ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-04-30 11:02:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,372 Commits 7 Branches 75 Tags
Commit Graph

92 Commits

Author SHA1 Message Date
LePresidente
c56e64bce2 added support to use environment variables instead of set file in data drive. 2024-02-29 18:10:02 +02:00
LePresidente
58ae5a1559 Make sure script.sh is set to be executable. 2024-01-27 08:05:33 +02:00
Brian Munro
8fa3069a8d
Merge branch 'NginxProxyManager:develop' into develop-crowdsec 2024-01-20 09:53:01 +02:00
Jamie Curnow
db23c9a52f
Refactor certbot plugins install 
- Added a script to install every single plugin, used in development and debugging
- Improved certbot plugin install commands
- Adjusted some version for plugins to install properly
- It's noted that some plugins require deps that do not match other plugins,
  however these use cases should be extremely rare
 2024-01-18 12:26:55 +10:00
Brian Munro
a108a5d316
Merge branch 'NginxProxyManager:develop' into develop-crowdsec 2024-01-15 06:34:14 +02:00
Jamie Curnow
e69684919c
Use nginxproxymanager/nginx-full image base 
which has been updated with bookworm, python 3.8, certbot 2.8.0 and node 20

Moved rootfs scripts as /bin is a symlink in bookworm
 2024-01-10 12:59:51 +10:00
Jamie Curnow
a7fe687bae
Fix permission recursiveness 2024-01-10 09:22:34 +10:00
jc21
459b7a2223
Merge pull request #3361 from timob/improve-container-start 
Improve container startup time
 2024-01-09 08:15:33 +10:00
Jocelyn Le Sage
388fff84f2 Fixes for the server reachability test. 
- Do not apply HTTPs redirection for challenge used by the test.
- Set the `User-Agent` to avoid 403 answer from site24x7.com.
- Handle JSON parsing failure of the received body.
- Better handling of different error cases.
 2023-12-19 17:22:33 -05:00
Tim O'Brien
33dbffb974 Improve container startup time 
See https://github.com/NginxProxyManager/nginx-proxy-manager/issues/2991

Removes uneeded file permission changes in rootfs certbot install. Tested installing custom DNS provider plugins for certbot, works correctly.
 2023-12-02 14:56:48 +11:00
FibreTTP
4867db078c Remove explicit user and group - add su directive for default user (npm). 2023-09-27 14:58:19 +10:00
FibreTTP
6b565e628f Change perms on logrotated logs to npm user 2023-09-27 14:25:04 +10:00
Brian Munro
9827c0b202
Merge branch 'NginxProxyManager:develop' into develop-crowdsec 2023-08-28 06:23:59 +02:00
jc21
aee93a2f6f
Merge pull request #2932 from nietzscheanic/patch-1 
Fix for ignored ssl_protocols and ssl_ciphers directive in conf.d/inc…
 2023-07-20 12:25:09 +10:00
xrh0905
63ee69f432
Fix device or resource busy when patching IPv6 settings 2023-06-15 11:17:02 +08:00
nietzscheanic
81054631f9
Fix for ignored ssl_protocols and ssl_ciphers directive in conf.d/include/ssl-ciphers.conf 
nginx only uses the `ssl_protocols` directive in the `server{}` block of the first processed host config, which is the default config in `/etc/nginx/conf.d/default.conf`. in version `v2.9.20` the default ssl site was dropped by using `ssl_reject_handshake on` in the default host config. but beside the include of `conf.d/include/ssl-ciphers.conf` was removed from the default host config. that's why `tlsv1.3` isn't applied by default anymore, same thing with the defined cipher suites. npm is so broken since `2023-03-16`.

commit that broke the config -> a7f0c3b730
 2023-05-19 14:13:29 +02:00
Brian Munro
ca6d112ecb
Merge branch 'NginxProxyManager:develop' into develop-crowdsec 2023-05-17 10:20:12 +02:00
lepresidente
cd882b07d0 Changed permissions on script.sh 2023-05-17 10:17:26 +02:00
Jamie Curnow
05307aa253
Fix certbot plugins install when using PUID/PGID 2023-05-10 14:39:08 +10:00
Jamie Curnow
c3735fdbbb
Missed a file that was explicit verbose 2023-05-04 12:30:27 +10:00
Jamie Curnow
c432c34fb3
Small refactor of user/groups and add checks during startup. Only use -x in bash scripts when DEBUG=true set in env vars 2023-05-04 10:03:06 +10:00
Jamie Curnow
a1245bc161
Split up ownership to indentify point of failure 2023-05-04 08:27:38 +10:00
Jamie Curnow
db4ab1d548
Verbose debugging of s6 scripts 2023-05-03 16:01:27 +10:00
lepresidente
4245e6231c made script executable. 2023-04-30 17:16:12 +02:00
LePresidente
6a035eaeab Removed file not required. 2023-04-26 13:08:27 +02:00
LePresidente
77057284d3 Added crowdsec to Nginx-Proxy-Manager 2023-04-26 13:04:02 +02:00
Jamie Curnow
4a86bb42cc
Different approach, always create npmuser 
even if the user id is zero, and then we'll always use it
 2023-03-30 11:19:16 +10:00
Jamie Curnow
dad8561ea1
Use numbers for permissions in case npmuser doesn't exist 2023-03-30 10:20:20 +10:00
Jamie Curnow
56a92e5c0e
Run as root by default 
Optionally run as another user/group only if
the env vars are specified. Should give flexibility
to those who need to run processes as root and open ports
without having to request additional priveleges
 2023-03-30 09:04:37 +10:00
Jamie Curnow
d5ed70dbb6
Own this nginx folder too 2023-03-29 14:03:58 +10:00
Jamie Curnow
d179887c15
Another fix for #2734, only chown parts of /etc/nginx 2023-03-28 10:39:26 +10:00
Jamie Curnow
35abb4d7ae
Execute permissions missing on script 2023-03-28 09:33:30 +10:00
Jamie Curnow
61b290e220
Chown each folder on separately 
Really not sure why this fixes #2734 however it does actually
help the ownership script succeed specifically on arm7/raspbian
 2023-03-28 08:50:10 +10:00
Jamie Curnow
c40e48e678
Fix docker restart because user already exists 2023-03-23 10:21:34 +10:00
Jamie Curnow
5ac9dc0758
Attempt to set HOME for npmuser backend 2023-03-22 13:00:26 +10:00
Jamie Curnow
dad3e1da7c
Adds support to run processes as a user/group, defined 
with PUID and PGID environment variables

- Detects if image is run with a user in docker command and fails if so
- Adds s6 prepare scripts for adding a 'npmuser'
- Split up and refactor the s6 prepare scripts
- Runs nginx and backend node as 'npmuser'
- Changes ownership of files required at startup
 2023-03-20 16:56:52 +10:00
Jamie Curnow
82d9452001
Move some older s6-overlay over to new format, fixes #2705 2023-03-18 17:45:31 +10:00
Jamie Curnow
5b7682f13c
Update s6-overlay and move processes to new format 2023-03-17 08:50:32 +10:00
jc21
546ce8d4bc
Merge pull request #2444 from BitsOfAByte/develop 
Load events configuration from custom file
 2023-03-08 16:32:46 +10:00
Blaž Zupan
a7f0c3b730 Use ssl_reject_handshake to reject requests to default https site 
Instead of creating a dummy certificate, we can return an SSL protocol error, which will generate a descriptive error message in the browser.
 2023-02-02 19:19:37 -08:00
BitsOfAByte
3c23aa935e
Load events configuration from custom file 2022-12-02 21:32:04 +00:00
jc21
e229fa89f8
Merge pull request #2222 from mantoufan/add-webp-to-assets.conf-for-cache-assets 
Add webp format to assets.conf for Cache Assets
 2022-11-08 13:12:13 +10:00
jc21
b62b6b5112
Merge pull request #2373 from lakkeri/develop 
Possible multiple X-Forwarded-For headers
 2022-11-08 11:48:05 +10:00
jc21
2f6d8257ec
Merge pull request #2259 from cuishuang/develop 
all: fix some typos
 2022-11-08 11:40:42 +10:00
lakkeri
052cb8f12d
Possible multiple X-Forwarded-For headers 
NMP behind another reverse proxy can multiply X-Forwarded-For headers. $proxy_add_x_forwarded_for equals to $remote_addr if this header not present in client request 
https://nginx.org/en/docs/http/ngx_http_proxy_module.html#var_proxy_add_x_forwarded_for
 2022-11-05 16:24:12 +03:00
Paweł Jan Czochański
e77b13d36e
Fix DISABLE_IPV6 flag handling 
The DISABLE_IPV6 flag did not turn off ipv6 DNS requests performed by
nginx. This commit changes it and makes nginx-proxy-manager more
compatible with podman.
 2022-10-20 07:55:08 +02:00
cui fliter
f85e82973d all: fix some typos 
Signed-off-by: cui fliter <imcusg@gmail.com>
 2022-09-10 21:08:16 +08:00
馒头饭
e1525e5d56 Add webp format to assets.conf for Cache Assets 2022-08-26 03:47:06 +08:00
Omer Cohen
ac25171420
Update resolvers.conf to break dns cache 
By default, nginx caches answers using the TTL value of a response.
In a dynamic environment containers can get recreated with new IPs,
reducing the validity of the cache allows refreshing these IPs

https://nginx.org/en/docs/http/ngx_http_core_module.html#resolver
 2022-02-16 09:31:56 +02:00
Jamie Curnow
c78f641e85 Revert #1614 
as it breaks some existing services
 2022-01-11 08:54:40 +10:00