Compare commits

...

76 Commits

Author SHA1 Message Date
ac0bb6bee2 Merge branch 'master' into develop 2021-07-19 15:59:06 +10:00
dee67dac75 Bumped version, added contributors 2021-07-19 15:58:15 +10:00
9458cfbd1a Merge pull request #1229 from demize/auth_request-fix
Disable auth_request in letsencrypt-acme-challenge.conf
2021-07-18 21:54:59 +10:00
4b8bdd22b3 Merge pull request #1181 from Theyooo/fix-wildcard-domains-regex
Fix wildcard domain regex
2021-07-18 19:05:23 +10:00
a4c143e2d1 Merge pull request #1178 from mrdink/patch-1
Update messages.json
2021-07-12 07:54:36 +10:00
e91019feb9 Merge pull request #1140 from jc21/adds-logrotation
Adds logrotation
2021-07-12 07:54:02 +10:00
8a37ec72b7 Merge pull request #1212 from jc21/dependabot/npm_and_yarn/docs/color-string-1.5.5
Bump color-string from 1.5.3 to 1.5.5 in /docs
2021-07-12 07:52:49 +10:00
c263a33095 Merge pull request #1222 from PUP-Loki/patch-1
Added Joker dns provider
2021-07-12 07:52:34 +10:00
4b2c0115db Add to letsencrypt-acme-challenge.conf to allow for ACME challenges on proxy hosts using auth_requests 2021-07-10 15:02:09 -04:00
673f40bd85 Removes force parameter from logrotate 2021-07-09 12:34:50 +02:00
b9f8108cd3 Added Joker dns provider 2021-07-07 08:49:30 +01:00
a16ecf656b Bump color-string from 1.5.3 to 1.5.5 in /docs
Bumps [color-string](https://github.com/Qix-/color-string) from 1.5.3 to 1.5.5.
- [Release notes](https://github.com/Qix-/color-string/releases)
- [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Qix-/color-string/commits/1.5.5)

---
updated-dependencies:
- dependency-name: color-string
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-30 23:58:23 +00:00
842cff130b Re-add missing certbot force renewal flag
and cleaned up this horrible file a bit
2021-07-01 09:57:26 +10:00
56c317d223 All logs in single folder
nginx cannot create the folder structure for logs
2021-06-29 23:07:54 +02:00
b7b150a979 Run logrotation binary from program 2021-06-29 21:18:29 +02:00
fae848bd1b Store host logs in subfolders 2021-06-29 20:40:36 +02:00
4b6b276b64 Merge pull request #1195 from jc21/develop
v2.9.4
2021-06-22 09:41:47 +10:00
0373daae5c Bump version 2021-06-22 08:55:37 +10:00
7f30dd0475 Merge pull request #1194 from jc21/dependabot/npm_and_yarn/docs/set-getter-0.1.1
Bump set-getter from 0.1.0 to 0.1.1 in /docs
2021-06-22 08:19:36 +10:00
d2a77c2371 Bump set-getter from 0.1.0 to 0.1.1 in /docs
Bumps [set-getter](https://github.com/doowb/set-getter) from 0.1.0 to 0.1.1.
- [Release notes](https://github.com/doowb/set-getter/releases)
- [Commits](https://github.com/doowb/set-getter/commits/0.1.1)

---
updated-dependencies:
- dependency-name: set-getter
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-21 21:26:26 +00:00
104f65b541 Merge pull request #1169 from jc21/dependabot/npm_and_yarn/test/glob-parent-5.1.2
Bump glob-parent from 5.1.0 to 5.1.2 in /test
2021-06-19 10:31:47 +10:00
d0fb4b6914 Merge pull request #1177 from jc21/dependabot/npm_and_yarn/frontend/postcss-7.0.36
Bump postcss from 7.0.32 to 7.0.36 in /frontend
2021-06-19 10:31:36 +10:00
42c3272def Merge pull request #1182 from DSorlov/develop
Update ssl-ciphers.conf
2021-06-19 10:30:43 +10:00
2812889d61 Merge pull request #1186 from jc21/use-certbot-from-path
Use the certbot command from the PATH variable
2021-06-19 10:24:21 +10:00
bd3a13b2a5 Also rotate other logs 2021-06-18 10:43:56 +02:00
289d179142 Adds logrotate 2021-06-18 09:38:48 +02:00
deca493912 Splits access and error logs for each host 2021-06-18 09:38:48 +02:00
d16bf7d6c0 Adds explicit names to dev containers 2021-06-18 09:38:48 +02:00
3f1415dad1 Use the certbot command from the PATH variable 2021-06-18 09:22:42 +02:00
3e744b6b2d Update ssl-ciphers.conf
Removing support (by default) for all the unsecure protocols. This should be the default and if needed additional support can be configured. As this is a security feature it should be aligned with a moderate policy. This is updated using the latest recomendation as found on https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1d&guideline=5.6
2021-06-17 15:17:13 +02:00
56c4f8a106 fix wildcard domains regex 2021-06-17 11:51:51 +02:00
99ef8bae4c Update messages.json
small change but updated the year in the footer. maybe there's a better way to grab the date with a function?
2021-06-16 09:29:55 -04:00
b7f0343730 Bump postcss from 7.0.32 to 7.0.36 in /frontend
Bumps [postcss](https://github.com/postcss/postcss) from 7.0.32 to 7.0.36.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/7.0.32...7.0.36)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-16 10:16:48 +00:00
c807b59fb4 Merge pull request #1149 from Fuechslein/develop 2021-06-16 20:16:08 +10:00
60fc57431a Merge pull request #1136 from jc21/dependabot/npm_and_yarn/docs/ws-7.4.6
Bump ws from 7.3.1 to 7.4.6 in /docs
2021-06-11 12:11:30 +10:00
d988a3a307 Bump glob-parent from 5.1.0 to 5.1.2 in /test
Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.0 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases)
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.0...v5.1.2)

---
updated-dependencies:
- dependency-name: glob-parent
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-11 01:26:02 +00:00
de763d3fa9 Merge pull request #1170 from jc21/dependabot/npm_and_yarn/docs/glob-parent-5.1.2
Bump glob-parent from 5.1.1 to 5.1.2 in /docs
2021-06-11 11:25:28 +10:00
21bfb61cc8 Merge pull request #1068 from jc21/dependabot/npm_and_yarn/frontend/underscore-1.12.1
Bump underscore from 1.10.2 to 1.12.1 in /frontend
2021-06-11 10:01:30 +10:00
a79adeb280 Bump ws from 7.3.1 to 7.4.6 in /docs
Bumps [ws](https://github.com/websockets/ws) from 7.3.1 to 7.4.6.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.3.1...7.4.6)

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-10 23:08:37 +00:00
9b7a019222 Merge pull request #1159 from jc21/changes-real_ip-ranges-to-local-network
Sets real_ip ranges to local network only
2021-06-11 09:07:57 +10:00
e65143d276 Merge pull request #1164 from jc21/dependabot/npm_and_yarn/docs/normalize-url-5.3.1
Bump normalize-url from 5.1.0 to 5.3.1 in /docs
2021-06-11 09:07:06 +10:00
61bb183eda Bump glob-parent from 5.1.1 to 5.1.2 in /docs
Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases)
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2)

---
updated-dependencies:
- dependency-name: glob-parent
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-10 23:06:36 +00:00
f3d3a6db91 Merge pull request #1165 from jc21/dependabot/npm_and_yarn/docs/css-what-5.0.1
Bump css-what from 3.3.0 to 5.0.1 in /docs
2021-06-11 09:05:46 +10:00
9ebb443cb7 Bump css-what from 3.3.0 to 5.0.1 in /docs
Bumps [css-what](https://github.com/fb55/css-what) from 3.3.0 to 5.0.1.
- [Release notes](https://github.com/fb55/css-what/releases)
- [Commits](https://github.com/fb55/css-what/compare/v3.3.0...v5.0.1)

---
updated-dependencies:
- dependency-name: css-what
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-09 19:18:07 +00:00
fa4c4d0a8d Bump normalize-url from 5.1.0 to 5.3.1 in /docs
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 5.1.0 to 5.3.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases)
- [Commits](https://github.com/sindresorhus/normalize-url/commits)

---
updated-dependencies:
- dependency-name: normalize-url
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-09 00:57:18 +00:00
3e1518fef6 Updated docs for docker restart policy 2021-06-08 08:48:26 +10:00
e59db84721 Merge pull request #1155 from ChrisTracy/patch-1
Adding "restart: always" to ReadMe
2021-06-08 08:45:28 +10:00
c281b31fc8 Update README.md 2021-06-07 09:38:45 -05:00
1c93ca9896 Merge pull request #1158 from jc21/fixes-duckdns-certbot 2021-06-07 18:33:25 +10:00
df5836e573 Sets real_ip ranges to local network only 2021-06-07 08:30:39 +02:00
41ef35f0d0 Fixes duckdns certbot 2021-06-07 08:27:01 +02:00
5e6ce8643f Adds reddit badge to readme 2021-06-07 06:19:29 +00:00
f575400bc8 Merge pull request #1081 from vipergts450/vipergts450-custom_location-patch
Vipergts450 custom location patch
2021-06-07 12:46:23 +10:00
6d9a335b0e Merge pull request #1129 from jc21/dependabot/npm_and_yarn/docs/dns-packet-5.2.2
Bump dns-packet from 5.2.1 to 5.2.2 in /docs
2021-06-07 12:44:26 +10:00
f94eb5f318 Merge pull request #1123 from jc21/dependabot/npm_and_yarn/docs/browserslist-4.16.5
Bump browserslist from 4.13.0 to 4.16.5 in /docs
2021-06-07 09:30:49 +10:00
245fa421a2 Adding "restart: always" to ReadMe
Adding "restart: always" to ReadMe. I had a hard time figuring out why once of my NPM containers would not start on reboot while the rest of them would.
2021-06-06 12:14:58 -05:00
655094a816 Update certbot-dns-plugins.js 2021-06-06 16:44:44 +02:00
d544650b05 fix spacings. again. 2021-06-03 19:42:14 +02:00
d9d682585c fix spaces/tabs 2021-06-03 19:35:30 +02:00
44a202552e Restore default build script 2021-06-03 18:36:25 +02:00
fd6673420b Added IONOS and Infomaniak certbot plugins 2021-06-03 18:33:33 +02:00
0e9cd5db9c Merge pull request #1122 from jc21/fixes-some-database-issues
Fixes some database issues on raspberry pi
2021-05-31 08:43:28 +10:00
6da6e6f145 Bump dns-packet from 5.2.1 to 5.2.2 in /docs
Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 5.2.1 to 5.2.2.
- [Release notes](https://github.com/mafintosh/dns-packet/releases)
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mafintosh/dns-packet/compare/v5.2.1...v5.2.2)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-26 18:51:46 +00:00
bdaa7460e4 Bump browserslist from 4.13.0 to 4.16.5 in /docs
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.13.0 to 4.16.5.
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/browserslist/browserslist/compare/4.13.0...4.16.5)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-26 04:04:42 +00:00
d6d1c1ac35 Updates raspberry pi docker compose in documentation 2021-05-25 14:18:51 +02:00
67958155fc Updates generated sqlite config in documentation 2021-05-25 14:18:01 +02:00
198bd74ec6 Adds useNullAsDefault to default sqlite config 2021-05-25 14:16:46 +02:00
69ee6b1699 Update nginx.js 2021-05-07 23:38:32 -04:00
ca1ea042b2 Update nginx.js 2021-05-07 23:31:51 -04:00
f26df7d9bb Update nginx.js 2021-05-07 22:43:22 -04:00
2373e4a06d Bump underscore from 1.10.2 to 1.12.1 in /frontend
Bumps [underscore](https://github.com/jashkenas/underscore) from 1.10.2 to 1.12.1.
- [Release notes](https://github.com/jashkenas/underscore/releases)
- [Commits](https://github.com/jashkenas/underscore/compare/1.10.2...1.12.1)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-07 03:05:13 +00:00
4c76803f13 Rearrange _location.conf template
Allow more of the main host parameters into the custom location configuration and reorder to make more sense.
2021-05-06 22:30:45 -04:00
6a46e88f8f Fix renderLocations to accept more parameters from host
Amend renderLocations to pass more host parameters into the custom locations to match the requirements set for the default location. This will apply all parameters set in the UI to all custom locations.
2021-05-06 22:29:21 -04:00
e4e94d5be0 Update nginx.js
Adds ability for custom location templates to handle includes
2021-05-06 14:50:09 -04:00
a3b896fa70 Update _location.conf 2021-05-06 14:48:38 -04:00
60347a90e9 Update _location.conf 2021-05-06 11:40:40 -04:00
31 changed files with 402 additions and 237 deletions

View File

@ -1 +1 @@
2.9.3
2.9.5

View File

@ -1,7 +1,7 @@
<p align="center">
<img src="https://nginxproxymanager.com/github.png">
<br><br>
<img src="https://img.shields.io/badge/version-2.9.3-green.svg?style=for-the-badge">
<img src="https://img.shields.io/badge/version-2.9.5-green.svg?style=for-the-badge">
<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
</a>
@ -14,6 +14,10 @@
<a href="https://gitter.im/nginx-proxy-manager/community">
<img alt="Gitter" src="https://img.shields.io/gitter/room/nginx-proxy-manager/community?style=for-the-badge">
</a>
<a href="https://reddit.com/r/nginxproxymanager">
<img alt="Reddit" src="https://img.shields.io/reddit/subreddit-subscribers/nginxproxymanager?label=Reddit%20Community&style=for-the-badge">
</a>
</p>
This project comes as a pre-built docker image that enables you to easily forward to your websites
@ -66,6 +70,7 @@ version: '3'
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: unless-stopped
ports:
- '80:80'
- '81:81'
@ -81,6 +86,7 @@ services:
- ./letsencrypt:/etc/letsencrypt
db:
image: 'jc21/mariadb-aria:latest'
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: 'npm'
MYSQL_DATABASE: 'npm'
@ -408,6 +414,50 @@ Special thanks to the following contributors:
<br /><sub><b>RBXII3</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/demize">
<img src="https://avatars.githubusercontent.com/u/264914?v=4" width="80" alt=""/>
<br /><sub><b>demize</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/PUP-Loki">
<img src="https://avatars.githubusercontent.com/u/75944209?v=4" width="80" alt=""/>
<br /><sub><b>PUP-Loki</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/DSorlov">
<img src="https://avatars.githubusercontent.com/u/8133650?v=4" width="80" alt=""/>
<br /><sub><b>Daniel Sörlöv</b></sub>
</a>
</td>
</tr>
<tr>
<td align="center">
<a href="https://github.com/Theyooo">
<img src="https://avatars.githubusercontent.com/u/58510131?v=4" width="80" alt=""/>
<br /><sub><b>Theyooo</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/mrdink">
<img src="https://avatars.githubusercontent.com/u/514751?v=4" width="80" alt=""/>
<br /><sub><b>Justin Peacock</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/ChrisTracy">
<img src="https://avatars.githubusercontent.com/u/58871574?v=4" width="80" alt=""/>
<br /><sub><b>Chris Tracy</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/Fuechslein">
<img src="https://avatars.githubusercontent.com/u/15112818?v=4" width="80" alt=""/>
<br /><sub><b>Fuechslein</b></sub>
</a>
</td>
</tr>
</table>
<!-- markdownlint-enable -->

View File

@ -95,7 +95,8 @@ async function createDbConfigFromEnvironment() {
client: 'sqlite3',
connection: {
filename: envSqliteFile
}
},
useNullAsDefault: true
}
};
if (JSON.stringify(configData.database) === JSON.stringify(newConfig)) {

View File

@ -1,19 +1,18 @@
const fs = require('fs');
const _ = require('lodash');
const logger = require('../logger').ssl;
const error = require('../lib/error');
const certificateModel = require('../models/certificate');
const internalAuditLog = require('./audit-log');
const tempWrite = require('temp-write');
const utils = require('../lib/utils');
const moment = require('moment');
const debug_mode = process.env.NODE_ENV !== 'production' || !!process.env.DEBUG;
const le_staging = process.env.NODE_ENV !== 'production';
const internalNginx = require('./nginx');
const internalHost = require('./host');
const certbot_command = '/opt/certbot/bin/certbot';
const le_config = '/etc/letsencrypt.ini';
const dns_plugins = require('../global/certbot-dns-plugins');
const _ = require('lodash');
const fs = require('fs');
const tempWrite = require('temp-write');
const moment = require('moment');
const logger = require('../logger').ssl;
const error = require('../lib/error');
const utils = require('../lib/utils');
const certificateModel = require('../models/certificate');
const dnsPlugins = require('../global/certbot-dns-plugins');
const internalAuditLog = require('./audit-log');
const internalNginx = require('./nginx');
const internalHost = require('./host');
const letsencryptStaging = process.env.NODE_ENV !== 'production';
const letsencryptConfig = '/etc/letsencrypt.ini';
const certbotCommand = 'certbot';
function omissions() {
return ['is_deleted'];
@ -21,14 +20,14 @@ function omissions() {
const internalCertificate = {
allowed_ssl_files: ['certificate', 'certificate_key', 'intermediate_certificate'],
interval_timeout: 1000 * 60 * 60, // 1 hour
interval: null,
interval_processing: false,
allowedSslFiles: ['certificate', 'certificate_key', 'intermediate_certificate'],
intervalTimeout: 1000 * 60 * 60, // 1 hour
interval: null,
intervalProcessing: false,
initTimer: () => {
logger.info('Let\'s Encrypt Renewal Timer initialized');
internalCertificate.interval = setInterval(internalCertificate.processExpiringHosts, internalCertificate.interval_timeout);
internalCertificate.interval = setInterval(internalCertificate.processExpiringHosts, internalCertificate.intervalTimeout);
// And do this now as well
internalCertificate.processExpiringHosts();
},
@ -37,15 +36,15 @@ const internalCertificate = {
* Triggered by a timer, this will check for expiring hosts and renew their ssl certs if required
*/
processExpiringHosts: () => {
if (!internalCertificate.interval_processing) {
internalCertificate.interval_processing = true;
if (!internalCertificate.intervalProcessing) {
internalCertificate.intervalProcessing = true;
logger.info('Renewing SSL certs close to expiry...');
let cmd = certbot_command + ' renew --non-interactive --quiet ' +
'--config "' + le_config + '" ' +
const cmd = certbotCommand + ' renew --non-interactive --quiet ' +
'--config "' + letsencryptConfig + '" ' +
'--preferred-challenges "dns,http" ' +
'--disable-hook-validation ' +
(le_staging ? '--staging' : '');
(letsencryptStaging ? '--staging' : '');
return utils.exec(cmd)
.then((result) => {
@ -93,11 +92,11 @@ const internalCertificate = {
});
})
.then(() => {
internalCertificate.interval_processing = false;
internalCertificate.intervalProcessing = false;
})
.catch((err) => {
logger.error(err);
internalCertificate.interval_processing = false;
internalCertificate.intervalProcessing = false;
});
}
},
@ -221,7 +220,7 @@ const internalCertificate = {
await certificateModel
.query()
.deleteById(certificate.id);
throw error;
});
} else {
@ -448,11 +447,9 @@ const internalCertificate = {
* @returns {Promise}
*/
writeCustomCert: (certificate) => {
if (debug_mode) {
logger.info('Writing Custom Certificate:', certificate);
}
logger.info('Writing Custom Certificate:', certificate);
let dir = '/data/custom_ssl/npm-' + certificate.id;
const dir = '/data/custom_ssl/npm-' + certificate.id;
return new Promise((resolve, reject) => {
if (certificate.provider === 'letsencrypt') {
@ -460,9 +457,9 @@ const internalCertificate = {
return;
}
let cert_data = certificate.meta.certificate;
let certData = certificate.meta.certificate;
if (typeof certificate.meta.intermediate_certificate !== 'undefined') {
cert_data = cert_data + '\n' + certificate.meta.intermediate_certificate;
certData = certData + '\n' + certificate.meta.intermediate_certificate;
}
try {
@ -474,7 +471,7 @@ const internalCertificate = {
return;
}
fs.writeFile(dir + '/fullchain.pem', cert_data, function (err) {
fs.writeFile(dir + '/fullchain.pem', certData, function (err) {
if (err) {
reject(err);
} else {
@ -524,7 +521,7 @@ const internalCertificate = {
// Put file contents into an object
let files = {};
_.map(data.files, (file, name) => {
if (internalCertificate.allowed_ssl_files.indexOf(name) !== -1) {
if (internalCertificate.allowedSslFiles.indexOf(name) !== -1) {
files[name] = file.data.toString();
}
});
@ -582,7 +579,7 @@ const internalCertificate = {
}
_.map(data.files, (file, name) => {
if (internalCertificate.allowed_ssl_files.indexOf(name) !== -1) {
if (internalCertificate.allowedSslFiles.indexOf(name) !== -1) {
row.meta[name] = file.data.toString();
}
});
@ -601,7 +598,7 @@ const internalCertificate = {
});
})
.then(() => {
return _.pick(row.meta, internalCertificate.allowed_ssl_files);
return _.pick(row.meta, internalCertificate.allowedSslFiles);
});
});
},
@ -649,9 +646,9 @@ const internalCertificate = {
return tempWrite(certificate, '/tmp')
.then((filepath) => {
return internalCertificate.getCertificateInfoFromFile(filepath, throw_expired)
.then((cert_data) => {
.then((certData) => {
fs.unlinkSync(filepath);
return cert_data;
return certData;
}).catch((err) => {
fs.unlinkSync(filepath);
throw err;
@ -667,33 +664,33 @@ const internalCertificate = {
* @param {Boolean} [throw_expired] Throw when the certificate is out of date
*/
getCertificateInfoFromFile: (certificate_file, throw_expired) => {
let cert_data = {};
let certData = {};
return utils.exec('openssl x509 -in ' + certificate_file + ' -subject -noout')
.then((result) => {
// subject=CN = something.example.com
let regex = /(?:subject=)?[^=]+=\s+(\S+)/gim;
let match = regex.exec(result);
const regex = /(?:subject=)?[^=]+=\s+(\S+)/gim;
const match = regex.exec(result);
if (typeof match[1] === 'undefined') {
throw new error.ValidationError('Could not determine subject from certificate: ' + result);
}
cert_data['cn'] = match[1];
certData['cn'] = match[1];
})
.then(() => {
return utils.exec('openssl x509 -in ' + certificate_file + ' -issuer -noout');
})
.then((result) => {
// issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
let regex = /^(?:issuer=)?(.*)$/gim;
let match = regex.exec(result);
const regex = /^(?:issuer=)?(.*)$/gim;
const match = regex.exec(result);
if (typeof match[1] === 'undefined') {
throw new error.ValidationError('Could not determine issuer from certificate: ' + result);
}
cert_data['issuer'] = match[1];
certData['issuer'] = match[1];
})
.then(() => {
return utils.exec('openssl x509 -in ' + certificate_file + ' -dates -noout');
@ -701,39 +698,39 @@ const internalCertificate = {
.then((result) => {
// notBefore=Jul 14 04:04:29 2018 GMT
// notAfter=Oct 12 04:04:29 2018 GMT
let valid_from = null;
let valid_to = null;
let validFrom = null;
let validTo = null;
let lines = result.split('\n');
const lines = result.split('\n');
lines.map(function (str) {
let regex = /^(\S+)=(.*)$/gim;
let match = regex.exec(str.trim());
const regex = /^(\S+)=(.*)$/gim;
const match = regex.exec(str.trim());
if (match && typeof match[2] !== 'undefined') {
let date = parseInt(moment(match[2], 'MMM DD HH:mm:ss YYYY z').format('X'), 10);
const date = parseInt(moment(match[2], 'MMM DD HH:mm:ss YYYY z').format('X'), 10);
if (match[1].toLowerCase() === 'notbefore') {
valid_from = date;
validFrom = date;
} else if (match[1].toLowerCase() === 'notafter') {
valid_to = date;
validTo = date;
}
}
});
if (!valid_from || !valid_to) {
if (!validFrom || !validTo) {
throw new error.ValidationError('Could not determine dates from certificate: ' + result);
}
if (throw_expired && valid_to < parseInt(moment().format('X'), 10)) {
if (throw_expired && validTo < parseInt(moment().format('X'), 10)) {
throw new error.ValidationError('Certificate has expired');
}
cert_data['dates'] = {
from: valid_from,
to: valid_to
certData['dates'] = {
from: validFrom,
to: validTo
};
return cert_data;
return certData;
}).catch((err) => {
throw new error.ValidationError('Certificate is not valid (' + err.message + ')', err);
});
@ -747,7 +744,7 @@ const internalCertificate = {
* @returns {Object}
*/
cleanMeta: function (meta, remove) {
internalCertificate.allowed_ssl_files.map((key) => {
internalCertificate.allowedSslFiles.map((key) => {
if (typeof meta[key] !== 'undefined' && meta[key]) {
if (remove) {
delete meta[key];
@ -767,18 +764,16 @@ const internalCertificate = {
requestLetsEncryptSsl: (certificate) => {
logger.info('Requesting Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
let cmd = certbot_command + ' certonly --non-interactive ' +
'--config "' + le_config + '" ' +
const cmd = certbotCommand + ' certonly --non-interactive ' +
'--config "' + letsencryptConfig + '" ' +
'--cert-name "npm-' + certificate.id + '" ' +
'--agree-tos ' +
'--email "' + certificate.meta.letsencrypt_email + '" ' +
'--preferred-challenges "dns,http" ' +
'--domains "' + certificate.domain_names.join(',') + '" ' +
(le_staging ? '--staging' : '');
(letsencryptStaging ? '--staging' : '');
if (debug_mode) {
logger.info('Command:', cmd);
}
logger.info('Command:', cmd);
return utils.exec(cmd)
.then((result) => {
@ -788,14 +783,14 @@ const internalCertificate = {
},
/**
* @param {Object} certificate the certificate row
* @param {String} dns_provider the dns provider name (key used in `certbot-dns-plugins.js`)
* @param {String | null} credentials the content of this providers credentials file
* @param {String} propagation_seconds the cloudflare api token
* @param {Object} certificate the certificate row
* @param {String} dns_provider the dns provider name (key used in `certbot-dns-plugins.js`)
* @param {String | null} credentials the content of this providers credentials file
* @param {String} propagation_seconds the cloudflare api token
* @returns {Promise}
*/
requestLetsEncryptSslWithDnsChallenge: (certificate) => {
const dns_plugin = dns_plugins[certificate.meta.dns_provider];
const dns_plugin = dnsPlugins[certificate.meta.dns_provider];
if (!dns_plugin) {
throw Error(`Unknown DNS provider '${certificate.meta.dns_provider}'`);
@ -803,50 +798,43 @@ const internalCertificate = {
logger.info(`Requesting Let'sEncrypt certificates via ${dns_plugin.display_name} for Cert #${certificate.id}: ${certificate.domain_names.join(', ')}`);
const credentials_loc = '/etc/letsencrypt/credentials/credentials-' + certificate.id;
const credentials_cmd = 'mkdir -p /etc/letsencrypt/credentials 2> /dev/null; echo \'' + certificate.meta.dns_provider_credentials.replace('\'', '\\\'') + '\' > \'' + credentials_loc + '\' && chmod 600 \'' + credentials_loc + '\'';
const prepare_cmd = 'pip install ' + dns_plugin.package_name + '==' + dns_plugin.package_version + ' ' + dns_plugin.dependencies;
const credentialsLocation = '/etc/letsencrypt/credentials/credentials-' + certificate.id;
const credentialsCmd = 'mkdir -p /etc/letsencrypt/credentials 2> /dev/null; echo \'' + certificate.meta.dns_provider_credentials.replace('\'', '\\\'') + '\' > \'' + credentialsLocation + '\' && chmod 600 \'' + credentialsLocation + '\'';
const prepareCmd = 'pip install ' + dns_plugin.package_name + '==' + dns_plugin.package_version + ' ' + dns_plugin.dependencies;
// Whether the plugin has a --<name>-credentials argument
const has_config_arg = certificate.meta.dns_provider !== 'route53' && certificate.meta.dns_provider !== 'duckdns';
const hasConfigArg = certificate.meta.dns_provider !== 'route53';
let main_cmd =
certbot_command + ' certonly --non-interactive ' +
let mainCmd = certbotCommand + ' certonly --non-interactive ' +
'--cert-name "npm-' + certificate.id + '" ' +
'--agree-tos ' +
'--email "' + certificate.meta.letsencrypt_email + '" ' +
'--email "' + certificate.meta.letsencrypt_email + '" ' +
'--domains "' + certificate.domain_names.join(',') + '" ' +
'--authenticator ' + dns_plugin.full_plugin_name + ' ' +
(
has_config_arg
? '--' + dns_plugin.full_plugin_name + '-credentials "' + credentials_loc + '"'
hasConfigArg
? '--' + dns_plugin.full_plugin_name + '-credentials "' + credentialsLocation + '"'
: ''
) +
(
certificate.meta.propagation_seconds !== undefined
? ' --' + dns_plugin.full_plugin_name + '-propagation-seconds ' + certificate.meta.propagation_seconds
certificate.meta.propagation_seconds !== undefined
? ' --' + dns_plugin.full_plugin_name + '-propagation-seconds ' + certificate.meta.propagation_seconds
: ''
) +
(le_staging ? ' --staging' : '');
(letsencryptStaging ? ' --staging' : '');
// Prepend the path to the credentials file as an environment variable
if (certificate.meta.dns_provider === 'route53') {
main_cmd = 'AWS_CONFIG_FILE=\'' + credentials_loc + '\' ' + main_cmd;
mainCmd = 'AWS_CONFIG_FILE=\'' + credentialsLocation + '\' ' + mainCmd;
}
if (certificate.meta.dns_provider === 'duckdns') {
main_cmd = main_cmd + ' --' + dns_plugin.full_plugin_name + '-token ' + certificate.meta.dns_provider_credentials;
}
logger.info('Command:', `${credentialsCmd} && ${prepareCmd} && ${mainCmd}`);
if (debug_mode) {
logger.info('Command:', `${credentials_cmd} && ${prepare_cmd} && ${main_cmd}`);
}
return utils.exec(credentials_cmd)
return utils.exec(credentialsCmd)
.then(() => {
return utils.exec(prepare_cmd)
return utils.exec(prepareCmd)
.then(() => {
return utils.exec(main_cmd)
return utils.exec(mainCmd)
.then(async (result) => {
logger.info(result);
return result;
@ -854,8 +842,8 @@ const internalCertificate = {
});
}).catch(async (err) => {
// Don't fail if file does not exist
const delete_credentials_cmd = `rm -f '${credentials_loc}' || true`;
await utils.exec(delete_credentials_cmd);
const delete_credentialsCmd = `rm -f '${credentialsLocation}' || true`;
await utils.exec(delete_credentialsCmd);
throw err;
});
},
@ -874,7 +862,7 @@ const internalCertificate = {
})
.then((certificate) => {
if (certificate.provider === 'letsencrypt') {
let renewMethod = certificate.meta.dns_challenge ? internalCertificate.renewLetsEncryptSslWithDnsChallenge : internalCertificate.renewLetsEncryptSsl;
const renewMethod = certificate.meta.dns_challenge ? internalCertificate.renewLetsEncryptSslWithDnsChallenge : internalCertificate.renewLetsEncryptSsl;
return renewMethod(certificate)
.then(() => {
@ -912,16 +900,14 @@ const internalCertificate = {
renewLetsEncryptSsl: (certificate) => {
logger.info('Renewing Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
let cmd = certbot_command + ' renew --non-interactive ' +
'--config "' + le_config + '" ' +
const cmd = certbotCommand + ' renew --force-renewal --non-interactive ' +
'--config "' + letsencryptConfig + '" ' +
'--cert-name "npm-' + certificate.id + '" ' +
'--preferred-challenges "dns,http" ' +
'--disable-hook-validation ' +
(le_staging ? '--staging' : '');
(letsencryptStaging ? '--staging' : '');
if (debug_mode) {
logger.info('Command:', cmd);
}
logger.info('Command:', cmd);
return utils.exec(cmd)
.then((result) => {
@ -935,7 +921,7 @@ const internalCertificate = {
* @returns {Promise}
*/
renewLetsEncryptSslWithDnsChallenge: (certificate) => {
const dns_plugin = dns_plugins[certificate.meta.dns_provider];
const dns_plugin = dnsPlugins[certificate.meta.dns_provider];
if (!dns_plugin) {
throw Error(`Unknown DNS provider '${certificate.meta.dns_provider}'`);
@ -943,23 +929,20 @@ const internalCertificate = {
logger.info(`Renewing Let'sEncrypt certificates via ${dns_plugin.display_name} for Cert #${certificate.id}: ${certificate.domain_names.join(', ')}`);
let main_cmd =
certbot_command + ' renew --non-interactive ' +
let mainCmd = certbotCommand + ' renew --non-interactive ' +
'--cert-name "npm-' + certificate.id + '" ' +
'--disable-hook-validation' +
(le_staging ? ' --staging' : '');
(letsencryptStaging ? ' --staging' : '');
// Prepend the path to the credentials file as an environment variable
if (certificate.meta.dns_provider === 'route53') {
const credentials_loc = '/etc/letsencrypt/credentials/credentials-' + certificate.id;
main_cmd = 'AWS_CONFIG_FILE=\'' + credentials_loc + '\' ' + main_cmd;
const credentialsLocation = '/etc/letsencrypt/credentials/credentials-' + certificate.id;
mainCmd = 'AWS_CONFIG_FILE=\'' + credentialsLocation + '\' ' + mainCmd;
}
if (debug_mode) {
logger.info('Command:', main_cmd);
}
logger.info('Command:', mainCmd);
return utils.exec(main_cmd)
return utils.exec(mainCmd)
.then(async (result) => {
logger.info(result);
return result;
@ -974,28 +957,24 @@ const internalCertificate = {
revokeLetsEncryptSsl: (certificate, throw_errors) => {
logger.info('Revoking Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
const main_cmd = certbot_command + ' revoke --non-interactive ' +
const mainCmd = certbotCommand + ' revoke --non-interactive ' +
'--cert-path "/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem" ' +
'--delete-after-revoke ' +
(le_staging ? '--staging' : '');
(letsencryptStaging ? '--staging' : '');
// Don't fail command if file does not exist
const delete_credentials_cmd = `rm -f '/etc/letsencrypt/credentials/credentials-${certificate.id}' || true`;
const delete_credentialsCmd = `rm -f '/etc/letsencrypt/credentials/credentials-${certificate.id}' || true`;
if (debug_mode) {
logger.info('Command:', main_cmd + '; ' + delete_credentials_cmd);
}
logger.info('Command:', mainCmd + '; ' + delete_credentialsCmd);
return utils.exec(main_cmd)
return utils.exec(mainCmd)
.then(async (result) => {
await utils.exec(delete_credentials_cmd);
await utils.exec(delete_credentialsCmd);
logger.info(result);
return result;
})
.catch((err) => {
if (debug_mode) {
logger.error(err.message);
}
logger.error(err.message);
if (throw_errors) {
throw err;
@ -1008,9 +987,9 @@ const internalCertificate = {
* @returns {Boolean}
*/
hasLetsEncryptSslCerts: (certificate) => {
let le_path = '/etc/letsencrypt/live/npm-' + certificate.id;
const letsencryptPath = '/etc/letsencrypt/live/npm-' + certificate.id;
return fs.existsSync(le_path + '/fullchain.pem') && fs.existsSync(le_path + '/privkey.pem');
return fs.existsSync(letsencryptPath + '/fullchain.pem') && fs.existsSync(letsencryptPath + '/privkey.pem');
},
/**

View File

@ -136,6 +136,8 @@ const internalNginx = {
* @returns {Promise}
*/
renderLocations: (host) => {
//logger.info('host = ' + JSON.stringify(host, null, 2));
return new Promise((resolve, reject) => {
let template;
@ -146,13 +148,19 @@ const internalNginx = {
return;
}
let renderer = new Liquid();
let renderer = new Liquid({
root: __dirname + '/../templates/'
});
let renderedLocations = '';
const locationRendering = async () => {
for (let i = 0; i < host.locations.length; i++) {
let locationCopy = Object.assign({}, host.locations[i]);
let locationCopy = Object.assign({}, {access_list_id: host.access_list_id}, {certificate_id: host.certificate_id},
{ssl_forced: host.ssl_forced}, {caching_enabled: host.caching_enabled}, {block_exploits: host.block_exploits},
{allow_websocket_upgrade: host.allow_websocket_upgrade}, {http2_support: host.http2_support},
{hsts_enabled: host.hsts_enabled}, {hsts_subdomains: host.hsts_subdomains}, {access_list: host.access_list},
{certificate: host.certificate}, host.locations[i]);
if (locationCopy.forward_host.indexOf('/') > -1) {
const splitted = locationCopy.forward_host.split('/');
@ -160,12 +168,16 @@ const internalNginx = {
locationCopy.forward_path = `/${splitted.join('/')}`;
}
//logger.info('locationCopy = ' + JSON.stringify(locationCopy, null, 2));
// eslint-disable-next-line
renderedLocations += await renderer.parseAndRender(template, locationCopy);
}
};
locationRendering().then(() => resolve(renderedLocations));
});
},
@ -181,6 +193,8 @@ const internalNginx = {
logger.info('Generating ' + host_type + ' Config:', host);
}
// logger.info('host = ' + JSON.stringify(host, null, 2));
let renderEngine = new Liquid({
root: __dirname + '/../templates/'
});
@ -208,6 +222,7 @@ const internalNginx = {
}
if (host.locations) {
//logger.info ('host.locations = ' + JSON.stringify(host.locations, null, 2));
origLocations = [].concat(host.locations);
locationsPromise = internalNginx.renderLocations(host).then((renderedLocations) => {
host.locations = renderedLocations;

View File

@ -201,9 +201,29 @@ const setupCertbotPlugins = () => {
});
};
/**
* Starts a timer to call run the logrotation binary every two days
* @returns {Promise}
*/
const setupLogrotation = () => {
const intervalTimeout = 1000 * 60 * 60 * 24 * 2; // 2 days
const runLogrotate = async () => {
await utils.exec('logrotate /etc/logrotate.d/nginx-proxy-manager');
logger.info('Logrotate completed.');
};
logger.info('Logrotate Timer initialized');
setInterval(runLogrotate, intervalTimeout);
// And do this now as well
return runLogrotate();
};
module.exports = function () {
return setupJwt()
.then(setupDefaultUser)
.then(setupDefaultSettings)
.then(setupCertbotPlugins);
.then(setupCertbotPlugins)
.then(setupLogrotation);
};

View File

@ -3,7 +3,43 @@
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
{% if access_list_id > 0 %}
{% if access_list.items.length > 0 %}
# Authorization
auth_basic "Authorization required";
auth_basic_user_file /data/access/{{ access_list_id }};
{{ access_list.passauth }}
{% endif %}
# Access Rules
{% for client in access_list.clients %}
{{- client.rule -}};
{% endfor %}deny all;
# Access checks must...
{% if access_list.satisfy %}
{{ access_list.satisfy }};
{% endif %}
{% endif %}
{% include "_assets.conf" %}
{% include "_exploits.conf" %}
{% include "_forced_ssl.conf" %}
{% include "_hsts.conf" %}
{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
{% endif %}
{{ advanced_config }}
}

View File

@ -7,7 +7,8 @@ server {
{% include "_hsts.conf" %}
{% include "_forced_ssl.conf" %}
access_log /data/logs/dead_host-{{ id }}.log standard;
access_log /data/logs/dead-host-{{ id }}_access.log standard;
error_log /data/logs/dead-host-{{ id }}_error.log warn;
{{ advanced_config }}

View File

@ -12,7 +12,8 @@ server {
#listen [::]:80;
{% endif %}
server_name default-host.localhost;
access_log /data/logs/default_host.log combined;
access_log /data/logs/default-host_access.log combined;
error_log /data/logs/default-host_error.log warn;
{% include "_exploits.conf" %}
{%- if value == "404" %}

View File

@ -8,7 +8,8 @@ server {
server_name {{ domain_names | join: " " }};
access_log /data/logs/letsencrypt-requests.log standard;
access_log /data/logs/letsencrypt-requests_access.log standard;
error_log /data/logs/letsencrypt-requests_error.log warn;
include conf.d/include/letsencrypt-acme-challenge.conf;

View File

@ -19,8 +19,8 @@ proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
{% endif %}
access_log /data/logs/proxy_host-{{ id }}.log proxy;
access_log /data/logs/proxy-host-{{ id }}_access.log proxy;
error_log /data/logs/proxy-host-{{ id }}_error.log warn;
{{ advanced_config }}

View File

@ -9,7 +9,8 @@ server {
{% include "_hsts.conf" %}
{% include "_forced_ssl.conf" %}
access_log /data/logs/redirection_host-{{ id }}.log standard;
access_log /data/logs/redirection-host-{{ id }}_access.log standard;
error_log /data/logs/redirection-host-{{ id }}_error.log warn;
{{ advanced_config }}

View File

@ -20,7 +20,7 @@ ENV SUPPRESS_NO_CONFIG_WARNING=1 \
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apt-get update \
&& apt-get install -y --no-install-recommends jq \
&& apt-get install -y --no-install-recommends jq logrotate \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
@ -43,6 +43,9 @@ COPY docker/rootfs /
# Remove frontend service not required for prod, dev nginx config as well
RUN rm -rf /etc/services.d/frontend /etc/nginx/conf.d/dev.conf
# Change permission of logrotate config file
RUN chmod 644 /etc/logrotate.d/nginx-proxy-manager
VOLUME [ "/data", "/etc/letsencrypt" ]
ENTRYPOINT [ "/init" ]
HEALTHCHECK --interval=5s --timeout=3s CMD /bin/check-health

View File

@ -7,7 +7,7 @@ ENV S6_LOGGING=0 \
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apt-get update \
&& apt-get install -y certbot jq python3-pip \
&& apt-get install -y certbot jq python3-pip logrotate \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
@ -18,6 +18,7 @@ RUN cd /usr \
COPY rootfs /
RUN rm -f /etc/nginx/conf.d/production.conf
RUN chmod 644 /etc/logrotate.d/nginx-proxy-manager
# s6 overlay
RUN curl -L -o /tmp/s6-overlay-amd64.tar.gz "https://github.com/just-containers/s6-overlay/releases/download/v1.22.1.0/s6-overlay-amd64.tar.gz" \

View File

@ -1,9 +1,9 @@
# WARNING: This is a DEVELOPMENT docker-compose file, it should not be used for production.
version: "3"
version: "3.5"
services:
npm:
image: nginxproxymanager:dev
container_name: npm_core
build:
context: ./
dockerfile: ./dev/Dockerfile
@ -36,6 +36,7 @@ services:
db:
image: jc21/mariadb-aria
container_name: npm_db
networks:
- nginx_proxy_manager
environment:
@ -47,21 +48,26 @@ services:
- db_data:/var/lib/mysql
swagger:
image: 'swaggerapi/swagger-ui:latest'
image: "swaggerapi/swagger-ui:latest"
container_name: npm_swagger
ports:
- 3001:80
networks:
- nginx_proxy_manager
environment:
URL: "http://127.0.0.1:3081/api/schema"
PORT: '80'
PORT: "80"
depends_on:
- npm
volumes:
npm_data:
name: npm_core_data
le_data:
name: npm_le_data
db_data:
name: npm_db_data
networks:
nginx_proxy_manager:
name: npm_network

View File

@ -0,0 +1,25 @@
/data/logs/*_access.log /data/logs/*/access.log {
create 0644 root root
weekly
rotate 4
missingok
notifempty
compress
sharedscripts
postrotate
/bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
endscript
}
/data/logs/*_error.log /data/logs/*/error.log {
create 0644 root root
weekly
rotate 10
missingok
notifempty
compress
sharedscripts
postrotate
/bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
endscript
}

View File

@ -8,7 +8,7 @@ server {
set $port "80";
server_name localhost-nginx-proxy-manager;
access_log /data/logs/default.log standard;
access_log /data/logs/fallback_access.log standard;
error_log /dev/null crit;
include conf.d/include/assets.conf;
include conf.d/include/block-exploits.conf;
@ -29,7 +29,7 @@ server {
set $port "443";
server_name localhost;
access_log /data/logs/default.log standard;
access_log /data/logs/fallback-access.log standard;
error_log /dev/null crit;
ssl_certificate /data/nginx/dummycert.pem;
ssl_certificate_key /data/nginx/dummykey.pem;

View File

@ -5,6 +5,7 @@ location ^~ /.well-known/acme-challenge/ {
# Since this is for letsencrypt authentication of a domain and they do not give IP ranges of their infrastructure
# we need to open up access by turning off auth and IP ACL for this location.
auth_basic off;
auth_request off;
allow all;
# Set correct content type. According to this:

View File

@ -3,7 +3,5 @@ ssl_session_cache shared:SSL:50m;
# intermediate configuration. tweak to your needs.
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'EECDH+AESGCM:AES256+EECDH:AES256+EDH:EDH+AESGCM:ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-
ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AE
S128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES';
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
ssl_prefer_server_ciphers off;

View File

@ -9,7 +9,7 @@ worker_processes auto;
# Enables the use of JIT for regular expressions to speed-up their processing.
pcre_jit on;
error_log /data/logs/error.log warn;
error_log /data/logs/fallback_error.log warn;
# Includes files with directives to load dynamic modules.
include /etc/nginx/modules/*.conf;
@ -46,8 +46,7 @@ http {
log_format proxy '[$time_local] $upstream_cache_status $upstream_status $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] [Sent-to $server] "$http_user_agent" "$http_referer"';
log_format standard '[$time_local] $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] "$http_user_agent" "$http_referer"';
access_log /data/logs/default.log proxy;
access_log /data/logs/fallback_access.log proxy;
# Dynamically generated resolvers file
include /etc/nginx/conf.d/include/resolvers.conf;
@ -58,11 +57,11 @@ http {
}
# Real IP Determination
# Docker subnet:
set_real_ip_from 172.0.0.0/8;
# Local subnets:
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 192.0.0.0/8;
set_real_ip_from 172.16.0.0/12; # Includes Docker subnet
set_real_ip_from 192.168.0.0/16;
# NPM generated CDN ip ranges:
include conf.d/include/ip_ranges.conf;
# always put the following 2 lines after ip subnets:

View File

@ -34,7 +34,7 @@ services:
volumes:
- './data:/data'
- '/var/run/docker.sock:/var/run/docker.sock'
restart: always
restart: unless-stopped
networks:
default:
@ -68,7 +68,7 @@ secrets:
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: always
restart: unless-stopped
ports:
# Public HTTP Port:
- '80:80'
@ -98,7 +98,7 @@ services:
- db
db:
image: jc21/mariadb-aria
restart: always
restart: unless-stopped
environment:
# MYSQL_ROOT_PASSWORD: "npm" # use secret instead
MYSQL_ROOT_PASSWORD__FILE: /run/secrets/DB_ROOT_PWD

View File

@ -143,7 +143,7 @@
"css-select-base-adapter": "^0.1.1",
"css-tree": "^1.0.0-alpha.39",
"css-unit-converter": "^1.1.2",
"css-what": "^3.3.0",
"css-what": "^5.0.1",
"cssesc": "^3.0.0",
"cssnano": "^4.1.10",
"cssnano-preset-default": "^4.0.7",

View File

@ -25,7 +25,7 @@ version: "3"
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: always
restart: unless-stopped
ports:
# Public HTTP Port:
- '80:80'
@ -54,7 +54,7 @@ services:
- db
db:
image: 'jc21/mariadb-aria:latest'
restart: always
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: 'npm'
MYSQL_DATABASE: 'npm'
@ -96,7 +96,7 @@ version: "3"
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: always
restart: unless-stopped
ports:
# Public HTTP Port:
- '80:80'
@ -122,18 +122,15 @@ services:
depends_on:
- db
db:
image: ghcr.io/linuxserver/mariadb
image: yobasystems/alpine-mariadb:latest
restart: unless-stopped
environment:
PUID: 1001
PGID: 1001
TZ: "Europe/London"
MYSQL_ROOT_PASSWORD: "changeme"
MYSQL_DATABASE: "npm"
MYSQL_USER: "changeuser"
MYSQL_PASSWORD: "changepass"
volumes:
- ./data/mariadb:/config
- ./data/mariadb:/var/lib/mysql
```
_Please note, that `DB_MYSQL_*` environment variables will take precedent over `DB_SQLITE_*` var>
@ -185,7 +182,8 @@ Here's an example for `sqlite` configuration as it is generated from the environ
"client": "sqlite3",
"connection": {
"filename": "/data/database.sqlite"
}
},
"useNullAsDefault": true
}
}
}

View File

@ -2155,14 +2155,15 @@ browserify-zlib@^0.2.0:
pako "~1.0.5"
browserslist@^4.0.0, browserslist@^4.12.0, browserslist@^4.13.0, browserslist@^4.8.5:
version "4.13.0"
resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.13.0.tgz#42556cba011e1b0a2775b611cba6a8eca18e940d"
integrity sha512-MINatJ5ZNrLnQ6blGvePd/QOz9Xtu+Ne+x29iQSCHfkU5BugKVJwZKn/iiL8UbpIpa3JhviKjz+XxMo0m2caFQ==
version "4.16.5"
resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.16.5.tgz#952825440bca8913c62d0021334cbe928ef062ae"
integrity sha512-C2HAjrM1AI/djrpAUU/tr4pml1DqLIzJKSLDBXBrNErl9ZCCTXdhwxdJjYc16953+mBWf7Lw+uUJgpgb8cN71A==
dependencies:
caniuse-lite "^1.0.30001093"
electron-to-chromium "^1.3.488"
escalade "^3.0.1"
node-releases "^1.1.58"
caniuse-lite "^1.0.30001214"
colorette "^1.2.2"
electron-to-chromium "^1.3.719"
escalade "^3.1.1"
node-releases "^1.1.71"
buffer-from@^1.0.0, buffer-from@^1.1.1:
version "1.1.1"
@ -2417,10 +2418,10 @@ caniuse-api@^3.0.0:
lodash.memoize "^4.1.2"
lodash.uniq "^4.5.0"
caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001093, caniuse-lite@^1.0.30001109, caniuse-lite@^1.0.30001111:
version "1.0.30001111"
resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001111.tgz#dd0ce822c70eb6c7c068e4a55c22e19ec1501298"
integrity sha512-xnDje2wchd/8mlJu8sXvWxOGvMgv+uT3iZ3bkIAynKOzToCssWCmkz/ZIkQBs/2pUB4uwnJKVORWQ31UkbVjOg==
caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001109, caniuse-lite@^1.0.30001111, caniuse-lite@^1.0.30001214:
version "1.0.30001230"
resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001230.tgz#8135c57459854b2240b57a4a6786044bdc5a9f71"
integrity sha512-5yBd5nWCBS+jWKTcHOzXwo5xzcj4ePE/yjtkZyUV1BTUmrBaA9MRGC+e7mxnqXSA90CmCA8L3eKLaSUkt099IQ==
caseless@^0.12.0, caseless@~0.12.0:
version "0.12.0"
@ -2649,9 +2650,9 @@ color-name@^1.0.0, color-name@^1.1.4, color-name@~1.1.4:
integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==
color-string@^1.5.2, color-string@^1.5.3:
version "1.5.3"
resolved "https://registry.yarnpkg.com/color-string/-/color-string-1.5.3.tgz#c9bbc5f01b58b5492f3d6857459cb6590ce204cc"
integrity sha512-dC2C5qeWoYkxki5UAXapdjqO672AM4vZuPGRQfO8b5HKuKGBbKWpITyDYN7TOFKvRW7kOgAn3746clDBMDJyQw==
version "1.5.5"
resolved "https://registry.yarnpkg.com/color-string/-/color-string-1.5.5.tgz#65474a8f0e7439625f3d27a6a19d89fc45223014"
integrity sha512-jgIoum0OfQfq9Whcfc2z/VhCNcmQjWbey6qBX0vqt7YICflUmBCh9E9CiQD5GSJ+Uehixm3NUwHVhqUAWRivZg==
dependencies:
color-name "^1.0.0"
simple-swizzle "^0.2.2"
@ -3113,11 +3114,16 @@ css-what@2.1:
resolved "https://registry.yarnpkg.com/css-what/-/css-what-2.1.3.tgz#a6d7604573365fe74686c3f311c56513d88285f2"
integrity sha512-a+EPoD+uZiNfh+5fxw2nO9QwFa6nJe2Or35fGY6Ipw1R3R4AGz1d1TEZrCegvw2YTmZ0jXirGYlzxxpYSHwpEg==
css-what@^3.2.1, css-what@^3.3.0:
css-what@^3.2.1:
version "3.3.0"
resolved "https://registry.yarnpkg.com/css-what/-/css-what-3.3.0.tgz#10fec696a9ece2e591ac772d759aacabac38cd39"
integrity sha512-pv9JPyatiPaQ6pf4OvD/dbfm0o5LviWmwxNWzblYf/1u9QZd0ihV+PMwy5jdQWQ3349kZmKEx9WXuSka2dM4cg==
css-what@^5.0.1:
version "5.0.1"
resolved "https://registry.yarnpkg.com/css-what/-/css-what-5.0.1.tgz#3efa820131f4669a8ac2408f9c32e7c7de9f4cad"
integrity sha512-FYDTSHb/7KXsWICVsxdmiExPjCfRC4qRFBdVwv7Ax9hMnvMmEjP9RfxTEZ3qPZGmADDn2vAKSo9UcN1jKVYscg==
css@^2.0.0:
version "2.2.4"
resolved "https://registry.yarnpkg.com/css/-/css-2.2.4.tgz#c646755c73971f2bba6a601e2cf2fd71b1298929"
@ -3495,9 +3501,9 @@ dns-packet@^4.0.0:
safe-buffer "^5.1.1"
dns-packet@^5.2.1:
version "5.2.1"
resolved "https://registry.yarnpkg.com/dns-packet/-/dns-packet-5.2.1.tgz#26cec0be92252a1b97ed106482921192a7e08f72"
integrity sha512-JHj2yJeKOqlxzeuYpN1d56GfhzivAxavNwHj9co3qptECel27B1rLY5PifJAvubsInX5pGLDjAHuCfCUc2Zv/w==
version "5.2.2"
resolved "https://registry.yarnpkg.com/dns-packet/-/dns-packet-5.2.2.tgz#e4c7d12974cc320b0c0d4b9bbbf68ac151cfe81e"
integrity sha512-sQN+vLwC3PvOXiCH/oHcdzML2opFeIdVh8gjjMZrM45n4dR80QF6o3AzInQy6F9Eoc0VJYog4JpQTilt4RFLYQ==
dependencies:
ip "^1.1.5"
@ -3669,10 +3675,10 @@ ee-first@1.1.1, ee-first@^1.1.1:
resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=
electron-to-chromium@^1.3.488, electron-to-chromium@^1.3.522:
version "1.3.522"
resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.522.tgz#4a6485ad187ffd31913bba0747d0e36405f405d6"
integrity sha512-67V62Z4CFOiAtox+o+tosGfVk0QX4DJgH609tjT8QymbJZVAI/jWnAthnr8c5hnRNziIRwkc9EMQYejiVz3/9Q==
electron-to-chromium@^1.3.522, electron-to-chromium@^1.3.719:
version "1.3.739"
resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.739.tgz#f07756aa92cabd5a6eec6f491525a64fe62f98b9"
integrity sha512-+LPJVRsN7hGZ9EIUUiWCpO7l4E3qBYHNadazlucBfsXBbccDFNKUBAgzE68FnkWGJPwD/AfKhSzL+G+Iqb8A4A==
elliptic@^6.5.3:
version "6.5.4"
@ -3819,10 +3825,10 @@ es6-promise@^4.1.0, es6-promise@^4.2.8:
resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-4.2.8.tgz#4eb21594c972bc40553d276e510539143db53e0a"
integrity sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==
escalade@^3.0.1:
version "3.0.2"
resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.0.2.tgz#6a580d70edb87880f22b4c91d0d56078df6962c4"
integrity sha512-gPYAU37hYCUhW5euPeR+Y74F7BL+IBsV93j5cvGriSaD1aG6MGsqsV1yamRdrWrb2j3aiZvb0X+UBOWpx3JWtQ==
escalade@^3.1.1:
version "3.1.1"
resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.1.1.tgz#d8cfdc7000965c5a0174b4a82eaa5c0552742e40"
integrity sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==
escape-goat@^2.0.0:
version "2.1.1"
@ -4421,9 +4427,9 @@ glob-parent@^3.1.0:
path-dirname "^1.0.0"
glob-parent@^5.1.0, glob-parent@^5.1.1, glob-parent@~5.1.0:
version "5.1.1"
resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.1.tgz#b6c1ef417c4e5663ea498f1c45afac6916bbc229"
integrity sha512-FnI+VGOpnlGHWZxthPGR+QhR78fuiK0sNLkHQv+bL9fQi57lNNdquIbna/WrfROrolq8GK5Ek6BiMwqL/voRYQ==
version "5.1.2"
resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz#869832c58034fe68a4093c17dc15e8340d8401c4"
integrity sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==
dependencies:
is-glob "^4.0.1"
@ -6623,10 +6629,10 @@ node-libs-browser@^2.2.1:
util "^0.11.0"
vm-browserify "^1.0.1"
node-releases@^1.1.58, node-releases@^1.1.60:
version "1.1.60"
resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.60.tgz#6948bdfce8286f0b5d0e5a88e8384e954dfe7084"
integrity sha512-gsO4vjEdQaTusZAEebUWp2a5d7dF5DYoIpDG7WySnk7BuZDW+GPpHXoXXuYawRBr/9t5q54tirPz79kFIWg4dA==
node-releases@^1.1.60, node-releases@^1.1.71:
version "1.1.72"
resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.72.tgz#14802ab6b1039a79a0c7d662b610a5bbd76eacbe"
integrity sha512-LLUo+PpH3dU6XizX3iVoubUNheF/owjXCZZ5yACDxNnPtgFuludV1ZL3ayK1kVep42Rmm0+R9/Y60NQbZ2bifw==
nopt@1.0.10:
version "1.0.10"
@ -6690,9 +6696,9 @@ normalize-url@^4.1.0:
integrity sha512-2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ==
normalize-url@^5.1.0:
version "5.1.0"
resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-5.1.0.tgz#04b8f1b34ea49ff713fc20b2218eba41fb9974a3"
integrity sha512-UxHuSWsSAmzSqN+DSjasaZWQ3QPtEisHdlr4y9MJ5zg0RcImv5fQt8QM0izJSCdsdmhJGK+ubcTpJXwVDmwSVQ==
version "5.3.1"
resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-5.3.1.tgz#c8485c0f5ba2f9c17a6d2907b56117ae5967f882"
integrity sha512-K1c7+vaAP+Yh5bOGmA10PGPpp+6h7WZrl7GwqKhUflBc9flU9pzG27DDeB9+iuhZkE3BJZOcgN1P/2sS5pqrWw==
npm-run-path@^2.0.0:
version "2.0.2"
@ -8416,9 +8422,9 @@ set-blocking@^2.0.0:
integrity sha1-BF+XgtARrppoA93TgrJDkrPYkPc=
set-getter@^0.1.0:
version "0.1.0"
resolved "https://registry.yarnpkg.com/set-getter/-/set-getter-0.1.0.tgz#d769c182c9d5a51f409145f2fba82e5e86e80376"
integrity sha1-12nBgsnVpR9AkUXy+6guXoboA3Y=
version "0.1.1"
resolved "https://registry.yarnpkg.com/set-getter/-/set-getter-0.1.1.tgz#a3110e1b461d31a9cfc8c5c9ee2e9737ad447102"
integrity sha512-9sVWOy+gthr+0G9DzqqLaYNA7+5OKkSmcqjL9cBpDEaZrr3ShQlyX2cZ/O/ozE41oxn/Tt0LGEM/w4Rub3A3gw==
dependencies:
to-object-path "^0.3.0"
@ -10253,9 +10259,9 @@ ws@^6.2.1:
async-limiter "~1.0.0"
ws@^7.3.1:
version "7.3.1"
resolved "https://registry.yarnpkg.com/ws/-/ws-7.3.1.tgz#d0547bf67f7ce4f12a72dfe31262c68d7dc551c8"
integrity sha512-D3RuNkynyHmEJIpD2qrgVkc9DQ23OrN/moAwZX4L8DfvszsJxpjQuUq3LMx6HoYji9fbIOBY18XWBsAux1ZZUA==
version "7.4.6"
resolved "https://registry.yarnpkg.com/ws/-/ws-7.4.6.tgz#5654ca8ecdeee47c33a9a4bf6d28e2be2980377c"
integrity sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A==
xdg-basedir@^4.0.0:
version "4.0.0"

View File

@ -251,7 +251,7 @@ module.exports = Mn.View.extend({
text: input
};
},
createFilter: /^(?:[^.]+\.?)+[^.]$/
createFilter: /^(?:\*\.)?(?:[^.*]+\.?)+[^.]$/
});
this.ui.dns_challenge_content.hide();
this.ui.credentials_file_content.hide();

View File

@ -278,7 +278,7 @@ module.exports = Mn.View.extend({
text: input
};
},
createFilter: /^(?:\.)?(?:[^.*]+\.?)+[^.]$/
createFilter: /^(?:\*\.)?(?:[^.*]+\.?)+[^.]$/
});
// Access Lists

View File

@ -60,7 +60,7 @@
},
"footer": {
"fork-me": "Fork me on Github",
"copy": "&copy; 2019 <a href=\"{url}\" target=\"_blank\">jc21.com</a>.",
"copy": "&copy; 2021 <a href=\"{url}\" target=\"_blank\">jc21.com</a>.",
"theme": "Theme by <a href=\"{url}\" target=\"_blank\">Tabler</a>"
},
"dashboard": {

View File

@ -34,7 +34,7 @@
"sass-loader": "^8.0.2",
"style-loader": "^1.1.3",
"tabler-ui": "git+https://github.com/tabler/tabler.git#00f78ad823311bc3ad974ac3e5b0126198f0a813",
"underscore": "^1.10.2",
"underscore": "^1.12.1",
"webpack": "^4.42.1",
"webpack-cli": "^3.3.11",
"webpack-visualizer-plugin": "^0.1.11"

View File

@ -5245,9 +5245,9 @@ postcss-value-parser@^4.1.0:
integrity sha512-97DXOFbQJhk71ne5/Mt6cOu6yxsSfM0QGQyl0L25Gca4yGWEGJaig7l7gbCX623VqTBNGLRLaVUCnNkcedlRSQ==
postcss@^7.0.14, postcss@^7.0.32, postcss@^7.0.5, postcss@^7.0.6:
version "7.0.32"
resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.32.tgz#4310d6ee347053da3433db2be492883d62cec59d"
integrity sha512-03eXong5NLnNCD05xscnGKGDZ98CyzoqPSMjOe6SuoQY7Z2hIj0Ld1g/O/UQRuOle2aRtiIRDg9tDcTGAkLfKw==
version "7.0.36"
resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.36.tgz#056f8cffa939662a8f5905950c07d5285644dfcb"
integrity sha512-BebJSIUMwJHRH0HAQoxN4u1CN86glsrwsW0q7T+/m44eXOUAxSNdHRkNZPYz5vVUbg17hFgOQDE7fZk7li3pZw==
dependencies:
chalk "^2.4.2"
source-map "^0.6.1"
@ -6594,10 +6594,10 @@ undefsafe@^2.0.2:
dependencies:
debug "^2.2.0"
underscore@>=1.8.3, underscore@^1.10.2:
version "1.10.2"
resolved "https://registry.yarnpkg.com/underscore/-/underscore-1.10.2.tgz#73d6aa3668f3188e4adb0f1943bd12cfd7efaaaf"
integrity sha512-N4P+Q/BuyuEKFJ43B9gYuOj4TQUHXX+j2FqguVOpjkssLUUrnJofCcBccJSCoeturDoZU6GorDTHSvUDlSQbTg==
underscore@>=1.8.3, underscore@^1.12.1:
version "1.12.1"
resolved "https://registry.yarnpkg.com/underscore/-/underscore-1.12.1.tgz#7bb8cc9b3d397e201cf8553336d262544ead829e"
integrity sha512-hEQt0+ZLDVUMhebKxL4x1BTtDY7bavVofhZ9KZ4aI26X9SRaE+Y3m83XUL1UP2jn8ynjndwCCpEHdUG+9pP1Tw==
union-value@^1.0.0:
version "1.0.1"

View File

@ -241,6 +241,15 @@ dns_godaddy_key = abcdef0123456789abcdef01234567abcdef0123`,
full_plugin_name: 'certbot-dns-hetzner:dns-hetzner',
},
//####################################################//
infomaniak: {
display_name: 'Infomaniak',
package_name: 'certbot-dns-infomaniak',
package_version: '0.1.12',
dependencies: '',
credentials: 'certbot_dns_infomaniak:dns_infomaniak_token = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
full_plugin_name: 'certbot-dns-infomaniak:dns-infomaniak',
},
//####################################################//
inwx: {
display_name: 'INWX',
package_name: 'certbot-dns-inwx',
@ -253,6 +262,17 @@ certbot_dns_inwx:dns_inwx_shared_secret = your_shared_secret optional`,
full_plugin_name: 'certbot-dns-inwx:dns-inwx',
},
//####################################################//
ionos: {
display_name: 'IONOS',
package_name: 'certbot-dns-ionos',
package_version: '0.0.7',
dependencies: '',
credentials: `certbot_dns_ionos:dns_ionos_prefix = myapikeyprefix
certbot_dns_ionos:dns_ionos_secret = verysecureapikeysecret
certbot_dns_ionos:dns_ionos_endpoint = https://api.hosting.ionos.com`,
full_plugin_name: 'certbot-dns-ionos:dns-ionos',
},
//####################################################//
ispconfig: {
display_name: 'ISPConfig',
package_name: 'certbot-dns-ispconfig',
@ -273,6 +293,16 @@ certbot_dns_ispconfig:dns_ispconfig_endpoint = https://localhost:8080`,
certbot_dns_isset:dns_isset_token="<token>"`,
full_plugin_name: 'certbot-dns-isset:dns-isset',
},
joker: {
display_name: 'Joker',
package_name: 'certbot-dns-joker',
package_version: '1.1.0',
dependencies: '',
credentials: `certbot_dns_joker:dns_joker_username = <Dynamic DNS Authentication Username>
certbot_dns_joker:dns_joker_password = <Dynamic DNS Authentication Password>
certbot_dns_joker:dns_joker_domain = <Dynamic DNS Domain>`,
full_plugin_name: 'certbot-dns-joker:dns-joker',
},
//####################################################//
linode: {
display_name: 'Linode',

View File

@ -1148,17 +1148,10 @@ getpass@^0.1.1:
dependencies:
assert-plus "^1.0.0"
glob-parent@^5.0.0:
version "5.1.0"
resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.0.tgz#5f4c1d1e748d30cd73ad2944b3577a81b081e8c2"
integrity sha512-qjtRgnIVmOfnKUE3NJAQEdk+lKrxfw8t5ke7SXtfMTHcjsBfOfWXCQfdb30zfDoZQ2IRSIiidmjtbHZPZ++Ihw==
dependencies:
is-glob "^4.0.1"
glob-parent@~5.1.0:
version "5.1.1"
resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.1.tgz#b6c1ef417c4e5663ea498f1c45afac6916bbc229"
integrity sha512-FnI+VGOpnlGHWZxthPGR+QhR78fuiK0sNLkHQv+bL9fQi57lNNdquIbna/WrfROrolq8GK5Ek6BiMwqL/voRYQ==
glob-parent@^5.0.0, glob-parent@~5.1.0:
version "5.1.2"
resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz#869832c58034fe68a4093c17dc15e8340d8401c4"
integrity sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==
dependencies:
is-glob "^4.0.1"