fe2d8895d6
Cypress test for http and dns cert provision
2024-10-16 14:53:57 +10:00
5bdc05878f
Fix issues with certbot command when using LE_SERVER
2024-10-16 11:23:58 +10:00
929ac3bd7c
Adds env var to set certbot acme server
...
this is required for test suite to use dns certbot request
without talking to live or staging letsencrypt servers or
production level dns providers. This is a backwards port
from the v3 branch and opens the door for a full certificate
cypress test
2024-10-16 11:06:29 +10:00
351ba8dacd
More tests for certificates, fixed schema problems
2024-10-16 08:32:49 +10:00
78f3e7281b
Merge pull request #4015 from NginxProxyManager/dependabot/npm_and_yarn/backend/express-4.20.0
...
Bump express from 4.19.2 to 4.20.0 in /backend
2024-10-11 15:18:36 +10:00
0bfa6c9d4f
Merge pull request #3973 from ddshd/proxy-add-set
...
Add set directives for proxied paths to keep nginx from crashing if upstream is down
2024-10-11 14:08:39 +10:00
f71de7474d
Bump express from 4.19.2 to 4.20.0 in /backend
...
Bumps [express](https://github.com/expressjs/express ) from 4.19.2 to 4.20.0.
- [Release notes](https://github.com/expressjs/express/releases )
- [Changelog](https://github.com/expressjs/express/blob/master/History.md )
- [Commits](https://github.com/expressjs/express/compare/4.19.2...4.20.0 )
---
updated-dependencies:
- dependency-name: express
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-10-11 04:06:52 +00:00
02a7b43932
Merge pull request #3991 from nlynzaad/develop_mysql2
...
swap mysql library and knex client for mysql2
2024-10-11 14:05:26 +10:00
e0352ecc48
Merge pull request #4016 from NginxProxyManager/dependabot/npm_and_yarn/backend/body-parser-1.20.3
...
Bump body-parser from 1.20.2 to 1.20.3 in /backend
2024-10-11 13:27:14 +10:00
c39d5433bc
Fix CVE-2024-46256 and CVE-2024-46257
...
- Schema validate against bad domain characters
- Integration test for CVE POC examples
- Cypress rewrite of plugins for file upload
2024-10-11 11:31:57 +10:00
7c97516de6
Fix schema issue with cors
2024-10-10 16:31:19 +10:00
4572b205c9
Openapi Schema improvements
...
- Return proper booleans in api responses
- Update jsonschemavalidation to latest draft
2024-10-10 15:53:11 +10:00
dfe2588523
Refactor API Schema and validation
...
- /schema now returns full openapi/swagger schema
- That schema is used to validate incoming requests
- And used as a contract in future integration tests
- Moved route files up one level
- Fixed incorrect 404 reponses when getting objects
- Fixed saving new objects and passing jsonschemavalidation
2024-10-09 18:05:15 +10:00
d69cb26157
Bump body-parser from 1.20.2 to 1.20.3 in /backend
...
Bumps [body-parser](https://github.com/expressjs/body-parser ) from 1.20.2 to 1.20.3.
- [Release notes](https://github.com/expressjs/body-parser/releases )
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md )
- [Commits](https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3 )
---
updated-dependencies:
- dependency-name: body-parser
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-09-21 08:52:30 +00:00
48a9f5f9db
swop mysql library and knex client for mysql2
2024-09-10 23:08:02 +02:00
554d1ff2b6
Add set directives for proxies to keep from crashing if upstream is down
2024-09-04 00:07:43 -04:00
99cce7e2b0
Fix command injection when passing bash commands into the dns provider configuration
...
- Use built in node functions to write the file
- And to delete the file
2024-07-01 16:08:01 +10:00
b33012705b
Merge pull request #3790 from DavidLievrouw/initial_admin
...
Read initial admin email and password from env vars
2024-07-01 15:22:15 +10:00
e948b60194
Merge pull request #3809 from NginxProxyManager/dependabot/npm_and_yarn/backend/braces-3.0.3
...
Bump braces from 3.0.2 to 3.0.3 in /backend
2024-07-01 15:20:48 +10:00
d1c23b6286
Merge pull request #3833 from NginxProxyManager/dependabot/npm_and_yarn/backend/glob-parent-5.1.2
...
Bump glob-parent from 5.1.1 to 5.1.2 in /backend
2024-07-01 15:19:39 +10:00
001c77e686
Fix syntax that causes errors (generateKeys log)
2024-06-30 22:27:54 +09:00
50aeae234f
Bump glob-parent from 5.1.1 to 5.1.2 in /backend
...
Bumps [glob-parent](https://github.com/gulpjs/glob-parent ) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases )
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md )
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2 )
---
updated-dependencies:
- dependency-name: glob-parent
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-06-27 18:24:09 +00:00
6f9eed8a61
Bump braces from 3.0.2 to 3.0.3 in /backend
...
Bumps [braces](https://github.com/micromatch/braces ) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md )
- [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3 )
---
updated-dependencies:
- dependency-name: braces
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-06-16 10:41:32 +00:00
d66e4e03e6
#3790 Attempt to make ci happy.
2024-06-03 13:44:08 +02:00
1d19c29bb0
Read initial admin email and password from env vars.
2024-06-03 13:32:23 +02:00
3754a569ba
Merge pull request #3729 from clhey/custom_proxy
...
move advanced_config section of /app/templates/_location.conf to top of default config
2024-05-20 13:53:09 +10:00
35f0fe745d
Merge pull request #3569 from NginxProxyManager/dependabot/npm_and_yarn/backend/ip-2.0.1
...
Bump ip from 2.0.0 to 2.0.1 in /backend
2024-05-02 08:19:02 +10:00
280bac8b43
advanced config move to top of default confg
2024-04-28 18:18:38 +08:00
5a761236c5
Bump express from 4.17.3 to 4.19.2 in /backend
...
Bumps [express](https://github.com/expressjs/express ) from 4.17.3 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases )
- [Changelog](https://github.com/expressjs/express/blob/master/History.md )
- [Commits](https://github.com/expressjs/express/compare/4.17.3...4.19.2 )
---
updated-dependencies:
- dependency-name: express
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-03-28 02:21:37 +00:00
63cd9ba08f
Merge pull request #3581 from davidindra/increase-max-domains-count
...
Fix: increase max number of domains to 100 (match with Let's Encrypt)
2024-02-27 11:36:04 +10:00
10ece3548d
Fixing "the map directive is not allowed here" at the validation stage (see https://github.com/NginxProxyManager/nginx-proxy-manager/pull/3478 )
2024-02-27 00:42:58 +01:00
0503a6af75
Fix so that nginx config is loaded after configuration happens
...
M backend/internal/access-list.js
2024-02-26 10:04:25 +11:00
1fb9a75a33
Fix: increase max number of domains to 100
2024-02-23 15:37:32 +01:00
c55e47aacf
Bump ip from 2.0.0 to 2.0.1 in /backend
...
Bumps [ip](https://github.com/indutny/node-ip ) from 2.0.0 to 2.0.1.
- [Commits](https://github.com/indutny/node-ip/compare/v2.0.0...v2.0.1 )
---
updated-dependencies:
- dependency-name: ip
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-02-20 21:49:54 +00:00
da820db4e1
Fix startup hang due to unresolved promise
...
Affects instances where there are certs but none
of them are dns validated
2024-01-21 20:48:53 +10:00
0353051436
Prevent installing same plugin over and over
2024-01-18 16:06:09 +10:00
a3630a6286
Fix unused var
2024-01-18 15:17:27 +10:00
10d9760242
Refactor certbot plugin install for setup
2024-01-18 15:13:16 +10:00
db23c9a52f
Refactor certbot plugins install
...
- Added a script to install every single plugin, used in development and debugging
- Improved certbot plugin install commands
- Adjusted some version for plugins to install properly
- It's noted that some plugins require deps that do not match other plugins,
however these use cases should be extremely rare
2024-01-18 12:26:55 +10:00
834fb1a361
Add missing args to certbot command, was causing failures in rovokation
2024-01-12 17:04:55 +10:00
1be87f48c1
Merge pull request #3392 from stevecrozz/auto-renew-uses-bulitin-renew
...
Make auto-renew use built-in renew function
2024-01-12 12:15:37 +10:00
9c54d1b718
Provide the token model for certificate renewal
2024-01-10 20:08:36 -08:00
f7d1c490b3
Run renews sequentially
2024-01-10 20:08:36 -08:00
fe4bd9fed6
Make auto-renew use built-in renew function
2024-01-10 20:08:29 -08:00
e69684919c
Use nginxproxymanager/nginx-full image base
...
which has been updated with bookworm, python 3.8, certbot 2.8.0 and node 20
Moved rootfs scripts as /bin is a symlink in bookworm
2024-01-10 12:59:51 +10:00
09d5e2c94f
Merge pull request #3360 from DarioViva42/hsts-only-with-https
...
only add hsts header with https.
2024-01-09 08:16:01 +10:00
965873adc5
Merge pull request #3377 from jlesage/http2-support-fix
...
Fixed issue where the HTTP2 support was always enabled in nginx config
2024-01-08 10:33:47 +10:00
5de95a8c90
Merge pull request #3382 from r3na/patch-1
...
fix: increasing maxOptions (amount of domains) to 30
2024-01-08 10:26:01 +10:00
388fff84f2
Fixes for the server reachability test.
...
- Do not apply HTTPs redirection for challenge used by the test.
- Set the `User-Agent` to avoid 403 answer from site24x7.com.
- Handle JSON parsing failure of the received body.
- Better handling of different error cases.
2023-12-19 17:22:33 -05:00
1975e4a151
fix: updating maxItems (schema/definitions) to 30
2023-12-12 12:45:35 +01:00