From 96c58b203ee80690a1af1ce8f4ea28a50285eca9 Mon Sep 17 00:00:00 2001 From: Guiorgy Date: Thu, 17 Oct 2024 15:34:04 +0400 Subject: [PATCH 01/10] normalize indentations in certbot-dns-plugins.json --- global/certbot-dns-plugins.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 6729842e..dee7b861 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -7,7 +7,7 @@ "credentials": "dns_acmedns_api_url = http://acmedns-server/\ndns_acmedns_registration_file = /data/acme-registration.json", "full_plugin_name": "dns-acmedns" }, - "active24":{ + "active24":{ "name": "Active24", "package_name": "certbot-dns-active24", "version": "~=1.5.1", @@ -424,13 +424,13 @@ "full_plugin_name": "dns-rfc2136" }, "rockenstein": { - "name": "rockenstein AG", - "package_name": "certbot-dns-rockenstein", - "version": "~=1.0.0", - "dependencies": "", - "credentials": "dns_rockenstein_token=", - "full_plugin_name": "dns-rockenstein" - }, + "name": "rockenstein AG", + "package_name": "certbot-dns-rockenstein", + "version": "~=1.0.0", + "dependencies": "", + "credentials": "dns_rockenstein_token=", + "full_plugin_name": "dns-rockenstein" + }, "route53": { "name": "Route 53 (Amazon)", "package_name": "certbot-dns-route53", From d92421d098d26eee73d4d80a4a075efe058257de Mon Sep 17 00:00:00 2001 From: "T. Todua" <7117978+ttodua@users.noreply.github.com> Date: Fri, 18 Oct 2024 15:33:32 +0400 Subject: [PATCH 02/10] doc(site) - default credentials change --- docs/src/setup/index.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/docs/src/setup/index.md b/docs/src/setup/index.md index 9b1505be..bffcf6d5 100644 --- a/docs/src/setup/index.md +++ b/docs/src/setup/index.md @@ -137,5 +137,13 @@ Email: admin@example.com Password: changeme ``` -Immediately after logging in with this default user you will be asked to modify your details and change your password. +Immediately after logging in with this default user you will be asked to modify your details and change your password. You can set pre-defined initial credentials in docker-compose: + + +``` + environment: + INITIAL_ADMIN_EMAIL: my@example.com + INITIAL_ADMIN_PASSWORD: mypassword1 +``` + From 68a9baf206fb722b10d829633cb41b22b22e1c3d Mon Sep 17 00:00:00 2001 From: "T. Todua" <7117978+ttodua@users.noreply.github.com> Date: Fri, 18 Oct 2024 15:35:15 +0400 Subject: [PATCH 03/10] minor --- docs/src/setup/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/setup/index.md b/docs/src/setup/index.md index bffcf6d5..ee8e9903 100644 --- a/docs/src/setup/index.md +++ b/docs/src/setup/index.md @@ -137,7 +137,7 @@ Email: admin@example.com Password: changeme ``` -Immediately after logging in with this default user you will be asked to modify your details and change your password. You can set pre-defined initial credentials in docker-compose: +Immediately after logging in with this default user you will be asked to modify your details and change your password. You can change defaults with: ``` From d7e0558a35a50a3f117e129ceec698b3ee15aefb Mon Sep 17 00:00:00 2001 From: Sergey 'dreik' Kolesnik Date: Thu, 24 Oct 2024 01:30:14 +0300 Subject: [PATCH 04/10] http2 directive to reduce warns in logs --- backend/templates/_listen.conf | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/backend/templates/_listen.conf b/backend/templates/_listen.conf index ad1c96ba..34a808e6 100644 --- a/backend/templates/_listen.conf +++ b/backend/templates/_listen.conf @@ -5,11 +5,16 @@ #listen [::]:80; {% endif %} {% if certificate -%} - listen 443 ssl{% if http2_support == 1 or http2_support == true %} http2{% endif %}; + listen 443 ssl; {% if ipv6 -%} - listen [::]:443 ssl{% if http2_support == 1 or http2_support == true %} http2{% endif %}; + listen [::]:443 ssl; {% else -%} #listen [::]:443; {% endif %} {% endif %} server_name {{ domain_names | join: " " }}; +{% if http2_support == 1 or http2_support == true %} + http2 on; +{% else -%} + http2 off; +{% endif %} \ No newline at end of file From dad8d0ca00d0d366d46d1bbe85b7c73255cde756 Mon Sep 17 00:00:00 2001 From: Chris Maffey Date: Thu, 24 Oct 2024 14:04:17 +1300 Subject: [PATCH 05/10] Update _access.conf the pass_auth and satisfy_any properties and now boolean true/false, they do not == 1 so the switching in this template breaks --- backend/templates/_access.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/templates/_access.conf b/backend/templates/_access.conf index 447006c0..f5926377 100644 --- a/backend/templates/_access.conf +++ b/backend/templates/_access.conf @@ -4,7 +4,7 @@ auth_basic "Authorization required"; auth_basic_user_file /data/access/{{ access_list_id }}; - {% if access_list.pass_auth == 0 %} + {% if access_list.pass_auth == 0 or access_list.pass_auth == true %} proxy_set_header Authorization ""; {% endif %} @@ -17,7 +17,7 @@ deny all; # Access checks must... - {% if access_list.satisfy_any == 1 %} + {% if access_list.satisfy_any == 1 or access_list.satisfy_any == true %} satisfy any; {% else %} satisfy all; From 2e9a4f1aed06231f2ce1582fa75d603f10779fa6 Mon Sep 17 00:00:00 2001 From: Chris Maffey Date: Thu, 24 Oct 2024 17:29:16 +1300 Subject: [PATCH 06/10] Update put.json Password can be left blank for updates. Otherwise you have to reenter the password every time you save the auth list --- backend/schema/paths/nginx/access-lists/listID/put.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/backend/schema/paths/nginx/access-lists/listID/put.json b/backend/schema/paths/nginx/access-lists/listID/put.json index 3a69f856..7f887dad 100644 --- a/backend/schema/paths/nginx/access-lists/listID/put.json +++ b/backend/schema/paths/nginx/access-lists/listID/put.json @@ -49,8 +49,7 @@ "minLength": 1 }, "password": { - "type": "string", - "minLength": 1 + "type": "string" } } } From 1c1cee383674669adeb10b2b290699943992e411 Mon Sep 17 00:00:00 2001 From: Emil <651107+prospo@users.noreply.github.com> Date: Fri, 25 Oct 2024 13:25:09 +0000 Subject: [PATCH 07/10] feat: Add leaseweb to certbot-dns-plugins --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index dee7b861..07587774 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -303,6 +303,14 @@ "credentials": "dns_joker_username = \ndns_joker_password = \ndns_joker_domain = ", "full_plugin_name": "dns-joker" }, + "leaseweb": { + "name": "LeaseWeb", + "package_name": "certbot-dns-leaseweb", + "version": "~=1.0.1", + "dependencies": "", + "credentials": "dns_leaseweb_api_token = 01234556789", + "full_plugin_name": "dns-leaseweb" + }, "linode": { "name": "Linode", "package_name": "certbot-dns-linode", From e9d4f5b827564fcb90883a77710779192495f260 Mon Sep 17 00:00:00 2001 From: mitossoft-rd <106842163+mitossoft-rd@users.noreply.github.com> Date: Mon, 28 Oct 2024 02:59:23 +0300 Subject: [PATCH 08/10] Remove variable usage from proxy_pass directive to fix resolution issues By using a static URL, the backend server can be accessed reliably, avoiding the common 404 errors or "no resolver defined" issues seen when variables are used. --- backend/templates/_location.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/templates/_location.conf b/backend/templates/_location.conf index fcc7d121..04a4b18f 100644 --- a/backend/templates/_location.conf +++ b/backend/templates/_location.conf @@ -11,7 +11,7 @@ set $proxy_server "{{ forward_host }}"; set $proxy_port {{ forward_port }}; - proxy_pass $proxy_forward_scheme://$proxy_server:$proxy_port{{ forward_path }}; + proxy_pass {{ forward_scheme }}:{{ forward_host }}:{{ forward_port }}{{ forward_path }}; {% include "_access.conf" %} {% include "_assets.conf" %} From a55de386e74cb21cf35a60251bf1e920c9aca062 Mon Sep 17 00:00:00 2001 From: mitossoft-rd <106842163+mitossoft-rd@users.noreply.github.com> Date: Mon, 28 Oct 2024 15:15:08 +0300 Subject: [PATCH 09/10] Fix URL format --- backend/templates/_location.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/templates/_location.conf b/backend/templates/_location.conf index 04a4b18f..ba9ea695 100644 --- a/backend/templates/_location.conf +++ b/backend/templates/_location.conf @@ -11,7 +11,7 @@ set $proxy_server "{{ forward_host }}"; set $proxy_port {{ forward_port }}; - proxy_pass {{ forward_scheme }}:{{ forward_host }}:{{ forward_port }}{{ forward_path }}; + proxy_pass {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }}; {% include "_access.conf" %} {% include "_assets.conf" %} From f7d3ca0b07a51578350575f53799529905758d83 Mon Sep 17 00:00:00 2001 From: mitossoft-rd <106842163+mitossoft-rd@users.noreply.github.com> Date: Mon, 28 Oct 2024 15:18:54 +0300 Subject: [PATCH 10/10] Cleaning unused variable. --- backend/templates/_location.conf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/backend/templates/_location.conf b/backend/templates/_location.conf index ba9ea695..a2ecb166 100644 --- a/backend/templates/_location.conf +++ b/backend/templates/_location.conf @@ -7,10 +7,6 @@ proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real-IP $remote_addr; - set $proxy_forward_scheme {{ forward_scheme }}; - set $proxy_server "{{ forward_host }}"; - set $proxy_port {{ forward_port }}; - proxy_pass {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }}; {% include "_access.conf" %}