rebrand to NPMplus/improve security headers/upsteam changes/dockerlint

Signed-off-by: Zoey <zoey@z0ey.de>
2025-08-03 07:53:39 +00:00 · 2023-10-09 18:38:58 +02:00
parent e2214b5f69
commit fb0bb721f7
31 changed files with 202 additions and 110 deletions
--- a/backend/db.js
+++ b/backend/db.js
@@ -1,7 +1,7 @@
 const config = require('./lib/config');

 if (!config.has('database')) {
-	throw new Error('Database config does not exist! Please read the instructions: https://nginxproxymanager.com/setup');
+	throw new Error('Database config does not exist! Please read the instructions: https://github.com/ZoeyVid/NPMplus');
 }

 function generateDbConfig() {
--- a/backend/doc/api.swagger.json
+++ b/backend/doc/api.swagger.json
@@ -1,7 +1,7 @@
 {
 	"openapi": "3.0.0",
 	"info": {
-		"title": "Nginx Proxy Manager API",
+		"title": "NPMplus API",
 		"version": "2.x.x"
 	},
 	"servers": [
--- a/backend/internal/certificate.js
+++ b/backend/internal/certificate.js
@@ -788,14 +788,19 @@ const internalCertificate = {
 	requestLetsEncryptSsl: (certificate) => {
 		logger.info('Requesting Certbot certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));

-		const cmd = certbotCommand + ' certonly ' +
+		let cmd = certbotCommand + ' certonly ' +
 			'--config "' + certbotConfig + '" ' +
 			'--cert-name "npm-' + certificate.id + '" ' +
 			'--authenticator webroot ' +
-			'--email "' + certificate.meta.letsencrypt_email + '" ' +
 			'--preferred-challenges "dns,http" ' +
 			'--domains "' + certificate.domain_names.join(',') + '"';

+		if (certificate.meta.letsencrypt_email === '') {
+			cmd = cmd + ' --register-unsafely-without-email ';
+		} else {
+			cmd = cmd + ' --email "' + certificate.meta.letsencrypt_email + '" ';
+		}
+		
 		logger.info('Command:', cmd);

 		return utils.exec(cmd)
@@ -833,7 +838,6 @@ const internalCertificate = {
 		let mainCmd = certbotCommand + ' certonly ' +
 			'--config "' + certbotConfig + '" ' +
 			'--cert-name "npm-' + certificate.id + '" ' +
-			'--email "' + certificate.meta.letsencrypt_email + '" ' +
 			'--domains "' + certificate.domain_names.join(',') + '" ' +
 			'--authenticator ' + dns_plugin.full_plugin_name + ' ' +
 			(
@@ -852,6 +856,16 @@ const internalCertificate = {
 			mainCmd = 'AWS_CONFIG_FILE=\'' + credentialsLocation + '\' ' + mainCmd;
 		}

+		if (certificate.meta.dns_provider === 'duckdns') {
+			mainCmd = mainCmd + ' --dns-duckdns-no-txt-restore';
+		}
+
+		if (certificate.meta.letsencrypt_email === '') {
+			mainCmd = mainCmd + ' --register-unsafely-without-email ';
+		} else {
+			mainCmd = mainCmd + ' --email "' + certificate.meta.letsencrypt_email + '" ';
+		}
+
 		logger.info('Command:', `${credentialsCmd} && ${prepareCmd} && ${mainCmd}`);

 		return utils.exec(credentialsCmd)
@@ -1103,7 +1117,7 @@ const internalCertificate = {
 					'Content-Type':   'application/x-www-form-urlencoded',
 					'Content-Length': Buffer.byteLength(formBody),
 					'Connection':     'keep-alive',
-					'User-Agent':     'Nginx Proxy Manager',
+					'User-Agent':     'NPMplus',
 					'Accept':         '*/*'
 				}
 			};
--- a/backend/package.json
+++ b/backend/package.json
@@ -1,8 +1,8 @@
 {
-  "name": "nginx-proxy-manager",
+  "name": "npmplus",
  "version": "0.0.0",
  "description": "A beautiful interface for creating Nginx endpoints",
-  "main": "js/index.js",
+  "main": "index.js",
  "dependencies": {
    "@apidevtools/json-schema-ref-parser": "11.1.0",
    "ajv": "6.12.6",
@@ -15,21 +15,21 @@
    "express-fileupload": "1.4.1",
    "gravatar": "1.8.2",
    "jsonwebtoken": "9.0.2",
-    "knex": "2.5.1",
+    "knex": "3.0.1",
    "liquidjs": "10.9.2",
    "lodash": "4.17.21",
    "moment": "2.29.4",
    "mysql": "2.18.1",
    "node-rsa": "1.1.1",
-    "objection": "3.1.1",
+    "objection": "3.1.2",
    "path": "0.12.7",
    "signale": "1.4.0",
    "sqlite3": "5.1.6"
  },
-  "author": "Jamie Curnow <jc@jc21.com>",
+  "author": "Jamie Curnow <jc@jc21.com> and ZoeyVid <zoeyvid@zvcdn.de>",
  "license": "MIT",
  "devDependencies": {
-    "eslint": "8.50.0",
+    "eslint": "8.51.0",
    "eslint-plugin-align-assignments": "1.1.2"
  }
 }
--- a/backend/password-reset.js
+++ b/backend/password-reset.js
@@ -9,7 +9,7 @@ const sqlite3 = require('sqlite3');
 function usage() {
 	console.log(`usage: node ${process.argv[1]} USER_EMAIL PASSWORD

-Reset password of a Nginx Proxy Manager user.
+Reset password of a NPMplus user.

 Arguments:
  USER_EMAIL      Email address of the user to reset the password.
@@ -56,4 +56,4 @@ if (fs.existsSync(process.env.DB_SQLITE_FILE)) {
 			}
 		);
 	});
-}
+}
--- a/backend/schema/index.json
+++ b/backend/schema/index.json
@@ -1,8 +1,8 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
  "$id": "root",
-  "title": "Nginx Proxy Manager REST API",
-  "description": "This is the Nginx Proxy Manager REST API",
+  "title": "NPMplus REST API",
+  "description": "This is the NPMplus REST API",
  "version": "2.0.0",
  "links": [
    {
--- a/backend/templates/_hsts.conf
+++ b/backend/templates/_hsts.conf
@@ -1,7 +1,17 @@
 {% if certificate and certificate_id > 0 -%}
 {% if ssl_forced == 1 or ssl_forced == true %}
 {% if hsts_enabled == 1 or hsts_enabled == true %}
-  security_headers on;
+  add_header X-XSS-Protection "0" always;
+  add_header X-Frame-Options "SAMEORIGIN" always;
+  add_header X-Content-Type-Options "nosniff" always;
+  add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+  add_header Content-Security-Policy "default-src https: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests" always;
+
+  add_header Expect-CT "enforce; max-age=86400" always;
+  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+
+  add_header Cross-Origin-Embedder-Policy-Report-Only "require-corp; report-to='default'" always;
+  add_header Cross-Origin-Opener-Policy-Report-Only "same-origin-allow-popups; report-to='default'" always;
 {% endif %}
 {% endif %}
 {% endif %}