add new darkmode/enable hide_server_tokens/dep updates

Signed-off-by: Zoey <zoey@z0ey.de> Signed-off-by: ƬHE ЯAW ☣ <daraw665@gmail.com> Co-Authored-By: ƬHE ЯAW ☣ <raw@dopehosting.net>
2025-08-03 16:03:38 +00:00 · 2023-05-21 22:23:20 +02:00
parent 7e6612467f
commit 677b30d25e
12 changed files with 339 additions and 93 deletions
--- a/.github/workflows/js.yml
+++ b/.github/workflows/js.yml
@@ -20,7 +20,6 @@ jobs:
          yarn eslint . --fix
      - name: update
        run: |
-          curl -L https://cdn.jsdelivr.net/npm/darkreader -o darkreader.js
          curl -L https://unpkg.com/xregexp/xregexp-all.js -o rootfs/nftd/xregexp-all.js
          curl -L https://unpkg.com/showdown/dist/showdown.min.js -o rootfs/nftd/showdown.min.js
          curl -L https://code.jquery.com/jquery-"$(git ls-remote --tags https://github.com/jquery/jquery | cut -d/ -f3 | sort -V | tail -1 | sed -E "s/\^\{\}//")".min.js -o rootfs/nftd/jquery.min.js
--- a/3
+++ b/3
@@ -8,7 +8,7 @@ RUN apk add --no-cache ca-certificates nodejs yarn git python3 build-base && \
    yarn --no-lockfile install && \
    yarn --no-lockfile build && \
    yarn cache clean --all
-COPY darkreader.js /build/frontend/dist/js/darkreader.js
+COPY darkmode.css /build/frontend/dist/css/darkmode.css
 COPY security.txt /build/frontend/dist/.well-known/security.txt


@@ -76,6 +76,7 @@ RUN apk add --no-cache ca-certificates tzdata \
    wget https://patch-diff.githubusercontent.com/raw/coreruleset/coreruleset/pull/3218.patch -O /tmp/coreruleset/http3.patch && \
    cd /tmp/coreruleset && \
    git apply /tmp/coreruleset/http3.patch && \
+    cd / && \
    mkdir /usr/local/nginx/conf/conf.d/include/coreruleset && \
    cp /tmp/coreruleset/crs-setup.conf.example /usr/local/nginx/conf/conf.d/include/coreruleset/crs-setup.conf.example && \
    sed -i '/#/!d' /usr/local/nginx/conf/conf.d/include/coreruleset/crs-setup.conf.example && \
--- a/README.md
+++ b/README.md
@@ -45,12 +45,17 @@ so that the barrier for entry here is low.

 # List of new features

- Supports HTTP/3 (QUIC) protocol aviable
- Supports Crowdsec. Please read below for instructions on how to use it.
+- Supports HTTP/3 (QUIC) protocol.
+- Supports CrowdSec IPS. Please see [here](https://github.com/ZoeyVid/nginx-proxy-manager#crowdsec) to enable it.
 - Supports ModSecurity, with coreruleset as an option. You can configure ModSecurity/coreruleset by editing the files in the `/opt/npm/etc/modsecurity` folder.
- Darkmode button in the footer for comfortable viewing
+  - If the core ruleset blocks valid requests, please check the `/data/etc/modsecurity/crs-setup.conf` file.
+  - Try to whitelist the Content-Type you are sending (for example, `application/activity+json` for Mastodon and `application/dns-message` for DoH).
+  - Try to whitelist the HTTP request method you are using (for example, `PUT` is blocked by default, which also affects NPM).
+  - Note: To fix [this issue](https://github.com/SpiderLabs/ModSecurity/issues/2848), instead of running `nginx -s reload`, this fork kills nginx and relaunches it. This can result in a 502 error when you update your hosts
+- Darkmode button in the footer for comfortable viewing (CSS done by https://github.com/theraw)
 - Fixes proxy to https origin when the origin only accepts TLSv1.3
 - Only enables TLSv1.2 and TLSv1.3 protocols
+- Faster creation of TLS certificates can be achieved by eliminating unnecessary Nginx reloads and configuration creations.
 - Uses OCSP Stapling for enhanced security
  - If using custom certificates, upload the CA/Intermediate Certificate (file name: `chain.pem`) in the `/opt/npm/tls/custom/npm-[certificate-id]` folder (manual migration may be needed)
 - Resolved dnspod plugin issue 
@@ -63,6 +68,7 @@ so that the barrier for entry here is low.
 - Easy application of security headers using [ngx_security_headers](https://github.com/GetPageSpeed/ngx_security_headers)
 - Access Log disabled
 - Error Log written to console
+- `Server` response header hidden
 - PHP optional, with option to add extensions; available packages can be found [here](https://pkgs.alpinelinux.org/packages?branch=v3.17&repo=community&arch=x86_64&name=php81-*) and [here](https://pkgs.alpinelinux.org/packages?branch=v3.17&repo=community&arch=x86_64&name=php82-*)
 - Allows different acme servers/certbot config file (/opt/npm/tls/certbot/config.ini)
 - Supports up to 99 domains per cert 
--- a/backend/internal/nginx.js
+++ b/backend/internal/nginx.js
@@ -114,7 +114,7 @@ const internalNginx = {
 	reload: () => {
 		return internalNginx.test()
 			.then(() => {
-				logger.info('Reloading Nginx');
+				logger.info('Restarting Nginx');
 				return utils.exec('kill $(cat /usr/local/nginx/logs/nginx.pid); nginx');
 			});
 	},
--- a/darkmode.css
+++ b/darkmode.css
@@ -0,0 +1,247 @@
+body {
+  color: rgb(181, 175, 166) !important;
+  background-color: rgb(28, 30, 31) !important;
+}
+-webkit-scrollbar {
+  background-color: #202324 !important;
+  color: #aba499 !important;
+}
+-webkit-scrollbar {
+  background-color: #202324 !important;
+  color: #aba499 !important;
+}
+-webkit-scrollbar-thumb {
+  background-color: #454a4d !important;
+}
+.avatar {
+  background-color: rgb(48, 52, 54) !important;
+  color: rgb(161, 152, 140) !important;
+}
+pre {
+  color: rgb(195, 190, 182) !important;
+  background-color: rgb(27, 29, 30) !important;
+  text-shadow: rgb(24, 26, 27) 0px 1px !important;
+}
+.close {
+  color: rgb(232, 230, 227) !important;
+  text-shadow: rgb(24, 26, 27) 0px 1px 0px !important;
+}
+.form-fieldset {
+  background-color: rgb(27, 30, 31) !important;
+  border-color: rgb(53, 58, 60) !important;
+}
+.modal-content {
+  background-color: rgb(24, 26, 27) !important;
+  border-color: rgba(140, 130, 115, 0.2) !important;
+}
+.modal-header {
+  border-bottom-color: rgb(53, 58, 60) !important;
+}
+.modal-footer {
+  border-top-color: rgb(53, 58, 60) !important;
+}
+.alert-secondary {
+  color: rgb(185, 179, 170) !important;
+  background-color: rgb(37, 40, 41) !important;
+  border-color: rgb(57, 62, 64) !important;
+}
+.nav-tabs {
+  color: rgb(174, 167, 156) !important;
+  border-bottom-color: rgb(56, 61, 63) !important;
+}
+.nav-tabs .nav-link.active,
+.nav-tabs .nav-item.show .nav-link {
+  color: rgb(181, 175, 166) !important;
+  background-color: rgb(28, 30, 31) !important;
+  border-color: rgb(56, 61, 63) rgb(56, 61, 63) rgb(30, 46, 76) !important;
+}
+.nav-tabs .nav-link.active {
+  border-color: rgb(35, 77, 136) !important;
+  color: rgb(85, 151, 211) !important;
+  background-color: transparent !important;
+}
+.selectize-input.focus {
+  border-color: rgb(35, 77, 136) !important;
+  box-shadow: rgba(39, 86, 151, 0.25) 0px 0px 0px 2px !important;
+}
+.selectgroup-input:checked + .selectgroup-button {
+  border-color: rgb(35, 77, 136) !important;
+  color: rgb(85, 151, 211) !important;
+  background-color: rgb(30, 33, 34) !important;
+}
+.selectize-input,
+.selectize-control.single .selectize-input.input-active {
+  background-color: rgb(24, 26, 27) !important;
+}
+
+.selectize-dropdown,
+.selectize-input,
+.selectize-input input {
+  color: rgb(181, 175, 166) !important;
+}
+.selectize-input {
+  border-color: rgba(124, 115, 101, 0.12) !important;
+}
+.selectize-input,
+.selectize-control.single .selectize-input.input-active {
+  background-color: rgb(24, 26, 27) !important;
+}
+.selectize-control.multi .selectize-input div {
+  background-color: rgb(35, 38, 39) !important;
+  color: rgb(181, 175, 166) !important;
+  border-color: rgba(124, 115, 101, 0.12) !important;
+}
+.selectize-dropdown,
+.selectize-input,
+.selectize-input input {
+  color: #495057 !important;
+  -webkit-font-smoothing: inherit !important;
+}
+.card {
+  background-color: rgb(24, 26, 27) !important;
+  border-color: rgba(124, 115, 101, 0.12) !important;
+}
+.tag {
+  color: rgb(155, 146, 133) !important;
+  background-color: rgb(35, 38, 39) !important;
+}
+.header {
+  background-color: rgb(24, 26, 27) !important;
+  border-bottom-color: rgba(124, 115, 101, 0.12) !important;
+}
+.navbar-light .navbar-brand {
+  color: rgba(232, 230, 227, 0.9) !important;
+}
+.nav-tabs {
+  color: rgb(174, 167, 156) !important;
+}
+.table th,
+.text-wrap table th,
+.table td,
+.text-wrap table td {
+  border-top-color: rgb(56, 61, 63) !important;
+}
+.form-control {
+  color: rgb(181, 175, 166) !important;
+  background-color: rgb(24, 26, 27) !important;
+  border-color: rgba(124, 115, 101, 0.12) !important;
+}
+.footer {
+  background-color: rgb(24, 26, 27) !important;
+  border-top-color: rgba(124, 115, 101, 0.12) !important;
+  color: rgb(174, 167, 156) !important;
+}
+.text-default {
+  color: rgb(181, 175, 166) !important;
+}
+.text-yellow {
+  color: rgb(242, 202, 39) !important;
+}
+::selection {
+  background-color: #004daa !important;
+  color: #e8e6e3 !important;
+}
+.selection {
+  background-color: #004daa !important;
+  color: #e8e6e3 !important;
+}
+.dropdown-menu {
+  color: rgb(181, 175, 166) !important;
+  background-color: rgb(24, 26, 27) !important;
+  border-color: rgba(124, 115, 101, 0.12) !important;
+  box-shadow: rgba(0, 0, 0, 0.05) 0px 1px 2px 0px !important;
+}
+.dropdown-menu-arrow::before {
+  border-right-color: transparent !important;
+  border-left-color: transparent !important;
+  border-bottom-color: rgba(84, 91, 95, 0.2) !important;
+}
+.dropdown-menu-arrow::after {
+  border-right-color: transparent !important;
+  border-bottom-color: rgb(48, 52, 54) !important;
+  border-left-color: transparent !important;
+}
+.dropdown-divider {
+  border-top-color: rgb(53, 58, 60) !important;
+}
+.dropdown-menu-arrowafter {
+  border-right-color: transparent !important;
+  border-bottom-color: rgb(48, 52, 54) !important;
+  border-left-color: transparent !important;
+}
+.dropdown-item {
+  color: rgb(155, 146, 133) !important;
+}
+.btn-secondary {
+  color: rgb(181, 175, 166) !important;
+  background-color: rgb(24, 26, 27) !important;
+  border-color: rgba(124, 115, 101, 0.12) !important;
+  box-shadow: rgba(0, 0, 0, 0.05) 0px 1px 1px 0px !important;
+  border-color: rgb(62 0 118 / 90%) !important;
+}
+.btn-teal {
+  color: rgb(232, 230, 227) !important;
+  background-color: rgb(34, 162, 149) !important;
+  border-color: rgb(32, 150, 137) !important;
+}
+.stamp {
+  color: rgb(232, 230, 227) !important;
+}
+.bg-yellow {
+  background-color: rgb(144, 117, 8) !important;
+}
+.bg-blue {
+  background-color: rgb(39, 86, 151) !important;
+}
+.bg-green {
+  background-color: rgb(75, 149, 0) !important;
+}
+.bg-red {
+  background-color: rgb(164, 26, 25) !important;
+}
+.custom-switch-indicator {
+  background-color: rgb(35, 38, 39) !important;
+  border-color: rgba(124, 115, 101, 0.12) !important;
+}
+.custom-switch-input:checked ~ .custom-switch-description {
+  color: rgb(181, 175, 166) !important;
+}
+.custom-switch-input:checked ~ .custom-switch-indicator {
+  background-color: rgb(34, 162, 149) !important;
+}
+.bg-success {
+  background-color: rgb(75, 149, 0) !important;
+}
+.btn-success {
+  color: rgb(232, 230, 227) !important;
+  background-color: rgb(75, 149, 0) !important;
+  border-color: rgb(101, 199, 0) !important;
+}
+.selectize-input.full {
+  background-color: rgb(24, 26, 27) !important;
+}
+.selectize-input,
+.selectize-control.single .selectize-input.input-active {
+  background-color: rgb(24, 26, 27) !important;
+}
+.selectize-dropdown,
+.selectize-input,
+.selectize-input input {
+  color: rgb(181, 175, 166) !important;
+}
+.selectize-input {
+  border-color: rgba(124, 115, 101, 0.12) !important;
+}
+.selectize-dropdown {
+  color: rgb(202, 197, 190) !important;
+  background-color: rgb(24, 26, 27) !important;
+  border-right-color: rgb(61, 66, 69) !important;
+  border-bottom-color: rgb(61, 66, 69) !important;
+  border-left-color: rgb(61, 66, 69) !important;
+  box-shadow: rgba(0, 0, 0, 0.1) 0px 1px 3px !important;
+}
+.input-group-text {
+  color: rgb(181, 175, 166) !important;
+  background-color: rgb(26, 28, 29) !important;
+  border-color: rgba(124, 115, 101, 0.12) !important;
+}
--- a/darkreader.js
+++ b/darkreader.js
--- a/frontend/html/partials/header.ejs
+++ b/frontend/html/partials/header.ejs
@@ -1,54 +1,72 @@
-<!doctype html>
+<!DOCTYPE html>
 <html lang="en" dir="ltr">
  <head>
-		<meta charset="utf-8">
-		<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
-		<meta http-equiv="X-UA-Compatible" content="ie=edge">
-		<meta http-equiv="Content-Language" content="en">
-		<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
-		<meta name="apple-mobile-web-app-capable" content="yes">
-		<meta name="mobile-web-app-capable" content="yes">
-		<meta name="HandheldFriendly" content="True">
-		<meta name="MobileOptimized" content="320">
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0" />
+    <meta http-equiv="X-UA-Compatible" content="ie=edge" />
+    <meta http-equiv="Content-Language" content="en" />
+    <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" />
+    <meta name="apple-mobile-web-app-capable" content="yes" />
+    <meta name="mobile-web-app-capable" content="yes" />
+    <meta name="HandheldFriendly" content="True" />
+    <meta name="MobileOptimized" content="320" />
    <title><%- title %></title>
-		<link rel="apple-touch-icon" sizes="180x180" href="/images/favicons/apple-touch-icon.png">
-		<link rel="icon" type="image/png" sizes="32x32" href="/images/favicons/favicon-32x32.png">
-		<link rel="icon" type="image/png" sizes="16x16" href="/images/favicons/favicon-16x16.png">
-		<link rel="manifest" href="/images/favicons/site.webmanifest">
-		<link rel="mask-icon" href="/images/favicons/safari-pinned-tab.svg" color="#5bbad5">
-		<link rel="shortcut icon" href="/images/favicons/favicon.ico">
-		<meta name="msapplication-TileColor" content="#333333">
-		<meta name="msapplication-config" content="/images/favicons/browserconfig.xml">
-		<meta name="theme-color" content="#ffffff">
-		<link href="/css/main.css?v=<%= version %>" rel="stylesheet">
+    <link rel="apple-touch-icon" sizes="180x180" href="/images/favicons/apple-touch-icon.png" />
+    <link rel="icon" type="image/png" sizes="32x32" href="/images/favicons/favicon-32x32.png" />
+    <link rel="icon" type="image/png" sizes="16x16" href="/images/favicons/favicon-16x16.png" />
+    <link rel="manifest" href="/images/favicons/site.webmanifest" />
+    <link rel="mask-icon" href="/images/favicons/safari-pinned-tab.svg" color="#5bbad5" />
+    <link rel="shortcut icon" href="/images/favicons/favicon.ico" />
+    <meta name="msapplication-TileColor" content="#333333" />
+    <meta name="msapplication-config" content="/images/favicons/browserconfig.xml" />
+    <meta name="theme-color" content="#ffffff" />
+    <link href="/css/main.css?v=<%= version %>" rel="stylesheet" />

-		<script src="js/darkreader.js"></script>
    <script>
+      function loadCSS(filename) {
+        var link = document.createElement("link");
+        link.rel = "stylesheet";
+        link.href = filename + '?v=' + Date.now();
+        document.head.appendChild(link);
+      }
+      function unloadCSS(filename) {
+        var links = document.getElementsByTagName("link");
+        var i = links.length;
+        while (i--) {
+          var link = links[i];
+          if (link.href.indexOf("/css/darkmode.css") !== -1) {
+            link.parentNode.removeChild(link);
+          }
+        }
+      }
+
      function toggleDarkMode() {
-		  if (DarkReader.isEnabled()) {
-		    DarkReader.disable();
-		    localStorage.setItem('darkMode', 'off');
+        if (localStorage.getItem("darkMode") === "on") {
+          unloadCSS("/css/darkmode.css");
+          localStorage.setItem("darkMode", "off");
        } else {
-		    DarkReader.enable();
-		    localStorage.setItem('darkMode', 'on');
+          loadCSS("/css/darkmode.css");
+          localStorage.setItem("darkMode", "on");
        }
      }
-		if (localStorage.getItem('darkMode') === 'on') {
-		  DarkReader.enable();
-		} else if (localStorage.getItem('darkMode') === 'off') {
- 		  DarkReader.disable();
+      if (localStorage.getItem("darkMode") === "on") {
+        loadCSS("/css/darkmode.css");
+      } else if (localStorage.getItem("darkMode") === "off") {
+        unloadCSS("/css/darkmode.css");
+      } else if (window.matchMedia && window.matchMedia("(prefers-color-scheme: dark)").matches) {
+        loadCSS("/css/darkmode.css");
+        localStorage.setItem("darkMode", "on");
      } else {
- 		  DarkReader.auto();
+        unloadCSS("/css/darkmode.css");
+        localStorage.setItem("darkMode", "off");
      }
    </script>
-
  </head>
  <body>
-
    <noscript>
      <div class="container no-js-warning">
-			<div class="alert alert-warning text-center">
-				<strong>Warning!</strong> This application requires Javascript and your browser doesn't support it.
-			</div>
+        <div class="alert alert-warning text-center"><strong>Warning!</strong> This application requires Javascript and your browser doesn't support it.</div>
      </div>
    </noscript>
+  </body>
+</html>
--- a/frontend/js/app/nginx/certificates/form.ejs
+++ b/frontend/js/app/nginx/certificates/form.ejs
@@ -137,7 +137,7 @@
                <% } else if (provider === 'other') { %>
                    <!-- Other -->
                    <div class="col-sm-12 col-md-12">
-                        <div class="text-blue mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'passphrase-protection-support-info') %></div>
+                        <div class="text-blue mb-4"><%= i18n('ssl', 'passphrase-protection-support-info') %></div>
                    </div>
                    <div class="col-sm-12 col-md-12">
                        <div class="form-group">
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -4,7 +4,7 @@
  "description": "A beautiful interface for creating Nginx endpoints",
  "main": "js/index.js",
  "dependencies": {
-    "@babel/core": "7.21.8",
+    "@babel/core": "7.22.1",
    "babel-core": "6.26.3",
    "babel-loader": "8.3.0",
    "babel-preset-env": "1.7.0",
--- a/rootfs/bin/launch.sh
+++ b/rootfs/bin/launch.sh
@@ -35,26 +35,8 @@ if [ "$PHP82" = "true" ]; then
    fi
 fi

-while (nginx -t > /dev/null 2>&1 && if [ "$PHP81" = true ]; then PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt > /dev/null 2>&1; fi && if [ "$PHP82" = true ]; then PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt > /dev/null 2>&1; fi); do
-    nginx &
-    if [ "$PHP81" = "true" ]; then PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FOR; fi &
-    if [ "$PHP82" = "true" ]; then PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FOR; fi &
-    index.js &
-    wait
-done
-
-if ! nginx -t > /dev/null 2>&1; then
-    nginx -T
-fi
-
-if [ "$PHP81" = "true" ]; then
-    if ! PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt > /dev/null 2>&1; then
-        PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FORt
-    fi
-fi
-
-if [ "$PHP82" = "true" ]; then
-    if ! PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt > /dev/null 2>&1; then
-        PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FORt
-    fi
-fi
+nginx &
+if [ "$PHP81" = "true" ]; then PHP_INI_SCAN_DIR=/data/php/81/conf.d php-fpm81 -c /data/php/81 -y /data/php/81/php-fpm.conf -FOR; fi &
+if [ "$PHP82" = "true" ]; then PHP_INI_SCAN_DIR=/data/php/82/conf.d php-fpm82 -c /data/php/82 -y /data/php/82/php-fpm.conf -FOR; fi &
+index.js &
+wait
--- a/rootfs/usr/local/nginx/conf/conf.d/include/tls-ciphers.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/include/tls-ciphers.conf
@@ -8,5 +8,5 @@ ssl_dhparam /etc/tls/dhparam;

 # intermediate configuration. tweak to your needs.
 ssl_protocols TLSv1.3 TLSv1.2;
-ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
-ssl_prefer_server_ciphers off;
+ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
+ssl_prefer_server_ciphers on;
--- a/rootfs/usr/local/nginx/conf/nginx.conf
+++ b/rootfs/usr/local/nginx/conf/nginx.conf
@@ -22,7 +22,8 @@ http {
    default_type text/plain;
    lua_package_path "/usr/local/nginx/lib/lua/?.lua;;";
    
-    server_tokens build;
+    server_tokens off;
+    hide_server_tokens on;
    aio threads;
    sendfile on;
    tcp_nopush on;