Compare commits
15 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 9fcd32c2ca | |||
| 2657bcf30c | |||
| 86ad7d6238 | |||
| c97e6ada5b | |||
| cd40ca7f0a | |||
| e2ac3b4880 | |||
| 7f8b185e48 | |||
| e923db7e94 | |||
| e53d9fa3eb | |||
| 411734f392 | |||
| a457a40359 | |||
| caa183c8de | |||
| 0ea5014edb | |||
| 046cb0b76e | |||
| 9fd480cf77 |
@ -1,4 +1,4 @@
|
||||
FROM jc21/nginx-proxy-manager-base:armhf
|
||||
FROM jc21/nginx-proxy-manager-base:latest-armhf
|
||||
|
||||
MAINTAINER Jamie Curnow <jc@jc21.com>
|
||||
LABEL maintainer="Jamie Curnow <jc@jc21.com>"
|
||||
|
||||
78
Jenkinsfile
vendored
78
Jenkinsfile
vendored
@ -6,7 +6,7 @@ pipeline {
|
||||
agent any
|
||||
environment {
|
||||
IMAGE_NAME = "nginx-proxy-manager"
|
||||
BASE_IMAGE_NAME = "jc21/nginx-proxy-manager-base:v2"
|
||||
BASE_IMAGE_NAME = "jc21/nginx-proxy-manager-base:latest"
|
||||
TEMP_IMAGE_NAME = "nginx-proxy-manager-build_${BUILD_NUMBER}"
|
||||
TEMP_IMAGE_NAME_ARM = "nginx-proxy-manager-arm-build_${BUILD_NUMBER}"
|
||||
TAG_VERSION = getPackageVersion()
|
||||
@ -18,7 +18,41 @@ pipeline {
|
||||
sh 'docker pull $DOCKER_CI_TOOLS'
|
||||
}
|
||||
}
|
||||
stage('Build') {
|
||||
stage('Build Develop') {
|
||||
when {
|
||||
branch 'develop'
|
||||
}
|
||||
steps {
|
||||
ansiColor('xterm') {
|
||||
// Codebase
|
||||
sh 'docker run --rm -v $(pwd):/app -w /app $BASE_IMAGE_NAME yarn install'
|
||||
sh 'docker run --rm -v $(pwd):/app -w /app $BASE_IMAGE_NAME npm run-script build'
|
||||
sh 'rm -rf node_modules'
|
||||
sh 'docker run --rm -v $(pwd):/app -w /app $BASE_IMAGE_NAME yarn install --prod'
|
||||
sh 'docker run --rm -v $(pwd):/data $DOCKER_CI_TOOLS node-prune'
|
||||
|
||||
// Docker Build
|
||||
sh 'docker build --pull --no-cache --squash --compress -t $TEMP_IMAGE_NAME .'
|
||||
|
||||
// Dockerhub
|
||||
sh 'docker tag $TEMP_IMAGE_NAME docker.io/jc21/$IMAGE_NAME:develop'
|
||||
withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
|
||||
sh "docker login -u '${duser}' -p '$dpass'"
|
||||
sh 'docker push docker.io/jc21/$IMAGE_NAME:develop'
|
||||
}
|
||||
|
||||
// Private Registry
|
||||
sh 'docker tag $TEMP_IMAGE_NAME $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:develop'
|
||||
withCredentials([usernamePassword(credentialsId: 'jc21-private-registry', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
|
||||
sh "docker login -u '${duser}' -p '$dpass' $DOCKER_PRIVATE_REGISTRY"
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:develop'
|
||||
}
|
||||
|
||||
sh 'docker rmi $TEMP_IMAGE_NAME'
|
||||
}
|
||||
}
|
||||
}
|
||||
stage('Build Master') {
|
||||
parallel {
|
||||
stage('x86_64') {
|
||||
when {
|
||||
@ -36,14 +70,6 @@ pipeline {
|
||||
// Docker Build
|
||||
sh 'docker build --pull --no-cache --squash --compress -t $TEMP_IMAGE_NAME .'
|
||||
|
||||
// Private Registry
|
||||
sh 'docker tag $TEMP_IMAGE_NAME $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$TAG_VERSION'
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$TAG_VERSION'
|
||||
sh 'docker tag $TEMP_IMAGE_NAME $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$MAJOR_VERSION'
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$MAJOR_VERSION'
|
||||
sh 'docker tag $TEMP_IMAGE_NAME $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:latest'
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:latest'
|
||||
|
||||
// Dockerhub
|
||||
sh 'docker tag $TEMP_IMAGE_NAME docker.io/jc21/$IMAGE_NAME:$TAG_VERSION'
|
||||
sh 'docker tag $TEMP_IMAGE_NAME docker.io/jc21/$IMAGE_NAME:$MAJOR_VERSION'
|
||||
@ -56,6 +82,18 @@ pipeline {
|
||||
sh 'docker push docker.io/jc21/$IMAGE_NAME:latest'
|
||||
}
|
||||
|
||||
// Private Registry
|
||||
sh 'docker tag $TEMP_IMAGE_NAME $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$TAG_VERSION'
|
||||
sh 'docker tag $TEMP_IMAGE_NAME $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$MAJOR_VERSION'
|
||||
sh 'docker tag $TEMP_IMAGE_NAME $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:latest'
|
||||
|
||||
withCredentials([usernamePassword(credentialsId: 'jc21-private-registry', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
|
||||
sh "docker login -u '${duser}' -p '$dpass' $DOCKER_PRIVATE_REGISTRY"
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$TAG_VERSION'
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$MAJOR_VERSION'
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:latest'
|
||||
}
|
||||
|
||||
sh 'docker rmi $TEMP_IMAGE_NAME'
|
||||
}
|
||||
}
|
||||
@ -78,14 +116,6 @@ pipeline {
|
||||
// Docker Build
|
||||
sh 'docker build --pull --no-cache --squash --compress -t $TEMP_IMAGE_NAME_ARM -f Dockerfile.armhf .'
|
||||
|
||||
// Private Registry
|
||||
sh 'docker tag $TEMP_IMAGE_NAME_ARM $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$TAG_VERSION-armhf'
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$TAG_VERSION-armhf'
|
||||
sh 'docker tag $TEMP_IMAGE_NAME_ARM $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$MAJOR_VERSION-armhf'
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$MAJOR_VERSION-armhf'
|
||||
sh 'docker tag $TEMP_IMAGE_NAME_ARM $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:latest-armhf'
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:latest-armhf'
|
||||
|
||||
// Dockerhub
|
||||
sh 'docker tag $TEMP_IMAGE_NAME_ARM docker.io/jc21/$IMAGE_NAME:$TAG_VERSION-armhf'
|
||||
sh 'docker tag $TEMP_IMAGE_NAME_ARM docker.io/jc21/$IMAGE_NAME:$MAJOR_VERSION-armhf'
|
||||
@ -98,6 +128,18 @@ pipeline {
|
||||
sh 'docker push docker.io/jc21/$IMAGE_NAME:latest-armhf'
|
||||
}
|
||||
|
||||
// Private Registry
|
||||
sh 'docker tag $TEMP_IMAGE_NAME_ARM $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$TAG_VERSION-armhf'
|
||||
sh 'docker tag $TEMP_IMAGE_NAME_ARM $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$MAJOR_VERSION-armhf'
|
||||
sh 'docker tag $TEMP_IMAGE_NAME_ARM $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:latest-armhf'
|
||||
|
||||
withCredentials([usernamePassword(credentialsId: 'jc21-private-registry', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
|
||||
sh "docker login -u '${duser}' -p '$dpass' $DOCKER_PRIVATE_REGISTRY"
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$TAG_VERSION-armhf'
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:$MAJOR_VERSION-armhf'
|
||||
sh 'docker push $DOCKER_PRIVATE_REGISTRY/$IMAGE_NAME:latest-armhf'
|
||||
}
|
||||
|
||||
sh 'docker rmi $TEMP_IMAGE_NAME_ARM'
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
# Nginx Proxy Manager
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
17
TODO.md
17
TODO.md
@ -1,17 +0,0 @@
|
||||
# TODO
|
||||
|
||||
- Dashboard stats are caching instead of querying
|
||||
|
||||
Next version:
|
||||
|
||||
- UI Log tail
|
||||
- Enable/Disable a config
|
||||
|
||||
Testing:
|
||||
|
||||
- Access Levels
|
||||
- Adding a proxy host without access to read certs or access lists
|
||||
- Visibility
|
||||
- Forwarding
|
||||
- Cert renewals
|
||||
- Custom certs
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
# Nginx Proxy Manager
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@ -57,7 +57,7 @@ services:
|
||||
depends_on:
|
||||
- db
|
||||
db:
|
||||
image: mariadb
|
||||
image: jc21/mariadb-aria
|
||||
restart: always
|
||||
environment:
|
||||
MYSQL_ROOT_PASSWORD: "password123"
|
||||
|
||||
@ -17,7 +17,7 @@ services:
|
||||
# if you want pretty colors in your docker logs:
|
||||
- FORCE_COLOR=1
|
||||
db:
|
||||
image: mariadb
|
||||
image: jc21/mariadb-aria
|
||||
restart: always
|
||||
environment:
|
||||
MYSQL_ROOT_PASSWORD: "password123"
|
||||
|
||||
@ -11,6 +11,7 @@ services:
|
||||
- NODE_ENV=development
|
||||
- FORCE_COLOR=1
|
||||
volumes:
|
||||
- ./data:/data
|
||||
- ./data/letsencrypt:/etc/letsencrypt
|
||||
- .:/app
|
||||
- ./rootfs/etc/nginx:/etc/nginx
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "nginx-proxy-manager",
|
||||
"version": "2.0.5",
|
||||
"version": "2.0.7",
|
||||
"description": "A beautiful interface for creating Nginx endpoints",
|
||||
"main": "src/backend/index.js",
|
||||
"devDependencies": {
|
||||
|
||||
@ -8,8 +8,9 @@ server {
|
||||
|
||||
include conf.d/include/block-exploits.conf;
|
||||
|
||||
set $server 127.0.0.1;
|
||||
set $port 81;
|
||||
set $forward_scheme http;
|
||||
set $server 127.0.0.1;
|
||||
set $port 81;
|
||||
|
||||
location /health {
|
||||
access_log off;
|
||||
@ -46,7 +47,7 @@ server {
|
||||
|
||||
ssl_certificate /data/nginx/dummycert.pem;
|
||||
ssl_certificate_key /data/nginx/dummykey.pem;
|
||||
include conf.d/include/ssl-ciphers.conf;
|
||||
ssl_ciphers aNULL;
|
||||
|
||||
return 444;
|
||||
}
|
||||
|
||||
@ -3,4 +3,4 @@ proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Scheme $scheme;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_pass http://$server:$port;
|
||||
proxy_pass $forward_scheme://$server:$port;
|
||||
|
||||
@ -54,6 +54,11 @@ http {
|
||||
# Dynamically generated resolvers file
|
||||
include /etc/nginx/conf.d/include/resolvers.conf;
|
||||
|
||||
# Default upstream scheme
|
||||
map $host $forward_scheme {
|
||||
default http;
|
||||
}
|
||||
|
||||
# Files generated by NPM
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /data/nginx/proxy_host/*.conf;
|
||||
|
||||
@ -163,7 +163,7 @@ const internalProxyHost = {
|
||||
// Add domain_names to the data in case it isn't there, so that the audit log renders correctly. The order is important here.
|
||||
data = _.assign({}, {
|
||||
domain_names: row.domain_names
|
||||
},data);
|
||||
}, data);
|
||||
|
||||
return proxyHostModel
|
||||
.query()
|
||||
|
||||
51
src/backend/migrations/20181113041458_http2_support.js
Normal file
51
src/backend/migrations/20181113041458_http2_support.js
Normal file
@ -0,0 +1,51 @@
|
||||
'use strict';
|
||||
|
||||
const migrate_name = 'http2_support';
|
||||
const logger = require('../logger').migrate;
|
||||
|
||||
/**
|
||||
* Migrate
|
||||
*
|
||||
* @see http://knexjs.org/#Schema
|
||||
*
|
||||
* @param {Object} knex
|
||||
* @param {Promise} Promise
|
||||
* @returns {Promise}
|
||||
*/
|
||||
exports.up = function (knex/*, Promise*/) {
|
||||
logger.info('[' + migrate_name + '] Migrating Up...');
|
||||
|
||||
return knex.schema.table('proxy_host', function (proxy_host) {
|
||||
proxy_host.integer('http2_support').notNull().unsigned().defaultTo(0);
|
||||
})
|
||||
.then(() => {
|
||||
logger.info('[' + migrate_name + '] proxy_host Table altered');
|
||||
|
||||
return knex.schema.table('redirection_host', function (redirection_host) {
|
||||
redirection_host.integer('http2_support').notNull().unsigned().defaultTo(0);
|
||||
});
|
||||
})
|
||||
.then(() => {
|
||||
logger.info('[' + migrate_name + '] redirection_host Table altered');
|
||||
|
||||
return knex.schema.table('dead_host', function (dead_host) {
|
||||
dead_host.integer('http2_support').notNull().unsigned().defaultTo(0);
|
||||
});
|
||||
})
|
||||
.then(() => {
|
||||
logger.info('[' + migrate_name + '] dead_host Table altered');
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
* Undo Migrate
|
||||
*
|
||||
* @param {Object} knex
|
||||
* @param {Promise} Promise
|
||||
* @returns {Promise}
|
||||
*/
|
||||
exports.down = function (knex, Promise) {
|
||||
logger.warn('[' + migrate_name + '] You can\'t migrate down this one.');
|
||||
return Promise.resolve(true);
|
||||
};
|
||||
|
||||
36
src/backend/migrations/20181213013211_forward_scheme.js
Normal file
36
src/backend/migrations/20181213013211_forward_scheme.js
Normal file
@ -0,0 +1,36 @@
|
||||
'use strict';
|
||||
|
||||
const migrate_name = 'forward_scheme';
|
||||
const logger = require('../logger').migrate;
|
||||
|
||||
/**
|
||||
* Migrate
|
||||
*
|
||||
* @see http://knexjs.org/#Schema
|
||||
*
|
||||
* @param {Object} knex
|
||||
* @param {Promise} Promise
|
||||
* @returns {Promise}
|
||||
*/
|
||||
exports.up = function (knex/*, Promise*/) {
|
||||
logger.info('[' + migrate_name + '] Migrating Up...');
|
||||
|
||||
return knex.schema.table('proxy_host', function (proxy_host) {
|
||||
proxy_host.string('forward_scheme').notNull().defaultTo('http');
|
||||
})
|
||||
.then(() => {
|
||||
logger.info('[' + migrate_name + '] proxy_host Table altered');
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
* Undo Migrate
|
||||
*
|
||||
* @param {Object} knex
|
||||
* @param {Promise} Promise
|
||||
* @returns {Promise}
|
||||
*/
|
||||
exports.down = function (knex, Promise) {
|
||||
logger.warn('[' + migrate_name + '] You can\'t migrate down this one.');
|
||||
return Promise.resolve(true);
|
||||
};
|
||||
@ -186,6 +186,11 @@
|
||||
"type": "string",
|
||||
"pattern": "^(letsencrypt|other)$"
|
||||
},
|
||||
"http2_support": {
|
||||
"description": "HTTP2 Protocol Support",
|
||||
"example": false,
|
||||
"type": "boolean"
|
||||
},
|
||||
"block_exploits": {
|
||||
"description": "Should we block common exploits",
|
||||
"example": true,
|
||||
|
||||
@ -24,6 +24,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "../definitions.json#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "../definitions.json#/definitions/http2_support"
|
||||
},
|
||||
"advanced_config": {
|
||||
"type": "string"
|
||||
},
|
||||
@ -50,6 +53,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "#/definitions/http2_support"
|
||||
},
|
||||
"advanced_config": {
|
||||
"$ref": "#/definitions/advanced_config"
|
||||
},
|
||||
@ -101,6 +107,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "#/definitions/http2_support"
|
||||
},
|
||||
"advanced_config": {
|
||||
"$ref": "#/definitions/advanced_config"
|
||||
},
|
||||
@ -138,6 +147,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "#/definitions/http2_support"
|
||||
},
|
||||
"advanced_config": {
|
||||
"$ref": "#/definitions/advanced_config"
|
||||
},
|
||||
|
||||
@ -18,6 +18,10 @@
|
||||
"domain_names": {
|
||||
"$ref": "../definitions.json#/definitions/domain_names"
|
||||
},
|
||||
"forward_scheme": {
|
||||
"type": "string",
|
||||
"enum": ["http", "https"]
|
||||
},
|
||||
"forward_host": {
|
||||
"type": "string",
|
||||
"minLength": 1,
|
||||
@ -34,6 +38,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "../definitions.json#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "../definitions.json#/definitions/http2_support"
|
||||
},
|
||||
"block_exploits": {
|
||||
"$ref": "../definitions.json#/definitions/block_exploits"
|
||||
},
|
||||
@ -68,6 +75,9 @@
|
||||
"domain_names": {
|
||||
"$ref": "#/definitions/domain_names"
|
||||
},
|
||||
"forward_scheme": {
|
||||
"$ref": "#/definitions/forward_scheme"
|
||||
},
|
||||
"forward_host": {
|
||||
"$ref": "#/definitions/forward_host"
|
||||
},
|
||||
@ -80,6 +90,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "#/definitions/http2_support"
|
||||
},
|
||||
"block_exploits": {
|
||||
"$ref": "#/definitions/block_exploits"
|
||||
},
|
||||
@ -132,6 +145,7 @@
|
||||
"additionalProperties": false,
|
||||
"required": [
|
||||
"domain_names",
|
||||
"forward_scheme",
|
||||
"forward_host",
|
||||
"forward_port"
|
||||
],
|
||||
@ -139,6 +153,9 @@
|
||||
"domain_names": {
|
||||
"$ref": "#/definitions/domain_names"
|
||||
},
|
||||
"forward_scheme": {
|
||||
"$ref": "#/definitions/forward_scheme"
|
||||
},
|
||||
"forward_host": {
|
||||
"$ref": "#/definitions/forward_host"
|
||||
},
|
||||
@ -151,6 +168,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "#/definitions/http2_support"
|
||||
},
|
||||
"block_exploits": {
|
||||
"$ref": "#/definitions/block_exploits"
|
||||
},
|
||||
@ -194,6 +214,9 @@
|
||||
"domain_names": {
|
||||
"$ref": "#/definitions/domain_names"
|
||||
},
|
||||
"forward_scheme": {
|
||||
"$ref": "#/definitions/forward_scheme"
|
||||
},
|
||||
"forward_host": {
|
||||
"$ref": "#/definitions/forward_host"
|
||||
},
|
||||
@ -206,6 +229,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "#/definitions/http2_support"
|
||||
},
|
||||
"block_exploits": {
|
||||
"$ref": "#/definitions/block_exploits"
|
||||
},
|
||||
|
||||
@ -32,6 +32,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "../definitions.json#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "../definitions.json#/definitions/http2_support"
|
||||
},
|
||||
"block_exploits": {
|
||||
"$ref": "../definitions.json#/definitions/block_exploits"
|
||||
},
|
||||
@ -67,6 +70,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "#/definitions/http2_support"
|
||||
},
|
||||
"block_exploits": {
|
||||
"$ref": "#/definitions/block_exploits"
|
||||
},
|
||||
@ -128,6 +134,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "#/definitions/http2_support"
|
||||
},
|
||||
"block_exploits": {
|
||||
"$ref": "#/definitions/block_exploits"
|
||||
},
|
||||
@ -174,6 +183,9 @@
|
||||
"ssl_forced": {
|
||||
"$ref": "#/definitions/ssl_forced"
|
||||
},
|
||||
"http2_support": {
|
||||
"$ref": "#/definitions/http2_support"
|
||||
},
|
||||
"block_exploits": {
|
||||
"$ref": "#/definitions/block_exploits"
|
||||
},
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
listen 80;
|
||||
{% if certificate -%}
|
||||
listen 443 ssl;
|
||||
listen 443 ssl{% if http2_support %} http2{% endif %};
|
||||
{% endif %}
|
||||
server_name {{ domain_names | join: " " }};
|
||||
server_name {{ domain_names | join: " " }};
|
||||
|
||||
@ -1,8 +1,9 @@
|
||||
{% include "_header_comment.conf" %}
|
||||
|
||||
server {
|
||||
set $server "{{ forward_host }}";
|
||||
set $port {{ forward_port }};
|
||||
set $forward_scheme {{ forward_scheme }};
|
||||
set $server "{{ forward_host }}";
|
||||
set $port {{ forward_port }};
|
||||
|
||||
{% include "_listen.conf" %}
|
||||
{% include "_certificates.conf" %}
|
||||
@ -22,11 +23,11 @@ server {
|
||||
|
||||
{% include "_forced_ssl.conf" %}
|
||||
|
||||
{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_http_version 1.1;
|
||||
{% endif %}
|
||||
{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_http_version 1.1;
|
||||
{% endif %}
|
||||
|
||||
# Proxy!
|
||||
include conf.d/include/proxy.conf;
|
||||
|
||||
@ -36,7 +36,7 @@
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-12 col-md-12">
|
||||
<div class="col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
<label class="custom-switch">
|
||||
<input type="checkbox" class="custom-switch-input" name="ssl_forced" value="1"<%- ssl_forced ? ' checked' : '' %><%- certificate_id ? '' : ' disabled' %>>
|
||||
@ -45,6 +45,15 @@
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
<label class="custom-switch">
|
||||
<input type="checkbox" class="custom-switch-input" name="http2_support" value="1"<%- http2_support ? ' checked' : '' %><%- certificate_id ? '' : ' disabled' %>>
|
||||
<span class="custom-switch-indicator"></span>
|
||||
<span class="custom-switch-description"><%- i18n('all-hosts', 'http2-support') %></span>
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Lets encrypt -->
|
||||
<div class="col-sm-12 col-md-12 letsencrypt">
|
||||
|
||||
@ -22,6 +22,7 @@ module.exports = Mn.View.extend({
|
||||
save: 'button.save',
|
||||
certificate_select: 'select[name="certificate_id"]',
|
||||
ssl_forced: 'input[name="ssl_forced"]',
|
||||
http2_support: 'input[name="http2_support"]',
|
||||
letsencrypt: '.letsencrypt'
|
||||
},
|
||||
|
||||
@ -35,7 +36,11 @@ module.exports = Mn.View.extend({
|
||||
}
|
||||
|
||||
let enabled = id === 'new' || parseInt(id, 10) > 0;
|
||||
this.ui.ssl_forced.prop('disabled', !enabled).parents('.form-group').css('opacity', enabled ? 1 : 0.5);
|
||||
this.ui.ssl_forced.add(this.ui.http2_support)
|
||||
.prop('disabled', !enabled)
|
||||
.parents('.form-group')
|
||||
.css('opacity', enabled ? 1 : 0.5);
|
||||
this.ui.http2_support.prop('disabled', !enabled);
|
||||
},
|
||||
|
||||
'click @ui.save': function (e) {
|
||||
@ -54,6 +59,10 @@ module.exports = Mn.View.extend({
|
||||
data.ssl_forced = true;
|
||||
}
|
||||
|
||||
if (typeof data.http2_support !== 'undefined') {
|
||||
data.http2_support = !!data.http2_support;
|
||||
}
|
||||
|
||||
if (typeof data.domain_names === 'string' && data.domain_names) {
|
||||
data.domain_names = data.domain_names.split(',');
|
||||
}
|
||||
@ -74,7 +83,7 @@ module.exports = Mn.View.extend({
|
||||
|
||||
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1';
|
||||
} else {
|
||||
data.certificate_id = parseInt(data.certificate_id, 0);
|
||||
data.certificate_id = parseInt(data.certificate_id, 10);
|
||||
}
|
||||
|
||||
let method = App.Api.Nginx.DeadHosts.create;
|
||||
|
||||
@ -20,7 +20,16 @@
|
||||
<input type="text" name="domain_names" class="form-control" id="input-domains" value="<%- domain_names.join(',') %>" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-8 col-md-8">
|
||||
<div class="col-sm-3 col-md-3">
|
||||
<div class="form-group">
|
||||
<label class="form-label"><%- i18n('proxy-hosts', 'forward-scheme') %><span class="form-required">*</span></label>
|
||||
<select name="forward_scheme" class="form-control custom-select" placeholder="http">
|
||||
<option value="http" <%- forward_scheme === 'http' ? 'selected' : '' %>>http</option>
|
||||
<option value="https" <%- forward_scheme === 'https' ? 'selected' : '' %>>https</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-5 col-md-5">
|
||||
<div class="form-group">
|
||||
<label class="form-label"><%- i18n('proxy-hosts', 'forward-host') %><span class="form-required">*</span></label>
|
||||
<input type="text" name="forward_host" class="form-control text-monospace" placeholder="" value="<%- forward_host %>" autocomplete="off" maxlength="50" required>
|
||||
@ -59,6 +68,7 @@
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="col-sm-12 col-md-12">
|
||||
<div class="form-group">
|
||||
<label class="form-label"><%- i18n('proxy-hosts', 'access-list') %></label>
|
||||
@ -82,7 +92,7 @@
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-12 col-md-12">
|
||||
<div class="col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
<label class="custom-switch">
|
||||
<input type="checkbox" class="custom-switch-input" name="ssl_forced" value="1"<%- ssl_forced ? ' checked' : '' %><%- certificate_id ? '' : ' disabled' %>>
|
||||
@ -91,6 +101,15 @@
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
<label class="custom-switch">
|
||||
<input type="checkbox" class="custom-switch-input" name="http2_support" value="1"<%- http2_support ? ' checked' : '' %><%- certificate_id ? '' : ' disabled' %>>
|
||||
<span class="custom-switch-indicator"></span>
|
||||
<span class="custom-switch-description"><%- i18n('all-hosts', 'http2-support') %></span>
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Lets encrypt -->
|
||||
<div class="col-sm-12 col-md-12 letsencrypt">
|
||||
|
||||
@ -25,6 +25,8 @@ module.exports = Mn.View.extend({
|
||||
certificate_select: 'select[name="certificate_id"]',
|
||||
access_list_select: 'select[name="access_list_id"]',
|
||||
ssl_forced: 'input[name="ssl_forced"]',
|
||||
http2_support: 'input[name="http2_support"]',
|
||||
forward_scheme: 'select[name="forward_scheme"]',
|
||||
letsencrypt: '.letsencrypt'
|
||||
},
|
||||
|
||||
@ -38,7 +40,10 @@ module.exports = Mn.View.extend({
|
||||
}
|
||||
|
||||
let enabled = id === 'new' || parseInt(id, 10) > 0;
|
||||
this.ui.ssl_forced.prop('disabled', !enabled).parents('.form-group').css('opacity', enabled ? 1 : 0.5);
|
||||
this.ui.ssl_forced.add(this.ui.http2_support)
|
||||
.prop('disabled', !enabled)
|
||||
.parents('.form-group')
|
||||
.css('opacity', enabled ? 1 : 0.5);
|
||||
},
|
||||
|
||||
'click @ui.save': function (e) {
|
||||
@ -53,15 +58,19 @@ module.exports = Mn.View.extend({
|
||||
let data = this.ui.form.serializeJSON();
|
||||
|
||||
// Manipulate
|
||||
data.forward_port = parseInt(data.forward_port, 10);
|
||||
data.block_exploits = !!data.block_exploits;
|
||||
data.caching_enabled = !!data.caching_enabled;
|
||||
data.allow_websocket_upgrade = !!data.allow_websocket_upgrade;
|
||||
data.forward_port = parseInt(data.forward_port, 10);
|
||||
data.block_exploits = !!data.block_exploits;
|
||||
data.caching_enabled = !!data.caching_enabled;
|
||||
data.allow_websocket_upgrade = !!data.allow_websocket_upgrade;
|
||||
|
||||
if (typeof data.ssl_forced !== 'undefined' && data.ssl_forced === '1') {
|
||||
data.ssl_forced = true;
|
||||
}
|
||||
|
||||
if (typeof data.http2_support !== 'undefined') {
|
||||
data.http2_support = !!data.http2_support;
|
||||
}
|
||||
|
||||
if (typeof data.domain_names === 'string' && data.domain_names) {
|
||||
data.domain_names = data.domain_names.split(',');
|
||||
}
|
||||
@ -82,7 +91,7 @@ module.exports = Mn.View.extend({
|
||||
|
||||
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1';
|
||||
} else {
|
||||
data.certificate_id = parseInt(data.certificate_id, 0);
|
||||
data.certificate_id = parseInt(data.certificate_id, 10);
|
||||
}
|
||||
|
||||
let method = App.Api.Nginx.ProxyHosts.create;
|
||||
@ -137,7 +146,6 @@ module.exports = Mn.View.extend({
|
||||
});
|
||||
|
||||
// Access Lists
|
||||
this.ui.letsencrypt.hide();
|
||||
this.ui.access_list_select.selectize({
|
||||
valueField: 'id',
|
||||
labelField: 'name',
|
||||
|
||||
@ -23,7 +23,7 @@
|
||||
</div>
|
||||
</td>
|
||||
<td>
|
||||
<div class="text-monospace"><%- forward_host %>:<%- forward_port %></div>
|
||||
<div class="text-monospace"><%- forward_scheme %>://<%- forward_host %>:<%- forward_port %></div>
|
||||
</td>
|
||||
<td>
|
||||
<div><%- certificate && certificate_id ? i18n('ssl', certificate.provider) : i18n('ssl', 'none') %></div>
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-12 col-md-12">
|
||||
<div class="col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
<label class="custom-switch">
|
||||
<input type="checkbox" class="custom-switch-input" name="ssl_forced" value="1"<%- ssl_forced ? ' checked' : '' %><%- certificate_id ? '' : ' disabled' %>>
|
||||
@ -69,6 +69,15 @@
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
<label class="custom-switch">
|
||||
<input type="checkbox" class="custom-switch-input" name="http2_support" value="1"<%- http2_support ? ' checked' : '' %><%- certificate_id ? '' : ' disabled' %>>
|
||||
<span class="custom-switch-indicator"></span>
|
||||
<span class="custom-switch-description"><%- i18n('all-hosts', 'http2-support') %></span>
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Lets encrypt -->
|
||||
<div class="col-sm-12 col-md-12 letsencrypt">
|
||||
|
||||
@ -22,6 +22,7 @@ module.exports = Mn.View.extend({
|
||||
save: 'button.save',
|
||||
certificate_select: 'select[name="certificate_id"]',
|
||||
ssl_forced: 'input[name="ssl_forced"]',
|
||||
http2_support: 'input[name="http2_support"]',
|
||||
letsencrypt: '.letsencrypt'
|
||||
},
|
||||
|
||||
@ -35,7 +36,11 @@ module.exports = Mn.View.extend({
|
||||
}
|
||||
|
||||
let enabled = id === 'new' || parseInt(id, 10) > 0;
|
||||
this.ui.ssl_forced.prop('disabled', !enabled).parents('.form-group').css('opacity', enabled ? 1 : 0.5);
|
||||
this.ui.ssl_forced.add(this.ui.http2_support)
|
||||
.prop('disabled', !enabled)
|
||||
.parents('.form-group')
|
||||
.css('opacity', enabled ? 1 : 0.5);
|
||||
this.ui.http2_support.prop('disabled', !enabled);
|
||||
},
|
||||
|
||||
'click @ui.save': function (e) {
|
||||
@ -57,6 +62,10 @@ module.exports = Mn.View.extend({
|
||||
data.ssl_forced = true;
|
||||
}
|
||||
|
||||
if (typeof data.http2_support !== 'undefined') {
|
||||
data.http2_support = !!data.http2_support;
|
||||
}
|
||||
|
||||
if (typeof data.domain_names === 'string' && data.domain_names) {
|
||||
data.domain_names = data.domain_names.split(',');
|
||||
}
|
||||
@ -77,7 +86,7 @@ module.exports = Mn.View.extend({
|
||||
|
||||
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1';
|
||||
} else {
|
||||
data.certificate_id = parseInt(data.certificate_id, 0);
|
||||
data.certificate_id = parseInt(data.certificate_id, 10);
|
||||
}
|
||||
|
||||
let method = App.Api.Nginx.RedirectionHosts.create;
|
||||
|
||||
@ -65,6 +65,7 @@
|
||||
"details": "Details",
|
||||
"enable-ssl": "Enable SSL",
|
||||
"force-ssl": "Force SSL",
|
||||
"http2-support": "HTTP/2 Support",
|
||||
"domain-names": "Domain Names",
|
||||
"cert-provider": "Certificate Provider",
|
||||
"block-exploits": "Block Common Exploits",
|
||||
@ -92,6 +93,7 @@
|
||||
"empty": "There are no Proxy Hosts",
|
||||
"add": "Add Proxy Host",
|
||||
"form-title": "{id, select, undefined{New} other{Edit}} Proxy Host",
|
||||
"forward-scheme": "Scheme",
|
||||
"forward-host": "Forward Hostname / IP",
|
||||
"forward-port": "Forward Port",
|
||||
"delete": "Delete Proxy Host",
|
||||
@ -99,7 +101,8 @@
|
||||
"help-title": "What is a Proxy Host?",
|
||||
"help-content": "A Proxy Host is the incoming endpoint for a web service that you want to forward.\nIt provides optional SSL termination for your service that might not have SSL support built in.\nProxy Hosts are the most common use for the Nginx Proxy Manager.",
|
||||
"access-list": "Access List",
|
||||
"allow-websocket-upgrade": "Allow Websocket HTTP Upgrades"
|
||||
"allow-websocket-upgrade": "Websockets Support",
|
||||
"ignore-invalid-upstream-ssl": "Ignore Invalid SSL"
|
||||
},
|
||||
"redirection-hosts": {
|
||||
"title": "Redirection Hosts",
|
||||
|
||||
@ -13,6 +13,7 @@ const model = Backbone.Model.extend({
|
||||
domain_names: [],
|
||||
certificate_id: 0,
|
||||
ssl_forced: false,
|
||||
http2_support: false,
|
||||
meta: {},
|
||||
advanced_config: '',
|
||||
// The following are expansions:
|
||||
|
||||
@ -11,6 +11,7 @@ const model = Backbone.Model.extend({
|
||||
created_on: null,
|
||||
modified_on: null,
|
||||
domain_names: [],
|
||||
forward_scheme: 'http',
|
||||
forward_host: '',
|
||||
forward_port: null,
|
||||
access_list_id: 0,
|
||||
@ -19,6 +20,7 @@ const model = Backbone.Model.extend({
|
||||
caching_enabled: false,
|
||||
allow_websocket_upgrade: false,
|
||||
block_exploits: false,
|
||||
http2_support: false,
|
||||
advanced_config: '',
|
||||
meta: {},
|
||||
// The following are expansions:
|
||||
|
||||
@ -16,6 +16,7 @@ const model = Backbone.Model.extend({
|
||||
certificate_id: 0,
|
||||
ssl_forced: false,
|
||||
block_exploits: false,
|
||||
http2_support: false,
|
||||
advanced_config: '',
|
||||
meta: {},
|
||||
// The following are expansions:
|
||||
|
||||
Reference in New Issue
Block a user