chaptergy
60a40197f1
Always install additional dependencies for dns plugins
2020-11-03 21:59:18 +01:00
jc21
96f401cba6
Merge pull request #664 from chaptergy/fixes-expiring-hosts-renewal
...
Adds certbot plugin installation check on startup
2020-10-19 08:50:44 +10:00
MarceloLagos
190cd2d6bb
Update certificate.js
2020-10-17 23:46:18 -06:00
MarceloLagos
7ba58bdbd3
Update certificate.js
2020-10-17 23:27:12 -06:00
chaptergy
08ab62108f
Fixes eslint errors
2020-10-17 12:54:38 +02:00
chaptergy
1028de8158
Adds certbot plugin installation check on startup
2020-10-17 12:13:08 +02:00
Jamie Curnow
21f36f535f
Don't spit out a ; if the preceeding value is empty
2020-10-16 13:41:08 +10:00
James Morgan
0df0545777
Allows auth information from AccessList not to be passed to proxied hosts. Resolves issue #153 .
...
Signed-off-by: James Morgan <jmorgan.au+github@gmail.com>
2020-10-15 10:23:09 +11:00
jc21
5830bd73b9
Merge pull request #608 from Philip-Mooney/master
...
Fix for access list getAll when not granted all permissions
2020-10-15 08:33:58 +10:00
chaptergy
ac9f052309
Fixes linting errors
2020-10-14 09:55:45 +02:00
chaptergy
049e424957
Adds special case for Route53
2020-10-14 09:20:52 +02:00
chaptergy
07e78aec48
Adds error stack information in prod environment for certificates
2020-10-08 15:30:13 +02:00
chaptergy
3fec135fe5
Fixes ESlint formatting errors
2020-10-08 14:38:19 +02:00
chaptergy
867fe1322b
Unifies directory structure in dev and prod containers
2020-10-08 13:38:20 +02:00
chaptergy
95208a50a7
Increases timeouts in front- and backend
2020-10-08 13:21:17 +02:00
chaptergy
514b13fcc2
Fixes build issues due to globally used file
2020-10-06 16:12:12 +02:00
chaptergy
093b48ad7b
Implements backend changes to allow more dns challenges
2020-10-06 14:52:06 +02:00
Philip Mooney
3e10b7b2b1
Fix for access list getAll when not granted all permissions
2020-09-19 22:16:16 +01:00
jc21
87f61b8527
Merge pull request #572 from jipjan/features/dns-cloudflare
...
Add DNS CloudFlare with wildcard support
2020-09-03 14:01:05 +10:00
jc21
bf8beb50b4
Merge pull request #559 from jlesage/remove-webroot-certbot-arg
...
Removed the hardcoded `--webroot` certbot argument to better support DNS challenge
2020-08-25 08:44:00 +10:00
jc21
e5034a34f5
Merge pull request #570 from jc21/dependabot/npm_and_yarn/backend/bcrypt-5.0.0
...
Bump bcrypt from 4.0.1 to 5.0.0 in /backend
2020-08-25 08:31:48 +10:00
Jaap-Jan de Wit
ab67481e99
fix eslint errors
2020-08-23 18:56:25 +00:00
Jaap-Jan de Wit
c5aa2b9f77
add cloudflare renew and make revoke working for both by deleting unnecessary config command
2020-08-23 18:29:16 +00:00
Jaap-Jan de Wit
077cf75ef2
wildcard support
2020-08-23 13:24:20 +00:00
Jaap-Jan de Wit
ff1770204c
request via cloudflare dns working
2020-08-23 12:50:41 +00:00
dependabot[bot]
f78a4c6ad1
Bump bcrypt from 4.0.1 to 5.0.0 in /backend
...
Bumps [bcrypt](https://github.com/kelektiv/node.bcrypt.js ) from 4.0.1 to 5.0.0.
- [Release notes](https://github.com/kelektiv/node.bcrypt.js/releases )
- [Changelog](https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kelektiv/node.bcrypt.js/compare/v4.0.1...v5.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-08-20 17:01:00 +00:00
Jocelyn Le Sage
83fad8bcda
Removed usage of FROM_UNIXTIME
mysql-specific function.
...
This provide better interoperability with different databases (e.g. sqlite).
Fixes #557
2020-08-14 19:31:05 -04:00
Jocelyn Le Sage
f539e813aa
Removed the hardcoded --webroot
certbot argument to better support DNS challenge. Also, this option is already set in the default letsencrypt.ini
.
2020-08-14 14:28:03 -04:00
Jocelyn Le Sage
01660b5b80
Fixed now_helper for sqlite: it should also returns the time.
2020-08-06 17:16:22 -04:00
Jamie Curnow
ae06b2da75
Updated deps and added contributor
2020-08-06 14:40:54 +10:00
Jamie Curnow
492d450d26
Sqlite Tweaks
...
- Added cypress testing in CI for sqlite
- Cleaned up promises in setup
- Ensure check for settings is strict
2020-08-06 08:58:20 +10:00
Gergo Torcsvari
6690b7735d
sqlite3 and psql support
2020-07-19 20:04:29 +02:00
Gergo Torcsvari
a9e7222e5e
introduced now_helper for multidb capabilities
2020-07-19 20:03:53 +02:00
Gergo Torcsvari
f8edeb2775
fixed migration and setup
...
more info: https://github.com/knex/knex/issues/2820
2020-07-19 20:02:20 +02:00
Subv
d95861e1fb
Don't use duplicate relations when eager-loading access list items and clients.
...
This fixes an Objection warning: 'Duplicate relation "proxy_hosts" in a relation expression. You should use "a.[b, c]" instead of "[a.b, a.c]". This will cause an error in objection 2.0'.
It also fixes the access list clients not being properly eager-loaded when building the proxy host nginx configuration files. Closes #434
2020-05-29 20:29:34 -05:00
jc21
84d8fb0899
Merge pull request #403 from Indemnity83/empty-auth
...
Don't ask for username/password if none are defined
2020-05-28 09:18:50 +10:00
Jamie Curnow
2ebfdcf0c9
Fix LE certs for IPv6 only domains Fixes 394
2020-05-20 22:21:26 +10:00
Kyle Klaus
df73c2a458
skip auth check if no users defined
2020-05-09 15:51:11 -07:00
Kyle Klaus
96c5c79aef
Fix address validation rule to allow 'all' keyword
...
The rule was looking for the keyword 'any' but should have been looking for 'all'
http://nginx.org/en/docs/http/ngx_http_access_module.html
2020-05-09 09:31:58 -07:00
Jamie Curnow
0702a4e58e
Fix incorrect var
2020-05-05 10:00:41 +10:00
Jamie Curnow
c0e9d1eb2f
Fix satisy typo
2020-04-22 11:11:20 +10:00
spalger
3af560c2d0
switch to 255 limit to match db
2020-04-16 15:14:49 -07:00
spalger
995db12f22
remove arbitrary length limit of forward_host
2020-04-16 14:00:22 -07:00
jc21
a9f068daa8
Merge pull request #360 from Indemnity83/ip-access-control
...
Client Access Lists
2020-04-15 08:29:40 +10:00
Kyle Klaus
f5ee91aeb3
write access list to proxy host config
2020-04-13 23:32:00 -07:00
Kyle Klaus
e2ee2cbf2d
enforce a 'deny all' default rule
...
this ensures that an access list is 'secure by default' and requires the user to create exceptions or holes in the proection instead of building the wall entirely. This also means that we no longer require the user to input any username/passwords or client addressses and can avoid internal errors which generate unhelpful user errors.
2020-04-13 23:31:54 -07:00
Jamie Curnow
b783602786
Support ipv6 address as a origin header, hopefully fixes #149
2020-04-14 13:01:13 +10:00
Kyle Klaus
005e64eb9f
valite auth/access rules in backend
2020-04-13 19:23:55 -07:00
Kyle Klaus
e9e5d293cc
expand address format
...
now accepts CIDR notation, IPv6 or the string 'any'
2020-04-13 19:16:18 -07:00
Kyle Klaus
907e9e182d
remove testing cruft
2020-04-11 00:42:58 -07:00