bastion/nginx-proxy-manager
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: bastion:v2.4.0
Branches Tags
bastion:develop bastion:v3 bastion:dependabot/npm_and_yarn/backend/knex-2.4.0 bastion:dependabot/npm_and_yarn/backend/json5-2.2.3 bastion:dependabot/npm_and_yarn/docs/json5-2.2.2 bastion:dependabot/npm_and_yarn/backend/liquidjs-10.0.0 bastion:dependabot/npm_and_yarn/backend/jsonwebtoken-9.0.0 bastion:dependabot/npm_and_yarn/docs/express-4.17.3 bastion:dependabot/npm_and_yarn/backend/express-4.17.3 bastion:dependabot/npm_and_yarn/frontend/qs-6.5.3 bastion:dependabot/npm_and_yarn/docs/qs-6.9.7 bastion:dependabot/npm_and_yarn/docs/decode-uri-component-0.2.1 bastion:dependabot/npm_and_yarn/frontend/decode-uri-component-0.2.2 bastion:dependabot/npm_and_yarn/backend/decode-uri-component-0.2.2 bastion:dependabot/npm_and_yarn/docs/loader-utils-2.0.4 bastion:HEAD bastion:master bastion:dependabot/npm_and_yarn/docs/async-3.2.2 bastion:dependabot/npm_and_yarn/docs/minimist-1.2.6 bastion:dependabot/npm_and_yarn/frontend/minimist-1.2.6 bastion:dependabot/npm_and_yarn/backend/minimist-1.2.6 bastion:dependabot/npm_and_yarn/docs/node-forge-1.3.0 bastion:dependabot/npm_and_yarn/docs/ansi-html-0.0.8 bastion:dependabot/npm_and_yarn/docs/postcss-8.2.13 bastion:dependabot/npm_and_yarn/test/ajv-6.12.6 bastion:adds-faq-acl-with-login bastion:official-dns-version-requirement bastion:ssl-passthrough-hosts bastion:openidc bastion:static-content
bastion:v2.9.19 bastion:v2.9.18 bastion:v2.9.17 bastion:v2.9.16 bastion:v2.9.15 bastion:v2.9.14 bastion:v2.9.13 bastion:v2.9.12 bastion:v2.9.11 bastion:v2.9.10 bastion:v2.9.9 bastion:v2.9.8 bastion:v2.9.7 bastion:v2.9.6 bastion:v2.9.5 bastion:v2.9.4 bastion:v2.9.3 bastion:v2.9.2 bastion:v2.9.1 bastion:v2.9.0 bastion:v2.8.1 bastion:v2.8.0 bastion:v2.7.3 bastion:v2.7.2 bastion:v2.7.1 bastion:v2.7.0 bastion:v2.6.2 bastion:v2.6.1 bastion:v2.6.0 bastion:v2.5.0 bastion:v2.4.0 bastion:v2.3.1 bastion:v2.3.0 bastion:v2.2.4 bastion:v2.2.3 bastion:v2.2.2 bastion:v2.2.1 bastion:v2.2.0 bastion:v2.1.2 bastion:v2.1.1 bastion:v2.1.0 bastion:2.0.14 bastion:2.0.13 bastion:2.0.12 bastion:2.0.11 bastion:2.0.10 bastion:2.0.9 bastion:2.0.8 bastion:2.0.7 bastion:2.0.6 bastion:2.0.5 bastion:2.0.4 bastion:2.0.3 bastion:2.0.2 bastion:v2.0.0 bastion:2.0.0 bastion:1.1.2 bastion:1.1.1 bastion:1.0.1
...
compare: bastion:v2.7.3
Branches Tags
bastion:v3 bastion:dependabot/npm_and_yarn/backend/knex-2.4.0 bastion:dependabot/npm_and_yarn/backend/json5-2.2.3 bastion:dependabot/npm_and_yarn/docs/json5-2.2.2 bastion:dependabot/npm_and_yarn/backend/liquidjs-10.0.0 bastion:dependabot/npm_and_yarn/backend/jsonwebtoken-9.0.0 bastion:dependabot/npm_and_yarn/docs/express-4.17.3 bastion:dependabot/npm_and_yarn/backend/express-4.17.3 bastion:dependabot/npm_and_yarn/frontend/qs-6.5.3 bastion:dependabot/npm_and_yarn/docs/qs-6.9.7 bastion:dependabot/npm_and_yarn/docs/decode-uri-component-0.2.1 bastion:dependabot/npm_and_yarn/frontend/decode-uri-component-0.2.2 bastion:dependabot/npm_and_yarn/backend/decode-uri-component-0.2.2 bastion:dependabot/npm_and_yarn/docs/loader-utils-2.0.4 bastion:develop bastion:HEAD bastion:master bastion:dependabot/npm_and_yarn/docs/async-3.2.2 bastion:dependabot/npm_and_yarn/docs/minimist-1.2.6 bastion:dependabot/npm_and_yarn/frontend/minimist-1.2.6 bastion:dependabot/npm_and_yarn/backend/minimist-1.2.6 bastion:dependabot/npm_and_yarn/docs/node-forge-1.3.0 bastion:dependabot/npm_and_yarn/docs/ansi-html-0.0.8 bastion:dependabot/npm_and_yarn/docs/postcss-8.2.13 bastion:dependabot/npm_and_yarn/test/ajv-6.12.6 bastion:adds-faq-acl-with-login bastion:official-dns-version-requirement bastion:ssl-passthrough-hosts bastion:openidc bastion:static-content
bastion:v2.9.19 bastion:v2.9.18 bastion:v2.9.17 bastion:v2.9.16 bastion:v2.9.15 bastion:v2.9.14 bastion:v2.9.13 bastion:v2.9.12 bastion:v2.9.11 bastion:v2.9.10 bastion:v2.9.9 bastion:v2.9.8 bastion:v2.9.7 bastion:v2.9.6 bastion:v2.9.5 bastion:v2.9.4 bastion:v2.9.3 bastion:v2.9.2 bastion:v2.9.1 bastion:v2.9.0 bastion:v2.8.1 bastion:v2.8.0 bastion:v2.7.3 bastion:v2.7.2 bastion:v2.7.1 bastion:v2.7.0 bastion:v2.6.2 bastion:v2.6.1 bastion:v2.6.0 bastion:v2.5.0 bastion:v2.4.0 bastion:v2.3.1 bastion:v2.3.0 bastion:v2.2.4 bastion:v2.2.3 bastion:v2.2.2 bastion:v2.2.1 bastion:v2.2.0 bastion:v2.1.2 bastion:v2.1.1 bastion:v2.1.0 bastion:2.0.14 bastion:2.0.13 bastion:2.0.12 bastion:2.0.11 bastion:2.0.10 bastion:2.0.9 bastion:2.0.8 bastion:2.0.7 bastion:2.0.6 bastion:2.0.5 bastion:2.0.4 bastion:2.0.3 bastion:2.0.2 bastion:v2.0.0 bastion:2.0.0 bastion:1.1.2 bastion:1.1.1 bastion:1.0.1

123 Commits
v2.4.0 ... v2.7.3

Author SHA1 Message Date
jc21
6a8d5e2166 Merge pull request #820 from jc21/develop 
v2.7.3
 2021-01-12 11:13:35 +10:00
jc21
d732665a23 Merge branch 'master' into develop 2021-01-12 09:06:34 +10:00
Jamie Curnow
e0748c9bc7 Bumped version 2021-01-12 09:05:27 +10:00
jc21
bfb328238e Merge pull request #806 from jc21/develop 
v2.7.2
 2021-01-07 09:35:35 +10:00
Jamie Curnow
64cc4f57d6 Version bump and acknowledgements 2021-01-06 21:48:10 +10:00
jc21
7a3c91c6a4 Merge pull request #804 from lebrou34/master 
Add Gandi Live DNS to certbot-dns-plugins.js
 2021-01-06 13:14:54 +10:00
lebrou34
508bc62852 Update certbot-dns-plugins.js 2021-01-05 18:47:22 +01:00
lebrou34
59e8446d47 Update certbot-dns-plugins.js 2021-01-05 18:41:26 +01:00
lebrou34
d13596d2f7 Update certbot-dns-plugins.js 2021-01-05 18:35:18 +01:00
lebrou34
9adccfa341 Update certbot-dns-plugins.js 2021-01-05 18:19:27 +01:00
lebrou34
5cc3b53378 Update certbot-dns-plugins.js 2021-01-05 18:11:10 +01:00
lebrou34
b62b0a2fb7 Update certbot-dns-plugins.js 2021-01-05 17:36:47 +01:00
jc21
1faac4edf2 Merge pull request #750 from klutchell/klutchell-patch-1 
allow custom stream conf
 2021-01-03 20:14:55 +10:00
jc21
4c60dce169 Merge pull request #796 from lightglitch/patch-1 
Fix dead hosts verification count
 2021-01-03 20:14:36 +10:00
jc21
771f31f44d Merge pull request #770 from jc21/dependabot/npm_and_yarn/backend/ini-1.3.8 
Bump ini from 1.3.5 to 1.3.8 in /backend
 2021-01-03 20:14:21 +10:00
jc21
8bedb95e1d Merge pull request #771 from jc21/dependabot/npm_and_yarn/test/ini-1.3.8 
Bump ini from 1.3.5 to 1.3.8 in /test
 2021-01-03 20:14:03 +10:00
jc21
ac4be08df2 Merge pull request #772 from jc21/dependabot/npm_and_yarn/docs/ini-1.3.8 
Bump ini from 1.3.5 to 1.3.8 in /docs
 2021-01-03 20:13:49 +10:00
jc21
0d6e058e23 Merge pull request #774 from chaptergy/better-custom-certificate-handling 
Better custom certificate handling
 2021-01-03 12:09:55 +10:00
Mário Franco
bee2ceb667 Fix dead hosts verification count 2021-01-02 04:58:14 +00:00
chaptergy
6af13d4f40 Removes explicit privkeytype check and adds passphrase error 2020-12-14 12:08:39 +01:00
dependabot[bot]
9dd0ebd899 Bump ini from 1.3.5 to 1.3.8 in /docs 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-12-12 10:17:11 +00:00
dependabot[bot]
6e97bfa717 Bump ini from 1.3.5 to 1.3.8 in /test 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-12-12 08:23:59 +00:00
dependabot[bot]
07b69f41eb Bump ini from 1.3.5 to 1.3.8 in /backend 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-12-12 08:23:45 +00:00
Kyle Harding
6bd2ac7d6d Update README.md 2020-12-01 14:24:14 -05:00
Kyle Harding
528e5ef3bc allow custom stream conf 
Allow a top-level custom `stream` configuration file to be loaded.
 2020-12-01 14:22:31 -05:00
Jamie Curnow
bc1c50ac92 Added contributor 2020-11-22 21:50:57 +10:00
jc21
8c2ab42b75 Merge pull request #738 from WaterCalm/master 
add aliyun DNS plugin
 2020-11-22 21:48:24 +10:00
WaterCalm
62053d15d4 add aliyun DNS plugin 
add aliyun DNS plugin
 2020-11-22 16:08:56 +08:00
Jamie Curnow
6fed642aba Cypress docker build should be faster and added mkcert for later 2020-11-22 16:57:12 +10:00
jc21
72ac549a58 Merge pull request #729 from jc21/develop 
v2.7.1
 2020-11-18 22:55:47 +10:00
jc21
9f38617135 Merge branch 'master' into develop 2020-11-18 22:55:37 +10:00
Jamie Curnow
94eec805df Version bump 2020-11-18 21:46:21 +10:00
Jamie Curnow
05a940e732 Fix instances where config file exists and env vars don't 2020-11-18 21:42:03 +10:00
jc21
1c43cc2181 Merge pull request #725 from jc21/develop 
v2.7.0
 2020-11-18 14:30:44 +10:00
jc21
657ee73ff1 Merge branch 'master' into develop 2020-11-18 12:22:34 +10:00
Jamie Curnow
4ee5d993cf Bumped version 2020-11-18 12:21:35 +10:00
jc21
70a445e2d7 Merge pull request #704 from chaptergy/allow-setup-without-config-file 
Removes the need of a config file and allows db config via environment
 2020-11-18 12:18:45 +10:00
jc21
2115da210d Merge pull request #694 from chaptergy/visual-indicator-for-certificate-deletion 
Adds visual indicator for certificate deletion
 2020-11-09 10:10:55 +10:00
jc21
540554c4f6 Merge pull request #695 from chaptergy/failed-certificate-autoremove 
Adds autoremove of failed certificate creations in DB
 2020-11-09 10:10:00 +10:00
chaptergy
1337c50d28 Use latest tag in full setup instructions 2020-11-07 19:37:35 +01:00
chaptergy
c5ceb3b2b1 Removes obsolete file mount 2020-11-07 13:54:18 +01:00
chaptergy
57fc1d8f08 Removes the need of a config file and allows db config via environment 2020-11-07 13:24:01 +01:00
chaptergy
1518ecd1e9 Adds autoremove of failed certificate creations in DB 2020-11-06 12:29:38 +01:00
chaptergy
6be0343918 Adds visual indicator for certificate deletion 2020-11-06 11:51:42 +01:00
jc21
cf8812c932 Merge pull request #692 from jc21/develop 
v2.6.2
 2020-11-06 19:31:10 +10:00
Jamie Curnow
5bc3e474a9 Merge branch 'real_ip' of github.com:jc21/nginx-proxy-manager into develop 2020-11-06 13:21:37 +10:00
Jamie Curnow
13eaa346bc Use remote addr as real ip 2020-11-06 13:21:22 +10:00
Jamie Curnow
d7437cc4a7 Test for real-ip header 2020-11-06 13:17:30 +10:00
Jamie Curnow
ddb3c6590c Version bump 2020-11-06 13:06:15 +10:00
Jamie Curnow
89d6773bda Merge branch 'develop' of github.com:jc21/nginx-proxy-manager into real_ip 2020-11-06 09:18:25 +10:00
Jamie Curnow
3651b9484f Fix for pip install error when there are no plugins to install 2020-11-06 09:17:52 +10:00
Jamie Curnow
2200c950b7 Merge branch 'develop' of github.com:jc21/nginx-proxy-manager into real_ip 2020-11-06 09:12:35 +10:00
jc21
14f84f01b5 Merge pull request #687 from chaptergy/allow-additional-dns-challenge-dependencies 
Allow additional dns challenge dependencies
 2020-11-06 09:02:35 +10:00
chaptergy
cb014027bb Makes sure credentials folder exist every time before saving credentials 2020-11-04 19:31:40 +01:00
chaptergy
32e5155783 Fixes Linting errors 2020-11-03 22:38:09 +01:00
chaptergy
a3159ad59e Converts tabs to spaces 2020-11-03 22:24:03 +01:00
chaptergy
60a40197f1 Always install additional dependencies for dns plugins 2020-11-03 21:59:18 +01:00
chaptergy
7d693a4271 Expands and refactors dns plugin list 2020-11-03 21:28:50 +01:00
Jamie Curnow
f192748bf9 Use x-real-ip header for the real-ip module 2020-10-19 11:40:50 +10:00
jc21
96f401cba6 Merge pull request #664 from chaptergy/fixes-expiring-hosts-renewal 
Adds certbot plugin installation check on startup
 2020-10-19 08:50:44 +10:00
jc21
ffd2430160 Merge pull request #666 from MarceloLagos/master 
Check key for RSA header otherwise use EC, and output fix.
 2020-10-19 08:45:28 +10:00
MarceloLagos
190cd2d6bb Update certificate.js 2020-10-17 23:46:18 -06:00
MarceloLagos
7ba58bdbd3 Update certificate.js 2020-10-17 23:27:12 -06:00
chaptergy
08ab62108f Fixes eslint errors 2020-10-17 12:54:38 +02:00
chaptergy
1028de8158 Adds certbot plugin installation check on startup 2020-10-17 12:13:08 +02:00
jc21
301499dc52 Merge pull request #659 from jc21/develop 
v2.6.1
 2020-10-16 15:53:56 +10:00
jc21
5c2f13ed8e Merge branch 'master' into develop 2020-10-16 13:44:10 +10:00
Jamie Curnow
e30ad81f69 Updated version 2020-10-16 13:43:13 +10:00
Jamie Curnow
21f36f535f Don't spit out a ; if the preceeding value is empty 2020-10-16 13:41:08 +10:00
jc21
c14236823a Merge pull request #656 from chaptergy/fixes-custom-certificate-upload 
Fixes custom certificate upload
 2020-10-16 08:33:51 +10:00
chaptergy
551a9fe1c6 Fixes custom certificate upload 2020-10-15 14:58:05 +02:00
jc21
e3399e1035 Merge pull request #654 from jc21/develop 
2.6.0 Release
 2020-10-15 15:14:57 +10:00
Jamie Curnow
c413b4af3f Added contributors 2020-10-15 14:06:21 +10:00
Jamie Curnow
dbf5dec23b Bump version 2020-10-15 10:40:01 +10:00
Jamie Curnow
10f0eb17d7 Fix linting errors 2020-10-15 10:33:51 +10:00
jc21
e3b680c351 Merge pull request #653 from jmwebslave/dont-pass-auth-header 
Pass/Don't Pass Auth Header
 2020-10-15 10:10:33 +10:00
James Morgan
0df0545777 Allows auth information from AccessList not to be passed to proxied hosts. Resolves issue #153. 
Signed-off-by: James Morgan <jmorgan.au+github@gmail.com>
 2020-10-15 10:23:09 +11:00
jc21
165bfc9f5f Merge pull request #607 from jc21/dependabot/npm_and_yarn/docs/node-forge-0.10.0 
Bump node-forge from 0.9.1 to 0.10.0 in /docs
 2020-10-15 08:34:14 +10:00
jc21
5830bd73b9 Merge pull request #608 from Philip-Mooney/master 
Fix for access list getAll when not granted all permissions
 2020-10-15 08:33:58 +10:00
jc21
3c4ce839b9 Merge pull request #635 from chaptergy/allow-more-dns-challenges 
Allow DNS challenges not just for cloudflare
 2020-10-14 19:12:15 +10:00
chaptergy
ac9f052309 Fixes linting errors 2020-10-14 09:55:45 +02:00
chaptergy
049e424957 Adds special case for Route53 2020-10-14 09:20:52 +02:00
chaptergy
07e78aec48 Adds error stack information in prod environment for certificates 2020-10-08 15:30:13 +02:00
chaptergy
3fec135fe5 Fixes ESlint formatting errors 2020-10-08 14:38:19 +02:00
chaptergy
867fe1322b Unifies directory structure in dev and prod containers 2020-10-08 13:38:20 +02:00
chaptergy
95208a50a7 Increases timeouts in front- and backend 2020-10-08 13:21:17 +02:00
chaptergy
514b13fcc2 Fixes build issues due to globally used file 2020-10-06 16:12:12 +02:00
chaptergy
4cbc1f5bbe Minor refactoring 2020-10-06 15:37:51 +02:00
chaptergy
64de36cdf2 Adds more DNS plugins 2020-10-06 15:16:45 +02:00
chaptergy
093b48ad7b Implements backend changes to allow more dns challenges 2020-10-06 14:52:06 +02:00
chaptergy
05f6a55a0b Adds frontend improvements and fixes 2020-10-06 14:49:02 +02:00
chaptergy
2523424f68 Updates dockerfiles 2020-10-05 01:04:18 +02:00
chaptergy
b81325d7bf Implements dns challenge provider selection in frontend 2020-10-05 01:04:06 +02:00
Philip Mooney
3e10b7b2b1 Fix for access list getAll when not granted all permissions 2020-09-19 22:16:16 +01:00
dependabot[bot]
e5cb750015 Bump node-forge from 0.9.1 to 0.10.0 in /docs 
Bumps [node-forge](https://github.com/digitalbazaar/forge) from 0.9.1 to 0.10.0.
- [Release notes](https://github.com/digitalbazaar/forge/releases)
- [Changelog](https://github.com/digitalbazaar/forge/blob/master/CHANGELOG.md)
- [Commits](https://github.com/digitalbazaar/forge/compare/0.9.1...0.10.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-09-17 23:42:28 +00:00
jc21
28f72086ec Merge pull request #592 from jc21/develop 
v2.5.0
 2020-09-04 09:07:47 +10:00
Jamie Curnow
a6b9bd7b01 Version bump and contributors 2020-09-03 14:11:44 +10:00
Jamie Curnow
2c5eac9dad Merge branch 'master' of github.com:jc21/nginx-proxy-manager into develop 2020-09-03 14:03:43 +10:00
jc21
87f61b8527 Merge pull request #572 from jipjan/features/dns-cloudflare 
Add DNS CloudFlare with wildcard support
 2020-09-03 14:01:05 +10:00
jc21
74bfe490c6 Merge pull request #587 from duhruh/bug/custom-ssl-inputs 
Allow inputs to update
 2020-09-03 13:53:17 +10:00
David Rivera
015167f34d Allow inputs to update 2020-08-29 20:24:51 -07:00
jc21
4bafc7ff1a Merge pull request #546 from jc21/dependabot/npm_and_yarn/docs/prismjs-1.21.0 
Bump prismjs from 1.20.0 to 1.21.0 in /docs
 2020-08-25 10:51:11 +10:00
jc21
bf8beb50b4 Merge pull request #559 from jlesage/remove-webroot-certbot-arg 
Removed the hardcoded `--webroot` certbot argument to better support DNS challenge
 2020-08-25 08:44:00 +10:00
jc21
e5034a34f5 Merge pull request #570 from jc21/dependabot/npm_and_yarn/backend/bcrypt-5.0.0 
Bump bcrypt from 4.0.1 to 5.0.0 in /backend
 2020-08-25 08:31:48 +10:00
Jaap-Jan de Wit
a561605653 show in ssl certificates list that CloudFlare is used 2020-08-24 09:09:52 +00:00
Jaap-Jan de Wit
e8596c1554 cloudflare DNS also possible while adding proxy, redirection and 404 2020-08-24 09:00:00 +00:00
Jaap-Jan de Wit
ab67481e99 fix eslint errors 2020-08-23 18:56:25 +00:00
Jaap-Jan de Wit
1b611e67c8 Merge commit 'c5aa2b9f771cbd4c78c239ed0791aeb8d9e4d2e4' into features/dns-cloudflare 2020-08-23 18:30:07 +00:00
Jaap-Jan de Wit
c5aa2b9f77 add cloudflare renew and make revoke working for both by deleting unnecessary config command 2020-08-23 18:29:16 +00:00
Jaap-Jan de Wit
cff6c4d1f5 - prevent wildcard generation when not using Cloudflare dns 
- fix cloudflare token required logic
 2020-08-23 16:48:14 +00:00
Jaap-Jan de Wit
077cf75ef2 wildcard support 2020-08-23 13:24:20 +00:00
Jaap-Jan de Wit
ff1770204c request via cloudflare dns working 2020-08-23 12:50:41 +00:00
Jaap-Jan de Wit
b9a95840e0 add cloudflare dns option to letsencrypt via manual certificate 2020-08-23 11:40:41 +00:00
Jaap-Jan de Wit
2d7576c57e add cloudflare dns also to dev docker file 2020-08-23 10:54:36 +00:00
Jaap-Jan
251aac716a Add CloudFlare DNS plugin to certbot 2020-08-21 09:49:43 +02:00
jc21
6694a42270 Merge pull request #560 from jlesage/remove-from-unixtime 
Removed usage of `FROM_UNIXTIME` mysql-specific function.
 2020-08-21 14:21:40 +10:00
dependabot[bot]
f78a4c6ad1 Bump bcrypt from 4.0.1 to 5.0.0 in /backend 
Bumps [bcrypt](https://github.com/kelektiv/node.bcrypt.js) from 4.0.1 to 5.0.0.
- [Release notes](https://github.com/kelektiv/node.bcrypt.js/releases)
- [Changelog](https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kelektiv/node.bcrypt.js/compare/v4.0.1...v5.0.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-08-20 17:01:00 +00:00
Jocelyn Le Sage
83fad8bcda Removed usage of FROM_UNIXTIME mysql-specific function. 
This provide better interoperability with different databases (e.g. sqlite).
Fixes #557
 2020-08-14 19:31:05 -04:00
Jocelyn Le Sage
f539e813aa Removed the hardcoded --webroot certbot argument to better support DNS challenge. Also, this option is already set in the default letsencrypt.ini. 2020-08-14 14:28:03 -04:00
Jamie Curnow
5d65166777 Ignore local subnets for real IP determination 2020-08-12 09:32:40 +10:00
dependabot[bot]
70346138a7 Bump prismjs from 1.20.0 to 1.21.0 in /docs 
Bumps [prismjs](https://github.com/PrismJS/prism) from 1.20.0 to 1.21.0.
- [Release notes](https://github.com/PrismJS/prism/releases)
- [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md)
- [Commits](https://github.com/PrismJS/prism/compare/v1.20.0...v1.21.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-08-08 00:02:04 +00:00
jc21
d68656559c Merge pull request #544 from jlesage/sqlite-now-helper-fix 
Fixed now_helper for sqlite (time is missing)
 2020-08-07 08:37:00 +10:00
Jocelyn Le Sage
01660b5b80 Fixed now_helper for sqlite: it should also returns the time. 2020-08-06 17:16:22 -04:00
58 changed files with 1848 additions and 555 deletions
Expand all files Collapse all files

10
.jenkins/config-mysql.json
View File

@ -1,10 +0,0 @@
{
"database": {
"engine": "mysql",
"host": "db",
"name": "npm",
"user": "npm",
"password": "npm",
"port": 3306
}
}

11
.jenkins/config-sqlite.json
View File

@ -1,11 +0,0 @@
{
"database": {
"engine": "knex-native",
"knex": {
"client": "sqlite3",
"connection": {
"filename": "/data/database.sqlite"
}
}
}
}

2
.version
View File

@ -1 +1 @@
2.4.0 2.7.2

1
Jenkinsfile vendored
View File

@ -65,6 +65,7 @@ pipeline {
// See: https://github.com/yarnpkg/yarn/issues/3254 // See: https://github.com/yarnpkg/yarn/issues/3254
sh '''docker run --rm \\ sh '''docker run --rm \\
-v "$(pwd)/backend:/app" \\ -v "$(pwd)/backend:/app" \\
-v "$(pwd)/global:/app/global" \\
-w /app \\ -w /app \\
node:latest \\ node:latest \\
sh -c "yarn install && yarn eslint . && rm -rf node_modules" sh -c "yarn install && yarn eslint . && rm -rf node_modules"

58
README.md
View File

@ -1,7 +1,7 @@
<p align="center"> <p align="center">
<img src="https://nginxproxymanager.com/github.png"> <img src="https://nginxproxymanager.com/github.png">
<br><br> <br><br>
<img src="https://img.shields.io/badge/version-2.4.0-green.svg?style=for-the-badge"> <img src="https://img.shields.io/badge/version-2.7.3-green.svg?style=for-the-badge">
<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager"> <a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge"> <img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
</a> </a>
@ -173,6 +173,62 @@ Special thanks to the following contributors:
<br /><sub><b>vrenjith</b></sub> <br /><sub><b>vrenjith</b></sub>
</a> </a>
</td> </td>
<td align="center">
<a href="https://github.com/duhruh">
<img src="https://avatars2.githubusercontent.com/u/1133969?s=460&u=c0691e6131ec6d516416c1c6fcedb5034f877bbe&v=4" width="80px;" alt=""/>
<br /><sub><b>David Rivera</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/jipjan">
<img src="https://avatars2.githubusercontent.com/u/1384618?s=460&v=4" width="80px;" alt=""/>
<br /><sub><b>Jaap-Jan de Wit</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/jmwebslave">
<img src="https://avatars2.githubusercontent.com/u/6118262?s=460&u=7db409c47135b1e141c366bbb03ed9fae6ac2638&v=4" width="80px;" alt=""/>
<br /><sub><b>James Morgan</b></sub>
</a>
</td>
</tr>
<tr>
<td align="center">
<a href="https://github.com/chaptergy">
<img src="https://avatars2.githubusercontent.com/u/26956711?s=460&u=7d9adebabb6b4e7af7cb05d98d751087a372304b&v=4" width="80px;" alt=""/>
<br /><sub><b>chaptergy</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/Philip-Mooney">
<img src="https://avatars0.githubusercontent.com/u/48624631?s=460&v=4" width="80px;" alt=""/>
<br /><sub><b>Philip Mooney</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/WaterCalm">
<img src="https://avatars1.githubusercontent.com/u/23502129?s=400&v=4" width="80px;" alt=""/>
<br /><sub><b>WaterCalm</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/lebrou34">
<img src="https://avatars1.githubusercontent.com/u/16373103?s=460&v=4" width="80px;" alt=""/>
<br /><sub><b>lebrou34</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/lightglitch">
<img src="https://avatars0.githubusercontent.com/u/196953?s=460&v=4" width="80px;" alt=""/>
<br /><sub><b>Mário Franco</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/klutchell">
<img src="https://avatars3.githubusercontent.com/u/20458272?s=460&v=4" width="80px;" alt=""/>
<br /><sub><b>Kyle Harding</b></sub>
</a>
</td>
</tr> </tr>
</table> </table>
<!-- markdownlint-enable --> <!-- markdownlint-enable -->

2
backend/app.js
View File

@ -66,7 +66,7 @@ app.use(function (err, req, res, next) {
} }
}; };
if (process.env.NODE_ENV === 'development') { if (process.env.NODE_ENV === 'development' || (req.baseUrl + req.path).includes('nginx/certificates')) {
payload.debug = { payload.debug = {
stack: typeof err.stack !== 'undefined' && err.stack ? err.stack.split('\n') : null, stack: typeof err.stack !== 'undefined' && err.stack ? err.stack.split('\n') : null,
previous: err.previous previous: err.previous

2
backend/config/sqlite-test-db.json
View File

@ -4,7 +4,7 @@
"knex": { "knex": {
"client": "sqlite3", "client": "sqlite3",
"connection": { "connection": {
"filename": "/app/backend/config/mydb.sqlite" "filename": "/app/config/mydb.sqlite"
}, },
"pool": { "pool": {
"min": 0, "min": 0,

88
backend/index.js
View File

@ -2,7 +2,10 @@
const logger = require('./logger').global; const logger = require('./logger').global;
function appStart () { async function appStart () {
// Create config file db settings if environment variables have been set
await createDbConfigFromEnvironment();
const migrate = require('./migrate'); const migrate = require('./migrate');
const setup = require('./setup'); const setup = require('./setup');
const app = require('./app'); const app = require('./app');
@ -39,9 +42,92 @@ function appStart () {
}); });
} }
async function createDbConfigFromEnvironment() {
return new Promise((resolve, reject) => {
const envMysqlHost = process.env.DB_MYSQL_HOST || null;
const envMysqlPort = process.env.DB_MYSQL_PORT || null;
const envMysqlUser = process.env.DB_MYSQL_USER || null;
const envMysqlName = process.env.DB_MYSQL_NAME || null;
const envSqliteFile = process.env.DB_SQLITE_FILE || null;
if ((envMysqlHost && envMysqlPort && envMysqlUser && envMysqlName) || envSqliteFile) {
const fs = require('fs');
const filename = (process.env.NODE_CONFIG_DIR || './config') + '/' + (process.env.NODE_ENV || 'default') + '.json';
let configData = {};
try {
configData = require(filename);
} catch (err) {
// do nothing
}
if (configData.database && configData.database.engine && !configData.database.fromEnv) {
logger.info('Manual db configuration already exists, skipping config creation from environment variables');
resolve();
return;
}
if (envMysqlHost && envMysqlPort && envMysqlUser && envMysqlName) {
const newConfig = {
fromEnv: true,
engine: 'mysql',
host: envMysqlHost,
port: envMysqlPort,
user: envMysqlUser,
password: process.env.DB_MYSQL_PASSWORD,
name: envMysqlName,
};
if (JSON.stringify(configData.database) === JSON.stringify(newConfig)) {
// Config is unchanged, skip overwrite
resolve();
return;
}
logger.info('Generating MySQL db configuration from environment variables');
configData.database = newConfig;
} else {
const newConfig = {
fromEnv: true,
engine: 'knex-native',
knex: {
client: 'sqlite3',
connection: {
filename: envSqliteFile
}
}
};
if (JSON.stringify(configData.database) === JSON.stringify(newConfig)) {
// Config is unchanged, skip overwrite
resolve();
return;
}
logger.info('Generating Sqlite db configuration from environment variables');
configData.database = newConfig;
}
// Write config
fs.writeFile(filename, JSON.stringify(configData, null, 2), (err) => {
if (err) {
logger.error('Could not write db config to config file: ' + filename);
reject(err);
} else {
logger.info('Wrote db configuration to config file: ' + filename);
resolve();
}
});
} else {
resolve();
}
});
}
try { try {
appStart(); appStart();
} catch (err) { } catch (err) {
logger.error(err.message, err); logger.error(err.message, err);
process.exit(1); process.exit(1);
} }

4
backend/internal/access-list.js
View File

@ -31,6 +31,7 @@ const internalAccessList = {
.insertAndFetch({ .insertAndFetch({
name: data.name, name: data.name,
satisfy_any: data.satisfy_any, satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth,
owner_user_id: access.token.getUserId(1) owner_user_id: access.token.getUserId(1)
}); });
}) })
@ -128,6 +129,7 @@ const internalAccessList = {
.patch({ .patch({
name: data.name, name: data.name,
satisfy_any: data.satisfy_any, satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth,
}); });
} }
}) })
@ -384,7 +386,7 @@ const internalAccessList = {
.orderBy('access_list.name', 'ASC'); .orderBy('access_list.name', 'ASC');
if (access_data.permission_visibility !== 'all') { if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.getUserId(1)); query.andWhere('access_list.owner_user_id', access.token.getUserId(1));
} }
// Query is used for searching // Query is used for searching

255
backend/internal/certificate.js
View File

@ -13,6 +13,7 @@ const internalNginx = require('./nginx');
const internalHost = require('./host'); const internalHost = require('./host');
const certbot_command = '/usr/bin/certbot'; const certbot_command = '/usr/bin/certbot';
const le_config = '/etc/letsencrypt.ini'; const le_config = '/etc/letsencrypt.ini';
const dns_plugins = require('../global/certbot-dns-plugins');
function omissions() { function omissions() {
return ['is_deleted']; return ['is_deleted'];
@ -77,7 +78,7 @@ const internalCertificate = {
.where('id', certificate.id) .where('id', certificate.id)
.andWhere('provider', 'letsencrypt') .andWhere('provider', 'letsencrypt')
.patch({ .patch({
expires_on: certificateModel.raw('FROM_UNIXTIME(' + cert_info.dates.to + ')') expires_on: moment(cert_info.dates.to, 'X').format('YYYY-MM-DD HH:mm:ss')
}); });
}) })
.catch((err) => { .catch((err) => {
@ -141,36 +142,60 @@ const internalCertificate = {
}); });
}) })
.then((in_use_result) => { .then((in_use_result) => {
// 3. Generate the LE config // With DNS challenge no config is needed, so skip 3 and 5.
return internalNginx.generateLetsEncryptRequestConfig(certificate) if (certificate.meta.dns_challenge) {
.then(internalNginx.reload) return internalNginx.reload().then(() => {
.then(() => {
// 4. Request cert // 4. Request cert
return internalCertificate.requestLetsEncryptSsl(certificate); return internalCertificate.requestLetsEncryptSslWithDnsChallenge(certificate);
}) })
.then(() => { .then(internalNginx.reload)
// 5. Remove LE config .then(() => {
return internalNginx.deleteLetsEncryptRequestConfig(certificate); // 6. Re-instate previously disabled hosts
}) return internalCertificate.enableInUseHosts(in_use_result);
.then(internalNginx.reload) })
.then(() => { .then(() => {
// 6. Re-instate previously disabled hosts return certificate;
return internalCertificate.enableInUseHosts(in_use_result); })
}) .catch((err) => {
.then(() => { // In the event of failure, revert things and throw err back
return certificate; return internalCertificate.enableInUseHosts(in_use_result)
}) .then(internalNginx.reload)
.catch((err) => { .then(() => {
// In the event of failure, revert things and throw err back throw err;
return internalNginx.deleteLetsEncryptRequestConfig(certificate) });
.then(() => { });
return internalCertificate.enableInUseHosts(in_use_result); } else {
}) // 3. Generate the LE config
.then(internalNginx.reload) return internalNginx.generateLetsEncryptRequestConfig(certificate)
.then(() => { .then(internalNginx.reload)
throw err; .then(() => {
}); // 4. Request cert
}); return internalCertificate.requestLetsEncryptSsl(certificate);
})
.then(() => {
// 5. Remove LE config
return internalNginx.deleteLetsEncryptRequestConfig(certificate);
})
.then(internalNginx.reload)
.then(() => {
// 6. Re-instate previously disabled hosts
return internalCertificate.enableInUseHosts(in_use_result);
})
.then(() => {
return certificate;
})
.catch((err) => {
// In the event of failure, revert things and throw err back
return internalNginx.deleteLetsEncryptRequestConfig(certificate)
.then(() => {
return internalCertificate.enableInUseHosts(in_use_result);
})
.then(internalNginx.reload)
.then(() => {
throw err;
});
});
}
}) })
.then(() => { .then(() => {
// At this point, the letsencrypt cert should exist on disk. // At this point, the letsencrypt cert should exist on disk.
@ -180,7 +205,7 @@ const internalCertificate = {
return certificateModel return certificateModel
.query() .query()
.patchAndFetchById(certificate.id, { .patchAndFetchById(certificate.id, {
expires_on: certificateModel.raw('FROM_UNIXTIME(' + cert_info.dates.to + ')') expires_on: moment(cert_info.dates.to, 'X').format('YYYY-MM-DD HH:mm:ss')
}) })
.then((saved_row) => { .then((saved_row) => {
// Add cert data for audit log // Add cert data for audit log
@ -191,6 +216,13 @@ const internalCertificate = {
return saved_row; return saved_row;
}); });
}); });
}).catch(async (error) => {
// Delete the certificate from the database if it was not created successfully
await certificateModel
.query()
.deleteById(certificate.id);
throw error;
}); });
} else { } else {
return certificate; return certificate;
@ -558,7 +590,7 @@ const internalCertificate = {
// TODO: This uses a mysql only raw function that won't translate to postgres // TODO: This uses a mysql only raw function that won't translate to postgres
return internalCertificate.update(access, { return internalCertificate.update(access, {
id: data.id, id: data.id,
expires_on: certificateModel.raw('FROM_UNIXTIME(' + validations.certificate.dates.to + ')'), expires_on: moment(validations.certificate.dates.to, 'X').format('YYYY-MM-DD HH:mm:ss'),
domain_names: [validations.certificate.cn], domain_names: [validations.certificate.cn],
meta: _.clone(row.meta) // Prevent the update method from changing this value that we'll use later meta: _.clone(row.meta) // Prevent the update method from changing this value that we'll use later
}) })
@ -583,18 +615,26 @@ const internalCertificate = {
checkPrivateKey: (private_key) => { checkPrivateKey: (private_key) => {
return tempWrite(private_key, '/tmp') return tempWrite(private_key, '/tmp')
.then((filepath) => { .then((filepath) => {
return utils.exec('openssl rsa -in ' + filepath + ' -check -noout') return new Promise((resolve, reject) => {
.then((result) => { const failTimeout = setTimeout(() => {
if (!result.toLowerCase().includes('key ok')) { reject(new error.ValidationError('Result Validation Error: Validation timed out. This could be due to the key being passphrase-protected.'));
throw new error.ValidationError(result); }, 10000);
} utils
.exec('openssl pkey -in ' + filepath + ' -check -noout 2>&1 ')
fs.unlinkSync(filepath); .then((result) => {
return true; clearTimeout(failTimeout);
}).catch((err) => { if (!result.toLowerCase().includes('key is valid')) {
fs.unlinkSync(filepath); reject(new error.ValidationError('Result Validation Error: ' + result));
throw new error.ValidationError('Certificate Key is not valid (' + err.message + ')', err); }
}); fs.unlinkSync(filepath);
resolve(true);
})
.catch((err) => {
clearTimeout(failTimeout);
fs.unlinkSync(filepath);
reject(new error.ValidationError('Certificate Key is not valid (' + err.message + ')', err));
});
});
}); });
}, },
@ -733,7 +773,6 @@ const internalCertificate = {
'--agree-tos ' + '--agree-tos ' +
'--email "' + certificate.meta.letsencrypt_email + '" ' + '--email "' + certificate.meta.letsencrypt_email + '" ' +
'--preferred-challenges "dns,http" ' + '--preferred-challenges "dns,http" ' +
'--webroot ' +
'--domains "' + certificate.domain_names.join(',') + '" ' + '--domains "' + certificate.domain_names.join(',') + '" ' +
(le_staging ? '--staging' : ''); (le_staging ? '--staging' : '');
@ -748,6 +787,76 @@ const internalCertificate = {
}); });
}, },
/**
* @param {Object} certificate the certificate row
* @param {String} dns_provider the dns provider name (key used in `certbot-dns-plugins.js`)
* @param {String | null} credentials the content of this providers credentials file
* @param {String} propagation_seconds the cloudflare api token
* @returns {Promise}
*/
requestLetsEncryptSslWithDnsChallenge: (certificate) => {
const dns_plugin = dns_plugins[certificate.meta.dns_provider];
if (!dns_plugin) {
throw Error(`Unknown DNS provider '${certificate.meta.dns_provider}'`);
}
logger.info(`Requesting Let'sEncrypt certificates via ${dns_plugin.display_name} for Cert #${certificate.id}: ${certificate.domain_names.join(', ')}`);
const credentials_loc = '/etc/letsencrypt/credentials/credentials-' + certificate.id;
const credentials_cmd = 'mkdir -p /etc/letsencrypt/credentials 2> /dev/null; echo \'' + certificate.meta.dns_provider_credentials.replace('\'', '\\\'') + '\' > \'' + credentials_loc + '\' && chmod 600 \'' + credentials_loc + '\'';
const prepare_cmd = 'pip3 install ' + dns_plugin.package_name + '==' + dns_plugin.package_version + ' ' + dns_plugin.dependencies;
// Whether the plugin has a --<name>-credentials argument
const has_config_arg = certificate.meta.dns_provider !== 'route53';
let main_cmd =
certbot_command + ' certonly --non-interactive ' +
'--cert-name "npm-' + certificate.id + '" ' +
'--agree-tos ' +
'--email "' + certificate.meta.letsencrypt_email + '" ' +
'--domains "' + certificate.domain_names.join(',') + '" ' +
'--authenticator ' + dns_plugin.full_plugin_name + ' ' +
(
has_config_arg
? '--' + dns_plugin.full_plugin_name + '-credentials "' + credentials_loc + '"'
: ''
) +
(
certificate.meta.propagation_seconds !== undefined
? ' --' + dns_plugin.full_plugin_name + '-propagation-seconds ' + certificate.meta.propagation_seconds
: ''
) +
(le_staging ? ' --staging' : '');
// Prepend the path to the credentials file as an environment variable
if (certificate.meta.dns_provider === 'route53') {
main_cmd = 'AWS_CONFIG_FILE=\'' + credentials_loc + '\' ' + main_cmd;
}
if (debug_mode) {
logger.info('Command:', `${credentials_cmd} && ${prepare_cmd} && ${main_cmd}`);
}
return utils.exec(credentials_cmd)
.then(() => {
return utils.exec(prepare_cmd)
.then(() => {
return utils.exec(main_cmd)
.then(async (result) => {
logger.info(result);
return result;
});
});
}).catch(async (err) => {
// Don't fail if file does not exist
const delete_credentials_cmd = `rm -f '${credentials_loc}' || true`;
await utils.exec(delete_credentials_cmd);
throw err;
});
},
/** /**
* @param {Access} access * @param {Access} access
* @param {Object} data * @param {Object} data
@ -761,7 +870,9 @@ const internalCertificate = {
}) })
.then((certificate) => { .then((certificate) => {
if (certificate.provider === 'letsencrypt') { if (certificate.provider === 'letsencrypt') {
return internalCertificate.renewLetsEncryptSsl(certificate) let renewMethod = certificate.meta.dns_challenge ? internalCertificate.renewLetsEncryptSslWithDnsChallenge : internalCertificate.renewLetsEncryptSsl;
return renewMethod(certificate)
.then(() => { .then(() => {
return internalCertificate.getCertificateInfoFromFile('/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem'); return internalCertificate.getCertificateInfoFromFile('/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem');
}) })
@ -769,7 +880,7 @@ const internalCertificate = {
return certificateModel return certificateModel
.query() .query()
.patchAndFetchById(certificate.id, { .patchAndFetchById(certificate.id, {
expires_on: certificateModel.raw('FROM_UNIXTIME(' + cert_info.dates.to + ')') expires_on: moment(cert_info.dates.to, 'X').format('YYYY-MM-DD HH:mm:ss')
}); });
}) })
.then((updated_certificate) => { .then((updated_certificate) => {
@ -815,6 +926,42 @@ const internalCertificate = {
}); });
}, },
/**
* @param {Object} certificate the certificate row
* @returns {Promise}
*/
renewLetsEncryptSslWithDnsChallenge: (certificate) => {
const dns_plugin = dns_plugins[certificate.meta.dns_provider];
if (!dns_plugin) {
throw Error(`Unknown DNS provider '${certificate.meta.dns_provider}'`);
}
logger.info(`Renewing Let'sEncrypt certificates via ${dns_plugin.display_name} for Cert #${certificate.id}: ${certificate.domain_names.join(', ')}`);
let main_cmd =
certbot_command + ' renew --non-interactive ' +
'--cert-name "npm-' + certificate.id + '" ' +
'--disable-hook-validation' +
(le_staging ? ' --staging' : '');
// Prepend the path to the credentials file as an environment variable
if (certificate.meta.dns_provider === 'route53') {
const credentials_loc = '/etc/letsencrypt/credentials/credentials-' + certificate.id;
main_cmd = 'AWS_CONFIG_FILE=\'' + credentials_loc + '\' ' + main_cmd;
}
if (debug_mode) {
logger.info('Command:', main_cmd);
}
return utils.exec(main_cmd)
.then(async (result) => {
logger.info(result);
return result;
});
},
/** /**
* @param {Object} certificate the certificate row * @param {Object} certificate the certificate row
* @param {Boolean} [throw_errors] * @param {Boolean} [throw_errors]
@ -823,21 +970,21 @@ const internalCertificate = {
revokeLetsEncryptSsl: (certificate, throw_errors) => { revokeLetsEncryptSsl: (certificate, throw_errors) => {
logger.info('Revoking Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', ')); logger.info('Revoking Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
let cmd = certbot_command + ' revoke --non-interactive ' + const main_cmd = certbot_command + ' revoke --non-interactive ' +
'--config "' + le_config + '" ' +
'--cert-path "/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem" ' + '--cert-path "/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem" ' +
'--delete-after-revoke ' + '--delete-after-revoke ' +
(le_staging ? '--staging' : ''); (le_staging ? '--staging' : '');
// Don't fail command if file does not exist
const delete_credentials_cmd = `rm -f '/etc/letsencrypt/credentials/credentials-${certificate.id}' || true`;
if (debug_mode) { if (debug_mode) {
logger.info('Command:', cmd); logger.info('Command:', main_cmd + '; ' + delete_credentials_cmd);
} }
return utils.exec(cmd) return utils.exec(main_cmd)
.then((result) => { .then(async (result) => {
if (debug_mode) { await utils.exec(delete_credentials_cmd);
logger.info('Command:', cmd);
}
logger.info(result); logger.info(result);
return result; return result;
}) })

4
backend/internal/host.js
View File

@ -106,7 +106,7 @@ const internalHost = {
response_object.total_count += response_object.redirection_hosts.length; response_object.total_count += response_object.redirection_hosts.length;
} }
if (promises_results[1]) { if (promises_results[2]) {
// Dead Hosts // Dead Hosts
response_object.dead_hosts = internalHost._getHostsWithDomains(promises_results[2], domain_names); response_object.dead_hosts = internalHost._getHostsWithDomains(promises_results[2], domain_names);
response_object.total_count += response_object.dead_hosts.length; response_object.total_count += response_object.dead_hosts.length;
@ -158,7 +158,7 @@ const internalHost = {
} }
} }
if (promises_results[1]) { if (promises_results[2]) {
// Dead Hosts // Dead Hosts
if (internalHost._checkHostnameRecordsTaken(hostname, promises_results[2], ignore_type === 'dead' && ignore_id ? ignore_id : 0)) { if (internalHost._checkHostnameRecordsTaken(hostname, promises_results[2], ignore_type === 'dead' && ignore_id ? ignore_id : 0)) {
is_taken = true; is_taken = true;

41
backend/migrations/20201014143841_pass_auth.js Normal file
View File

@ -0,0 +1,41 @@
const migrate_name = 'pass_auth';
const logger = require('../logger').migrate;
/**
* Migrate
*
* @see http://knexjs.org/#Schema
*
* @param {Object} knex
* @param {Promise} Promise
* @returns {Promise}
*/
exports.up = function (knex/*, Promise*/) {
logger.info('[' + migrate_name + '] Migrating Up...');
return knex.schema.table('access_list', function (access_list) {
access_list.integer('pass_auth').notNull().defaultTo(1);
})
.then(() => {
logger.info('[' + migrate_name + '] access_list Table altered');
});
};
/**
* Undo Migrate
*
* @param {Object} knex
* @param {Promise} Promise
* @returns {Promise}
*/
exports.down = function (knex/*, Promise*/) {
logger.info('[' + migrate_name + '] Migrating Down...');
return knex.schema.table('access_list', function (access_list) {
access_list.dropColumn('pass_auth');
})
.then(() => {
logger.info('[' + migrate_name + '] access_list pass_auth Column dropped');
});
};

4
backend/models/access_list.js
View File

@ -93,6 +93,10 @@ class AccessList extends Model {
get satisfy() { get satisfy() {
return this.satisfy_any ? 'satisfy any' : 'satisfy all'; return this.satisfy_any ? 'satisfy any' : 'satisfy all';
} }
get passauth() {
return this.pass_auth ? '' : 'proxy_set_header Authorization "";';
}
} }
module.exports = AccessList; module.exports = AccessList;

2
backend/models/now_helper.js
View File

@ -6,7 +6,7 @@ Model.knex(db);
module.exports = function () { module.exports = function () {
if (config.database.knex && config.database.knex.client === 'sqlite3') { if (config.database.knex && config.database.knex.client === 'sqlite3') {
return Model.raw('date(\'now\')'); return Model.raw('datetime(\'now\',\'localtime\')');
} else { } else {
return Model.raw('NOW()'); return Model.raw('NOW()');
} }

2
backend/package.json
View File

@ -6,7 +6,7 @@
"dependencies": { "dependencies": {
"ajv": "^6.12.0", "ajv": "^6.12.0",
"batchflow": "^0.4.0", "batchflow": "^0.4.0",
"bcrypt": "^4.0.1", "bcrypt": "^5.0.0",
"body-parser": "^1.19.0", "body-parser": "^1.19.0",
"compression": "^1.7.4", "compression": "^1.7.4",
"config": "^3.3.1", "config": "^3.3.1",

2
backend/routes/api/nginx/certificates.js
View File

@ -58,6 +58,7 @@ router
.post((req, res, next) => { .post((req, res, next) => {
apiValidator({$ref: 'endpoints/certificates#/links/1/schema'}, req.body) apiValidator({$ref: 'endpoints/certificates#/links/1/schema'}, req.body)
.then((payload) => { .then((payload) => {
req.setTimeout(900000); // 15 minutes timeout
return internalCertificate.create(res.locals.access, payload); return internalCertificate.create(res.locals.access, payload);
}) })
.then((result) => { .then((result) => {
@ -197,6 +198,7 @@ router
* Renew certificate * Renew certificate
*/ */
.post((req, res, next) => { .post((req, res, next) => {
req.setTimeout(900000); // 15 minutes timeout
internalCertificate.renew(res.locals.access, { internalCertificate.renew(res.locals.access, {
id: parseInt(req.params.certificate_id, 10) id: parseInt(req.params.certificate_id, 10)
}) })

9
backend/schema/endpoints/access-lists.json
View File

@ -42,6 +42,9 @@
"satisfy_any": { "satisfy_any": {
"type": "boolean" "type": "boolean"
}, },
"pass_auth": {
"type": "boolean"
},
"meta": { "meta": {
"type": "object" "type": "object"
} }
@ -102,6 +105,9 @@
"satisfy_any": { "satisfy_any": {
"$ref": "#/definitions/satisfy_any" "$ref": "#/definitions/satisfy_any"
}, },
"pass_auth": {
"$ref": "#/definitions/pass_auth"
},
"items": { "items": {
"type": "array", "type": "array",
"minItems": 0, "minItems": 0,
@ -167,6 +173,9 @@
"satisfy_any": { "satisfy_any": {
"$ref": "#/definitions/satisfy_any" "$ref": "#/definitions/satisfy_any"
}, },
"pass_auth": {
"$ref": "#/definitions/pass_auth"
},
"items": { "items": {
"type": "array", "type": "array",
"minItems": 0, "minItems": 0,

18
backend/schema/endpoints/certificates.json
View File

@ -41,6 +41,24 @@
}, },
"letsencrypt_agree": { "letsencrypt_agree": {
"type": "boolean" "type": "boolean"
},
"dns_challenge": {
"type": "boolean"
},
"dns_provider": {
"type": "string"
},
"dns_provider_credentials": {
"type": "string"
},
"propagation_seconds": {
"anyOf": [
{
"type": "integer",
"minimum": 0
}
]
} }
} }
} }

50
backend/setup.js
View File

@ -2,10 +2,13 @@ const fs = require('fs');
const NodeRSA = require('node-rsa'); const NodeRSA = require('node-rsa');
const config = require('config'); const config = require('config');
const logger = require('./logger').setup; const logger = require('./logger').setup;
const certificateModel = require('./models/certificate');
const userModel = require('./models/user'); const userModel = require('./models/user');
const userPermissionModel = require('./models/user_permission'); const userPermissionModel = require('./models/user_permission');
const utils = require('./lib/utils');
const authModel = require('./models/auth'); const authModel = require('./models/auth');
const settingModel = require('./models/setting'); const settingModel = require('./models/setting');
const dns_plugins = require('./global/certbot-dns-plugins');
const debug_mode = process.env.NODE_ENV !== 'production' || !!process.env.DEBUG; const debug_mode = process.env.NODE_ENV !== 'production' || !!process.env.DEBUG;
/** /**
@ -155,8 +158,53 @@ const setupDefaultSettings = () => {
}); });
}; };
/**
* Installs all Certbot plugins which are required for an installed certificate
*
* @returns {Promise}
*/
const setupCertbotPlugins = () => {
return certificateModel
.query()
.where('is_deleted', 0)
.andWhere('provider', 'letsencrypt')
.then((certificates) => {
if (certificates && certificates.length) {
let plugins = [];
let promises = [];
certificates.map(function (certificate) {
if (certificate.meta && certificate.meta.dns_challenge === true) {
const dns_plugin = dns_plugins[certificate.meta.dns_provider];
const packages_to_install = `${dns_plugin.package_name}==${dns_plugin.package_version} ${dns_plugin.dependencies}`;
if (plugins.indexOf(packages_to_install) === -1) plugins.push(packages_to_install);
// Make sure credentials file exists
const credentials_loc = '/etc/letsencrypt/credentials/credentials-' + certificate.id;
const credentials_cmd = '[ -f \'' + credentials_loc + '\' ] || { mkdir -p /etc/letsencrypt/credentials 2> /dev/null; echo \'' + certificate.meta.dns_provider_credentials.replace('\'', '\\\'') + '\' > \'' + credentials_loc + '\' && chmod 600 \'' + credentials_loc + '\'; }';
promises.push(utils.exec(credentials_cmd));
}
});
if (plugins.length) {
const install_cmd = 'pip3 install ' + plugins.join(' ');
promises.push(utils.exec(install_cmd));
}
if (promises.length) {
return Promise.all(promises)
.then(() => {
logger.info('Added Certbot plugins ' + plugins.join(', '));
});
}
}
});
};
module.exports = function () { module.exports = function () {
return setupJwt() return setupJwt()
.then(setupDefaultUser) .then(setupDefaultUser)
.then(setupDefaultSettings); .then(setupDefaultSettings)
.then(setupCertbotPlugins);
}; };

4
backend/templates/proxy_host.conf
View File

@ -27,6 +27,8 @@ server {
# Authorization # Authorization
auth_basic "Authorization required"; auth_basic "Authorization required";
auth_basic_user_file /data/access/{{ access_list_id }}; auth_basic_user_file /data/access/{{ access_list_id }};
{{ access_list.passauth }}
{% endif %} {% endif %}
# Access Rules # Access Rules
@ -35,7 +37,9 @@ server {
{% endfor %}deny all; {% endfor %}deny all;
# Access checks must... # Access checks must...
{% if access_list.satisfy %}
{{ access_list.satisfy }}; {{ access_list.satisfy }};
{% endif %}
{% endif %} {% endif %}

42
backend/yarn.lock
View File

@ -249,13 +249,13 @@ batchflow@^0.4.0:
resolved "https://registry.yarnpkg.com/batchflow/-/batchflow-0.4.0.tgz#7d419df79b6b7587b06f9ea34f96ccef6f74e5b5" resolved "https://registry.yarnpkg.com/batchflow/-/batchflow-0.4.0.tgz#7d419df79b6b7587b06f9ea34f96ccef6f74e5b5"
integrity sha1-fUGd95trdYewb56jT5bM72905bU= integrity sha1-fUGd95trdYewb56jT5bM72905bU=
bcrypt@^4.0.1: bcrypt@^5.0.0:
version "4.0.1" version "5.0.0"
resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-4.0.1.tgz#06e21e749a061020e4ff1283c1faa93187ac57fe" resolved "https://registry.yarnpkg.com/bcrypt/-/bcrypt-5.0.0.tgz#051407c7cd5ffbfb773d541ca3760ea0754e37e2"
integrity sha512-hSIZHkUxIDS5zA2o00Kf2O5RfVbQ888n54xQoF/eIaquU4uaLxK8vhhBdktd0B3n2MjkcAWzv4mnhogykBKOUQ== integrity sha512-jB0yCBl4W/kVHM2whjfyqnxTmOHkCX4kHEa5nYKSoGeYe8YrjTYTc87/6bwt1g8cmV0QrbhKriETg9jWtcREhg==
dependencies: dependencies:
node-addon-api "^2.0.0" node-addon-api "^3.0.0"
node-pre-gyp "0.14.0" node-pre-gyp "0.15.0"
bignumber.js@9.0.0: bignumber.js@9.0.0:
version "9.0.0" version "9.0.0"
@ -1548,9 +1548,9 @@ inherits@2.0.3:
integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4= integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=
ini@^1.3.4, ini@^1.3.5, ini@~1.3.0: ini@^1.3.4, ini@^1.3.5, ini@~1.3.0:
version "1.3.5" version "1.3.8"
resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927" resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c"
integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw== integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==
inquirer@^7.0.0: inquirer@^7.0.0:
version "7.3.3" version "7.3.3"
@ -2166,7 +2166,7 @@ mixin-deep@^1.2.0:
for-in "^1.0.2" for-in "^1.0.2"
is-extendable "^1.0.1" is-extendable "^1.0.1"
mkdirp@^0.5.0, mkdirp@^0.5.1: mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@^0.5.3:
version "0.5.5" version "0.5.5"
resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.5.tgz#d91cefd62d1436ca0f41620e251288d420099def" resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.5.tgz#d91cefd62d1436ca0f41620e251288d420099def"
integrity sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ== integrity sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==
@ -2235,7 +2235,7 @@ natural-compare@^1.4.0:
resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7"
integrity sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc= integrity sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=
needle@^2.2.1: needle@^2.2.1, needle@^2.5.0:
version "2.5.0" version "2.5.0"
resolved "https://registry.yarnpkg.com/needle/-/needle-2.5.0.tgz#e6fc4b3cc6c25caed7554bd613a5cf0bac8c31c0" resolved "https://registry.yarnpkg.com/needle/-/needle-2.5.0.tgz#e6fc4b3cc6c25caed7554bd613a5cf0bac8c31c0"
integrity sha512-o/qITSDR0JCyCKEQ1/1bnUXMmznxabbwi/Y4WwJElf+evwJNFNwIDMCCt5IigFVxgeGBJESLohGtIS9gEzo1fA== integrity sha512-o/qITSDR0JCyCKEQ1/1bnUXMmznxabbwi/Y4WwJElf+evwJNFNwIDMCCt5IigFVxgeGBJESLohGtIS9gEzo1fA==
@ -2254,19 +2254,19 @@ nice-try@^1.0.4:
resolved "https://registry.yarnpkg.com/nice-try/-/nice-try-1.0.5.tgz#a3378a7696ce7d223e88fc9b764bd7ef1089e366" resolved "https://registry.yarnpkg.com/nice-try/-/nice-try-1.0.5.tgz#a3378a7696ce7d223e88fc9b764bd7ef1089e366"
integrity sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ== integrity sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==
node-addon-api@^2.0.0: node-addon-api@^3.0.0:
version "2.0.2" version "3.0.0"
resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-2.0.2.tgz#432cfa82962ce494b132e9d72a15b29f71ff5d32" resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-3.0.0.tgz#812446a1001a54f71663bed188314bba07e09247"
integrity sha512-Ntyt4AIXyaLIuMHF6IOoTakB3K+RWxwtsHNRxllEoA6vPwP9o4866g6YWDLUdnucilZhmkxiHwHr11gAENw+QA== integrity sha512-sSHCgWfJ+Lui/u+0msF3oyCgvdkhxDbkCS6Q8uiJquzOimkJBvX6hl5aSSA7DR1XbMpdM8r7phjcF63sF4rkKg==
node-pre-gyp@0.14.0: node-pre-gyp@0.15.0:
version "0.14.0" version "0.15.0"
resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.14.0.tgz#9a0596533b877289bcad4e143982ca3d904ddc83" resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.15.0.tgz#c2fc383276b74c7ffa842925241553e8b40f1087"
integrity sha512-+CvDC7ZttU/sSt9rFjix/P05iS43qHCOOGzcr3Ry99bXG7VX953+vFyEuph/tfqoYu8dttBkE86JSKBO2OzcxA== integrity sha512-7QcZa8/fpaU/BKenjcaeFF9hLz2+7S9AqyXFhlH/rilsQ/hPZKK32RtR5EQHJElgu+q5RfbJ34KriI79UWaorA==
dependencies: dependencies:
detect-libc "^1.0.2" detect-libc "^1.0.2"
mkdirp "^0.5.1" mkdirp "^0.5.3"
needle "^2.2.1" needle "^2.5.0"
nopt "^4.0.1" nopt "^4.0.1"
npm-packlist "^1.1.6" npm-packlist "^1.1.6"
npmlog "^4.0.2" npmlog "^4.0.2"

4
docker/Dockerfile
View File

@ -17,7 +17,8 @@ ENV NODE_ENV=production
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apk update \ && apk update \
&& apk add python2 certbot jq \ && apk add python3 certbot jq \
&& python3 -m ensurepip \
&& rm -rf /var/cache/apk/* && rm -rf /var/cache/apk/*
ENV NPM_BUILD_VERSION="${BUILD_VERSION}" NPM_BUILD_COMMIT="${BUILD_COMMIT}" NPM_BUILD_DATE="${BUILD_DATE}" ENV NPM_BUILD_VERSION="${BUILD_VERSION}" NPM_BUILD_COMMIT="${BUILD_COMMIT}" NPM_BUILD_DATE="${BUILD_DATE}"
@ -33,6 +34,7 @@ EXPOSE 443
COPY docker/rootfs / COPY docker/rootfs /
ADD backend /app ADD backend /app
ADD frontend/dist /app/frontend ADD frontend/dist /app/frontend
COPY global /app/global
WORKDIR /app WORKDIR /app
RUN yarn install RUN yarn install

3
docker/dev/Dockerfile
View File

@ -7,7 +7,8 @@ ENV S6_FIX_ATTRS_HIDDEN=1
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apk update \ && apk update \
&& apk add python2 certbot jq \ && apk add python3 certbot jq \
&& python3 -m ensurepip \
&& rm -rf /var/cache/apk/* && rm -rf /var/cache/apk/*
# Task # Task

24
docker/docker-compose.ci.yml
View File

@ -5,11 +5,15 @@ services:
fullstack-mysql: fullstack-mysql:
image: ${IMAGE}:ci-${BUILD_NUMBER} image: ${IMAGE}:ci-${BUILD_NUMBER}
environment: environment:
- NODE_ENV=development NODE_ENV: "development"
- FORCE_COLOR=1 FORCE_COLOR: 1
DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "npm"
DB_MYSQL_PASSWORD: "npm"
DB_MYSQL_NAME: "npm"
volumes: volumes:
- npm_data:/data - npm_data:/data
- ../.jenkins/config-mysql.json:/app/config/development.json
expose: expose:
- 81 - 81
- 80 - 80
@ -20,11 +24,11 @@ services:
fullstack-sqlite: fullstack-sqlite:
image: ${IMAGE}:ci-${BUILD_NUMBER} image: ${IMAGE}:ci-${BUILD_NUMBER}
environment: environment:
- NODE_ENV=development NODE_ENV: "development"
- FORCE_COLOR=1 FORCE_COLOR: 1
DB_SQLITE_FILE: "/data/database.sqlite"
volumes: volumes:
- npm_data:/data - npm_data:/data
- ../.jenkins/config-sqlite.json:/app/config/development.json
expose: expose:
- 81 - 81
- 80 - 80
@ -43,8 +47,8 @@ services:
cypress-mysql: cypress-mysql:
image: ${IMAGE}-cypress:ci-${BUILD_NUMBER} image: ${IMAGE}-cypress:ci-${BUILD_NUMBER}
build: build:
context: ../ context: ../test/
dockerfile: test/cypress/Dockerfile dockerfile: cypress/Dockerfile
environment: environment:
CYPRESS_baseUrl: "http://fullstack-mysql:81" CYPRESS_baseUrl: "http://fullstack-mysql:81"
volumes: volumes:
@ -54,8 +58,8 @@ services:
cypress-sqlite: cypress-sqlite:
image: ${IMAGE}-cypress:ci-${BUILD_NUMBER} image: ${IMAGE}-cypress:ci-${BUILD_NUMBER}
build: build:
context: ../ context: ../test/
dockerfile: test/cypress/Dockerfile dockerfile: cypress/Dockerfile
environment: environment:
CYPRESS_baseUrl: "http://fullstack-sqlite:81" CYPRESS_baseUrl: "http://fullstack-sqlite:81"
volumes: volumes:

27
docker/docker-compose.dev.yml
View File

@ -11,21 +11,33 @@ services:
- 3080:80 - 3080:80
- 3081:81 - 3081:81
- 3443:443 - 3443:443
networks:
- nginx_proxy_manager
environment: environment:
- NODE_ENV=development NODE_ENV: "development"
- FORCE_COLOR=1 FORCE_COLOR: 1
- DEVELOPMENT=true DEVELOPMENT: "true"
#- DISABLE_IPV6=true DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "npm"
DB_MYSQL_PASSWORD: "npm"
DB_MYSQL_NAME: "npm"
# DB_SQLITE_FILE: "/data/database.sqlite"
# DISABLE_IPV6: "true"
volumes: volumes:
- npm_data:/data - npm_data:/data
- le_data:/etc/letsencrypt - le_data:/etc/letsencrypt
- ..:/app - ../backend:/app
- ../frontend:/app/frontend
- ../global:/app/global
depends_on: depends_on:
- db - db
working_dir: /app working_dir: /app
db: db:
image: jc21/mariadb-aria image: jc21/mariadb-aria
networks:
- nginx_proxy_manager
environment: environment:
MYSQL_ROOT_PASSWORD: "npm" MYSQL_ROOT_PASSWORD: "npm"
MYSQL_DATABASE: "npm" MYSQL_DATABASE: "npm"
@ -38,6 +50,8 @@ services:
image: 'swaggerapi/swagger-ui:latest' image: 'swaggerapi/swagger-ui:latest'
ports: ports:
- 3001:80 - 3001:80
networks:
- nginx_proxy_manager
environment: environment:
URL: "http://127.0.0.1:3081/api/schema" URL: "http://127.0.0.1:3081/api/schema"
PORT: '80' PORT: '80'
@ -48,3 +62,6 @@ volumes:
npm_data: npm_data:
le_data: le_data:
db_data: db_data:
networks:
nginx_proxy_manager:

3
docker/rootfs/etc/nginx/conf.d/dev.conf
View File

@ -17,6 +17,9 @@ server {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://127.0.0.1:3000/; proxy_pass http://127.0.0.1:3000/;
proxy_read_timeout 15m;
proxy_send_timeout 15m;
} }
location / { location / {

198
docker/rootfs/etc/nginx/conf.d/include/ip_ranges.conf
View File

@ -1,196 +1,2 @@
# This should be left blank is it is populated programatically
set_real_ip_from 144.220.0.0/16; # by the application backend.
set_real_ip_from 52.124.128.0/17;
set_real_ip_from 54.230.0.0/16;
set_real_ip_from 54.239.128.0/18;
set_real_ip_from 52.82.128.0/19;
set_real_ip_from 99.84.0.0/16;
set_real_ip_from 204.246.172.0/24;
set_real_ip_from 205.251.192.0/19;
set_real_ip_from 54.239.192.0/19;
set_real_ip_from 70.132.0.0/18;
set_real_ip_from 13.32.0.0/15;
set_real_ip_from 13.224.0.0/14;
set_real_ip_from 13.35.0.0/16;
set_real_ip_from 204.246.164.0/22;
set_real_ip_from 204.246.168.0/22;
set_real_ip_from 71.152.0.0/17;
set_real_ip_from 216.137.32.0/19;
set_real_ip_from 205.251.249.0/24;
set_real_ip_from 99.86.0.0/16;
set_real_ip_from 52.46.0.0/18;
set_real_ip_from 52.84.0.0/15;
set_real_ip_from 204.246.173.0/24;
set_real_ip_from 130.176.0.0/16;
set_real_ip_from 64.252.64.0/18;
set_real_ip_from 204.246.174.0/23;
set_real_ip_from 64.252.128.0/18;
set_real_ip_from 205.251.254.0/24;
set_real_ip_from 143.204.0.0/16;
set_real_ip_from 205.251.252.0/23;
set_real_ip_from 204.246.176.0/20;
set_real_ip_from 13.249.0.0/16;
set_real_ip_from 54.240.128.0/18;
set_real_ip_from 205.251.250.0/23;
set_real_ip_from 52.222.128.0/17;
set_real_ip_from 54.182.0.0/16;
set_real_ip_from 54.192.0.0/16;
set_real_ip_from 13.124.199.0/24;
set_real_ip_from 34.226.14.0/24;
set_real_ip_from 52.15.127.128/26;
set_real_ip_from 35.158.136.0/24;
set_real_ip_from 52.57.254.0/24;
set_real_ip_from 18.216.170.128/25;
set_real_ip_from 13.52.204.0/23;
set_real_ip_from 13.54.63.128/26;
set_real_ip_from 13.59.250.0/26;
set_real_ip_from 13.210.67.128/26;
set_real_ip_from 35.167.191.128/26;
set_real_ip_from 52.47.139.0/24;
set_real_ip_from 52.199.127.192/26;
set_real_ip_from 52.212.248.0/26;
set_real_ip_from 52.66.194.128/26;
set_real_ip_from 13.113.203.0/24;
set_real_ip_from 99.79.168.0/23;
set_real_ip_from 34.195.252.0/24;
set_real_ip_from 35.162.63.192/26;
set_real_ip_from 34.223.12.224/27;
set_real_ip_from 52.56.127.0/25;
set_real_ip_from 34.223.80.192/26;
set_real_ip_from 13.228.69.0/24;
set_real_ip_from 34.216.51.0/25;
set_real_ip_from 3.231.2.0/25;
set_real_ip_from 54.233.255.128/26;
set_real_ip_from 18.200.212.0/23;
set_real_ip_from 52.52.191.128/26;
set_real_ip_from 3.234.232.224/27;
set_real_ip_from 52.78.247.128/26;
set_real_ip_from 52.220.191.0/26;
set_real_ip_from 34.232.163.208/29;
set_real_ip_from 2600:9000:eee::/48;
set_real_ip_from 2600:9000:4000::/36;
set_real_ip_from 2600:9000:3000::/36;
set_real_ip_from 2600:9000:f000::/36;
set_real_ip_from 2600:9000:fff::/48;
set_real_ip_from 2600:9000:2000::/36;
set_real_ip_from 2600:9000:1000::/36;
set_real_ip_from 2600:9000:ddd::/48;
set_real_ip_from 2600:9000:5300::/40;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2a06:98c0::/29;
set_real_ip_from 2c0f:f248::/32;

2
docker/rootfs/etc/nginx/conf.d/include/proxy.conf
View File

@ -3,4 +3,6 @@ proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme; proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass $forward_scheme://$server:$port; proxy_pass $forward_scheme://$server:$port;

3
docker/rootfs/etc/nginx/conf.d/production.conf
View File

@ -18,6 +18,9 @@ server {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://127.0.0.1:3000/; proxy_pass http://127.0.0.1:3000/;
proxy_read_timeout 15m;
proxy_send_timeout 15m;
} }
location / { location / {

14
docker/rootfs/etc/nginx/nginx.conf
View File

@ -27,9 +27,9 @@ http {
tcp_nodelay on; tcp_nodelay on;
client_body_temp_path /tmp/nginx/body 1 2; client_body_temp_path /tmp/nginx/body 1 2;
keepalive_timeout 90s; keepalive_timeout 90s;
proxy_connect_timeout 90s; proxy_connect_timeout 90s;
proxy_send_timeout 90s; proxy_send_timeout 90s;
proxy_read_timeout 90s; proxy_read_timeout 90s;
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
gzip on; gzip on;
proxy_ignore_client_abort off; proxy_ignore_client_abort off;
@ -60,10 +60,13 @@ http {
# Real IP Determination # Real IP Determination
# Docker subnet: # Docker subnet:
set_real_ip_from 172.0.0.0/8; set_real_ip_from 172.0.0.0/8;
# Local subnets:
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 192.0.0.0/8;
# NPM generated CDN ip ranges: # NPM generated CDN ip ranges:
include conf.d/include/ip_ranges.conf; include conf.d/include/ip_ranges.conf;
# always put the following 2 lines after ip subnets: # always put the following 2 lines after ip subnets:
real_ip_header X-Forwarded-For; real_ip_header X-Real-IP;
real_ip_recursive on; real_ip_recursive on;
# Files generated by NPM # Files generated by NPM
@ -81,6 +84,9 @@ http {
stream { stream {
# Files generated by NPM # Files generated by NPM
include /data/nginx/stream/*.conf; include /data/nginx/stream/*.conf;
# Custom
include /data/nginx/custom/stream[.]conf;
} }
# Custom # Custom

2
docker/rootfs/etc/services.d/manager/run
View File

@ -5,7 +5,7 @@ mkdir -p /data/letsencrypt-acme-challenge
cd /app || echo cd /app || echo
if [ "$DEVELOPMENT" == "true" ]; then if [ "$DEVELOPMENT" == "true" ]; then
cd /app/backend || exit 1 cd /app || exit 1
yarn install yarn install
node --max_old_space_size=250 --abort_on_uncaught_exception node_modules/nodemon/bin/nodemon.js node --max_old_space_size=250 --abort_on_uncaught_exception node_modules/nodemon/bin/nodemon.js
else else

27
docs/README.md
View File

@ -45,21 +45,7 @@ footer: MIT Licensed | Copyright © 2016-present jc21.com
- [Docker Install documentation](https://docs.docker.com/install/) - [Docker Install documentation](https://docs.docker.com/install/)
- [Docker-Compose Install documentation](https://docs.docker.com/compose/install/) - [Docker-Compose Install documentation](https://docs.docker.com/compose/install/)
2. Create a config file for example 2. Create a docker-compose.yml file similar to this:
```json
{
"database": {
"engine": "mysql",
"host": "db",
"name": "npm",
"user": "npm",
"password": "npm",
"port": 3306
}
}
```
3. Create a docker-compose.yml file similar to this:
```yml ```yml
version: '3' version: '3'
@ -70,8 +56,13 @@ services:
- '80:80' - '80:80'
- '81:81' - '81:81'
- '443:443' - '443:443'
environment:
DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "npm"
DB_MYSQL_PASSWORD: "npm"
DB_MYSQL_NAME: "npm"
volumes: volumes:
- ./config.json:/app/config/production.json
- ./data:/data - ./data:/data
- ./letsencrypt:/etc/letsencrypt - ./letsencrypt:/etc/letsencrypt
db: db:
@ -85,13 +76,13 @@ services:
- ./data/mysql:/var/lib/mysql - ./data/mysql:/var/lib/mysql
``` ```
4. Bring up your stack 3. Bring up your stack
```bash ```bash
docker-compose up -d docker-compose up -d
``` ```
5. Log in to the Admin UI 4. Log in to the Admin UI
When your docker container is running, connect to it on port `81` for the admin interface. When your docker container is running, connect to it on port `81` for the admin interface.
Sometimes this can take a little bit because of the entropy of keys. Sometimes this can take a little bit because of the entropy of keys.

1
docs/advanced-config/README.md
View File

@ -24,6 +24,7 @@ You can add your custom configuration snippet files at `/data/nginx/custom` as f
- `/data/nginx/custom/root.conf`: Included at the very end of nginx.conf - `/data/nginx/custom/root.conf`: Included at the very end of nginx.conf
- `/data/nginx/custom/http.conf`: Included at the end of the main http block - `/data/nginx/custom/http.conf`: Included at the end of the main http block
- `/data/nginx/custom/stream.conf`: Included at the end of the main stream block
- `/data/nginx/custom/server_proxy.conf`: Included at the end of every proxy server block - `/data/nginx/custom/server_proxy.conf`: Included at the end of every proxy server block
- `/data/nginx/custom/server_redirect.conf`: Included at the end of every redirection server block - `/data/nginx/custom/server_redirect.conf`: Included at the end of every redirection server block
- `/data/nginx/custom/server_stream.conf`: Included at the end of every stream server block - `/data/nginx/custom/server_stream.conf`: Included at the end of every stream server block

2
docs/package.json
View File

@ -434,7 +434,7 @@
"neo-async": "^2.6.2", "neo-async": "^2.6.2",
"nice-try": "^2.0.1", "nice-try": "^2.0.1",
"no-case": "^3.0.3", "no-case": "^3.0.3",
"node-forge": "^0.9.1", "node-forge": "^0.10.0",
"node-libs-browser": "^2.2.1", "node-libs-browser": "^2.2.1",
"node-releases": "^1.1.60", "node-releases": "^1.1.60",
"nopt": "^4.0.3", "nopt": "^4.0.3",

109
docs/setup/README.md
View File

@ -1,50 +1,5 @@
# Full Setup Instructions # Full Setup Instructions
### Configuration File
**The configuration file needs to be provided by you!**
Don't worry, this is easy to do.
The app requires a configuration file to let it know what database you're using. By default, this file is called `config.json`
Here's an example configuration for `mysql` (or mariadb) that is compatible with the docker-compose example below:
```json
{
"database": {
"engine": "mysql",
"host": "db",
"name": "npm",
"user": "npm",
"password": "npm",
"port": 3306
}
}
```
Alternatively if you would like to use a Sqlite database file:
```json
{
"database": {
"engine": "knex-native",
"knex": {
"client": "sqlite3",
"connection": {
"filename": "/data/database.sqlite"
}
}
}
}
```
Once you've created your configuration file it's easy to mount it in the docker container.
**Note:** After the first run of the application, the config file will be altered to include generated encryption keys unique to your installation. These keys
affect the login and session management of the application. If these keys change for any reason, all users will be logged out.
### MySQL Database ### MySQL Database
If you opt for the MySQL configuration you will have to provide the database server yourself. You can also use MariaDB. Here are the minimum supported versions: If you opt for the MySQL configuration you will have to provide the database server yourself. You can also use MariaDB. Here are the minimum supported versions:
@ -61,7 +16,6 @@ When using a `mariadb` database, the NPM configuration file should still use the
::: :::
### Running the App ### Running the App
Via `docker-compose`: Via `docker-compose`:
@ -70,7 +24,7 @@ Via `docker-compose`:
version: "3" version: "3"
services: services:
app: app:
image: jc21/nginx-proxy-manager:2 image: 'jc21/nginx-proxy-manager:latest'
restart: always restart: always
ports: ports:
# Public HTTP Port: # Public HTTP Port:
@ -80,11 +34,18 @@ services:
# Admin Web Port: # Admin Web Port:
- '81:81' - '81:81'
environment: environment:
# These are the settings to access your db
DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "npm"
DB_MYSQL_PASSWORD: "npm"
DB_MYSQL_NAME: "npm"
# If you would rather use Sqlite uncomment this
# and remove all DB_MYSQL_* lines above
# DB_SQLITE_FILE: "/data/database.sqlite"
# Uncomment this if IPv6 is not enabled on your host # Uncomment this if IPv6 is not enabled on your host
# DISABLE_IPV6: 'true' # DISABLE_IPV6: 'true'
volumes: volumes:
# Make sure this config.json file exists as per instructions above:
- ./config.json:/app/config/production.json
- ./data:/data - ./data:/data
- ./letsencrypt:/etc/letsencrypt - ./letsencrypt:/etc/letsencrypt
depends_on: depends_on:
@ -101,14 +62,14 @@ services:
- ./data/mysql:/var/lib/mysql - ./data/mysql:/var/lib/mysql
``` ```
_Please note, that `DB_MYSQL_*` environment variables will take precedent over `DB_SQLITE_*` variables. So if you keep the MySQL variables, you will not be able to use Sqlite._
Then: Then:
```bash ```bash
docker-compose up -d docker-compose up -d
``` ```
The config file (config.json) must be present in this directory.
### Running on Raspberry PI / ARM devices ### Running on Raspberry PI / ARM devices
The docker images support the following architectures: The docker images support the following architectures:
@ -146,3 +107,49 @@ Password: changeme
``` ```
Immediately after logging in with this default user you will be asked to modify your details and change your password. Immediately after logging in with this default user you will be asked to modify your details and change your password.
### Configuration File
::: warning
This section is meant for advanced users
:::
If you would like more control over the database settings you can define a custom config JSON file.
Here's an example for `sqlite` configuration as it is generated from the environment variables:
```json
{
"database": {
"engine": "knex-native",
"knex": {
"client": "sqlite3",
"connection": {
"filename": "/data/database.sqlite"
}
}
}
}
```
You can modify the `knex` object with your custom configuration, but note that not all knex clients might be installed in the image.
Once you've created your configuration file you can mount it to `/app/config/production.json` inside you container using:
```
[...]
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
[...]
volumes:
- ./config.json:/app/config/production.json
[...]
[...]
```
**Note:** After the first run of the application, the config file will be altered to include generated encryption keys unique to your installation.
These keys affect the login and session management of the application. If these keys change for any reason, all users will be logged out.

20
docs/yarn.lock
View File

@ -5125,9 +5125,9 @@ inherits@2.0.3:
integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4= integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=
ini@^1.3.5, ini@~1.3.0: ini@^1.3.5, ini@~1.3.0:
version "1.3.5" version "1.3.8"
resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927" resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c"
integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw== integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==
internal-ip@^4.3.0: internal-ip@^4.3.0:
version "4.3.0" version "4.3.0"
@ -6584,10 +6584,10 @@ node-forge@0.9.0:
resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.9.0.tgz#d624050edbb44874adca12bb9a52ec63cb782579" resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.9.0.tgz#d624050edbb44874adca12bb9a52ec63cb782579"
integrity sha512-7ASaDa3pD+lJ3WvXFsxekJQelBKRpne+GOVbLbtHYdd7pFspyeuJHnWfLplGf3SwKGbfs/aYl5V/JCIaHVUKKQ== integrity sha512-7ASaDa3pD+lJ3WvXFsxekJQelBKRpne+GOVbLbtHYdd7pFspyeuJHnWfLplGf3SwKGbfs/aYl5V/JCIaHVUKKQ==
node-forge@^0.9.1: node-forge@^0.10.0:
version "0.9.1" version "0.10.0"
resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.9.1.tgz#775368e6846558ab6676858a4d8c6e8d16c677b5" resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.10.0.tgz#32dea2afb3e9926f02ee5ce8794902691a676bf3"
integrity sha512-G6RlQt5Sb4GMBzXvhfkeFmbqR6MzhtnT7VTHuLadjkii3rdYHNdw0m8zA4BTxVIh68FicCQ2NSUANpsqkr9jvQ== integrity sha512-PPmu8eEeG9saEUvI97fm4OYxXVB6bFvyNTyiUOBichBpFG8A1Ljw3bY62+5oOjDEMHRnd0Y7HQ+x7uzxOzC6JA==
node-libs-browser@^2.2.1: node-libs-browser@^2.2.1:
version "2.2.1" version "2.2.1"
@ -7679,9 +7679,9 @@ pretty-time@^1.1.0:
integrity sha512-28iF6xPQrP8Oa6uxE6a1biz+lWeTOAPKggvjB8HAs6nVMKZwf5bG++632Dx614hIWgUPkgivRfG+a8uAXGTIbA== integrity sha512-28iF6xPQrP8Oa6uxE6a1biz+lWeTOAPKggvjB8HAs6nVMKZwf5bG++632Dx614hIWgUPkgivRfG+a8uAXGTIbA==
prismjs@^1.13.0, prismjs@^1.20.0: prismjs@^1.13.0, prismjs@^1.20.0:
version "1.20.0" version "1.21.0"
resolved "https://registry.yarnpkg.com/prismjs/-/prismjs-1.20.0.tgz#9b685fc480a3514ee7198eac6a3bf5024319ff03" resolved "https://registry.yarnpkg.com/prismjs/-/prismjs-1.21.0.tgz#36c086ec36b45319ec4218ee164c110f9fc015a3"
integrity sha512-AEDjSrVNkynnw6A+B1DsFkd6AVdTnp+/WoUixFRULlCLZVRZlVQMVWio/16jv7G1FscUxQxOQhWwApgbnxr6kQ== integrity sha512-uGdSIu1nk3kej2iZsLyDoJ7e9bnPzIgY0naW/HdknGj61zScaprVEVGHrPoXqI+M9sP0NDnTK2jpkvmldpuqDw==
optionalDependencies: optionalDependencies:
clipboard "^2.0.0" clipboard "^2.0.0"

16
frontend/js/app/api.js
View File

@ -53,7 +53,7 @@ function fetch(verb, path, data, options) {
contentType: options.contentType || 'application/json; charset=UTF-8', contentType: options.contentType || 'application/json; charset=UTF-8',
processData: options.processData || true, processData: options.processData || true,
crossDomain: true, crossDomain: true,
timeout: options.timeout ? options.timeout : 30000, timeout: options.timeout ? options.timeout : 180000,
xhrFields: { xhrFields: {
withCredentials: true withCredentials: true
}, },
@ -139,7 +139,11 @@ function FileUpload(path, fd) {
xhr.onreadystatechange = function () { xhr.onreadystatechange = function () {
if (this.readyState === XMLHttpRequest.DONE) { if (this.readyState === XMLHttpRequest.DONE) {
if (xhr.status !== 200 && xhr.status !== 201) { if (xhr.status !== 200 && xhr.status !== 201) {
reject(new Error('Upload failed: ' + xhr.status)); try {
reject(new Error('Upload failed: ' + JSON.parse(xhr.responseText).error.message));
} catch (err) {
reject(new Error('Upload failed: ' + xhr.status));
}
} else { } else {
resolve(xhr.responseText); resolve(xhr.responseText);
} }
@ -587,7 +591,9 @@ module.exports = {
* @param {Object} data * @param {Object} data
*/ */
create: function (data) { create: function (data) {
return fetch('post', 'nginx/certificates', data);
const timeout = 180000 + (data && data.meta && data.meta.propagation_seconds ? Number(data.meta.propagation_seconds) * 1000 : 0);
return fetch('post', 'nginx/certificates', data, {timeout});
}, },
/** /**
@ -630,8 +636,8 @@ module.exports = {
* @param {Number} id * @param {Number} id
* @returns {Promise} * @returns {Promise}
*/ */
renew: function (id) { renew: function (id, timeout = 180000) {
return fetch('post', 'nginx/certificates/' + id + '/renew'); return fetch('post', 'nginx/certificates/' + id + '/renew', undefined, {timeout});
} }
} }
}, },

10
frontend/js/app/nginx/access/form.ejs
View File

@ -31,6 +31,16 @@
</label> </label>
</div> </div>
</div> </div>
<div class="col-sm-6 col-md-6">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="pass_auth" value="1"<%- typeof pass_auth !== 'undefined' && pass_auth ? ' checked' : '' %>>
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%- i18n('access-lists', 'pass-auth') %></span>
</label>
</div>
</div>
</div> </div>
</div> </div>

1
frontend/js/app/nginx/access/form.js
View File

@ -73,6 +73,7 @@ module.exports = Mn.View.extend({
let data = { let data = {
name: form_data.name, name: form_data.name,
satisfy_any: !!form_data.satisfy_any, satisfy_any: !!form_data.satisfy_any,
pass_auth: !!form_data.pass_auth,
items: items_data, items: items_data,
clients: clients_data clients: clients_data
}; };

3
frontend/js/app/nginx/certificates/delete.js
View File

@ -16,6 +16,8 @@ module.exports = Mn.View.extend({
events: { events: {
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
this.ui.save.addClass('btn-loading');
this.ui.buttons.prop('disabled', true).addClass('btn-disabled');
App.Api.Nginx.Certificates.delete(this.model.get('id')) App.Api.Nginx.Certificates.delete(this.model.get('id'))
.then(() => { .then(() => {
@ -25,6 +27,7 @@ module.exports = Mn.View.extend({
.catch(err => { .catch(err => {
alert(err.message); alert(err.message);
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading');
}); });
} }
} }

113
frontend/js/app/nginx/certificates/form.ejs
View File

@ -1,10 +1,15 @@
<div class="modal-content"> <div class="modal-content">
<div class="modal-header"> <div class="modal-header">
<h5 class="modal-title"><%- i18n('certificates', 'form-title', {provider: provider}) %></h5> <h5 class="modal-title"><%- i18n('certificates', 'form-title', {provider: provider}) %></h5>
<button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button> <button type="button" class="close cancel non-loader-content" aria-label="Close" data-dismiss="modal">&nbsp;</button>
</div> </div>
<div class="modal-body"> <div class="modal-body">
<form> <div class="alert alert-danger mb-0 rounded-0" id="le-error-info" role="alert"></div>
<div class="text-center loader-content">
<div class="loader mx-auto my-6"></div>
<p><%- i18n('ssl', 'processing-info') %></p>
</div>
<form class="non-loader-content">
<div class="row"> <div class="row">
<% if (provider === 'letsencrypt') { %> <% if (provider === 'letsencrypt') { %>
<div class="col-sm-12 col-md-12"> <div class="col-sm-12 col-md-12">
@ -20,6 +25,99 @@
<input name="meta[letsencrypt_email]" type="email" class="form-control" placeholder="" value="<%- getLetsencryptEmail() %>" required> <input name="meta[letsencrypt_email]" type="email" class="form-control" placeholder="" value="<%- getLetsencryptEmail() %>" required>
</div> </div>
</div> </div>
<!-- DNS challenge -->
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="custom-switch">
<input
type="checkbox"
class="custom-switch-input"
name="meta[dns_challenge]"
value="1"
<%- getUseDnsChallenge() ? 'checked' : '' %>
>
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'dns-challenge') %></span>
</label>
</div>
</div>
<div class="col-sm-12 col-md-12">
<fieldset class="form-fieldset dns-challenge">
<div class="text-red mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'certbot-warning') %></div>
<!-- Certbot DNS plugin selection -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'dns-provider') %> <span class="form-required">*</span></label>
<select
name="meta[dns_provider]"
id="dns_provider"
class="form-control custom-select"
>
<option
value=""
disabled
hidden
<%- getDnsProvider() === null ? 'selected' : '' %>
>Please Choose...</option>
<% _.each(dns_plugins, function(plugin_info, plugin_name){ %>
<option
value="<%- plugin_name %>"
<%- getDnsProvider() === plugin_name ? 'selected' : '' %>
><%- plugin_info.display_name %></option>
<% }); %>
</select>
</div>
</div>
</div>
<!-- Certbot credentials file content -->
<div class="row credentials-file-content">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'credentials-file-content') %> <span class="form-required">*</span></label>
<textarea
name="meta[dns_provider_credentials]"
class="form-control text-monospace"
id="dns_provider_credentials"
><%- getDnsProviderCredentials() %></textarea>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'credentials-file-content-info') %>
</div>
<div class="text-red small">
<i class="fe fe-alert-triangle"></i>
<%= i18n('ssl', 'stored-as-plaintext-info') %>
</div>
</div>
</div>
</div>
<!-- DNS propagation delay -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group mb-0">
<label class="form-label"><%- i18n('ssl', 'propagation-seconds') %></label>
<input
type="number"
min="0"
name="meta[propagation_seconds]"
class="form-control"
id="propagation_seconds"
value="<%- getPropagationSeconds() %>"
>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'propagation-seconds-info') %>
</div>
</div>
</div>
</div>
</fieldset>
</div>
<div class="col-sm-12 col-md-12"> <div class="col-sm-12 col-md-12">
<div class="form-group"> <div class="form-group">
<label class="custom-switch"> <label class="custom-switch">
@ -31,6 +129,9 @@
</div> </div>
<% } else if (provider === 'other') { %> <% } else if (provider === 'other') { %>
<!-- Other --> <!-- Other -->
<div class="col-sm-12 col-md-12">
<div class="text-blue mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'passphrase-protection-support-info') %></div>
</div>
<div class="col-sm-12 col-md-12"> <div class="col-sm-12 col-md-12">
<div class="form-group"> <div class="form-group">
<label class="form-label"><%- i18n('str', 'name') %> <span class="form-required">*</span></label> <label class="form-label"><%- i18n('str', 'name') %> <span class="form-required">*</span></label>
@ -42,7 +143,7 @@
<div class="form-label"><%- i18n('certificates', 'other-certificate-key') %><span class="form-required">*</span></div> <div class="form-label"><%- i18n('certificates', 'other-certificate-key') %><span class="form-required">*</span></div>
<div class="custom-file"> <div class="custom-file">
<input type="file" class="custom-file-input" name="meta[other_certificate_key]" id="other_certificate_key" required> <input type="file" class="custom-file-input" name="meta[other_certificate_key]" id="other_certificate_key" required>
<label class="custom-file-label"><%- i18n('str', 'choose-file') %></label> <label id="other_certificate_key_label" class="custom-file-label"><%- i18n('str', 'choose-file') %></label>
</div> </div>
</div> </div>
</div> </div>
@ -51,7 +152,7 @@
<div class="form-label"><%- i18n('certificates', 'other-certificate') %><span class="form-required">*</span></div> <div class="form-label"><%- i18n('certificates', 'other-certificate') %><span class="form-required">*</span></div>
<div class="custom-file"> <div class="custom-file">
<input type="file" class="custom-file-input" name="meta[other_certificate]" id="other_certificate"> <input type="file" class="custom-file-input" name="meta[other_certificate]" id="other_certificate">
<label class="custom-file-label"><%- i18n('str', 'choose-file') %></label> <label id="other_certificate_label" class="custom-file-label"><%- i18n('str', 'choose-file') %></label>
</div> </div>
</div> </div>
</div> </div>
@ -60,7 +161,7 @@
<div class="form-label"><%- i18n('certificates', 'other-intermediate-certificate') %></div> <div class="form-label"><%- i18n('certificates', 'other-intermediate-certificate') %></div>
<div class="custom-file"> <div class="custom-file">
<input type="file" class="custom-file-input" name="meta[other_intermediate_certificate]" id="other_intermediate_certificate"> <input type="file" class="custom-file-input" name="meta[other_intermediate_certificate]" id="other_intermediate_certificate">
<label class="custom-file-label"><%- i18n('str', 'choose-file') %></label> <label id="other_intermediate_certificate_label" class="custom-file-label"><%- i18n('str', 'choose-file') %></label>
</div> </div>
</div> </div>
</div> </div>
@ -69,7 +170,7 @@
</div> </div>
</form> </form>
</div> </div>
<div class="modal-footer"> <div class="modal-footer non-loader-content">
<button type="button" class="btn btn-secondary cancel" data-dismiss="modal"><%- i18n('str', 'cancel') %></button> <button type="button" class="btn btn-secondary cancel" data-dismiss="modal"><%- i18n('str', 'cancel') %></button>
<button type="button" class="btn btn-teal save"><%- i18n('str', 'save') %></button> <button type="button" class="btn btn-teal save"><%- i18n('str', 'save') %></button>
</div> </div>

172
frontend/js/app/nginx/certificates/form.js
View File

@ -3,6 +3,8 @@ const Mn = require('backbone.marionette');
const App = require('../../main'); const App = require('../../main');
const CertificateModel = require('../../../models/certificate'); const CertificateModel = require('../../../models/certificate');
const template = require('./form.ejs'); const template = require('./form.ejs');
const i18n = require('../../i18n');
const dns_providers = require('../../../../../global/certbot-dns-plugins');
require('jquery-serializejson'); require('jquery-serializejson');
require('selectize'); require('selectize');
@ -13,42 +15,105 @@ module.exports = Mn.View.extend({
max_file_size: 102400, max_file_size: 102400,
ui: { ui: {
form: 'form', form: 'form',
domain_names: 'input[name="domain_names"]', loader_content: '.loader-content',
buttons: '.modal-footer button', non_loader_content: '.non-loader-content',
cancel: 'button.cancel', le_error_info: '#le-error-info',
save: 'button.save', domain_names: 'input[name="domain_names"]',
other_certificate: '#other_certificate', buttons: '.modal-footer button',
other_certificate_key: '#other_certificate_key', cancel: 'button.cancel',
other_intermediate_certificate: '#other_intermediate_certificate' save: 'button.save',
other_certificate: '#other_certificate',
other_certificate_label: '#other_certificate_label',
other_certificate_key: '#other_certificate_key',
dns_challenge_switch: 'input[name="meta[dns_challenge]"]',
dns_challenge_content: '.dns-challenge',
dns_provider: 'select[name="meta[dns_provider]"]',
credentials_file_content: '.credentials-file-content',
dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]',
propagation_seconds: 'input[name="meta[propagation_seconds]"]',
other_certificate_key_label: '#other_certificate_key_label',
other_intermediate_certificate: '#other_intermediate_certificate',
other_intermediate_certificate_label: '#other_intermediate_certificate_label'
}, },
events: { events: {
'change @ui.dns_challenge_switch': function () {
const checked = this.ui.dns_challenge_switch.prop('checked');
if (checked) {
this.ui.dns_provider.prop('required', 'required');
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if(selected_provider != '' && dns_providers[selected_provider].credentials !== false){
this.ui.dns_provider_credentials.prop('required', 'required');
}
this.ui.dns_challenge_content.show();
} else {
this.ui.dns_provider.prop('required', false);
this.ui.dns_provider_credentials.prop('required', false);
this.ui.dns_challenge_content.hide();
}
},
'change @ui.dns_provider': function () {
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) {
this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.dns_provider_credentials[0].value = dns_providers[selected_provider].credentials;
this.ui.credentials_file_content.show();
} else {
this.ui.dns_provider_credentials.prop('required', false);
this.ui.credentials_file_content.hide();
}
},
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
this.ui.le_error_info.hide();
if (!this.ui.form[0].checkValidity()) { if (!this.ui.form[0].checkValidity()) {
$('<input type="submit">').hide().appendTo(this.ui.form).click().remove(); $('<input type="submit">').hide().appendTo(this.ui.form).click().remove();
$(this).removeClass('btn-loading');
return; return;
} }
let view = this;
let data = this.ui.form.serializeJSON(); let data = this.ui.form.serializeJSON();
data.provider = this.model.get('provider'); data.provider = this.model.get('provider');
// Manipulate
if (typeof data.meta !== 'undefined' && typeof data.meta.letsencrypt_agree !== 'undefined') {
data.meta.letsencrypt_agree = !!data.meta.letsencrypt_agree;
}
if (typeof data.domain_names === 'string' && data.domain_names) {
data.domain_names = data.domain_names.split(',');
}
let ssl_files = []; let ssl_files = [];
// check files are attached if (data.provider === 'letsencrypt') {
if (this.model.get('provider') === 'other' && !this.model.hasSslFiles()) { if (typeof data.meta === 'undefined') data.meta = {};
let domain_err = false;
if (!data.meta.dns_challenge) {
data.domain_names.split(',').map(function (name) {
if (name.match(/\*/im)) {
domain_err = true;
}
});
}
if (domain_err) {
alert(i18n('ssl', 'no-wildcard-without-dns'));
return;
}
// Manipulate
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1;
data.meta.dns_challenge = data.meta.dns_challenge == 1;
if(!data.meta.dns_challenge){
data.meta.dns_provider = undefined;
data.meta.dns_provider_credentials = undefined;
data.meta.propagation_seconds = undefined;
} else {
if(data.meta.propagation_seconds === '') data.meta.propagation_seconds = undefined;
}
if (typeof data.domain_names === 'string' && data.domain_names) {
data.domain_names = data.domain_names.split(',');
}
} else if (data.provider === 'other' && !this.model.hasSslFiles()) {
// check files are attached
if (!this.ui.other_certificate[0].files.length || !this.ui.other_certificate[0].files[0].size) { if (!this.ui.other_certificate[0].files.length || !this.ui.other_certificate[0].files[0].size) {
alert('Certificate file is not attached'); alert('Certificate file is not attached');
return; return;
@ -80,18 +145,19 @@ module.exports = Mn.View.extend({
} }
} }
this.ui.buttons.prop('disabled', true).addClass('btn-disabled'); this.ui.loader_content.show();
this.ui.non_loader_content.hide();
// compile file data // compile file data
let form_data = new FormData(); let form_data = new FormData();
if (view.model.get('provider') && ssl_files.length) { if (data.provider === 'other' && ssl_files.length) {
ssl_files.map(function (file) { ssl_files.map(function (file) {
form_data.append(file.name, file.file); form_data.append(file.name, file.file);
}); });
} }
new Promise(resolve => { new Promise(resolve => {
if (view.model.get('provider') === 'other') { if (data.provider === 'other') {
resolve(App.Api.Nginx.Certificates.validate(form_data)); resolve(App.Api.Nginx.Certificates.validate(form_data));
} else { } else {
resolve(); resolve();
@ -101,13 +167,13 @@ module.exports = Mn.View.extend({
return App.Api.Nginx.Certificates.create(data); return App.Api.Nginx.Certificates.create(data);
}) })
.then(result => { .then(result => {
view.model.set(result); this.model.set(result);
// Now upload the certs if we need to // Now upload the certs if we need to
if (view.model.get('provider') === 'other') { if (data.provider === 'other') {
return App.Api.Nginx.Certificates.upload(view.model.get('id'), form_data) return App.Api.Nginx.Certificates.upload(this.model.get('id'), form_data)
.then(result => { .then(result => {
view.model.set('meta', _.assign({}, view.model.get('meta'), result)); this.model.set('meta', _.assign({}, this.model.get('meta'), result));
}); });
} }
}) })
@ -117,20 +183,52 @@ module.exports = Mn.View.extend({
}); });
}) })
.catch(err => { .catch(err => {
alert(err.message); let more_info = '';
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); if (err.code === 500 && err.debug) {
try{
more_info = JSON.parse(err.debug).debug.stack.join("\n");
} catch(e) {}
}
this.ui.le_error_info[0].innerHTML = `${err.message}${more_info !== '' ? `<pre class="mt-3">${more_info}</pre>`:''}`;
this.ui.le_error_info.show();
this.ui.le_error_info[0].scrollIntoView();
this.ui.loader_content.hide();
this.ui.non_loader_content.show();
}); });
},
'change @ui.other_certificate_key': function(e){
this.setFileName("other_certificate_key_label", e)
},
'change @ui.other_certificate': function(e){
this.setFileName("other_certificate_label", e)
},
'change @ui.other_intermediate_certificate': function(e){
this.setFileName("other_intermediate_certificate_label", e)
} }
}, },
setFileName(ui, e){
this.getUI(ui).text(e.target.files[0].name)
},
templateContext: { templateContext: {
getLetsencryptEmail: function () { getLetsencryptEmail: function () {
return typeof this.meta.letsencrypt_email !== 'undefined' ? this.meta.letsencrypt_email : App.Cache.User.get('email'); return typeof this.meta.letsencrypt_email !== 'undefined' ? this.meta.letsencrypt_email : App.Cache.User.get('email');
}, },
getLetsencryptAgree: function () { getLetsencryptAgree: function () {
return typeof this.meta.letsencrypt_agree !== 'undefined' ? this.meta.letsencrypt_agree : false; return typeof this.meta.letsencrypt_agree !== 'undefined' ? this.meta.letsencrypt_agree : false;
} },
getUseDnsChallenge: function () {
return typeof this.meta.dns_challenge !== 'undefined' ? this.meta.dns_challenge : false;
},
getDnsProvider: function () {
return typeof this.meta.dns_provider !== 'undefined' && this.meta.dns_provider != '' ? this.meta.dns_provider : null;
},
getDnsProviderCredentials: function () {
return typeof this.meta.dns_provider_credentials !== 'undefined' ? this.meta.dns_provider_credentials : '';
},
getPropagationSeconds: function () {
return typeof this.meta.propagation_seconds !== 'undefined' ? this.meta.propagation_seconds : '';
},
dns_plugins: dns_providers,
}, },
onRender: function () { onRender: function () {
@ -144,8 +242,12 @@ module.exports = Mn.View.extend({
text: input text: input
}; };
}, },
createFilter: /^(?:[^.*]+\.?)+[^.]$/ createFilter: /^(?:[^.]+\.?)+[^.]$/
}); });
this.ui.dns_challenge_content.hide();
this.ui.credentials_file_content.hide();
this.ui.loader_content.hide();
this.ui.le_error_info.hide();
}, },
initialize: function (options) { initialize: function (options) {

2
frontend/js/app/nginx/certificates/list/item.ejs
View File

@ -28,7 +28,7 @@
</div> </div>
</td> </td>
<td> <td>
<%- i18n('ssl', provider) %> <%- i18n('ssl', provider) %><% if (meta.dns_provider) { %> - <%- dns_providers[meta.dns_provider].display_name %><% } %>
</td> </td>
<td class="<%- isExpired() ? 'text-danger' : '' %>"> <td class="<%- isExpired() ? 'text-danger' : '' %>">
<%- formatDbDate(expires_on, 'Do MMMM YYYY, h:mm a') %> <%- formatDbDate(expires_on, 'Do MMMM YYYY, h:mm a') %>

12
frontend/js/app/nginx/certificates/list/item.js
View File

@ -1,7 +1,8 @@
const Mn = require('backbone.marionette'); const Mn = require('backbone.marionette');
const moment = require('moment'); const moment = require('moment');
const App = require('../../../main'); const App = require('../../../main');
const template = require('./item.ejs'); const template = require('./item.ejs');
const dns_providers = require('../../../../../../global/certbot-dns-plugins')
module.exports = Mn.View.extend({ module.exports = Mn.View.extend({
template: template, template: template,
@ -35,7 +36,8 @@ module.exports = Mn.View.extend({
canManage: App.Cache.User.canManage('certificates'), canManage: App.Cache.User.canManage('certificates'),
isExpired: function () { isExpired: function () {
return moment(this.expires_on).isBefore(moment()); return moment(this.expires_on).isBefore(moment());
} },
dns_providers: dns_providers
}, },
initialize: function () { initialize: function () {

93
frontend/js/app/nginx/dead/form.ejs
View File

@ -4,6 +4,7 @@
<button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button> <button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button>
</div> </div>
<div class="modal-body has-tabs"> <div class="modal-body has-tabs">
<div class="alert alert-danger mb-0 rounded-0" id="le-error-info" role="alert"></div>
<form> <form>
<ul class="nav nav-tabs" role="tablist"> <ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li> <li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li>
@ -73,6 +74,98 @@
</div> </div>
</div> </div>
<!-- DNS challenge -->
<div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group">
<label class="custom-switch">
<input
type="checkbox"
class="custom-switch-input"
name="meta[dns_challenge]"
value="1"
<%- getUseDnsChallenge() ? 'checked' : '' %>
>
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'dns-challenge') %></span>
</label>
</div>
</div>
<div class="col-sm-12 col-md-12 letsencrypt">
<fieldset class="form-fieldset dns-challenge">
<div class="text-red mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'certbot-warning') %></div>
<!-- Certbot DNS plugin selection -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'dns-provider') %> <span class="form-required">*</span></label>
<select
name="meta[dns_provider]"
id="dns_provider"
class="form-control custom-select"
>
<option
value=""
disabled
hidden
<%- getDnsProvider() === null ? 'selected' : '' %>
>Please Choose...</option>
<% _.each(dns_plugins, function(plugin_info, plugin_name){ %>
<option
value="<%- plugin_name %>"
<%- getDnsProvider() === plugin_name ? 'selected' : '' %>
><%- plugin_info.display_name %></option>
<% }); %>
</select>
</div>
</div>
</div>
<!-- Certbot credentials file content -->
<div class="row credentials-file-content">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'credentials-file-content') %> <span class="form-required">*</span></label>
<textarea
name="meta[dns_provider_credentials]"
class="form-control text-monospace"
id="dns_provider_credentials"
><%- getDnsProviderCredentials() %></textarea>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'credentials-file-content-info') %>
</div>
<div class="text-red small">
<i class="fe fe-alert-triangle"></i>
<%= i18n('ssl', 'stored-as-plaintext-info') %>
</div>
</div>
</div>
</div>
<!-- DNS propagation delay -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group mb-0">
<label class="form-label"><%- i18n('ssl', 'propagation-seconds') %></label>
<input
type="number"
min="0"
name="meta[propagation_seconds]"
class="form-control"
id="propagation_seconds"
value="<%- getPropagationSeconds() %>"
>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'propagation-seconds-info') %>
</div>
</div>
</div>
</div>
</fieldset>
</div>
<!-- Lets encrypt --> <!-- Lets encrypt -->
<div class="col-sm-12 col-md-12 letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <div class="form-group">

135
frontend/js/app/nginx/dead/form.js
View File

@ -4,6 +4,8 @@ const DeadHostModel = require('../../../models/dead-host');
const template = require('./form.ejs'); const template = require('./form.ejs');
const certListItemTemplate = require('../certificates-list-item.ejs'); const certListItemTemplate = require('../certificates-list-item.ejs');
const Helpers = require('../../../lib/helpers'); const Helpers = require('../../../lib/helpers');
const i18n = require('../../i18n');
const dns_providers = require('../../../../../global/certbot-dns-plugins');
require('jquery-serializejson'); require('jquery-serializejson');
require('selectize'); require('selectize');
@ -13,17 +15,24 @@ module.exports = Mn.View.extend({
className: 'modal-dialog', className: 'modal-dialog',
ui: { ui: {
form: 'form', form: 'form',
domain_names: 'input[name="domain_names"]', domain_names: 'input[name="domain_names"]',
buttons: '.modal-footer button', buttons: '.modal-footer button',
cancel: 'button.cancel', cancel: 'button.cancel',
save: 'button.save', save: 'button.save',
certificate_select: 'select[name="certificate_id"]', le_error_info: '#le-error-info',
ssl_forced: 'input[name="ssl_forced"]', certificate_select: 'select[name="certificate_id"]',
hsts_enabled: 'input[name="hsts_enabled"]', ssl_forced: 'input[name="ssl_forced"]',
hsts_subdomains: 'input[name="hsts_subdomains"]', hsts_enabled: 'input[name="hsts_enabled"]',
http2_support: 'input[name="http2_support"]', hsts_subdomains: 'input[name="hsts_subdomains"]',
letsencrypt: '.letsencrypt' http2_support: 'input[name="http2_support"]',
dns_challenge_switch: 'input[name="meta[dns_challenge]"]',
dns_challenge_content: '.dns-challenge',
dns_provider: 'select[name="meta[dns_provider]"]',
credentials_file_content: '.credentials-file-content',
dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]',
propagation_seconds: 'input[name="meta[propagation_seconds]"]',
letsencrypt: '.letsencrypt'
}, },
events: { events: {
@ -31,10 +40,12 @@ module.exports = Mn.View.extend({
let id = this.ui.certificate_select.val(); let id = this.ui.certificate_select.val();
if (id === 'new') { if (id === 'new') {
this.ui.letsencrypt.show().find('input').prop('disabled', false); this.ui.letsencrypt.show().find('input').prop('disabled', false);
this.ui.dns_challenge_content.hide();
} else { } else {
this.ui.letsencrypt.hide().find('input').prop('disabled', true); this.ui.letsencrypt.hide().find('input').prop('disabled', true);
} }
let enabled = id === 'new' || parseInt(id, 10) > 0; let enabled = id === 'new' || parseInt(id, 10) > 0;
let inputs = this.ui.ssl_forced.add(this.ui.http2_support); let inputs = this.ui.ssl_forced.add(this.ui.http2_support);
@ -76,8 +87,37 @@ module.exports = Mn.View.extend({
} }
}, },
'change @ui.dns_challenge_switch': function () {
const checked = this.ui.dns_challenge_switch.prop('checked');
if (checked) {
this.ui.dns_provider.prop('required', 'required');
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if(selected_provider != '' && dns_providers[selected_provider].credentials !== false){
this.ui.dns_provider_credentials.prop('required', 'required');
}
this.ui.dns_challenge_content.show();
} else {
this.ui.dns_provider.prop('required', false);
this.ui.dns_provider_credentials.prop('required', false);
this.ui.dns_challenge_content.hide();
}
},
'change @ui.dns_provider': function () {
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) {
this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.dns_provider_credentials[0].value = dns_providers[selected_provider].credentials;
this.ui.credentials_file_content.show();
} else {
this.ui.dns_provider_credentials.prop('required', false);
this.ui.credentials_file_content.hide();
}
},
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
this.ui.le_error_info.hide();
if (!this.ui.form[0].checkValidity()) { if (!this.ui.form[0].checkValidity()) {
$('<input type="submit">').hide().appendTo(this.ui.form).click().remove(); $('<input type="submit">').hide().appendTo(this.ui.form).click().remove();
@ -88,30 +128,42 @@ module.exports = Mn.View.extend({
let data = this.ui.form.serializeJSON(); let data = this.ui.form.serializeJSON();
// Manipulate // Manipulate
data.hsts_enabled = !!data.hsts_enabled; data.hsts_enabled = !!data.hsts_enabled;
data.hsts_subdomains = !!data.hsts_subdomains; data.hsts_subdomains = !!data.hsts_subdomains;
data.http2_support = !!data.http2_support; data.http2_support = !!data.http2_support;
data.ssl_forced = !!data.ssl_forced; data.ssl_forced = !!data.ssl_forced;
if (typeof data.meta === 'undefined') data.meta = {};
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1;
data.meta.dns_challenge = data.meta.dns_challenge == 1;
if(!data.meta.dns_challenge){
data.meta.dns_provider = undefined;
data.meta.dns_provider_credentials = undefined;
data.meta.propagation_seconds = undefined;
} else {
if(data.meta.propagation_seconds === '') data.meta.propagation_seconds = undefined;
}
if (typeof data.domain_names === 'string' && data.domain_names) { if (typeof data.domain_names === 'string' && data.domain_names) {
data.domain_names = data.domain_names.split(','); data.domain_names = data.domain_names.split(',');
} }
// Check for any domain names containing wildcards, which are not allowed with letsencrypt // Check for any domain names containing wildcards, which are not allowed with letsencrypt
if (data.certificate_id === 'new') { if (data.certificate_id === 'new') {
let domain_err = false; let domain_err = false;
data.domain_names.map(function (name) { if (!data.meta.dns_challenge) {
if (name.match(/\*/im)) { data.domain_names.map(function (name) {
domain_err = true; if (name.match(/\*/im)) {
} domain_err = true;
}); }
});
if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains');
return;
} }
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1'; if (domain_err) {
alert(i18n('ssl', 'no-wildcard-without-dns'));
return;
}
} else { } else {
data.certificate_id = parseInt(data.certificate_id, 10); data.certificate_id = parseInt(data.certificate_id, 10);
} }
@ -127,6 +179,8 @@ module.exports = Mn.View.extend({
} }
this.ui.buttons.prop('disabled', true).addClass('btn-disabled'); this.ui.buttons.prop('disabled', true).addClass('btn-disabled');
this.ui.save.addClass('btn-loading');
method(data) method(data)
.then(result => { .then(result => {
view.model.set(result); view.model.set(result);
@ -138,8 +192,17 @@ module.exports = Mn.View.extend({
}); });
}) })
.catch(err => { .catch(err => {
alert(err.message); let more_info = '';
if(err.code === 500 && err.debug){
try{
more_info = JSON.parse(err.debug).debug.stack.join("\n");
} catch(e) {}
}
this.ui.le_error_info[0].innerHTML = `${err.message}${more_info !== '' ? `<pre class="mt-3">${more_info}</pre>`:''}`;
this.ui.le_error_info.show();
this.ui.le_error_info[0].scrollIntoView();
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading');
}); });
} }
}, },
@ -147,7 +210,20 @@ module.exports = Mn.View.extend({
templateContext: { templateContext: {
getLetsencryptEmail: function () { getLetsencryptEmail: function () {
return App.Cache.User.get('email'); return App.Cache.User.get('email');
} },
getUseDnsChallenge: function () {
return typeof this.meta.dns_challenge !== 'undefined' ? this.meta.dns_challenge : false;
},
getDnsProvider: function () {
return typeof this.meta.dns_provider !== 'undefined' && this.meta.dns_provider != '' ? this.meta.dns_provider : null;
},
getDnsProviderCredentials: function () {
return typeof this.meta.dns_provider_credentials !== 'undefined' ? this.meta.dns_provider_credentials : '';
},
getPropagationSeconds: function () {
return typeof this.meta.propagation_seconds !== 'undefined' ? this.meta.propagation_seconds : '';
},
dns_plugins: dns_providers,
}, },
onRender: function () { onRender: function () {
@ -168,6 +244,9 @@ module.exports = Mn.View.extend({
}); });
// Certificates // Certificates
this.ui.le_error_info.hide();
this.ui.dns_challenge_content.hide();
this.ui.credentials_file_content.hide();
this.ui.letsencrypt.hide(); this.ui.letsencrypt.hide();
this.ui.certificate_select.selectize({ this.ui.certificate_select.selectize({
valueField: 'id', valueField: 'id',

93
frontend/js/app/nginx/proxy/form.ejs
View File

@ -4,6 +4,7 @@
<button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button> <button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button>
</div> </div>
<div class="modal-body has-tabs"> <div class="modal-body has-tabs">
<div class="alert alert-danger mb-0 rounded-0" id="le-error-info" role="alert"></div>
<form> <form>
<ul class="nav nav-tabs" role="tablist"> <ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li> <li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li>
@ -141,6 +142,98 @@
</div> </div>
</div> </div>
<!-- DNS challenge -->
<div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group">
<label class="custom-switch">
<input
type="checkbox"
class="custom-switch-input"
name="meta[dns_challenge]"
value="1"
<%- getUseDnsChallenge() ? 'checked' : '' %>
>
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'dns-challenge') %></span>
</label>
</div>
</div>
<div class="col-sm-12 col-md-12 letsencrypt">
<fieldset class="form-fieldset dns-challenge">
<div class="text-red mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'certbot-warning') %></div>
<!-- Certbot DNS plugin selection -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'dns-provider') %> <span class="form-required">*</span></label>
<select
name="meta[dns_provider]"
id="dns_provider"
class="form-control custom-select"
>
<option
value=""
disabled
hidden
<%- getDnsProvider() === null ? 'selected' : '' %>
>Please Choose...</option>
<% _.each(dns_plugins, function(plugin_info, plugin_name){ %>
<option
value="<%- plugin_name %>"
<%- getDnsProvider() === plugin_name ? 'selected' : '' %>
><%- plugin_info.display_name %></option>
<% }); %>
</select>
</div>
</div>
</div>
<!-- Certbot credentials file content -->
<div class="row credentials-file-content">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'credentials-file-content') %> <span class="form-required">*</span></label>
<textarea
name="meta[dns_provider_credentials]"
class="form-control text-monospace"
id="dns_provider_credentials"
><%- getDnsProviderCredentials() %></textarea>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'credentials-file-content-info') %>
</div>
<div class="text-red small">
<i class="fe fe-alert-triangle"></i>
<%= i18n('ssl', 'stored-as-plaintext-info') %>
</div>
</div>
</div>
</div>
<!-- DNS propagation delay -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group mb-0">
<label class="form-label"><%- i18n('ssl', 'propagation-seconds') %></label>
<input
type="number"
min="0"
name="meta[propagation_seconds]"
class="form-control"
id="propagation_seconds"
value="<%- getPropagationSeconds() %>"
>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'propagation-seconds-info') %>
</div>
</div>
</div>
</div>
</fieldset>
</div>
<!-- Lets encrypt --> <!-- Lets encrypt -->
<div class="col-sm-12 col-md-12 letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <div class="form-group">

138
frontend/js/app/nginx/proxy/form.js
View File

@ -7,6 +7,8 @@ const certListItemTemplate = require('../certificates-list-item.ejs');
const accessListItemTemplate = require('./access-list-item.ejs'); const accessListItemTemplate = require('./access-list-item.ejs');
const CustomLocation = require('./location'); const CustomLocation = require('./location');
const Helpers = require('../../../lib/helpers'); const Helpers = require('../../../lib/helpers');
const i18n = require('../../i18n');
const dns_providers = require('../../../../../global/certbot-dns-plugins');
require('jquery-serializejson'); require('jquery-serializejson');
@ -19,22 +21,29 @@ module.exports = Mn.View.extend({
locationsCollection: new ProxyLocationModel.Collection(), locationsCollection: new ProxyLocationModel.Collection(),
ui: { ui: {
form: 'form', form: 'form',
domain_names: 'input[name="domain_names"]', domain_names: 'input[name="domain_names"]',
forward_host: 'input[name="forward_host"]', forward_host: 'input[name="forward_host"]',
buttons: '.modal-footer button', buttons: '.modal-footer button',
cancel: 'button.cancel', cancel: 'button.cancel',
save: 'button.save', save: 'button.save',
add_location_btn: 'button.add_location', add_location_btn: 'button.add_location',
locations_container:'.locations_container', locations_container: '.locations_container',
certificate_select: 'select[name="certificate_id"]', le_error_info: '#le-error-info',
access_list_select: 'select[name="access_list_id"]', certificate_select: 'select[name="certificate_id"]',
ssl_forced: 'input[name="ssl_forced"]', access_list_select: 'select[name="access_list_id"]',
hsts_enabled: 'input[name="hsts_enabled"]', ssl_forced: 'input[name="ssl_forced"]',
hsts_subdomains: 'input[name="hsts_subdomains"]', hsts_enabled: 'input[name="hsts_enabled"]',
http2_support: 'input[name="http2_support"]', hsts_subdomains: 'input[name="hsts_subdomains"]',
forward_scheme: 'select[name="forward_scheme"]', http2_support: 'input[name="http2_support"]',
letsencrypt: '.letsencrypt' dns_challenge_switch: 'input[name="meta[dns_challenge]"]',
dns_challenge_content: '.dns-challenge',
dns_provider: 'select[name="meta[dns_provider]"]',
credentials_file_content: '.credentials-file-content',
dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]',
propagation_seconds: 'input[name="meta[propagation_seconds]"]',
forward_scheme: 'select[name="forward_scheme"]',
letsencrypt: '.letsencrypt'
}, },
regions: { regions: {
@ -46,6 +55,7 @@ module.exports = Mn.View.extend({
let id = this.ui.certificate_select.val(); let id = this.ui.certificate_select.val();
if (id === 'new') { if (id === 'new') {
this.ui.letsencrypt.show().find('input').prop('disabled', false); this.ui.letsencrypt.show().find('input').prop('disabled', false);
this.ui.dns_challenge_content.hide();
} else { } else {
this.ui.letsencrypt.hide().find('input').prop('disabled', true); this.ui.letsencrypt.hide().find('input').prop('disabled', true);
} }
@ -91,6 +101,34 @@ module.exports = Mn.View.extend({
} }
}, },
'change @ui.dns_challenge_switch': function () {
const checked = this.ui.dns_challenge_switch.prop('checked');
if (checked) {
this.ui.dns_provider.prop('required', 'required');
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if(selected_provider != '' && dns_providers[selected_provider].credentials !== false){
this.ui.dns_provider_credentials.prop('required', 'required');
}
this.ui.dns_challenge_content.show();
} else {
this.ui.dns_provider.prop('required', false);
this.ui.dns_provider_credentials.prop('required', false);
this.ui.dns_challenge_content.hide();
}
},
'change @ui.dns_provider': function () {
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) {
this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.dns_provider_credentials[0].value = dns_providers[selected_provider].credentials;
this.ui.credentials_file_content.show();
} else {
this.ui.dns_provider_credentials.prop('required', false);
this.ui.credentials_file_content.hide();
}
},
'click @ui.add_location_btn': function (e) { 'click @ui.add_location_btn': function (e) {
e.preventDefault(); e.preventDefault();
@ -100,6 +138,7 @@ module.exports = Mn.View.extend({
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
this.ui.le_error_info.hide();
if (!this.ui.form[0].checkValidity()) { if (!this.ui.form[0].checkValidity()) {
$('<input type="submit">').hide().appendTo(this.ui.form).click().remove(); $('<input type="submit">').hide().appendTo(this.ui.form).click().remove();
@ -128,26 +167,38 @@ module.exports = Mn.View.extend({
data.hsts_enabled = !!data.hsts_enabled; data.hsts_enabled = !!data.hsts_enabled;
data.hsts_subdomains = !!data.hsts_subdomains; data.hsts_subdomains = !!data.hsts_subdomains;
data.ssl_forced = !!data.ssl_forced; data.ssl_forced = !!data.ssl_forced;
if (typeof data.meta === 'undefined') data.meta = {};
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1;
data.meta.dns_challenge = data.meta.dns_challenge == 1;
if(!data.meta.dns_challenge){
data.meta.dns_provider = undefined;
data.meta.dns_provider_credentials = undefined;
data.meta.propagation_seconds = undefined;
} else {
if(data.meta.propagation_seconds === '') data.meta.propagation_seconds = undefined;
}
if (typeof data.domain_names === 'string' && data.domain_names) { if (typeof data.domain_names === 'string' && data.domain_names) {
data.domain_names = data.domain_names.split(','); data.domain_names = data.domain_names.split(',');
} }
// Check for any domain names containing wildcards, which are not allowed with letsencrypt // Check for any domain names containing wildcards, which are not allowed with letsencrypt
if (data.certificate_id === 'new') { if (data.certificate_id === 'new') {
let domain_err = false; let domain_err = false;
data.domain_names.map(function (name) { if (!data.meta.dns_challenge) {
if (name.match(/\*/im)) { data.domain_names.map(function (name) {
domain_err = true; if (name.match(/\*/im)) {
} domain_err = true;
}); }
});
if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains');
return;
} }
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1'; if (domain_err) {
alert(i18n('ssl', 'no-wildcard-without-dns'));
return;
}
} else { } else {
data.certificate_id = parseInt(data.certificate_id, 10); data.certificate_id = parseInt(data.certificate_id, 10);
} }
@ -163,6 +214,8 @@ module.exports = Mn.View.extend({
} }
this.ui.buttons.prop('disabled', true).addClass('btn-disabled'); this.ui.buttons.prop('disabled', true).addClass('btn-disabled');
this.ui.save.addClass('btn-loading');
method(data) method(data)
.then(result => { .then(result => {
view.model.set(result); view.model.set(result);
@ -174,8 +227,17 @@ module.exports = Mn.View.extend({
}); });
}) })
.catch(err => { .catch(err => {
alert(err.message); let more_info = '';
if(err.code === 500 && err.debug){
try{
more_info = JSON.parse(err.debug).debug.stack.join("\n");
} catch(e) {}
}
this.ui.le_error_info[0].innerHTML = `${err.message}${more_info !== '' ? `<pre class="mt-3">${more_info}</pre>`:''}`;
this.ui.le_error_info.show();
this.ui.le_error_info[0].scrollIntoView();
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading');
}); });
} }
}, },
@ -183,7 +245,20 @@ module.exports = Mn.View.extend({
templateContext: { templateContext: {
getLetsencryptEmail: function () { getLetsencryptEmail: function () {
return App.Cache.User.get('email'); return App.Cache.User.get('email');
} },
getUseDnsChallenge: function () {
return typeof this.meta.dns_challenge !== 'undefined' ? this.meta.dns_challenge : false;
},
getDnsProvider: function () {
return typeof this.meta.dns_provider !== 'undefined' && this.meta.dns_provider != '' ? this.meta.dns_provider : null;
},
getDnsProviderCredentials: function () {
return typeof this.meta.dns_provider_credentials !== 'undefined' ? this.meta.dns_provider_credentials : '';
},
getPropagationSeconds: function () {
return typeof this.meta.propagation_seconds !== 'undefined' ? this.meta.propagation_seconds : '';
},
dns_plugins: dns_providers,
}, },
onRender: function () { onRender: function () {
@ -203,7 +278,7 @@ module.exports = Mn.View.extend({
text: input text: input
}; };
}, },
createFilter: /^(?:\*\.)?(?:[^.*]+\.?)+[^.]$/ createFilter: /^(?:\.)?(?:[^.*]+\.?)+[^.]$/
}); });
// Access Lists // Access Lists
@ -237,6 +312,9 @@ module.exports = Mn.View.extend({
}); });
// Certificates // Certificates
this.ui.le_error_info.hide();
this.ui.dns_challenge_content.hide();
this.ui.credentials_file_content.hide();
this.ui.letsencrypt.hide(); this.ui.letsencrypt.hide();
this.ui.certificate_select.selectize({ this.ui.certificate_select.selectize({
valueField: 'id', valueField: 'id',

93
frontend/js/app/nginx/redirection/form.ejs
View File

@ -4,6 +4,7 @@
<button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button> <button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button>
</div> </div>
<div class="modal-body has-tabs"> <div class="modal-body has-tabs">
<div class="alert alert-danger mb-0 rounded-0" id="le-error-info" role="alert"></div>
<form> <form>
<ul class="nav nav-tabs" role="tablist"> <ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li> <li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li>
@ -97,6 +98,98 @@
</div> </div>
</div> </div>
<!-- DNS challenge -->
<div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group">
<label class="custom-switch">
<input
type="checkbox"
class="custom-switch-input"
name="meta[dns_challenge]"
value="1"
<%- getUseDnsChallenge() ? 'checked' : '' %>
>
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'dns-challenge') %></span>
</label>
</div>
</div>
<div class="col-sm-12 col-md-12 letsencrypt">
<fieldset class="form-fieldset dns-challenge">
<div class="text-red mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'certbot-warning') %></div>
<!-- Certbot DNS plugin selection -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'dns-provider') %> <span class="form-required">*</span></label>
<select
name="meta[dns_provider]"
id="dns_provider"
class="form-control custom-select"
>
<option
value=""
disabled
hidden
<%- getDnsProvider() === null ? 'selected' : '' %>
>Please Choose...</option>
<% _.each(dns_plugins, function(plugin_info, plugin_name){ %>
<option
value="<%- plugin_name %>"
<%- getDnsProvider() === plugin_name ? 'selected' : '' %>
><%- plugin_info.display_name %></option>
<% }); %>
</select>
</div>
</div>
</div>
<!-- Certbot credentials file content -->
<div class="row credentials-file-content">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'credentials-file-content') %> <span class="form-required">*</span></label>
<textarea
name="meta[dns_provider_credentials]"
class="form-control text-monospace"
id="dns_provider_credentials"
><%- getDnsProviderCredentials() %></textarea>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'credentials-file-content-info') %>
</div>
<div class="text-red small">
<i class="fe fe-alert-triangle"></i>
<%= i18n('ssl', 'stored-as-plaintext-info') %>
</div>
</div>
</div>
</div>
<!-- DNS propagation delay -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group mb-0">
<label class="form-label"><%- i18n('ssl', 'propagation-seconds') %></label>
<input
type="number"
min="0"
name="meta[propagation_seconds]"
class="form-control"
id="propagation_seconds"
value="<%- getPropagationSeconds() %>"
>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'propagation-seconds-info') %>
</div>
</div>
</div>
</div>
</fieldset>
</div>
<!-- Lets encrypt --> <!-- Lets encrypt -->
<div class="col-sm-12 col-md-12 letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <div class="form-group">

139
frontend/js/app/nginx/redirection/form.js
View File

@ -4,6 +4,9 @@ const RedirectionHostModel = require('../../../models/redirection-host');
const template = require('./form.ejs'); const template = require('./form.ejs');
const certListItemTemplate = require('../certificates-list-item.ejs'); const certListItemTemplate = require('../certificates-list-item.ejs');
const Helpers = require('../../../lib/helpers'); const Helpers = require('../../../lib/helpers');
const i18n = require('../../i18n');
const dns_providers = require('../../../../../global/certbot-dns-plugins');
require('jquery-serializejson'); require('jquery-serializejson');
require('selectize'); require('selectize');
@ -13,17 +16,24 @@ module.exports = Mn.View.extend({
className: 'modal-dialog', className: 'modal-dialog',
ui: { ui: {
form: 'form', form: 'form',
domain_names: 'input[name="domain_names"]', domain_names: 'input[name="domain_names"]',
buttons: '.modal-footer button', buttons: '.modal-footer button',
cancel: 'button.cancel', cancel: 'button.cancel',
save: 'button.save', save: 'button.save',
certificate_select: 'select[name="certificate_id"]', le_error_info: '#le-error-info',
ssl_forced: 'input[name="ssl_forced"]', certificate_select: 'select[name="certificate_id"]',
hsts_enabled: 'input[name="hsts_enabled"]', ssl_forced: 'input[name="ssl_forced"]',
hsts_subdomains: 'input[name="hsts_subdomains"]', hsts_enabled: 'input[name="hsts_enabled"]',
http2_support: 'input[name="http2_support"]', hsts_subdomains: 'input[name="hsts_subdomains"]',
letsencrypt: '.letsencrypt' http2_support: 'input[name="http2_support"]',
dns_challenge_switch: 'input[name="meta[dns_challenge]"]',
dns_challenge_content: '.dns-challenge',
dns_provider: 'select[name="meta[dns_provider]"]',
credentials_file_content: '.credentials-file-content',
dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]',
propagation_seconds: 'input[name="meta[propagation_seconds]"]',
letsencrypt: '.letsencrypt'
}, },
events: { events: {
@ -31,6 +41,7 @@ module.exports = Mn.View.extend({
let id = this.ui.certificate_select.val(); let id = this.ui.certificate_select.val();
if (id === 'new') { if (id === 'new') {
this.ui.letsencrypt.show().find('input').prop('disabled', false); this.ui.letsencrypt.show().find('input').prop('disabled', false);
this.ui.dns_challenge_content.hide();
} else { } else {
this.ui.letsencrypt.hide().find('input').prop('disabled', true); this.ui.letsencrypt.hide().find('input').prop('disabled', true);
} }
@ -76,8 +87,37 @@ module.exports = Mn.View.extend({
} }
}, },
'change @ui.dns_challenge_switch': function () {
const checked = this.ui.dns_challenge_switch.prop('checked');
if (checked) {
this.ui.dns_provider.prop('required', 'required');
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if(selected_provider != '' && dns_providers[selected_provider].credentials !== false){
this.ui.dns_provider_credentials.prop('required', 'required');
}
this.ui.dns_challenge_content.show();
} else {
this.ui.dns_provider.prop('required', false);
this.ui.dns_provider_credentials.prop('required', false);
this.ui.dns_challenge_content.hide();
}
},
'change @ui.dns_provider': function () {
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) {
this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.dns_provider_credentials[0].value = dns_providers[selected_provider].credentials;
this.ui.credentials_file_content.show();
} else {
this.ui.dns_provider_credentials.prop('required', false);
this.ui.credentials_file_content.hide();
}
},
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
this.ui.le_error_info.hide();
if (!this.ui.form[0].checkValidity()) { if (!this.ui.form[0].checkValidity()) {
$('<input type="submit">').hide().appendTo(this.ui.form).click().remove(); $('<input type="submit">').hide().appendTo(this.ui.form).click().remove();
@ -88,32 +128,44 @@ module.exports = Mn.View.extend({
let data = this.ui.form.serializeJSON(); let data = this.ui.form.serializeJSON();
// Manipulate // Manipulate
data.block_exploits = !!data.block_exploits; data.block_exploits = !!data.block_exploits;
data.preserve_path = !!data.preserve_path; data.preserve_path = !!data.preserve_path;
data.http2_support = !!data.http2_support; data.http2_support = !!data.http2_support;
data.hsts_enabled = !!data.hsts_enabled; data.hsts_enabled = !!data.hsts_enabled;
data.hsts_subdomains = !!data.hsts_subdomains; data.hsts_subdomains = !!data.hsts_subdomains;
data.ssl_forced = !!data.ssl_forced; data.ssl_forced = !!data.ssl_forced;
if (typeof data.meta === 'undefined') data.meta = {};
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1;
data.meta.dns_challenge = data.meta.dns_challenge == 1;
if(!data.meta.dns_challenge){
data.meta.dns_provider = undefined;
data.meta.dns_provider_credentials = undefined;
data.meta.propagation_seconds = undefined;
} else {
if(data.meta.propagation_seconds === '') data.meta.propagation_seconds = undefined;
}
if (typeof data.domain_names === 'string' && data.domain_names) { if (typeof data.domain_names === 'string' && data.domain_names) {
data.domain_names = data.domain_names.split(','); data.domain_names = data.domain_names.split(',');
} }
// Check for any domain names containing wildcards, which are not allowed with letsencrypt // Check for any domain names containing wildcards, which are not allowed with letsencrypt
if (data.certificate_id === 'new') { if (data.certificate_id === 'new') {
let domain_err = false; let domain_err = false;
data.domain_names.map(function (name) { if (!data.meta.dns_challenge) {
if (name.match(/\*/im)) { data.domain_names.map(function (name) {
domain_err = true; if (name.match(/\*/im)) {
} domain_err = true;
}); }
});
if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains');
return;
} }
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1'; if (domain_err) {
alert(i18n('ssl', 'no-wildcard-without-dns'));
return;
}
} else { } else {
data.certificate_id = parseInt(data.certificate_id, 10); data.certificate_id = parseInt(data.certificate_id, 10);
} }
@ -129,6 +181,8 @@ module.exports = Mn.View.extend({
} }
this.ui.buttons.prop('disabled', true).addClass('btn-disabled'); this.ui.buttons.prop('disabled', true).addClass('btn-disabled');
this.ui.save.addClass('btn-loading');
method(data) method(data)
.then(result => { .then(result => {
view.model.set(result); view.model.set(result);
@ -140,8 +194,17 @@ module.exports = Mn.View.extend({
}); });
}) })
.catch(err => { .catch(err => {
alert(err.message); let more_info = '';
if(err.code === 500 && err.debug){
try{
more_info = JSON.parse(err.debug).debug.stack.join("\n");
} catch(e) {}
}
this.ui.le_error_info[0].innerHTML = `${err.message}${more_info !== '' ? `<pre class="mt-3">${more_info}</pre>`:''}`;
this.ui.le_error_info.show();
this.ui.le_error_info[0].scrollIntoView();
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading');
}); });
} }
}, },
@ -149,7 +212,20 @@ module.exports = Mn.View.extend({
templateContext: { templateContext: {
getLetsencryptEmail: function () { getLetsencryptEmail: function () {
return App.Cache.User.get('email'); return App.Cache.User.get('email');
} },
getUseDnsChallenge: function () {
return typeof this.meta.dns_challenge !== 'undefined' ? this.meta.dns_challenge : false;
},
getDnsProvider: function () {
return typeof this.meta.dns_provider !== 'undefined' && this.meta.dns_provider != '' ? this.meta.dns_provider : null;
},
getDnsProviderCredentials: function () {
return typeof this.meta.dns_provider_credentials !== 'undefined' ? this.meta.dns_provider_credentials : '';
},
getPropagationSeconds: function () {
return typeof this.meta.propagation_seconds !== 'undefined' ? this.meta.propagation_seconds : '';
},
dns_plugins: dns_providers,
}, },
onRender: function () { onRender: function () {
@ -170,6 +246,9 @@ module.exports = Mn.View.extend({
}); });
// Certificates // Certificates
this.ui.le_error_info.hide();
this.ui.dns_challenge_content.hide();
this.ui.credentials_file_content.hide();
this.ui.letsencrypt.hide(); this.ui.letsencrypt.hide();
this.ui.certificate_select.selectize({ this.ui.certificate_select.selectize({
valueField: 'id', valueField: 'id',

17
frontend/js/i18n/messages.json
View File

@ -101,7 +101,19 @@
"letsencrypt-email": "Email Address for Let's Encrypt", "letsencrypt-email": "Email Address for Let's Encrypt",
"letsencrypt-agree": "I Agree to the <a href=\"{url}\" target=\"_blank\">Let's Encrypt Terms of Service</a>", "letsencrypt-agree": "I Agree to the <a href=\"{url}\" target=\"_blank\">Let's Encrypt Terms of Service</a>",
"delete-ssl": "The SSL certificates attached will NOT be removed, they will need to be removed manually.", "delete-ssl": "The SSL certificates attached will NOT be removed, they will need to be removed manually.",
"hosts-warning": "These domains must be already configured to point to this installation" "hosts-warning": "These domains must be already configured to point to this installation",
"no-wildcard-without-dns": "Cannot request Let's Encrypt Certificate for wildcard domains when not using DNS challenge",
"dns-challenge": "Use a DNS Challenge",
"certbot-warning": "This section requires some knowledge about Certbot and its DNS plugins. Please consult the respective plugins documentation.",
"dns-provider": "DNS Provider",
"please-choose": "Please Choose...",
"credentials-file-content": "Credentials File Content",
"credentials-file-content-info": "This plugin requires a configuration file containing an API token or other credentials to your provider",
"stored-as-plaintext-info": "This data will be stored as plaintext in the database and in a file!",
"propagation-seconds": "Propagation Seconds",
"propagation-seconds-info": "Leave empty to use the plugins default value. Number of seconds to wait for DNS propagation.",
"processing-info": "Processing... This might take a few minutes.",
"passphrase-protection-support-info": "Key files protected with a passphrase are not supported."
}, },
"proxy-hosts": { "proxy-hosts": {
"title": "Proxy Hosts", "title": "Proxy Hosts",
@ -195,7 +207,8 @@
"authorization": "Authorization", "authorization": "Authorization",
"access": "Access", "access": "Access",
"satisfy": "Satisfy", "satisfy": "Satisfy",
"satisfy-any": "Satisfy Any" "satisfy-any": "Satisfy Any",
"pass-auth": "Pass Auth to Host"
}, },
"users": { "users": {
"title": "Users", "title": "Users",

294
global/certbot-dns-plugins.js Normal file
View File

@ -0,0 +1,294 @@
/**
* This file contains info about available Certbot DNS plugins.
* This only works for plugins which use the standard argument structure, so:
* --authenticator <plugin-name> --<plugin-name>-credentials <FILE> --<plugin-name>-propagation-seconds <number>
*
* File Structure:
*
* {
* cloudflare: {
* display_name: "Name displayed to the user",
* package_name: "Package name in PyPi repo",
* package_version: "Package version in PyPi repo",
* dependencies: "Additional dependencies, space separated (as you would pass it to pip install)",
* credentials: `Template of the credentials file`,
* full_plugin_name: "The full plugin name as used in the commandline with certbot, including prefixes, e.g. 'certbot-dns-njalla:dns-njalla'",
* },
* ...
* }
*
*/
module.exports = {
aliyun: {
display_name: 'Aliyun',
package_name: 'certbot-dns-aliyun',
package_version: '0.38.1',
dependencies: '',
credentials: `certbot_dns_aliyun:dns_aliyun_access_key = 12345678
certbot_dns_aliyun:dns_aliyun_access_key_secret = 1234567890abcdef1234567890abcdef`,
full_plugin_name: 'certbot-dns-aliyun:dns-aliyun',
},
//####################################################//
cloudflare: {
display_name: 'Cloudflare',
package_name: 'certbot-dns-cloudflare',
package_version: '1.8.0',
dependencies: 'cloudflare',
credentials: `# Cloudflare API token
dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567`,
full_plugin_name: 'dns-cloudflare',
},
//####################################################//
cloudxns: {
display_name: 'CloudXNS',
package_name: 'certbot-dns-cloudxns',
package_version: '1.8.0',
dependencies: '',
credentials: `dns_cloudxns_api_key = 1234567890abcdef1234567890abcdef
dns_cloudxns_secret_key = 1122334455667788`,
full_plugin_name: 'dns-cloudxns',
},
//####################################################//
corenetworks: {
display_name: 'Core Networks',
package_name: 'certbot-dns-corenetworks',
package_version: '0.1.4',
dependencies: '',
credentials: `certbot_dns_corenetworks:dns_corenetworks_username = asaHB12r
certbot_dns_corenetworks:dns_corenetworks_password = secure_password`,
full_plugin_name: 'certbot-dns-corenetworks:dns-corenetworks',
},
//####################################################//
cpanel: {
display_name: 'cPanel',
package_name: 'certbot-dns-cpanel',
package_version: '0.2.2',
dependencies: '',
credentials: `certbot_dns_cpanel:cpanel_url = https://cpanel.example.com:2083
certbot_dns_cpanel:cpanel_username = user
certbot_dns_cpanel:cpanel_password = hunter2`,
full_plugin_name: 'certbot-dns-cpanel:cpanel',
},
//####################################################//
digitalocean: {
display_name: 'DigitalOcean',
package_name: 'certbot-dns-digitalocean',
package_version: '1.8.0',
dependencies: '',
credentials: 'dns_digitalocean_token = 0000111122223333444455556666777788889999aaaabbbbccccddddeeeeffff',
full_plugin_name: 'dns-digitalocean',
},
//####################################################//
directadmin: {
display_name: 'DirectAdmin',
package_name: 'certbot-dns-directadmin',
package_version: '0.0.20',
dependencies: '',
credentials: `directadmin_url = https://my.directadminserver.com:2222
directadmin_username = username
directadmin_password = aSuperStrongPassword`,
full_plugin_name: 'certbot-dns-directadmin:directadmin',
},
//####################################################//
dnsimple: {
display_name: 'DNSimple',
package_name: 'certbot-dns-dnsimple',
package_version: '1.8.0',
dependencies: '',
credentials: 'dns_dnsimple_token = MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw',
full_plugin_name: 'dns-dnsimple',
},
//####################################################//
dnsmadeeasy: {
display_name: 'DNS Made Easy',
package_name: 'certbot-dns-dnsmadeeasy',
package_version: '1.8.0',
dependencies: '',
credentials: `dns_dnsmadeeasy_api_key = 1c1a3c91-4770-4ce7-96f4-54c0eb0e457a
dns_dnsmadeeasy_secret_key = c9b5625f-9834-4ff8-baba-4ed5f32cae55`,
full_plugin_name: 'dns-dnsmadeeasy',
},
//####################################################//
dnspod: {
display_name: 'DNSPod',
package_name: 'certbot-dns-dnspod',
package_version: '0.1.0',
dependencies: '',
credentials: `certbot_dns_dnspod:dns_dnspod_email = "DNSPOD-API-REQUIRES-A-VALID-EMAIL"
certbot_dns_dnspod:dns_dnspod_api_token = "DNSPOD-API-TOKEN"`,
full_plugin_name: 'certbot-dns-dnspod:dns-dnspod',
},
//####################################################//
gandi: {
display_name: 'Gandi Live DNS',
package_name: 'certbot_plugin_gandi',
package_version: '1.2.5',
dependencies: '',
credentials: 'certbot_plugin_gandi:dns_api_key = APIKEY',
full_plugin_name: 'certbot-plugin-gandi:dns',
},
//####################################################//
google: {
display_name: 'Google',
package_name: 'certbot-dns-google',
package_version: '1.8.0',
dependencies: '',
credentials: `{
"type": "service_account",
...
}`,
full_plugin_name: 'dns-google',
},
//####################################################//
hetzner: {
display_name: 'Hetzner',
package_name: 'certbot-dns-hetzner',
package_version: '1.0.4',
dependencies: '',
credentials: 'certbot_dns_hetzner:dns_hetzner_api_token = 0123456789abcdef0123456789abcdef',
full_plugin_name: 'certbot-dns-hetzner:dns-hetzner',
},
//####################################################//
inwx: {
display_name: 'INWX',
package_name: 'certbot-dns-inwx',
package_version: '2.1.2',
dependencies: '',
credentials: `certbot_dns_inwx:dns_inwx_url = https://api.domrobot.com/xmlrpc/
certbot_dns_inwx:dns_inwx_username = your_username
certbot_dns_inwx:dns_inwx_password = your_password
certbot_dns_inwx:dns_inwx_shared_secret = your_shared_secret optional`,
full_plugin_name: 'certbot-dns-inwx:dns-inwx',
},
//####################################################//
ispconfig: {
display_name: 'ISPConfig',
package_name: 'certbot-dns-ispconfig',
package_version: '0.2.0',
dependencies: '',
credentials: `certbot_dns_ispconfig:dns_ispconfig_username = myremoteuser
certbot_dns_ispconfig:dns_ispconfig_password = verysecureremoteuserpassword
certbot_dns_ispconfig:dns_ispconfig_endpoint = https://localhost:8080`,
full_plugin_name: 'certbot-dns-ispconfig:dns-ispconfig',
},
//####################################################//
isset: {
display_name: 'Isset',
package_name: 'certbot-dns-isset',
package_version: '0.0.3',
dependencies: '',
credentials: `certbot_dns_isset:dns_isset_endpoint="https://customer.isset.net/api"
certbot_dns_isset:dns_isset_token="<token>"`,
full_plugin_name: 'certbot-dns-isset:dns-isset',
},
//####################################################//
linode: {
display_name: 'Linode',
package_name: 'certbot-dns-linode',
package_version: '1.8.0',
dependencies: '',
credentials: `dns_linode_key = 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ64
dns_linode_version = [<blank>|3|4]`,
full_plugin_name: 'dns-linode',
},
//####################################################//
luadns: {
display_name: 'LuaDNS',
package_name: 'certbot-dns-luadns',
package_version: '1.8.0',
dependencies: '',
credentials: `dns_luadns_email = user@example.com
dns_luadns_token = 0123456789abcdef0123456789abcdef`,
full_plugin_name: 'dns-luadns',
},
//####################################################//
netcup: {
display_name: 'netcup',
package_name: 'certbot-dns-netcup',
package_version: '1.0.0',
dependencies: '',
credentials: `dns_netcup_customer_id = 123456
dns_netcup_api_key = 0123456789abcdef0123456789abcdef01234567
dns_netcup_api_password = abcdef0123456789abcdef01234567abcdef0123`,
full_plugin_name: 'certbot-dns-netcup:dns-netcup',
},
//####################################################//
njalla: {
display_name: 'Njalla',
package_name: 'certbot-dns-njalla',
package_version: '1.0.0',
dependencies: '',
credentials: 'certbot_dns_njalla:dns_njalla_token = 0123456789abcdef0123456789abcdef01234567',
full_plugin_name: 'certbot-dns-njalla:dns-njalla',
},
//####################################################//
nsone: {
display_name: 'NS1',
package_name: 'certbot-dns-nsone',
package_version: '1.8.0',
dependencies: '',
credentials: 'dns_nsone_api_key = MDAwMDAwMDAwMDAwMDAw',
full_plugin_name: 'dns-nsone',
},
//####################################################//
ovh: {
display_name: 'OVH',
package_name: 'certbot-dns-ovh',
package_version: '1.8.0',
dependencies: '',
credentials: `dns_ovh_endpoint = ovh-eu
dns_ovh_application_key = MDAwMDAwMDAwMDAw
dns_ovh_application_secret = MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw
dns_ovh_consumer_key = MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw`,
full_plugin_name: 'dns-ovh',
},
//####################################################//
powerdns: {
display_name: 'PowerDNS',
package_name: 'certbot-dns-powerdns',
package_version: '0.2.0',
dependencies: '',
credentials: `certbot_dns_powerdns:dns_powerdns_api_url = https://api.mypowerdns.example.org
certbot_dns_powerdns:dns_powerdns_api_key = AbCbASsd!@34`,
full_plugin_name: 'certbot-dns-powerdns:dns-powerdns',
},
//####################################################//
rfc2136: {
display_name: 'RFC 2136',
package_name: 'certbot-dns-rfc2136',
package_version: '1.8.0',
dependencies: '',
credentials: `# Target DNS server
dns_rfc2136_server = 192.0.2.1
# Target DNS port
dns_rfc2136_port = 53
# TSIG key name
dns_rfc2136_name = keyname.
# TSIG key secret
dns_rfc2136_secret = 4q4wM/2I180UXoMyN4INVhJNi8V9BCV+jMw2mXgZw/CSuxUT8C7NKKFs AmKd7ak51vWKgSl12ib86oQRPkpDjg==
# TSIG key algorithm
dns_rfc2136_algorithm = HMAC-SHA512`,
full_plugin_name: 'dns-rfc2136',
},
//####################################################//
route53: {
display_name: 'Route 53 (Amazon)',
package_name: 'certbot-dns-route53',
package_version: '1.8.0',
dependencies: '',
credentials: `[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY`,
full_plugin_name: 'dns-route53',
},
//####################################################//
vultr: {
display_name: 'Vultr',
package_name: 'certbot-dns-vultr',
package_version: '1.0.3',
dependencies: '',
credentials: 'certbot_dns_vultr:dns_vultr_key = YOUR_VULTR_API_KEY',
full_plugin_name: 'certbot-dns-vultr:dns-vultr',
},
};

2
scripts/frontend-build
View File

@ -10,7 +10,7 @@ if hash docker 2>/dev/null; then
docker pull "${DOCKER_IMAGE}" docker pull "${DOCKER_IMAGE}"
cd "${DIR}/.." cd "${DIR}/.."
echo -e "${BLUE} ${CYAN}Building Frontend ...${RESET}" echo -e "${BLUE} ${CYAN}Building Frontend ...${RESET}"
docker run --rm -e CI=true -v "$(pwd)/frontend:/app/frontend" -w /app/frontend "$DOCKER_IMAGE" sh -c "yarn install && yarn build && yarn build && chown -R $(id -u):$(id -g) /app/frontend" docker run --rm -e CI=true -v "$(pwd)/frontend:/app/frontend" -v "$(pwd)/global:/app/global" -w /app/frontend "$DOCKER_IMAGE" sh -c "yarn install && yarn build && yarn build && chown -R $(id -u):$(id -g) /app/frontend"
echo -e "${BLUE} ${GREEN}Building Frontend Complete${RESET}" echo -e "${BLUE} ${GREEN}Building Frontend Complete${RESET}"
else else
echo -e "${RED} docker command is not available${RESET}" echo -e "${RED} docker command is not available${RESET}"

2
scripts/test-dev
View File

@ -7,7 +7,7 @@ DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
if hash docker-compose 2>/dev/null; then if hash docker-compose 2>/dev/null; then
cd "${DIR}/.." cd "${DIR}/.."
echo -e "${BLUE} ${CYAN}Testing Dev Stack ...${RESET}" echo -e "${BLUE} ${CYAN}Testing Dev Stack ...${RESET}"
docker-compose exec -T npm bash -c "cd /app/backend && task test" docker-compose exec -T npm bash -c "cd /app && task test"
else else
echo -e "${RED} docker-compose command is not available${RESET}" echo -e "${RED} docker-compose command is not available${RESET}"
fi fi

1
test/.dockerignore Normal file
View File

@ -0,0 +1 @@
node_modules

9
test/cypress/Dockerfile
View File

@ -1,6 +1,11 @@
FROM cypress/included:4.12.1 FROM cypress/included:5.6.0
COPY --chown=1000 ./test /test COPY --chown=1000 ./ /test
# mkcert
ENV MKCERT=1.4.2
RUN wget -O /usr/bin/mkcert "https://github.com/FiloSottile/mkcert/releases/download/v${MKCERT}/mkcert-v${MKCERT}-linux-amd64" \
&& chmod +x /usr/bin/mkcert
WORKDIR /test WORKDIR /test
RUN yarn install RUN yarn install

2
test/package.json
View File

@ -7,7 +7,7 @@
"@jc21/cypress-swagger-validation": "^0.0.9", "@jc21/cypress-swagger-validation": "^0.0.9",
"@jc21/restler": "^3.4.0", "@jc21/restler": "^3.4.0",
"chalk": "^4.1.0", "chalk": "^4.1.0",
"cypress": "^4.12.1", "cypress": "^5.6.0",
"cypress-multi-reporters": "^1.4.0", "cypress-multi-reporters": "^1.4.0",
"cypress-plugin-retries": "^1.5.2", "cypress-plugin-retries": "^1.5.2",
"eslint": "^7.6.0", "eslint": "^7.6.0",

6
test/yarn.lock
View File

@ -1293,9 +1293,9 @@ inherits@2, inherits@^2.0.3, inherits@~2.0.3:
integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
ini@^1.3.5: ini@^1.3.5:
version "1.3.5" version "1.3.8"
resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927" resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c"
integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw== integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==
is-arguments@^1.0.4: is-arguments@^1.0.4:
version "1.0.4" version "1.0.4"