Bump freedns plugin

backend/app.js

@@ -29,7 +29,6 @@ if (config.debug()) {
 	app.set('json spaces', 2);
 }
 
-
 // CORS for everything
 app.use(require('./lib/express/cors'));
 

backend/db.js

@@ -9,22 +9,6 @@ function generateDbConfig() {
 	if (cfg.engine === 'knex-native') {
 		return cfg.knex;
 	}
-	if (cfg.engine === 'pg') {
-
-		return {
-			client:     cfg.engine,
-			connection: {
-				host:     cfg.host,
-				user:     cfg.user,
-				password: cfg.password,
-				database: cfg.name,
-				port:     cfg.port
-			},
-			migrations: {
-				tableName: 'migrations'
-			}
-		};
-	}
 	return {
 		client:     cfg.engine,
 		connection: {

backend/internal/access-list.js

@@ -252,14 +252,10 @@ const internalAccessList = {
 				let query = accessListModel
 					.query()
 					.select('access_list.*', accessListModel.raw('COUNT(proxy_host.id) as proxy_host_count'))
-					.leftJoin('proxy_host', function() {
+					.joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0')
-						this.on('proxy_host.access_list_id', '=', 'access_list.id')
-							.andOn('proxy_host.is_deleted', '=', 0);
-					})
 					.where('access_list.is_deleted', 0)
 					.andWhere('access_list.id', data.id)
 					.allowGraph('[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]')
-					.groupBy('access_list.id')
 					.first();
 
 				if (access_data.permission_visibility !== 'all') {
@@ -377,10 +373,7 @@ const internalAccessList = {
 				let query = accessListModel
 					.query()
 					.select('access_list.*', accessListModel.raw('COUNT(proxy_host.id) as proxy_host_count'))
-					.leftJoin('proxy_host', function() {
+					.joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0')
-						this.on('proxy_host.access_list_id', '=', 'access_list.id')
-							.andOn('proxy_host.is_deleted', '=', 0);
-					})
 					.where('access_list.is_deleted', 0)
 					.groupBy('access_list.id')
 					.allowGraph('[owner,items,clients]')

backend/internal/audit-log.js

@@ -22,9 +22,9 @@ const internalAuditLog = {
 					.allowGraph('[user]');
 
 				// Query is used for searching
-				if (typeof search_query === 'string' && search_query.length > 0) {
+				if (typeof search_query === 'string') {
 					query.where(function () {
-						this.whereRaw('CAST(meta AS VARCHAR(65535)) like ? ESCAPE \'\'', '%' + search_query + '%');
+						this.where('meta', 'like', '%' + search_query + '%');
 					});
 				}
 

backend/internal/dead-host.js

@@ -409,16 +409,16 @@ const internalDeadHost = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner,certificate]')
-					.orderByRaw('CAST(domain_names AS VARCHAR(65535)) ASC');
+					.orderBy('domain_names', 'ASC');
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string' && search_query.length > 0) {
+				if (typeof search_query === 'string') {
 					query.where(function () {
-						this.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%' + search_query + '%');
+						this.where('domain_names', 'like', '%' + search_query + '%');
 					});
 				}
 

backend/internal/host.js

@@ -129,15 +129,15 @@ const internalHost = {
 			proxyHostModel
 				.query()
 				.where('is_deleted', 0)
-				.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%'+hostname + '%'),
+				.andWhere('domain_names', 'like', '%' + hostname + '%'),
 			redirectionHostModel
 				.query()
 				.where('is_deleted', 0)
-				.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%'+hostname + '%'),
+				.andWhere('domain_names', 'like', '%' + hostname + '%'),
 			deadHostModel
 				.query()
 				.where('is_deleted', 0)
-				.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%'+hostname + '%'),
+				.andWhere('domain_names', 'like', '%' + hostname + '%')
 		];
 
 		return Promise.all(promises)

backend/internal/proxy-host.js

@@ -409,7 +409,6 @@ const internalProxyHost = {
 	 * @returns {Promise}
 	 */
 	getAll: (access, expand, search_query) => {
-
 		return access.can('proxy_hosts:list')
 			.then((access_data) => {
 				let query = proxyHostModel
@@ -417,17 +416,16 @@ const internalProxyHost = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner,access_list,certificate]')
-					.orderByRaw('CAST(domain_names AS VARCHAR(65535) ) ASC')
+					.orderBy('domain_names', 'ASC');
-				;
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string' && search_query.length > 0) {
+				if (typeof search_query === 'string') {
 					query.where(function () {
-						this.whereRaw('CAST(domain_names AS VARCHAR(65535) ) like ? ESCAPE \'\'', '%'+search_query + '%');
+						this.where('domain_names', 'like', '%' + search_query + '%');
 					});
 				}
 
@@ -438,7 +436,6 @@ const internalProxyHost = {
 				return query.then(utils.omitRows(omissions()));
 			})
 			.then((rows) => {
-
 				if (typeof expand !== 'undefined' && expand !== null && expand.indexOf('certificate') !== -1) {
 					return internalHost.cleanAllRowsCertificateMeta(rows);
 				}

backend/internal/redirection-host.js

@@ -20,6 +20,7 @@ const internalRedirectionHost = {
 	 */
 	create: (access, data) => {
 		let create_certificate = data.certificate_id === 'new';
+
 		if (create_certificate) {
 			delete data.certificate_id;
 		}
@@ -408,16 +409,16 @@ const internalRedirectionHost = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner,certificate]')
-					.orderByRaw('CAST(domain_names AS VARCHAR(65535) ) ASC');
+					.orderBy('domain_names', 'ASC');
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string' && search_query.length > 0) {
+				if (typeof search_query === 'string') {
 					query.where(function () {
-						this.whereRaw('CAST(domain_names AS VARCHAR(65535) ) like ? ESCAPE \'\'', '%' + search_query + '%');
+						this.where('domain_names', 'like', '%' + search_query + '%');
 					});
 				}
 

backend/internal/stream.js

@@ -298,18 +298,16 @@ const internalStream = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner]')
-					//.orderBy('incoming_port', 'ASC')
+					.orderBy('incoming_port', 'ASC');
-					.orderByRaw('CAST(incoming_port AS INTEGER) ASC')
-				;
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string' && search_query.length > 0) {
+				if (typeof search_query === 'string') {
 					query.where(function () {
-						this.whereRaw('CAST(incoming_port AS VARCHAR(65535)) like ? ESCAPE \'\'', '%' +  search_query+ '%');
+						this.where('incoming_port', 'like', '%' + search_query + '%');
 					});
 				}
 

backend/lib/config.js

@@ -45,25 +45,6 @@ const configure = () => {
 		};
 		return;
 	}
-	const envPostgresqlHost = process.env.DB_POSTGRESQL_HOST || null;
-	const envPostgresqlUser = process.env.DB_POSTGRESQL_USER || null;
-	const envPostgresqlName = process.env.DB_POSTGRESQL_NAME || null;
-	if (envPostgresqlHost && envPostgresqlUser && envPostgresqlName) {
-		// we have enough mysql creds to go with mysql
-		logger.info('Using POSTGRESQL configuration');
-		instance = {
-			database: {
-				engine:   'pg',
-				host:     envPostgresqlHost,
-				port:     process.env.DB_POSTGRESQL_PORT || 5432,
-				user:     envPostgresqlUser,
-				password: process.env.DB_POSTGRESQL_PASSWORD,
-				name:     envPostgresqlName,
-			},
-			keys: getKeys(),
-		};
-		return;
-	}
 
 	const envSqliteFile = process.env.DB_SQLITE_FILE || '/data/database.sqlite';
 	logger.info(`Using Sqlite: ${envSqliteFile}`);

backend/models/redirection_host.js

@@ -17,9 +17,6 @@ const boolFields = [
 	'preserve_path',
 	'ssl_forced',
 	'block_exploits',
-	'hsts_enabled',
-	'hsts_subdomains',
-	'http2_support',
 ];
 
 class RedirectionHost extends Model {

backend/package.json

@@ -21,9 +21,8 @@
 		"moment": "^2.29.4",
 		"mysql2": "^3.11.1",
 		"node-rsa": "^1.0.8",
-		"objection": "^3.0.1",
+		"objection": "3.0.1",
 		"path": "^0.12.7",
-		"pg": "^8.13.0",
 		"signale": "1.4.0",
 		"sqlite3": "5.1.6",
 		"temp-write": "^4.0.0"

backend/schema/paths/nginx/access-lists/listID/put.json

@@ -49,7 +49,8 @@
 										"minLength": 1
 									},
 									"password": {
-										"type": "string"
+										"type": "string",
+										"minLength": 1
 									}
 								}
 							}

backend/setup.js

@@ -15,11 +15,11 @@ const certbot             = require('./lib/certbot');
 const setupDefaultUser = () => {
 	return userModel
 		.query()
-		.select('id')
+		.select(userModel.raw('COUNT(`id`) as `count`'))
 		.where('is_deleted', 0)
+		.first()
 		.then((row) => {
-			if (row.length === 0) {
+			if (!row.count) {
-
 				// Create a new user and set password
 				let email    = process.env.INITIAL_ADMIN_EMAIL || 'admin@example.com';
 				let password = process.env.INITIAL_ADMIN_PASSWORD || 'changeme';
@@ -77,10 +77,11 @@ const setupDefaultUser = () => {
 const setupDefaultSettings = () => {
 	return settingModel
 		.query()
-		.select('id')
+		.select(settingModel.raw('COUNT(`id`) as `count`'))
 		.where({id: 'default-site'})
+		.first()
 		.then((row) => {
-			if (!row.length || !row[0].id) {
+			if (!row.count) {
 				settingModel
 					.query()
 					.insert({

backend/templates/_access.conf

@@ -4,7 +4,7 @@
     auth_basic            "Authorization required";
     auth_basic_user_file  /data/access/{{ access_list_id }};
 
-    {% if access_list.pass_auth == 0 or access_list.pass_auth == true %}
+    {% if access_list.pass_auth == 0 %}
     proxy_set_header Authorization "";
     {% endif %}
 
@@ -17,7 +17,7 @@
     deny all;
 
     # Access checks must...
-    {% if access_list.satisfy_any == 1 or access_list.satisfy_any == true %}
+    {% if access_list.satisfy_any == 1 %}
     satisfy any;
     {% else %}
     satisfy all;

backend/templates/_listen.conf

@@ -5,16 +5,11 @@
   #listen [::]:80;
 {% endif %}
 {% if certificate -%}
-  listen 443 ssl;
+  listen 443 ssl{% if http2_support == 1 or http2_support == true %} http2{% endif %};
 {% if ipv6 -%}
-  listen [::]:443 ssl;
+  listen [::]:443 ssl{% if http2_support == 1 or http2_support == true %} http2{% endif %};
 {% else -%}
   #listen [::]:443;
 {% endif %}
 {% endif %}
   server_name {{ domain_names | join: " " }};
-{% if http2_support == 1 or http2_support == true %}
-  http2 on;
-{% else -%}
-  http2 off;
-{% endif %}

backend/templates/_location.conf

@@ -7,7 +7,11 @@
     proxy_set_header X-Forwarded-For    $remote_addr;
     proxy_set_header X-Real-IP		$remote_addr;
 
-    proxy_pass       {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
+    set $proxy_forward_scheme {{ forward_scheme }};
+    set $proxy_server         "{{ forward_host }}";
+    set $proxy_port           {{ forward_port }};
+
+    proxy_pass       $proxy_forward_scheme://$proxy_server:$proxy_port{{ forward_path }};
 
     {% include "_access.conf" %}
     {% include "_assets.conf" %}

docker/dev/Dockerfile

@@ -26,8 +26,6 @@ WORKDIR /root
 
 COPY rootfs /
 COPY scripts/install-s6 /tmp/install-s6
-RUN /tmp/install-s6 "${TARGETPLATFORM}" && rm -f /tmp/install-s6
-RUN chmod 644 -R /root/.cache
 RUN rm -f /etc/nginx/conf.d/production.conf \
 	&& chmod 644 /etc/logrotate.d/nginx-proxy-manager \
 	&& /tmp/install-s6 "${TARGETPLATFORM}" \

docker/docker-compose.ci.postgresql.yml

@@ -1,29 +0,0 @@
-# WARNING: This is a CI docker-compose file used for building and testing of the entire app, it should not be used for production.
-services:
-
-  fullstack:
-    environment:
-      DB_POSTGRESQL_HOST: 'db'
-      DB_POSTGRESQL_PORT: '5432'
-      DB_POSTGRESQL_USER: 'npm'
-      DB_POSTGRESQL_PASSWORD: 'npmpass'
-      DB_POSTGRESQL_NAME: 'npm'
-    depends_on:
-      - db-postgresql
-
-  db-postgresql:
-    image: postgres:14.2-alpine
-    environment:
-      POSTGRES_PASSWORD: "npmpass"
-      POSTGRES_USER: "npm"
-      POSTGRES_DB: "npm"
-    ports:
-      - 5432:5432
-    volumes:
-      - postgres_vol:/var/lib/postgresql/data
-    networks:
-      - fulltest
-
-
-volumes:
-  postgres_vol:

docker/docker-compose.dev2.yml

@@ -1,89 +0,0 @@
-# WARNING: This is a DEVELOPMENT docker-compose file, it should not be used for production.
-services:
-
-  npm1:
-    image: nginxproxymanager:dev
-    container_name: npm_core1
-    build:
-      context: ./
-      dockerfile: ./dev/Dockerfile
-    ports:
-      - 4080:80
-      - 4081:81
-      - 4443:443
-    networks:
-      - nginx_proxy_manager
-    environment:
-      PUID: 1000
-      PGID: 1000
-      FORCE_COLOR: 1
-      # specifically for dev:
-      DEBUG: 'true'
-      DEVELOPMENT: 'true'
-      LE_STAGING: 'true'
-      # db:
-      DB_POSTGRESQL_HOST: 'db1'
-      DB_POSTGRESQL_PORT: '5432'
-      DB_POSTGRESQL_USER: 'npm'
-      DB_POSTGRESQL_PASSWORD: 'npmpass'
-      DB_POSTGRESQL_NAME: 'npm'
-      # DB_SQLITE_FILE: "/data/database.sqlite"
-      # DISABLE_IPV6: "true"
-    volumes:
-      - npm_data1:/data
-      - le_data1:/etc/letsencrypt
-      - ../backend:/app
-      - ../frontend:/app/frontend
-      - ../global:/app/global
-    depends_on:
-      - db1
-    working_dir: /app
-
-  db1:
-    image: postgis/postgis:17-3.5-alpine
-    container_name: npm_db1
-    ports:
-      - 5432:5432
-    networks:
-      - nginx_proxy_manager
-    environment:
-      POSTGRES_PASSWORD: "npmpass"
-      POSTGRES_USER: "npm"
-      POSTGRES_DB: "npm"
-    volumes:
-      - db_data1:/var/lib/postgresql/data
-  pgadmin:
-    image: dpage/pgadmin4
-    environment:
-      PGADMIN_DEFAULT_EMAIL: "admin@example.com"
-      PGADMIN_DEFAULT_PASSWORD: "changeme"
-    ports:
-        - 5080:80
-    networks:
-        - nginx_proxy_manager
-    depends_on:
-      - db1
-
-
-  swagger1:
-    image: swaggerapi/swagger-ui:latest
-    container_name: npm_swagger1
-    ports:
-      - 5082:80
-    environment:
-      URL: "http://npm:81/api/schema"
-      PORT: '80'
-    depends_on:
-      - npm1
-
-volumes:
-  npm_data1:
-    name: npm_core_data
-  le_data1:
-    name: npm_le_data
-  db_data1:
-    name: npm_db_data1
-
-networks:
-  nginx_proxy_manager:
-    name: npm_network

docs/src/setup/index.md

@@ -137,13 +137,5 @@ Email:    admin@example.com
 Password: changeme
 ```
 
-Immediately after logging in with this default user you will be asked to modify your details and change your password. You can change defaults with:
+Immediately after logging in with this default user you will be asked to modify your details and change your password.
-
-
-```
-    environment:
-      INITIAL_ADMIN_EMAIL: my@example.com
-      INITIAL_ADMIN_PASSWORD: mypassword1
-```
-
 

global/certbot-dns-plugins.json

@@ -194,7 +194,7 @@
 	"freedns": {
 		"name": "FreeDNS",
 		"package_name": "certbot-dns-freedns",
-		"version": "~=0.1.0",
+		"version": "~=0.2.0",
 		"dependencies": "",
 		"credentials": "dns_freedns_username = myremoteuser\ndns_freedns_password = verysecureremoteuserpassword",
 		"full_plugin_name": "dns-freedns"
@@ -303,14 +303,6 @@
 		"credentials": "dns_joker_username = <Dynamic DNS Authentication Username>\ndns_joker_password = <Dynamic DNS Authentication Password>\ndns_joker_domain = <Dynamic DNS Domain>",
 		"full_plugin_name": "dns-joker"
 	},
-	"leaseweb": {
-		"name": "LeaseWeb",
-		"package_name": "certbot-dns-leaseweb",
-		"version": "~=1.0.1",
-		"dependencies": "",
-		"credentials": "dns_leaseweb_api_token = 01234556789",
-		"full_plugin_name": "dns-leaseweb"
-	},
 	"linode": {
 		"name": "Linode",
 		"package_name": "certbot-dns-linode",