ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-10-04 20:00:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: ThatGuyJack:a7d4fd55d9a53a32d2f8555cc9310852a33b3d09
Branches Tags
ThatGuyJack:develop ThatGuyJack:react ThatGuyJack:dependabot/npm_and_yarn/test/axios-1.12.0 ThatGuyJack:dependabot/npm_and_yarn/docs/vite-5.4.20 ThatGuyJack:dependabot/npm_and_yarn/test/eslint/plugin-kit-0.3.5 ThatGuyJack:dependabot/npm_and_yarn/test/form-data-4.0.4 ThatGuyJack:master ThatGuyJack:v3 ThatGuyJack:bump-freedns ThatGuyJack:openidc ThatGuyJack:ssl-passthrough-hosts ThatGuyJack:static-content
ThatGuyJack:v2.12.6 ThatGuyJack:v2.12.5 ThatGuyJack:v2.12.4 ThatGuyJack:v2.12.3 ThatGuyJack:v2.12.2 ThatGuyJack:v2.12.1 ThatGuyJack:v2.12.0 ThatGuyJack:v2.11.3 ThatGuyJack:v2.11.2 ThatGuyJack:v2.11.1 ThatGuyJack:v2.11.0 ThatGuyJack:v2.10.4 ThatGuyJack:v2.10.3 ThatGuyJack:v2.10.2 ThatGuyJack:v2.10.1 ThatGuyJack:v2.10.0 ThatGuyJack:v2.9.22 ThatGuyJack:v2.9.21 ThatGuyJack:v2.9.20 ThatGuyJack:v2.9.19 ThatGuyJack:v2.9.18 ThatGuyJack:v2.9.17 ThatGuyJack:v2.9.16 ThatGuyJack:v2.9.15 ThatGuyJack:v2.9.14 ThatGuyJack:v2.9.13 ThatGuyJack:v2.9.12 ThatGuyJack:v2.9.11 ThatGuyJack:v2.9.10 ThatGuyJack:v2.9.9 ThatGuyJack:v2.9.8 ThatGuyJack:v2.9.7 ThatGuyJack:v2.9.6 ThatGuyJack:v2.9.5 ThatGuyJack:v2.9.4 ThatGuyJack:v2.9.3 ThatGuyJack:v2.9.2 ThatGuyJack:v2.9.1 ThatGuyJack:v2.9.0 ThatGuyJack:v2.8.1 ThatGuyJack:v2.8.0 ThatGuyJack:v2.7.3 ThatGuyJack:v2.7.2 ThatGuyJack:v2.7.1 ThatGuyJack:v2.7.0 ThatGuyJack:v2.6.2 ThatGuyJack:v2.6.1 ThatGuyJack:v2.6.0 ThatGuyJack:v2.5.0 ThatGuyJack:v2.4.0 ThatGuyJack:v2.3.1 ThatGuyJack:v2.3.0 ThatGuyJack:v2.2.4 ThatGuyJack:v2.2.3 ThatGuyJack:v2.2.2 ThatGuyJack:v2.2.1 ThatGuyJack:v2.2.0 ThatGuyJack:v2.1.2 ThatGuyJack:v2.1.1 ThatGuyJack:v2.1.0 ThatGuyJack:2.0.14 ThatGuyJack:2.0.13 ThatGuyJack:2.0.12 ThatGuyJack:2.0.11 ThatGuyJack:2.0.10 ThatGuyJack:2.0.9 ThatGuyJack:2.0.8 ThatGuyJack:2.0.7 ThatGuyJack:2.0.6 ThatGuyJack:2.0.5 ThatGuyJack:2.0.4 ThatGuyJack:2.0.3 ThatGuyJack:2.0.2 ThatGuyJack:2.0.0 ThatGuyJack:v2.0.0 ThatGuyJack:1.1.2 ThatGuyJack:1.1.1 ThatGuyJack:1.0.1
..
compare: ThatGuyJack:react
Branches Tags
ThatGuyJack:react ThatGuyJack:dependabot/npm_and_yarn/test/axios-1.12.0 ThatGuyJack:dependabot/npm_and_yarn/docs/vite-5.4.20 ThatGuyJack:develop ThatGuyJack:dependabot/npm_and_yarn/test/eslint/plugin-kit-0.3.5 ThatGuyJack:dependabot/npm_and_yarn/test/form-data-4.0.4 ThatGuyJack:master ThatGuyJack:v3 ThatGuyJack:bump-freedns ThatGuyJack:openidc ThatGuyJack:ssl-passthrough-hosts ThatGuyJack:static-content
ThatGuyJack:v2.12.6 ThatGuyJack:v2.12.5 ThatGuyJack:v2.12.4 ThatGuyJack:v2.12.3 ThatGuyJack:v2.12.2 ThatGuyJack:v2.12.1 ThatGuyJack:v2.12.0 ThatGuyJack:v2.11.3 ThatGuyJack:v2.11.2 ThatGuyJack:v2.11.1 ThatGuyJack:v2.11.0 ThatGuyJack:v2.10.4 ThatGuyJack:v2.10.3 ThatGuyJack:v2.10.2 ThatGuyJack:v2.10.1 ThatGuyJack:v2.10.0 ThatGuyJack:v2.9.22 ThatGuyJack:v2.9.21 ThatGuyJack:v2.9.20 ThatGuyJack:v2.9.19 ThatGuyJack:v2.9.18 ThatGuyJack:v2.9.17 ThatGuyJack:v2.9.16 ThatGuyJack:v2.9.15 ThatGuyJack:v2.9.14 ThatGuyJack:v2.9.13 ThatGuyJack:v2.9.12 ThatGuyJack:v2.9.11 ThatGuyJack:v2.9.10 ThatGuyJack:v2.9.9 ThatGuyJack:v2.9.8 ThatGuyJack:v2.9.7 ThatGuyJack:v2.9.6 ThatGuyJack:v2.9.5 ThatGuyJack:v2.9.4 ThatGuyJack:v2.9.3 ThatGuyJack:v2.9.2 ThatGuyJack:v2.9.1 ThatGuyJack:v2.9.0 ThatGuyJack:v2.8.1 ThatGuyJack:v2.8.0 ThatGuyJack:v2.7.3 ThatGuyJack:v2.7.2 ThatGuyJack:v2.7.1 ThatGuyJack:v2.7.0 ThatGuyJack:v2.6.2 ThatGuyJack:v2.6.1 ThatGuyJack:v2.6.0 ThatGuyJack:v2.5.0 ThatGuyJack:v2.4.0 ThatGuyJack:v2.3.1 ThatGuyJack:v2.3.0 ThatGuyJack:v2.2.4 ThatGuyJack:v2.2.3 ThatGuyJack:v2.2.2 ThatGuyJack:v2.2.1 ThatGuyJack:v2.2.0 ThatGuyJack:v2.1.2 ThatGuyJack:v2.1.1 ThatGuyJack:v2.1.0 ThatGuyJack:2.0.14 ThatGuyJack:2.0.13 ThatGuyJack:2.0.12 ThatGuyJack:2.0.11 ThatGuyJack:2.0.10 ThatGuyJack:2.0.9 ThatGuyJack:2.0.8 ThatGuyJack:2.0.7 ThatGuyJack:2.0.6 ThatGuyJack:2.0.5 ThatGuyJack:2.0.4 ThatGuyJack:2.0.3 ThatGuyJack:2.0.2 ThatGuyJack:2.0.0 ThatGuyJack:v2.0.0 ThatGuyJack:1.1.2 ThatGuyJack:1.1.1 ThatGuyJack:1.0.1

31 Commits
a7d4fd55d9 ... react

Author SHA1 Message Date
Jamie Curnow
227e818040 Wrap intl in span identifying translation 2025-10-02 23:06:51 +10:00
Jamie Curnow
fcb08d3003 Bump version 2025-10-02 08:57:46 +10:00
Jamie Curnow
d0767baafa Proxy host modal basis, other improvements 2025-10-02 08:12:37 +10:00
Jamie Curnow
abdf8866e0 Auto sorting of locale files 2025-10-02 08:12:37 +10:00
Jamie Curnow
e36c1b99a5 Redirection hosts ui 2025-10-02 08:12:37 +10:00
Jamie Curnow
9339626933 Streams polish 2025-10-02 08:12:37 +10:00
Jamie Curnow
100a7e3ff8 Streams modal 2025-10-02 08:12:37 +10:00
Jamie Curnow
4866988772 Fix stream creation with new ssl cert 2025-10-02 08:12:37 +10:00
Jamie Curnow
8884e3b261 TZ for dev db 2025-10-02 08:12:37 +10:00
Jamie Curnow
a3d17249d0 User table polish and audit log updates 2025-10-02 08:12:37 +10:00
Jamie Curnow
fc8a5e8b97 404 hosts search 2025-10-02 08:12:37 +10:00
Jamie Curnow
da68fe29ac 404 hosts polish 2025-10-02 08:12:37 +10:00
Jamie Curnow
18537b9288 404 hosts add update complete, fix certbot renewals 
and remove the need for email and agreement on cert requests
 2025-10-02 08:12:37 +10:00
Jamie Curnow
d85e515ab9 Dark UI for react-select 2025-10-02 08:12:37 +10:00
Jamie Curnow
94375bbc5f DNS Provider configuration 2025-10-02 08:12:37 +10:00
Jamie Curnow
54e036276a API lib cleanup, 404 hosts WIP 2025-10-02 08:12:36 +10:00
Jamie Curnow
058f49ceea Certificates react table basis 2025-10-02 08:12:33 +10:00
Jamie Curnow
efcefe0c17 Fix custom cert writes, fix schema 2025-10-02 08:12:33 +10:00
Jamie Curnow
429046f32e Audit log table and modal 2025-10-02 08:12:33 +10:00
Jamie Curnow
8ad95c5695 Set password for users 2025-10-02 08:12:31 +10:00
Jamie Curnow
038de3e5f9 Refactor from Promises to async/await 2025-10-02 08:12:28 +10:00
Jamie Curnow
1928e554fd Fix proxy hosts routes throwing errors 2025-10-02 08:12:28 +10:00
Jamie Curnow
d40e290a89 Biome update 2025-10-02 08:12:24 +10:00
Jamie Curnow
fb2708d81d Fix cypress tests following user wizard changes 2025-10-02 08:12:09 +10:00
Jamie Curnow
7a6efd8ebb User Permissions Modal 2025-10-02 08:12:09 +10:00
Jamie Curnow
0b2fa826e0 Introducing the Setup Wizard for creating the first user 
- no longer setup a default
- still able to do that with env vars however
 2025-10-02 08:12:05 +10:00
Jamie Curnow
6ab7198e61 User table polishing, user delete modal 2025-10-02 08:11:17 +10:00
Jamie Curnow
61a92906f3 Notification toasts, nicer loading, add new user support 2025-10-02 08:11:14 +10:00
Jamie Curnow
fadec9751e React 2025-10-02 08:10:42 +10:00
Jamie Curnow
330993f028 Convert backend to ESM 
- About 5 years overdue
- Remove eslint, use bomejs instead
 2025-10-02 08:10:18 +10:00
Jamie Curnow
487fa6d31b Attempt to fix frontend build for node 22
All checks were successful
Close stale issues and PRs / stale (push) Successful in 54s
Details 
replaced node-sass with sass
 2025-09-10 10:38:21 +10:00
191 changed files with 7460 additions and 2860 deletions
Expand all files Collapse all files

2
.version
View File

@@ -1 +1 @@
2.12.6 2.13.0

10
README.md
View File

@@ -1,7 +1,7 @@
<p align="center"> <p align="center">
<img src="https://nginxproxymanager.com/github.png"> <img src="https://nginxproxymanager.com/github.png">
<br><br> <br><br>
<img src="https://img.shields.io/badge/version-2.12.6-green.svg?style=for-the-badge"> <img src="https://img.shields.io/badge/version-2.13.0-green.svg?style=for-the-badge">
<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager"> <a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge"> <img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
</a> </a>
@@ -88,14 +88,6 @@ Sometimes this can take a little bit because of the entropy of keys.
[http://127.0.0.1:81](http://127.0.0.1:81) [http://127.0.0.1:81](http://127.0.0.1:81)
Default Admin User:
```
Email: admin@example.com
Password: changeme
```
Immediately after logging in with this default user you will be asked to modify your details and change your password.
## Contributing ## Contributing

765
backend/internal/access-list.js
View File

@@ -21,88 +21,74 @@ const internalAccessList = {
* @param {Object} data * @param {Object} data
* @returns {Promise} * @returns {Promise}
*/ */
create: (access, data) => { create: async (access, data) => {
return access await access.can("access_lists:create", data);
.can("access_lists:create", data) const row = await accessListModel
.then((/*access_data*/) => { .query()
return accessListModel .insertAndFetch({
.query() name: data.name,
.insertAndFetch({ satisfy_any: data.satisfy_any,
name: data.name, pass_auth: data.pass_auth,
satisfy_any: data.satisfy_any, owner_user_id: access.token.getUserId(1),
pass_auth: data.pass_auth,
owner_user_id: access.token.getUserId(1),
})
.then(utils.omitRow(omissions()));
}) })
.then((row) => { .then(utils.omitRow(omissions()));
data.id = row.id;
const promises = []; data.id = row.id;
// Now add the items const promises = [];
data.items.map((item) => { // Items
promises.push( data.items.map((item) => {
accessListAuthModel.query().insert({ promises.push(
access_list_id: row.id, accessListAuthModel.query().insert({
username: item.username, access_list_id: row.id,
password: item.password, username: item.username,
}), password: item.password,
); }),
return true; );
}); return true;
});
// Now add the clients // Clients
if (typeof data.clients !== "undefined" && data.clients) { data.clients?.map((client) => {
data.clients.map((client) => { promises.push(
promises.push( accessListClientModel.query().insert({
accessListClientModel.query().insert({ access_list_id: row.id,
access_list_id: row.id, address: client.address,
address: client.address, directive: client.directive,
directive: client.directive, }),
}), );
); return true;
return true; });
});
}
return Promise.all(promises); await Promise.all(promises);
})
.then(() => {
// re-fetch with expansions
return internalAccessList.get(
access,
{
id: data.id,
expand: ["owner", "items", "clients", "proxy_hosts.access_list.[clients,items]"],
},
true /* <- skip masking */,
);
})
.then((row) => {
// Audit log
data.meta = _.assign({}, data.meta || {}, row.meta);
return internalAccessList // re-fetch with expansions
.build(row) const freshRow = await internalAccessList.get(
.then(() => { access,
if (Number.parseInt(row.proxy_host_count, 10)) { {
return internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts); id: data.id,
} expand: ["owner", "items", "clients", "proxy_hosts.access_list.[clients,items]"],
}) },
.then(() => { true // skip masking
// Add to audit log );
return internalAuditLog.add(access, {
action: "created", // Audit log
object_type: "access-list", data.meta = _.assign({}, data.meta || {}, freshRow.meta);
object_id: row.id, await internalAccessList.build(freshRow);
meta: internalAccessList.maskItems(data),
}); if (Number.parseInt(freshRow.proxy_host_count, 10)) {
}) await internalNginx.bulkGenerateConfigs("proxy_host", freshRow.proxy_hosts);
.then(() => { }
return internalAccessList.maskItems(row);
}); // Add to audit log
}); await internalAuditLog.add(access, {
action: "created",
object_type: "access-list",
object_id: freshRow.id,
meta: internalAccessList.maskItems(data),
});
return internalAccessList.maskItems(freshRow);
}, },
/** /**
@@ -113,127 +99,107 @@ const internalAccessList = {
* @param {String} [data.items] * @param {String} [data.items]
* @return {Promise} * @return {Promise}
*/ */
update: (access, data) => { update: async (access, data) => {
return access await access.can("access_lists:update", data.id);
.can("access_lists:update", data.id) const row = await internalAccessList.get(access, { id: data.id });
.then((/*access_data*/) => { if (row.id !== data.id) {
return internalAccessList.get(access, { id: data.id }); // Sanity check that something crazy hasn't happened
}) throw new errs.InternalValidationError(
.then((row) => { `Access List could not be updated, IDs do not match: ${row.id} !== ${data.id}`,
if (row.id !== data.id) { );
// Sanity check that something crazy hasn't happened }
throw new errs.InternalValidationError(
`Access List could not be updated, IDs do not match: ${row.id} !== ${data.id}`, // patch name if specified
if (typeof data.name !== "undefined" && data.name) {
await accessListModel.query().where({ id: data.id }).patch({
name: data.name,
satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth,
});
}
// Check for items and add/update/remove them
if (typeof data.items !== "undefined" && data.items) {
const promises = [];
const itemsToKeep = [];
data.items.map((item) => {
if (item.password) {
promises.push(
accessListAuthModel.query().insert({
access_list_id: data.id,
username: item.username,
password: item.password,
}),
);
} else {
// This was supplied with an empty password, which means keep it but don't change the password
itemsToKeep.push(item.username);
}
return true;
});
const query = accessListAuthModel.query().delete().where("access_list_id", data.id);
if (itemsToKeep.length) {
query.andWhere("username", "NOT IN", itemsToKeep);
}
await query;
// Add new items
if (promises.length) {
await Promise.all(promises);
}
}
// Check for clients and add/update/remove them
if (typeof data.clients !== "undefined" && data.clients) {
const clientPromises = [];
data.clients.map((client) => {
if (client.address) {
clientPromises.push(
accessListClientModel.query().insert({
access_list_id: data.id,
address: client.address,
directive: client.directive,
}),
); );
} }
}) return true;
.then(() => {
// patch name if specified
if (typeof data.name !== "undefined" && data.name) {
return accessListModel.query().where({ id: data.id }).patch({
name: data.name,
satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth,
});
}
})
.then(() => {
// Check for items and add/update/remove them
if (typeof data.items !== "undefined" && data.items) {
const promises = [];
const items_to_keep = [];
data.items.map((item) => {
if (item.password) {
promises.push(
accessListAuthModel.query().insert({
access_list_id: data.id,
username: item.username,
password: item.password,
}),
);
} else {
// This was supplied with an empty password, which means keep it but don't change the password
items_to_keep.push(item.username);
}
return true;
});
const query = accessListAuthModel.query().delete().where("access_list_id", data.id);
if (items_to_keep.length) {
query.andWhere("username", "NOT IN", items_to_keep);
}
return query.then(() => {
// Add new items
if (promises.length) {
return Promise.all(promises);
}
});
}
})
.then(() => {
// Check for clients and add/update/remove them
if (typeof data.clients !== "undefined" && data.clients) {
const promises = [];
data.clients.map((client) => {
if (client.address) {
promises.push(
accessListClientModel.query().insert({
access_list_id: data.id,
address: client.address,
directive: client.directive,
}),
);
}
return true;
});
const query = accessListClientModel.query().delete().where("access_list_id", data.id);
return query.then(() => {
// Add new items
if (promises.length) {
return Promise.all(promises);
}
});
}
})
.then(() => {
// Add to audit log
return internalAuditLog.add(access, {
action: "updated",
object_type: "access-list",
object_id: data.id,
meta: internalAccessList.maskItems(data),
});
})
.then(() => {
// re-fetch with expansions
return internalAccessList.get(
access,
{
id: data.id,
expand: ["owner", "items", "clients", "proxy_hosts.[certificate,access_list.[clients,items]]"],
},
true /* <- skip masking */,
);
})
.then((row) => {
return internalAccessList
.build(row)
.then(() => {
if (Number.parseInt(row.proxy_host_count, 10)) {
return internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
}
})
.then(internalNginx.reload)
.then(() => {
return internalAccessList.maskItems(row);
});
}); });
const query = accessListClientModel.query().delete().where("access_list_id", data.id);
await query;
// Add new clitens
if (clientPromises.length) {
await Promise.all(clientPromises);
}
}
// Add to audit log
await internalAuditLog.add(access, {
action: "updated",
object_type: "access-list",
object_id: data.id,
meta: internalAccessList.maskItems(data),
});
// re-fetch with expansions
const freshRow = await internalAccessList.get(
access,
{
id: data.id,
expand: ["owner", "items", "clients", "proxy_hosts.[certificate,access_list.[clients,items]]"],
},
true // skip masking
);
await internalAccessList.build(freshRow)
if (Number.parseInt(row.proxy_host_count, 10)) {
await internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
}
await internalNginx.reload();
return internalAccessList.maskItems(row);
}, },
/** /**
@@ -242,55 +208,50 @@ const internalAccessList = {
* @param {Integer} data.id * @param {Integer} data.id
* @param {Array} [data.expand] * @param {Array} [data.expand]
* @param {Array} [data.omit] * @param {Array} [data.omit]
* @param {Boolean} [skip_masking] * @param {Boolean} [skipMasking]
* @return {Promise} * @return {Promise}
*/ */
get: (access, data, skip_masking) => { get: async (access, data, skipMasking) => {
const thisData = data || {}; const thisData = data || {};
const accessData = await access.can("access_lists:get", thisData.id)
return access const query = accessListModel
.can("access_lists:get", thisData.id) .query()
.then((accessData) => { .select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count"))
const query = accessListModel .leftJoin("proxy_host", function () {
.query() this.on("proxy_host.access_list_id", "=", "access_list.id").andOn(
.select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count")) "proxy_host.is_deleted",
.leftJoin("proxy_host", function () { "=",
this.on("proxy_host.access_list_id", "=", "access_list.id").andOn( 0,
"proxy_host.is_deleted", );
"=",
0,
);
})
.where("access_list.is_deleted", 0)
.andWhere("access_list.id", thisData.id)
.groupBy("access_list.id")
.allowGraph("[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]")
.first();
if (accessData.permission_visibility !== "all") {
query.andWhere("access_list.owner_user_id", access.token.getUserId(1));
}
if (typeof thisData.expand !== "undefined" && thisData.expand !== null) {
query.withGraphFetched(`[${thisData.expand.join(", ")}]`);
}
return query.then(utils.omitRow(omissions()));
}) })
.then((row) => { .where("access_list.is_deleted", 0)
let thisRow = row; .andWhere("access_list.id", thisData.id)
if (!row || !row.id) { .groupBy("access_list.id")
throw new errs.ItemNotFoundError(thisData.id); .allowGraph("[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]")
} .first();
if (!skip_masking && typeof thisRow.items !== "undefined" && thisRow.items) {
thisRow = internalAccessList.maskItems(thisRow); if (accessData.permission_visibility !== "all") {
} query.andWhere("access_list.owner_user_id", access.token.getUserId(1));
// Custom omissions }
if (typeof data.omit !== "undefined" && data.omit !== null) {
thisRow = _.omit(thisRow, data.omit); if (typeof thisData.expand !== "undefined" && thisData.expand !== null) {
} query.withGraphFetched(`[${thisData.expand.join(", ")}]`);
return thisRow; }
});
let row = await query.then(utils.omitRow(omissions()));
if (!row || !row.id) {
throw new errs.ItemNotFoundError(thisData.id);
}
if (!skipMasking && typeof row.items !== "undefined" && row.items) {
row = internalAccessList.maskItems(row);
}
// Custom omissions
if (typeof data.omit !== "undefined" && data.omit !== null) {
row = _.omit(row, data.omit);
}
return row;
}, },
/** /**
@@ -300,75 +261,64 @@ const internalAccessList = {
* @param {String} [data.reason] * @param {String} [data.reason]
* @returns {Promise} * @returns {Promise}
*/ */
delete: (access, data) => { delete: async (access, data) => {
return access await access.can("access_lists:delete", data.id);
.can("access_lists:delete", data.id) const row = await internalAccessList.get(access, {
.then(() => { id: data.id,
return internalAccessList.get(access, { id: data.id, expand: ["proxy_hosts", "items", "clients"] }); expand: ["proxy_hosts", "items", "clients"],
}) });
.then((row) => {
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
// 1. update row to be deleted if (!row || !row.id) {
// 2. update any proxy hosts that were using it (ignoring permissions) throw new errs.ItemNotFoundError(data.id);
// 3. reconfigure those hosts }
// 4. audit log
// 1. update row to be deleted // 1. update row to be deleted
return accessListModel // 2. update any proxy hosts that were using it (ignoring permissions)
.query() // 3. reconfigure those hosts
.where("id", row.id) // 4. audit log
.patch({
is_deleted: 1,
})
.then(() => {
// 2. update any proxy hosts that were using it (ignoring permissions)
if (row.proxy_hosts) {
return proxyHostModel
.query()
.where("access_list_id", "=", row.id)
.patch({ access_list_id: 0 })
.then(() => {
// 3. reconfigure those hosts, then reload nginx
// set the access_list_id to zero for these items // 1. update row to be deleted
row.proxy_hosts.map((_val, idx) => { await accessListModel
row.proxy_hosts[idx].access_list_id = 0; .query()
return true; .where("id", row.id)
}); .patch({
is_deleted: 1,
});
return internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts); // 2. update any proxy hosts that were using it (ignoring permissions)
}) if (row.proxy_hosts) {
.then(() => { await proxyHostModel
return internalNginx.reload(); .query()
}); .where("access_list_id", "=", row.id)
} .patch({ access_list_id: 0 });
})
.then(() => {
// delete the htpasswd file
const htpasswd_file = internalAccessList.getFilename(row);
try { // 3. reconfigure those hosts, then reload nginx
fs.unlinkSync(htpasswd_file); // set the access_list_id to zero for these items
} catch (_err) { row.proxy_hosts.map((_val, idx) => {
// do nothing row.proxy_hosts[idx].access_list_id = 0;
}
})
.then(() => {
// 4. audit log
return internalAuditLog.add(access, {
action: "deleted",
object_type: "access-list",
object_id: row.id,
meta: _.omit(internalAccessList.maskItems(row), ["is_deleted", "proxy_hosts"]),
});
});
})
.then(() => {
return true; return true;
}); });
await internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
}
await internalNginx.reload();
// delete the htpasswd file
try {
fs.unlinkSync(internalAccessList.getFilename(row));
} catch (_err) {
// do nothing
}
// 4. audit log
await internalAuditLog.add(access, {
action: "deleted",
object_type: "access-list",
object_id: row.id,
meta: _.omit(internalAccessList.maskItems(row), ["is_deleted", "proxy_hosts"]),
});
return true;
}, },
/** /**
@@ -376,76 +326,73 @@ const internalAccessList = {
* *
* @param {Access} access * @param {Access} access
* @param {Array} [expand] * @param {Array} [expand]
* @param {String} [search_query] * @param {String} [searchQuery]
* @returns {Promise} * @returns {Promise}
*/ */
getAll: (access, expand, search_query) => { getAll: async (access, expand, searchQuery) => {
return access const accessData = await access.can("access_lists:list");
.can("access_lists:list")
.then((access_data) => {
const query = accessListModel
.query()
.select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count"))
.leftJoin("proxy_host", function () {
this.on("proxy_host.access_list_id", "=", "access_list.id").andOn(
"proxy_host.is_deleted",
"=",
0,
);
})
.where("access_list.is_deleted", 0)
.groupBy("access_list.id")
.allowGraph("[owner,items,clients]")
.orderBy("access_list.name", "ASC");
if (access_data.permission_visibility !== "all") { const query = accessListModel
query.andWhere("access_list.owner_user_id", access.token.getUserId(1)); .query()
} .select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count"))
.leftJoin("proxy_host", function () {
// Query is used for searching this.on("proxy_host.access_list_id", "=", "access_list.id").andOn(
if (typeof search_query === "string") { "proxy_host.is_deleted",
query.where(function () { "=",
this.where("name", "like", `%${search_query}%`); 0,
}); );
}
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
return query.then(utils.omitRows(omissions()));
}) })
.then((rows) => { .where("access_list.is_deleted", 0)
if (rows) { .groupBy("access_list.id")
rows.map((row, idx) => { .allowGraph("[owner,items,clients]")
if (typeof row.items !== "undefined" && row.items) { .orderBy("access_list.name", "ASC");
rows[idx] = internalAccessList.maskItems(row);
}
return true;
});
}
return rows; if (accessData.permission_visibility !== "all") {
query.andWhere("access_list.owner_user_id", access.token.getUserId(1));
}
// Query is used for searching
if (typeof searchQuery === "string") {
query.where(function () {
this.where("name", "like", `%${searchQuery}%`);
}); });
}
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
const rows = await query.then(utils.omitRows(omissions()));
if (rows) {
rows.map((row, idx) => {
if (typeof row.items !== "undefined" && row.items) {
rows[idx] = internalAccessList.maskItems(row);
}
return true;
});
}
return rows;
}, },
/** /**
* Report use * Count is used in reports
* *
* @param {Integer} user_id * @param {Integer} userId
* @param {String} visibility * @param {String} visibility
* @returns {Promise} * @returns {Promise}
*/ */
getCount: (user_id, visibility) => { getCount: async (userId, visibility) => {
const query = accessListModel.query().count("id as count").where("is_deleted", 0); const query = accessListModel
.query()
.count("id as count")
.where("is_deleted", 0);
if (visibility !== "all") { if (visibility !== "all") {
query.andWhere("owner_user_id", user_id); query.andWhere("owner_user_id", userId);
} }
return query.first().then((row) => { const row = await query.first();
return Number.parseInt(row.count, 10); return Number.parseInt(row.count, 10);
});
}, },
/** /**
@@ -455,20 +402,19 @@ const internalAccessList = {
maskItems: (list) => { maskItems: (list) => {
if (list && typeof list.items !== "undefined") { if (list && typeof list.items !== "undefined") {
list.items.map((val, idx) => { list.items.map((val, idx) => {
let repeat_for = 8; let repeatFor = 8;
let first_char = "*"; let firstChar = "*";
if (typeof val.password !== "undefined" && val.password) { if (typeof val.password !== "undefined" && val.password) {
repeat_for = val.password.length - 1; repeatFor = val.password.length - 1;
first_char = val.password.charAt(0); firstChar = val.password.charAt(0);
} }
list.items[idx].hint = first_char + "*".repeat(repeat_for); list.items[idx].hint = firstChar + "*".repeat(repeatFor);
list.items[idx].password = ""; list.items[idx].password = "";
return true; return true;
}); });
} }
return list; return list;
}, },
@@ -488,66 +434,55 @@ const internalAccessList = {
* @param {Array} list.items * @param {Array} list.items
* @returns {Promise} * @returns {Promise}
*/ */
build: (list) => { build: async (list) => {
logger.info(`Building Access file #${list.id} for: ${list.name}`); logger.info(`Building Access file #${list.id} for: ${list.name}`);
return new Promise((resolve, reject) => { const htpasswdFile = internalAccessList.getFilename(list);
const htpasswd_file = internalAccessList.getFilename(list);
// 1. remove any existing access file // 1. remove any existing access file
try { try {
fs.unlinkSync(htpasswd_file); fs.unlinkSync(htpasswdFile);
} catch (_err) { } catch (_err) {
// do nothing // do nothing
} }
// 2. create empty access file // 2. create empty access file
try { fs.writeFileSync(htpasswdFile, '', {encoding: 'utf8'});
fs.writeFileSync(htpasswd_file, "", { encoding: "utf8" });
resolve(htpasswd_file);
} catch (err) {
reject(err);
}
}).then((htpasswd_file) => {
// 3. generate password for each user
if (list.items.length) {
return new Promise((resolve, reject) => {
batchflow(list.items)
.sequential()
.each((_i, item, next) => {
if (item.password?.length) {
logger.info(`Adding: ${item.username}`);
utils // 3. generate password for each user
.execFile("openssl", ["passwd", "-apr1", item.password]) if (list.items.length) {
.then((res) => { await new Promise((resolve, reject) => {
try { batchflow(list.items).sequential()
fs.appendFileSync(htpasswd_file, `${item.username}:${res}\n`, { .each((_i, item, next) => {
encoding: "utf8", if (item.password?.length) {
}); logger.info(`Adding: ${item.username}`);
} catch (err) {
reject(err); utils.execFile('openssl', ['passwd', '-apr1', item.password])
} .then((res) => {
next(); try {
}) fs.appendFileSync(htpasswdFile, `${item.username}:${res}\n`, {encoding: 'utf8'});
.catch((err) => { } catch (err) {
logger.error(err); reject(err);
next(err); }
}); next();
} })
}) .catch((err) => {
.error((err) => { logger.error(err);
logger.error(err); next(err);
reject(err); });
}) }
.end((results) => { })
logger.success(`Built Access file #${list.id} for: ${list.name}`); .error((err) => {
resolve(results); logger.error(err);
}); reject(err);
}); })
} .end((results) => {
}); logger.success(`Built Access file #${list.id} for: ${list.name}`);
}, resolve(results);
}; });
});
}
}
}
export default internalAccessList; export default internalAccessList;

104
backend/internal/audit-log.js
View File

@@ -9,31 +9,60 @@ const internalAuditLog = {
* *
* @param {Access} access * @param {Access} access
* @param {Array} [expand] * @param {Array} [expand]
* @param {String} [search_query] * @param {String} [searchQuery]
* @returns {Promise} * @returns {Promise}
*/ */
getAll: (access, expand, search_query) => { getAll: async (access, expand, searchQuery) => {
return access.can("auditlog:list").then(() => { await access.can("auditlog:list");
const query = auditLogModel
.query()
.orderBy("created_on", "DESC")
.orderBy("id", "DESC")
.limit(100)
.allowGraph("[user]");
// Query is used for searching const query = auditLogModel
if (typeof search_query === "string" && search_query.length > 0) { .query()
query.where(function () { .orderBy("created_on", "DESC")
this.where(castJsonIfNeed("meta"), "like", `%${search_query}`); .orderBy("id", "DESC")
}); .limit(100)
} .allowGraph("[user]");
if (typeof expand !== "undefined" && expand !== null) { // Query is used for searching
query.withGraphFetched(`[${expand.join(", ")}]`); if (typeof searchQuery === "string" && searchQuery.length > 0) {
} query.where(function () {
this.where(castJsonIfNeed("meta"), "like", `%${searchQuery}`);
});
}
return query; if (typeof expand !== "undefined" && expand !== null) {
}); query.withGraphFetched(`[${expand.join(", ")}]`);
}
return await query;
},
/**
* @param {Access} access
* @param {Object} [data]
* @param {Integer} [data.id] Defaults to the token user
* @param {Array} [data.expand]
* @return {Promise}
*/
get: async (access, data) => {
await access.can("auditlog:list");
const query = auditLogModel
.query()
.andWhere("id", data.id)
.allowGraph("[user]")
.first();
if (typeof data.expand !== "undefined" && data.expand !== null) {
query.withGraphFetched(`[${data.expand.join(", ")}]`);
}
const row = await query;
if (!row?.id) {
throw new errs.ItemNotFoundError(data.id);
}
return row;
}, },
/** /**
@@ -50,27 +79,22 @@ const internalAuditLog = {
* @param {Object} [data.meta] * @param {Object} [data.meta]
* @returns {Promise} * @returns {Promise}
*/ */
add: (access, data) => { add: async (access, data) => {
return new Promise((resolve, reject) => { if (typeof data.user_id === "undefined" || !data.user_id) {
// Default the user id data.user_id = access.token.getUserId(1);
if (typeof data.user_id === "undefined" || !data.user_id) { }
data.user_id = access.token.getUserId(1);
}
if (typeof data.action === "undefined" || !data.action) { if (typeof data.action === "undefined" || !data.action) {
reject(new errs.InternalValidationError("Audit log entry must contain an Action")); throw new errs.InternalValidationError("Audit log entry must contain an Action");
} else { }
// Make sure at least 1 of the IDs are set and action
resolve( // Make sure at least 1 of the IDs are set and action
auditLogModel.query().insert({ return await auditLogModel.query().insert({
user_id: data.user_id, user_id: data.user_id,
action: data.action, action: data.action,
object_type: data.object_type || "", object_type: data.object_type || "",
object_id: data.object_id || 0, object_id: data.object_id || 0,
meta: data.meta || {}, meta: data.meta || {},
}),
);
}
}); });
}, },
}; };

1075
backend/internal/certificate.js
View File

File diff suppressed because it is too large Load Diff

619
backend/internal/dead-host.js
View File

@@ -18,91 +18,79 @@ const internalDeadHost = {
* @param {Object} data * @param {Object} data
* @returns {Promise} * @returns {Promise}
*/ */
create: (access, data) => { create: async (access, data) => {
const createCertificate = data.certificate_id === "new"; const createCertificate = data.certificate_id === "new";
if (createCertificate) { if (createCertificate) {
delete data.certificate_id; delete data.certificate_id;
} }
return access await access.can("dead_hosts:create", data);
.can("dead_hosts:create", data)
.then((/*access_data*/) => {
// Get a list of the domain names and check each of them against existing records
const domain_name_check_promises = [];
data.domain_names.map((domain_name) => { // Get a list of the domain names and check each of them against existing records
domain_name_check_promises.push(internalHost.isHostnameTaken(domain_name)); const domainNameCheckPromises = [];
return true;
});
return Promise.all(domain_name_check_promises).then((check_results) => { data.domain_names.map((domain_name) => {
check_results.map((result) => { domainNameCheckPromises.push(internalHost.isHostnameTaken(domain_name));
if (result.is_taken) { return true;
throw new errs.ValidationError(`${result.hostname} is already in use`); });
}
return true;
});
});
})
.then(() => {
// At this point the domains should have been checked
data.owner_user_id = access.token.getUserId(1);
const thisData = internalHost.cleanSslHstsData(data);
// Fix for db field not having a default value await Promise.all(domainNameCheckPromises).then((check_results) => {
// for this optional field. check_results.map((result) => {
if (typeof data.advanced_config === "undefined") { if (result.is_taken) {
thisData.advanced_config = ""; throw new errs.ValidationError(`${result.hostname} is already in use`);
} }
return true;
return deadHostModel.query().insertAndFetch(thisData).then(utils.omitRow(omissions()));
})
.then((row) => {
if (createCertificate) {
return internalCertificate
.createQuickCertificate(access, data)
.then((cert) => {
// update host with cert id
return internalDeadHost.update(access, {
id: row.id,
certificate_id: cert.id,
});
})
.then(() => {
return row;
});
}
return row;
})
.then((row) => {
// re-fetch with cert
return internalDeadHost.get(access, {
id: row.id,
expand: ["certificate", "owner"],
});
})
.then((row) => {
// Configure nginx
return internalNginx.configure(deadHostModel, "dead_host", row).then(() => {
return row;
});
})
.then((row) => {
data.meta = _.assign({}, data.meta || {}, row.meta);
// Add to audit log
return internalAuditLog
.add(access, {
action: "created",
object_type: "dead-host",
object_id: row.id,
meta: data,
})
.then(() => {
return row;
});
}); });
});
// At this point the domains should have been checked
data.owner_user_id = access.token.getUserId(1);
const thisData = internalHost.cleanSslHstsData(data);
// Fix for db field not having a default value
// for this optional field.
if (typeof data.advanced_config === "undefined") {
thisData.advanced_config = "";
}
const row = await deadHostModel.query()
.insertAndFetch(thisData)
.then(utils.omitRow(omissions()));
// Add to audit log
await internalAuditLog.add(access, {
action: "created",
object_type: "dead-host",
object_id: row.id,
meta: thisData,
});
if (createCertificate) {
const cert = await internalCertificate.createQuickCertificate(access, data);
// update host with cert id
await internalDeadHost.update(access, {
id: row.id,
certificate_id: cert.id,
});
}
// re-fetch with cert
const freshRow = await internalDeadHost.get(access, {
id: row.id,
expand: ["certificate", "owner"],
});
// Sanity check
if (createCertificate && !freshRow.certificate_id) {
throw new errs.InternalValidationError("The host was created but the Certificate creation failed.");
}
// Configure nginx
await internalNginx.configure(deadHostModel, "dead_host", freshRow);
return freshRow;
}, },
/** /**
@@ -111,107 +99,85 @@ const internalDeadHost = {
* @param {Number} data.id * @param {Number} data.id
* @return {Promise} * @return {Promise}
*/ */
update: (access, data) => { update: async (access, data) => {
let thisData = data; const createCertificate = data.certificate_id === "new";
const createCertificate = thisData.certificate_id === "new";
if (createCertificate) { if (createCertificate) {
delete thisData.certificate_id; delete data.certificate_id;
} }
return access await access.can("dead_hosts:update", data.id);
.can("dead_hosts:update", thisData.id)
.then((/*access_data*/) => {
// Get a list of the domain names and check each of them against existing records
const domain_name_check_promises = [];
if (typeof thisData.domain_names !== "undefined") { // Get a list of the domain names and check each of them against existing records
thisData.domain_names.map((domain_name) => { const domainNameCheckPromises = [];
domain_name_check_promises.push(internalHost.isHostnameTaken(domain_name, "dead", data.id)); if (typeof data.domain_names !== "undefined") {
return true; data.domain_names.map((domainName) => {
}); domainNameCheckPromises.push(internalHost.isHostnameTaken(domainName, "dead", data.id));
return true;
return Promise.all(domain_name_check_promises).then((check_results) => {
check_results.map((result) => {
if (result.is_taken) {
throw new errs.ValidationError(`${result.hostname} is already in use`);
}
return true;
});
});
}
})
.then(() => {
return internalDeadHost.get(access, { id: thisData.id });
})
.then((row) => {
if (row.id !== thisData.id) {
// Sanity check that something crazy hasn't happened
throw new errs.InternalValidationError(
`404 Host could not be updated, IDs do not match: ${row.id} !== ${thisData.id}`,
);
}
if (createCertificate) {
return internalCertificate
.createQuickCertificate(access, {
domain_names: thisData.domain_names || row.domain_names,
meta: _.assign({}, row.meta, thisData.meta),
})
.then((cert) => {
// update host with cert id
thisData.certificate_id = cert.id;
})
.then(() => {
return row;
});
}
return row;
})
.then((row) => {
// Add domain_names to the data in case it isn't there, so that the audit log renders correctly. The order is important here.
thisData = _.assign(
{},
{
domain_names: row.domain_names,
},
data,
);
thisData = internalHost.cleanSslHstsData(thisData, row);
return deadHostModel
.query()
.where({ id: thisData.id })
.patch(thisData)
.then((saved_row) => {
// Add to audit log
return internalAuditLog
.add(access, {
action: "updated",
object_type: "dead-host",
object_id: row.id,
meta: thisData,
})
.then(() => {
return _.omit(saved_row, omissions());
});
});
})
.then(() => {
return internalDeadHost
.get(access, {
id: thisData.id,
expand: ["owner", "certificate"],
})
.then((row) => {
// Configure nginx
return internalNginx.configure(deadHostModel, "dead_host", row).then((new_meta) => {
row.meta = new_meta;
return _.omit(internalHost.cleanRowCertificateMeta(row), omissions());
});
});
}); });
const checkResults = await Promise.all(domainNameCheckPromises);
checkResults.map((result) => {
if (result.is_taken) {
throw new errs.ValidationError(`${result.hostname} is already in use`);
}
return true;
});
}
const row = await internalDeadHost.get(access, { id: data.id });
if (row.id !== data.id) {
// Sanity check that something crazy hasn't happened
throw new errs.InternalValidationError(
`404 Host could not be updated, IDs do not match: ${row.id} !== ${data.id}`,
);
}
if (createCertificate) {
const cert = await internalCertificate.createQuickCertificate(access, {
domain_names: data.domain_names || row.domain_names,
meta: _.assign({}, row.meta, data.meta),
});
// update host with cert id
data.certificate_id = cert.id;
}
// Add domain_names to the data in case it isn't there, so that the audit log renders correctly. The order is important here.
let thisData = _.assign(
{},
{
domain_names: row.domain_names,
},
data,
);
thisData = internalHost.cleanSslHstsData(thisData, row);
// do the row update
await deadHostModel
.query()
.where({id: data.id})
.patch(data);
// Add to audit log
await internalAuditLog.add(access, {
action: "updated",
object_type: "dead-host",
object_id: row.id,
meta: thisData,
});
const thisRow = await internalDeadHost
.get(access, {
id: thisData.id,
expand: ["owner", "certificate"],
});
// Configure nginx
const newMeta = await internalNginx.configure(deadHostModel, "dead_host", row);
row.meta = newMeta;
return _.omit(internalHost.cleanRowCertificateMeta(thisRow), omissions());
}, },
/** /**
@@ -222,39 +188,32 @@ const internalDeadHost = {
* @param {Array} [data.omit] * @param {Array} [data.omit]
* @return {Promise} * @return {Promise}
*/ */
get: (access, data) => { get: async (access, data) => {
const thisData = data || {}; const accessData = await access.can("dead_hosts:get", data.id);
const query = deadHostModel
.query()
.where("is_deleted", 0)
.andWhere("id", data.id)
.allowGraph("[owner,certificate]")
.first();
return access if (accessData.permission_visibility !== "all") {
.can("dead_hosts:get", thisData.id) query.andWhere("owner_user_id", access.token.getUserId(1));
.then((access_data) => { }
const query = deadHostModel
.query()
.where("is_deleted", 0)
.andWhere("id", dthisDataata.id)
.allowGraph("[owner,certificate]")
.first();
if (access_data.permission_visibility !== "all") { if (typeof data.expand !== "undefined" && data.expand !== null) {
query.andWhere("owner_user_id", access.token.getUserId(1)); query.withGraphFetched(`[${data.expand.join(", ")}]`);
} }
if (typeof thisData.expand !== "undefined" && thisData.expand !== null) { const row = await query.then(utils.omitRow(omissions()));
query.withGraphFetched(`[${data.expand.join(", ")}]`); if (!row || !row.id) {
} throw new errs.ItemNotFoundError(data.id);
}
return query.then(utils.omitRow(omissions())); // Custom omissions
}) if (typeof data.omit !== "undefined" && data.omit !== null) {
.then((row) => { return _.omit(row, data.omit);
if (!row || !row.id) { }
throw new errs.ItemNotFoundError(thisData.id); return row;
}
// Custom omissions
if (typeof thisData.omit !== "undefined" && thisData.omit !== null) {
return _.omit(row, thisData.omit);
}
return row;
});
}, },
/** /**
@@ -264,42 +223,32 @@ const internalDeadHost = {
* @param {String} [data.reason] * @param {String} [data.reason]
* @returns {Promise} * @returns {Promise}
*/ */
delete: (access, data) => { delete: async (access, data) => {
return access await access.can("dead_hosts:delete", data.id)
.can("dead_hosts:delete", data.id) const row = await internalDeadHost.get(access, { id: data.id });
.then(() => { if (!row || !row.id) {
return internalDeadHost.get(access, { id: data.id }); throw new errs.ItemNotFoundError(data.id);
}) }
.then((row) => {
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
return deadHostModel await deadHostModel
.query() .query()
.where("id", row.id) .where("id", row.id)
.patch({ .patch({
is_deleted: 1, is_deleted: 1,
})
.then(() => {
// Delete Nginx Config
return internalNginx.deleteConfig("dead_host", row).then(() => {
return internalNginx.reload();
});
})
.then(() => {
// Add to audit log
return internalAuditLog.add(access, {
action: "deleted",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
});
})
.then(() => {
return true;
}); });
// Delete Nginx Config
await internalNginx.deleteConfig("dead_host", row);
await internalNginx.reload();
// Add to audit log
await internalAuditLog.add(access, {
action: "deleted",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
return true;
}, },
/** /**
@@ -309,48 +258,39 @@ const internalDeadHost = {
* @param {String} [data.reason] * @param {String} [data.reason]
* @returns {Promise} * @returns {Promise}
*/ */
enable: (access, data) => { enable: async (access, data) => {
return access await access.can("dead_hosts:update", data.id)
.can("dead_hosts:update", data.id) const row = await internalDeadHost.get(access, {
.then(() => { id: data.id,
return internalDeadHost.get(access, { expand: ["certificate", "owner"],
id: data.id, });
expand: ["certificate", "owner"], if (!row || !row.id) {
}); throw new errs.ItemNotFoundError(data.id);
}) }
.then((row) => { if (row.enabled) {
if (!row || !row.id) { throw new errs.ValidationError("Host is already enabled");
throw new errs.ItemNotFoundError(data.id); }
}
if (row.enabled) {
throw new errs.ValidationError("Host is already enabled");
}
row.enabled = 1; row.enabled = 1;
return deadHostModel await deadHostModel
.query() .query()
.where("id", row.id) .where("id", row.id)
.patch({ .patch({
enabled: 1, enabled: 1,
})
.then(() => {
// Configure nginx
return internalNginx.configure(deadHostModel, "dead_host", row);
})
.then(() => {
// Add to audit log
return internalAuditLog.add(access, {
action: "enabled",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
});
})
.then(() => {
return true;
}); });
// Configure nginx
await internalNginx.configure(deadHostModel, "dead_host", row);
// Add to audit log
await internalAuditLog.add(access, {
action: "enabled",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
return true;
}, },
/** /**
@@ -360,47 +300,37 @@ const internalDeadHost = {
* @param {String} [data.reason] * @param {String} [data.reason]
* @returns {Promise} * @returns {Promise}
*/ */
disable: (access, data) => { disable: async (access, data) => {
return access await access.can("dead_hosts:update", data.id)
.can("dead_hosts:update", data.id) const row = await internalDeadHost.get(access, { id: data.id });
.then(() => { if (!row || !row.id) {
return internalDeadHost.get(access, { id: data.id }); throw new errs.ItemNotFoundError(data.id);
}) }
.then((row) => { if (!row.enabled) {
if (!row || !row.id) { throw new errs.ValidationError("Host is already disabled");
throw new errs.ItemNotFoundError(data.id); }
}
if (!row.enabled) {
throw new errs.ValidationError("Host is already disabled");
}
row.enabled = 0; row.enabled = 0;
return deadHostModel await deadHostModel
.query() .query()
.where("id", row.id) .where("id", row.id)
.patch({ .patch({
enabled: 0, enabled: 0,
})
.then(() => {
// Delete Nginx Config
return internalNginx.deleteConfig("dead_host", row).then(() => {
return internalNginx.reload();
});
})
.then(() => {
// Add to audit log
return internalAuditLog.add(access, {
action: "disabled",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
});
})
.then(() => {
return true;
}); });
// Delete Nginx Config
await internalNginx.deleteConfig("dead_host", row);
await internalNginx.reload();
// Add to audit log
await internalAuditLog.add(access, {
action: "disabled",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
return true;
}, },
/** /**
@@ -408,44 +338,38 @@ const internalDeadHost = {
* *
* @param {Access} access * @param {Access} access
* @param {Array} [expand] * @param {Array} [expand]
* @param {String} [search_query] * @param {String} [searchQuery]
* @returns {Promise} * @returns {Promise}
*/ */
getAll: (access, expand, search_query) => { getAll: async (access, expand, searchQuery) => {
return access const accessData = await access.can("dead_hosts:list")
.can("dead_hosts:list") const query = deadHostModel
.then((access_data) => { .query()
const query = deadHostModel .where("is_deleted", 0)
.query() .groupBy("id")
.where("is_deleted", 0) .allowGraph("[owner,certificate]")
.groupBy("id") .orderBy(castJsonIfNeed("domain_names"), "ASC");
.allowGraph("[owner,certificate]")
.orderBy(castJsonIfNeed("domain_names"), "ASC");
if (access_data.permission_visibility !== "all") { if (accessData.permission_visibility !== "all") {
query.andWhere("owner_user_id", access.token.getUserId(1)); query.andWhere("owner_user_id", access.token.getUserId(1));
} }
// Query is used for searching // Query is used for searching
if (typeof search_query === "string" && search_query.length > 0) { if (typeof searchQuery === "string" && searchQuery.length > 0) {
query.where(function () { query.where(function () {
this.where(castJsonIfNeed("domain_names"), "like", `%${search_query}%`); this.where(castJsonIfNeed("domain_names"), "like", `%${searchQuery}%`);
});
}
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
return query.then(utils.omitRows(omissions()));
})
.then((rows) => {
if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) {
return internalHost.cleanAllRowsCertificateMeta(rows);
}
return rows;
}); });
}
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
const rows = await query.then(utils.omitRows(omissions()));
if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) {
internalHost.cleanAllRowsCertificateMeta(rows);
}
return rows;
}, },
/** /**
@@ -455,16 +379,15 @@ const internalDeadHost = {
* @param {String} visibility * @param {String} visibility
* @returns {Promise} * @returns {Promise}
*/ */
getCount: (user_id, visibility) => { getCount: async (user_id, visibility) => {
const query = deadHostModel.query().count("id as count").where("is_deleted", 0); const query = deadHostModel.query().count("id as count").where("is_deleted", 0);
if (visibility !== "all") { if (visibility !== "all") {
query.andWhere("owner_user_id", user_id); query.andWhere("owner_user_id", user_id);
} }
return query.first().then((row) => { const row = await query.first();
return Number.parseInt(row.count, 10); return Number.parseInt(row.count, 10);
});
}, },
}; };

55
backend/internal/host.js
View File

@@ -65,50 +65,33 @@ const internalHost = {
}, },
/** /**
* This returns all the host types with any domain listed in the provided domain_names array. * This returns all the host types with any domain listed in the provided domainNames array.
* This is used by the certificates to temporarily disable any host that is using the domain * This is used by the certificates to temporarily disable any host that is using the domain
* *
* @param {Array} domain_names * @param {Array} domainNames
* @returns {Promise} * @returns {Promise}
*/ */
getHostsWithDomains: (domain_names) => { getHostsWithDomains: async (domainNames) => {
const promises = [ const responseObject = {
proxyHostModel.query().where("is_deleted", 0), total_count: 0,
redirectionHostModel.query().where("is_deleted", 0), dead_hosts: [],
deadHostModel.query().where("is_deleted", 0), proxy_hosts: [],
]; redirection_hosts: [],
};
return Promise.all(promises).then((promises_results) => { const proxyRes = await proxyHostModel.query().where("is_deleted", 0);
const response_object = { responseObject.proxy_hosts = internalHost._getHostsWithDomains(proxyRes, domainNames);
total_count: 0, responseObject.total_count += responseObject.proxy_hosts.length;
dead_hosts: [],
proxy_hosts: [],
redirection_hosts: [],
};
if (promises_results[0]) { const redirRes = await redirectionHostModel.query().where("is_deleted", 0);
// Proxy Hosts responseObject.redirection_hosts = internalHost._getHostsWithDomains(redirRes, domainNames);
response_object.proxy_hosts = internalHost._getHostsWithDomains(promises_results[0], domain_names); responseObject.total_count += responseObject.redirection_hosts.length;
response_object.total_count += response_object.proxy_hosts.length;
}
if (promises_results[1]) { const deadRes = await deadHostModel.query().where("is_deleted", 0);
// Redirection Hosts responseObject.dead_hosts = internalHost._getHostsWithDomains(deadRes, domainNames);
response_object.redirection_hosts = internalHost._getHostsWithDomains( responseObject.total_count += responseObject.dead_hosts.length;
promises_results[1],
domain_names,
);
response_object.total_count += response_object.redirection_hosts.length;
}
if (promises_results[2]) { return responseObject;
// Dead Hosts
response_object.dead_hosts = internalHost._getHostsWithDomains(promises_results[2], domain_names);
response_object.total_count += response_object.dead_hosts.length;
}
return response_object;
});
}, },
/** /**

5
backend/internal/nginx.js
View File

@@ -301,8 +301,11 @@ const internalNginx = {
* @param {String} filename * @param {String} filename
*/ */
deleteFile: (filename) => { deleteFile: (filename) => {
logger.debug(`Deleting file: ${filename}`); if (!fs.existsSync(filename)) {
return;
}
try { try {
logger.debug(`Deleting file: ${filename}`);
fs.unlinkSync(filename); fs.unlinkSync(filename);
} catch (err) { } catch (err) {
logger.debug("Could not delete file:", JSON.stringify(err, null, 2)); logger.debug("Could not delete file:", JSON.stringify(err, null, 2));

3
backend/internal/proxy-host.js
View File

@@ -422,7 +422,6 @@ const internalProxyHost = {
*/ */
getAll: async (access, expand, searchQuery) => { getAll: async (access, expand, searchQuery) => {
const accessData = await access.can("proxy_hosts:list"); const accessData = await access.can("proxy_hosts:list");
const query = proxyHostModel const query = proxyHostModel
.query() .query()
.where("is_deleted", 0) .where("is_deleted", 0)
@@ -446,11 +445,9 @@ const internalProxyHost = {
} }
const rows = await query.then(utils.omitRows(omissions())); const rows = await query.then(utils.omitRows(omissions()));
if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) { if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) {
return internalHost.cleanAllRowsCertificateMeta(rows); return internalHost.cleanAllRowsCertificateMeta(rows);
} }
return rows; return rows;
}, },

2
backend/internal/stream.js
View File

@@ -348,7 +348,7 @@ const internalStream = {
// Add to audit log // Add to audit log
return internalAuditLog.add(access, { return internalAuditLog.add(access, {
action: "disabled", action: "disabled",
object_type: "stream-host", object_type: "stream",
object_id: row.id, object_id: row.id,
meta: _.omit(row, omissions()), meta: _.omit(row, omissions()),
}); });

2
backend/internal/user.js
View File

@@ -131,7 +131,7 @@ const internalUser = {
action: "updated", action: "updated",
object_type: "user", object_type: "user",
object_id: user.id, object_id: user.id,
meta: data, meta: { ...data, id: user.id, name: user.name },
}) })
.then(() => { .then(() => {
return user; return user;

2
backend/lib/access.js
View File

@@ -131,7 +131,7 @@ export default function (tokenString) {
const rows = await query; const rows = await query;
objects = []; objects = [];
_.forEach(rows, (ruleRow) => { _.forEach(rows, (ruleRow) => {
result.push(ruleRow.id); objects.push(ruleRow.id);
}); });
// enum should not have less than 1 item // enum should not have less than 1 item

79
backend/lib/certbot.js
View File

@@ -6,46 +6,6 @@ import utils from "./utils.js";
const CERTBOT_VERSION_REPLACEMENT = "$(certbot --version | grep -Eo '[0-9](\\.[0-9]+)+')"; const CERTBOT_VERSION_REPLACEMENT = "$(certbot --version | grep -Eo '[0-9](\\.[0-9]+)+')";
/**
* @param {array} pluginKeys
*/
const installPlugins = async (pluginKeys) => {
let hasErrors = false;
return new Promise((resolve, reject) => {
if (pluginKeys.length === 0) {
resolve();
return;
}
batchflow(pluginKeys)
.sequential()
.each((_i, pluginKey, next) => {
certbot
.installPlugin(pluginKey)
.then(() => {
next();
})
.catch((err) => {
hasErrors = true;
next(err);
});
})
.error((err) => {
logger.error(err.message);
})
.end(() => {
if (hasErrors) {
reject(
new errs.CommandError("Some plugins failed to install. Please check the logs above", 1),
);
} else {
resolve();
}
});
});
};
/** /**
* Installs a cerbot plugin given the key for the object from * Installs a cerbot plugin given the key for the object from
* ../global/certbot-dns-plugins.json * ../global/certbot-dns-plugins.json
@@ -84,4 +44,43 @@ const installPlugin = async (pluginKey) => {
}); });
}; };
/**
* @param {array} pluginKeys
*/
const installPlugins = async (pluginKeys) => {
let hasErrors = false;
return new Promise((resolve, reject) => {
if (pluginKeys.length === 0) {
resolve();
return;
}
batchflow(pluginKeys)
.sequential()
.each((_i, pluginKey, next) => {
installPlugin(pluginKey)
.then(() => {
next();
})
.catch((err) => {
hasErrors = true;
next(err);
});
})
.error((err) => {
logger.error(err.message);
})
.end(() => {
if (hasErrors) {
reject(
new errs.CommandError("Some plugins failed to install. Please check the logs above", 1),
);
} else {
resolve();
}
});
});
};
export { installPlugins, installPlugin }; export { installPlugins, installPlugin };

52
backend/routes/audit-log.js
View File

@@ -52,4 +52,56 @@ router
} }
}); });
/**
* Specific audit log entry
*
* /api/audit-log/123
*/
router
.route("/:event_id")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* GET /api/audit-log/123
*
* Retrieve a specific entry
*/
.get(async (req, res, next) => {
try {
const data = await validator(
{
required: ["event_id"],
additionalProperties: false,
properties: {
event_id: {
$ref: "common#/properties/id",
},
expand: {
$ref: "common#/properties/expand",
},
},
},
{
event_id: req.params.event_id,
expand:
typeof req.query.expand === "string"
? req.query.expand.split(",")
: null,
},
);
const item = await internalAuditLog.get(res.locals.access, {
id: data.event_id,
expand: data.expand,
});
res.status(200).send(item);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
export default router; export default router;

104
backend/routes/nginx/certificates.js
View File

@@ -1,4 +1,5 @@
import express from "express"; import express from "express";
import dnsPlugins from "../../global/certbot-dns-plugins.json" with { type: "json" };
import internalCertificate from "../../internal/certificate.js"; import internalCertificate from "../../internal/certificate.js";
import errs from "../../lib/error.js"; import errs from "../../lib/error.js";
import jwtdecode from "../../lib/express/jwt-decode.js"; import jwtdecode from "../../lib/express/jwt-decode.js";
@@ -72,6 +73,40 @@ router
} }
}); });
/**
* /api/nginx/certificates/dns-providers
*/
router
.route("/dns-providers")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* GET /api/nginx/certificates/dns-providers
*
* Get list of all supported DNS providers
*/
.get(async (req, res, next) => {
try {
if (!res.locals.access.token.getUserId()) {
throw new errs.PermissionError("Login required");
}
const clean = Object.keys(dnsPlugins).map((key) => ({
id: key,
name: dnsPlugins[key].name,
credentials: dnsPlugins[key].credentials,
}));
clean.sort((a, b) => a.name.localeCompare(b.name));
res.status(200).send(clean);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
/** /**
* Test HTTP challenge for domains * Test HTTP challenge for domains
* *
@@ -107,6 +142,41 @@ router
} }
}); });
/**
* Validate Certs before saving
*
* /api/nginx/certificates/validate
*/
router
.route("/validate")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* POST /api/nginx/certificates/validate
*
* Validate certificates
*/
.post(async (req, res, next) => {
if (!req.files) {
res.status(400).send({ error: "No files were uploaded" });
return;
}
try {
const result = await internalCertificate.validate({
files: req.files,
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
/** /**
* Specific certificate * Specific certificate
* *
@@ -266,38 +336,4 @@ router
} }
}); });
/**
* Validate Certs before saving
*
* /api/nginx/certificates/validate
*/
router
.route("/validate")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* POST /api/nginx/certificates/validate
*
* Validate certificates
*/
.post(async (req, res, next) => {
if (!req.files) {
res.status(400).send({ error: "No files were uploaded" });
return;
}
try {
const result = await internalCertificate.validate({
files: req.files,
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
export default router; export default router;

4
backend/routes/nginx/dead_hosts.js
View File

@@ -121,7 +121,7 @@ router
/** /**
* PUT /api/nginx/dead-hosts/123 * PUT /api/nginx/dead-hosts/123
* *
* Update and existing dead-host * Update an existing dead-host
*/ */
.put(async (req, res, next) => { .put(async (req, res, next) => {
try { try {
@@ -138,7 +138,7 @@ router
/** /**
* DELETE /api/nginx/dead-hosts/123 * DELETE /api/nginx/dead-hosts/123
* *
* Update and existing dead-host * Delete a dead-host
*/ */
.delete(async (req, res, next) => { .delete(async (req, res, next) => {
try { try {

3
backend/routes/reports.js
View File

@@ -14,11 +14,12 @@ router
.options((_, res) => { .options((_, res) => {
res.sendStatus(204); res.sendStatus(204);
}) })
.all(jwtdecode())
/** /**
* GET /reports/hosts * GET /reports/hosts
*/ */
.get(jwtdecode(), async (req, res, next) => { .get(async (req, res, next) => {
try { try {
const data = await internalReport.getHostsReport(res.locals.access); const data = await internalReport.getHostsReport(res.locals.access);
res.status(200).send(data); res.status(200).send(data);

7
backend/schema/components/audit-log-list.json Normal file
View File

@@ -0,0 +1,7 @@
{
"type": "array",
"description": "Audit Log list",
"items": {
"$ref": "./audit-log-object.json"
}
}

14
backend/schema/components/audit-log-object.json
View File

@@ -1,7 +1,16 @@
{ {
"type": "object", "type": "object",
"description": "Audit Log object", "description": "Audit Log object",
"required": ["id", "created_on", "modified_on", "user_id", "object_type", "object_id", "action", "meta"], "required": [
"id",
"created_on",
"modified_on",
"user_id",
"object_type",
"object_id",
"action",
"meta"
],
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {
"id": { "id": {
@@ -27,6 +36,9 @@
}, },
"meta": { "meta": {
"type": "object" "type": "object"
},
"user": {
"$ref": "./user-object.json"
} }
} }
} }

6
backend/schema/components/certificate-object.json
View File

@@ -62,15 +62,9 @@
"dns_provider_credentials": { "dns_provider_credentials": {
"type": "string" "type": "string"
}, },
"letsencrypt_agree": {
"type": "boolean"
},
"letsencrypt_certificate": { "letsencrypt_certificate": {
"type": "object" "type": "object"
}, },
"letsencrypt_email": {
"$ref": "../common.json#/properties/email"
},
"propagation_seconds": { "propagation_seconds": {
"type": "integer", "type": "integer",
"minimum": 0 "minimum": 0

2
backend/schema/components/stream-object.json
View File

@@ -31,7 +31,7 @@
}, },
{ {
"type": "string", "type": "string",
"format": "ipv4" "format": "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}$"
}, },
{ {
"type": "string", "type": "string",

6
backend/schema/paths/audit-log/get.json
View File

@@ -1,6 +1,6 @@
{ {
"operationId": "getAuditLog", "operationId": "getAuditLogs",
"summary": "Get Audit Log", "summary": "Get Audit Logs",
"tags": ["Audit Log"], "tags": ["Audit Log"],
"security": [ "security": [
{ {
@@ -44,7 +44,7 @@
} }
}, },
"schema": { "schema": {
"$ref": "../../components/audit-log-object.json" "$ref": "../../components/audit-log-list.json"
} }
} }
} }

73
backend/schema/paths/audit-log/id/get.json Normal file
View File

@@ -0,0 +1,73 @@
{
"operationId": "getAuditLog",
"summary": "Get Audit Log Event",
"tags": [
"Audit Log"
],
"security": [
{
"BearerAuth": [
"audit-log"
]
}
],
"parameters": [
{
"in": "path",
"name": "id",
"schema": {
"type": "integer",
"minimum": 1
},
"required": true,
"example": 1
}
],
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"examples": {
"default": {
"value": {
"id": 1,
"created_on": "2025-09-15T17:27:45.000Z",
"modified_on": "2025-09-15T17:27:45.000Z",
"user_id": 1,
"object_type": "user",
"object_id": 1,
"action": "created",
"meta": {
"id": 1,
"created_on": "2025-09-15T17:27:45.000Z",
"modified_on": "2025-09-15T17:27:45.000Z",
"is_disabled": false,
"email": "jc@jc21.com",
"name": "Jamie",
"nickname": "Jamie",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"roles": [
"admin"
],
"permissions": {
"visibility": "all",
"proxy_hosts": "manage",
"redirection_hosts": "manage",
"dead_hosts": "manage",
"streams": "manage",
"access_lists": "manage",
"certificates": "manage"
}
}
}
}
},
"schema": {
"$ref": "../../../components/audit-log-object.json"
}
}
}
}
}
}

2
backend/schema/paths/nginx/certificates/certID/get.json
View File

@@ -36,8 +36,6 @@
"domain_names": ["test.example.com"], "domain_names": ["test.example.com"],
"expires_on": "2025-01-07T04:34:18.000Z", "expires_on": "2025-01-07T04:34:18.000Z",
"meta": { "meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false "dns_challenge": false
} }
} }

2
backend/schema/paths/nginx/certificates/certID/renew/post.json
View File

@@ -37,8 +37,6 @@
"nice_name": "My Test Cert", "nice_name": "My Test Cert",
"domain_names": ["test.jc21.supernerd.pro"], "domain_names": ["test.jc21.supernerd.pro"],
"meta": { "meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false "dns_challenge": false
} }
} }

2
backend/schema/paths/nginx/certificates/get.json
View File

@@ -36,8 +36,6 @@
"domain_names": ["test.example.com"], "domain_names": ["test.example.com"],
"expires_on": "2025-01-07T04:34:18.000Z", "expires_on": "2025-01-07T04:34:18.000Z",
"meta": { "meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false "dns_challenge": false
} }
} }

2
backend/schema/paths/nginx/certificates/post.json
View File

@@ -52,8 +52,6 @@
"nice_name": "test.example.com", "nice_name": "test.example.com",
"domain_names": ["test.example.com"], "domain_names": ["test.example.com"],
"meta": { "meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false, "dns_challenge": false,
"letsencrypt_certificate": { "letsencrypt_certificate": {
"cn": "test.example.com", "cn": "test.example.com",

3
backend/schema/paths/nginx/streams/post.json
View File

@@ -37,6 +37,9 @@
}, },
"meta": { "meta": {
"$ref": "../../../components/stream-object.json#/properties/meta" "$ref": "../../../components/stream-object.json#/properties/meta"
},
"domain_names": {
"$ref": "../../../components/dead-host-object.json#/properties/domain_names"
} }
} }
} }

5
backend/schema/swagger.json
View File

@@ -29,6 +29,11 @@
"$ref": "./paths/audit-log/get.json" "$ref": "./paths/audit-log/get.json"
} }
}, },
"/audit-log/{id}": {
"get": {
"$ref": "./paths/audit-log/id/get.json"
}
},
"/nginx/access-lists": { "/nginx/access-lists": {
"get": { "get": {
"$ref": "./paths/nginx/access-lists/get.json" "$ref": "./paths/nginx/access-lists/get.json"

12
backend/setup.js
View File

@@ -121,11 +121,13 @@ const setupCertbotPlugins = async () => {
// Make sure credentials file exists // Make sure credentials file exists
const credentials_loc = `/etc/letsencrypt/credentials/credentials-${certificate.id}`; const credentials_loc = `/etc/letsencrypt/credentials/credentials-${certificate.id}`;
// Escape single quotes and backslashes // Escape single quotes and backslashes
const escapedCredentials = certificate.meta.dns_provider_credentials if (typeof certificate.meta.dns_provider_credentials === "string") {
.replaceAll("'", "\\'") const escapedCredentials = certificate.meta.dns_provider_credentials
.replaceAll("\\", "\\\\"); .replaceAll("'", "\\'")
const credentials_cmd = `[ -f '${credentials_loc}' ] || { mkdir -p /etc/letsencrypt/credentials 2> /dev/null; echo '${escapedCredentials}' > '${credentials_loc}' && chmod 600 '${credentials_loc}'; }`; .replaceAll("\\", "\\\\");
promises.push(utils.exec(credentials_cmd)); const credentials_cmd = `[ -f '${credentials_loc}' ] || { mkdir -p /etc/letsencrypt/credentials 2> /dev/null; echo '${escapedCredentials}' > '${credentials_loc}' && chmod 600 '${credentials_loc}'; }`;
promises.push(utils.exec(credentials_cmd));
}
} }
return true; return true;
}); });

2
docker/dev/Dockerfile
View File

@@ -15,7 +15,7 @@ ENV SUPPRESS_NO_CONFIG_WARNING=1 \
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apt-get update \ && apt-get update \
&& apt-get install -y jq python3-pip logrotate \ && apt-get install -y jq python3-pip logrotate moreutils \
&& apt-get clean \ && apt-get clean \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*

6
docker/docker-compose.dev.yml
View File

@@ -52,7 +52,7 @@ services:
- ../global:/app/global - ../global:/app/global
- '/etc/localtime:/etc/localtime:ro' - '/etc/localtime:/etc/localtime:ro'
healthcheck: healthcheck:
test: ["CMD", "/usr/bin/check-health"] test: [ "CMD", "/usr/bin/check-health" ]
interval: 10s interval: 10s
timeout: 3s timeout: 3s
depends_on: depends_on:
@@ -71,12 +71,14 @@ services:
networks: networks:
- nginx_proxy_manager - nginx_proxy_manager
environment: environment:
TZ: "${TZ:-Australia/Brisbane}"
MYSQL_ROOT_PASSWORD: 'npm' MYSQL_ROOT_PASSWORD: 'npm'
MYSQL_DATABASE: 'npm' MYSQL_DATABASE: 'npm'
MYSQL_USER: 'npm' MYSQL_USER: 'npm'
MYSQL_PASSWORD: 'npm' MYSQL_PASSWORD: 'npm'
volumes: volumes:
- db_data:/var/lib/mysql - db_data:/var/lib/mysql
- '/etc/localtime:/etc/localtime:ro'
db-postgres: db-postgres:
image: postgres:latest image: postgres:latest
@@ -202,7 +204,7 @@ services:
- nginx_proxy_manager - nginx_proxy_manager
restart: unless-stopped restart: unless-stopped
healthcheck: healthcheck:
test: ['CMD-SHELL', 'redis-cli ping | grep PONG'] test: [ 'CMD-SHELL', 'redis-cli ping | grep PONG' ]
start_period: 20s start_period: 20s
interval: 30s interval: 30s
retries: 5 retries: 5

3
frontend/biome.json
View File

@@ -64,7 +64,8 @@
"useUniqueElementIds": "off" "useUniqueElementIds": "off"
}, },
"suspicious": { "suspicious": {
"noExplicitAny": "off" "noExplicitAny": "off",
"noArrayIndexKey": "off"
}, },
"performance": { "performance": {
"noDelete": "off" "noDelete": "off"

26
frontend/package.json
View File

@@ -12,47 +12,51 @@
"prettier": "biome format --write ./src", "prettier": "biome format --write ./src",
"locale-extract": "formatjs extract 'src/**/*.tsx'", "locale-extract": "formatjs extract 'src/**/*.tsx'",
"locale-compile": "formatjs compile-folder src/locale/src src/locale/lang", "locale-compile": "formatjs compile-folder src/locale/src src/locale/lang",
"locale-sort": "./src/locale/scripts/locale-sort.sh",
"test": "vitest" "test": "vitest"
}, },
"dependencies": { "dependencies": {
"@tabler/core": "^1.4.0", "@tabler/core": "^1.4.0",
"@tabler/icons-react": "^3.34.1", "@tabler/icons-react": "^3.35.0",
"@tanstack/react-query": "^5.85.6", "@tanstack/react-query": "^5.89.0",
"@tanstack/react-table": "^8.21.3", "@tanstack/react-table": "^8.21.3",
"@uiw/react-textarea-code-editor": "^3.1.1",
"classnames": "^2.5.1", "classnames": "^2.5.1",
"country-flag-icons": "^1.5.19", "country-flag-icons": "^1.5.20",
"date-fns": "^4.1.0", "date-fns": "^4.1.0",
"formik": "^2.4.6", "formik": "^2.4.6",
"generate-password-browser": "^1.1.0",
"humps": "^2.0.1", "humps": "^2.0.1",
"query-string": "^9.2.2", "query-string": "^9.3.1",
"react": "^19.1.1", "react": "^19.1.1",
"react-bootstrap": "^2.10.10", "react-bootstrap": "^2.10.10",
"react-dom": "^19.1.1", "react-dom": "^19.1.1",
"react-intl": "^7.1.11", "react-intl": "^7.1.11",
"react-router-dom": "^7.8.2", "react-router-dom": "^7.9.1",
"react-select": "^5.10.2",
"react-toastify": "^11.0.5", "react-toastify": "^11.0.5",
"rooks": "^9.2.0" "rooks": "^9.3.0"
}, },
"devDependencies": { "devDependencies": {
"@biomejs/biome": "^2.2.4", "@biomejs/biome": "^2.2.4",
"@formatjs/cli": "^6.7.2", "@formatjs/cli": "^6.7.2",
"@tanstack/react-query-devtools": "^5.85.6", "@tanstack/react-query-devtools": "^5.89.0",
"@testing-library/dom": "^10.4.1", "@testing-library/dom": "^10.4.1",
"@testing-library/jest-dom": "^6.8.0", "@testing-library/jest-dom": "^6.8.0",
"@testing-library/react": "^16.3.0", "@testing-library/react": "^16.3.0",
"@types/country-flag-icons": "^1.2.2", "@types/country-flag-icons": "^1.2.2",
"@types/humps": "^2.0.6", "@types/humps": "^2.0.6",
"@types/react": "^19.1.12", "@types/react": "^19.1.13",
"@types/react-dom": "^19.1.9", "@types/react-dom": "^19.1.9",
"@types/react-table": "^7.7.20", "@types/react-table": "^7.7.20",
"@vitejs/plugin-react": "^5.0.2", "@vitejs/plugin-react": "^5.0.3",
"happy-dom": "^18.0.1", "happy-dom": "^18.0.1",
"postcss": "^8.5.6", "postcss": "^8.5.6",
"postcss-simple-vars": "^7.0.1", "postcss-simple-vars": "^7.0.1",
"sass": "^1.91.0", "sass": "^1.93.0",
"tmp": "^0.2.5", "tmp": "^0.2.5",
"typescript": "5.9.2", "typescript": "5.9.2",
"vite": "^7.1.4", "vite": "^7.1.6",
"vite-plugin-checker": "^0.10.3", "vite-plugin-checker": "^0.10.3",
"vite-tsconfig-paths": "^5.1.4", "vite-tsconfig-paths": "^5.1.4",
"vitest": "^3.2.4" "vitest": "^3.2.4"

62
frontend/src/App.css
View File

@@ -1,3 +1,14 @@
:root {
color-scheme: light dark;
}
.light {
color-scheme: light;
}
.dark {
color-scheme: dark;
}
.modal-backdrop { .modal-backdrop {
--tblr-backdrop-opacity: 0.8 !important; --tblr-backdrop-opacity: 0.8 !important;
} }
@@ -12,3 +23,54 @@
.ml-1 { .ml-1 {
margin-left: 0.25rem; margin-left: 0.25rem;
} }
.react-select-container {
.react-select__control {
color: var(--tblr-body-color);
background-color: var(--tblr-bg-forms);
border: var(--tblr-border-width) solid var(--tblr-border-color);
.react-select__input {
color: var(--tblr-body-color) !important;
}
.react-select__single-value {
color: var(--tblr-body-color);
}
.react-select__multi-value {
border: 1px solid var(--tblr-border-color);
background-color: var(--tblr-bg-surface-tertiary);
color: var(--tblr-secondary) !important;
.react-select__multi-value__label {
color: var(--tblr-secondary) !important;
}
}
}
.react-select__menu {
background-color: var(--tblr-bg-forms);
.react-select__option {
background: rgba(var(--tblr-primary-rgb), .04);
color: inherit !important;
&.react-select__option--is-focused {
background: rgba(var(--tblr-primary-rgb), .1);
}
&.react-select__option--is-focused.react-select__option--is-selected {
background: rgba(var(--tblr-primary-rgb), .2);
}
}
}
}
.textareaMono {
font-family: 'Courier New', Courier, monospace !important;
resize: vertical;
}
label.row {
cursor: pointer;
}

15
frontend/src/api/backend/createAccessList.ts
View File

@@ -1,13 +1,10 @@
import * as api from "./base"; import * as api from "./base";
import type { AccessList } from "./models"; import type { AccessList } from "./models";
export async function createAccessList(item: AccessList, abortController?: AbortController): Promise<AccessList> { export async function createAccessList(item: AccessList): Promise<AccessList> {
return await api.post( return await api.post({
{ url: "/nginx/access-lists",
url: "/nginx/access-lists", // todo: only use whitelist of fields for this data
// todo: only use whitelist of fields for this data data: item,
data: item, });
},
abortController,
);
} }

15
frontend/src/api/backend/createCertificate.ts
View File

@@ -1,13 +1,10 @@
import * as api from "./base"; import * as api from "./base";
import type { Certificate } from "./models"; import type { Certificate } from "./models";
export async function createCertificate(item: Certificate, abortController?: AbortController): Promise<Certificate> { export async function createCertificate(item: Certificate): Promise<Certificate> {
return await api.post( return await api.post({
{ url: "/nginx/certificates",
url: "/nginx/certificates", // todo: only use whitelist of fields for this data
// todo: only use whitelist of fields for this data data: item,
data: item, });
},
abortController,
);
} }

15
frontend/src/api/backend/createDeadHost.ts
View File

@@ -1,13 +1,10 @@
import * as api from "./base"; import * as api from "./base";
import type { DeadHost } from "./models"; import type { DeadHost } from "./models";
export async function createDeadHost(item: DeadHost, abortController?: AbortController): Promise<DeadHost> { export async function createDeadHost(item: DeadHost): Promise<DeadHost> {
return await api.post( return await api.post({
{ url: "/nginx/dead-hosts",
url: "/nginx/dead-hosts", // todo: only use whitelist of fields for this data
// todo: only use whitelist of fields for this data data: item,
data: item, });
},
abortController,
);
} }

15
frontend/src/api/backend/createProxyHost.ts
View File

@@ -1,13 +1,10 @@
import * as api from "./base"; import * as api from "./base";
import type { ProxyHost } from "./models"; import type { ProxyHost } from "./models";
export async function createProxyHost(item: ProxyHost, abortController?: AbortController): Promise<ProxyHost> { export async function createProxyHost(item: ProxyHost): Promise<ProxyHost> {
return await api.post( return await api.post({
{ url: "/nginx/proxy-hosts",
url: "/nginx/proxy-hosts", // todo: only use whitelist of fields for this data
// todo: only use whitelist of fields for this data data: item,
data: item, });
},
abortController,
);
} }

18
frontend/src/api/backend/createRedirectionHost.ts
View File

@@ -1,16 +1,10 @@
import * as api from "./base"; import * as api from "./base";
import type { RedirectionHost } from "./models"; import type { RedirectionHost } from "./models";
export async function createRedirectionHost( export async function createRedirectionHost(item: RedirectionHost): Promise<RedirectionHost> {
item: RedirectionHost, return await api.post({
abortController?: AbortController, url: "/nginx/redirection-hosts",
): Promise<RedirectionHost> { // todo: only use whitelist of fields for this data
return await api.post( data: item,
{ });
url: "/nginx/redirection-hosts",
// todo: only use whitelist of fields for this data
data: item,
},
abortController,
);
} }

15
frontend/src/api/backend/createStream.ts
View File

@@ -1,13 +1,10 @@
import * as api from "./base"; import * as api from "./base";
import type { Stream } from "./models"; import type { Stream } from "./models";
export async function createStream(item: Stream, abortController?: AbortController): Promise<Stream> { export async function createStream(item: Stream): Promise<Stream> {
return await api.post( return await api.post({
{ url: "/nginx/streams",
url: "/nginx/streams", // todo: only use whitelist of fields for this data
// todo: only use whitelist of fields for this data data: item,
data: item, });
},
abortController,
);
} }

17
frontend/src/api/backend/createUser.ts
View File

@@ -15,14 +15,11 @@ export interface NewUser {
roles?: string[]; roles?: string[];
} }
export async function createUser(item: NewUser, noAuth?: boolean, abortController?: AbortController): Promise<User> { export async function createUser(item: NewUser, noAuth?: boolean): Promise<User> {
return await api.post( return await api.post({
{ url: "/users",
url: "/users", // todo: only use whitelist of fields for this data
// todo: only use whitelist of fields for this data data: item,
data: item, noAuth,
noAuth, });
},
abortController,
);
} }

11
frontend/src/api/backend/deleteAccessList.ts
View File

@@ -1,10 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function deleteAccessList(id: number, abortController?: AbortController): Promise<boolean> { export async function deleteAccessList(id: number): Promise<boolean> {
return await api.del( return await api.del({
{ url: `/nginx/access-lists/${id}`,
url: `/nginx/access-lists/${id}`, });
},
abortController,
);
} }

11
frontend/src/api/backend/deleteCertificate.ts
View File

@@ -1,10 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function deleteCertificate(id: number, abortController?: AbortController): Promise<boolean> { export async function deleteCertificate(id: number): Promise<boolean> {
return await api.del( return await api.del({
{ url: `/nginx/certificates/${id}`,
url: `/nginx/certificates/${id}`, });
},
abortController,
);
} }

11
frontend/src/api/backend/deleteDeadHost.ts
View File

@@ -1,10 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function deleteDeadHost(id: number, abortController?: AbortController): Promise<boolean> { export async function deleteDeadHost(id: number): Promise<boolean> {
return await api.del( return await api.del({
{ url: `/nginx/dead-hosts/${id}`,
url: `/nginx/dead-hosts/${id}`, });
},
abortController,
);
} }

11
frontend/src/api/backend/deleteProxyHost.ts
View File

@@ -1,10 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function deleteProxyHost(id: number, abortController?: AbortController): Promise<boolean> { export async function deleteProxyHost(id: number): Promise<boolean> {
return await api.del( return await api.del({
{ url: `/nginx/proxy-hosts/${id}`,
url: `/nginx/proxy-hosts/${id}`, });
},
abortController,
);
} }

11
frontend/src/api/backend/deleteRedirectionHost.ts
View File

@@ -1,10 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function deleteRedirectionHost(id: number, abortController?: AbortController): Promise<boolean> { export async function deleteRedirectionHost(id: number): Promise<boolean> {
return await api.del( return await api.del({
{ url: `/nginx/redirection-hosts/${id}`,
url: `/nginx/redirection-hosts/${id}`, });
},
abortController,
);
} }

11
frontend/src/api/backend/deleteStream.ts
View File

@@ -1,10 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function deleteStream(id: number, abortController?: AbortController): Promise<boolean> { export async function deleteStream(id: number): Promise<boolean> {
return await api.del( return await api.del({
{ url: `/nginx/streams/${id}`,
url: `/nginx/streams/${id}`, });
},
abortController,
);
} }

11
frontend/src/api/backend/deleteUser.ts
View File

@@ -1,10 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function deleteUser(id: number, abortController?: AbortController): Promise<boolean> { export async function deleteUser(id: number): Promise<boolean> {
return await api.del( return await api.del({
{ url: `/users/${id}`,
url: `/users/${id}`, });
},
abortController,
);
} }

11
frontend/src/api/backend/downloadCertificate.ts
View File

@@ -1,11 +1,8 @@
import * as api from "./base"; import * as api from "./base";
import type { Binary } from "./responseTypes"; import type { Binary } from "./responseTypes";
export async function downloadCertificate(id: number, abortController?: AbortController): Promise<Binary> { export async function downloadCertificate(id: number): Promise<Binary> {
return await api.get( return await api.get({
{ url: `/nginx/certificates/${id}/download`,
url: `/nginx/certificates/${id}/download`, });
},
abortController,
);
} }

6
frontend/src/api/backend/expansions.ts Normal file
View File

@@ -0,0 +1,6 @@
export type AccessListExpansion = "owner" | "items" | "clients";
export type AuditLogExpansion = "user";
export type CertificateExpansion = "owner" | "proxy_hosts" | "redirection_hosts" | "dead_hosts";
export type HostExpansion = "owner" | "certificate";
export type ProxyHostExpansion = "owner" | "access_list" | "certificate";
export type UserExpansion = "permissions";

14
frontend/src/api/backend/getAccessList.ts
View File

@@ -1,11 +1,13 @@
import * as api from "./base"; import * as api from "./base";
import type { AccessListExpansion } from "./expansions";
import type { AccessList } from "./models"; import type { AccessList } from "./models";
export async function getAccessList(id: number, abortController?: AbortController): Promise<AccessList> { export async function getAccessList(id: number, expand?: AccessListExpansion[], params = {}): Promise<AccessList> {
return await api.get( return await api.get({
{ url: `/nginx/access-lists/${id}`,
url: `/nginx/access-lists/${id}`, params: {
expand: expand?.join(","),
...params,
}, },
abortController, });
);
} }

3
frontend/src/api/backend/getAccessLists.ts
View File

@@ -1,8 +1,7 @@
import * as api from "./base"; import * as api from "./base";
import type { AccessListExpansion } from "./expansions";
import type { AccessList } from "./models"; import type { AccessList } from "./models";
export type AccessListExpansion = "owner" | "items" | "clients";
export async function getAccessLists(expand?: AccessListExpansion[], params = {}): Promise<AccessList[]> { export async function getAccessLists(expand?: AccessListExpansion[], params = {}): Promise<AccessList[]> {
return await api.get({ return await api.get({
url: "/nginx/access-lists", url: "/nginx/access-lists",

5
frontend/src/api/backend/getAuditLog.ts
View File

@@ -1,9 +1,10 @@
import * as api from "./base"; import * as api from "./base";
import type { AuditLogExpansion } from "./expansions";
import type { AuditLog } from "./models"; import type { AuditLog } from "./models";
export async function getAuditLog(expand?: string[], params = {}): Promise<AuditLog[]> { export async function getAuditLog(id: number, expand?: AuditLogExpansion[], params = {}): Promise<AuditLog> {
return await api.get({ return await api.get({
url: "/audit-log", url: `/audit-log/${id}`,
params: { params: {
expand: expand?.join(","), expand: expand?.join(","),
...params, ...params,

13
frontend/src/api/backend/getAuditLogs.ts Normal file
View File

@@ -0,0 +1,13 @@
import * as api from "./base";
import type { AuditLogExpansion } from "./expansions";
import type { AuditLog } from "./models";
export async function getAuditLogs(expand?: AuditLogExpansion[], params = {}): Promise<AuditLog[]> {
return await api.get({
url: "/audit-log",
params: {
expand: expand?.join(","),
...params,
},
});
}

14
frontend/src/api/backend/getCertificate.ts
View File

@@ -1,11 +1,13 @@
import * as api from "./base"; import * as api from "./base";
import type { CertificateExpansion } from "./expansions";
import type { Certificate } from "./models"; import type { Certificate } from "./models";
export async function getCertificate(id: number, abortController?: AbortController): Promise<Certificate> { export async function getCertificate(id: number, expand?: CertificateExpansion[], params = {}): Promise<Certificate> {
return await api.get( return await api.get({
{ url: `/nginx/certificates/${id}`,
url: `/nginx/certificates/${id}`, params: {
expand: expand?.join(","),
...params,
}, },
abortController, });
);
} }

9
frontend/src/api/backend/getCertificateDNSProviders.ts Normal file
View File

@@ -0,0 +1,9 @@
import * as api from "./base";
import type { DNSProvider } from "./models";
export async function getCertificateDNSProviders(params = {}): Promise<DNSProvider[]> {
return await api.get({
url: "/nginx/certificates/dns-providers",
params,
});
}

3
frontend/src/api/backend/getCertificates.ts
View File

@@ -1,7 +1,8 @@
import * as api from "./base"; import * as api from "./base";
import type { CertificateExpansion } from "./expansions";
import type { Certificate } from "./models"; import type { Certificate } from "./models";
export async function getCertificates(expand?: string[], params = {}): Promise<Certificate[]> { export async function getCertificates(expand?: CertificateExpansion[], params = {}): Promise<Certificate[]> {
return await api.get({ return await api.get({
url: "/nginx/certificates", url: "/nginx/certificates",
params: { params: {

14
frontend/src/api/backend/getDeadHost.ts
View File

@@ -1,11 +1,13 @@
import * as api from "./base"; import * as api from "./base";
import type { HostExpansion } from "./expansions";
import type { DeadHost } from "./models"; import type { DeadHost } from "./models";
export async function getDeadHost(id: number, abortController?: AbortController): Promise<DeadHost> { export async function getDeadHost(id: number, expand?: HostExpansion[], params = {}): Promise<DeadHost> {
return await api.get( return await api.get({
{ url: `/nginx/dead-hosts/${id}`,
url: `/nginx/dead-hosts/${id}`, params: {
expand: expand?.join(","),
...params,
}, },
abortController, });
);
} }

5
frontend/src/api/backend/getDeadHosts.ts
View File

@@ -1,9 +1,8 @@
import * as api from "./base"; import * as api from "./base";
import type { HostExpansion } from "./expansions";
import type { DeadHost } from "./models"; import type { DeadHost } from "./models";
export type DeadHostExpansion = "owner" | "certificate"; export async function getDeadHosts(expand?: HostExpansion[], params = {}): Promise<DeadHost[]> {
export async function getDeadHosts(expand?: DeadHostExpansion[], params = {}): Promise<DeadHost[]> {
return await api.get({ return await api.get({
url: "/nginx/dead-hosts", url: "/nginx/dead-hosts",
params: { params: {

11
frontend/src/api/backend/getHealth.ts
View File

@@ -1,11 +1,8 @@
import * as api from "./base"; import * as api from "./base";
import type { HealthResponse } from "./responseTypes"; import type { HealthResponse } from "./responseTypes";
export async function getHealth(abortController?: AbortController): Promise<HealthResponse> { export async function getHealth(): Promise<HealthResponse> {
return await api.get( return await api.get({
{ url: "/",
url: "/", });
},
abortController,
);
} }

11
frontend/src/api/backend/getHostsReport.ts
View File

@@ -1,10 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function getHostsReport(abortController?: AbortController): Promise<Record<string, number>> { export async function getHostsReport(): Promise<Record<string, number>> {
return await api.get( return await api.get({
{ url: "/reports/hosts",
url: "/reports/hosts", });
},
abortController,
);
} }

14
frontend/src/api/backend/getProxyHost.ts
View File

@@ -1,11 +1,13 @@
import * as api from "./base"; import * as api from "./base";
import type { ProxyHostExpansion } from "./expansions";
import type { ProxyHost } from "./models"; import type { ProxyHost } from "./models";
export async function getProxyHost(id: number, abortController?: AbortController): Promise<ProxyHost> { export async function getProxyHost(id: number, expand?: ProxyHostExpansion[], params = {}): Promise<ProxyHost> {
return await api.get( return await api.get({
{ url: `/nginx/proxy-hosts/${id}`,
url: `/nginx/proxy-hosts/${id}`, params: {
expand: expand?.join(","),
...params,
}, },
abortController, });
);
} }

3
frontend/src/api/backend/getProxyHosts.ts
View File

@@ -1,8 +1,7 @@
import * as api from "./base"; import * as api from "./base";
import type { ProxyHostExpansion } from "./expansions";
import type { ProxyHost } from "./models"; import type { ProxyHost } from "./models";
export type ProxyHostExpansion = "owner" | "access_list" | "certificate";
export async function getProxyHosts(expand?: ProxyHostExpansion[], params = {}): Promise<ProxyHost[]> { export async function getProxyHosts(expand?: ProxyHostExpansion[], params = {}): Promise<ProxyHost[]> {
return await api.get({ return await api.get({
url: "/nginx/proxy-hosts", url: "/nginx/proxy-hosts",

16
frontend/src/api/backend/getRedirectionHost.ts
View File

@@ -1,11 +1,13 @@
import * as api from "./base"; import * as api from "./base";
import type { ProxyHost } from "./models"; import type { HostExpansion } from "./expansions";
import type { RedirectionHost } from "./models";
export async function getRedirectionHost(id: number, abortController?: AbortController): Promise<ProxyHost> { export async function getRedirectionHost(id: number, expand?: HostExpansion[], params = {}): Promise<RedirectionHost> {
return await api.get( return await api.get({
{ url: `/nginx/redirection-hosts/${id}`,
url: `/nginx/redirection-hosts/${id}`, params: {
expand: expand?.join(","),
...params,
}, },
abortController, });
);
} }

7
frontend/src/api/backend/getRedirectionHosts.ts
View File

@@ -1,11 +1,8 @@
import * as api from "./base"; import * as api from "./base";
import type { HostExpansion } from "./expansions";
import type { RedirectionHost } from "./models"; import type { RedirectionHost } from "./models";
export type RedirectionHostExpansion = "owner" | "certificate"; export async function getRedirectionHosts(expand?: HostExpansion[], params = {}): Promise<RedirectionHost[]> {
export async function getRedirectionHosts(
expand?: RedirectionHostExpansion[],
params = {},
): Promise<RedirectionHost[]> {
return await api.get({ return await api.get({
url: "/nginx/redirection-hosts", url: "/nginx/redirection-hosts",
params: { params: {

13
frontend/src/api/backend/getSetting.ts
View File

@@ -1,11 +1,12 @@
import * as api from "./base"; import * as api from "./base";
import type { Setting } from "./models"; import type { Setting } from "./models";
export async function getSetting(id: string, abortController?: AbortController): Promise<Setting> { export async function getSetting(id: string, expand?: string[], params = {}): Promise<Setting> {
return await api.get( return await api.get({
{ url: `/settings/${id}`,
url: `/settings/${id}`, params: {
expand: expand?.join(","),
...params,
}, },
abortController, });
);
} }

14
frontend/src/api/backend/getStream.ts
View File

@@ -1,11 +1,13 @@
import * as api from "./base"; import * as api from "./base";
import type { HostExpansion } from "./expansions";
import type { Stream } from "./models"; import type { Stream } from "./models";
export async function getStream(id: number, abortController?: AbortController): Promise<Stream> { export async function getStream(id: number, expand?: HostExpansion[], params = {}): Promise<Stream> {
return await api.get( return await api.get({
{ url: `/nginx/streams/${id}`,
url: `/nginx/streams/${id}`, params: {
expand: expand?.join(","),
...params,
}, },
abortController, });
);
} }

5
frontend/src/api/backend/getStreams.ts
View File

@@ -1,9 +1,8 @@
import * as api from "./base"; import * as api from "./base";
import type { HostExpansion } from "./expansions";
import type { Stream } from "./models"; import type { Stream } from "./models";
export type StreamExpansion = "owner" | "certificate"; export async function getStreams(expand?: HostExpansion[], params = {}): Promise<Stream[]> {
export async function getStreams(expand?: StreamExpansion[], params = {}): Promise<Stream[]> {
return await api.get({ return await api.get({
url: "/nginx/streams", url: "/nginx/streams",
params: { params: {

20
frontend/src/api/backend/getToken.ts
View File

@@ -1,19 +1,9 @@
import * as api from "./base"; import * as api from "./base";
import type { TokenResponse } from "./responseTypes"; import type { TokenResponse } from "./responseTypes";
interface Options { export async function getToken(identity: string, secret: string): Promise<TokenResponse> {
payload: { return await api.post({
identity: string; url: "/tokens",
secret: string; data: { identity, secret },
}; });
}
export async function getToken({ payload }: Options, abortController?: AbortController): Promise<TokenResponse> {
return await api.post(
{
url: "/tokens",
data: payload,
},
abortController,
);
} }

8
frontend/src/api/backend/getUser.ts
View File

@@ -1,10 +1,14 @@
import * as api from "./base"; import * as api from "./base";
import type { UserExpansion } from "./expansions";
import type { User } from "./models"; import type { User } from "./models";
export async function getUser(id: number | string = "me", params = {}): Promise<User> { export async function getUser(id: number | string = "me", expand?: UserExpansion[], params = {}): Promise<User> {
const userId = id ? id : "me"; const userId = id ? id : "me";
return await api.get({ return await api.get({
url: `/users/${userId}`, url: `/users/${userId}`,
params, params: {
expand: expand?.join(","),
...params,
},
}); });
} }

3
frontend/src/api/backend/getUsers.ts
View File

@@ -1,8 +1,7 @@
import * as api from "./base"; import * as api from "./base";
import type { UserExpansion } from "./expansions";
import type { User } from "./models"; import type { User } from "./models";
export type UserExpansion = "permissions";
export async function getUsers(expand?: UserExpansion[], params = {}): Promise<User[]> { export async function getUsers(expand?: UserExpansion[], params = {}): Promise<User[]> {
return await api.get({ return await api.get({
url: "/users", url: "/users",

4
frontend/src/api/backend/index.ts
View File

@@ -13,10 +13,13 @@ export * from "./deleteRedirectionHost";
export * from "./deleteStream"; export * from "./deleteStream";
export * from "./deleteUser"; export * from "./deleteUser";
export * from "./downloadCertificate"; export * from "./downloadCertificate";
export * from "./expansions";
export * from "./getAccessList"; export * from "./getAccessList";
export * from "./getAccessLists"; export * from "./getAccessLists";
export * from "./getAuditLog"; export * from "./getAuditLog";
export * from "./getAuditLogs";
export * from "./getCertificate"; export * from "./getCertificate";
export * from "./getCertificateDNSProviders";
export * from "./getCertificates"; export * from "./getCertificates";
export * from "./getDeadHost"; export * from "./getDeadHost";
export * from "./getDeadHosts"; export * from "./getDeadHosts";
@@ -44,6 +47,7 @@ export * from "./toggleDeadHost";
export * from "./toggleProxyHost"; export * from "./toggleProxyHost";
export * from "./toggleRedirectionHost"; export * from "./toggleRedirectionHost";
export * from "./toggleStream"; export * from "./toggleStream";
export * from "./toggleUser";
export * from "./updateAccessList"; export * from "./updateAccessList";
export * from "./updateAuth"; export * from "./updateAuth";
export * from "./updateDeadHost"; export * from "./updateDeadHost";

14
frontend/src/api/backend/models.ts
View File

@@ -40,6 +40,8 @@ export interface AuditLog {
objectId: number; objectId: number;
action: string; action: string;
meta: Record<string, any>; meta: Record<string, any>;
// Expansions:
user?: User;
} }
export interface AccessList { export interface AccessList {
@@ -51,7 +53,7 @@ export interface AccessList {
meta: Record<string, any>; meta: Record<string, any>;
satisfyAny: boolean; satisfyAny: boolean;
passAuth: boolean; passAuth: boolean;
proxyHostCount: number; proxyHostCount?: number;
// Expansions: // Expansions:
owner?: User; owner?: User;
items?: AccessListItem[]; items?: AccessListItem[];
@@ -101,6 +103,7 @@ export interface ProxyHost {
modifiedOn: string; modifiedOn: string;
ownerUserId: number; ownerUserId: number;
domainNames: string[]; domainNames: string[];
forwardScheme: string;
forwardHost: string; forwardHost: string;
forwardPort: number; forwardPort: number;
accessListId: number; accessListId: number;
@@ -112,9 +115,8 @@ export interface ProxyHost {
meta: Record<string, any>; meta: Record<string, any>;
allowWebsocketUpgrade: boolean; allowWebsocketUpgrade: boolean;
http2Support: boolean; http2Support: boolean;
forwardScheme: string;
enabled: boolean; enabled: boolean;
locations: string[]; // todo: string or object? locations?: string[]; // todo: string or object?
hstsEnabled: boolean; hstsEnabled: boolean;
hstsSubdomains: boolean; hstsSubdomains: boolean;
// Expansions: // Expansions:
@@ -191,3 +193,9 @@ export interface Setting {
value: string; value: string;
meta: Record<string, any>; meta: Record<string, any>;
} }
export interface DNSProvider {
id: string;
name: string;
credentials: string;
}

11
frontend/src/api/backend/refreshToken.ts
View File

@@ -1,11 +1,8 @@
import * as api from "./base"; import * as api from "./base";
import type { TokenResponse } from "./responseTypes"; import type { TokenResponse } from "./responseTypes";
export async function refreshToken(abortController?: AbortController): Promise<TokenResponse> { export async function refreshToken(): Promise<TokenResponse> {
return await api.get( return await api.get({
{ url: "/tokens",
url: "/tokens", });
},
abortController,
);
} }

11
frontend/src/api/backend/renewCertificate.ts
View File

@@ -1,11 +1,8 @@
import * as api from "./base"; import * as api from "./base";
import type { Certificate } from "./models"; import type { Certificate } from "./models";
export async function renewCertificate(id: number, abortController?: AbortController): Promise<Certificate> { export async function renewCertificate(id: number): Promise<Certificate> {
return await api.post( return await api.post({
{ url: `/nginx/certificates/${id}/renew`,
url: `/nginx/certificates/${id}/renew`, });
},
abortController,
);
} }

17
frontend/src/api/backend/setPermissions.ts
View File

@@ -1,17 +1,10 @@
import * as api from "./base"; import * as api from "./base";
import type { UserPermissions } from "./models"; import type { UserPermissions } from "./models";
export async function setPermissions( export async function setPermissions(userId: number, data: UserPermissions): Promise<boolean> {
userId: number,
data: UserPermissions,
abortController?: AbortController,
): Promise<boolean> {
// Remove readonly fields // Remove readonly fields
return await api.put( return await api.put({
{ url: `/users/${userId}/permissions`,
url: `/users/${userId}/permissions`, data,
data, });
},
abortController,
);
} }

18
frontend/src/api/backend/testHttpCertificate.ts
View File

@@ -1,16 +1,10 @@
import * as api from "./base"; import * as api from "./base";
export async function testHttpCertificate( export async function testHttpCertificate(domains: string[]): Promise<Record<string, string>> {
domains: string[], return await api.get({
abortController?: AbortController, url: "/nginx/certificates/test-http",
): Promise<Record<string, string>> { params: {
return await api.get( domains: domains.join(","),
{
url: "/nginx/certificates/test-http",
params: {
domains: domains.join(","),
},
}, },
abortController, });
);
} }

15
frontend/src/api/backend/toggleDeadHost.ts
View File

@@ -1,14 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function toggleDeadHost( export async function toggleDeadHost(id: number, enabled: boolean): Promise<boolean> {
id: number, return await api.post({
enabled: boolean, url: `/nginx/dead-hosts/${id}/${enabled ? "enable" : "disable"}`,
abortController?: AbortController, });
): Promise<boolean> {
return await api.post(
{
url: `/nginx/dead-hosts/${id}/${enabled ? "enable" : "disable"}`,
},
abortController,
);
} }

15
frontend/src/api/backend/toggleProxyHost.ts
View File

@@ -1,14 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function toggleProxyHost( export async function toggleProxyHost(id: number, enabled: boolean): Promise<boolean> {
id: number, return await api.post({
enabled: boolean, url: `/nginx/proxy-hosts/${id}/${enabled ? "enable" : "disable"}`,
abortController?: AbortController, });
): Promise<boolean> {
return await api.post(
{
url: `/nginx/proxy-hosts/${id}/${enabled ? "enable" : "disable"}`,
},
abortController,
);
} }

15
frontend/src/api/backend/toggleRedirectionHost.ts
View File

@@ -1,14 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function toggleRedirectionHost( export async function toggleRedirectionHost(id: number, enabled: boolean): Promise<boolean> {
id: number, return await api.post({
enabled: boolean, url: `/nginx/redirection-hosts/${id}/${enabled ? "enable" : "disable"}`,
abortController?: AbortController, });
): Promise<boolean> {
return await api.post(
{
url: `/nginx/redirection-hosts/${id}/${enabled ? "enable" : "disable"}`,
},
abortController,
);
} }

11
frontend/src/api/backend/toggleStream.ts
View File

@@ -1,10 +1,7 @@
import * as api from "./base"; import * as api from "./base";
export async function toggleStream(id: number, enabled: boolean, abortController?: AbortController): Promise<boolean> { export async function toggleStream(id: number, enabled: boolean): Promise<boolean> {
return await api.post( return await api.post({
{ url: `/nginx/streams/${id}/${enabled ? "enable" : "disable"}`,
url: `/nginx/streams/${id}/${enabled ? "enable" : "disable"}`, });
},
abortController,
);
} }

10
frontend/src/api/backend/toggleUser.ts Normal file
View File

@@ -0,0 +1,10 @@
import type { User } from "./models";
import { updateUser } from "./updateUser";
export async function toggleUser(id: number, enabled: boolean): Promise<boolean> {
await updateUser({
id,
isDisabled: !enabled,
} as User);
return true;
}

13
frontend/src/api/backend/updateAccessList.ts
View File

@@ -1,15 +1,12 @@
import * as api from "./base"; import * as api from "./base";
import type { AccessList } from "./models"; import type { AccessList } from "./models";
export async function updateAccessList(item: AccessList, abortController?: AbortController): Promise<AccessList> { export async function updateAccessList(item: AccessList): Promise<AccessList> {
// Remove readonly fields // Remove readonly fields
const { id, createdOn: _, modifiedOn: __, ...data } = item; const { id, createdOn: _, modifiedOn: __, ...data } = item;
return await api.put( return await api.put({
{ url: `/nginx/access-lists/${id}`,
url: `/nginx/access-lists/${id}`, data: data,
data: data, });
},
abortController,
);
} }

18
frontend/src/api/backend/updateAuth.ts
View File

@@ -1,12 +1,7 @@
import * as api from "./base"; import * as api from "./base";
import type { User } from "./models"; import type { User } from "./models";
export async function updateAuth( export async function updateAuth(userId: number | "me", newPassword: string, current?: string): Promise<User> {
userId: number | "me",
newPassword: string,
current?: string,
abortController?: AbortController,
): Promise<User> {
const data = { const data = {
type: "password", type: "password",
current: current, current: current,
@@ -16,11 +11,8 @@ export async function updateAuth(
data.current = current; data.current = current;
} }
return await api.put( return await api.put({
{ url: `/users/${userId}/auth`,
url: `/users/${userId}/auth`, data,
data, });
},
abortController,
);
} }

13
frontend/src/api/backend/updateDeadHost.ts
View File

@@ -1,15 +1,12 @@
import * as api from "./base"; import * as api from "./base";
import type { DeadHost } from "./models"; import type { DeadHost } from "./models";
export async function updateDeadHost(item: DeadHost, abortController?: AbortController): Promise<DeadHost> { export async function updateDeadHost(item: DeadHost): Promise<DeadHost> {
// Remove readonly fields // Remove readonly fields
const { id, createdOn: _, modifiedOn: __, ...data } = item; const { id, createdOn: _, modifiedOn: __, ...data } = item;
return await api.put( return await api.put({
{ url: `/nginx/dead-hosts/${id}`,
url: `/nginx/dead-hosts/${id}`, data: data,
data: data, });
},
abortController,
);
} }

13
frontend/src/api/backend/updateProxyHost.ts
View File

@@ -1,15 +1,12 @@
import * as api from "./base"; import * as api from "./base";
import type { ProxyHost } from "./models"; import type { ProxyHost } from "./models";
export async function updateProxyHost(item: ProxyHost, abortController?: AbortController): Promise<ProxyHost> { export async function updateProxyHost(item: ProxyHost): Promise<ProxyHost> {
// Remove readonly fields // Remove readonly fields
const { id, createdOn: _, modifiedOn: __, ...data } = item; const { id, createdOn: _, modifiedOn: __, ...data } = item;
return await api.put( return await api.put({
{ url: `/nginx/proxy-hosts/${id}`,
url: `/nginx/proxy-hosts/${id}`, data: data,
data: data, });
},
abortController,
);
} }

16
frontend/src/api/backend/updateRedirectionHost.ts
View File

@@ -1,18 +1,12 @@
import * as api from "./base"; import * as api from "./base";
import type { RedirectionHost } from "./models"; import type { RedirectionHost } from "./models";
export async function updateRedirectionHost( export async function updateRedirectionHost(item: RedirectionHost): Promise<RedirectionHost> {
item: RedirectionHost,
abortController?: AbortController,
): Promise<RedirectionHost> {
// Remove readonly fields // Remove readonly fields
const { id, createdOn: _, modifiedOn: __, ...data } = item; const { id, createdOn: _, modifiedOn: __, ...data } = item;
return await api.put( return await api.put({
{ url: `/nginx/redirection-hosts/${id}`,
url: `/nginx/redirection-hosts/${id}`, data: data,
data: data, });
},
abortController,
);
} }

13
frontend/src/api/backend/updateSetting.ts
View File

@@ -1,15 +1,12 @@
import * as api from "./base"; import * as api from "./base";
import type { Setting } from "./models"; import type { Setting } from "./models";
export async function updateSetting(item: Setting, abortController?: AbortController): Promise<Setting> { export async function updateSetting(item: Setting): Promise<Setting> {
// Remove readonly fields // Remove readonly fields
const { id, ...data } = item; const { id, ...data } = item;
return await api.put( return await api.put({
{ url: `/settings/${id}`,
url: `/settings/${id}`, data: data,
data: data, });
},
abortController,
);
} }

13
frontend/src/api/backend/updateStream.ts
View File

@@ -1,15 +1,12 @@
import * as api from "./base"; import * as api from "./base";
import type { Stream } from "./models"; import type { Stream } from "./models";
export async function updateStream(item: Stream, abortController?: AbortController): Promise<Stream> { export async function updateStream(item: Stream): Promise<Stream> {
// Remove readonly fields // Remove readonly fields
const { id, createdOn: _, modifiedOn: __, ...data } = item; const { id, createdOn: _, modifiedOn: __, ...data } = item;
return await api.put( return await api.put({
{ url: `/nginx/streams/${id}`,
url: `/nginx/streams/${id}`, data: data,
data: data, });
},
abortController,
);
} }

13
frontend/src/api/backend/updateUser.ts
View File

@@ -1,15 +1,12 @@
import * as api from "./base"; import * as api from "./base";
import type { User } from "./models"; import type { User } from "./models";
export async function updateUser(item: User, abortController?: AbortController): Promise<User> { export async function updateUser(item: User): Promise<User> {
// Remove readonly fields // Remove readonly fields
const { id, createdOn: _, modifiedOn: __, ...data } = item; const { id, createdOn: _, modifiedOn: __, ...data } = item;
return await api.put( return await api.put({
{ url: `/users/${id}`,
url: `/users/${id}`, data: data,
data: data, });
},
abortController,
);
} }

12
frontend/src/api/backend/uploadCertificate.ts
View File

@@ -6,13 +6,9 @@ export async function uploadCertificate(
certificate: string, certificate: string,
certificateKey: string, certificateKey: string,
intermediateCertificate?: string, intermediateCertificate?: string,
abortController?: AbortController,
): Promise<Certificate> { ): Promise<Certificate> {
return await api.post( return await api.post({
{ url: `/nginx/certificates/${id}/upload`,
url: `/nginx/certificates/${id}/upload`, data: { certificate, certificateKey, intermediateCertificate },
data: { certificate, certificateKey, intermediateCertificate }, });
},
abortController,
);
} }

12
frontend/src/api/backend/validateCertificate.ts
View File

@@ -5,13 +5,9 @@ export async function validateCertificate(
certificate: string, certificate: string,
certificateKey: string, certificateKey: string,
intermediateCertificate?: string, intermediateCertificate?: string,
abortController?: AbortController,
): Promise<ValidatedCertificateResponse> { ): Promise<ValidatedCertificateResponse> {
return await api.post( return await api.post({
{ url: "/nginx/certificates/validate",
url: "/nginx/certificates/validate", data: { certificate, certificateKey, intermediateCertificate },
data: { certificate, certificateKey, intermediateCertificate }, });
},
abortController,
);
} }

10
frontend/src/components/ErrorNotFound.tsx
View File

@@ -1,6 +1,6 @@
import { intl } from "src/locale";
import { useNavigate } from "react-router-dom"; import { useNavigate } from "react-router-dom";
import { Button } from "src/components"; import { Button } from "src/components";
import { T } from "src/locale";
export function ErrorNotFound() { export function ErrorNotFound() {
const navigate = useNavigate(); const navigate = useNavigate();
@@ -8,13 +8,15 @@ export function ErrorNotFound() {
return ( return (
<div className="container-tight py-4"> <div className="container-tight py-4">
<div className="empty"> <div className="empty">
<p className="empty-title">{intl.formatMessage({ id: "notfound.title" })}</p> <p className="empty-title">
<T id="notfound.title" />
</p>
<p className="empty-subtitle text-secondary"> <p className="empty-subtitle text-secondary">
{intl.formatMessage({ id: "notfound.text" })} <T id="notfound.text" />
</p> </p>
<div className="empty-action"> <div className="empty-action">
<Button type="button" size="md" onClick={() => navigate("/")}> <Button type="button" size="md" onClick={() => navigate("/")}>
{intl.formatMessage({ id: "notfound.action" })} <T id="notfound.action" />
</Button> </Button>
</div> </div>
</div> </div>

99
frontend/src/components/Form/AccessField.tsx Normal file
View File

@@ -0,0 +1,99 @@
import { IconLock, IconLockOpen2 } from "@tabler/icons-react";
import { Field, useFormikContext } from "formik";
import type { ReactNode } from "react";
import Select, { type ActionMeta, components, type OptionProps } from "react-select";
import type { AccessList } from "src/api/backend";
import { useAccessLists } from "src/hooks";
import { DateTimeFormat, intl, T } from "src/locale";
interface AccessOption {
readonly value: number;
readonly label: string;
readonly subLabel: string;
readonly icon: ReactNode;
}
const Option = (props: OptionProps<AccessOption>) => {
return (
<components.Option {...props}>
<div className="flex-fill">
<div className="font-weight-medium">
{props.data.icon} <strong>{props.data.label}</strong>
</div>
<div className="text-secondary mt-1 ps-3">{props.data.subLabel}</div>
</div>
</components.Option>
);
};
interface Props {
id?: string;
name?: string;
label?: string;
}
export function AccessField({ name = "accessListId", label = "access.title", id = "accessListId" }: Props) {
const { isLoading, isError, error, data } = useAccessLists();
const { setFieldValue } = useFormikContext();
const handleChange = (newValue: any, _actionMeta: ActionMeta<AccessOption>) => {
setFieldValue(name, newValue?.value);
};
const options: AccessOption[] =
data?.map((item: AccessList) => ({
value: item.id || 0,
label: item.name,
subLabel: intl.formatMessage(
{ id: "access.subtitle" },
{
users: item?.items?.length,
rules: item?.clients?.length,
date: item?.createdOn ? DateTimeFormat(item?.createdOn) : "N/A",
},
),
icon: <IconLock size={14} className="text-lime" />,
})) || [];
// Public option
options?.unshift({
value: 0,
label: intl.formatMessage({ id: "access.public" }),
subLabel: "No basic auth required",
icon: <IconLockOpen2 size={14} className="text-red" />,
});
return (
<Field name={name}>
{({ field, form }: any) => (
<div className="mb-3">
<label className="form-label" htmlFor={id}>
<T id={label} />
</label>
{isLoading ? <div className="placeholder placeholder-lg col-12 my-3 placeholder-glow" /> : null}
{isError ? <div className="invalid-feedback">{`${error}`}</div> : null}
{!isLoading && !isError ? (
<Select
className="react-select-container"
classNamePrefix="react-select"
defaultValue={options.find((o) => o.value === field.value) || options[0]}
options={options}
components={{ Option }}
styles={{
option: (base) => ({
...base,
height: "100%",
}),
}}
onChange={handleChange}
/>
) : null}
{form.errors[field.name] ? (
<div className="invalid-feedback">
{form.errors[field.name] && form.touched[field.name] ? form.errors[field.name] : null}
</div>
) : null}
</div>
)}
</Field>
);
}

36
frontend/src/components/Form/BasicAuthField.tsx Normal file
View File

@@ -0,0 +1,36 @@
import { useFormikContext } from "formik";
import { T } from "src/locale";
interface Props {
id?: string;
name?: string;
}
export function BasicAuthField({ name = "items", id = "items" }: Props) {
const { setFieldValue } = useFormikContext();
return (
<>
<div className="row">
<div className="col-6">
<label className="form-label" htmlFor="...">
<T id="username" />
</label>
</div>
<div className="col-6">
<label className="form-label" htmlFor="...">
<T id="password" />
</label>
</div>
</div>
<div className="row mb-3">
<div className="col-6">
<input id="name" type="text" required autoComplete="off" className="form-control" />
</div>
<div className="col-6">
<input id="pw" type="password" required autoComplete="off" className="form-control" />
</div>
</div>
<button className="btn">+</button>
</>
);
}

8
frontend/src/components/Form/DNSProviderFields.module.css Normal file
View File

@@ -0,0 +1,8 @@
.dnsChallengeWarning {
border: 1px solid var(--tblr-orange-lt);
padding: 1rem;
border-radius: 0.375rem;
margin-top: 1rem;
background-color: var(--tblr-cyan-lt);
}

119
frontend/src/components/Form/DNSProviderFields.tsx Normal file
View File

@@ -0,0 +1,119 @@
import { Field, useFormikContext } from "formik";
import { useState } from "react";
import Select, { type ActionMeta } from "react-select";
import type { DNSProvider } from "src/api/backend";
import { useDnsProviders } from "src/hooks";
import styles from "./DNSProviderFields.module.css";
interface DNSProviderOption {
readonly value: string;
readonly label: string;
readonly credentials: string;
}
export function DNSProviderFields() {
const { values, setFieldValue } = useFormikContext();
const { data: dnsProviders, isLoading } = useDnsProviders();
const [dnsProviderId, setDnsProviderId] = useState<string | null>(null);
const v: any = values || {};
const handleChange = (newValue: any, _actionMeta: ActionMeta<DNSProviderOption>) => {
setFieldValue("meta.dnsProvider", newValue?.value);
setFieldValue("meta.dnsProviderCredentials", newValue?.credentials);
setDnsProviderId(newValue?.value);
};
const options: DNSProviderOption[] =
dnsProviders?.map((p: DNSProvider) => ({
value: p.id,
label: p.name,
credentials: p.credentials,
})) || [];
return (
<div className={styles.dnsChallengeWarning}>
<p className="text-info">
This section requires some knowledge about Certbot and DNS plugins. Please consult the respective
plugins documentation.
</p>
<Field name="meta.dnsProvider">
{({ field }: any) => (
<div className="row">
<label htmlFor="dnsProvider" className="form-label">
DNS Provider
</label>
<Select
className="react-select-container"
classNamePrefix="react-select"
name={field.name}
id="dnsProvider"
closeMenuOnSelect={true}
isClearable={false}
placeholder="Select a Provider..."
isLoading={isLoading}
isSearchable
onChange={handleChange}
options={options}
/>
</div>
)}
</Field>
{dnsProviderId ? (
<>
<Field name="meta.dnsProviderCredentials">
{({ field }: any) => (
<div className="mt-3">
<label htmlFor="dnsProviderCredentials" className="form-label">
Credentials File Content
</label>
<textarea
id="dnsProviderCredentials"
className="form-control textareaMono"
rows={3}
spellCheck={false}
value={v.meta.dnsProviderCredentials || ""}
{...field}
/>
<div>
<small className="text-muted">
This plugin requires a configuration file containing an API token or other
credentials to your provider
</small>
</div>
<div>
<small className="text-danger">
This data will be stored as plaintext in the database and in a file!
</small>
</div>
</div>
)}
</Field>
<Field name="meta.propagationSeconds">
{({ field }: any) => (
<div className="mt-3">
<label htmlFor="propagationSeconds" className="form-label">
Propagation Seconds
</label>
<input
id="propagationSeconds"
type="number"
x
className="form-control"
min={0}
max={600}
{...field}
/>
<small className="text-muted">
Leave empty to use the plugins default value. Number of seconds to wait for DNS
propagation.
</small>
</div>
)}
</Field>
</>
) : null}
</div>
);
}

82
frontend/src/components/Form/DomainNamesField.tsx Normal file
View File

@@ -0,0 +1,82 @@
import { Field, useFormikContext } from "formik";
import type { ReactNode } from "react";
import type { ActionMeta, MultiValue } from "react-select";
import CreatableSelect from "react-select/creatable";
import { intl, T } from "src/locale";
import { validateDomain, validateDomains } from "src/modules/Validations";
type SelectOption = {
label: string;
value: string;
color?: string;
};
interface Props {
id?: string;
maxDomains?: number;
isWildcardPermitted?: boolean;
dnsProviderWildcardSupported?: boolean;
name?: string;
label?: string;
}
export function DomainNamesField({
name = "domainNames",
label = "domain-names",
id = "domainNames",
maxDomains,
isWildcardPermitted = true,
dnsProviderWildcardSupported = true,
}: Props) {
const { setFieldValue } = useFormikContext();
const handleChange = (v: MultiValue<SelectOption>, _actionMeta: ActionMeta<SelectOption>) => {
const doms = v?.map((i: SelectOption) => {
return i.value;
});
setFieldValue(name, doms);
};
const helperTexts: ReactNode[] = [];
if (maxDomains) {
helperTexts.push(<T id="domain-names.max" data={{ count: maxDomains }} />);
}
if (!isWildcardPermitted) {
helperTexts.push(<T id="domain-names.wildcards-not-permitted" />);
} else if (!dnsProviderWildcardSupported) {
helperTexts.push(<T id="domain-names.wildcards-not-supported" />);
}
return (
<Field name={name} validate={validateDomains(isWildcardPermitted && dnsProviderWildcardSupported, maxDomains)}>
{({ field, form }: any) => (
<div className="mb-3">
<label className="form-label" htmlFor={id}>
<T id={label} />
</label>
<CreatableSelect
className="react-select-container"
classNamePrefix="react-select"
name={field.name}
id={id}
closeMenuOnSelect={true}
isClearable={false}
isValidNewOption={validateDomain(isWildcardPermitted && dnsProviderWildcardSupported)}
isMulti
placeholder={intl.formatMessage({ id: "domain-names.placeholder" })}
onChange={handleChange}
value={field.value?.map((d: string) => ({ label: d, value: d }))}
/>
{form.errors[field.name] && form.touched[field.name] ? (
<small className="text-danger">{form.errors[field.name]}</small>
) : helperTexts.length ? (
helperTexts.map((i, idx) => (
<small key={idx} className="text-info">
{i}
</small>
))
) : null}
</div>
)}
</Field>
);
}

40
frontend/src/components/Form/NginxConfigField.tsx Normal file
View File

@@ -0,0 +1,40 @@
import CodeEditor from "@uiw/react-textarea-code-editor";
import { Field } from "formik";
import { intl, T } from "src/locale";
interface Props {
id?: string;
name?: string;
label?: string;
}
export function NginxConfigField({
name = "advancedConfig",
label = "nginx-config.label",
id = "advancedConfig",
}: Props) {
return (
<Field name={name}>
{({ field }: any) => (
<div className="mt-3">
<label htmlFor={id} className="form-label">
<T id={label} />
</label>
<CodeEditor
language="nginx"
placeholder={intl.formatMessage({ id: "nginx-config.placeholder" })}
padding={15}
data-color-mode="dark"
minHeight={200}
indentWidth={2}
style={{
fontFamily: "ui-monospace,SFMono-Regular,SF Mono,Consolas,Liberation Mono,Menlo,monospace",
borderRadius: "0.3rem",
minHeight: "200px",
}}
{...field}
/>
</div>
)}
</Field>
);
}

Some files were not shown because too many files have changed in this diff Show More