448c8a2dd5
Merge pull request #2523 from NginxProxyManager/dependabot/npm_and_yarn/backend/json5-2.2.3
...
Bump json5 from 2.1.3 to 2.2.3 in /backend
2023-03-07 16:50:37 +10:00
634cfe13f1
Merge pull request #2534 from NginxProxyManager/dependabot/npm_and_yarn/backend/knex-2.4.0
...
Bump knex from 0.20.15 to 2.4.0 in /backend
2023-03-07 16:50:30 +10:00
6ed64153e7
fix: add oidc logger and replace console logging
2023-03-06 13:01:38 +00:00
d0d36a95ec
fix: add oidc-config setting via setup.js rather than migrations
2023-03-06 09:33:01 +00:00
b0fd976b97
Make sure to lowercase email address entered by the user during login.
2023-02-26 22:24:58 -05:00
7fe7e94fbd
Mitigate CVE-2023-23596 by changing child_process.exec to child_process.execFile
2023-02-26 20:10:25 +01:00
fd49644f21
fix: linter
2023-02-26 13:34:58 +00:00
ef64edd943
fix: add database migration for oidc-config setting
2023-02-26 13:24:47 +00:00
df5ab361e3
chore: update comments, remove debug logging
2023-02-24 22:27:27 +00:00
6f98fa61e4
refactor: satisfy linter requirements
2023-02-24 21:15:17 +00:00
baee4641db
chore: improve error handling
2023-02-24 18:54:38 +00:00
bc0b466a8e
refactor: improve code structure
2023-02-24 16:30:45 +00:00
3e2a411dfb
chore: add oidc setting db entry during setup
2023-02-24 15:17:23 +00:00
caeb2934f0
FEAT: Add Open ID Connect authentication method
...
* add `oidc-config` setting allowing an admin user to configure parameters
* modify login page to show another button when oidc is configured
* add dependency `openid-client` `v5.4.0`
* add backend route to process "OAuth2 Authorization Code" flow
initialisation
* add backend route to process callback of above flow
* sign in the authenticated user with internal jwt token if internal
user with email matching the one retrieved from oauth claims exists
Note: Only Open ID Connect Discovery is supported which most modern
Identity Providers offer.
Tested with Authentik 2023.2.2 and Keycloak 18.0.2
2023-02-24 15:15:17 +00:00
23326895b2
Bump http-cache-semantics from 4.1.0 to 4.1.1 in /backend
...
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/kornelski/http-cache-semantics/releases )
- [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1 )
---
updated-dependencies:
- dependency-name: http-cache-semantics
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-02-03 12:12:01 +00:00
7ca3a9e7a6
Bump knex from 0.20.15 to 2.4.0 in /backend
...
Bumps [knex](https://github.com/knex/knex ) from 0.20.15 to 2.4.0.
- [Release notes](https://github.com/knex/knex/releases )
- [Changelog](https://github.com/knex/knex/blob/master/CHANGELOG.md )
- [Commits](https://github.com/knex/knex/compare/0.20.15...2.4.0 )
---
updated-dependencies:
- dependency-name: knex
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-01-11 02:35:51 +00:00
c80d099193
ACL changes should not blow away cert config
...
When editing an access list, all affected sites get their config updated without certificates, functionally breaking https on those sites until they get a manual config change that rewrites the config properly. Properly fetch the certificate from the DB before `bulkGenerateConfigs` so it gets updated right.
I am not certain whether there are similar bugs in other places that use `bulkGenerateConfigs`.
Should fix #2254
2023-01-10 01:59:04 -05:00
b69e493c54
Bump json5 from 2.1.3 to 2.2.3 in /backend
...
Bumps [json5](https://github.com/json5/json5 ) from 2.1.3 to 2.2.3.
- [Release notes](https://github.com/json5/json5/releases )
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md )
- [Commits](https://github.com/json5/json5/compare/v2.1.3...v2.2.3 )
---
updated-dependencies:
- dependency-name: json5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-01-06 02:33:27 +00:00
8dee139810
Fix linter issues
2022-11-21 01:46:42 +03:00
6349cb6094
Fix cerbot plugin installation issues
2022-11-18 15:06:19 +03:00
fd30cfe98b
Fix linting
2022-11-15 07:54:48 +10:00
6f281fef42
Workaround for cloudflare plugin install ( #2381 )
2022-11-15 07:48:57 +10:00
b673ebe2ca
Merge pull request #2126 from NginxProxyManager/dependabot/npm_and_yarn/backend/async-3.2.4
...
Bump async from 3.2.1 to 3.2.4 in /backend
2022-08-23 20:44:21 +10:00
e5966b54a8
Bump moment from 2.27.0 to 2.29.4 in /backend
...
Bumps [moment](https://github.com/moment/moment ) from 2.27.0 to 2.29.4.
- [Release notes](https://github.com/moment/moment/releases )
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/moment/moment/compare/2.27.0...2.29.4 )
---
updated-dependencies:
- dependency-name: moment
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-07-07 16:43:24 +00:00
1e5916db28
Bump async from 3.2.1 to 3.2.4 in /backend
...
Bumps [async](https://github.com/caolan/async ) from 3.2.1 to 3.2.4.
- [Release notes](https://github.com/caolan/async/releases )
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md )
- [Commits](https://github.com/caolan/async/compare/v3.2.1...v3.2.4 )
---
updated-dependencies:
- dependency-name: async
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-06-22 17:38:17 +00:00
366fcf0bed
Fix nginx/certificates search query
2022-02-12 12:46:06 +07:00
d7e0ae0fa0
Merge pull request #1701 from jc21/escape-credential-backslashes
...
Correctly escape backslashes in dns plugin credentials
2022-01-02 15:29:31 +10:00
29ee48530c
Merge pull request #1703 from luoweihua7/develop
...
fetch cloudflare ipv4/ipv6 fail #1405
2022-01-02 15:28:58 +10:00
c803ec7e26
Adds delay after reloading nginx before requesting ssl certificate using http challenge
2021-12-30 13:21:21 +01:00
7e67f33766
fetch cloudflare ipv4/ipv6 fail #1405
2021-12-30 11:50:21 +08:00
9dd5644183
Correctly escape backslashes in dns plugin credentials
2021-12-29 16:30:49 +01:00
adc5a2020a
Merge pull request #1666 from TobiasKneidl/patch-1
...
Update default.conf to follow the default site setting also for ipv6
2021-12-27 11:03:14 +10:00
bb422d4454
Update default.conf
2021-12-22 00:24:05 +01:00
d45f39aae3
Merge pull request #1538 from jc21/adds-http-challenge-test
...
Adds buttons to test availability of server from public internet
2021-11-10 09:15:26 +10:00
ddd538944a
Skip migration if setting does not exist
2021-11-09 14:03:39 +01:00
1f879f67a9
Reverts back to proxy_pass without variables
2021-11-09 13:57:39 +01:00
ee89dedd0f
Adds migration to regenerate default host
2021-11-08 23:11:56 +01:00
432062e0f4
Merge pull request #1559 from jc21/variable-fix-custom-locations
...
Fixes custom location with capture groups
2021-11-08 12:29:43 +10:00
48e96c46d5
Merge pull request #1565 from jc21/removes-hsts-from-admin-ui
...
Removes HSTS from admin ui
2021-11-08 12:27:36 +10:00
25e9acf618
Merge pull request #1566 from jc21/cleans-dependencies
...
Removes unused dependencies
2021-11-08 12:27:04 +10:00
a517e80236
Merge pull request #1567 from jc21/removes-renew-delay
...
Removes random delay when renewing certificates with the renew now button
2021-11-08 12:26:34 +10:00
cf4d1f73fa
Uses letsencrypt config file everywhere
2021-11-06 22:31:13 +01:00
c203d1a0d8
Requires ~() in location to remove $request_uri and removes $request_uri if it is just a slash
2021-11-06 13:38:02 +01:00
5f29f6b039
Removes random delay when renewing certificates with the renew now button
2021-11-05 14:20:12 +01:00
f75b5b867b
Fixes formatting
2021-11-05 14:01:50 +01:00
67463ca136
Removes unused dependencies
2021-11-05 13:59:19 +01:00
8db541f37f
Removes HSTS from admin ui
2021-11-05 00:09:05 +01:00
38ec0f9f95
Adds logs to backend when testing http challenge
2021-11-04 11:16:23 +01:00
3d80759a21
Renames the $upstream variables and does not append $request_ui if capture group exists in location
2021-11-04 10:08:15 +01:00
ffe3db8c08
Falls back to SQLite if no environment variables are provided
2021-11-02 12:22:39 +01:00
