diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 9860702e..b6029bd5 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -7,6 +7,11 @@ assignees: '' --- +**Are you in the right place?** +- If you are looking for support on how to get your upstream server forwarding, please consider asking the community on Reddit. +- If you are writing code changes to contribute and need to ask about the internals of the software, Gitter is the best place to ask. +- If you think you found a bug with NPM (not Nginx, or your upstream server or MySql) then you are in the *right place.* + **Checklist** - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image? - Are you sure you're not using someone else's docker image? diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index 11fc491e..12eb7d4c 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -7,6 +7,11 @@ assignees: '' --- +**Are you in the right place?** +- If you are looking for support on how to get your upstream server forwarding, please consider asking the community on Reddit. +- If you are writing code changes to contribute and need to ask about the internals of the software, Gitter is the best place to ask. +- If you have a feature request for NPM then you are in the *right place.* + **Is your feature request related to a problem? Please describe.** A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] diff --git a/.github/ISSUE_TEMPLATE/product_support.md b/.github/ISSUE_TEMPLATE/product_support.md deleted file mode 100644 index 449d4697..00000000 --- a/.github/ISSUE_TEMPLATE/product_support.md +++ /dev/null @@ -1,16 +0,0 @@ ---- -name: Product Support -about: Need help configuring the software? -title: '' -labels: product-support -assignees: '' - ---- - -**Checklist** -- Please read the [setup instructions](https://nginxproxymanager.com/setup/) -- Please read the [FAQ](https://nginxproxymanager.com/faq/) - -**What is troubling you?** - -_Clear and concise description of what you're trying to do and what isn't working for you_ diff --git a/.version b/.version index 834f2629..dbe59006 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.8.0 +2.8.1 diff --git a/Jenkinsfile b/Jenkinsfile index 74dc0a1e..39606e33 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -222,7 +222,7 @@ pipeline { always { sh 'docker-compose down --rmi all --remove-orphans --volumes -t 30' sh 'echo Reverting ownership' - sh 'docker run --rm -v $(pwd):/data ${DOCKER_CI_TOOLS} chown -R $(id -u):$(id -g) /data' + sh 'docker run --rm -v $(pwd):/data jc21/ci-tools chown -R $(id -u):$(id -g) /data' } success { juxtapose event: 'success' diff --git a/README.md b/README.md index 28d4740c..6e714071 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- + diff --git a/backend/internal/proxy-host.js b/backend/internal/proxy-host.js index b26e0566..09b8bca5 100644 --- a/backend/internal/proxy-host.js +++ b/backend/internal/proxy-host.js @@ -189,6 +189,10 @@ const internalProxyHost = { expand: ['owner', 'certificate', 'access_list.[clients,items]'] }) .then((row) => { + if (!row.enabled) { + // No need to add nginx config if host is disabled + return row; + } // Configure nginx return internalNginx.configure(proxyHostModel, 'proxy_host', row) .then((new_meta) => { diff --git a/backend/migrations/20210210154702_redirection_scheme.js b/backend/migrations/20210210154702_redirection_scheme.js new file mode 100644 index 00000000..0dad4876 --- /dev/null +++ b/backend/migrations/20210210154702_redirection_scheme.js @@ -0,0 +1,41 @@ +const migrate_name = 'redirection_scheme'; +const logger = require('../logger').migrate; + +/** + * Migrate + * + * @see http://knexjs.org/#Schema + * + * @param {Object} knex + * @param {Promise} Promise + * @returns {Promise} + */ +exports.up = function (knex/*, Promise*/) { + + logger.info('[' + migrate_name + '] Migrating Up...'); + + return knex.schema.table('redirection_host', (table) => { + table.string('forward_scheme').notNull().defaultTo('$scheme'); + }) + .then(function () { + logger.info('[' + migrate_name + '] redirection_host Table altered'); + }); +}; + +/** + * Undo Migrate + * + * @param {Object} knex + * @param {Promise} Promise + * @returns {Promise} + */ +exports.down = function (knex/*, Promise*/) { + logger.info('[' + migrate_name + '] Migrating Down...'); + + return knex.schema.table('redirection_host', (table) => { + table.dropColumn('forward_scheme'); + }) + .then(function () { + logger.info('[' + migrate_name + '] redirection_host Table altered'); + }); +}; diff --git a/backend/migrations/20210210154703_redirection_status_code.js b/backend/migrations/20210210154703_redirection_status_code.js new file mode 100644 index 00000000..b9bea0b9 --- /dev/null +++ b/backend/migrations/20210210154703_redirection_status_code.js @@ -0,0 +1,41 @@ +const migrate_name = 'redirection_status_code'; +const logger = require('../logger').migrate; + +/** + * Migrate + * + * @see http://knexjs.org/#Schema + * + * @param {Object} knex + * @param {Promise} Promise + * @returns {Promise} + */ +exports.up = function (knex/*, Promise*/) { + + logger.info('[' + migrate_name + '] Migrating Up...'); + + return knex.schema.table('redirection_host', (table) => { + table.integer('forward_http_code').notNull().unsigned().defaultTo(302); + }) + .then(function () { + logger.info('[' + migrate_name + '] redirection_host Table altered'); + }); +}; + +/** + * Undo Migrate + * + * @param {Object} knex + * @param {Promise} Promise + * @returns {Promise} + */ +exports.down = function (knex/*, Promise*/) { + logger.info('[' + migrate_name + '] Migrating Down...'); + + return knex.schema.table('redirection_host', (table) => { + table.dropColumn('forward_http_code'); + }) + .then(function () { + logger.info('[' + migrate_name + '] redirection_host Table altered'); + }); +}; diff --git a/backend/models/token.js b/backend/models/token.js index 373f8e5c..4e1b1826 100644 --- a/backend/models/token.js +++ b/backend/models/token.js @@ -4,15 +4,23 @@ */ const _ = require('lodash'); -const config = require('config'); const jwt = require('jsonwebtoken'); const crypto = require('crypto'); const error = require('../lib/error'); const ALGO = 'RS256'; +let public_key = null; +let private_key = null; + +function checkJWTKeyPair() { + if (!public_key || !private_key) { + let config = require('config'); + public_key = config.get('jwt.pub'); + private_key = config.get('jwt.key'); + } +} + module.exports = function () { - const public_key = config.get('jwt.pub'); - const private_key = config.get('jwt.key'); let token_data = {}; @@ -32,6 +40,8 @@ module.exports = function () { .toString('base64') .substr(-8); + checkJWTKeyPair(); + return new Promise((resolve, reject) => { jwt.sign(payload, private_key, options, (err, token) => { if (err) { @@ -53,6 +63,7 @@ module.exports = function () { */ load: function (token) { return new Promise((resolve, reject) => { + checkJWTKeyPair(); try { if (!token || token === null || token === 'null') { reject(new error.AuthError('Empty token')); diff --git a/backend/schema/definitions.json b/backend/schema/definitions.json index 164dd6fc..869d719a 100644 --- a/backend/schema/definitions.json +++ b/backend/schema/definitions.json @@ -179,6 +179,19 @@ "pattern": "^(?:\\*\\.)?(?:[^.*]+\\.?)+[^.]$" } }, + "http_code": { + "description": "Redirect HTTP Status Code", + "example": 302, + "type": "integer", + "minimum": 300, + "maximum": 308 + }, + "scheme": { + "description": "RFC Protocol", + "example": "HTTPS or $scheme", + "type": "string", + "minLength": 4 + }, "enabled": { "description": "Is Enabled", "example": true, diff --git a/backend/schema/endpoints/redirection-hosts.json b/backend/schema/endpoints/redirection-hosts.json index 1295fa4f..14a46998 100644 --- a/backend/schema/endpoints/redirection-hosts.json +++ b/backend/schema/endpoints/redirection-hosts.json @@ -18,6 +18,12 @@ "domain_names": { "$ref": "../definitions.json#/definitions/domain_names" }, + "forward_http_code": { + "$ref": "../definitions.json#/definitions/http_code" + }, + "forward_scheme": { + "$ref": "../definitions.json#/definitions/scheme" + }, "forward_domain_name": { "$ref": "../definitions.json#/definitions/domain_name" }, @@ -67,6 +73,12 @@ "domain_names": { "$ref": "#/definitions/domain_names" }, + "forward_http_code": { + "$ref": "#/definitions/forward_http_code" + }, + "forward_scheme": { + "$ref": "#/definitions/forward_scheme" + }, "forward_domain_name": { "$ref": "#/definitions/forward_domain_name" }, @@ -134,12 +146,20 @@ "additionalProperties": false, "required": [ "domain_names", + "forward_scheme", + "forward_http_code", "forward_domain_name" ], "properties": { "domain_names": { "$ref": "#/definitions/domain_names" }, + "forward_http_code": { + "$ref": "#/definitions/forward_http_code" + }, + "forward_scheme": { + "$ref": "#/definitions/forward_scheme" + }, "forward_domain_name": { "$ref": "#/definitions/forward_domain_name" }, @@ -195,6 +215,12 @@ "domain_names": { "$ref": "#/definitions/domain_names" }, + "forward_http_code": { + "$ref": "#/definitions/forward_http_code" + }, + "forward_scheme": { + "$ref": "#/definitions/forward_scheme" + }, "forward_domain_name": { "$ref": "#/definitions/forward_domain_name" }, diff --git a/backend/setup.js b/backend/setup.js index d58a1606..9a59f9ac 100644 --- a/backend/setup.js +++ b/backend/setup.js @@ -51,9 +51,8 @@ const setupJwt = () => { reject(err); } else { logger.info('Wrote JWT key pair to config file: ' + filename); - - logger.warn('Restarting interface to apply new configuration'); - process.exit(0); + delete require.cache[require.resolve('config')]; + resolve(); } }); } else { diff --git a/backend/templates/_hsts.conf b/backend/templates/_hsts.conf index cd8ec18a..11aecf24 100644 --- a/backend/templates/_hsts.conf +++ b/backend/templates/_hsts.conf @@ -1,8 +1,8 @@ {% if certificate and certificate_id > 0 -%} {% if ssl_forced == 1 or ssl_forced == true %} {% if hsts_enabled == 1 or hsts_enabled == true %} - # HSTS (ngx_http_headers_module is required) (31536000 seconds = 1 year) - add_header Strict-Transport-Security "max-age=31536000;{% if hsts_subdomains == 1 or hsts_subdomains == true -%} includeSubDomains;{% endif %} preload" always; + # HSTS (ngx_http_headers_module is required) (63072000 seconds = 2 years) + add_header Strict-Transport-Security "max-age=63072000;{% if hsts_subdomains == 1 or hsts_subdomains == true -%} includeSubDomains;{% endif %} preload" always; +{% endif %} {% endif %} {% endif %} -{% endif %} \ No newline at end of file diff --git a/backend/templates/redirection_host.conf b/backend/templates/redirection_host.conf index 463f3a8e..55e7280f 100644 --- a/backend/templates/redirection_host.conf +++ b/backend/templates/redirection_host.conf @@ -18,9 +18,9 @@ server { {% include "_hsts.conf" %} {% if preserve_path == 1 or preserve_path == true %} - return 301 $scheme://{{ forward_domain_name }}$request_uri; + return {{ forward_http_code }} {{ forward_scheme }}://{{ forward_domain_name }}$request_uri; {% else %} - return 301 $scheme://{{ forward_domain_name }}; + return {{ forward_http_code }} {{ forward_scheme }}://{{ forward_domain_name }}; {% endif %} } {% endif %} diff --git a/docker/Dockerfile b/docker/Dockerfile index 34ee5c44..a159e18b 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -3,49 +3,54 @@ # This file assumes that the frontend has been built using ./scripts/frontend-build -FROM --platform=${TARGETPLATFORM:-linux/amd64} jc21/alpine-nginx-full:node +FROM jc21/nginx-full:node ARG TARGETPLATFORM -ARG BUILDPLATFORM ARG BUILD_VERSION ARG BUILD_COMMIT ARG BUILD_DATE -ENV SUPPRESS_NO_CONFIG_WARNING=1 -ENV S6_FIX_ATTRS_HIDDEN=1 -ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=1 -ENV NODE_ENV=production +ENV SUPPRESS_NO_CONFIG_WARNING=1 \ + S6_FIX_ATTRS_HIDDEN=1 \ + S6_BEHAVIOUR_IF_STAGE2_FAILS=1 \ + NODE_ENV=production \ + NPM_BUILD_VERSION="${BUILD_VERSION}" \ + NPM_BUILD_COMMIT="${BUILD_COMMIT}" \ + NPM_BUILD_DATE="${BUILD_DATE}" RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ - && apk update \ - && apk add python3 certbot jq \ - && python3 -m ensurepip \ - && rm -rf /var/cache/apk/* - -ENV NPM_BUILD_VERSION="${BUILD_VERSION}" NPM_BUILD_COMMIT="${BUILD_COMMIT}" NPM_BUILD_DATE="${BUILD_DATE}" + && apt-get update \ + && apt-get install -y certbot jq python3-pip \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* # s6 overlay COPY scripts/install-s6 /tmp/install-s6 RUN /tmp/install-s6 "${TARGETPLATFORM}" && rm -f /tmp/install-s6 -EXPOSE 80 -EXPOSE 81 -EXPOSE 443 +EXPOSE 80 81 443 -ADD backend /app -ADD frontend/dist /app/frontend -COPY global /app/global +COPY backend /app +COPY frontend/dist /app/frontend +COPY global /app/global WORKDIR /app RUN yarn install # add late to limit cache-busting by modifications -COPY docker/rootfs / +COPY docker/rootfs / # Remove frontend service not required for prod, dev nginx config as well RUN rm -rf /etc/services.d/frontend RUN rm -f /etc/nginx/conf.d/dev.conf VOLUME [ "/data", "/etc/letsencrypt" ] ENTRYPOINT [ "/init" ] - HEALTHCHECK --interval=5s --timeout=3s CMD /bin/check-health + +LABEL org.label-schema.schema-version="1.0" \ + org.label-schema.license="MIT" \ + org.label-schema.name="nginx-proxy-manager" \ + org.label-schema.description="Docker container for managing Nginx proxy hosts with a simple, powerful interface " \ + org.label-schema.url="https://github.com/jc21/nginx-proxy-manager" \ + org.label-schema.vcs-url="https://github.com/jc21/nginx-proxy-manager.git" \ + org.label-schema.cmd="docker run --rm -ti jc21/nginx-proxy-manager:latest" diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index 1e4bdad8..ae17e861 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -1,15 +1,15 @@ -FROM jc21/alpine-nginx-full:node +FROM jc21/nginx-full:node LABEL maintainer="Jamie Curnow " -ENV S6_LOGGING=0 -ENV SUPPRESS_NO_CONFIG_WARNING=1 -ENV S6_FIX_ATTRS_HIDDEN=1 +ENV S6_LOGGING=0 \ + SUPPRESS_NO_CONFIG_WARNING=1 \ + S6_FIX_ATTRS_HIDDEN=1 RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ - && apk update \ - && apk add python3 certbot jq \ - && python3 -m ensurepip \ - && rm -rf /var/cache/apk/* + && apt-get update \ + && apt-get install -y certbot jq python3-pip \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* # Task RUN cd /usr \ @@ -23,10 +23,6 @@ RUN rm -f /etc/nginx/conf.d/production.conf RUN curl -L -o /tmp/s6-overlay-amd64.tar.gz "https://github.com/just-containers/s6-overlay/releases/download/v1.22.1.0/s6-overlay-amd64.tar.gz" \ && tar -xzf /tmp/s6-overlay-amd64.tar.gz -C / -EXPOSE 80 -EXPOSE 81 -EXPOSE 443 - +EXPOSE 80 81 443 ENTRYPOINT [ "/init" ] - -HEALTHCHECK --interval=5s --timeout=3s CMD /bin/check-health \ No newline at end of file +HEALTHCHECK --interval=5s --timeout=3s CMD /bin/check-health diff --git a/docs/.vuepress/config.js b/docs/.vuepress/config.js index d98ccdbf..f3b735b8 100644 --- a/docs/.vuepress/config.js +++ b/docs/.vuepress/config.js @@ -47,6 +47,7 @@ module.exports = { ["/screenshots/", "Screenshots"], ["/setup/", "Setup Instructions"], ["/advanced-config/", "Advanced Configuration"], + ["/upgrading/", "Upgrading"], ["/faq/", "Frequently Asked Questions"], ["/third-party/", "Third Party"] ] diff --git a/docs/README.md b/docs/README.md index 11c17e39..d19655c5 100644 --- a/docs/README.md +++ b/docs/README.md @@ -97,3 +97,15 @@ Password: changeme ``` Immediately after logging in with this default user you will be asked to modify your details and change your password. + +5. Upgrading to new versions + +```bash +docker-compose pull +docker-compose up -d +``` + +This project will automatically update any databases or other requirements so you don't have to follow +any crazy instructions. These steps above will pull the latest updates and recreate the docker +containers. + diff --git a/docs/advanced-config/README.md b/docs/advanced-config/README.md index 962c3422..5fa80670 100644 --- a/docs/advanced-config/README.md +++ b/docs/advanced-config/README.md @@ -1,5 +1,53 @@ # Advanced Configuration +## Best Practice: Use a docker network + +For those who have a few of their upstream services running in docker on the same docker +host as NPM, here's a trick to secure things a bit better. By creating a custom docker network, +you don't need to publish ports for your upstream services to all of the docker host's interfaces. + +Create a network, ie "scoobydoo": + +```bash +docker network create scoobydoo +``` + +Then add the following to the `docker-compose.yml` file for both NPM and any other +services running on this docker host: + +```yml +networks: + default: + external: + name: scoobydoo +``` + +Let's look at a Portainer example: + +```yml +version: '3' +services: + + portainer: + image: portainer/portainer + privileged: true + volumes: + - './data:/data' + - '/var/run/docker.sock:/var/run/docker.sock' + restart: always + +networks: + default: + external: + name: scoobydoo +``` + +Now in the NPM UI you can create a proxy host with `portainer` as the hostname, +and port `9000` as the port. Even though this port isn't listed in the docker-compose +file, it's "exposed" by the portainer docker image for you and not available on +the docker host outside of this docker network. The service name is used as the +hostname, so make sure your service names are unique when using the same network. + ## Docker Secrets This image supports the use of Docker secrets to import from file and keep sensitive usernames or passwords from being passed or preserved in plaintext. @@ -34,7 +82,7 @@ services: DB_MYSQL_PORT: 3306 DB_MYSQL_USER: "npm" # DB_MYSQL_PASSWORD: "npm" # use secret instead - DB_MYSQL_PASSWORD__FILE: /run/secrets/MYSQL_PWD + DB_MYSQL_PASSWORD__FILE: /run/secrets/MYSQL_PWD DB_MYSQL_NAME: "npm" # If you would rather use Sqlite uncomment this # and remove all DB_MYSQL_* lines above @@ -44,6 +92,8 @@ services: volumes: - ./data:/data - ./letsencrypt:/etc/letsencrypt + secrets: + - MYSQL_PWD depends_on: - db db: @@ -55,9 +105,12 @@ services: MYSQL_DATABASE: "npm" MYSQL_USER: "npm" # MYSQL_PASSWORD: "npm" # use secret instead - MYSQL_PASSWORD__FILE: /run/secrets/MYSQL_PWD + MYSQL_PASSWORD__FILE: /run/secrets/MYSQL_PWD volumes: - ./data/mysql:/var/lib/mysql + secrets: + - DB_ROOT_PWD + - MYSQL_PWD ``` @@ -84,6 +137,7 @@ NPM has the ability to include different custom configuration snippets in differ You can add your custom configuration snippet files at `/data/nginx/custom` as follow: - `/data/nginx/custom/root.conf`: Included at the very end of nginx.conf + - `/data/nginx/custom/http_top.conf`: Included at the top of the main http block - `/data/nginx/custom/http.conf`: Included at the end of the main http block - `/data/nginx/custom/stream.conf`: Included at the end of the main stream block - `/data/nginx/custom/server_proxy.conf`: Included at the end of every proxy server block diff --git a/docs/faq/README.md b/docs/faq/README.md index 7a2bae16..1703e705 100644 --- a/docs/faq/README.md +++ b/docs/faq/README.md @@ -14,3 +14,10 @@ of dependencies. Yes! The docker image is multi-arch and is built for a variety of architectures. If yours is [not listed](https://hub.docker.com/r/jc21/nginx-proxy-manager/tags) please open a [GitHub issue](https://github.com/jc21/nginx-proxy-manager/issues/new?assignees=&labels=enhancement&template=feature_request.md&title=). + +## I can't get my service to proxy properly? + +Your best bet is to ask the [Reddit community for support](https://www.reddit.com/r/nginxproxymanager/). There's safety in numbers. + +Gitter is best left for anyone contributing to the project to ask for help about internals, code reviews etc. + diff --git a/docs/third-party/README.md b/docs/third-party/README.md index 8e7fc33a..9b533ef1 100644 --- a/docs/third-party/README.md +++ b/docs/third-party/README.md @@ -7,6 +7,10 @@ Known integrations: - [HomeAssistant Hass.io plugin](https://github.com/hassio-addons/addon-nginx-proxy-manager) - [UnRaid / Synology](https://github.com/jlesage/docker-nginx-proxy-manager) +- [Proxmox Scripts](https://github.com/ej52/proxmox-scripts/tree/main/lxc/nginx-proxy-manager) +- [nginxproxymanagerGraf](https://github.com/ma-karai/nginxproxymanagerGraf) + If you would like your integration of NPM listed, please open a [Github issue](https://github.com/jc21/nginx-proxy-manager/issues/new?assignees=&labels=enhancement&template=feature_request.md&title=) + diff --git a/docs/upgrading/README.md b/docs/upgrading/README.md new file mode 100644 index 00000000..0e78e859 --- /dev/null +++ b/docs/upgrading/README.md @@ -0,0 +1,11 @@ +# Upgrading + +```bash +docker-compose pull +docker-compose up -d +``` + +This project will automatically update any databases or other requirements so you don't have to follow +any crazy instructions. These steps above will pull the latest updates and recreate the docker +containers. + diff --git a/docs/yarn.lock b/docs/yarn.lock index 0911a239..2f36c217 100644 --- a/docs/yarn.lock +++ b/docs/yarn.lock @@ -2000,10 +2000,10 @@ bluebird@^3.1.1, bluebird@^3.5.5, bluebird@^3.7.2: resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f" integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg== -bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.4.0: - version "4.11.9" - resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.9.tgz#26d556829458f9d1e81fc48952493d0ba3507828" - integrity sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw== +bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.11.9: + version "4.12.0" + resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.12.0.tgz#775b3f278efbb9718eec7361f483fb36fbbfea88" + integrity sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA== bn.js@^5.1.1, bn.js@^5.1.2: version "5.1.2" @@ -3675,17 +3675,17 @@ electron-to-chromium@^1.3.488, electron-to-chromium@^1.3.522: integrity sha512-67V62Z4CFOiAtox+o+tosGfVk0QX4DJgH609tjT8QymbJZVAI/jWnAthnr8c5hnRNziIRwkc9EMQYejiVz3/9Q== elliptic@^6.5.3: - version "6.5.3" - resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.3.tgz#cb59eb2efdaf73a0bd78ccd7015a62ad6e0f93d6" - integrity sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw== + version "6.5.4" + resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.4.tgz#da37cebd31e79a1367e941b592ed1fbebd58abbb" + integrity sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ== dependencies: - bn.js "^4.4.0" - brorand "^1.0.1" + bn.js "^4.11.9" + brorand "^1.1.0" hash.js "^1.0.0" - hmac-drbg "^1.0.0" - inherits "^2.0.1" - minimalistic-assert "^1.0.0" - minimalistic-crypto-utils "^1.0.0" + hmac-drbg "^1.0.1" + inherits "^2.0.4" + minimalistic-assert "^1.0.1" + minimalistic-crypto-utils "^1.0.1" emoji-regex@^7.0.1: version "7.0.3" @@ -4727,7 +4727,7 @@ hex-color-regex@^1.1.0: resolved "https://registry.yarnpkg.com/hex-color-regex/-/hex-color-regex-1.1.0.tgz#4c06fccb4602fe2602b3c93df82d7e7dbf1a8a8e" integrity sha512-l9sfDFsuqtOqKDsQdqrMRk0U85RZc0RtOR9yPI7mRVOa4FsR/BVnZ0shmQRM96Ji99kYZP/7hn1cedc1+ApsTQ== -hmac-drbg@^1.0.0, hmac-drbg@^1.0.1: +hmac-drbg@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/hmac-drbg/-/hmac-drbg-1.0.1.tgz#d2745701025a6c775a6c545793ed502fc0c649a1" integrity sha1-0nRXAQJabHdabFRXk+1QL8DGSaE= @@ -6354,7 +6354,7 @@ minimalistic-assert@^1.0.0, minimalistic-assert@^1.0.1: resolved "https://registry.yarnpkg.com/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz#2e194de044626d4a10e7f7fbc00ce73e83e4d5c7" integrity sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A== -minimalistic-crypto-utils@^1.0.0, minimalistic-crypto-utils@^1.0.1: +minimalistic-crypto-utils@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz#f6c00c1c0b082246e5c4d99dfb8c7c083b2b582a" integrity sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo= @@ -7679,9 +7679,9 @@ pretty-time@^1.1.0: integrity sha512-28iF6xPQrP8Oa6uxE6a1biz+lWeTOAPKggvjB8HAs6nVMKZwf5bG++632Dx614hIWgUPkgivRfG+a8uAXGTIbA== prismjs@^1.13.0, prismjs@^1.20.0: - version "1.21.0" - resolved "https://registry.yarnpkg.com/prismjs/-/prismjs-1.21.0.tgz#36c086ec36b45319ec4218ee164c110f9fc015a3" - integrity sha512-uGdSIu1nk3kej2iZsLyDoJ7e9bnPzIgY0naW/HdknGj61zScaprVEVGHrPoXqI+M9sP0NDnTK2jpkvmldpuqDw== + version "1.23.0" + resolved "https://registry.yarnpkg.com/prismjs/-/prismjs-1.23.0.tgz#d3b3967f7d72440690497652a9d40ff046067f33" + integrity sha512-c29LVsqOaLbBHuIbsTxaKENh1N2EQBOHaWv7gkHN4dgRbxSREqDnDbtFJYdpPauS4YCplMSNCABQ6Eeor69bAA== optionalDependencies: clipboard "^2.0.0" diff --git a/frontend/js/app/nginx/redirection/form.ejs b/frontend/js/app/nginx/redirection/form.ejs index 3247233a..7e190719 100644 --- a/frontend/js/app/nginx/redirection/form.ejs +++ b/frontend/js/app/nginx/redirection/form.ejs @@ -22,12 +22,35 @@ -

+
+
+ + +
+
+
+
+
+ + +
+
+ +
<%- forward_http_code %>
+ + +
<%- forward_scheme == '$scheme' ? 'auto' : forward_scheme %>
+
<%- forward_domain_name %>
diff --git a/frontend/js/app/nginx/redirection/list/main.ejs b/frontend/js/app/nginx/redirection/list/main.ejs index 15af827a..8b6930d6 100644 --- a/frontend/js/app/nginx/redirection/list/main.ejs +++ b/frontend/js/app/nginx/redirection/list/main.ejs @@ -1,6 +1,8 @@   <%- i18n('str', 'source') %> + <%- i18n('redirection-hosts', 'forward-http-status-code') %> + <%- i18n('redirection-hosts', 'forward-scheme') %> <%- i18n('str', 'destination') %> <%- i18n('str', 'ssl') %> <%- i18n('str', 'status') %> diff --git a/frontend/js/i18n/messages.json b/frontend/js/i18n/messages.json index b23386a3..a0d928f4 100644 --- a/frontend/js/i18n/messages.json +++ b/frontend/js/i18n/messages.json @@ -140,6 +140,8 @@ "empty": "There are no Redirection Hosts", "add": "Add Redirection Host", "form-title": "{id, select, undefined{New} other{Edit}} Redirection Host", + "forward-scheme": "Scheme", + "forward-http-status-code": "HTTP Code", "forward-domain": "Forward Domain", "preserve-path": "Preserve Path", "delete": "Delete Proxy Host", diff --git a/frontend/js/models/redirection-host.js b/frontend/js/models/redirection-host.js index a4f11e21..1d0b0de2 100644 --- a/frontend/js/models/redirection-host.js +++ b/frontend/js/models/redirection-host.js @@ -9,6 +9,8 @@ const model = Backbone.Model.extend({ created_on: null, modified_on: null, domain_names: [], + forward_http_code: 0, + forward_scheme: null, forward_domain_name: '', preserve_path: true, certificate_id: 0, diff --git a/frontend/yarn.lock b/frontend/yarn.lock index d6896cd2..d35bb635 100644 --- a/frontend/yarn.lock +++ b/frontend/yarn.lock @@ -1551,10 +1551,10 @@ bluebird@^3.5.5: resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f" integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg== -bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.4.0: - version "4.11.9" - resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.9.tgz#26d556829458f9d1e81fc48952493d0ba3507828" - integrity sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw== +bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.11.9: + version "4.12.0" + resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.12.0.tgz#775b3f278efbb9718eec7361f483fb36fbbfea88" + integrity sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA== bn.js@^5.1.1: version "5.1.2" @@ -1616,7 +1616,7 @@ braces@^3.0.1, braces@~3.0.2: dependencies: fill-range "^7.0.1" -brorand@^1.0.1: +brorand@^1.0.1, brorand@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/brorand/-/brorand-1.1.0.tgz#12c25efe40a45e3c323eb8675a0a0ce57b22371f" integrity sha1-EsJe/kCkXjwyPrhnWgoM5XsiNx8= @@ -2630,17 +2630,17 @@ electron-to-chromium@^1.3.47: integrity sha512-67V62Z4CFOiAtox+o+tosGfVk0QX4DJgH609tjT8QymbJZVAI/jWnAthnr8c5hnRNziIRwkc9EMQYejiVz3/9Q== elliptic@^6.5.3: - version "6.5.3" - resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.3.tgz#cb59eb2efdaf73a0bd78ccd7015a62ad6e0f93d6" - integrity sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw== + version "6.5.4" + resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.4.tgz#da37cebd31e79a1367e941b592ed1fbebd58abbb" + integrity sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ== dependencies: - bn.js "^4.4.0" - brorand "^1.0.1" + bn.js "^4.11.9" + brorand "^1.1.0" hash.js "^1.0.0" - hmac-drbg "^1.0.0" - inherits "^2.0.1" - minimalistic-assert "^1.0.0" - minimalistic-crypto-utils "^1.0.0" + hmac-drbg "^1.0.1" + inherits "^2.0.4" + minimalistic-assert "^1.0.1" + minimalistic-crypto-utils "^1.0.1" emoji-regex@^7.0.1: version "7.0.3" @@ -3516,7 +3516,7 @@ he@1.2.x, he@^1.2.0: resolved "https://registry.yarnpkg.com/he/-/he-1.2.0.tgz#84ae65fa7eafb165fddb61566ae14baf05664f0f" integrity sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw== -hmac-drbg@^1.0.0: +hmac-drbg@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/hmac-drbg/-/hmac-drbg-1.0.1.tgz#d2745701025a6c775a6c545793ed502fc0c649a1" integrity sha1-0nRXAQJabHdabFRXk+1QL8DGSaE= @@ -3741,9 +3741,9 @@ inherits@2.0.3: integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4= ini@^1.3.4, ini@^1.3.5, ini@~1.3.0: - version "1.3.5" - resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927" - integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw== + version "1.3.8" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c" + integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew== inquirer@^7.0.0: version "7.3.3" @@ -4549,7 +4549,7 @@ minimalistic-assert@^1.0.0, minimalistic-assert@^1.0.1: resolved "https://registry.yarnpkg.com/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz#2e194de044626d4a10e7f7fbc00ce73e83e4d5c7" integrity sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A== -minimalistic-crypto-utils@^1.0.0, minimalistic-crypto-utils@^1.0.1: +minimalistic-crypto-utils@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz#f6c00c1c0b082246e5c4d99dfb8c7c083b2b582a" integrity sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo= diff --git a/global/certbot-dns-plugins.js b/global/certbot-dns-plugins.js index b055f848..d71191c1 100644 --- a/global/certbot-dns-plugins.js +++ b/global/certbot-dns-plugins.js @@ -302,4 +302,24 @@ dns_eurodns_apiKey = mysecretpassword dns_eurodns_endpoint = https://rest-api.eurodns.com/user-api-gateway/proxy`, full_plugin_name: 'certbot-dns-eurodns:dns-eurodns', }, + //####################################################// + transip: { + display_name: 'TransIP', + package_name: 'certbot-dns-transip', + package_version: '0.3.3', + dependencies: '', + credentials: `certbot_dns_transip:dns_transip_username = my_username +certbot_dns_transip:dns_transip_key_file = /etc/letsencrypt/transip-rsa.key`, + full_plugin_name: 'certbot-dns-transip:dns-transip', + }, + //####################################################// + acmedns: { + display_name: 'ACME-DNS', + package_name: 'certbot-dns-acmedns', + package_version: '0.1.0', + dependencies: '', + credentials: `certbot_dns_acmedns:dns_acmedns_api_url = http://acmedns-server/ +certbot_dns_acmedns:dns_acmedns_registration_file = /data/acme-registration.json`, + full_plugin_name: 'certbot-dns-acmedns:dns-acmedns', + }, }; diff --git a/scripts/frontend-build b/scripts/frontend-build index 45c6d599..162502ca 100755 --- a/scripts/frontend-build +++ b/scripts/frontend-build @@ -3,7 +3,7 @@ DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" . "$DIR/.common.sh" -DOCKER_IMAGE=jc21/alpine-nginx-full:node +DOCKER_IMAGE=jc21/nginx-full:node # Ensure docker exists if hash docker 2>/dev/null; then