upstream changes (npm/nginx/dependencies) + add eslint

Signed-off-by: Zoey <zoey@z0ey.de>
2025-08-03 16:03:38 +00:00 · 2023-02-26 20:48:43 +01:00
parent 14c2253721
commit 309e81747e
30 changed files with 7800 additions and 119 deletions
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -21,7 +21,7 @@ jobs:
        uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
-          node-version: 18
+          node-version: 19
      - name: Test Backend
        run: |
          sudo pip install certbot
@@ -30,7 +30,7 @@ jobs:
          sudo cp rootfs/etc/tls/certbot.ini /data/tls/certbot/config.ini
          mv global backend
          cd backend
-          npm install --force
+          npm install --package-lock=false --force
          sudo nginx
          NODE_ENV=production sudo -E timeout 30 node --abort_on_uncaught_exception --max_old_space_size=250 index.js || if [ "$?" == "124" ]; then exit 0; else exit 1; fi
      - name: Kill workflow
--- a/.github/workflows/frontend.yml
+++ b/.github/workflows/frontend.yml
@@ -16,7 +16,7 @@ jobs:
        uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
-          node-version: 18
+          node-version: 19
      - name: Prepare frontend
        run: |
          export NODE_OPTIONS=--openssl-legacy-provider
--- a/.github/workflows/js.yml
+++ b/.github/workflows/js.yml
@@ -0,0 +1,34 @@
 name: js
 on:
  push:
  schedule:
    - cron: "0 */6 * * *"
  workflow_dispatch:
 jobs:
  js:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
          node-version: 19
      - name: eslint
        run: |
          cd backend
          npm install --package-lock=false --force --only=dev
          npx eslint . --fix
      - name: update
        run: |
          curl -L https://unpkg.com/xregexp/xregexp-all.js -o rootfs/nftd/xregexp-all.js
          curl -L https://unpkg.com/showdown/dist/showdown.min.js -o rootfs/nftd/showdown.min.js
          curl -L https://code.jquery.com/jquery-"$(git ls-remote --tags https://github.com/jquery/jquery | cut -d/ -f3 | sort -V | tail -1 | sed -E "s/\^\{\}//")".min.js -o rootfs/nftd/jquery.min.js
          curl -L https://cdn.jsdelivr.net/npm/bootstrap@"$(git ls-remote --tags https://github.com/twbs/bootstrap v3.3.* | cut -d/ -f3 | sort -V | tail -1 | sed -E "s/\^\{\}//")"/dist/css/bootstrap.min.css -o rootfs/html/404/bootstrap.min.css
          curl -L https://cdn.jsdelivr.net/npm/bootstrap@"$(git ls-remote --tags https://github.com/twbs/bootstrap v3.3.* | cut -d/ -f3 | sort -V | tail -1 | sed -E "s/\^\{\}//")"/dist/css/bootstrap.min.css -o rootfs/html/default/bootstrap.min.css
      - name: push changes
        run: |
          git add -A
          git config user.name "GitHub"
          git config user.email "noreply@github.com"
          git diff-index --quiet HEAD || git commit -sm "js"
          git push
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@@ -16,7 +16,7 @@ jobs:
        uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
-          node-version: 18
+          node-version: 19
      - name: Test Backend
        run: |
          sudo pip install certbot
@@ -25,7 +25,7 @@ jobs:
          sudo cp rootfs/etc/tls/certbot.ini /data/tls/certbot/config.ini
          mv global backend
          cd backend
-          npm install --force
+          npm install --package-lock=false --force
          sudo nginx
          NODE_ENV=production sudo -E timeout 30 node --abort_on_uncaught_exception --max_old_space_size=250 index.js || if [ "$?" == "124" ]; then exit 0; else exit 1; fi
      - name: Kill workflow
@@ -39,7 +39,7 @@ jobs:
        uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
-          node-version: 18
+          node-version: 19
      - name: Prepare frontend
        run: |
          export NODE_OPTIONS=--openssl-legacy-provider
--- a/10
+++ b/10
@@ -1,9 +1,12 @@
-FROM zoeyvid/nginx-quic:81
+FROM zoeyvid/nginx-quic:84
 COPY rootfs          /
 COPY backend         /app
 COPY global          /app/global
 COPY frontend/dist   /app/frontend
 ENV NODE_ENV=production \
    DB_SQLITE_FILE=/data/database.sqlite
 WORKDIR /app
 RUN apk upgrade --no-cache && \
    apk add --no-cache ca-certificates tzdata \
@@ -13,14 +16,11 @@ RUN apk upgrade --no-cache && \
    npm build-base libffi-dev && \
 # Build Backend
    sed -i "s|\"0.0.0\"|\""$(cat global/.version)"\"|g" package.json && \
-    npm install --force && \
+    npm install --package-lock=false --force && \
 # Install Certbot
    pip install --no-cache-dir certbot && \
 # Clean
    apk del --no-cache npm build-base libffi-dev
 ENV NODE_ENV=production \
    DB_SQLITE_FILE=/data/database.sqlite
 ENTRYPOINT ["start.sh"]
 HEALTHCHECK CMD check-health.sh
--- a/README.md
+++ b/README.md
@@ -25,6 +25,7 @@ proxying hosts with TLS termination and it had to be so easy that a monkey could
 While there might be advanced options they are optional and the project should be as simple as possible
 so that the barrier for entry here is low.
 ### Sponsor the original creator (not me):
 <a href="https://www.buymeacoffee.com/jc21" target="_blank"><img src="http://public.jc21.com/github/by-me-a-coffee.png" alt="Buy Me A Coffee" style="height: 51px !important;width: 217px !important;" ></a>
@@ -162,7 +163,7 @@ Password: iArhP1j7p1P6TA92FA2FMbbUGYqwcYzxC4AVEe12Wbi94FY9gNN62aKyF1shrvG4NycjjX
 Immediately after logging in with this default user you will be asked to modify your details and change your password.
-## Contributors
+## Contributors (original NPM)
 Special thanks to [all of our contributors](https://github.com/NginxProxyManager/nginx-proxy-manager/graphs/contributors).
--- a/backend/.prettierrc
+++ b/backend/.prettierrc
@@ -1,11 +0,0 @@
 {
 	"printWidth": 320,
 	"tabWidth": 4,
 	"useTabs": true,
 	"semi": true,
 	"singleQuote": true,
 	"bracketSpacing": true,
 	"jsxBracketSameLine": true,
 	"trailingComma": "all",
 	"proseWrap": "always"
 }
--- a/backend/.vscode/settings.json
+++ b/backend/.vscode/settings.json
@@ -1,8 +0,0 @@
 {
 	"editor.insertSpaces": false,
 	"editor.formatOnSave": true,
 	"files.trimTrailingWhitespace": true,
 	"editor.codeActionsOnSave": {
 		"source.fixAll.eslint": true
 	}
 }
--- a/backend/db.js
+++ b/backend/db.js
@@ -23,15 +23,15 @@ function generateDbConfig() {
 			}
 		};
-        if (process.env.DB_MYSQL_CA) {
+		if (process.env.DB_MYSQL_CA) {
 			newConfig.connection.ssl = {
-				ca: fs.readFileSync(process.env.DB_MYSQL_CA),
+				ca:                 fs.readFileSync(process.env.DB_MYSQL_CA),
 				rejectUnauthorized: true
 			};
 		}
 		return newConfig;
-    }
+	}
 }
--- a/backend/internal/access-list.js
+++ b/backend/internal/access-list.js
@@ -218,7 +218,7 @@ const internalAccessList = {
 				// re-fetch with expansions
 				return internalAccessList.get(access, {
 					id:     data.id,
-					expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.[clients,items]']
+					expand: ['owner', 'items', 'clients', 'proxy_hosts.[certificate,access_list.[clients,items]]']
 				}, true /* <- skip masking */);
 			})
 			.then((row) => {
@@ -256,7 +256,7 @@ const internalAccessList = {
 					.joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0')
 					.where('access_list.is_deleted', 0)
 					.andWhere('access_list.id', data.id)
-					.allowEager('[owner,items,clients,proxy_hosts.[*, access_list.[clients,items]]]')
+					.allowEager('[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]')
 					.omit(['access_list.is_deleted'])
 					.first();
@@ -507,7 +507,7 @@ const internalAccessList = {
 								if (typeof item.password !== 'undefined' && item.password.length) {
 									logger.info('Adding: ' + item.username);
-									utils.exec('/usr/bin/htpasswd -b "' + htpasswd_file + '" "' + item.username + '" "' + item.password + '"')
+									utils.execFile('htpasswd', ['-b', htpasswd_file, item.username, item.password])
 										.then((/*result*/) => {
 											next();
 										})
--- a/backend/internal/certificate.js
+++ b/backend/internal/certificate.js
@@ -1,21 +1,21 @@
-const _                  = require('lodash');
+const _                = require('lodash');
-const fs                 = require('fs');
+const fs               = require('fs');
-const https              = require('https');
+const https            = require('https');
-const tempWrite          = require('temp-write');
+const tempWrite        = require('temp-write');
-const moment             = require('moment');
+const moment           = require('moment');
-const logger             = require('../logger').ssl;
+const logger           = require('../logger').ssl;
-const error              = require('../lib/error');
+const error            = require('../lib/error');
-const utils              = require('../lib/utils');
+const utils            = require('../lib/utils');
-const certificateModel   = require('../models/certificate');
+const certificateModel = require('../models/certificate');
-const dnsPlugins         = require('../global/certbot-dns-plugins');
+const dnsPlugins       = require('../global/certbot-dns-plugins');
-const internalAuditLog   = require('./audit-log');
+const internalAuditLog = require('./audit-log');
-const internalNginx      = require('./nginx');
+const internalNginx    = require('./nginx');
-const internalHost       = require('./host');
+const internalHost     = require('./host');
-const archiver           = require('archiver');
+const archiver         = require('archiver');
-const path               = require('path');
+const path             = require('path');
-const { isArray }        = require('lodash');
+const { isArray }      = require('lodash');
-const certbotConfig      = '/data/tls/certbot/config.ini';
+const certbotConfig    = '/data/tls/certbot/config.ini';
-const certbotCommand     = 'certbot --config-dir /data/tls/certbot';
+const certbotCommand   = 'certbot --config-dir /data/tls/certbot';
 function omissions() {
 	return ['is_deleted'];
--- a/backend/internal/token.js
+++ b/backend/internal/token.js
@@ -24,7 +24,7 @@ module.exports = {
 		return userModel
 			.query()
-			.where('email', data.identity)
+			.where('email', data.identity.toLowerCase().trim())
 			.andWhere('is_deleted', 0)
 			.andWhere('is_disabled', 0)
 			.first()
--- a/backend/lib/utils.js
+++ b/backend/lib/utils.js
@@ -1,4 +1,5 @@
-const exec = require('child_process').exec;
+const exec     = require('child_process').exec;
 const execFile = require('child_process').execFile;
 module.exports = {
@@ -16,5 +17,21 @@ module.exports = {
 				}
 			});
 		});
 	},
 	/**
 	 * @param   {Array} cmd
 	 * @returns {Promise}
 	 */
 	execFile: function (cmd) {
 		return new Promise((resolve, reject) => {
 			execFile(cmd, function (err, stdout, /*stderr*/) {
 				if (err && typeof err === 'object') {
 					reject(err);
 				} else {
 					resolve(stdout.trim());
 				}
 			});
 		});
 	}
 };
--- a/backend/package.json
+++ b/backend/package.json
@@ -22,17 +22,17 @@
 		"moment": "2.29.4",
 		"mysql": "2.18.1",
 		"node-rsa": "1.1.1",
-		"nodemon": "2.0.20",
+		"nodemon": "2.0.21",
 		"objection": "2.2.18",
 		"path": "0.12.7",
 		"signale": "1.4.0",
 		"sqlite3": "5.1.4",
 		"temp-write": "4.0.0"
 	},
 	"signale": {
 		"displayDate": true,
 		"displayTimestamp": true
 	},
 	"author": "Jamie Curnow <jc@jc21.com>",
-	"license": "MIT"
+	"license": "MIT",
 	"devDependencies": {
 		"eslint": "8.35.0",
 		"eslint-plugin-align-assignments": "1.1.2"
 	}
 }
--- a/backend/templates/_listen.conf
+++ b/backend/templates/_listen.conf
@@ -5,10 +5,11 @@
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
 {% if hsts_subdomains %}
-  listen 443 http3;
+  listen 443 quic;
-  listen [::]:443 http3;
+  listen [::]:443 quic;
  add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';
  http3 on;
 {% endif %}
 {% endif %}
  server_name {{ domain_names | join: " " }};
--- a/backend/templates/default.conf
+++ b/backend/templates/default.conf
@@ -8,8 +8,8 @@ server {
  listen 443 ssl http2 default_server;
  listen [::]:443 ssl http2 default_server;
-  listen 443 http3 default_server;
+  listen 443 quic default_server;
-  listen [::]:443 http3 default_server;
+  listen [::]:443 quic default_server;
  server_name _;
@@ -19,6 +19,7 @@ server {
  include conf.d/include/acme-challenge.conf;
  include conf.d/include/block-exploits.conf;
  add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';
  http3 on;
  #ssl_certificate ;
  #ssl_certificate_key ;
--- a/frontend/.babelrc
+++ b/frontend/.babelrc
@@ -1,17 +0,0 @@
 {
 	"presets": [
 		[
 			"env",
 			{
 				"targets": {
 					"browsers": [
 						"Chrome >= 65"
 					]
 				},
 				"debug": false,
 				"modules": false,
 				"useBuiltIns": "usage"
 			}
 		]
 	]
 }
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -3,7 +3,7 @@
  "version": "0.0.0",
  "description": "A beautiful interface for creating Nginx endpoints",
  "main": "js/index.js",
-  "devDependencies": {
+  "dependencies": {
    "@babel/core": "7.21.0",
    "babel-core": "6.26.3",
    "babel-loader": "8.3.0",
@@ -18,7 +18,7 @@
    "file-loader": "6.2.0",
    "html-webpack-plugin": "4.5.2",
    "imports-loader": "0.8.0",
-    "jquery": "3.6.3",
+    "jquery": "3.6.4",
    "jquery-mask-plugin": "1.14.16",
    "jquery-serializejson": "3.2.1",
    "marionette.approuter": "1.0.2",
@@ -28,7 +28,7 @@
    "mini-css-extract-plugin": "1.6.2",
    "moment": "2.29.4",
    "node-sass": "7.0.3",
-    "nodemon": "2.0.20",
+    "nodemon": "2.0.21",
    "numeral": "2.0.6",
    "sass-loader": "10.4.1",
    "style-loader": "3.3.1",
@@ -39,8 +39,7 @@
    "webpack-visualizer-plugin": "0.1.11"
  },
  "scripts": {
-    "build": "webpack --mode production",
+    "build": "webpack --mode production"
    "watch": "webpack --watch --mode development"
  },
  "author": "Jamie Curnow <jc@jc21.com>",
  "license": "MIT"
--- a/global/certbot-dns-plugins.js
+++ b/global/certbot-dns-plugins.js
@@ -231,6 +231,14 @@ dns_godaddy_key = abcdef0123456789abcdef01234567abcdef0123`,
 		full_plugin_name: 'dns-google',
 	},
 	//####################################################//	
 	googledomains: {
 		display_name:        'GoogleDomainsDNS',
 		package_name:        'certbot-dns-google-domains',
 		credentials:         `dns_google_domains_access_token = 0123456789abcdef0123456789abcdef01234567
 dns_google_domains_zone = "example.com"`,
 		full_plugin_name: 'dns-google-domains',
 	},
 	//####################################################//
 	hetzner: {
 		display_name:        'Hetzner',
 		package_name:        'certbot-dns-hetzner',
@@ -356,6 +364,13 @@ key_file = ~/.oci/oci_api_key.pem`,
 		full_plugin_name: 'dns-oci',
 	},
 	//####################################################//
 	online: {
 		display_name:        'Online',
 		package_name:        'certbot-dns-online',
 		credentials:         'dns_online_token=0123456789abcdef0123456789abcdef01234567',
 		full_plugin_name:    'dns-online',
 	},
 	//####################################################//
 	ovh: {
 		display_name:        'OVH',
 		package_name:        'certbot-dns-ovh',
--- a/rootfs/bin/start.sh
+++ b/rootfs/bin/start.sh
@@ -180,6 +180,7 @@ if [ "$FULLCLEAN" = true ]; then
 fi
 find /data/nginx -type f -name '*.conf' -exec sed -i "s|listen 80 http2|listen 80|g" {} \; || sleep inf
 find /data/nginx -type f -name '*.conf' -exec sed -i "s|\(listen .*\) http3|\1 quic|g" {} \; || sleep inf
 find /data/nginx -type f -name '*.conf' -exec sed -i "s|/data/nginx/html/|/data/etc/html/|g" {} \; || sleep inf
 find /data/nginx -type f -name '*.conf' -exec sed -i "s|/data/access|/data/nginx/access|g" {} \; || sleep inf
--- a/rootfs/nftd/footer.html
+++ b/rootfs/nftd/footer.html
@@ -1,10 +1,10 @@
-<footer>
+    <footer>
-    Theme available on <a href="https://GitHub.com/Naereen/Nginx-Fancyindex-Theme">GitHub</a> by <a href="https://GitHub.com/Naereen">Naereen</a>, © 2015-18, released under <a href="https://lbesson.mit-license.org/">the MIT License</a>.
+      Theme available on <a href="https://GitHub.com/Naereen/Nginx-Fancyindex-Theme">GitHub</a> by <a href="https://GitHub.com/Naereen">Naereen</a>, © 2015-18, released under <a href="https://lbesson.mit-license.org/">the MIT License</a>.
-</footer>
+    </footer>
    <script src="https://unpkg.com/xregexp/xregexp-all.js"></script>
    <script type="text/javascript" src="/nftd/addNginxFancyIndexForm.js"></script>
    <script type="text/javascript" src="/nftd/showdown.min.js"></script>
-</body>
+    <script type="text/javascript" src="/nftd/xregexp-all.js"></script>
  </body>
 </html>
 <!--
 footer.html
--- a/rootfs/nftd/header.html
+++ b/rootfs/nftd/header.html
@@ -1,18 +1,18 @@
 <!DOCTYPE html>
 <html>
-    <head>
+  <head>
-        <meta charset="utf-8">
+    <meta charset="utf-8" />
-        <meta http-equiv="x-ua-compatible" content="IE=edge">
+    <meta http-equiv="x-ua-compatible" content="IE=edge" />
-        <title>Nginx Directory</title>
+    <title>Nginx Directory</title>
-        <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
-        <link rel="stylesheet" href="/nftd/styles.css">
+    <link rel="stylesheet" href="/nftd/styles.css" />
-        <script type="text/javascript" src="/nftd/jquery.min.js"></script>
+    <script type="text/javascript" src="/nftd/jquery.min.js"></script>
-    </head>
+  </head>
-<body>
+  <body>
 <!--
 header.html
 © 2015-18, Lilian Besson (Naereen) and contributors,
 open-sourced under the MIT License, https://lbesson.mit-license.org/
 hosted on GitHub, https://GitHub.com/Naereen/Nginx-Fancyindex-Theme
 -->
-<h1>Directory:
+    <h1>Directory:
--- a/rootfs/nftd/jquery.min.js
+++ b/rootfs/nftd/jquery.min.js
--- a/rootfs/nftd/showdown.min.js
+++ b/rootfs/nftd/showdown.min.js
--- a/rootfs/nftd/xregexp-all.js
+++ b/rootfs/nftd/xregexp-all.js
--- a/rootfs/usr/local/nginx/conf/conf.d/include/default.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/include/default.conf
@@ -8,8 +8,8 @@ server {
  listen 443 ssl http2 default_server;
  listen [::]:443 ssl http2 default_server;
-  listen 443 http3 default_server;
+  listen 443 quic default_server;
-  listen [::]:443 http3 default_server;
+  listen [::]:443 quic default_server;
  server_name _;
@@ -19,6 +19,7 @@ server {
  include conf.d/include/acme-challenge.conf;
  include conf.d/include/block-exploits.conf;
  add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';
  http3 on;
  #ssl_certificate ;
  #ssl_certificate_key ;
--- a/rootfs/usr/local/nginx/conf/conf.d/no-server-name.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/no-server-name.conf
@@ -1,9 +1,9 @@
 server {
    listen 81 ssl http2;
-    listen 81 http3;
+    listen 81 quic;
    listen [::]:81 ssl http2;
-    listen [::]:81 http3;
+    listen [::]:81 quic;
    listen 80;
    listen [::]:80;
@@ -11,8 +11,8 @@ server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
-    listen 443 http3;
+    listen 443 quic;
-    listen [::]:443 http3;
+    listen [::]:443 quic;
    server_name "";
    return 444;
@@ -22,6 +22,7 @@ server {
    include conf.d/include/tls-ciphers.conf;
    include conf.d/include/block-exploits.conf;
    add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';
    http3 on;
    #ssl_certificate ;
    #ssl_certificate_key ;
--- a/rootfs/usr/local/nginx/conf/conf.d/npm.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/npm.conf
@@ -1,10 +1,11 @@
 server {
    listen 81 ssl http2 default_server;
-    listen 81 http3 default_server;
+    listen 81 quic default_server;
    listen [::]:81 ssl http2 default_server;
-    listen [::]:81 http3 default_server;
+    listen [::]:81 quic default_server;
    add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';
    http3 on;
    server_name _;
    include conf.d/include/brotli.conf;