diff --git a/.gitignore b/.gitignore index deb3fb55..08462849 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,4 @@ .idea ._* .vscode - +certbot-help.txt diff --git a/.version b/.version index 530cdd91..276cbf9e 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.2.4 +2.3.0 diff --git a/Jenkinsfile b/Jenkinsfile index 6cac8fe1..cee1bf12 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -5,6 +5,7 @@ pipeline { options { buildDiscarder(logRotator(numToKeepStr: '5')) disableConcurrentBuilds() + ansiColor('xterm') } environment { IMAGE = "nginx-proxy-manager" @@ -55,50 +56,44 @@ pipeline { } stage('Frontend') { steps { - ansiColor('xterm') { - sh './scripts/frontend-build' - } + sh './scripts/frontend-build' } } stage('Backend') { steps { - ansiColor('xterm') { - echo 'Checking Syntax ...' - // See: https://github.com/yarnpkg/yarn/issues/3254 - sh '''docker run --rm \\ - -v "$(pwd)/backend:/app" \\ - -w /app \\ - node:latest \\ - sh -c "yarn install && yarn eslint . && rm -rf node_modules" - ''' + echo 'Checking Syntax ...' + // See: https://github.com/yarnpkg/yarn/issues/3254 + sh '''docker run --rm \\ + -v "$(pwd)/backend:/app" \\ + -w /app \\ + node:latest \\ + sh -c "yarn install && yarn eslint . && rm -rf node_modules" + ''' - echo 'Docker Build ...' - sh '''docker build --pull --no-cache --squash --compress \\ - -t "${IMAGE}:ci-${BUILD_NUMBER}" \\ - -f docker/Dockerfile \\ - --build-arg TARGETPLATFORM=linux/amd64 \\ - --build-arg BUILDPLATFORM=linux/amd64 \\ - --build-arg BUILD_VERSION="${BUILD_VERSION}" \\ - --build-arg BUILD_COMMIT="${BUILD_COMMIT}" \\ - --build-arg BUILD_DATE="$(date '+%Y-%m-%d %T %Z')" \\ - . - ''' - } + echo 'Docker Build ...' + sh '''docker build --pull --no-cache --squash --compress \\ + -t "${IMAGE}:ci-${BUILD_NUMBER}" \\ + -f docker/Dockerfile \\ + --build-arg TARGETPLATFORM=linux/amd64 \\ + --build-arg BUILDPLATFORM=linux/amd64 \\ + --build-arg BUILD_VERSION="${BUILD_VERSION}" \\ + --build-arg BUILD_COMMIT="${BUILD_COMMIT}" \\ + --build-arg BUILD_DATE="$(date '+%Y-%m-%d %T %Z')" \\ + . + ''' } } stage('Test') { steps { - ansiColor('xterm') { - // Bring up a stack - sh 'docker-compose up -d fullstack' - sh './scripts/wait-healthy $(docker-compose ps -q fullstack) 120' + // Bring up a stack + sh 'docker-compose up -d fullstack' + sh './scripts/wait-healthy $(docker-compose ps -q fullstack) 120' - // Run tests - sh 'rm -rf test/results' - sh 'docker-compose up cypress' - // Get results - sh 'docker cp -L "$(docker-compose ps -q cypress):/results" test/' - } + // Run tests + sh 'rm -rf test/results' + sh 'docker-compose up cypress' + // Get results + sh 'docker cp -L "$(docker-compose ps -q cypress):/results" test/' } post { always { @@ -121,18 +116,16 @@ pipeline { } } steps { - ansiColor('xterm') { - dir(path: 'docs') { - sh 'yarn install' - sh 'yarn build' - } - - dir(path: 'docs/.vuepress/dist') { - sh 'tar -czf ../../docs.tgz *' - } - - archiveArtifacts(artifacts: 'docs/docs.tgz', allowEmptyArchive: false) + dir(path: 'docs') { + sh 'yarn install' + sh 'yarn build' } + + dir(path: 'docs/.vuepress/dist') { + sh 'tar -czf ../../docs.tgz *' + } + + archiveArtifacts(artifacts: 'docs/docs.tgz', allowEmptyArchive: false) } } stage('MultiArch Build') { @@ -142,12 +135,10 @@ pipeline { } } steps { - ansiColor('xterm') { - withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) { - sh "docker login -u '${duser}' -p '${dpass}'" - // Buildx with push - sh "./scripts/buildx --push ${BUILDX_PUSH_TAGS}" - } + withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) { + sh "docker login -u '${duser}' -p '${dpass}'" + // Buildx with push + sh "./scripts/buildx --push ${BUILDX_PUSH_TAGS}" } } } @@ -193,17 +184,15 @@ pipeline { } } steps { - ansiColor('xterm') { - script { - def comment = pullRequest.comment("Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/jc21/${IMAGE}) as `jc21/${IMAGE}:github-${BRANCH_LOWER}`") - } + script { + def comment = pullRequest.comment("Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/jc21/${IMAGE}) as `jc21/${IMAGE}:github-${BRANCH_LOWER}`") } } } } post { always { - sh 'docker-compose down --rmi all --remove-orphans --volumes -t 30' + //sh 'docker-compose down --rmi all --remove-orphans --volumes -t 30' sh 'echo Reverting ownership' sh 'docker run --rm -v $(pwd):/data ${DOCKER_CI_TOOLS} chown -R $(id -u):$(id -g) /data' } diff --git a/README.md b/README.md index 396cbe57..4ba0f54e 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,19 @@

- -

- - - - - - - - - - + +

+ + + + + + + + + + + + Gitter +

This project comes as a pre-built docker image that enables you to easily forward to your websites @@ -48,3 +51,119 @@ I won't go in to too much detail here but here are the basics for someone new to 2. Add port forwarding for port 80 and 443 to the server hosting this project 3. Configure your domain name details to point to your home, either with a static ip or a service like DuckDNS or [Amazon Route53](https://github.com/jc21/route53-ddns) 4. Use the Nginx Proxy Manager as your gateway to forward to your other web based services + + +## Contributors + +Special thanks to the following contributors: + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + +
Sebastian Valle + + 		+ + +
Kyle Klaus + + 		+ + +
ƬHE ЯAW + + 		+ + +
Spencer + + 		+ + +
Xantios Krugor + + 		+ + +
David Panesso + + 		+ + +
IronTooch + +
+ + +
Damiano + + 		+ + +
Russ + + 		+ + +
Marcelo Castagna + + 		+ + +
Steven Harris + + 		+ + +
Jocelyn Le Sage + + 		+ + +
Carl Mercier + + 		+ + +
Paul Mansfield + +
+ + +
OhHeyAlan + +
+ + +
Carl Sutton + +
+ + diff --git a/backend/internal/access-list.js b/backend/internal/access-list.js index 2f53ee1f..36a9d2bb 100644 --- a/backend/internal/access-list.js +++ b/backend/internal/access-list.js @@ -71,7 +71,7 @@ const internalAccessList = { // re-fetch with expansions return internalAccessList.get(access, { id: data.id, - expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients'] + expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients', 'proxy_hosts.access_list.items'] }, true /* <- skip masking */); }) .then((row) => { @@ -216,7 +216,7 @@ const internalAccessList = { // re-fetch with expansions return internalAccessList.get(access, { id: data.id, - expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients'] + expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients', 'proxy_hosts.access_list.items'] }, true /* <- skip masking */); }) .then((row) => { @@ -254,7 +254,7 @@ const internalAccessList = { .joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0') .where('access_list.is_deleted', 0) .andWhere('access_list.id', data.id) - .allowEager('[owner,items,clients,proxy_hosts,proxy_hosts.access_list.clients]') + .allowEager('[owner,items,clients,proxy_hosts,proxy_hosts.access_list.clients,proxy_hosts.access_list.items]') .omit(['access_list.is_deleted']) .first(); diff --git a/backend/internal/proxy-host.js b/backend/internal/proxy-host.js index c27d0ddc..115af92e 100644 --- a/backend/internal/proxy-host.js +++ b/backend/internal/proxy-host.js @@ -73,7 +73,7 @@ const internalProxyHost = { // re-fetch with cert return internalProxyHost.get(access, { id: row.id, - expand: ['certificate', 'owner', 'access_list.clients'] + expand: ['certificate', 'owner', 'access_list.clients', 'access_list.items'] }); }) .then((row) => { @@ -186,7 +186,7 @@ const internalProxyHost = { .then(() => { return internalProxyHost.get(access, { id: data.id, - expand: ['owner', 'certificate', 'access_list.clients'] + expand: ['owner', 'certificate', 'access_list.clients', 'access_list.items'] }) .then((row) => { // Configure nginx @@ -219,7 +219,7 @@ const internalProxyHost = { .query() .where('is_deleted', 0) .andWhere('id', data.id) - .allowEager('[owner,access_list,access_list.clients,certificate]') + .allowEager('[owner,access_list,access_list.clients,access_list.items,certificate]') .first(); if (access_data.permission_visibility !== 'all') { diff --git a/backend/templates/proxy_host.conf b/backend/templates/proxy_host.conf index 0da4bed9..b553e1c1 100644 --- a/backend/templates/proxy_host.conf +++ b/backend/templates/proxy_host.conf @@ -23,9 +23,11 @@ server { location / { {% if access_list_id > 0 %} + {% if access_list.items.length > 0 %} # Authorization auth_basic "Authorization required"; auth_basic_user_file /data/access/{{ access_list_id }}; + {% endif %} # Access Rules {% for client in access_list.clients %} diff --git a/docker/Dockerfile b/docker/Dockerfile index a08549a0..e3eefb34 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -16,7 +16,6 @@ ENV S6_FIX_ATTRS_HIDDEN=1 ENV NODE_ENV=production RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ - && rm -rf /etc/nginx \ && apk update \ && apk add python2 certbot jq \ && rm -rf /var/cache/apk/* diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index f0e2d262..35f5651d 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -6,7 +6,6 @@ ENV SUPPRESS_NO_CONFIG_WARNING=1 ENV S6_FIX_ATTRS_HIDDEN=1 RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ - && rm -rf /etc/nginx \ && apk update \ && apk add python2 certbot jq \ && rm -rf /var/cache/apk/* diff --git a/docker/rootfs/etc/nginx/nginx.conf b/docker/rootfs/etc/nginx/nginx.conf index e750e6c1..0643cc2a 100644 --- a/docker/rootfs/etc/nginx/nginx.conf +++ b/docker/rootfs/etc/nginx/nginx.conf @@ -26,12 +26,15 @@ http { tcp_nopush on; tcp_nodelay on; client_body_temp_path /tmp/nginx/body 1 2; - keepalive_timeout 65; + keepalive_timeout 90s; + proxy_connect_timeout 90s; + proxy_send_timeout 90s; + proxy_read_timeout 90s; ssl_prefer_server_ciphers on; gzip on; proxy_ignore_client_abort off; client_max_body_size 2000m; - server_names_hash_bucket_size 64; + server_names_hash_bucket_size 1024; proxy_http_version 1.1; proxy_set_header X-Forwarded-Scheme $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/docker/rootfs/root/.bashrc b/docker/rootfs/root/.bashrc index fe69b787..aec8e8f9 100644 --- a/docker/rootfs/root/.bashrc +++ b/docker/rootfs/root/.bashrc @@ -16,5 +16,5 @@ alias h='cd ~;clear;' echo -e -n '\E[1;34m' figlet -w 120 "NginxProxyManager" -echo -e "\E[1;36mVersion \E[1;32m${NPM_BUILD_VERSION:-2.0.0-dev}\E[1;36m (${NPM_BUILD_COMMIT:-dev}) ${NPM_BUILD_DATE:-0000-00-00}, Nginx \E[1;32m${NGINX_VERSION:-unknown}\E[1;36m, Alpine \E[1;32m${VERSION_ID:-unknown}\E[1;36m, Kernel \E[1;32m$(uname -r)\E[0m" +echo -e "\E[1;36mVersion \E[1;32m${NPM_BUILD_VERSION:-2.0.0-dev} (${NPM_BUILD_COMMIT:-dev}) ${NPM_BUILD_DATE:-0000-00-00}\E[1;36m, OpenResty \E[1;32m${OPENRESTY_VERSION:-unknown}\E[1;36m, Alpine \E[1;32m${VERSION_ID:-unknown}\E[1;36m, Kernel \E[1;32m$(uname -r)\E[0m" echo diff --git a/scripts/.common.sh b/scripts/.common.sh new file mode 100644 index 00000000..3cea0916 --- /dev/null +++ b/scripts/.common.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# Colors +BLUE='\E[1;34m' +CYAN='\E[1;36m' +GREEN='\E[1;32m' +RED='\E[1;31m' +RESET='\E[0m' +YELLOW='\E[1;33m' + +export BLUE CYAN GREEN RED RESET YELLOW + +# Docker Compose +COMPOSE_PROJECT_NAME="npmdev" +COMPOSE_FILE="docker/docker-compose.dev.yml" + +export COMPOSE_FILE COMPOSE_PROJECT_NAME diff --git a/scripts/buildx b/scripts/buildx index b22d881c..4da6c167 100755 --- a/scripts/buildx +++ b/scripts/buildx @@ -1,10 +1,7 @@ #!/bin/bash -CYAN='\E[1;36m' -YELLOW='\E[1;33m' -BLUE='\E[1;34m' -GREEN='\E[1;32m' -RESET='\E[0m' +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +. "$DIR/.common.sh" echo -e "${BLUE}❯ ${CYAN}Building docker multiarch: ${YELLOW}${*}${RESET}" diff --git a/scripts/destroy-dev b/scripts/destroy-dev index e86b33fa..1309aad4 100755 --- a/scripts/destroy-dev +++ b/scripts/destroy-dev @@ -1,15 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists # Make sure docker exists diff --git a/scripts/docs-build b/scripts/docs-build index cdab8117..99031391 100755 --- a/scripts/docs-build +++ b/scripts/docs-build @@ -1,12 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -GREEN='\E[1;32m' -RESET='\E[0m' +. "$DIR/.common.sh" # Ensure docker-compose exists if hash docker 2>/dev/null; then diff --git a/scripts/docs-upload b/scripts/docs-upload index 0f3761d1..ea71fb8e 100755 --- a/scripts/docs-upload +++ b/scripts/docs-upload @@ -2,11 +2,8 @@ # Note: This script is designed to be run inside CI builds -CYAN='\E[1;36m' -YELLOW='\E[1;33m' -BLUE='\E[1;34m' -GREEN='\E[1;32m' -RESET='\E[0m' +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +. "$DIR/.common.sh" echo -e "${BLUE}❯ ${CYAN}Uploading docs in: ${YELLOW}$1${RESET}" diff --git a/scripts/frontend-build b/scripts/frontend-build index a54c46bc..05be2eae 100755 --- a/scripts/frontend-build +++ b/scripts/frontend-build @@ -1,12 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -GREEN='\E[1;32m' -RESET='\E[0m' +. "$DIR/.common.sh" DOCKER_IMAGE=jc21/alpine-nginx-full:node diff --git a/scripts/start-dev b/scripts/start-dev index a47a9358..a5e647f2 100755 --- a/scripts/start-dev +++ b/scripts/start-dev @@ -1,16 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -YELLOW='\E[1;33m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists if hash docker-compose 2>/dev/null; then diff --git a/scripts/stop-dev b/scripts/stop-dev index 97c68c85..3d27551f 100755 --- a/scripts/stop-dev +++ b/scripts/stop-dev @@ -1,15 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists # Make sure docker exists diff --git a/scripts/test-dev b/scripts/test-dev index d4ad0181..eb5c5bd3 100755 --- a/scripts/test-dev +++ b/scripts/test-dev @@ -1,15 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists if hash docker-compose 2>/dev/null; then diff --git a/scripts/wait-healthy b/scripts/wait-healthy index b89aef33..b8da5d69 100755 --- a/scripts/wait-healthy +++ b/scripts/wait-healthy @@ -1,11 +1,7 @@ #!/bin/bash -CYAN='\E[1;36m' -YELLOW='\E[1;33m' -BLUE='\E[1;34m' -GREEN='\E[1;32m' -RED='\E[1;31m' -RESET='\E[0m' +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +. "$DIR/.common.sh" if [ "$1" == "" ]; then echo "Waits for a docker container to be healthy." diff --git a/test/cypress/Dockerfile b/test/cypress/Dockerfile index 6447a163..66f7e3e5 100644 --- a/test/cypress/Dockerfile +++ b/test/cypress/Dockerfile @@ -1,4 +1,4 @@ -FROM cypress/included:4.0.2 +FROM cypress/included:4.6.0 COPY --chown=1000 ./test /test diff --git a/test/package.json b/test/package.json index 3636fb96..0ac87e5b 100644 --- a/test/package.json +++ b/test/package.json @@ -7,7 +7,7 @@ "@jc21/cypress-swagger-validation": "^0.0.5", "@jc21/restler": "^3.4.0", "chalk": "^3.0.0", - "cypress": "^4.0.2", + "cypress": "^4.6.0", "cypress-plugin-retries": "^1.5.2", "eslint": "^6.7.2", "eslint-plugin-align-assignments": "^1.1.2",