From 292a209195fca537186a930cd96300356bc478cb Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 8 Mar 2023 08:37:43 +1000 Subject: [PATCH] Ported #2582 to v3 --- backend/go.mod | 2 +- backend/go.sum | 2 ++ docker/Dockerfile | 12 ------------ docker/dev/Dockerfile | 12 ------------ docker/rootfs/etc/nginx/conf.d/default.conf | 6 +----- 5 files changed, 4 insertions(+), 30 deletions(-) diff --git a/backend/go.mod b/backend/go.mod index ceab1db1..011af297 100644 --- a/backend/go.mod +++ b/backend/go.mod @@ -12,7 +12,7 @@ require ( github.com/go-chi/chi v4.1.2+incompatible github.com/go-chi/cors v1.2.1 github.com/go-chi/jwtauth v4.0.4+incompatible - github.com/jc21/go-sse v0.0.0-20230307041911-8ea9bdc44a58 + github.com/jc21/go-sse v0.0.0-20230307071053-2e6b1dbcb7ec github.com/jc21/jsref v0.0.0-20210608024405-a97debfc4760 github.com/jmoiron/sqlx v1.3.5 github.com/mattn/go-sqlite3 v1.14.16 diff --git a/backend/go.sum b/backend/go.sum index 5600a8a3..e06df7dc 100644 --- a/backend/go.sum +++ b/backend/go.sum @@ -33,6 +33,8 @@ github.com/jc21/go-sse v0.0.0-20230307015818-b2783ddda573 h1:aaRu9mFSjxNfbXWVe7M github.com/jc21/go-sse v0.0.0-20230307015818-b2783ddda573/go.mod h1:4v5Xmm0eYuaWqKJ63XUV5YfQPoxtId3DgDytbnWhi+s= github.com/jc21/go-sse v0.0.0-20230307041911-8ea9bdc44a58 h1:WSD0YdEuFPZHIe8hkAjxoAEWZnzieAiLg3zw28EVf80= github.com/jc21/go-sse v0.0.0-20230307041911-8ea9bdc44a58/go.mod h1:4v5Xmm0eYuaWqKJ63XUV5YfQPoxtId3DgDytbnWhi+s= +github.com/jc21/go-sse v0.0.0-20230307071053-2e6b1dbcb7ec h1:KKntwkZlM2w/88QiDyAeZ4th8grqtituzMW8qyapYzc= +github.com/jc21/go-sse v0.0.0-20230307071053-2e6b1dbcb7ec/go.mod h1:4v5Xmm0eYuaWqKJ63XUV5YfQPoxtId3DgDytbnWhi+s= github.com/jc21/jsref v0.0.0-20210608024405-a97debfc4760 h1:7wxq2DIgtO36KLrFz1RldysO0WVvcYsD49G9tyAs01k= github.com/jc21/jsref v0.0.0-20210608024405-a97debfc4760/go.mod h1:yIq2t51OJgVsdRlPY68NAnyVdBH0kYXxDTFtUxOap80= github.com/jmoiron/sqlx v1.3.5 h1:vFFPA71p1o5gAeqtEAwLU4dnX2napprKtHr7PYIcN3g= diff --git a/docker/Dockerfile b/docker/Dockerfile index f08fb51c..5e21a9fb 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -70,18 +70,6 @@ RUN rm -rf /etc/services.d/frontend \ /tmp/* \ /var/lib/dpkg/status-old -# Dummy cert -RUN openssl req \ - -new \ - -newkey rsa:2048 \ - -days 3650 \ - -nodes \ - -x509 \ - -subj '/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost' \ - -keyout /etc/ssl/certs/dummykey.pem \ - -out /etc/ssl/certs/dummycert.pem \ - && chmod +r /etc/ssl/certs/dummykey.pem /etc/ssl/certs/dummycert.pem - VOLUME /data CMD [ "/init" ] diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index e375f9d7..a823e635 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -51,18 +51,6 @@ RUN chown -R 1000:1000 /opt/go COPY --from=pebbleca /test/certs/pebble.minica.pem /etc/ssl/certs/pebble.minica.pem COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/certs/NginxProxyManager.crt -# Dummy cert -RUN openssl req \ - -new \ - -newkey rsa:2048 \ - -days 3650 \ - -nodes \ - -x509 \ - -subj '/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost' \ - -keyout /etc/ssl/certs/dummykey.pem \ - -out /etc/ssl/certs/dummycert.pem \ - && chmod +r /etc/ssl/certs/dummykey.pem /etc/ssl/certs/dummycert.pem - EXPOSE 80 CMD [ "/init" ] HEALTHCHECK --interval=15s --timeout=3s CMD curl -f http://127.0.0.1:81/api || exit 1 diff --git a/docker/rootfs/etc/nginx/conf.d/default.conf b/docker/rootfs/etc/nginx/conf.d/default.conf index 0e360743..b31b0072 100644 --- a/docker/rootfs/etc/nginx/conf.d/default.conf +++ b/docker/rootfs/etc/nginx/conf.d/default.conf @@ -18,10 +18,6 @@ server { server_name localhost; include conf.d/include/block-exploits.conf; access_log /data/logs/default.log proxy; - - ssl_certificate /etc/ssl/certs/dummycert.pem; - ssl_certificate_key /etc/ssl/certs/dummykey.pem; - include conf.d/include/ssl-ciphers.conf; - + ssl_reject_handshake on; return 444; }