upstream changes (npm/nginx/dependencies) + add eslint

Signed-off-by: Zoey <zoey@z0ey.de>
2025-08-03 07:53:39 +00:00 · 2023-02-26 20:48:43 +01:00
parent 14c2253721
commit 309e81747e
30 changed files with 7800 additions and 119 deletions
--- a/backend/.prettierrc
+++ b/backend/.prettierrc
@@ -1,11 +0,0 @@
-{
-	"printWidth": 320,
-	"tabWidth": 4,
-	"useTabs": true,
-	"semi": true,
-	"singleQuote": true,
-	"bracketSpacing": true,
-	"jsxBracketSameLine": true,
-	"trailingComma": "all",
-	"proseWrap": "always"
-}
--- a/backend/.vscode/settings.json
+++ b/backend/.vscode/settings.json
@@ -1,8 +0,0 @@
-{
-	"editor.insertSpaces": false,
-	"editor.formatOnSave": true,
-	"files.trimTrailingWhitespace": true,
-	"editor.codeActionsOnSave": {
-		"source.fixAll.eslint": true
-	}
-}
--- a/backend/db.js
+++ b/backend/db.js
@@ -23,15 +23,15 @@ function generateDbConfig() {
 			}
 		};

-        if (process.env.DB_MYSQL_CA) {
+		if (process.env.DB_MYSQL_CA) {
 			newConfig.connection.ssl = {
-				ca: fs.readFileSync(process.env.DB_MYSQL_CA),
+				ca:                 fs.readFileSync(process.env.DB_MYSQL_CA),
 				rejectUnauthorized: true
 			};
 		}

 		return newConfig;
-    }
+	}
 }


--- a/backend/internal/access-list.js
+++ b/backend/internal/access-list.js
@@ -218,7 +218,7 @@ const internalAccessList = {
 				// re-fetch with expansions
 				return internalAccessList.get(access, {
 					id:     data.id,
-					expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.[clients,items]']
+					expand: ['owner', 'items', 'clients', 'proxy_hosts.[certificate,access_list.[clients,items]]']
 				}, true /* <- skip masking */);
 			})
 			.then((row) => {
@@ -256,7 +256,7 @@ const internalAccessList = {
 					.joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0')
 					.where('access_list.is_deleted', 0)
 					.andWhere('access_list.id', data.id)
-					.allowEager('[owner,items,clients,proxy_hosts.[*, access_list.[clients,items]]]')
+					.allowEager('[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]')
 					.omit(['access_list.is_deleted'])
 					.first();

@@ -507,7 +507,7 @@ const internalAccessList = {
 								if (typeof item.password !== 'undefined' && item.password.length) {
 									logger.info('Adding: ' + item.username);

-									utils.exec('/usr/bin/htpasswd -b "' + htpasswd_file + '" "' + item.username + '" "' + item.password + '"')
+									utils.execFile('htpasswd', ['-b', htpasswd_file, item.username, item.password])
 										.then((/*result*/) => {
 											next();
 										})
--- a/backend/internal/certificate.js
+++ b/backend/internal/certificate.js
@@ -1,21 +1,21 @@
-const _                  = require('lodash');
-const fs                 = require('fs');
-const https              = require('https');
-const tempWrite          = require('temp-write');
-const moment             = require('moment');
-const logger             = require('../logger').ssl;
-const error              = require('../lib/error');
-const utils              = require('../lib/utils');
-const certificateModel   = require('../models/certificate');
-const dnsPlugins         = require('../global/certbot-dns-plugins');
-const internalAuditLog   = require('./audit-log');
-const internalNginx      = require('./nginx');
-const internalHost       = require('./host');
-const archiver           = require('archiver');
-const path               = require('path');
-const { isArray }        = require('lodash');
-const certbotConfig      = '/data/tls/certbot/config.ini';
-const certbotCommand     = 'certbot --config-dir /data/tls/certbot';
+const _                = require('lodash');
+const fs               = require('fs');
+const https            = require('https');
+const tempWrite        = require('temp-write');
+const moment           = require('moment');
+const logger           = require('../logger').ssl;
+const error            = require('../lib/error');
+const utils            = require('../lib/utils');
+const certificateModel = require('../models/certificate');
+const dnsPlugins       = require('../global/certbot-dns-plugins');
+const internalAuditLog = require('./audit-log');
+const internalNginx    = require('./nginx');
+const internalHost     = require('./host');
+const archiver         = require('archiver');
+const path             = require('path');
+const { isArray }      = require('lodash');
+const certbotConfig    = '/data/tls/certbot/config.ini';
+const certbotCommand   = 'certbot --config-dir /data/tls/certbot';

 function omissions() {
 	return ['is_deleted'];
--- a/backend/internal/token.js
+++ b/backend/internal/token.js
@@ -24,7 +24,7 @@ module.exports = {

 		return userModel
 			.query()
-			.where('email', data.identity)
+			.where('email', data.identity.toLowerCase().trim())
 			.andWhere('is_deleted', 0)
 			.andWhere('is_disabled', 0)
 			.first()
--- a/backend/lib/utils.js
+++ b/backend/lib/utils.js
@@ -1,4 +1,5 @@
-const exec = require('child_process').exec;
+const exec     = require('child_process').exec;
+const execFile = require('child_process').execFile;

 module.exports = {

@@ -16,5 +17,21 @@ module.exports = {
 				}
 			});
 		});
+	},
+
+	/**
+	 * @param   {Array} cmd
+	 * @returns {Promise}
+	 */
+	execFile: function (cmd) {
+		return new Promise((resolve, reject) => {
+			execFile(cmd, function (err, stdout, /*stderr*/) {
+				if (err && typeof err === 'object') {
+					reject(err);
+				} else {
+					resolve(stdout.trim());
+				}
+			});
+		});
 	}
 };
--- a/backend/package.json
+++ b/backend/package.json
@@ -22,17 +22,17 @@
 		"moment": "2.29.4",
 		"mysql": "2.18.1",
 		"node-rsa": "1.1.1",
-		"nodemon": "2.0.20",
+		"nodemon": "2.0.21",
 		"objection": "2.2.18",
 		"path": "0.12.7",
 		"signale": "1.4.0",
 		"sqlite3": "5.1.4",
 		"temp-write": "4.0.0"
 	},
-	"signale": {
-		"displayDate": true,
-		"displayTimestamp": true
-	},
 	"author": "Jamie Curnow <jc@jc21.com>",
-	"license": "MIT"
+	"license": "MIT",
+	"devDependencies": {
+		"eslint": "8.35.0",
+		"eslint-plugin-align-assignments": "1.1.2"
+	}
 }
--- a/backend/templates/_listen.conf
+++ b/backend/templates/_listen.conf
@@ -5,10 +5,11 @@
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
 {% if hsts_subdomains %}
-  listen 443 http3;
-  listen [::]:443 http3;
+  listen 443 quic;
+  listen [::]:443 quic;

  add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';
+  http3 on;
 {% endif %}
 {% endif %}
  server_name {{ domain_names | join: " " }};
--- a/backend/templates/default.conf
+++ b/backend/templates/default.conf
@@ -8,8 +8,8 @@ server {
  listen 443 ssl http2 default_server;
  listen [::]:443 ssl http2 default_server;
  
-  listen 443 http3 default_server;
-  listen [::]:443 http3 default_server;
+  listen 443 quic default_server;
+  listen [::]:443 quic default_server;
  
  server_name _;
  
@@ -19,6 +19,7 @@ server {
  include conf.d/include/acme-challenge.conf;
  include conf.d/include/block-exploits.conf;
  add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';
+  http3 on;
  
  #ssl_certificate ;
  #ssl_certificate_key ;