ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-08-04 16:33:32 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
1,227 Commits 11 Branches 78 Tags
f3c740954b3f5c3e6adbd32b3106c0abd242fdc0
Commit Graph

1227 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Will Rouesnel
f3c740954b Adapt CI command scripts to also support podman 2023-05-31 01:44:03 +10:00
Will Rouesnel
6cf91a2e70 Add drop_unauthorized parameter to proxy hosts 
drop_unauthorized returns 444 when a client is not authorized as opposed
to 403. It can be used with Client Certificate authorization.
 2023-05-31 01:43:57 +10:00
Will Rouesnel
f601105776 Add a development docker-compose file for use with User Namespaces 2023-05-30 00:49:42 +10:00
Will Rouesnel
34305e04e1 Add authority count to access-list drop down in proxy host 2023-05-30 00:49:42 +10:00
Will Rouesnel
366efc8ac2 Add template support for all host types to do client CA authorization 
When an access list contains client CAs, the combined CA auth file is
added to all location blocks via an `if` statement. This allows
LetsEncrypt and other support paths to work, while correctly denying
access to the protected resources.
 2023-05-30 00:49:42 +10:00
Will Rouesnel
fb766d14e9 Add support for writing client CAs when access-lists are updated 
This commit adds the basic support necessary to produce the combined
client CA files when certificates are updated.
 2023-05-30 00:49:36 +10:00
Will Rouesnel
e5bb50c164 Add support for adding Client Certificates to access-lists 
Client certificate support is added as a new separate type of option for
access-lists.

This commit is the support code to enable access-lists to contain
Client Certificate references.
 2023-05-29 14:48:02 +10:00
Will Rouesnel
d5b3e53140 Add frontend support for the new clientca type 
The frontend is modified to filter certificates from selector lists
so only non-clientca certificate types can be set as server certificates.
 2023-05-25 00:37:27 +10:00
Will Rouesnel
c664e864ce Add storing for Client CA certificates in the database 
Add initial support for managing Client Certificate Authority public
certificates as certificate objects in the database. The new provider
type 'clientca' is defined to implement this.
 2023-05-25 00:21:32 +10:00
Will Rouesnel
b19a272403 Fix OpenSSL data parsing 
OpenSSL data parsing could be confused when parsing certificates which
have Country/Org and other parameters in the subject line.

This is fixed by writing a more robust parser of the output lines, and
using that to do parsing which now correctly handles this case.
 2023-05-24 23:59:38 +10:00
Will Rouesnel
2dd4434ceb Add support for nginx 444 default response 
The default nginx 444 response drops the inbound connection without
sending any response to the client.
 2023-05-22 11:59:50 +10:00
jc21
2a06384a4a Merge branch 'master' into develop 2023-05-10 14:40:06 +10:00
Jamie Curnow
05307aa253 Fix certbot plugins install when using PUID/PGID 2023-05-10 14:39:08 +10:00
jc21
3d2406ac3d Merge pull request #2905 from NginxProxyManager/develop 
v2.10.3
 2023-05-10 14:09:04 +10:00
Jamie Curnow
0127dc7f03 Bump version 2023-05-10 11:32:22 +10:00
jc21
4349d42636 Merge pull request #2904 from NginxProxyManager/s6-verbose 
Fixes for s6 timeout at startup
 2023-05-10 11:31:17 +10:00
Jamie Curnow
4b6f9d9419 Remove s6 service timeout 2023-05-10 09:57:24 +10:00
Jamie Curnow
c3f019c911 Test ipv6 disabled in ci 2023-05-09 08:19:09 +10:00
Jamie Curnow
ecf0290203 Update s6-overlay 2023-05-09 08:15:44 +10:00
Jamie Curnow
4f41fe0c95 Update s6-overlay 2023-05-05 08:46:54 +10:00
Jamie Curnow
c3735fdbbb Missed a file that was explicit verbose 2023-05-04 12:30:27 +10:00
Jamie Curnow
c432c34fb3 Small refactor of user/groups and add checks during startup. Only use -x in bash scripts when DEBUG=true set in env vars 2023-05-04 10:03:06 +10:00
Jamie Curnow
a1245bc161 Split up ownership to indentify point of failure 2023-05-04 08:27:38 +10:00
Jamie Curnow
db4ab1d548 Verbose debugging of s6 scripts 2023-05-03 16:01:27 +10:00
jc21
86ddd9c83c Merge pull request #2784 from NginxProxyManager/develop 
v2.10.2
v2.10.2 		2023-03-31 09:37:08 +10:00
jc21
67208e43cc Merge branch 'master' into develop 2023-03-31 08:27:00 +10:00
Jamie Curnow
ddf80302c6 Bump version 2023-03-31 08:25:45 +10:00
jc21
5f2576946d Merge pull request #2783 from NginxProxyManager/uidgid 
Make PUID and PGID optional
 2023-03-31 08:25:07 +10:00
Jamie Curnow
9fe07fa6c3 Update documentation 2023-03-30 15:37:59 +10:00
Jamie Curnow
d9b9af543e Fix text replacement whoops 2023-03-30 15:03:57 +10:00
Jamie Curnow
eb2e2e0478 Throw in a docker restart during testing phase 2023-03-30 14:44:15 +10:00
Jamie Curnow
9225d5d442 Tweak test 2023-03-30 13:00:22 +10:00
Jamie Curnow
308a7149ed Tweak test 2023-03-30 12:55:20 +10:00
Jamie Curnow
8a4a7d0caf Allow 201 as success in test result 2023-03-30 12:51:26 +10:00
Jamie Curnow
5d03ede100 Add test for creating a host 2023-03-30 12:44:28 +10:00
Jamie Curnow
4a86bb42cc Different approach, always create npmuser 
even if the user id is zero, and then we'll always use it
 2023-03-30 11:19:16 +10:00
Jamie Curnow
dad8561ea1 Use numbers for permissions in case npmuser doesn't exist 2023-03-30 10:20:20 +10:00
Jamie Curnow
56a92e5c0e Run as root by default 
Optionally run as another user/group only if
the env vars are specified. Should give flexibility
to those who need to run processes as root and open ports
without having to request additional priveleges
 2023-03-30 09:04:37 +10:00
Jamie Curnow
9d672f5813 Own this nginx folder too 2023-03-29 14:04:48 +10:00
Jamie Curnow
d5ed70dbb6 Own this nginx folder too 2023-03-29 14:03:58 +10:00
jc21
c197e66d62 Merge pull request #2764 from NginxProxyManager/develop 
v2.10.1
v2.10.1 		2023-03-29 08:54:30 +10:00
Jamie Curnow
91cf3c8873 Tweaks to docker compose ci after updates 2023-03-29 08:24:28 +10:00
Jamie Curnow
7f5e0414ac Bump version 2023-03-29 07:22:15 +10:00
Jamie Curnow
d179887c15 Another fix for #2734, only chown parts of /etc/nginx 2023-03-28 10:39:26 +10:00
Jamie Curnow
35abb4d7ae Execute permissions missing on script 2023-03-28 09:33:30 +10:00
Jamie Curnow
61b290e220 Chown each folder on separately 
Really not sure why this fixes #2734 however it does actually
help the ownership script succeed specifically on arm7/raspbian
 2023-03-28 08:50:10 +10:00
jc21
e1bcef6e5c Merge pull request #2749 from NginxProxyManager/develop 
v2.10.0
v2.10.0 		2023-03-27 12:17:07 +10:00
jc21
81f51f9e2d Merge branch 'master' into develop 2023-03-27 08:29:08 +10:00
Jamie Curnow
661953db25 Bump version 2023-03-27 08:26:42 +10:00
jc21
065c2dac42 Merge pull request #2721 from NginxProxyManager/docker-user-group 
Docker users and groups, refactor configuration
 2023-03-27 08:19:57 +10:00