');
@ -16,7 +14,6 @@ module.exports = Mn.View.extend({
    },
    events: {
        'click @ui.save': function (e) {
            e.preventDefault();
--- a/src/frontend/js/app/nginx/certificates/form.js
+++ b/src/frontend/js/app/nginx/certificates/form.js
@ -1,5 +1,3 @@
 'use strict';
 const _                = require('underscore');
 const Mn               = require('backbone.marionette');
 const App              = require('../../main');
--- a/src/frontend/js/app/nginx/certificates/list/item.ejs
+++ b/src/frontend/js/app/nginx/certificates/list/item.ejs
@ -5,16 +5,23 @@
 </td>
 <td>
    <div>
-        <% if (provider === 'letsencrypt') { %>
+        <%
-            <% domain_names.map(function(host) {
+        if (provider === 'letsencrypt') {
-                %>
+            domain_names.map(function(host) {
-                <span class="tag"><%- host %></span>
+                if (host.indexOf('*') === -1) {
-                <%
+                    %>
                    <span class="tag host-link hover-pink" rel="https://<%- host %>"><%- host %></span>
                    <%
                } else {
                    %>
                    <span class="tag"><%- host %></span>
                    <%
                }
            });
-            %>
+        } else {
-        <% } else { %>
+            %><%- nice_name %><%
-            <%- nice_name %>
+        }
-        <% } %>
+        %>
    </div>
    <div class="small text-muted">
        <%- i18n('str', 'created-on', {date: formatDbDate(created_on, 'Do MMMM YYYY')}) %>
@ -31,6 +38,10 @@
    <div class="item-action dropdown">
        <a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a>
        <div class="dropdown-menu dropdown-menu-right">
            <% if (provider === 'letsencrypt') { %>
                <a href="#" class="renew dropdown-item"><i class="dropdown-icon fe fe-refresh-cw"></i> <%- i18n('certificates', 'force-renew') %></a>
                <div class="dropdown-divider"></div>
            <% } %>
            <a href="#" class="delete dropdown-item"><i class="dropdown-icon fe fe-trash-2"></i> <%- i18n('str', 'delete') %></a>
        </div>
    </div>
--- a/src/frontend/js/app/nginx/certificates/list/item.js
+++ b/src/frontend/js/app/nginx/certificates/list/item.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const moment   = require('moment');
 const App      = require('../../../main');
@ -10,13 +8,26 @@ module.exports = Mn.View.extend({
    tagName:  'tr',
    ui: {
-        delete: 'a.delete'
+        host_link: '.host-link',
        renew:     'a.renew',
        delete:    'a.delete'
    },
    events: {
        'click @ui.renew': function (e) {
            e.preventDefault();
            App.Controller.showNginxCertificateRenew(this.model);
        },
        'click @ui.delete': function (e) {
            e.preventDefault();
            App.Controller.showNginxCertificateDeleteConfirm(this.model);
        },
        'click @ui.host_link': function (e) {
            e.preventDefault();
            let win = window.open($(e.currentTarget).attr('rel'), '_blank');
            win.focus();
        }
    },
--- a/src/frontend/js/app/nginx/certificates/list/main.js
+++ b/src/frontend/js/app/nginx/certificates/list/main.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn       = require('backbone.marionette');
 const App      = require('../../../main');
 const ItemView = require('./item');
--- a/src/frontend/js/app/nginx/certificates/main.js
+++ b/src/frontend/js/app/nginx/certificates/main.js
@ -1,5 +1,3 @@
 'use strict';
 const Mn               = require('backbone.marionette');
 const App              = require('../../main');
 const CertificateModel = require('../../../models/certificate');
--- a/src/frontend/js/app/nginx/certificates/renew.ejs
+++ b/src/frontend/js/app/nginx/certificates/renew.ejs
@ -0,0 +1,14 @@
 <div class="modal-content">
    <div class="modal-header">
        <h5 class="modal-title"><%- i18n('certificates', 'renew-title') %></h5>
    </div>
    <div class="modal-body">
        <div class="waiting text-center">
            <%= i18n('str', 'please-wait') %>
        </div>
        <div class="alert alert-danger error" role="alert"></div>
    </div>
    <div class="modal-footer">
        <button type="button" class="btn btn-secondary cancel" data-dismiss="modal" disabled><%- i18n('str', 'close') %></button>
    </div>
 </div>
--- a/src/frontend/js/app/nginx/certificates/renew.js
+++ b/src/frontend/js/app/nginx/certificates/renew.js
@ -0,0 +1,31 @@
 const Mn       = require('backbone.marionette');
 const App      = require('../../main');
 const template = require('./renew.ejs');
 module.exports = Mn.View.extend({
    template:  template,
    className: 'modal-dialog',
    ui: {
        waiting: '.waiting',
        error:   '.error',
        close:   'button.cancel'
    },
    onRender: function () {
        this.ui.error.hide();
        App.Api.Nginx.Certificates.renew(this.model.get('id'))
            .then((result) => {
                this.model.set(result);
                setTimeout(() => {
                    App.UI.closeModal();
                }, 1000);
            })
            .catch((err) => {
                this.ui.waiting.hide();
                this.ui.error.text(err.message).show();
                this.ui.close.prop('disabled', false);
            });
    }
 });
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Jamie Curnow	06272d3d2c	Use correct var when returning updated certificate	2019-05-09 10:03:41 +10:00
Jamie Curnow	3885c0ad6d	Add cert renewals to audit log	2019-05-09 09:20:49 +10:00
Jamie Curnow	099ec00155	Don't use LE staging when debug mode is on in production	2019-05-09 08:58:10 +10:00
Jamie Curnow	92fcae9c54	Added missing dialog for renewing certs	2019-05-08 15:34:14 +10:00
Jamie Curnow	22e8961c80	Fixes #104 - allow using / location in custom location	2019-05-08 15:33:54 +10:00
Jamie Curnow	4d5adefa41	Added ability to force renew a LE cert, and also fix revoking certs	2019-05-08 15:25:48 +10:00
Jamie Curnow	feaa0e51bd	Removed use strict	2019-05-08 15:24:57 +10:00
Jamie Curnow	af83cb57d0	Merge branch 'develop' of github.com:jc21/nginx-proxy-manager into develop	2019-05-08 11:23:50 +10:00
Jamie Curnow	8b4f3507c3	Revert to previous tabler version to hopefully fix ui issues	2019-05-08 11:21:59 +10:00
Jamie Curnow	bda3dba369	Revert to previous tabler version to hopefully fix ui issues	2019-05-08 10:53:44 +10:00
Jamie Curnow	beb313af40	Merge branch 'master' of github.com:jc21/nginx-proxy-manager into develop	2019-05-08 10:11:32 +10:00
OhHeyAlan	4fad9d672f	Correcting X-XSS-Protection Header (#136 ) * Correcting X-XSS-Protection Header X-XSS-Protection sets the configuration for the cross-site scripting filters built into most browsers. The best configuration is "X-XSS-Protection: 1; mode=block". Was "0" Now "1; mode=block" * Update issue templates	2019-05-08 10:11:05 +10:00
Carl Sutton	0fca64929e	Try DNS challenge in addition to http (#85 )	2019-05-08 10:07:43 +10:00
OhHeyAlan	9e476e5b24	Only Secure TLS Ciphers & Protocols (#134 ) Disable insecure SSL/TLS ciphers & protocols. Only TLS_1.2 and TLS_1.3 should be enabled.	2019-05-08 10:01:08 +10:00
Jamie Curnow	0819a265f5	Bumped version	2019-05-08 09:50:20 +10:00
jc21	ad8eac4f07	Update issue templates	2019-05-08 09:36:44 +10:00
Jamie Curnow	b49de0e23e	Enable TLS 1.3 by default	2019-05-02 13:03:16 +10:00
Stephen Roberts	efbd024da9	Update copyright year (#121 ) Updated the year in the copyright statement in the footer	2019-04-20 21:28:06 +10:00
Jocelyn Le Sage	e7ddcb91fc	Fixed directory traversal vulnerability. (#114 ) Awesome find!	2019-04-03 08:37:40 +10:00
Jamie Curnow	3095cff7d9	Forgot to change dockerfiles to match CI names	2019-03-19 07:01:12 +10:00
Jamie Curnow	6d8f5aa3a7	Version bump	2019-03-15 07:49:08 +10:00
Jamie Curnow	27a06850ff	CI Docker manifest improvements	2019-03-15 07:49:08 +10:00
Jamie Curnow	dce6423c85	Fixes #103 - Allow for longer domain names	2019-03-15 07:49:08 +10:00
kolbii	d79fcbf447	This commit resolves #98 so custom location can forward to custom path. (#99 ) Awesome work!	2019-03-11 13:52:09 +10:00
Jamie Curnow	631d9ae4eb	CI Changes, docker image tag changes and manifests	2019-03-07 09:45:01 +10:00
Jamie Curnow	0ac349ba67	CI Changes, docker image tag changes and manifests	2019-03-07 09:45:01 +10:00
Jamie Curnow	1b0563a4a6	CI Changes, docker image tag changes and manifests	2019-03-07 09:45:01 +10:00
Jamie Curnow	1db2a29d49	CI Changes, docker image tag changes and manifests	2019-03-07 09:45:01 +10:00
Jamie Curnow	14e62a0830	CI Changes, docker image tag changes and manifests	2019-03-07 09:45:01 +10:00
Jamie Curnow	2280a61c2b	CI Fix for arm64	2019-03-05 08:25:12 +10:00