0503a6af75
Fix so that nginx config is loaded after configuration happens
...
M backend/internal/access-list.js
2024-02-26 10:04:25 +11:00
db23c9a52f
Refactor certbot plugins install
...
- Added a script to install every single plugin, used in development and debugging
- Improved certbot plugin install commands
- Adjusted some version for plugins to install properly
- It's noted that some plugins require deps that do not match other plugins,
however these use cases should be extremely rare
2024-01-18 12:26:55 +10:00
834fb1a361
Add missing args to certbot command, was causing failures in rovokation
2024-01-12 17:04:55 +10:00
1be87f48c1
Merge pull request #3392 from stevecrozz/auto-renew-uses-bulitin-renew
...
Make auto-renew use built-in renew function
2024-01-12 12:15:37 +10:00
9c54d1b718
Provide the token model for certificate renewal
2024-01-10 20:08:36 -08:00
f7d1c490b3
Run renews sequentially
2024-01-10 20:08:36 -08:00
fe4bd9fed6
Make auto-renew use built-in renew function
2024-01-10 20:08:29 -08:00
e69684919c
Use nginxproxymanager/nginx-full image base
...
which has been updated with bookworm, python 3.8, certbot 2.8.0 and node 20
Moved rootfs scripts as /bin is a symlink in bookworm
2024-01-10 12:59:51 +10:00
388fff84f2
Fixes for the server reachability test.
...
- Do not apply HTTPs redirection for challenge used by the test.
- Set the `User-Agent` to avoid 403 answer from site24x7.com.
- Handle JSON parsing failure of the received body.
- Better handling of different error cases.
2023-12-19 17:22:33 -05:00
6f8db95249
Added force renewal + --dns-duckdns-no-txt-restore
2023-08-24 13:21:01 +02:00
f39e527680
drop --user on pip install dns plugin godaddy
...
Do not install dns_plugin into the user site because it will lack sys.path precedence to urllib3 in /opt/certbot/lib/python3.7/site-packages
2023-06-01 11:02:06 -07:00
124cb18e17
Fix renewing certs because of permission errors
2023-03-22 13:40:36 +10:00
77eb618758
Fix pip installs running as non-root user
2023-03-22 09:41:59 +10:00
2a07445005
Refactor configuration
...
- No longer use config npm package
- Prefer config from env vars, though still has support for config file
- No longer writes a config file for database config
- Writes keys to a new file in /data folder
- Removes a lot of cruft and improves config understanding
2023-03-21 16:53:39 +10:00
dad3e1da7c
Adds support to run processes as a user/group, defined
...
with PUID and PGID environment variables
- Detects if image is run with a user in docker command and fails if so
- Adds s6 prepare scripts for adding a 'npmuser'
- Split up and refactor the s6 prepare scripts
- Runs nginx and backend node as 'npmuser'
- Changes ownership of files required at startup
2023-03-20 16:56:52 +10:00
fccbde1371
fix linting
2023-03-17 14:23:12 +10:00
fec36834f7
- Updated objection, knex, liquidjs, signale and sqlite3 packages
...
- Changes for objection migration
- Moved common access template code to an include
- Fixed access rules configuration generation
2023-03-17 14:18:51 +10:00
00aeef75b6
Refactor nginx config functions, some don't need to report errors, save error'd config files as .err for debugging later
2023-03-17 11:34:27 +10:00
09d1d3744c
Merge pull request #2530 from jmerdich/jmerdich/fix-acl-edit-ssl
2023-03-08 21:08:52 +10:00
84e0b30f8d
Merge pull request #2411 from plantysnake/fix-certbot-plugins
...
Bugfix: Fix certbot plugin installation issues
2023-03-08 20:40:15 +10:00
30076a0e66
Merge pull request #2635 from skarlcf/security/CVE-2023-23596
...
Mitigate CVE-2023-23596
2023-03-08 08:25:38 +10:00
2ff66ee238
Add style required by linter
2023-03-07 17:15:03 +01:00
b0fd976b97
Make sure to lowercase email address entered by the user during login.
2023-02-26 22:24:58 -05:00
7fe7e94fbd
Mitigate CVE-2023-23596 by changing child_process.exec to child_process.execFile
2023-02-26 20:10:25 +01:00
c80d099193
ACL changes should not blow away cert config
...
When editing an access list, all affected sites get their config updated without certificates, functionally breaking https on those sites until they get a manual config change that rewrites the config properly. Properly fetch the certificate from the DB before `bulkGenerateConfigs` so it gets updated right.
I am not certain whether there are similar bugs in other places that use `bulkGenerateConfigs`.
Should fix #2254
2023-01-10 01:59:04 -05:00
8dee139810
Fix linter issues
2022-11-21 01:46:42 +03:00
6349cb6094
Fix cerbot plugin installation issues
2022-11-18 15:06:19 +03:00
fd30cfe98b
Fix linting
2022-11-15 07:54:48 +10:00
6f281fef42
Workaround for cloudflare plugin install ( #2381 )
2022-11-15 07:48:57 +10:00
366fcf0bed
Fix nginx/certificates search query
2022-02-12 12:46:06 +07:00
d7e0ae0fa0
Merge pull request #1701 from jc21/escape-credential-backslashes
...
Correctly escape backslashes in dns plugin credentials
2022-01-02 15:29:31 +10:00
29ee48530c
Merge pull request #1703 from luoweihua7/develop
...
fetch cloudflare ipv4/ipv6 fail #1405
2022-01-02 15:28:58 +10:00
c803ec7e26
Adds delay after reloading nginx before requesting ssl certificate using http challenge
2021-12-30 13:21:21 +01:00
7e67f33766
fetch cloudflare ipv4/ipv6 fail #1405
2021-12-30 11:50:21 +08:00
9dd5644183
Correctly escape backslashes in dns plugin credentials
2021-12-29 16:30:49 +01:00
d45f39aae3
Merge pull request #1538 from jc21/adds-http-challenge-test
...
Adds buttons to test availability of server from public internet
2021-11-10 09:15:26 +10:00
a517e80236
Merge pull request #1567 from jc21/removes-renew-delay
...
Removes random delay when renewing certificates with the renew now button
2021-11-08 12:26:34 +10:00
cf4d1f73fa
Uses letsencrypt config file everywhere
2021-11-06 22:31:13 +01:00
5f29f6b039
Removes random delay when renewing certificates with the renew now button
2021-11-05 14:20:12 +01:00
38ec0f9f95
Adds logs to backend when testing http challenge
2021-11-04 11:16:23 +01:00
9efe6cfb39
Minor fixes
2021-10-31 13:41:29 +01:00
c86a1a50bd
Fixes formatting
2021-10-31 00:28:43 +02:00
c55476b196
Adds buttons to test availability of server from public internet
2021-10-31 00:19:18 +02:00
4e3c7749af
Removes sorting of domain names when creating a certificate
2021-10-12 16:18:11 +02:00
6d8c4218f1
Replaces fixed certbot plugin version with optional version requirements
2021-10-07 17:13:48 +02:00
ca6561bf6c
updated debug statement
2021-09-01 11:50:51 +05:30
273a81471d
Revert "updated debug statement"
...
This reverts commit 8b07a67133
.
2021-09-01 11:47:47 +05:30
8b07a67133
updated debug statement
2021-09-01 11:46:10 +05:30
32089ea272
deferenced symlinks and downloaded the certs from live directory
2021-09-01 11:41:27 +05:30
658acd147c
updated certificate path
2021-09-01 07:38:11 +05:30