diff --git a/.github/workflows/caddy-latest.yml b/.github/workflows/caddy-latest.yml new file mode 100644 index 00000000..92c8460d --- /dev/null +++ b/.github/workflows/caddy-latest.yml @@ -0,0 +1,30 @@ +name: Docker push Caddy develop to latest +on: + workflow_dispatch: +jobs: + docker: + runs-on: ubuntu-latest + steps: + - name: Login to DockerHub + if: github.event_name != 'pull_request' + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Convert Username + id: un + run: echo "un=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ steps.un.outputs.un }} + password: ${{ github.token }} + - name: Push develop to latest + run: | + docker buildx imagetools create --tag ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:caddy ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:caddy-${{ github.ref_name }} + docker buildx imagetools create --tag ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:caddy ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:caddy-${{ github.ref_name }} + - name: Show Caddy version + run: | + docker run --rm --entrypoint caddy ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:caddy version + docker run --rm --entrypoint caddy ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:caddy version diff --git a/.github/workflows/caddy.yml b/.github/workflows/caddy.yml index adf3c669..3d60b2af 100644 --- a/.github/workflows/caddy.yml +++ b/.github/workflows/caddy.yml @@ -46,5 +46,5 @@ jobs: platforms: linux/amd64,linux/arm64 #,linux/amd64/v2,linux/amd64/v3,linux/amd64/v4 #,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6 push: ${{ github.event_name != 'pull_request' }} tags: | - ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:caddy - ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:caddy \ No newline at end of file + ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:caddy-${{ github.ref_name }} + ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:caddy-${{ github.ref_name }} \ No newline at end of file diff --git a/.github/workflows/docker-latest.yml b/.github/workflows/docker-latest.yml index 79ecc071..2d7bb7b7 100644 --- a/.github/workflows/docker-latest.yml +++ b/.github/workflows/docker-latest.yml @@ -23,7 +23,9 @@ jobs: - name: Push develop to latest run: | docker buildx imagetools create --tag ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:latest ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }} + docker buildx imagetools create --tag ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.run_number }} ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }} docker buildx imagetools create --tag ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:latest ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }} + docker buildx imagetools create --tag ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.run_number }} ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }} - name: Show Nginx version run: | docker run --rm --entrypoint nginx ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:latest -V diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 76210f9b..686f4acf 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -48,6 +48,12 @@ jobs: registry: ghcr.io username: ${{ steps.un.outputs.un }} password: ${{ github.token }} + - name: version + run: | + version="$(cat .version)+$(git rev-parse --short HEAD)" + sed -i "s|\"0.0.0\"|\"$version\"|g" frontend/js/i18n/messages.json + sed -i "s|\"0.0.0\"|\"$version\"|g" frontend/package.json + sed -i "s|\"0.0.0\"|\"$version\"|g" backend/package.json - name: Build uses: docker/build-push-action@v4 if: ${{ github.event_name != 'pull_request' }} diff --git a/global/.version b/.version similarity index 100% rename from global/.version rename to .version diff --git a/Caddy.Dockerfile b/Caddy.Dockerfile index 2d2c41cc..84bbc1fc 100644 --- a/Caddy.Dockerfile +++ b/Caddy.Dockerfile @@ -1,3 +1,3 @@ -FROM caddy:2.6.4-alpine +FROM caddy:2.6.4 RUN apk add --no-cache ca-certificates tzdata COPY Caddyfile /etc/caddy/Caddyfile diff --git a/Dockerfile b/Dockerfile index e6b879e4..06f8b3d2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,10 @@ FROM --platform="$BUILDPLATFORM" alpine:3.17.3 as frontend -COPY global /build/global -COPY frontend /build/frontend +COPY frontend /build/frontend +COPY global/certbot-dns-plugins.js /build/frontend/certbot-dns-plugins.js ARG NODE_ENV=production \ NODE_OPTIONS=--openssl-legacy-provider RUN apk add --no-cache ca-certificates nodejs yarn git python3 build-base && \ cd /build/frontend && \ - sed -i "s|\"0.0.0\"|\""$(cat ../global/.version)"\"|g" package.json && \ yarn --no-lockfile install && \ yarn --no-lockfile build && \ yarn cache clean --all @@ -14,14 +13,13 @@ COPY security.txt /build/frontend/dist/.well-known/security.txt FROM --platform="$BUILDPLATFORM" alpine:3.17.3 as backend -COPY backend /build/backend -COPY global /build/backend/global +COPY backend /build/backend +COPY global/certbot-dns-plugins.js /build/backend/certbot-dns-plugins.js ARG NODE_ENV=production \ TARGETARCH RUN apk add --no-cache ca-certificates nodejs-current yarn && \ wget https://gobinaries.com/tj/node-prune -O - | sh && \ cd /build/backend && \ - sed -i "s|\"0.0.0\"|\""$(cat global/.version)"\"|g" package.json && \ if [ "$TARGETARCH" = "amd64" ]; then \ npm_config_target_platform=linux npm_config_target_arch=x64 yarn install --no-lockfile; \ elif [ "$TARGETARCH" = "arm64" ]; then \ @@ -36,7 +34,7 @@ RUN apk add --no-cache build-base libffi-dev && \ . /usr/local/certbot/bin/activate && \ pip install --no-cache-dir certbot -FROM zoeyvid/nginx-quic:113 +FROM zoeyvid/nginx-quic:114 RUN apk add --no-cache ca-certificates tzdata \ nodejs-current \ openssl apache2-utils \ diff --git a/README.md b/README.md index 175178c0..0c8ae80c 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@

+

@@ -25,8 +27,10 @@ proxying hosts with TLS termination and it had to be so easy that a monkey could While there might be advanced options they are optional and the project should be as simple as possible so that the barrier for entry here is low. + ## Features @@ -187,9 +191,10 @@ Password: iArhP1j7p1P6TA92FA2FMbbUGYqwcYzxC4AVEe12Wbi94FY9gNN62aKyF1shrvG4NycjjX Immediately after logging in with this default user you will be asked to modify your details and change your password. -## Contributors (original NPM) +## Contributors/Sponsor original NPM Special thanks to [all of our contributors](https://github.com/NginxProxyManager/nginx-proxy-manager/graphs/contributors). +If you want to sponsor them, please see [here](https://github.com/NginxProxyManager/nginx-proxy-manager/blob/master/README.md). # Please report Bugs first to this fork before reporting them to the original Repository diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js index 745eac07..f9a94e60 100644 --- a/backend/internal/certificate.js +++ b/backend/internal/certificate.js @@ -7,7 +7,7 @@ const logger = require('../logger').ssl; const error = require('../lib/error'); const utils = require('../lib/utils'); const certificateModel = require('../models/certificate'); -const dnsPlugins = require('../global/certbot-dns-plugins'); +const dnsPlugins = require('../certbot-dns-plugins'); const internalAuditLog = require('./audit-log'); const internalNginx = require('./nginx'); const internalHost = require('./host'); diff --git a/backend/package.json b/backend/package.json index 407a6a1a..2b978acb 100644 --- a/backend/package.json +++ b/backend/package.json @@ -30,7 +30,7 @@ "author": "Jamie Curnow ", "license": "MIT", "devDependencies": { - "eslint": "8.38.0", + "eslint": "8.40.0", "eslint-plugin-align-assignments": "1.1.2" } } diff --git a/backend/setup.js b/backend/setup.js index 7b5f62dc..4407b72b 100644 --- a/backend/setup.js +++ b/backend/setup.js @@ -6,7 +6,7 @@ const userPermissionModel = require('./models/user_permission'); const utils = require('./lib/utils'); const authModel = require('./models/auth'); const settingModel = require('./models/setting'); -const dns_plugins = require('./global/certbot-dns-plugins'); +const dns_plugins = require('./certbot-dns-plugins'); /** * Creates a default admin users if one doesn't already exist in the database diff --git a/frontend/js/app/nginx/certificates/form.js b/frontend/js/app/nginx/certificates/form.js index 347de220..4ab537c4 100644 --- a/frontend/js/app/nginx/certificates/form.js +++ b/frontend/js/app/nginx/certificates/form.js @@ -4,7 +4,7 @@ const App = require('../../main'); const CertificateModel = require('../../../models/certificate'); const template = require('./form.ejs'); const i18n = require('../../i18n'); -const dns_providers = sortProvidersAlphabetically(require('../../../../../global/certbot-dns-plugins')); +const dns_providers = sortProvidersAlphabetically(require('../../../../certbot-dns-plugins')); require('jquery-serializejson'); require('selectize'); diff --git a/frontend/js/app/nginx/certificates/list/item.js b/frontend/js/app/nginx/certificates/list/item.js index 7fa1c681..6e6cef40 100644 --- a/frontend/js/app/nginx/certificates/list/item.js +++ b/frontend/js/app/nginx/certificates/list/item.js @@ -2,7 +2,7 @@ const Mn = require('backbone.marionette'); const moment = require('moment'); const App = require('../../../main'); const template = require('./item.ejs'); -const dns_providers = require('../../../../../../global/certbot-dns-plugins'); +const dns_providers = require('../../../../../certbot-dns-plugins'); module.exports = Mn.View.extend({ template: template, diff --git a/frontend/js/app/nginx/dead/form.js b/frontend/js/app/nginx/dead/form.js index a371621a..c8899398 100644 --- a/frontend/js/app/nginx/dead/form.js +++ b/frontend/js/app/nginx/dead/form.js @@ -5,7 +5,7 @@ const template = require('./form.ejs'); const certListItemTemplate = require('../certificates-list-item.ejs'); const Helpers = require('../../../lib/helpers'); const i18n = require('../../i18n'); -const dns_providers = require('../../../../../global/certbot-dns-plugins'); +const dns_providers = require('../../../../certbot-dns-plugins'); require('jquery-serializejson'); require('selectize'); diff --git a/frontend/js/app/nginx/proxy/form.js b/frontend/js/app/nginx/proxy/form.js index db318844..bb0a7b5d 100644 --- a/frontend/js/app/nginx/proxy/form.js +++ b/frontend/js/app/nginx/proxy/form.js @@ -8,7 +8,7 @@ const accessListItemTemplate = require('./access-list-item.ejs'); const CustomLocation = require('./location'); const Helpers = require('../../../lib/helpers'); const i18n = require('../../i18n'); -const dns_providers = require('../../../../../global/certbot-dns-plugins'); +const dns_providers = require('../../../../certbot-dns-plugins'); require('jquery-serializejson'); diff --git a/frontend/js/app/nginx/redirection/form.js b/frontend/js/app/nginx/redirection/form.js index cb6b9ffb..29e90f49 100644 --- a/frontend/js/app/nginx/redirection/form.js +++ b/frontend/js/app/nginx/redirection/form.js @@ -5,7 +5,7 @@ const template = require('./form.ejs'); const certListItemTemplate = require('../certificates-list-item.ejs'); const Helpers = require('../../../lib/helpers'); const i18n = require('../../i18n'); -const dns_providers = require('../../../../../global/certbot-dns-plugins'); +const dns_providers = require('../../../../certbot-dns-plugins'); require('jquery-serializejson'); diff --git a/frontend/js/app/ui/footer/main.ejs b/frontend/js/app/ui/footer/main.ejs index d063f791..b56e8ae7 100644 --- a/frontend/js/app/ui/footer/main.ejs +++ b/frontend/js/app/ui/footer/main.ejs @@ -12,6 +12,7 @@
<%- i18n('main', 'version', {version: getVersion()}) %> <%= i18n('footer', 'copy', {url: 'https://jc21.com'}) %> + <%= i18n('footer', 'copyzv', {url: 'https://zoeyvid.de'}) %> <%= i18n('footer', 'theme', {url: 'https://tabler.github.io'}) %>
diff --git a/frontend/js/i18n/messages.json b/frontend/js/i18n/messages.json index 9185db97..28b7831a 100644 --- a/frontend/js/i18n/messages.json +++ b/frontend/js/i18n/messages.json @@ -42,7 +42,7 @@ }, "main": { "app": "Nginx Proxy Manager", - "version": "v{version}+", + "version": "0.0.0", "welcome": "Welcome to Nginx Proxy Manager", "logged-in": "You are logged in as {name}", "unknown-error": "Error loading stuff. Please reload the app.", @@ -60,8 +60,9 @@ }, "footer": { "fork-me": "Repository on GitHub", - "copy": "© 2022 jc21.com.", - "theme": "Theme by Tabler" + "copy": "© 2022 jc21.com", + "copyzv": "and 2023 ZoeyVid MIT-License.", + "theme": "Theme by Tabler v0.0.31" }, "dashboard": { "title": "Hi {name}" diff --git a/rootfs/bin/start.sh b/rootfs/bin/start.sh index 75b52431..8354d306 100755 --- a/rootfs/bin/start.sh +++ b/rootfs/bin/start.sh @@ -1,6 +1,6 @@ #!/bin/sh -if [ "$(whoami)" != "root" ]; then +if [ "$(whoami)" != "root" ] || [ "$(id -u)" != "0" ] || [ "$(id -g)" != "0" ]; then echo '--------------------------------------' echo "This docker container must be run as root, do not specify a user." echo '--------------------------------------' @@ -303,6 +303,7 @@ find /data/nginx -type f -name '*.conf' -exec sed -i "s|include conf.d/include/l find /data/nginx -type f -name '*.conf' -exec sed -i "/Asset Caching/d" {} \; find /data/nginx -type f -name '*.conf' -exec sed -i "/assets.conf/d" {} \; +find /data/nginx -type f -name '*.conf' -exec sed -i "/error_log/d" {} \; find /data/nginx -type f -name '*.conf' -exec sed -i "/access_log/d" {} \; find /data/nginx -type f -name '*.conf' -exec sed -i "/proxy_http_version/d" {} \; @@ -485,22 +486,22 @@ fi export NPM_PORT="${NPM_PORT:-81}" if [ -n "$NPM_IPV4_BINDING" ]; then - sed -i "s/#\?listen \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+:\)\?\(bep\)/listen $NPM_IPV4_BINDING:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm.conf - sed -i "s/#\?listen \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+:\)\?\(bep\)/listen $NPM_IPV4_BINDING:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm-no-server-name.conf + sed -i "s/#\?listen \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+:\)\?\([0-9]\+\)/listen $NPM_IPV4_BINDING:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm.conf + sed -i "s/#\?listen \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+:\)\?\([0-9]\+\)/listen $NPM_IPV4_BINDING:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm-no-server-name.conf else - sed -i "s/#\?listen \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+:\)\?\(bep\)/listen $NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm.conf - sed -i "s/#\?listen \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+:\)\?\(bep\)/listen $NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm-no-server-name.conf + sed -i "s/#\?listen \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+:\)\?\([0-9]\+\)/listen $NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm.conf + sed -i "s/#\?listen \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+:\)\?\([0-9]\+\)/listen $NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm-no-server-name.conf fi if [ "$NPM_DISABLE_IPV6" = "true" ]; then - sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\(bep\)/#listen \[\1\]:\2/g" /usr/local/nginx/conf/conf.d/npm.conf - sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\(bep\)/#listen \[\1\]:\2/g" /usr/local/nginx/conf/conf.d/npm-no-server-name.conf + sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\([0-9]\+\)/#listen \[\1\]:\2/g" /usr/local/nginx/conf/conf.d/npm.conf + sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\([0-9]\+\)/#listen \[\1\]:\2/g" /usr/local/nginx/conf/conf.d/npm-no-server-name.conf elif [ -n "$NPM_IPV6_BINDING" ]; then - sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\(bep\)/listen $NPM_IPV6_BINDING:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm.conf - sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\(bep\)/listen $NPM_IPV6_BINDING:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm-no-server-name.conf + sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\([0-9]\+\)/listen $NPM_IPV6_BINDING:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm.conf + sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\([0-9]\+\)/listen $NPM_IPV6_BINDING:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm-no-server-name.conf else - sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\(bep\)/listen \[::\]:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm.conf - sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\(bep\)/listen \[::\]:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm-no-server-name.conf + sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\([0-9]\+\)/listen \[::\]:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm.conf + sed -i "s/#\?listen \[\([0-9a-f:]\+\)\]:\([0-9]\+\)/listen \[::\]:$NPM_PORT/g" /usr/local/nginx/conf/conf.d/npm-no-server-name.conf fi if [ "$DISABLE_HTTP" = "true" ]; then diff --git a/rootfs/usr/local/nginx/conf/conf.d/npm-no-server-name.conf b/rootfs/usr/local/nginx/conf/conf.d/npm-no-server-name.conf index bd14b4c2..ca839c85 100644 --- a/rootfs/usr/local/nginx/conf/conf.d/npm-no-server-name.conf +++ b/rootfs/usr/local/nginx/conf/conf.d/npm-no-server-name.conf @@ -1,9 +1,9 @@ server { - listen bep ssl http2; - listen bep quic; + listen 81 ssl http2; + listen 81 quic; - listen [::]:bep ssl http2; - listen [::]:bep quic; + listen [::]:81 ssl http2; + listen [::]:81 quic; server_name ""; return 444; diff --git a/rootfs/usr/local/nginx/conf/conf.d/npm.conf b/rootfs/usr/local/nginx/conf/conf.d/npm.conf index 2f2854b8..5a2bb8dc 100644 --- a/rootfs/usr/local/nginx/conf/conf.d/npm.conf +++ b/rootfs/usr/local/nginx/conf/conf.d/npm.conf @@ -1,9 +1,9 @@ server { - listen bep ssl http2 default_server; - listen bep quic default_server; + listen 81 ssl http2 default_server; + listen 81 quic default_server; - listen [::]:bep ssl http2 default_server; - listen [::]:bep quic default_server; + listen [::]:81 ssl http2 default_server; + listen [::]:81 quic default_server; add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400'; http3 on;