Merge pull request #416 from jc21/develop

v2.2.4

.github/ISSUE_TEMPLATE/product_support.md

@@ -0,0 +1,16 @@
+---
+name: Product Support
+about: Need help configuring the software?
+title: ''
+labels: product-support
+assignees: ''
+
+---
+
+**Checklist**
+- Please read the [setup instructions](https://nginxproxymanager.com/setup/)
+- Please read the [FAQ](https://nginxproxymanager.com/faq/)
+
+**What is troubling you?**
+
+_Clear and concise description of what you're trying to do and what isn't working for you_

.version

@@ -1 +1 @@
-2.2.2
+2.2.4

README.md

@@ -1,7 +1,7 @@
 <p align="center">
   <img src="https://nginxproxymanager.com/github.png">
   <br><br>
-  <img src="https://img.shields.io/badge/version-2.2.2-green.svg?style=for-the-badge">
+  <img src="https://img.shields.io/badge/version-2.2.4-green.svg?style=for-the-badge">
   <a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
     <img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
   </a>

backend/internal/access-list.js

@@ -1,14 +1,15 @@
-const _                   = require('lodash');
-const fs                  = require('fs');
-const batchflow           = require('batchflow');
-const logger              = require('../logger').access;
-const error               = require('../lib/error');
-const accessListModel     = require('../models/access_list');
-const accessListAuthModel = require('../models/access_list_auth');
-const proxyHostModel      = require('../models/proxy_host');
-const internalAuditLog    = require('./audit-log');
-const internalNginx       = require('./nginx');
-const utils               = require('../lib/utils');
+const _                     = require('lodash');
+const fs                    = require('fs');
+const batchflow             = require('batchflow');
+const logger                = require('../logger').access;
+const error                 = require('../lib/error');
+const accessListModel       = require('../models/access_list');
+const accessListAuthModel   = require('../models/access_list_auth');
+const accessListClientModel = require('../models/access_list_client');
+const proxyHostModel        = require('../models/proxy_host');
+const internalAuditLog      = require('./audit-log');
+const internalNginx         = require('./nginx');
+const utils                 = require('../lib/utils');
 
 function omissions () {
 	return ['is_deleted'];
@@ -29,14 +30,16 @@ const internalAccessList = {
 					.omit(omissions())
 					.insertAndFetch({
 						name:          data.name,
+						satisfy_any:   data.satisfy_any,
 						owner_user_id: access.token.getUserId(1)
 					});
 			})
 			.then((row) => {
 				data.id = row.id;
 
-				// Now add the items
 				let promises = [];
+
+				// Now add the items
 				data.items.map((item) => {
 					promises.push(accessListAuthModel
 						.query()
@@ -48,13 +51,27 @@ const internalAccessList = {
 					);
 				});
 
+				// Now add the clients
+				if (typeof data.clients !== 'undefined' && data.clients) {
+					data.clients.map((client) => {
+						promises.push(accessListClientModel
+							.query()
+							.insert({
+								access_list_id: row.id,
+								address:        client.address,
+								directive:      client.directive
+							})
+						);
+					});
+				}
+
 				return Promise.all(promises);
 			})
 			.then(() => {
 				// re-fetch with expansions
 				return internalAccessList.get(access, {
 					id:     data.id,
-					expand: ['owner', 'items']
+					expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients']
 				}, true /* <- skip masking */);
 			})
 			.then((row) => {
@@ -64,7 +81,7 @@ const internalAccessList = {
 				return internalAccessList.build(row)
 					.then(() => {
 						if (row.proxy_host_count) {
-							return internalNginx.reload();
+							return internalNginx.bulkGenerateConfigs('proxy_host', row.proxy_hosts);
 						}
 					})
 					.then(() => {
@@ -109,7 +126,8 @@ const internalAccessList = {
 						.query()
 						.where({id: data.id})
 						.patch({
-							name: data.name
+							name:        data.name,
+							satisfy_any: data.satisfy_any,
 						});
 				}
 			})
@@ -153,6 +171,38 @@ const internalAccessList = {
 						});
 				}
 			})
+			.then(() => {
+				// Check for clients and add/update/remove them
+				if (typeof data.clients !== 'undefined' && data.clients) {
+					let promises = [];
+
+					data.clients.map(function (client) {
+						if (client.address) {
+							promises.push(accessListClientModel
+								.query()
+								.insert({
+									access_list_id: data.id,
+									address:        client.address,
+									directive:      client.directive
+								})
+							);
+						}
+					});
+
+					let query = accessListClientModel
+						.query()
+						.delete()
+						.where('access_list_id', data.id);
+
+					return query
+						.then(() => {
+							// Add new items
+							if (promises.length) {
+								return Promise.all(promises);
+							}
+						});
+				}
+			})
 			.then(() => {
 				// Add to audit log
 				return internalAuditLog.add(access, {
@@ -166,14 +216,14 @@ const internalAccessList = {
 				// re-fetch with expansions
 				return internalAccessList.get(access, {
 					id:     data.id,
-					expand: ['owner', 'items']
+					expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients']
 				}, true /* <- skip masking */);
 			})
 			.then((row) => {
 				return internalAccessList.build(row)
 					.then(() => {
 						if (row.proxy_host_count) {
-							return internalNginx.reload();
+							return internalNginx.bulkGenerateConfigs('proxy_host', row.proxy_hosts);
 						}
 					})
 					.then(() => {
@@ -204,7 +254,7 @@ const internalAccessList = {
 					.joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0')
 					.where('access_list.is_deleted', 0)
 					.andWhere('access_list.id', data.id)
-					.allowEager('[owner,items,proxy_hosts]')
+					.allowEager('[owner,items,clients,proxy_hosts,proxy_hosts.access_list.clients]')
 					.omit(['access_list.is_deleted'])
 					.first();
 
@@ -246,7 +296,7 @@ const internalAccessList = {
 	delete: (access, data) => {
 		return access.can('access_lists:delete', data.id)
 			.then(() => {
-				return internalAccessList.get(access, {id: data.id, expand: ['proxy_hosts', 'items']});
+				return internalAccessList.get(access, {id: data.id, expand: ['proxy_hosts', 'items', 'clients']});
 			})
 			.then((row) => {
 				if (!row) {
@@ -330,7 +380,7 @@ const internalAccessList = {
 					.where('access_list.is_deleted', 0)
 					.groupBy('access_list.id')
 					.omit(['access_list.is_deleted'])
-					.allowEager('[owner,items]')
+					.allowEager('[owner,items,clients]')
 					.orderBy('access_list.name', 'ASC');
 
 				if (access_data.permission_visibility !== 'all') {

backend/internal/nginx.js

@@ -273,6 +273,7 @@ const internalNginx = {
 		return new Promise((resolve, reject) => {
 			let template = null;
 			let filename = '/data/nginx/temp/letsencrypt_' + certificate.id + '.conf';
+
 			try {
 				template = fs.readFileSync(__dirname + '/../templates/letsencrypt-request.conf', {encoding: 'utf8'});
 			} catch (err) {
@@ -280,6 +281,8 @@ const internalNginx = {
 				return;
 			}
 
+			certificate.ipv6 = internalNginx.ipv6Enabled();
+
 			renderEngine
 				.parseAndRender(template, certificate)
 				.then((config_text) => {

backend/internal/proxy-host.js

@@ -73,7 +73,7 @@ const internalProxyHost = {
 				// re-fetch with cert
 				return internalProxyHost.get(access, {
 					id:     row.id,
-					expand: ['certificate', 'owner', 'access_list']
+					expand: ['certificate', 'owner', 'access_list.clients']
 				});
 			})
 			.then((row) => {
@@ -186,7 +186,7 @@ const internalProxyHost = {
 			.then(() => {
 				return internalProxyHost.get(access, {
 					id:     data.id,
-					expand: ['owner', 'certificate', 'access_list']
+					expand: ['owner', 'certificate', 'access_list.clients']
 				})
 					.then((row) => {
 						// Configure nginx
@@ -219,7 +219,7 @@ const internalProxyHost = {
 					.query()
 					.where('is_deleted', 0)
 					.andWhere('id', data.id)
-					.allowEager('[owner,access_list,certificate]')
+					.allowEager('[owner,access_list,access_list.clients,certificate]')
 					.first();
 
 				if (access_data.permission_visibility !== 'all') {

backend/lib/express/cors.js

@@ -4,11 +4,21 @@ module.exports = function (req, res, next) {
 
 	if (req.headers.origin) {
 
+		const originSchema = {
+			oneOf: [
+				{
+					type:    'string',
+					pattern: '^[a-z\\-]+:\\/\\/(?:[\\w\\-\\.]+(:[0-9]+)?/?)?$'
+				},
+				{
+					type:    'string',
+					pattern: '^[a-z\\-]+:\\/\\/(?:\\[([a-z0-9]{0,4}\\:?)+\\])?/?(:[0-9]+)?$'
+				}
+			]
+		};
+
 		// very relaxed validation....
-		validator({
-			type:    'string',
-			pattern: '^[a-z\\-]+:\\/\\/(?:[\\w\\-\\.]+(:[0-9]+)?/?)?$'
-		}, req.headers.origin)
+		validator(originSchema, req.headers.origin)
 			.then(function () {
 				res.set({
 					'Access-Control-Allow-Origin':      req.headers.origin,

backend/migrations/20200410143839_access_list_client.js

@@ -0,0 +1,53 @@
+const migrate_name = 'access_list_client';
+const logger       = require('../logger').migrate;
+
+/**
+ * Migrate
+ *
+ * @see http://knexjs.org/#Schema
+ *
+ * @param   {Object}  knex
+ * @param   {Promise} Promise
+ * @returns {Promise}
+ */
+exports.up = function (knex/*, Promise*/) {
+
+	logger.info('[' + migrate_name + '] Migrating Up...');
+
+	return knex.schema.createTable('access_list_client', (table) => {
+		table.increments().primary();
+		table.dateTime('created_on').notNull();
+		table.dateTime('modified_on').notNull();
+		table.integer('access_list_id').notNull().unsigned();
+		table.string('address').notNull();
+		table.string('directive').notNull();
+		table.json('meta').notNull();
+
+	})
+		.then(function () {
+			logger.info('[' + migrate_name + '] access_list_client Table created');
+
+			return knex.schema.table('access_list', function (access_list) {
+				access_list.integer('satify_any').notNull().defaultTo(0);
+			});
+		})
+		.then(() => {
+			logger.info('[' + migrate_name + '] access_list Table altered');
+		});
+};
+
+/**
+ * Undo Migrate
+ *
+ * @param {Object} knex
+ * @param {Promise} Promise
+ * @returns {Promise}
+ */
+exports.down = function (knex/*, Promise*/) {
+	logger.info('[' + migrate_name + '] Migrating Down...');
+
+	return knex.schema.dropTable('access_list_client')
+		.then(() => {
+			logger.info('[' + migrate_name + '] access_list_client Table dropped');
+		});
+};

backend/migrations/20200410143840_access_list_client_fix.js

@@ -0,0 +1,34 @@
+const migrate_name = 'access_list_client_fix';
+const logger       = require('../logger').migrate;
+
+/**
+ * Migrate
+ *
+ * @see http://knexjs.org/#Schema
+ *
+ * @param   {Object}  knex
+ * @param   {Promise} Promise
+ * @returns {Promise}
+ */
+exports.up = function (knex/*, Promise*/) {
+	logger.info('[' + migrate_name + '] Migrating Up...');
+
+	return knex.schema.table('access_list', function (access_list) {
+		access_list.renameColumn('satify_any', 'satisfy_any');
+	})
+		.then(() => {
+			logger.info('[' + migrate_name + '] access_list Table altered');
+		});
+};
+
+/**
+ * Undo Migrate
+ *
+ * @param   {Object}  knex
+ * @param   {Promise} Promise
+ * @returns {Promise}
+ */
+exports.down = function (knex, Promise) {
+	logger.warn('[' + migrate_name + '] You can\'t migrate down this one.');
+	return Promise.resolve(true);
+};

backend/models/access_list.js

@@ -1,10 +1,11 @@
 // Objection Docs:
 // http://vincit.github.io/objection.js/
 
-const db             = require('../db');
-const Model          = require('objection').Model;
-const User           = require('./user');
-const AccessListAuth = require('./access_list_auth');
+const db               = require('../db');
+const Model            = require('objection').Model;
+const User             = require('./user');
+const AccessListAuth   = require('./access_list_auth');
+const AccessListClient = require('./access_list_client');
 
 Model.knex(db);
 
@@ -62,6 +63,17 @@ class AccessList extends Model {
 					qb.omit(['id', 'created_on', 'modified_on', 'access_list_id', 'meta']);
 				}
 			},
+			clients: {
+				relation:   Model.HasManyRelation,
+				modelClass: AccessListClient,
+				join:       {
+					from: 'access_list.id',
+					to:   'access_list_client.access_list_id'
+				},
+				modify: function (qb) {
+					qb.omit(['id', 'created_on', 'modified_on', 'access_list_id', 'meta']);
+				}
+			},
 			proxy_hosts: {
 				relation:   Model.HasManyRelation,
 				modelClass: ProxyHost,
@@ -76,6 +88,10 @@ class AccessList extends Model {
 			}
 		};
 	}
+
+	get satisfy() {
+		return this.satisfy_any ? 'satisfy any' : 'satisfy all';
+	}
 }
 
 module.exports = AccessList;

backend/models/access_list_client.js

@@ -0,0 +1,58 @@
+// Objection Docs:
+// http://vincit.github.io/objection.js/
+
+const db    = require('../db');
+const Model = require('objection').Model;
+
+Model.knex(db);
+
+class AccessListClient extends Model {
+	$beforeInsert () {
+		this.created_on  = Model.raw('NOW()');
+		this.modified_on = Model.raw('NOW()');
+
+		// Default for meta
+		if (typeof this.meta === 'undefined') {
+			this.meta = {};
+		}
+	}
+
+	$beforeUpdate () {
+		this.modified_on = Model.raw('NOW()');
+	}
+
+	static get name () {
+		return 'AccessListClient';
+	}
+
+	static get tableName () {
+		return 'access_list_client';
+	}
+
+	static get jsonAttributes () {
+		return ['meta'];
+	}
+
+	static get relationMappings () {
+		return {
+			access_list: {
+				relation:   Model.HasOneRelation,
+				modelClass: require('./access_list'),
+				join:       {
+					from: 'access_list_client.access_list_id',
+					to:   'access_list.id'
+				},
+				modify: function (qb) {
+					qb.where('access_list.is_deleted', 0);
+					qb.omit(['created_on', 'modified_on', 'is_deleted', 'access_list_id']);
+				}
+			}
+		};
+	}
+
+	get rule() {
+		return `${this.directive} ${this.address}`;
+	}
+}
+
+module.exports = AccessListClient;

backend/schema/endpoints/access-lists.json

@@ -1,168 +1,227 @@
 {
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "$id": "endpoints/access-lists",
-  "title": "Access Lists",
-  "description": "Endpoints relating to Access Lists",
-  "stability": "stable",
-  "type": "object",
-  "definitions": {
-    "id": {
-      "$ref": "../definitions.json#/definitions/id"
-    },
-    "created_on": {
-      "$ref": "../definitions.json#/definitions/created_on"
-    },
-    "modified_on": {
-      "$ref": "../definitions.json#/definitions/modified_on"
-    },
-    "name": {
-      "type": "string",
-      "description": "Name of the Access List"
-    },
-    "meta": {
-      "type": "object"
-    }
-  },
-  "properties": {
-    "id": {
-      "$ref": "#/definitions/id"
-    },
-    "created_on": {
-      "$ref": "#/definitions/created_on"
-    },
-    "modified_on": {
-      "$ref": "#/definitions/modified_on"
-    },
-    "name": {
-      "$ref": "#/definitions/name"
-    },
-    "meta": {
-      "$ref": "#/definitions/meta"
-    }
-  },
-  "links": [
-    {
-      "title": "List",
-      "description": "Returns a list of Access Lists",
-      "href": "/nginx/access-lists",
-      "access": "private",
-      "method": "GET",
-      "rel": "self",
-      "http_header": {
-        "$ref": "../examples.json#/definitions/auth_header"
-      },
-      "targetSchema": {
-        "type": "array",
-        "items": {
-          "$ref": "#/properties"
-        }
-      }
-    },
-    {
-      "title": "Create",
-      "description": "Creates a new Access List",
-      "href": "/nginx/access-list",
-      "access": "private",
-      "method": "POST",
-      "rel": "create",
-      "http_header": {
-        "$ref": "../examples.json#/definitions/auth_header"
-      },
-      "schema": {
-        "type": "object",
-        "additionalProperties": false,
-        "required": [
-          "name"
-        ],
-        "properties": {
-          "name": {
-            "$ref": "#/definitions/name"
-          },
-          "items": {
-            "type": "array",
-            "minItems": 1,
-            "items": {
-              "type": "object",
-              "additionalProperties": false,
-              "properties": {
-                "username": {
-                  "type": "string",
-                  "minLength": 1
-                },
-                "password": {
-                  "type": "string",
-                  "minLength": 1
-                }
-              }
-            }
-          },
-          "meta": {
-            "$ref": "#/definitions/meta"
-          }
-        }
-      },
-      "targetSchema": {
-        "properties": {
-          "$ref": "#/properties"
-        }
-      }
-    },
-    {
-      "title": "Update",
-      "description": "Updates a existing Access List",
-      "href": "/nginx/access-list/{definitions.identity.example}",
-      "access": "private",
-      "method": "PUT",
-      "rel": "update",
-      "http_header": {
-        "$ref": "../examples.json#/definitions/auth_header"
-      },
-      "schema": {
-        "type": "object",
-        "additionalProperties": false,
-        "properties": {
-          "name": {
-            "$ref": "#/definitions/name"
-          },
-          "items": {
-            "type": "array",
-            "minItems": 1,
-            "items": {
-              "type": "object",
-              "additionalProperties": false,
-              "properties": {
-                "username": {
-                  "type": "string",
-                  "minLength": 1
-                },
-                "password": {
-                  "type": "string",
-                  "minLength": 0
-                }
-              }
-            }
-          }
-        }
-      },
-      "targetSchema": {
-        "properties": {
-          "$ref": "#/properties"
-        }
-      }
-    },
-    {
-      "title": "Delete",
-      "description": "Deletes a existing Access List",
-      "href": "/nginx/access-list/{definitions.identity.example}",
-      "access": "private",
-      "method": "DELETE",
-      "rel": "delete",
-      "http_header": {
-        "$ref": "../examples.json#/definitions/auth_header"
-      },
-      "targetSchema": {
-        "type": "boolean"
-      }
-    }
-  ]
+	"$schema": "http://json-schema.org/draft-07/schema#",
+	"$id": "endpoints/access-lists",
+	"title": "Access Lists",
+	"description": "Endpoints relating to Access Lists",
+	"stability": "stable",
+	"type": "object",
+	"definitions": {
+		"id": {
+			"$ref": "../definitions.json#/definitions/id"
+		},
+		"created_on": {
+			"$ref": "../definitions.json#/definitions/created_on"
+		},
+		"modified_on": {
+			"$ref": "../definitions.json#/definitions/modified_on"
+		},
+		"name": {
+			"type": "string",
+			"description": "Name of the Access List"
+		},
+		"directive": {
+			"type": "string",
+			"enum": ["allow", "deny"]
+		},
+		"address": {
+			"oneOf": [
+				{
+					"type": "string",
+					"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
+				},
+				{
+					"type": "string",
+					"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
+				},
+				{
+					"type": "string",
+					"pattern": "^all$"
+				}
+			]
+		},
+		"satisfy_any": {
+			"type": "boolean"
+		},
+		"meta": {
+			"type": "object"
+		}
+	},
+	"properties": {
+		"id": {
+			"$ref": "#/definitions/id"
+		},
+		"created_on": {
+			"$ref": "#/definitions/created_on"
+		},
+		"modified_on": {
+			"$ref": "#/definitions/modified_on"
+		},
+		"name": {
+			"$ref": "#/definitions/name"
+		},
+		"meta": {
+			"$ref": "#/definitions/meta"
+		}
+	},
+	"links": [
+		{
+			"title": "List",
+			"description": "Returns a list of Access Lists",
+			"href": "/nginx/access-lists",
+			"access": "private",
+			"method": "GET",
+			"rel": "self",
+			"http_header": {
+				"$ref": "../examples.json#/definitions/auth_header"
+			},
+			"targetSchema": {
+				"type": "array",
+				"items": {
+					"$ref": "#/properties"
+				}
+			}
+		},
+		{
+			"title": "Create",
+			"description": "Creates a new Access List",
+			"href": "/nginx/access-list",
+			"access": "private",
+			"method": "POST",
+			"rel": "create",
+			"http_header": {
+				"$ref": "../examples.json#/definitions/auth_header"
+			},
+			"schema": {
+				"type": "object",
+				"additionalProperties": false,
+				"required": ["name"],
+				"properties": {
+					"name": {
+						"$ref": "#/definitions/name"
+					},
+					"satisfy_any": {
+						"$ref": "#/definitions/satisfy_any"
+					},
+					"items": {
+						"type": "array",
+						"minItems": 0,
+						"items": {
+							"type": "object",
+							"additionalProperties": false,
+							"properties": {
+								"username": {
+									"type": "string",
+									"minLength": 1
+								},
+								"password": {
+									"type": "string",
+									"minLength": 1
+								}
+							}
+						}
+					},
+					"clients": {
+						"type": "array",
+						"minItems": 0,
+						"items": {
+							"type": "object",
+							"additionalProperties": false,
+							"properties": {
+								"address": {
+									"$ref": "#/definitions/address"
+								},
+								"directive": {
+									"$ref": "#/definitions/directive"
+								}
+							}
+						}
+					},
+					"meta": {
+						"$ref": "#/definitions/meta"
+					}
+				}
+			},
+			"targetSchema": {
+				"properties": {
+					"$ref": "#/properties"
+				}
+			}
+		},
+		{
+			"title": "Update",
+			"description": "Updates a existing Access List",
+			"href": "/nginx/access-list/{definitions.identity.example}",
+			"access": "private",
+			"method": "PUT",
+			"rel": "update",
+			"http_header": {
+				"$ref": "../examples.json#/definitions/auth_header"
+			},
+			"schema": {
+				"type": "object",
+				"additionalProperties": false,
+				"properties": {
+					"name": {
+						"$ref": "#/definitions/name"
+					},
+					"satisfy_any": {
+						"$ref": "#/definitions/satisfy_any"
+					},
+					"items": {
+						"type": "array",
+						"minItems": 0,
+						"items": {
+							"type": "object",
+							"additionalProperties": false,
+							"properties": {
+								"username": {
+									"type": "string",
+									"minLength": 1
+								},
+								"password": {
+									"type": "string",
+									"minLength": 0
+								}
+							}
+						}
+					},
+					"clients": {
+						"type": "array",
+						"minItems": 0,
+						"items": {
+							"type": "object",
+							"additionalProperties": false,
+							"properties": {
+								"address": {
+									"$ref": "#/definitions/address"
+								},
+								"directive": {
+									"$ref": "#/definitions/directive"
+								}
+							}
+						}
+					}
+				}
+			},
+			"targetSchema": {
+				"properties": {
+					"$ref": "#/properties"
+				}
+			}
+		},
+		{
+			"title": "Delete",
+			"description": "Deletes a existing Access List",
+			"href": "/nginx/access-list/{definitions.identity.example}",
+			"access": "private",
+			"method": "DELETE",
+			"rel": "delete",
+			"http_header": {
+				"$ref": "../examples.json#/definitions/auth_header"
+			},
+			"targetSchema": {
+				"type": "boolean"
+			}
+		}
+	]
 }

backend/schema/endpoints/proxy-hosts.json

@@ -25,7 +25,7 @@
     "forward_host": {
       "type": "string",
       "minLength": 1,
-      "maxLength": 50
+      "maxLength": 255
     },
     "forward_port": {
       "type": "integer",

backend/templates/letsencrypt-request.conf

@@ -2,6 +2,10 @@
 
 server {
   listen 80;
+{% if ipv6 -%}
+  listen [::]:80;
+{% endif %}
+
   server_name {{ domain_names | join: " " }};
 
   access_log /data/logs/letsencrypt-requests.log standard;

backend/templates/proxy_host.conf

@@ -21,11 +21,21 @@ server {
 {% if use_default_location %}
 
   location / {
-    {%- if access_list_id > 0 -%}
-    # Access List
+
+    {% if access_list_id > 0 %}
+    # Authorization
     auth_basic            "Authorization required";
     auth_basic_user_file  /data/access/{{ access_list_id }};
-    {%- endif %}
+
+    # Access Rules
+    {% for client in access_list.clients %}
+    {{- client.rule -}};
+    {% endfor %}deny all;
+
+    # Access checks must...
+    {{ access_list.satisfy }};
+
+    {% endif %}
 
 {% include "_forced_ssl.conf" %}
 {% include "_hsts.conf" %}

docs/.vuepress/config.js

@@ -47,6 +47,7 @@ module.exports = {
 					["/screenshots/", "Screenshots"],
 					["/setup/", "Setup Instructions"],
 					["/advanced-config/", "Advanced Configuration"],
+					["/faq/", "Frequently Asked Questions"],
 					["/third-party/", "Third Party"]
 				]
 			}

docs/README.md

@@ -45,7 +45,21 @@ footer: MIT Licensed | Copyright © 2016-present jc21.com
 - [Docker Install documentation](https://docs.docker.com/install/)
 - [Docker-Compose Install documentation](https://docs.docker.com/compose/install/)
 
-2. Create a docker-compose.yml file similar to this:
+2. Create a config file for example
+```json
+{
+  "database": {
+    "engine": "mysql",
+    "host": "db",
+    "name": "npm",
+    "user": "npm",
+    "password": "npm",
+    "port": 3306
+  }
+}
+```
+
+3. Create a docker-compose.yml file similar to this:
 
 ```yml
 version: '3'
@@ -71,15 +85,16 @@ services:
       - ./data/mysql:/var/lib/mysql
 ```
 
-3. Bring up your stack
+4. Bring up your stack
 
 ```bash
 docker-compose up -d
 ```
 
-4. Log in to the Admin UI
+5. Log in to the Admin UI
 
 When your docker container is running, connect to it on port `81` for the admin interface.
+Sometimes this can take a little bit because of the entropy of keys.
 
 [http://127.0.0.1:81](http://127.0.0.1:81)
 

docs/advanced-config/README.md

@@ -1,6 +1,6 @@
 # Advanced Configuration
 
-### Disabling IPv6
+## Disabling IPv6
 
 On some docker hosts IPv6 may not be enabled. In these cases, the following message may be seen in the log:
 
@@ -14,7 +14,7 @@ The easy fix is to add a Docker environment variable to the Nginx Proxy Manager
 ```
 
 
-### Custom Nginx Configurations
+## Custom Nginx Configurations
 
 If you are a more advanced user, you might be itching for extra Nginx customizability.
 
@@ -22,18 +22,18 @@ NPM has the ability to include different custom configuration snippets in differ
 
 You can add your custom configuration snippet files at `/data/nginx/custom` as follow:
 
-`/data/nginx/custom/root.conf`: Included at the very end of nginx.conf
-`/data/nginx/custom/http.conf`: Included at the end of the main http block
-`/data/nginx/custom/server_proxy.conf`: Included at the end of every proxy server block
-`/data/nginx/custom/server_redirect.conf`: Included at the end of every redirection server block
-`/data/nginx/custom/server_stream.conf`: Included at the end of every stream server block
-`/data/nginx/custom/server_stream_tcp.conf`: Included at the end of every TCP stream server block
-`/data/nginx/custom/server_stream_udp.conf`: Included at the end of every UDP stream server block
+ - `/data/nginx/custom/root.conf`: Included at the very end of nginx.conf
+ - `/data/nginx/custom/http.conf`: Included at the end of the main http block
+ - `/data/nginx/custom/server_proxy.conf`: Included at the end of every proxy server block
+ - `/data/nginx/custom/server_redirect.conf`: Included at the end of every redirection server block
+ - `/data/nginx/custom/server_stream.conf`: Included at the end of every stream server block
+ - `/data/nginx/custom/server_stream_tcp.conf`: Included at the end of every TCP stream server block
+ - `/data/nginx/custom/server_stream_udp.conf`: Included at the end of every UDP stream server block
 
 Every file is optional.
 
 
-### X-FRAME-OPTIONS Header
+## X-FRAME-OPTIONS Header
 
 You can configure the [`X-FRAME-OPTIONS`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) header
 value by specifying it as a Docker environment variable. The default if not specified is `deny`.

docs/faq/README.md

@@ -0,0 +1,16 @@
+# FAQ
+
+## Do I have to use Docker?
+
+Yes, that's how this project is packaged.
+
+This makes it easier to support the project when I have control over the version of Nginx and NodeJS
+being used. In future this could change if the backend was no longer using NodeJS and it's long list
+of dependencies.
+
+
+## Can I run it on a Raspberry Pi?
+
+Yes! The docker image is multi-arch and is built for a variety of architectures. If yours is
+[not listed](https://hub.docker.com/r/jc21/nginx-proxy-manager/tags) please open a
+[GitHub issue](https://github.com/jc21/nginx-proxy-manager/issues/new?assignees=&labels=enhancement&template=feature_request.md&title=).

docs/setup/README.md

@@ -103,7 +103,7 @@ The docker images support the following architectures:
 The docker images are a manifest of all the architecture docker builds supported, so this means
 you don't have to worry about doing anything special and you can follow the common instructions above.
 
-Check out the [dockerhub tags](https://cloud.docker.com/repository/registry-1.docker.io/jc21/nginx-proxy-manager/tags)
+Check out the [dockerhub tags](https://hub.docker.com/r/jc21/nginx-proxy-manager/tags)
 for a list of supported architectures and if you want one that doesn't exist,
 [create a feature request](https://github.com/jc21/nginx-proxy-manager/issues/new?assignees=&labels=enhancement&template=feature_request.md&title=).
 

frontend/js/app/nginx/access/form.ejs

@@ -3,28 +3,74 @@
         <h5 class="modal-title"><%- i18n('access-lists', 'form-title', {id: id}) %></h5>
         <button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button>
     </div>
-    <div class="modal-body">
+    <div class="modal-body has-tabs">
         <form>
-            <div class="row">
-                <div class="col-sm-12 col-md-12">
-                    <div class="form-group">
-                        <label class="form-label"><%- i18n('str', 'name') %> <span class="form-required">*</span></label>
-                        <input type="text" name="name" class="form-control" value="<%- name %>" required>
-                    </div>
-                </div>
-                <div class="col-sm-6 col-md-6">
-                    <div class="form-group">
-                        <label class="form-label"><%- i18n('str', 'username') %></label>
-                    </div>
-                </div>
-                <div class="col-sm-6 col-md-6">
-                    <div class="form-group">
-                        <label class="form-label"><%- i18n('str', 'password') %></label>
-                    </div>
-                </div>
-            </div>
+            <ul class="nav nav-tabs" role="tablist">
+                <li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active show" aria-selected="true"><i class="fe fe-zap"></i> <%- i18n('access-lists', 'details') %></a></li>
+                <li role="presentation" class="nav-item"><a href="#auth" aria-controls="tab4" role="tab" data-toggle="tab" class="nav-link" aria-selected="false"><i class="fe fe-users"></i> <%- i18n('access-lists', 'authorization') %></a></li>
+                <li role="presentation" class="nav-item"><a href="#access" aria-controls="tab2" role="tab" data-toggle="tab" class="nav-link" aria-selected="false"><i class="fe fe-radio"></i> <%- i18n('access-lists', 'access') %></a></li>
+            </ul>
 
-            <div class="items"><!-- items --></div>
+            <div class="tab-content">
+                <!-- Details -->
+                <div role="tabpanel" class="tab-pane active show" id="details">
+                    <div class="row">
+                        <div class="col-sm-12 col-md-12">
+                            <div class="form-group">
+                                <label class="form-label"><%- i18n('str', 'name') %> <span class="form-required">*</span></label>
+                                <input type="text" name="name" class="form-control" value="<%- name %>" required>
+                            </div>
+                        </div>
+
+                        <div class="col-sm-6 col-md-6">
+                            <div class="form-group">
+                                <label class="custom-switch">
+                                    <input type="checkbox" class="custom-switch-input" name="satisfy_any" value="1"<%- typeof satisfy_any !== 'undefined' && satisfy_any ? ' checked' : '' %>>
+                                    <span class="custom-switch-indicator"></span>
+                                    <span class="custom-switch-description"><%- i18n('access-lists', 'satisfy-any') %></span>
+                                </label>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+
+                <!-- Authorization -->
+                <div class="tab-pane" id="auth">
+                    <div class="row">
+                        <div class="col-sm-6 col-md-6">
+                            <div class="form-group">
+                                <label class="form-label"><%- i18n('str', 'username') %></label>
+                            </div>
+                        </div>
+                        <div class="col-sm-6 col-md-6">
+                            <div class="form-group">
+                                <label class="form-label"><%- i18n('str', 'password') %></label>
+                            </div>
+                        </div>
+                    </div>
+
+                    <div class="items"><!-- items --></div>
+                </div>
+
+                <!-- Access -->
+                <div class="tab-pane" id="access">
+                    <div class="clients"><!-- clients --></div>
+                    <div class="row">
+                        <div class="col-sm-3 col-md-3">
+                            <div class="form-group">
+                                <input type="text" class="form-control disabled" value="deny" disabled>
+                            </div>
+                        </div>
+                        <div class="col-sm-9 col-md-9">
+                            <div class="form-group">
+                                <input type="text" class="form-control disabled" value="all" disabled>
+                            </div>
+                        </div>
+                    </div>
+                    <div class="text-muted">Note that the <code>allow</code> and <code>deny</code> directives will be applied in the order they are defined.</div>
+                </div>
+
+            </div>
         </form>
     </div>
     <div class="modal-footer">

frontend/js/app/nginx/access/form.js

@@ -3,6 +3,7 @@ const App             = require('../../main');
 const AccessListModel = require('../../../models/access-list');
 const template        = require('./form.ejs');
 const ItemView        = require('./form/item');
+const ClientView      = require('./form/client');
 
 require('jquery-serializejson');
 
@@ -10,20 +11,26 @@ const ItemsView = Mn.CollectionView.extend({
     childView: ItemView
 });
 
+const ClientsView = Mn.CollectionView.extend({
+    childView: ClientView
+});
+
 module.exports = Mn.View.extend({
     template:  template,
     className: 'modal-dialog',
 
     ui: {
-        items_region: '.items',
-        form:         'form',
-        buttons:      '.modal-footer button',
-        cancel:       'button.cancel',
-        save:         'button.save'
+        items_region:   '.items',
+        clients_region: '.clients',
+        form:           'form',
+        buttons:        '.modal-footer button',
+        cancel:         'button.cancel',
+        save:           'button.save'
     },
 
     regions: {
-        items_region: '@ui.items_region'
+        items_region:   '@ui.items_region',
+        clients_region: '@ui.clients_region'
     },
 
     events: {
@@ -35,9 +42,10 @@ module.exports = Mn.View.extend({
                 return;
             }
 
-            let view       = this;
-            let form_data  = this.ui.form.serializeJSON();
-            let items_data = [];
+            let view         = this;
+            let form_data    = this.ui.form.serializeJSON();
+            let items_data   = [];
+            let clients_data = [];
 
             form_data.username.map(function (val, idx) {
                 if (val.trim().length) {
@@ -48,16 +56,29 @@ module.exports = Mn.View.extend({
                 }
             });
 
-            if (!items_data.length) {
-                alert('You must specify at least 1 Username and Password combination');
+            form_data.address.map(function (val, idx) {
+                if (val.trim().length) {
+                    clients_data.push({
+                        address: val.trim(),
+                        directive: form_data.directive[idx]
+                    })
+                }
+            });
+
+            if (!items_data.length && !clients_data.length) {
+                alert('You must specify at least 1 Authorization or Access rule');
                 return;
             }
 
             let data = {
-                name:  form_data.name,
-                items: items_data
+                name:       form_data.name,
+                satisfy_any: !!form_data.satisfy_any,
+                items:      items_data,
+                clients:    clients_data
             };
 
+            console.log(data);
+
             let method = App.Api.Nginx.AccessLists.create;
             let is_new = true;
 
@@ -88,6 +109,7 @@ module.exports = Mn.View.extend({
 
     onRender: function () {
         let items = this.model.get('items');
+        let clients = this.model.get('clients');
 
         // Add empty items to the end of the list. This is cheating but hey I don't have the time to do it right
         let items_to_add = 5 - items.length;
@@ -97,9 +119,20 @@ module.exports = Mn.View.extend({
             }
         }
 
+        let clients_to_add = 4 - clients.length;
+        if (clients_to_add) {
+            for (let i = 0; i < clients_to_add; i++) {
+                clients.push({});
+            }
+        }
+
         this.showChildView('items_region', new ItemsView({
             collection: new Backbone.Collection(items)
         }));
+
+        this.showChildView('clients_region', new ClientsView({
+            collection: new Backbone.Collection(clients)
+        }));
     },
 
     initialize: function (options) {

frontend/js/app/nginx/access/form/client.ejs

@@ -0,0 +1,13 @@
+<div class="col-sm-3 col-md-3">
+    <div class="form-group">
+        <select name="directive[]" class="form-control custom-select" placeholder="http">
+            <option value="allow" <%- typeof directive == 'undefined' || directive === 'allow' ? 'selected' : '' %>>allow</option>
+            <option value="deny" <%- typeof directive !== 'undefined' && directive === 'deny' ? 'selected' : '' %>>deny</option>
+        </select>
+    </div>
+</div>
+<div class="col-sm-9 col-md-9">
+    <div class="form-group">
+        <input type="text" name="address[]" class="form-control" value="<%- typeof address !== 'undefined' ? address : '' %>" value="">
+    </div>
+</div>

frontend/js/app/nginx/access/form/client.js

@@ -0,0 +1,7 @@
+const Mn       = require('backbone.marionette');
+const template = require('./client.ejs');
+
+module.exports = Mn.View.extend({
+    template:  template,
+    className: 'row'
+});

frontend/js/app/nginx/access/list/item.ejs

@@ -14,6 +14,16 @@
 <td>
     <%- i18n('access-lists', 'item-count', {count: items.length || 0}) %>
 </td>
+<td>
+    <%- i18n('access-lists', 'client-count', {count: clients.length || 0}) %>
+</td>
+<td>
+    <% if (satisfy_any) { %>
+    <%- i18n('str', 'any') %>
+    <%} else { %>
+    <%- i18n('str', 'all') %>
+    <% } %>
+</td>
 <td>
     <%- i18n('access-lists', 'proxy-host-count', {count: proxy_host_count}) %>
 </td>

frontend/js/app/nginx/access/list/main.ejs

@@ -1,7 +1,9 @@
 <thead>
     <th width="30">&nbsp;</th>
     <th><%- i18n('str', 'name') %></th>
-    <th><%- i18n('users', 'title') %></th>
+    <th><%- i18n('access-lists', 'authorization') %></th>
+    <th><%- i18n('access-lists', 'access') %></th>
+    <th><%- i18n('access-lists', 'satisfy') %></th>
     <th><%- i18n('proxy-hosts', 'title') %></th>
     <% if (canManage) { %>
     <th>&nbsp;</th>

frontend/js/app/nginx/access/main.js

@@ -40,7 +40,7 @@ module.exports = Mn.View.extend({
     onRender: function () {
         let view = this;
 
-        App.Api.Nginx.AccessLists.getAll(['owner', 'items'])
+        App.Api.Nginx.AccessLists.getAll(['owner', 'items', 'clients'])
             .then(response => {
                 if (!view.isDestroyed()) {
                     if (response && response.length) {

frontend/js/app/nginx/proxy/access-list-item.ejs

@@ -3,7 +3,7 @@
         <div class="title">
             <i class="fe fe-lock text-teal"></i> <%- name %>
         </div>
-        <span class="description"><%- i18n('access-lists', 'item-count', {count: items.length || 0}) %> &ndash; Created: <%- formatDbDate(created_on, 'Do MMMM YYYY, h:mm a') %></span>
+        <span class="description"><%- i18n('access-lists', 'item-count', {count: items.length || 0}) %>, <%- i18n('access-lists', 'client-count', {count: clients.length || 0}) %> &ndash; Created: <%- formatDbDate(created_on, 'Do MMMM YYYY, h:mm a') %></span>
     <% } else { %>
         <div class="title">
             <i class="fe fe-unlock text-yellow"></i> <%- i18n('access-lists', 'public') %>

frontend/js/app/nginx/proxy/form.ejs

@@ -44,7 +44,7 @@
                         <div class="col-sm-5 col-md-5">
                             <div class="form-group">
                                 <label class="form-label"><%- i18n('proxy-hosts', 'forward-host') %><span class="form-required">*</span></label>
-                                <input type="text" name="forward_host" class="form-control text-monospace" placeholder="" value="<%- forward_host %>" autocomplete="off" maxlength="50" required>
+                                <input type="text" name="forward_host" class="form-control text-monospace" placeholder="" value="<%- forward_host %>" autocomplete="off" maxlength="255" required>
                             </div>
                         </div>
                         <div class="col-sm-4 col-md-4">

frontend/js/app/nginx/proxy/form.js

@@ -222,7 +222,7 @@ module.exports = Mn.View.extend({
                 }
             },
             load:             function (query, callback) {
-                App.Api.Nginx.AccessLists.getAll(['items'])
+                App.Api.Nginx.AccessLists.getAll(['items', 'clients'])
                     .then(rows => {
                         callback(rows);
                     })

frontend/js/i18n/messages.json

@@ -33,7 +33,9 @@
       "unknown": "Unknown",
       "expires": "Expires",
       "value": "Value",
-      "please-wait": "Please wait..."
+      "please-wait": "Please wait...",
+      "all": "All",
+      "any": "Any"
     },
     "login": {
       "title": "Login to your account"
@@ -184,10 +186,16 @@
       "public": "Publicly Accessible",
       "public-sub": "No Access Restrictions",
       "help-title": "What is an Access List?",
-      "help-content": "Access Lists provide authentication for the Proxy Hosts via Basic HTTP Authentication.\nYou can configure multiple usernames and passwords for a single Access List and then apply that to a Proxy Host.\nThis is most useful for forwarded web services that do not have authentication mechanisms built in.",
+      "help-content": "Access Lists provide a blacklist or whitelist of specific client IP addresses along with authentication for the Proxy Hosts via Basic HTTP Authentication.\nYou can configure multiple client rules, usernames and passwords for a single Access List and then apply that to a Proxy Host.\nThis is most useful for forwarded web services that do not have authentication mechanisms built in or that you want to protect from access by unknown clients.",
       "item-count": "{count} {count, select, 1{User} other{Users}}",
+      "client-count": "{count} {count, select, 1{Rule} other{Rules}}",
       "proxy-host-count": "{count} {count, select, 1{Proxy Host} other{Proxy Hosts}}",
-      "delete-has-hosts": "This Access List is associated with {count} Proxy Hosts. They will become publicly available upon deletion."
+      "delete-has-hosts": "This Access List is associated with {count} Proxy Hosts. They will become publicly available upon deletion.",
+      "details": "Details",
+      "authorization": "Authorization",
+      "access": "Access",
+      "satisfy": "Satisfy",
+      "satisfy-any": "Satisfy Any"
     },
     "users": {
       "title": "Users",

frontend/js/models/access-list.js

@@ -10,6 +10,7 @@ const model = Backbone.Model.extend({
             modified_on:     null,
             name:            '',
             items:           [],
+            clients:         [],
             // The following are expansions:
             owner:           null
         };

frontend/package.json

@@ -19,7 +19,7 @@
     "file-loader": "^6.0.0",
     "html-webpack-plugin": "^4.0.4",
     "imports-loader": "^0.8.0",
-    "jquery": "^3.4.1",
+    "jquery": "^3.5.0",
     "jquery-mask-plugin": "^1.14.16",
     "jquery-serializejson": "^2.9.0",
     "marionette.approuter": "^1.0.2",

frontend/yarn.lock

@@ -2454,11 +2454,6 @@ detect-indent@^4.0.0:
   dependencies:
     repeating "^2.0.0"
 
-detect-libc@^1.0.2:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/detect-libc/-/detect-libc-1.0.3.tgz#fa137c4bd698edf55cd5cd02ac559f91a4c4ba9b"
-  integrity sha1-+hN8S9aY7fVc1c0CrFWfkaTEups=
-
 detective@^4.3.1:
   version "4.7.1"
   resolved "https://registry.yarnpkg.com/detective/-/detective-4.7.1.tgz#0eca7314338442febb6d65da54c10bb1c82b246e"
@@ -3184,13 +3179,6 @@ from2@^2.1.0:
     inherits "^2.0.1"
     readable-stream "^2.0.0"
 
-fs-minipass@^1.2.5:
-  version "1.2.7"
-  resolved "https://registry.yarnpkg.com/fs-minipass/-/fs-minipass-1.2.7.tgz#ccff8570841e7fe4265693da88936c55aed7f7c7"
-  integrity sha512-GWSSJGFy4e9GUeCcbIkED+bgAoFyj7XF1mV8rma3QW4NIqX9Kyx79N/PF61H5udOV3aY1IaMLs6pGbH71nlCTA==
-  dependencies:
-    minipass "^2.6.0"
-
 fs-write-stream-atomic@^1.0.8:
   version "1.0.10"
   resolved "https://registry.yarnpkg.com/fs-write-stream-atomic/-/fs-write-stream-atomic-1.0.10.tgz#b47df53493ef911df75731e70a9ded0189db40c9"
@@ -3640,7 +3628,7 @@ https-browserify@^1.0.0:
   resolved "https://registry.yarnpkg.com/https-browserify/-/https-browserify-1.0.0.tgz#ec06c10e0a34c0f2faf199f7fd7fc78fffd03c73"
   integrity sha1-7AbBDgo0wPL68Zn3/X/Hj//QPHM=
 
-iconv-lite@^0.4.17, iconv-lite@^0.4.4, iconv-lite@^0.4.5:
+iconv-lite@^0.4.17, iconv-lite@^0.4.5:
   version "0.4.24"
   resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"
   integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==
@@ -3669,13 +3657,6 @@ ignore-by-default@^1.0.1:
   resolved "https://registry.yarnpkg.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz#48ca6d72f6c6a3af00a9ad4ae6876be3889e2b09"
   integrity sha1-SMptcvbGo68Aqa1K5odr44ieKwk=
 
-ignore-walk@^3.0.1:
-  version "3.0.3"
-  resolved "https://registry.yarnpkg.com/ignore-walk/-/ignore-walk-3.0.3.tgz#017e2447184bfeade7c238e4aefdd1e8f95b1e37"
-  integrity sha512-m7o6xuOaT1aqheYHKf8W6J5pYH85ZI9w077erOzLje3JsB1gkafkAhHHY19dqjulgIZHFm32Cp5uNZgcQqdJKw==
-  dependencies:
-    minimatch "^3.0.4"
-
 ignore@^3.3.3, ignore@^3.3.5:
   version "3.3.10"
   resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.3.10.tgz#0a97fb876986e8081c631160f8f9f389157f0043"
@@ -4089,10 +4070,10 @@ jquery-serializejson@^2.9.0:
   resolved "https://registry.yarnpkg.com/jquery-serializejson/-/jquery-serializejson-2.9.0.tgz#03e3764e3a4b42c1c5aae9f93d7f19320c5f35a6"
   integrity sha512-xR7rjl0tRKIVioV5lOkOSv7K8BHMvGzYzC7Ech1iAYuZiYf0ksEpLC8OqjA5VApXf/qn/49O9hTmW70+/EA0vA==
 
-jquery@^3.4.1:
-  version "3.4.1"
-  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.4.1.tgz#714f1f8d9dde4bdfa55764ba37ef214630d80ef2"
-  integrity sha512-36+AdBzCL+y6qjw5Tx7HgzeGCzC81MDDgaUP8ld2zhx58HdqXGoBd+tHdrBMiyjGQs0Hxs/MLZTu/eHNJJuWPw==
+jquery@^3.5.0:
+  version "3.5.0"
+  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.5.0.tgz#9980b97d9e4194611c36530e7dc46a58d7340fc9"
+  integrity sha512-Xb7SVYMvygPxbFMpTFQiHh1J7HClEaThguL15N/Gg37Lri/qKyhRGZYzHRyLH8Stq3Aow0LsHO2O2ci86fCrNQ==
 
 js-base64@^2.1.8:
   version "2.5.2"
@@ -4643,21 +4624,6 @@ minimist@^1.1.3, minimist@^1.2.0, minimist@^1.2.5:
   resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602"
   integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==
 
-minipass@^2.6.0, minipass@^2.8.6, minipass@^2.9.0:
-  version "2.9.0"
-  resolved "https://registry.yarnpkg.com/minipass/-/minipass-2.9.0.tgz#e713762e7d3e32fed803115cf93e04bca9fcc9a6"
-  integrity sha512-wxfUjg9WebH+CUDX/CdbRlh5SmfZiy/hpkxaRI16Y9W56Pa75sWgd/rvFilSgrauD9NyFymP/+JFV3KwzIsJeg==
-  dependencies:
-    safe-buffer "^5.1.2"
-    yallist "^3.0.0"
-
-minizlib@^1.2.1:
-  version "1.3.3"
-  resolved "https://registry.yarnpkg.com/minizlib/-/minizlib-1.3.3.tgz#2290de96818a34c29551c8a8d301216bd65a861d"
-  integrity sha512-6ZYMOEnmVsdCeTJVE0W9ZD+pVnE8h9Hma/iOwwRDsdQoePpoX56/8B6z3P9VNwppJuBKNRuFDRNRqRWexT9G9Q==
-  dependencies:
-    minipass "^2.9.0"
-
 mississippi@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/mississippi/-/mississippi-3.0.0.tgz#ea0a3291f97e0b5e8776b363d5f0a12d94c67022"
@@ -4748,15 +4714,6 @@ natural-compare@^1.4.0:
   resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7"
   integrity sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=
 
-needle@^2.2.1:
-  version "2.4.1"
-  resolved "https://registry.yarnpkg.com/needle/-/needle-2.4.1.tgz#14af48732463d7475696f937626b1b993247a56a"
-  integrity sha512-x/gi6ijr4B7fwl6WYL9FwlCvRQKGlUNvnceho8wxkwXqN8jvVmmmATTmZPRRG7b/yC1eode26C2HO9jl78Du9g==
-  dependencies:
-    debug "^3.2.6"
-    iconv-lite "^0.4.4"
-    sax "^1.2.4"
-
 neo-async@^2.5.0, neo-async@^2.6.1:
   version "2.6.1"
   resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.1.tgz#ac27ada66167fa8849a6addd837f6b189ad2081c"
@@ -4829,22 +4786,6 @@ node-libs-browser@^2.2.1:
     util "^0.11.0"
     vm-browserify "^1.0.1"
 
-node-pre-gyp@*:
-  version "0.14.0"
-  resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.14.0.tgz#9a0596533b877289bcad4e143982ca3d904ddc83"
-  integrity sha512-+CvDC7ZttU/sSt9rFjix/P05iS43qHCOOGzcr3Ry99bXG7VX953+vFyEuph/tfqoYu8dttBkE86JSKBO2OzcxA==
-  dependencies:
-    detect-libc "^1.0.2"
-    mkdirp "^0.5.1"
-    needle "^2.2.1"
-    nopt "^4.0.1"
-    npm-packlist "^1.1.6"
-    npmlog "^4.0.2"
-    rc "^1.2.7"
-    rimraf "^2.6.1"
-    semver "^5.3.0"
-    tar "^4.4.2"
-
 node-sass@^4.13.1:
   version "4.13.1"
   resolved "https://registry.yarnpkg.com/node-sass/-/node-sass-4.13.1.tgz#9db5689696bb2eec2c32b98bfea4c7a2e992d0a3"
@@ -4891,14 +4832,6 @@ nodemon@^2.0.2:
   dependencies:
     abbrev "1"
 
-nopt@^4.0.1:
-  version "4.0.3"
-  resolved "https://registry.yarnpkg.com/nopt/-/nopt-4.0.3.tgz#a375cad9d02fd921278d954c2254d5aa57e15e48"
-  integrity sha512-CvaGwVMztSMJLOeXPrez7fyfObdZqNUK1cPAEzLHrTybIua9pMdmmPR5YwtfNftIOMv3DPUhFaxsZMNTQO20Kg==
-  dependencies:
-    abbrev "1"
-    osenv "^0.1.4"
-
 nopt@~1.0.10:
   version "1.0.10"
   resolved "https://registry.yarnpkg.com/nopt/-/nopt-1.0.10.tgz#6ddd21bd2a31417b92727dd585f8a6f37608ebee"
@@ -4938,27 +4871,6 @@ normalize-url@1.9.1:
     query-string "^4.1.0"
     sort-keys "^1.0.0"
 
-npm-bundled@^1.0.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/npm-bundled/-/npm-bundled-1.1.1.tgz#1edd570865a94cdb1bc8220775e29466c9fb234b"
-  integrity sha512-gqkfgGePhTpAEgUsGEgcq1rqPXA+tv/aVBlgEzfXwA1yiUJF7xtEt3CtVwOjNYQOVknDk0F20w58Fnm3EtG0fA==
-  dependencies:
-    npm-normalize-package-bin "^1.0.1"
-
-npm-normalize-package-bin@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/npm-normalize-package-bin/-/npm-normalize-package-bin-1.0.1.tgz#6e79a41f23fd235c0623218228da7d9c23b8f6e2"
-  integrity sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA==
-
-npm-packlist@^1.1.6:
-  version "1.4.8"
-  resolved "https://registry.yarnpkg.com/npm-packlist/-/npm-packlist-1.4.8.tgz#56ee6cc135b9f98ad3d51c1c95da22bbb9b2ef3e"
-  integrity sha512-5+AZgwru5IevF5ZdnFglB5wNlHG1AOOuw28WhUq8/8emhBmLv6jX5by4WJCh7lW0uSYZYS6DXqIsyZVIXRZU9A==
-  dependencies:
-    ignore-walk "^3.0.1"
-    npm-bundled "^1.0.1"
-    npm-normalize-package-bin "^1.0.1"
-
 npm-run-path@^2.0.0:
   version "2.0.2"
   resolved "https://registry.yarnpkg.com/npm-run-path/-/npm-run-path-2.0.2.tgz#35a9232dfa35d7067b4cb2ddf2357b1871536c5f"
@@ -4966,7 +4878,7 @@ npm-run-path@^2.0.0:
   dependencies:
     path-key "^2.0.0"
 
-"npmlog@0 || 1 || 2 || 3 || 4", npmlog@^4.0.0, npmlog@^4.0.2:
+"npmlog@0 || 1 || 2 || 3 || 4", npmlog@^4.0.0:
   version "4.1.2"
   resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.2.tgz#08a7f2a8bf734604779a9efa4ad5cc717abb954b"
   integrity sha512-2uUqazuKlTaSI/dC8AzicUck7+IrEaOnN/e0jd3Xtt1KcGpwx30v50mL7oPyr/h9bL3E4aZccVwpwP+5W9Vjkg==
@@ -5116,7 +5028,7 @@ os-tmpdir@^1.0.0, os-tmpdir@^1.0.1, os-tmpdir@~1.0.2:
   resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274"
   integrity sha1-u+Z0BseaqFxc/sdm/lc0VV36EnQ=
 
-osenv@0, osenv@^0.1.4:
+osenv@0:
   version "0.1.5"
   resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.5.tgz#85cdfafaeb28e8677f416e287592b5f3f49ea410"
   integrity sha512-0CWcCECdMVc2Rw3U5w9ZjqX6ga6ubk1xDVKxtBQPK7wis/0F2r9T6k4ydGYhecl7YUBxBVxhL5oisPsNxAPe2g==
@@ -5595,7 +5507,7 @@ randomfill@^1.0.3:
     randombytes "^2.0.5"
     safe-buffer "^5.1.0"
 
-rc@^1.0.1, rc@^1.1.6, rc@^1.2.7:
+rc@^1.0.1, rc@^1.1.6:
   version "1.2.8"
   resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed"
   integrity sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==
@@ -5925,7 +5837,7 @@ right-align@^0.1.1:
   dependencies:
     align-text "^0.1.1"
 
-rimraf@2, rimraf@^2.5.4, rimraf@^2.6.1, rimraf@^2.6.3:
+rimraf@2, rimraf@^2.5.4, rimraf@^2.6.3:
   version "2.7.1"
   resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.7.1.tgz#35797f13a7fdadc566142c29d4f07ccad483e3ec"
   integrity sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==
@@ -6021,11 +5933,6 @@ sass-loader@^8.0.2:
     schema-utils "^2.6.1"
     semver "^6.3.0"
 
-sax@^1.2.4:
-  version "1.2.4"
-  resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
-  integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==
-
 schema-utils@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-1.0.0.tgz#0b79a93204d7b600d4b2850d1f66c2a34951c770"
@@ -6550,19 +6457,6 @@ tar@^2.0.0:
     fstream "^1.0.12"
     inherits "2"
 
-tar@^4.4.2:
-  version "4.4.13"
-  resolved "https://registry.yarnpkg.com/tar/-/tar-4.4.13.tgz#43b364bc52888d555298637b10d60790254ab525"
-  integrity sha512-w2VwSrBoHa5BsSyH+KxEqeQBAllHhccyMFVHtGtdMpF4W7IRWfZjFiQceJPChOeTsSDVUpER2T8FA93pr0L+QA==
-  dependencies:
-    chownr "^1.1.1"
-    fs-minipass "^1.2.5"
-    minipass "^2.8.6"
-    minizlib "^1.2.1"
-    mkdirp "^0.5.0"
-    safe-buffer "^5.1.2"
-    yallist "^3.0.3"
-
 term-size@^1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/term-size/-/term-size-1.2.0.tgz#458b83887f288fc56d6fffbfad262e26638efa69"
@@ -7166,7 +7060,7 @@ yallist@^2.1.2:
   resolved "https://registry.yarnpkg.com/yallist/-/yallist-2.1.2.tgz#1c11f9218f076089a47dd512f93c6699a6a81d52"
   integrity sha1-HBH5IY8HYImkfdUS+TxmmaaoHVI=
 
-yallist@^3.0.0, yallist@^3.0.2, yallist@^3.0.3:
+yallist@^3.0.2:
   version "3.1.1"
   resolved "https://registry.yarnpkg.com/yallist/-/yallist-3.1.1.tgz#dbb7daf9bfd8bac9ab45ebf602b8cbad0d5d08fd"
   integrity sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==