This commit changes access-list IP directives to be implemented using
the nginx "geo" directive.
This allows IP-based blocks to return 444 (drop connection) on
authorization failure when the "Drop Unauthorized" is enabled.
It also allows the implementation of "Satisfy Any" with the new
client CA certificate support - i.e. Satisfy Any can allow clients
from the local network to skip client certificate challenge, or drop
down to requesting basic authentication.
It should be noted that including basic authentication requirements
in Satisfy Any mode does prevent a 444 response from being sent, as
the basic auth challenge requires the server to respond.
with PUID and PGID environment variables
- Detects if image is run with a user in docker command and fails if so
- Adds s6 prepare scripts for adding a 'npmuser'
- Split up and refactor the s6 prepare scripts
- Runs nginx and backend node as 'npmuser'
- Changes ownership of files required at startup
Added a new clause for custom http_top.conf above the include clauses for NPM-generated files. Allows for more flexibility with adding custom nginx .conf files to NPM
Use case: adding a configuration change needs to be present before other custom configuration files are called and reference configuration from the custom http_top.conf file.
Example: add a new log_format in http_top.conf, then referencing it in a access_log clause in server_proxy.conf.
* Fix wrapping when too many hosts are shown (#207)
* Update npm packages, fixes CVE-2019-10757
* Revert some breaking packages
* Major overhaul
- Docker buildx support in CI
- Cypress API Testing in CI
- Restructured folder layout (insert clean face meme)
- Added Swagger documentation and validate API against that (to be completed)
- Use common base image for all supported archs, which includes updated nginx with ipv6 support
- Updated certbot and changes required for it
- Large amount of Hosts names will wrap in UI
- Updated packages for frontend
- Version bump 2.1.0
* Updated documentation
* Fix JWT expire time going crazy. Now set to 1day
* Backend JS formatting rules
* Remove v1 importer, I doubt anyone is using v1 anymore
* Added backend formatting rules and enforce them
in Jenkins builds
* Fix CI, doesn't need a tty
* Thanks bcrypt. Why can't you just be normal.
* Cleanup after syntax check
Co-authored-by: Marcelo Castagna <margaale@users.noreply.github.com>
