Bump freedns plugin

2025-07-04 17:06:49 +00:00 · 2024-10-17 12:57:49 +10:00
11 changed files with 28 additions and 162 deletions
--- a/backend/internal/nginx.js
+++ b/backend/internal/nginx.js
@ -5,20 +5,6 @@ const config = require('../lib/config');
 const utils  = require('../lib/utils');
 const error  = require('../lib/error');
 /**
 * 
 * @param {int} user_port 
 * @param {int} default_port
 * @returns {int} port
 */
 const validatePort = (user_port, default_port) => {
 	if (isNaN(user_port) || user_port < 1 || user_port > 65535) {
 		console.error(`Environment variable HTTP_PORT must be an integer between 1 and 65535 (got: ${user_port}). Using default port ${default_port}`);
 		return default_port;
 	}
 	return user_port;
 };
 const internalNginx = {
 	/**
@ -246,10 +232,8 @@ const internalNginx = {
 				locationsPromise = Promise.resolve();
 			}
-			// Set the IPv6 and port setting for the host
+			// Set the IPv6 setting for the host
 			host.ipv6 = internalNginx.ipv6Enabled();
 			host.http_port  = internalNginx.httpPort();
 			host.https_port = internalNginx.httpsPort();
 			locationsPromise.then(() => {
 				renderEngine
@ -304,8 +288,6 @@ const internalNginx = {
 			}
 			certificate.ipv6 = internalNginx.ipv6Enabled();
 			certificate.http_port  = internalNginx.httpPort();
 			certificate.https_port = internalNginx.httpsPort();
 			renderEngine
 				.parseAndRender(template, certificate)
@ -450,30 +432,7 @@ const internalNginx = {
 		}
 		return true;
 	},
 	/**
 	 * @returns {integer}
 	 */
 	httpPort: function () {
 		if (typeof process.env.HTTP_PORT !== 'undefined') {
 			let httpPort = parseInt(process.env.HTTP_PORT);
 			return validatePort(httpPort, 443);
 	}
 		return 80;
 	},
 	/**
 	 * @returns {integer}
 	 */
 	httpsPort: function () {
 		if (typeof process.env.HTTPS_PORT !== 'undefined') {
 			let httpPort = parseInt(process.env.HTTPS_PORT);
 			return validatePort(httpPort, 443);
 		}
 		return 80;
 	}
 };
 module.exports = internalNginx;
--- a/backend/schema/paths/nginx/access-lists/listID/put.json
+++ b/backend/schema/paths/nginx/access-lists/listID/put.json
@ -49,7 +49,8 @@
 										"minLength": 1
 									},
 									"password": {
-										"type": "string"
+										"type": "string",
 										"minLength": 1
 									}
 								}
 							}
--- a/backend/templates/_access.conf
+++ b/backend/templates/_access.conf
@ -4,7 +4,7 @@
    auth_basic            "Authorization required";
    auth_basic_user_file  /data/access/{{ access_list_id }};
-    {% if access_list.pass_auth == 0 or access_list.pass_auth == true %}
+    {% if access_list.pass_auth == 0 %}
    proxy_set_header Authorization "";
    {% endif %}
@ -17,7 +17,7 @@
    deny all;
    # Access checks must...
-    {% if access_list.satisfy_any == 1 or access_list.satisfy_any == true %}
+    {% if access_list.satisfy_any == 1 %}
    satisfy any;
    {% else %}
    satisfy all;
--- a/backend/templates/_listen.conf
+++ b/backend/templates/_listen.conf
@ -1,20 +1,15 @@
-  listen {{ http_port }};
+  listen 80;
 {% if ipv6 -%}
-  listen [::]:{{ http_port }};
+  listen [::]:80;
 {% else -%}
-  #listen [::]:{{ http_port }};
+  #listen [::]:80;
 {% endif %}
 {% if certificate -%}
-  listen {{ https_port }} ssl;
+  listen 443 ssl{% if http2_support == 1 or http2_support == true %} http2{% endif %};
 {% if ipv6 -%}
-  listen [::]:{{ https_port }} ssl;
+  listen [::]:443 ssl{% if http2_support == 1 or http2_support == true %} http2{% endif %};
 {% else -%}
-  #listen [::]:{{ https_port }};
+  #listen [::]:443;
 {% endif %}
 {% endif %}
  server_name {{ domain_names | join: " " }};
 {% if http2_support == 1 or http2_support == true %}
  http2 on;
 {% else -%}
  http2 off;
 {% endif %}
--- a/backend/templates/_location.conf
+++ b/backend/templates/_location.conf
@ -7,7 +7,11 @@
    proxy_set_header X-Forwarded-For    $remote_addr;
    proxy_set_header X-Real-IP		$remote_addr;
-    proxy_pass       {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
+    set $proxy_forward_scheme {{ forward_scheme }};
    set $proxy_server         "{{ forward_host }}";
    set $proxy_port           {{ forward_port }};
    proxy_pass       $proxy_forward_scheme://$proxy_server:$proxy_port{{ forward_path }};
    {% include "_access.conf" %}
    {% include "_assets.conf" %}
--- a/docker/docker-compose.dev.yml
+++ b/docker/docker-compose.dev.yml
@ -33,8 +33,6 @@ services:
      DB_MYSQL_NAME: 'npm'
      # DB_SQLITE_FILE: "/data/database.sqlite"
      # DISABLE_IPV6: "true"
      # HTTP_PORT: "1234"
      # HTTPS_PORT: "5678"
      # Required for DNS Certificate provisioning testing:
      LE_SERVER: 'https://ca.internal/acme/acme/directory'
      REQUESTS_CA_BUNDLE: '/etc/ssl/certs/NginxProxyManager.crt'
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/00-all.sh
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/00-all.sh
@ -18,6 +18,5 @@ fi
 . /etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh
 . /etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh
 . /etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh
 . /etc/s6-overlay/s6-rc.d/prepare/55-http-https-port.sh
 . /etc/s6-overlay/s6-rc.d/prepare/60-secrets.sh
 . /etc/s6-overlay/s6-rc.d/prepare/90-banner.sh
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/55-http-https-port.sh
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/55-http-https-port.sh
@ -1,62 +0,0 @@
 #!/command/with-contenv bash
 # shellcheck shell=bash
 # This command reads the `HTTP_PORT` and `HTTPS_PORT` env vars and will rerender
 # the nginx files to the port defined in these variables
 set -e
 log_info 'HTTP_PORT ...'
 DEFAULT_HTTP_PORT="80"
 DEFAULT_HTTPS_PORT="443"
 # Make sure HTTP_PORT and HTTPS_PORT are set correctly
 case "$HTTP_PORT" in
 	''|*[!0-9]*)
 		echo "Could not parse HTTP_PORT as integer (got \"$HTTP_PORT\")."
 		echo "Using default http port \"$DEFAULT_HTTP_PORT\""
 		HTTP_PORT="$DEFAULT_HTTP_PORT"
 		;;
 	*) true ;;
 esac
 if [ "$HTTP_PORT" -lt "1" ] || [ "$HTTP_PORT" -gt "65535" ]; then
 	echo "HTTP_PORT must be between 1 and 65535 (got \"$HTTP_PORT\")."
 	echo "Using default http port \"$DEFAULT_HTTP_PORT\""
 	HTTP_PORT="$DEFAULT_HTTP_PORT"
 fi
 case "$HTTPS_PORT" in
 	''|*[!0-9]*)
 		echo "Could not parse HTTPS_PORT as integer (got \"$HTTPS_PORT\")."
 		echo "Using default https port \"$DEFAULT_HTTPS_PORT\""
 		HTTPS_PORT="$DEFAULT_HTTPS_PORT"
 		;;
 	*) true ;;
 esac
 if [ "$HTTPS_PORT" -lt "1" ] || [ "$HTTPS_PORT" -gt "65535" ]; then
    echo "HTTPS_PORT must be between 1 and 65535 (got \"$HTTPS_PORT\")."
 	echo "Using default https port \"$DEFAULT_HTTPS_PORT\""
 	HTTPS_PORT="$DEFAULT_HTTPS_PORT"
 fi
 process_folder () {
 	FILES=$(find "$1" -type f -name "*.conf")
 	HTTP_SED_REGEX='/ssl/! s/listen (\[::\]:)?[0-9]+/listen \1'$HTTP_PORT'/g'
 	HTTPS_SED_REGEX='/ssl/ s/listen (\[::\]:)?[0-9]+/listen \1'$HTTPS_PORT'/g'
 	echo "Setting HTTP listen port to $HTTP_PORT and HTTPS listen port to $HTTPS_PORT in: $1"
 	for FILE in $FILES
 	do
 		echo "- ${FILE}"
 		echo "$(sed -E "$HTTP_SED_REGEX" "$FILE")" > $FILE
 		echo "$(sed -E "$HTTPS_SED_REGEX" "$FILE")" > $FILE
 	done
 	# ensure the files are still owned by the npm user
 	chown -R "$PUID:$PGID" "$1"
 }
 process_folder /etc/nginx/conf.d
 process_folder /data/nginx
--- a/docs/src/advanced-config/index.md
+++ b/docs/src/advanced-config/index.md
@ -164,18 +164,6 @@ The easy fix is to add a Docker environment variable to the Nginx Proxy Manager
      DISABLE_IPV6: 'true'
 ```
 ## Chaning the HTTP and HTTPS Listen Port
 If you are unable to configure the port mapping within Docker (eg. when using
 `hostNetwork: true`) you can change the port that proxy-hosts and
 redirection-hosts listen on by setting the environment variables `HTTP_PORT` and
 `HTTPS_PORT`:
 ```yml
    environment:
      HTTP_PORT: "1234"
      HTTPS_PORT: "5678"
 ```
 ## Custom Nginx Configurations
--- a/docs/src/setup/index.md
+++ b/docs/src/setup/index.md
@ -137,13 +137,5 @@ Email:    admin@example.com
 Password: changeme
 ```
-Immediately after logging in with this default user you will be asked to modify your details and change your password. You can change defaults with:
+Immediately after logging in with this default user you will be asked to modify your details and change your password.
 ```
    environment:
      INITIAL_ADMIN_EMAIL: my@example.com
      INITIAL_ADMIN_PASSWORD: mypassword1
 ```
--- a/global/certbot-dns-plugins.json
+++ b/global/certbot-dns-plugins.json
@ -194,7 +194,7 @@
 	"freedns": {
 		"name": "FreeDNS",
 		"package_name": "certbot-dns-freedns",
-		"version": "~=0.1.0",
+		"version": "~=0.2.0",
 		"dependencies": "",
 		"credentials": "dns_freedns_username = myremoteuser\ndns_freedns_password = verysecureremoteuserpassword",
 		"full_plugin_name": "dns-freedns"
@ -303,14 +303,6 @@
 		"credentials": "dns_joker_username = <Dynamic DNS Authentication Username>\ndns_joker_password = <Dynamic DNS Authentication Password>\ndns_joker_domain = <Dynamic DNS Domain>",
 		"full_plugin_name": "dns-joker"
 	},
 	"leaseweb": {
 		"name": "LeaseWeb",
 		"package_name": "certbot-dns-leaseweb",
 		"version": "~=1.0.1",
 		"dependencies": "",
 		"credentials": "dns_leaseweb_api_token = 01234556789",
 		"full_plugin_name": "dns-leaseweb"
 	},
 	"linode": {
 		"name": "Linode",
 		"package_name": "certbot-dns-linode",