nginx-proxy-manager

mirror of https://github.com/jc21/nginx-proxy-manager.git synced 2024-08-30 18:22:48 +00:00

Author	SHA1	Message	Date
Jamie Curnow	b699f05f47	Run integration tests in parallel	2024-01-09 10:25:10 +10:00
jc21	459b7a2223	Merge pull request #3361 from timob/improve-container-start Improve container startup time	2024-01-09 08:15:33 +10:00
Jocelyn Le Sage	388fff84f2	Fixes for the server reachability test. - Do not apply HTTPs redirection for challenge used by the test. - Set the `User-Agent` to avoid 403 answer from site24x7.com. - Handle JSON parsing failure of the received body. - Better handling of different error cases.	2023-12-19 17:22:33 -05:00
Tim O'Brien	33dbffb974	Improve container startup time See https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2991 Removes uneeded file permission changes in rootfs certbot install. Tested installing custom DNS provider plugins for certbot, works correctly.	2023-12-02 14:56:48 +11:00
FibreTTP	f426e64569	Add warning comment about changing the default user name and group name	2023-09-27 16:12:33 +10:00
FibreTTP	4867db078c	Remove explicit user and group - add su directive for default user (npm).	2023-09-27 14:58:19 +10:00
FibreTTP	6b565e628f	Change perms on logrotated logs to npm user	2023-09-27 14:25:04 +10:00
Jamie Curnow	fa851b61da	Bump version	2023-07-31 07:25:09 +10:00
jc21	aee93a2f6f	Merge pull request #2932 from nietzscheanic/patch-1 Fix for ignored ssl_protocols and ssl_ciphers directive in conf.d/inc…	2023-07-20 12:25:09 +10:00
jc21	f1b7156c89	Merge pull request #3000 from xrh0905/xrh0905-patch-sed Fix device or resource busy when patching IPv6 settings	2023-07-20 12:17:34 +10:00
Mike Fulcher	1c9f751512	Fix path to frontend service	2023-07-19 14:05:57 +12:00
xrh0905	63ee69f432	Fix device or resource busy when patching IPv6 settings	2023-06-15 11:17:02 +08:00
nietzscheanic	81054631f9	Fix for ignored ssl_protocols and ssl_ciphers directive in conf.d/include/ssl-ciphers.conf nginx only uses the `ssl_protocols` directive in the `server{}` block of the first processed host config, which is the default config in `/etc/nginx/conf.d/default.conf`. in version `v2.9.20` the default ssl site was dropped by using `ssl_reject_handshake on` in the default host config. but beside the include of `conf.d/include/ssl-ciphers.conf` was removed from the default host config. that's why `tlsv1.3` isn't applied by default anymore, same thing with the defined cipher suites. npm is so broken since `2023-03-16`. commit that broke the config -> `a7f0c3b730`	2023-05-19 14:13:29 +02:00
Jamie Curnow	05307aa253	Fix certbot plugins install when using PUID/PGID	2023-05-10 14:39:08 +10:00
Jamie Curnow	4b6f9d9419	Remove s6 service timeout	2023-05-10 09:57:24 +10:00
Jamie Curnow	c3f019c911	Test ipv6 disabled in ci	2023-05-09 08:19:09 +10:00
Jamie Curnow	ecf0290203	Update s6-overlay	2023-05-09 08:15:44 +10:00
Jamie Curnow	4f41fe0c95	Update s6-overlay	2023-05-05 08:46:54 +10:00
Jamie Curnow	c3735fdbbb	Missed a file that was explicit verbose	2023-05-04 12:30:27 +10:00
Jamie Curnow	c432c34fb3	Small refactor of user/groups and add checks during startup. Only use -x in bash scripts when DEBUG=true set in env vars	2023-05-04 10:03:06 +10:00
Jamie Curnow	a1245bc161	Split up ownership to indentify point of failure	2023-05-04 08:27:38 +10:00
Jamie Curnow	db4ab1d548	Verbose debugging of s6 scripts	2023-05-03 16:01:27 +10:00
Jamie Curnow	4a86bb42cc	Different approach, always create npmuser even if the user id is zero, and then we'll always use it	2023-03-30 11:19:16 +10:00
Jamie Curnow	dad8561ea1	Use numbers for permissions in case npmuser doesn't exist	2023-03-30 10:20:20 +10:00
Jamie Curnow	56a92e5c0e	Run as root by default Optionally run as another user/group only if the env vars are specified. Should give flexibility to those who need to run processes as root and open ports without having to request additional priveleges	2023-03-30 09:04:37 +10:00
Jamie Curnow	d5ed70dbb6	Own this nginx folder too	2023-03-29 14:03:58 +10:00
Jamie Curnow	d179887c15	Another fix for #2734 , only chown parts of /etc/nginx	2023-03-28 10:39:26 +10:00
Jamie Curnow	35abb4d7ae	Execute permissions missing on script	2023-03-28 09:33:30 +10:00
Jamie Curnow	61b290e220	Chown each folder on separately Really not sure why this fixes #2734 however it does actually help the ownership script succeed specifically on arm7/raspbian	2023-03-28 08:50:10 +10:00
Jamie Curnow	c40e48e678	Fix docker restart because user already exists	2023-03-23 10:21:34 +10:00
Jamie Curnow	5ac9dc0758	Attempt to set HOME for npmuser backend	2023-03-22 13:00:26 +10:00
Jamie Curnow	9a799d51ce	Optimize docker image a bit	2023-03-22 09:42:16 +10:00
Jamie Curnow	77eb618758	Fix pip installs running as non-root user	2023-03-22 09:41:59 +10:00
Jamie Curnow	60175e6d8c	Updates for ci stack	2023-03-21 16:56:45 +10:00
Jamie Curnow	2a07445005	Refactor configuration - No longer use config npm package - Prefer config from env vars, though still has support for config file - No longer writes a config file for database config - Writes keys to a new file in /data folder - Removes a lot of cruft and improves config understanding	2023-03-21 16:53:39 +10:00
Jamie Curnow	dad3e1da7c	Adds support to run processes as a user/group, defined with PUID and PGID environment variables - Detects if image is run with a user in docker command and fails if so - Adds s6 prepare scripts for adding a 'npmuser' - Split up and refactor the s6 prepare scripts - Runs nginx and backend node as 'npmuser' - Changes ownership of files required at startup	2023-03-20 16:56:52 +10:00
Jamie Curnow	82d9452001	Move some older s6-overlay over to new format, fixes #2705	2023-03-18 17:45:31 +10:00
Jamie Curnow	5b7682f13c	Update s6-overlay and move processes to new format	2023-03-17 08:50:32 +10:00
Jamie Curnow	6a28701242	Moved base images docker repo back to jc21, as docker is sunsetting free teams and this open source project isn't prepared to pay 300 shmackaroos for a nicer image url	2023-03-15 16:03:00 +10:00
jc21	546ce8d4bc	Merge pull request #2444 from BitsOfAByte/develop Load events configuration from custom file	2023-03-08 16:32:46 +10:00
Blaž Zupan	a7f0c3b730	Use ssl_reject_handshake to reject requests to default https site Instead of creating a dummy certificate, we can return an SSL protocol error, which will generate a descriptive error message in the browser.	2023-02-02 19:19:37 -08:00
BitsOfAByte	3c23aa935e	Load events configuration from custom file	2022-12-02 21:32:04 +00:00
jc21	e229fa89f8	Merge pull request #2222 from mantoufan/add-webp-to-assets.conf-for-cache-assets Add webp format to assets.conf for Cache Assets	2022-11-08 13:12:13 +10:00
jc21	b62b6b5112	Merge pull request #2373 from lakkeri/develop Possible multiple X-Forwarded-For headers	2022-11-08 11:48:05 +10:00
jc21	2f6d8257ec	Merge pull request #2259 from cuishuang/develop all: fix some typos	2022-11-08 11:40:42 +10:00
lakkeri	052cb8f12d	Possible multiple X-Forwarded-For headers NMP behind another reverse proxy can multiply X-Forwarded-For headers. $proxy_add_x_forwarded_for equals to $remote_addr if this header not present in client request https://nginx.org/en/docs/http/ngx_http_proxy_module.html#var_proxy_add_x_forwarded_for	2022-11-05 16:24:12 +03:00
Paweł Jan Czochański	e77b13d36e	Fix DISABLE_IPV6 flag handling The DISABLE_IPV6 flag did not turn off ipv6 DNS requests performed by nginx. This commit changes it and makes nginx-proxy-manager more compatible with podman.	2022-10-20 07:55:08 +02:00
cui fliter	f85e82973d	all: fix some typos Signed-off-by: cui fliter <imcusg@gmail.com>	2022-09-10 21:08:16 +08:00
馒头饭	e1525e5d56	Add webp format to assets.conf for Cache Assets	2022-08-26 03:47:06 +08:00
Omer Cohen	ac25171420	Update resolvers.conf to break dns cache By default, nginx caches answers using the TTL value of a response. In a dynamic environment containers can get recreated with new IPs, reducing the validity of the cache allows refreshing these IPs https://nginx.org/en/docs/http/ngx_http_core_module.html#resolver	2022-02-16 09:31:56 +02:00

1 2 3

130 Commits