Jamie Curnow
4f10d129c2
Reload nginx after access list change. Fixes #1328
2021-08-19 08:55:53 +10:00
chaptergy
83c5c55f32
Fixes creation of certificates using the http challenge
2021-08-06 10:56:06 +02:00
Jamie Curnow
842cff130b
Re-add missing certbot force renewal flag
...
and cleaned up this horrible file a bit
2021-07-01 09:57:26 +10:00
chaptergy
3f1415dad1
Use the certbot command from the PATH variable
2021-06-18 09:22:42 +02:00
chaptergy
41ef35f0d0
Fixes duckdns certbot
2021-06-07 08:27:01 +02:00
jc21
f575400bc8
Merge pull request #1081 from vipergts450/vipergts450-custom_location-patch
...
Vipergts450 custom location patch
2021-06-07 12:46:23 +10:00
vipergts450
69ee6b1699
Update nginx.js
2021-05-07 23:38:32 -04:00
vipergts450
ca1ea042b2
Update nginx.js
2021-05-07 23:31:51 -04:00
vipergts450
f26df7d9bb
Update nginx.js
2021-05-07 22:43:22 -04:00
Jamie Curnow
717105f243
Revert installing certbot. This is handled by base image jc21/nginx-full now
...
Update path of certbot, and use the pip instead
2021-05-07 13:49:31 +10:00
vipergts450
6a46e88f8f
Fix renderLocations to accept more parameters from host
...
Amend renderLocations to pass more host parameters into the custom locations to match the requirements set for the default location. This will apply all parameters set in the UI to all custom locations.
2021-05-06 22:29:21 -04:00
vipergts450
e4e94d5be0
Update nginx.js
...
Adds ability for custom location templates to handle includes
2021-05-06 14:50:09 -04:00
Héctor Pelayo
d636502eaa
Add DuckDNS certbot plugin
...
Uses https://github.com/infinityofspace/certbot_dns_duckdns certbot plugin to implement DuckDNS DNS challenge in order to obtain Wildcard certificates.
Requires that the user inserts his duckDNS token in "Credentials File Content" input box.
2021-04-26 20:25:24 +02:00
Orko Garai
7e7032c051
Prevent activating nginx config after editing disabled proxy host
2021-02-18 23:05:30 +00:00
jc21
4c60dce169
Merge pull request #796 from lightglitch/patch-1
...
Fix dead hosts verification count
2021-01-03 20:14:36 +10:00
Mário Franco
bee2ceb667
Fix dead hosts verification count
2021-01-02 04:58:14 +00:00
chaptergy
6af13d4f40
Removes explicit privkeytype check and adds passphrase error
2020-12-14 12:08:39 +01:00
chaptergy
1518ecd1e9
Adds autoremove of failed certificate creations in DB
2020-11-06 12:29:38 +01:00
chaptergy
cb014027bb
Makes sure credentials folder exist every time before saving credentials
2020-11-04 19:31:40 +01:00
chaptergy
60a40197f1
Always install additional dependencies for dns plugins
2020-11-03 21:59:18 +01:00
jc21
96f401cba6
Merge pull request #664 from chaptergy/fixes-expiring-hosts-renewal
...
Adds certbot plugin installation check on startup
2020-10-19 08:50:44 +10:00
MarceloLagos
190cd2d6bb
Update certificate.js
2020-10-17 23:46:18 -06:00
MarceloLagos
7ba58bdbd3
Update certificate.js
2020-10-17 23:27:12 -06:00
chaptergy
08ab62108f
Fixes eslint errors
2020-10-17 12:54:38 +02:00
chaptergy
1028de8158
Adds certbot plugin installation check on startup
2020-10-17 12:13:08 +02:00
James Morgan
0df0545777
Allows auth information from AccessList not to be passed to proxied hosts. Resolves issue #153 .
...
Signed-off-by: James Morgan <jmorgan.au+github@gmail.com>
2020-10-15 10:23:09 +11:00
jc21
5830bd73b9
Merge pull request #608 from Philip-Mooney/master
...
Fix for access list getAll when not granted all permissions
2020-10-15 08:33:58 +10:00
chaptergy
ac9f052309
Fixes linting errors
2020-10-14 09:55:45 +02:00
chaptergy
049e424957
Adds special case for Route53
2020-10-14 09:20:52 +02:00
chaptergy
3fec135fe5
Fixes ESlint formatting errors
2020-10-08 14:38:19 +02:00
chaptergy
95208a50a7
Increases timeouts in front- and backend
2020-10-08 13:21:17 +02:00
chaptergy
514b13fcc2
Fixes build issues due to globally used file
2020-10-06 16:12:12 +02:00
chaptergy
093b48ad7b
Implements backend changes to allow more dns challenges
2020-10-06 14:52:06 +02:00
Philip Mooney
3e10b7b2b1
Fix for access list getAll when not granted all permissions
2020-09-19 22:16:16 +01:00
jc21
87f61b8527
Merge pull request #572 from jipjan/features/dns-cloudflare
...
Add DNS CloudFlare with wildcard support
2020-09-03 14:01:05 +10:00
jc21
bf8beb50b4
Merge pull request #559 from jlesage/remove-webroot-certbot-arg
...
Removed the hardcoded `--webroot` certbot argument to better support DNS challenge
2020-08-25 08:44:00 +10:00
Jaap-Jan de Wit
ab67481e99
fix eslint errors
2020-08-23 18:56:25 +00:00
Jaap-Jan de Wit
c5aa2b9f77
add cloudflare renew and make revoke working for both by deleting unnecessary config command
2020-08-23 18:29:16 +00:00
Jaap-Jan de Wit
077cf75ef2
wildcard support
2020-08-23 13:24:20 +00:00
Jaap-Jan de Wit
ff1770204c
request via cloudflare dns working
2020-08-23 12:50:41 +00:00
Jocelyn Le Sage
83fad8bcda
Removed usage of FROM_UNIXTIME
mysql-specific function.
...
This provide better interoperability with different databases (e.g. sqlite).
Fixes #557
2020-08-14 19:31:05 -04:00
Jocelyn Le Sage
f539e813aa
Removed the hardcoded --webroot
certbot argument to better support DNS challenge. Also, this option is already set in the default letsencrypt.ini
.
2020-08-14 14:28:03 -04:00
Subv
d95861e1fb
Don't use duplicate relations when eager-loading access list items and clients.
...
This fixes an Objection warning: 'Duplicate relation "proxy_hosts" in a relation expression. You should use "a.[b, c]" instead of "[a.b, a.c]". This will cause an error in objection 2.0'.
It also fixes the access list clients not being properly eager-loaded when building the proxy host nginx configuration files. Closes #434
2020-05-29 20:29:34 -05:00
jc21
84d8fb0899
Merge pull request #403 from Indemnity83/empty-auth
...
Don't ask for username/password if none are defined
2020-05-28 09:18:50 +10:00
Jamie Curnow
2ebfdcf0c9
Fix LE certs for IPv6 only domains Fixes 394
2020-05-20 22:21:26 +10:00
Kyle Klaus
df73c2a458
skip auth check if no users defined
2020-05-09 15:51:11 -07:00
Jamie Curnow
c0e9d1eb2f
Fix satisy typo
2020-04-22 11:11:20 +10:00
Kyle Klaus
f5ee91aeb3
write access list to proxy host config
2020-04-13 23:32:00 -07:00
Kyle Klaus
e2ee2cbf2d
enforce a 'deny all' default rule
...
this ensures that an access list is 'secure by default' and requires the user to create exceptions or holes in the proection instead of building the wall entirely. This also means that we no longer require the user to input any username/passwords or client addressses and can avoid internal errors which generate unhelpful user errors.
2020-04-13 23:31:54 -07:00
Kyle Klaus
005e64eb9f
valite auth/access rules in backend
2020-04-13 19:23:55 -07:00