clones/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2024-09-21 03:37:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,459 Commits 14 Branches 71 Tags 21 MiB
develop
Commit Graph

113 Commits

Author SHA1 Message Date
Jamie Curnow
99cce7e2b0
Fix command injection when passing bash commands into the dns provider configuration 
- Use built in node functions to write the file
- And to delete the file
 2024-07-01 16:08:01 +10:00
Tim
0503a6af75 Fix so that nginx config is loaded after configuration happens 
M	backend/internal/access-list.js
 2024-02-26 10:04:25 +11:00
Jamie Curnow
db23c9a52f
Refactor certbot plugins install 
- Added a script to install every single plugin, used in development and debugging
- Improved certbot plugin install commands
- Adjusted some version for plugins to install properly
- It's noted that some plugins require deps that do not match other plugins,
  however these use cases should be extremely rare
 2024-01-18 12:26:55 +10:00
Jamie Curnow
834fb1a361
Add missing args to certbot command, was causing failures in rovokation 2024-01-12 17:04:55 +10:00
jc21
1be87f48c1
Merge pull request #3392 from stevecrozz/auto-renew-uses-bulitin-renew 
Make auto-renew use built-in renew function
 2024-01-12 12:15:37 +10:00
Stephen Crosby
9c54d1b718 Provide the token model for certificate renewal 2024-01-10 20:08:36 -08:00
Stephen Crosby
f7d1c490b3 Run renews sequentially 2024-01-10 20:08:36 -08:00
Stephen Crosby
fe4bd9fed6 Make auto-renew use built-in renew function 2024-01-10 20:08:29 -08:00
Jamie Curnow
e69684919c
Use nginxproxymanager/nginx-full image base 
which has been updated with bookworm, python 3.8, certbot 2.8.0 and node 20

Moved rootfs scripts as /bin is a symlink in bookworm
 2024-01-10 12:59:51 +10:00
Jocelyn Le Sage
388fff84f2 Fixes for the server reachability test. 
- Do not apply HTTPs redirection for challenge used by the test.
- Set the `User-Agent` to avoid 403 answer from site24x7.com.
- Handle JSON parsing failure of the received body.
- Better handling of different error cases.
 2023-12-19 17:22:33 -05:00
Devedse
6f8db95249 Added force renewal + --dns-duckdns-no-txt-restore 2023-08-24 13:21:01 +02:00
Joe Manifold
f39e527680
drop --user on pip install dns plugin godaddy 
Do not install dns_plugin into the user site because it will lack sys.path precedence to urllib3 in /opt/certbot/lib/python3.7/site-packages
 2023-06-01 11:02:06 -07:00
Jamie Curnow
124cb18e17
Fix renewing certs because of permission errors 2023-03-22 13:40:36 +10:00
Jamie Curnow
77eb618758
Fix pip installs running as non-root user 2023-03-22 09:41:59 +10:00
Jamie Curnow
2a07445005
Refactor configuration 
- No longer use config npm package
- Prefer config from env vars, though still has support for config file
- No longer writes a config file for database config
- Writes keys to a new file in /data folder
- Removes a lot of cruft and improves config understanding
 2023-03-21 16:53:39 +10:00
Jamie Curnow
dad3e1da7c
Adds support to run processes as a user/group, defined 
with PUID and PGID environment variables

- Detects if image is run with a user in docker command and fails if so
- Adds s6 prepare scripts for adding a 'npmuser'
- Split up and refactor the s6 prepare scripts
- Runs nginx and backend node as 'npmuser'
- Changes ownership of files required at startup
 2023-03-20 16:56:52 +10:00
Jamie Curnow
fccbde1371
fix linting 2023-03-17 14:23:12 +10:00
Jamie Curnow
fec36834f7
- Updated objection, knex, liquidjs, signale and sqlite3 packages 
- Changes for objection migration
- Moved common access template code to an include
- Fixed access rules configuration generation
 2023-03-17 14:18:51 +10:00
Jamie Curnow
00aeef75b6
Refactor nginx config functions, some don't need to report errors, save error'd config files as .err for debugging later 2023-03-17 11:34:27 +10:00
jc21
09d1d3744c
Merge pull request #2530 from jmerdich/jmerdich/fix-acl-edit-ssl 2023-03-08 21:08:52 +10:00
jc21
84e0b30f8d
Merge pull request #2411 from plantysnake/fix-certbot-plugins 
Bugfix: Fix certbot plugin installation issues
 2023-03-08 20:40:15 +10:00
jc21
30076a0e66
Merge pull request #2635 from skarlcf/security/CVE-2023-23596 
Mitigate CVE-2023-23596
 2023-03-08 08:25:38 +10:00
Kamil Skrzypinski
2ff66ee238 Add style required by linter 2023-03-07 17:15:03 +01:00
Jocelyn Le Sage
b0fd976b97 Make sure to lowercase email address entered by the user during login. 2023-02-26 22:24:58 -05:00
Kamil Skrzypinski
7fe7e94fbd Mitigate CVE-2023-23596 by changing child_process.exec to child_process.execFile 2023-02-26 20:10:25 +01:00
Jake Merdich
c80d099193
ACL changes should not blow away cert config 
When editing an access list, all affected sites get their config updated without certificates, functionally breaking https on those sites until they get a manual config change that rewrites the config properly. Properly fetch the certificate from the DB before `bulkGenerateConfigs` so it gets updated right.

I am not certain whether there are similar bugs in other places that use `bulkGenerateConfigs`.

Should fix #2254
 2023-01-10 01:59:04 -05:00
plantysnake
8dee139810 Fix linter issues 2022-11-21 01:46:42 +03:00
plantysnake
6349cb6094 Fix cerbot plugin installation issues 2022-11-18 15:06:19 +03:00
Jamie Curnow
fd30cfe98b Fix linting 2022-11-15 07:54:48 +10:00
Jamie Curnow
6f281fef42 Workaround for cloudflare plugin install (#2381) 2022-11-15 07:48:57 +10:00
Ivan Kristianto
366fcf0bed Fix nginx/certificates search query 2022-02-12 12:46:06 +07:00
jc21
d7e0ae0fa0
Merge pull request #1701 from jc21/escape-credential-backslashes 
Correctly escape backslashes in dns plugin credentials
 2022-01-02 15:29:31 +10:00
jc21
29ee48530c
Merge pull request #1703 from luoweihua7/develop 
fetch cloudflare ipv4/ipv6 fail #1405
 2022-01-02 15:28:58 +10:00
chaptergy
c803ec7e26 Adds delay after reloading nginx before requesting ssl certificate using http challenge 2021-12-30 13:21:21 +01:00
Larify
7e67f33766 fetch cloudflare ipv4/ipv6 fail #1405 2021-12-30 11:50:21 +08:00
chaptergy
9dd5644183 Correctly escape backslashes in dns plugin credentials 2021-12-29 16:30:49 +01:00
jc21
d45f39aae3
Merge pull request #1538 from jc21/adds-http-challenge-test 
Adds buttons to test availability of server from public internet
 2021-11-10 09:15:26 +10:00
jc21
a517e80236
Merge pull request #1567 from jc21/removes-renew-delay 
Removes random delay when renewing certificates with the renew now button
 2021-11-08 12:26:34 +10:00
Julian Reinhardt
cf4d1f73fa Uses letsencrypt config file everywhere 2021-11-06 22:31:13 +01:00
Julian Reinhardt
5f29f6b039 Removes random delay when renewing certificates with the renew now button 2021-11-05 14:20:12 +01:00
Julian Reinhardt
38ec0f9f95 Adds logs to backend when testing http challenge 2021-11-04 11:16:23 +01:00
Julian Reinhardt
9efe6cfb39 Minor fixes 2021-10-31 13:41:29 +01:00
Julian Reinhardt
c86a1a50bd Fixes formatting 2021-10-31 00:28:43 +02:00
Julian Reinhardt
c55476b196 Adds buttons to test availability of server from public internet 2021-10-31 00:19:18 +02:00
chaptergy
4e3c7749af Removes sorting of domain names when creating a certificate 2021-10-12 16:18:11 +02:00
chaptergy
6d8c4218f1 Replaces fixed certbot plugin version with optional version requirements 2021-10-07 17:13:48 +02:00
Rahul Somasundaram
ca6561bf6c
updated debug statement 2021-09-01 11:50:51 +05:30
Rahul Somasundaram
273a81471d
Revert "updated debug statement" 
This reverts commit 8b07a67133.
 2021-09-01 11:47:47 +05:30
Rahul Somasundaram
8b07a67133
updated debug statement 2021-09-01 11:46:10 +05:30
Rahul Somasundaram
32089ea272
deferenced symlinks and downloaded the certs from live directory 2021-09-01 11:41:27 +05:30