90 Commits

Author	SHA1	Message	Date
chaptergy	1f879f67a9	Reverts back to proxy_pass without variables	2021-11-09 13:57:39 +01:00
Julian Reinhardt	3d80759a21	Renames the $upstream variables and does not append $request_ui if capture group exists in location	2021-11-04 10:08:15 +01:00
Julian Reinhardt	ca59e585d8	Uses variable in proxy_pass for normal proxy hosts	2021-10-25 14:58:02 +02:00
chaptergy	f63441921f	Sets the cert chain to prefer ISRG Root X1	2021-10-12 16:11:47 +02:00
bmbvenom	320315956d	remove dummy cert references to Nginx Proxy Manager ... Based on this issue: https://github.com/jc21/nginx-proxy-manager/issues/1024	2021-08-21 22:37:14 -07:00
jc21	ab40e4e2cf	Merge pull request #1036 from BjoernAkAManf/master ... Allows hostname instead of ip for streams	2021-08-16 13:40:40 +10:00
David Dosoudil	b1ceda3af4	Update letsencrypt.ini to support ECDSA keys ... Since we have newer certbot available, it's time to support more modern and safer ECDSA keys instead of RSA.	2021-08-07 20:05:53 +10:00
chaptergy	d34691152c	Fixes renewal unused http certificates	2021-08-04 14:07:53 +02:00
chaptergy	cea80b482e	Fixes certificate renewal for dns challenges	2021-08-04 13:47:44 +02:00
Jamie Curnow	f2acb9e150	Tweaks to s6 scripts	2021-07-25 21:09:02 +10:00
chaptergy	fbae107c04	Changes owner of logs to root on every container start	2021-07-23 09:11:43 +02:00
jc21	9458cfbd1a	Merge pull request #1229 from demize/auth_request-fix ... Disable auth_request in letsencrypt-acme-challenge.conf	2021-07-18 21:54:59 +10:00
jc21	e91019feb9	Merge pull request #1140 from jc21/adds-logrotation ... Adds logrotation	2021-07-12 07:54:02 +10:00
demize	4b2c0115db	Add to letsencrypt-acme-challenge.conf to allow for ACME challenges on proxy hosts using auth_requests	2021-07-10 15:02:09 -04:00
chaptergy	b7b150a979	Run logrotation binary from program	2021-06-29 21:18:29 +02:00
chaptergy	bd3a13b2a5	Also rotate other logs	2021-06-18 10:43:56 +02:00
chaptergy	289d179142	Adds logrotate	2021-06-18 09:38:48 +02:00
chaptergy	deca493912	Splits access and error logs for each host	2021-06-18 09:38:48 +02:00
Daniel Sörlöv	3e744b6b2d	Update ssl-ciphers.conf ... Removing support (by default) for all the unsecure protocols. This should be the default and if needed additional support can be configured. As this is a security feature it should be aligned with a moderate policy. This is updated using the latest recomendation as found on https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1d&guideline=5.6	2021-06-17 15:17:13 +02:00
chaptergy	df5836e573	Sets real_ip ranges to local network only	2021-06-07 08:30:39 +02:00
Jamie Curnow	717105f243	Revert installing certbot. This is handled by base image jc21/nginx-full now ... Update path of certbot, and use the pip instead	2021-05-07 13:49:31 +10:00
Jamie Curnow	a02d4ec46f	Use certbot from pip instead of apt	2021-05-06 19:10:40 +10:00
Björn Heinrichs	389fd158ad	allows hostname instead of ip for streams	2021-04-24 01:09:01 +02:00
jc21	5ff07faa7e	Merge pull request #872 from ahgraber/master ... Add Docker secrets	2021-02-08 11:59:23 +10:00
ahgraber	7fcc4a7ef0	cleanup	2021-02-06 20:05:40 -05:00
ahgraber	5abb9458c7	fix linebreaks in secrets	2021-02-05 23:47:30 -05:00
Alex Graber	ef3a073af5	local builds & secrets	2021-02-05 16:52:24 -05:00
Alex Graber	63a71afbc8	beta s6 secrets	2021-02-04 11:25:26 -05:00
MooBaloo	4ac52a0e25	Add custom .conf above includes for NPM-generated files. ... Added a new clause for custom http_top.conf above the include clauses for NPM-generated files. Allows for more flexibility with adding custom nginx .conf files to NPM Use case: adding a configuration change needs to be present before other custom configuration files are called and reference configuration from the custom http_top.conf file. Example: add a new log_format in http_top.conf, then referencing it in a access_log clause in server_proxy.conf.	2021-01-28 05:52:41 -05:00
Kyle Harding	528e5ef3bc	allow custom stream conf ... Allow a top-level custom `stream` configuration file to be loaded.	2020-12-01 14:22:31 -05:00
Jamie Curnow	13eaa346bc	Use remote addr as real ip	2020-11-06 13:21:22 +10:00
Jamie Curnow	d7437cc4a7	Test for real-ip header	2020-11-06 13:17:30 +10:00
Jamie Curnow	f192748bf9	Use x-real-ip header for the real-ip module	2020-10-19 11:40:50 +10:00
chaptergy	867fe1322b	Unifies directory structure in dev and prod containers	2020-10-08 13:38:20 +02:00
chaptergy	95208a50a7	Increases timeouts in front- and backend	2020-10-08 13:21:17 +02:00
Jamie Curnow	5d65166777	Ignore local subnets for real IP determination	2020-08-12 09:32:40 +10:00
Jamie Curnow	66412a75f9	Revert to node base now that base has openresty	2020-05-28 09:25:29 +10:00
ƬHE ЯAW ☣	affabf065e	set proper timeout.	2020-05-11 00:24:02 +02:00
Jamie Curnow	bdb591af9e	- Add ability to disable ipv6, fixes #312 ... - Added ipv6 listening to hosts when configured, fixes #236 and #149 - Added documentation about disabling ipv6 - Updated npm packages	2020-04-07 10:43:19 +10:00
jc21	bb0f4bfa62	v2.1.0 (#293) ... * Fix wrapping when too many hosts are shown (#207) * Update npm packages, fixes CVE-2019-10757 * Revert some breaking packages * Major overhaul - Docker buildx support in CI - Cypress API Testing in CI - Restructured folder layout (insert clean face meme) - Added Swagger documentation and validate API against that (to be completed) - Use common base image for all supported archs, which includes updated nginx with ipv6 support - Updated certbot and changes required for it - Large amount of Hosts names will wrap in UI - Updated packages for frontend - Version bump 2.1.0 * Updated documentation * Fix JWT expire time going crazy. Now set to 1day * Backend JS formatting rules * Remove v1 importer, I doubt anyone is using v1 anymore * Added backend formatting rules and enforce them in Jenkins builds * Fix CI, doesn't need a tty * Thanks bcrypt. Why can't you just be normal. * Cleanup after syntax check Co-authored-by: Marcelo Castagna <margaale@users.noreply.github.com>	2020-02-19 15:55:06 +11:00