ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-12-06 00:16:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: ThatGuyJack:c303b6964978c084e124832ec0a3fc452a34e0d6
Branches Tags
ThatGuyJack:develop ThatGuyJack:dependabot/npm_and_yarn/backend/jws-3.2.3 ThatGuyJack:dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1 ThatGuyJack:dependabot/npm_and_yarn/backend/express-4.22.0 ThatGuyJack:dependabot/npm_and_yarn/test/glob-10.5.0 ThatGuyJack:master ThatGuyJack:sqlite-test ThatGuyJack:lang-persian ThatGuyJack:dependabot/npm_and_yarn/test/form-data-4.0.4 ThatGuyJack:v3-abandoned ThatGuyJack:bump-freedns ThatGuyJack:openidc ThatGuyJack:ssl-passthrough-hosts ThatGuyJack:static-content
ThatGuyJack:v2.13.5 ThatGuyJack:v2.13.4 ThatGuyJack:v2.13.3 ThatGuyJack:v2.13.2 ThatGuyJack:v2.13.1 ThatGuyJack:v2.13.0 ThatGuyJack:v2.12.6 ThatGuyJack:v2.12.5 ThatGuyJack:v2.12.4 ThatGuyJack:v2.12.3 ThatGuyJack:v2.12.2 ThatGuyJack:v2.12.1 ThatGuyJack:v2.12.0 ThatGuyJack:v2.11.3 ThatGuyJack:v2.11.2 ThatGuyJack:v2.11.1 ThatGuyJack:v2.11.0 ThatGuyJack:v2.10.4 ThatGuyJack:v2.10.3 ThatGuyJack:v2.10.2 ThatGuyJack:v2.10.1 ThatGuyJack:v2.10.0 ThatGuyJack:v2.9.22 ThatGuyJack:v2.9.21 ThatGuyJack:v2.9.20 ThatGuyJack:v2.9.19 ThatGuyJack:v2.9.18 ThatGuyJack:v2.9.17 ThatGuyJack:v2.9.16 ThatGuyJack:v2.9.15 ThatGuyJack:v2.9.14 ThatGuyJack:v2.9.13 ThatGuyJack:v2.9.12 ThatGuyJack:v2.9.11 ThatGuyJack:v2.9.10 ThatGuyJack:v2.9.9 ThatGuyJack:v2.9.8 ThatGuyJack:v2.9.7 ThatGuyJack:v2.9.6 ThatGuyJack:v2.9.5 ThatGuyJack:v2.9.4 ThatGuyJack:v2.9.3 ThatGuyJack:v2.9.2 ThatGuyJack:v2.9.1 ThatGuyJack:v2.9.0 ThatGuyJack:v2.8.1 ThatGuyJack:v2.8.0 ThatGuyJack:v2.7.3 ThatGuyJack:v2.7.2 ThatGuyJack:v2.7.1 ThatGuyJack:v2.7.0 ThatGuyJack:v2.6.2 ThatGuyJack:v2.6.1 ThatGuyJack:v2.6.0 ThatGuyJack:v2.5.0 ThatGuyJack:v2.4.0 ThatGuyJack:v2.3.1 ThatGuyJack:v2.3.0 ThatGuyJack:v2.2.4 ThatGuyJack:v2.2.3 ThatGuyJack:v2.2.2 ThatGuyJack:v2.2.1 ThatGuyJack:v2.2.0 ThatGuyJack:v2.1.2 ThatGuyJack:v2.1.1 ThatGuyJack:v2.1.0 ThatGuyJack:2.0.14 ThatGuyJack:2.0.13 ThatGuyJack:2.0.12 ThatGuyJack:2.0.11 ThatGuyJack:2.0.10 ThatGuyJack:2.0.9 ThatGuyJack:2.0.8 ThatGuyJack:2.0.7 ThatGuyJack:2.0.6 ThatGuyJack:2.0.5 ThatGuyJack:2.0.4 ThatGuyJack:2.0.3 ThatGuyJack:2.0.2 ThatGuyJack:2.0.0 ThatGuyJack:v2.0.0 ThatGuyJack:1.1.2 ThatGuyJack:1.1.1 ThatGuyJack:1.0.1
...
compare: ThatGuyJack:sqlite-test
Branches Tags
ThatGuyJack:dependabot/npm_and_yarn/backend/jws-3.2.3 ThatGuyJack:dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1 ThatGuyJack:dependabot/npm_and_yarn/backend/express-4.22.0 ThatGuyJack:develop ThatGuyJack:dependabot/npm_and_yarn/test/glob-10.5.0 ThatGuyJack:master ThatGuyJack:sqlite-test ThatGuyJack:lang-persian ThatGuyJack:dependabot/npm_and_yarn/test/form-data-4.0.4 ThatGuyJack:v3-abandoned ThatGuyJack:bump-freedns ThatGuyJack:openidc ThatGuyJack:ssl-passthrough-hosts ThatGuyJack:static-content
ThatGuyJack:v2.13.5 ThatGuyJack:v2.13.4 ThatGuyJack:v2.13.3 ThatGuyJack:v2.13.2 ThatGuyJack:v2.13.1 ThatGuyJack:v2.13.0 ThatGuyJack:v2.12.6 ThatGuyJack:v2.12.5 ThatGuyJack:v2.12.4 ThatGuyJack:v2.12.3 ThatGuyJack:v2.12.2 ThatGuyJack:v2.12.1 ThatGuyJack:v2.12.0 ThatGuyJack:v2.11.3 ThatGuyJack:v2.11.2 ThatGuyJack:v2.11.1 ThatGuyJack:v2.11.0 ThatGuyJack:v2.10.4 ThatGuyJack:v2.10.3 ThatGuyJack:v2.10.2 ThatGuyJack:v2.10.1 ThatGuyJack:v2.10.0 ThatGuyJack:v2.9.22 ThatGuyJack:v2.9.21 ThatGuyJack:v2.9.20 ThatGuyJack:v2.9.19 ThatGuyJack:v2.9.18 ThatGuyJack:v2.9.17 ThatGuyJack:v2.9.16 ThatGuyJack:v2.9.15 ThatGuyJack:v2.9.14 ThatGuyJack:v2.9.13 ThatGuyJack:v2.9.12 ThatGuyJack:v2.9.11 ThatGuyJack:v2.9.10 ThatGuyJack:v2.9.9 ThatGuyJack:v2.9.8 ThatGuyJack:v2.9.7 ThatGuyJack:v2.9.6 ThatGuyJack:v2.9.5 ThatGuyJack:v2.9.4 ThatGuyJack:v2.9.3 ThatGuyJack:v2.9.2 ThatGuyJack:v2.9.1 ThatGuyJack:v2.9.0 ThatGuyJack:v2.8.1 ThatGuyJack:v2.8.0 ThatGuyJack:v2.7.3 ThatGuyJack:v2.7.2 ThatGuyJack:v2.7.1 ThatGuyJack:v2.7.0 ThatGuyJack:v2.6.2 ThatGuyJack:v2.6.1 ThatGuyJack:v2.6.0 ThatGuyJack:v2.5.0 ThatGuyJack:v2.4.0 ThatGuyJack:v2.3.1 ThatGuyJack:v2.3.0 ThatGuyJack:v2.2.4 ThatGuyJack:v2.2.3 ThatGuyJack:v2.2.2 ThatGuyJack:v2.2.1 ThatGuyJack:v2.2.0 ThatGuyJack:v2.1.2 ThatGuyJack:v2.1.1 ThatGuyJack:v2.1.0 ThatGuyJack:2.0.14 ThatGuyJack:2.0.13 ThatGuyJack:2.0.12 ThatGuyJack:2.0.11 ThatGuyJack:2.0.10 ThatGuyJack:2.0.9 ThatGuyJack:2.0.8 ThatGuyJack:2.0.7 ThatGuyJack:2.0.6 ThatGuyJack:2.0.5 ThatGuyJack:2.0.4 ThatGuyJack:2.0.3 ThatGuyJack:2.0.2 ThatGuyJack:2.0.0 ThatGuyJack:v2.0.0 ThatGuyJack:1.1.2 ThatGuyJack:1.1.1 ThatGuyJack:1.0.1

64 Commits
c303b69649 ... sqlite-tes

Author SHA1 Message Date
Jamie Curnow
7214bcdacb Attempt to fix race condition with database instantiation 2025-11-06 12:56:07 +10:00
Jamie Curnow
9dc7dc28d4 Update sqlite3 package again 2025-11-06 12:55:48 +10:00
Jamie Curnow
36e040157f Remove references to pebble ca 2025-11-06 09:42:32 +10:00
Jamie Curnow
be2599872e Use new pebble image location 2025-11-06 08:14:27 +10:00
Jamie Curnow
d7ff736abf Revert sqlite package to same as 2.12.* 2025-11-06 07:57:14 +10:00
Jamie Curnow
4cb85f6480 Fix #4833 supports the usual proxy env vars for outgoing admin related requests
All checks were successful
Close stale issues and PRs / stale (push) Successful in 20s
Details
2025-11-05 15:16:42 +10:00
jc21
df7dea2d16 Merge branch 'master' into develop 2025-11-05 12:35:06 +10:00
Jamie Curnow
23f4948bde Bump version 2025-11-05 12:33:59 +10:00
Jamie Curnow
0ceb7d0892 Fix #4838 when showing avatars of deleted users 2025-11-05 12:33:13 +10:00
Jamie Curnow
f35671db21 Fix #4837 for those with older config 2025-11-05 10:56:23 +10:00
Jamie Curnow
a3a0614948 Fix #4828 showing incorrect certicificate value 2025-11-05 10:21:55 +10:00
Jamie Curnow
06b67ed4bc Remove user name column from audit log
All checks were successful
Close stale issues and PRs / stale (push) Successful in 20s
Details
2025-11-04 14:57:10 +10:00
Jamie Curnow
4a0e27572e Fix missing translation for renew cert dialog 2025-11-04 14:54:02 +10:00
jc21
fbea8dfa9e Merge pull request #4825 from NginxProxyManager/develop 
v2.13.0
 2025-11-04 14:23:00 +10:00
Jamie Curnow
8c37348b65 Properly wrap debug calls 2025-11-04 13:43:52 +10:00
Jamie Curnow
2b3e9d72f4 Updated docs screenshots 2025-11-04 13:05:21 +10:00
jc21
a3e5235d81 Merge branch 'master' into develop
All checks were successful
Close stale issues and PRs / stale (push) Successful in 26s
Details
2025-11-04 07:47:04 +10:00
jc21
9875fa92f1 Merge pull request #4794 from Johno-ACSLive/develop 
Add basic MySQL TLS support
 2025-11-04 07:13:15 +10:00
jc21
ef5156b613 Merge pull request #4813 from potatojuicemachine/develop 
Adds Hetzner Cloud to available plugins
 2025-11-03 13:38:11 +10:00
Jamie Curnow
b9a34ebb7e Revert to cypress 14, 15 was causing problems with executing external commands 2025-11-03 12:53:23 +10:00
Jamie Curnow
7642d0a000 Cleanup cypress tests 2025-11-03 12:35:58 +10:00
Jamie Curnow
7a6a9de0ea Update frontend deps
All checks were successful
Close stale issues and PRs / stale (push) Successful in 19s
Details
2025-11-03 10:53:46 +10:00
Jamie Curnow
a5d50f9588 Update test deps 2025-11-03 10:52:53 +10:00
Jamie Curnow
612695c2e8 Upgrade biomejs 2025-11-03 10:51:16 +10:00
Jonathon Aroutsidis
71a2277b9b Replace spaces with tabs 2025-11-03 10:48:14 +11:00
Jonathon Aroutsidis
5acf287ea7 Aligned Assignments and arrow-parens 2025-11-03 10:48:14 +11:00
Jonathon Aroutsidis
e34206b526 Include SSL Options for MySQL 2025-11-03 10:46:20 +11:00
jc21
6b00adf8b9 Merge pull request #4725 from NginxProxyManager/dependabot/npm_and_yarn/test/eslint/plugin-kit-0.3.5 
Bump @eslint/plugin-kit from 0.3.2 to 0.3.5 in /test
 2025-11-03 08:49:30 +10:00
jc21
a93558278e Merge pull request #4763 from NginxProxyManager/dependabot/npm_and_yarn/test/axios-1.12.0 
Bump axios from 1.10.0 to 1.12.0 in /test
 2025-11-03 08:37:03 +10:00
jc21
bc2867b357 Merge pull request #4803 from NginxProxyManager/dependabot/npm_and_yarn/docs/vite-5.4.21 
Bump vite from 5.4.19 to 5.4.21 in /docs
 2025-11-03 08:18:00 +10:00
jc21
52093ba258 Merge pull request #4805 from vlauciani/patch-1 
Update PostgreSQL volume path in setup documentation for 18+
 2025-11-03 08:15:23 +10:00
jc21
24216f1f2f Merge pull request #4785 from NginxProxyManager/react 
v2.13.0 React UI
 2025-11-02 22:48:16 +10:00
Jamie Curnow
52e528f217 Remove incomplete languages and cleanup 2025-11-02 21:28:25 +10:00
Jamie Curnow
4709f9826c Permissions polish for restricted users 2025-10-31 12:50:54 +10:00
Jamie Curnow
74a8c5d806 Fix app crash when do unautorized things 2025-10-30 15:03:01 +10:00
Jamie Curnow
82a1a86c3a Log in as user support 2025-10-30 14:45:22 +10:00
Jamie Curnow
95957a192c Re-add dns_provider_credentials to swagger schema 2025-10-30 12:24:17 +10:00
Jamie Curnow
906ce8ced2 Swagger/openapi schema mega fixes and Cypress validation/enforcement 2025-10-30 11:50:51 +10:00
Tim Burr
e0985bee43 Merge remote-tracking branch 'base/react' into develop 2025-10-29 13:15:58 +01:00
Tim Burr
51dd6e6a1b Sets postgres version to 17 2025-10-29 10:59:01 +01:00
Jamie Curnow
89abb9d559 Fix bugs from feedback 2025-10-29 08:48:29 +10:00
Jamie Curnow
5d6916dcf0 Tidy up 
- Add help docs for most sections
- Add translations documentation
- Fix up todos
- Remove german translation
 2025-10-28 15:41:11 +10:00
Jamie Curnow
0f718570d6 Use status components for true/false things 2025-10-28 14:18:52 +10:00
Jamie Curnow
fac5f2cbc5 Cert column provider tweaks 2025-10-28 11:51:27 +10:00
Jamie Curnow
3b9beaeae5 Various tweaks and backend improvements 2025-10-28 11:38:26 +10:00
Jamie Curnow
7331cb3675 Audit log tweaks for certificates 2025-10-28 10:38:05 +10:00
Jamie Curnow
678593111e Settings polish 2025-10-28 08:53:01 +10:00
Tim Burr
a2ea63a539 Adds Hetzner Cloud 2025-10-27 13:48:41 +01:00
Jamie Curnow
c08b1be3cb Use code edit for dns provider config dialog 2025-10-27 19:42:58 +10:00
Jamie Curnow
ca3c9aa39a Show cert expiry date in yellow when < 30 days 2025-10-27 19:34:25 +10:00
Jamie Curnow
e4e5fb3b58 Update biome 2025-10-27 19:29:14 +10:00
Jamie Curnow
83a2c79e16 Custom certificate upload 2025-10-27 19:26:33 +10:00
Jamie Curnow
0de26f2950 Certificates react work 
- renewal and download
- table columns rendering
- searching
- deleting
 2025-10-27 18:08:37 +10:00
Jamie Curnow
7b5c70ed35 Fix cert renewal backend bug after refactor 2025-10-27 18:04:58 +10:00
Jamie Curnow
e4d9f48870 Fix creating wrong cert type when trying dns 2025-10-27 18:04:29 +10:00
jc21
2893ffb1e4 Merge pull request #4801 from sopex/react 
QoL: Link to dashboard 2.13
 2025-10-27 09:52:50 +10:00
Jamie Curnow
1a117a267c Fix to postgres 17 2025-10-27 08:13:03 +10:00
Valentino Lauciani
bfcd057755 Update PostgreSQL volume path in setup documentation for 18+ 2025-10-24 09:30:19 +02:00
dependabot[bot]
08bdc23131 Bump vite from 5.4.19 to 5.4.21 in /docs 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.4.19 to 5.4.21.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 5.4.21
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-21 07:13:05 +00:00
Konstantinos Spartalis
b8e3e594fb ;) 2025-10-17 16:00:59 +03:00
Konstantinos Spartalis
71251d2a0d :) 2025-10-17 13:51:06 +03:00
dependabot[bot]
c9aba0c928 Bump axios from 1.10.0 to 1.12.0 in /test 
Bumps [axios](https://github.com/axios/axios) from 1.10.0 to 1.12.0.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.10.0...v1.12.0)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.12.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-13 15:18:55 +00:00
dependabot[bot]
4397f57a51 Bump @eslint/plugin-kit from 0.3.2 to 0.3.5 in /test 
Bumps [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) from 0.3.2 to 0.3.5.
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/plugin-kit/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/plugin-kit-v0.3.5/packages/plugin-kit)

---
updated-dependencies:
- dependency-name: "@eslint/plugin-kit"
  dependency-version: 0.3.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-22 02:38:28 +00:00
jc21
356eaa0691 Merge pull request #4653 from NginxProxyManager/develop 
v2.12.6
 2025-07-10 07:18:53 +10:00
275 changed files with 5335 additions and 2095 deletions
Expand all files Collapse all files

2
.version
View File

@@ -1 +1 @@
2.13.0
2.13.1

2
README.md
View File

@@ -1,7 +1,7 @@
<p align="center">
<img src="https://nginxproxymanager.com/github.png">
<br><br>
<img src="https://img.shields.io/badge/version-2.13.0-green.svg?style=for-the-badge">
<img src="https://img.shields.io/badge/version-2.13.1-green.svg?style=for-the-badge">
<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
</a>

4
backend/app.js
View File

@@ -5,7 +5,7 @@ import fileUpload from "express-fileupload";
import { isDebugMode } from "./lib/config.js";
import cors from "./lib/express/cors.js";
import jwt from "./lib/express/jwt.js";
import { express as logger } from "./logger.js";
import { debug, express as logger } from "./logger.js";
import mainRoutes from "./routes/main.js";
/**
@@ -80,7 +80,7 @@ app.use((err, req, res, _) => {
// Not every error is worth logging - but this is good for now until it gets annoying.
if (typeof err.stack !== "undefined" && err.stack) {
logger.debug(err.stack);
debug(logger, err.stack);
if (typeof err.public === "undefined" || !err.public) {
logger.warn(err.message);
}

2
backend/biome.json
View File

@@ -1,5 +1,5 @@
{
"$schema": "https://biomejs.dev/schemas/2.2.4/schema.json",
"$schema": "https://biomejs.dev/schemas/2.3.2/schema.json",
"vcs": {
"enabled": true,
"clientKind": "git",

8
backend/certbot/dns-plugins.json
View File

@@ -294,6 +294,14 @@
"dependencies": "",
"credentials": "dns_hetzner_api_token = 0123456789abcdef0123456789abcdef",
"full_plugin_name": "dns-hetzner"
},
"hetzner-cloud": {
"name": "Hetzner Cloud",
"package_name": "certbot-dns-hetzner-cloud",
"version": "~=1.0.4",
"dependencies": "",
"credentials": "dns_hetzner_cloud_api_token = your_api_token_here",
"full_plugin_name": "dns-hetzner-cloud"
},
"hostingnl": {
"name": "Hosting.nl",

12
backend/db.js
View File

@@ -1,6 +1,8 @@
import knex from "knex";
import {configGet, configHas} from "./lib/config.js";
let instance = null;
const generateDbConfig = () => {
if (!configHas("database")) {
throw new Error(
@@ -22,6 +24,7 @@ const generateDbConfig = () => {
password: cfg.password,
database: cfg.name,
port: cfg.port,
...(cfg.ssl ? { ssl: cfg.ssl } : {})
},
migrations: {
tableName: "migrations",
@@ -29,4 +32,11 @@ const generateDbConfig = () => {
};
};
export default knex(generateDbConfig());
const getInstance = () => {
if (!instance) {
instance = knex(generateDbConfig());
}
return instance;
}
export default getInstance;

6
backend/internal/access-list.js
View File

@@ -195,11 +195,11 @@ const internalAccessList = {
);
await internalAccessList.build(freshRow)
if (Number.parseInt(row.proxy_host_count, 10)) {
await internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
if (Number.parseInt(freshRow.proxy_host_count, 10)) {
await internalNginx.bulkGenerateConfigs("proxy_host", freshRow.proxy_hosts);
}
await internalNginx.reload();
return internalAccessList.maskItems(row);
return internalAccessList.maskItems(freshRow);
},
/**

332
backend/internal/certificate.js
View File

@@ -1,16 +1,17 @@
import fs from "node:fs";
import https from "node:https";
import path from "path";
import archiver from "archiver";
import _ from "lodash";
import moment from "moment";
import path from "path";
import { ProxyAgent } from "proxy-agent";
import tempWrite from "temp-write";
import dnsPlugins from "../certbot/dns-plugins.json" with { type: "json" };
import { installPlugin } from "../lib/certbot.js";
import { useLetsencryptServer, useLetsencryptStaging } from "../lib/config.js";
import error from "../lib/error.js";
import utils from "../lib/utils.js";
import { ssl as logger } from "../logger.js";
import { debug, ssl as logger } from "../logger.js";
import certificateModel from "../models/certificate.js";
import tokenModel from "../models/token.js";
import userModel from "../models/user.js";
@@ -20,17 +21,15 @@ import internalNginx from "./nginx.js";
const letsencryptConfig = "/etc/letsencrypt.ini";
const certbotCommand = "certbot";
const certbotLogsDir = "/data/logs";
const certbotWorkDir = "/tmp/letsencrypt-lib";
const omissions = () => {
return ["is_deleted", "owner.is_deleted"];
return ["is_deleted", "owner.is_deleted", "meta.dns_provider_credentials"];
};
const internalCertificate = {
allowedSslFiles: [
"certificate",
"certificate_key",
"intermediate_certificate",
],
allowedSslFiles: ["certificate", "certificate_key", "intermediate_certificate"],
intervalTimeout: 1000 * 60 * 60, // 1 hour
interval: null,
intervalProcessing: false,
@@ -57,10 +56,7 @@ const internalCertificate = {
);
const expirationThreshold = moment()
.add(
internalCertificate.renewBeforeExpirationBy[0],
internalCertificate.renewBeforeExpirationBy[1],
)
.add(internalCertificate.renewBeforeExpirationBy[0], internalCertificate.renewBeforeExpirationBy[1])
.format("YYYY-MM-DD HH:mm:ss");
// Fetch all the letsencrypt certs from the db that will expire within the configured threshold
@@ -127,10 +123,7 @@ const internalCertificate = {
}
// this command really should clean up and delete the cert if it can't fully succeed
const certificate = await certificateModel
.query()
.insertAndFetch(data)
.then(utils.omitRow(omissions()));
const certificate = await certificateModel.query().insertAndFetch(data);
try {
if (certificate.provider === "letsencrypt") {
@@ -144,18 +137,12 @@ const internalCertificate = {
// 6. Re-instate previously disabled hosts
// 1. Find out any hosts that are using any of the hostnames in this cert
const inUseResult = await internalHost.getHostsWithDomains(
certificate.domain_names,
);
const inUseResult = await internalHost.getHostsWithDomains(certificate.domain_names);
// 2. Disable them in nginx temporarily
await internalCertificate.disableInUseHosts(inUseResult);
const user = await userModel
.query()
.where("is_deleted", 0)
.andWhere("id", data.owner_user_id)
.first();
const user = await userModel.query().where("is_deleted", 0).andWhere("id", data.owner_user_id).first();
if (!user || !user.email) {
throw new error.ValidationError(
"A valid email address must be set on your user account to use Let's Encrypt",
@@ -167,10 +154,7 @@ const internalCertificate = {
try {
await internalNginx.reload();
// 4. Request cert
await internalCertificate.requestLetsEncryptSslWithDnsChallenge(
certificate,
user.email,
);
await internalCertificate.requestLetsEncryptSslWithDnsChallenge(certificate, user.email);
await internalNginx.reload();
// 6. Re-instate previously disabled hosts
await internalCertificate.enableInUseHosts(inUseResult);
@@ -187,10 +171,7 @@ const internalCertificate = {
await internalNginx.reload();
setTimeout(() => {}, 5000);
// 4. Request cert
await internalCertificate.requestLetsEncryptSsl(
certificate,
user.email,
);
await internalCertificate.requestLetsEncryptSsl(certificate, user.email);
// 5. Remove LE config
await internalNginx.deleteLetsEncryptRequestConfig(certificate);
await internalNginx.reload();
@@ -214,9 +195,7 @@ const internalCertificate = {
const savedRow = await certificateModel
.query()
.patchAndFetchById(certificate.id, {
expires_on: moment(certInfo.dates.to, "X").format(
"YYYY-MM-DD HH:mm:ss",
),
expires_on: moment(certInfo.dates.to, "X").format("YYYY-MM-DD HH:mm:ss"),
})
.then(utils.omitRow(omissions()));
@@ -224,6 +203,9 @@ const internalCertificate = {
savedRow.meta = _.assign({}, savedRow.meta, {
letsencrypt_certificate: certInfo,
});
await internalCertificate.addCreatedAuditLog(access, certificate.id, savedRow);
return savedRow;
} catch (err) {
// Delete the certificate from the database if it was not created successfully
@@ -240,14 +222,18 @@ const internalCertificate = {
data.meta = _.assign({}, data.meta || {}, certificate.meta);
// Add to audit log
await internalCertificate.addCreatedAuditLog(access, certificate.id, utils.omitRow(omissions())(data));
return utils.omitRow(omissions())(certificate);
},
addCreatedAuditLog: async (access, certificate_id, meta) => {
await internalAuditLog.add(access, {
action: "created",
object_type: "certificate",
object_id: certificate.id,
meta: data,
object_id: certificate_id,
meta: meta,
});
return certificate;
},
/**
@@ -307,10 +293,7 @@ const internalCertificate = {
.query()
.where("is_deleted", 0)
.andWhere("id", data.id)
.allowGraph("[owner]")
.allowGraph("[proxy_hosts]")
.allowGraph("[redirection_hosts]")
.allowGraph("[dead_hosts]")
.allowGraph("[owner,proxy_hosts,redirection_hosts,dead_hosts,streams]")
.first();
if (accessData.permission_visibility !== "all") {
@@ -327,7 +310,24 @@ const internalCertificate = {
}
// Custom omissions
if (typeof data.omit !== "undefined" && data.omit !== null) {
return _.omit(row, data.omit);
return _.omit(row, [...data.omit]);
}
return internalCertificate.cleanExpansions(row);
},
cleanExpansions: (row) => {
if (typeof row.proxy_hosts !== "undefined") {
row.proxy_hosts = utils.omitRows(["is_deleted"])(row.proxy_hosts);
}
if (typeof row.redirection_hosts !== "undefined") {
row.redirection_hosts = utils.omitRows(["is_deleted"])(row.redirection_hosts);
}
if (typeof row.dead_hosts !== "undefined") {
row.dead_hosts = utils.omitRows(["is_deleted"])(row.dead_hosts);
}
if (typeof row.streams !== "undefined") {
row.streams = utils.omitRows(["is_deleted"])(row.streams);
}
return row;
},
@@ -344,9 +344,7 @@ const internalCertificate = {
if (certificate.provider === "letsencrypt") {
const zipDirectory = internalCertificate.getLiveCertPath(data.id);
if (!fs.existsSync(zipDirectory)) {
throw new error.ItemNotFoundError(
`Certificate ${certificate.nice_name} does not exists`,
);
throw new error.ItemNotFoundError(`Certificate ${certificate.nice_name} does not exists`);
}
const certFiles = fs
@@ -358,14 +356,12 @@ const internalCertificate = {
const opName = `/tmp/${downloadName}`;
await internalCertificate.zipFiles(certFiles, opName);
logger.debug("zip completed : ", opName);
debug(logger, "zip completed : ", opName);
return {
fileName: opName,
};
}
throw new error.ValidationError(
"Only Let'sEncrypt certificates can be downloaded",
);
throw new error.ValidationError("Only Let'sEncrypt certificates can be downloaded");
},
/**
@@ -380,7 +376,7 @@ const internalCertificate = {
return new Promise((resolve, reject) => {
source.map((fl) => {
const fileName = path.basename(fl);
logger.debug(fl, "added to certificate zip");
debug(logger, fl, "added to certificate zip");
archive.file(fl, { name: fileName });
return true;
});
@@ -441,7 +437,7 @@ const internalCertificate = {
.query()
.where("is_deleted", 0)
.groupBy("id")
.allowGraph("[owner,proxy_hosts,redirection_hosts,dead_hosts]")
.allowGraph("[owner,proxy_hosts,redirection_hosts,dead_hosts,streams]")
.orderBy("nice_name", "ASC");
if (accessData.permission_visibility !== "all") {
@@ -459,7 +455,11 @@ const internalCertificate = {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
return await query.then(utils.omitRows(omissions()));
const r = await query.then(utils.omitRows(omissions()));
for (let i = 0; i < r.length; i++) {
r[i] = internalCertificate.cleanExpansions(r[i]);
}
return r;
},
/**
@@ -470,10 +470,7 @@ const internalCertificate = {
* @returns {Promise}
*/
getCount: async (userId, visibility) => {
const query = certificateModel
.query()
.count("id as count")
.where("is_deleted", 0);
const query = certificateModel.query().count("id as count").where("is_deleted", 0);
if (visibility !== "all") {
query.andWhere("owner_user_id", userId);
@@ -521,17 +518,13 @@ const internalCertificate = {
});
}).then(() => {
return new Promise((resolve, reject) => {
fs.writeFile(
`${dir}/privkey.pem`,
certificate.meta.certificate_key,
(err) => {
fs.writeFile(`${dir}/privkey.pem`, certificate.meta.certificate_key, (err) => {
if (err) {
reject(err);
} else {
resolve();
}
},
);
});
});
});
},
@@ -604,9 +597,7 @@ const internalCertificate = {
upload: async (access, data) => {
const row = await internalCertificate.get(access, { id: data.id });
if (row.provider !== "other") {
throw new error.ValidationError(
"Cannot upload certificates for this type of provider",
);
throw new error.ValidationError("Cannot upload certificates for this type of provider");
}
const validations = await internalCertificate.validate(data);
@@ -622,9 +613,7 @@ const internalCertificate = {
const certificate = await internalCertificate.update(access, {
id: data.id,
expires_on: moment(validations.certificate.dates.to, "X").format(
"YYYY-MM-DD HH:mm:ss",
),
expires_on: moment(validations.certificate.dates.to, "X").format("YYYY-MM-DD HH:mm:ss"),
domain_names: [validations.certificate.cn],
meta: _.clone(row.meta), // Prevent the update method from changing this value that we'll use later
});
@@ -649,9 +638,7 @@ const internalCertificate = {
}, 10000);
try {
const result = await utils.exec(
`openssl pkey -in ${filepath} -check -noout 2>&1 `,
);
const result = await utils.exec(`openssl pkey -in ${filepath} -check -noout 2>&1 `);
clearTimeout(failTimeout);
if (!result.toLowerCase().includes("key is valid")) {
throw new error.ValidationError(`Result Validation Error: ${result}`);
@@ -661,10 +648,7 @@ const internalCertificate = {
} catch (err) {
clearTimeout(failTimeout);
fs.unlinkSync(filepath);
throw new error.ValidationError(
`Certificate Key is not valid (${err.message})`,
err,
);
throw new error.ValidationError(`Certificate Key is not valid (${err.message})`, err);
}
},
@@ -678,10 +662,7 @@ const internalCertificate = {
getCertificateInfo: async (certificate, throwExpired) => {
try {
const filepath = await tempWrite(certificate, "/tmp");
const certData = await internalCertificate.getCertificateInfoFromFile(
filepath,
throwExpired,
);
const certData = await internalCertificate.getCertificateInfoFromFile(filepath, throwExpired);
fs.unlinkSync(filepath);
return certData;
} catch (err) {
@@ -701,13 +682,7 @@ const internalCertificate = {
const certData = {};
try {
const result = await utils.execFile("openssl", [
"x509",
"-in",
certificateFile,
"-subject",
"-noout",
]);
const result = await utils.execFile("openssl", ["x509", "-in", certificateFile, "-subject", "-noout"]);
// Examples:
// subject=CN = *.jc21.com
// subject=CN = something.example.com
@@ -717,13 +692,7 @@ const internalCertificate = {
certData.cn = match[1];
}
const result2 = await utils.execFile("openssl", [
"x509",
"-in",
certificateFile,
"-issuer",
"-noout",
]);
const result2 = await utils.execFile("openssl", ["x509", "-in", certificateFile, "-issuer", "-noout"]);
// Examples:
// issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
// issuer=C = US, O = Let's Encrypt, CN = E5
@@ -734,13 +703,7 @@ const internalCertificate = {
certData.issuer = match2[1];
}
const result3 = await utils.execFile("openssl", [
"x509",
"-in",
certificateFile,
"-dates",
"-noout",
]);
const result3 = await utils.execFile("openssl", ["x509", "-in", certificateFile, "-dates", "-noout"]);
// notBefore=Jul 14 04:04:29 2018 GMT
// notAfter=Oct 12 04:04:29 2018 GMT
let validFrom = null;
@@ -752,10 +715,7 @@ const internalCertificate = {
const match = regex.exec(str.trim());
if (match && typeof match[2] !== "undefined") {
const date = Number.parseInt(
moment(match[2], "MMM DD HH:mm:ss YYYY z").format("X"),
10,
);
const date = Number.parseInt(moment(match[2], "MMM DD HH:mm:ss YYYY z").format("X"), 10);
if (match[1].toLowerCase() === "notbefore") {
validFrom = date;
@@ -767,15 +727,10 @@ const internalCertificate = {
});
if (!validFrom || !validTo) {
throw new error.ValidationError(
`Could not determine dates from certificate: ${result}`,
);
throw new error.ValidationError(`Could not determine dates from certificate: ${result}`);
}
if (
throw_expired &&
validTo < Number.parseInt(moment().format("X"), 10)
) {
if (throw_expired && validTo < Number.parseInt(moment().format("X"), 10)) {
throw new error.ValidationError("Certificate has expired");
}
@@ -786,10 +741,7 @@ const internalCertificate = {
return certData;
} catch (err) {
throw new error.ValidationError(
`Certificate is not valid (${err.message})`,
err,
);
throw new error.ValidationError(`Certificate is not valid (${err.message})`, err);
}
},
@@ -830,18 +782,18 @@ const internalCertificate = {
"--config",
letsencryptConfig,
"--work-dir",
"/tmp/letsencrypt-lib",
certbotWorkDir,
"--logs-dir",
"/tmp/letsencrypt-log",
certbotLogsDir,
"--cert-name",
`npm-${certificate.id}`,
"--agree-tos",
"--authenticator",
"webroot",
"--email",
"-m",
email,
"--preferred-challenges",
"dns,http",
"http",
"--domains",
certificate.domain_names.join(","),
];
@@ -870,11 +822,7 @@ const internalCertificate = {
const credentialsLocation = `/etc/letsencrypt/credentials/credentials-${certificate.id}`;
fs.mkdirSync("/etc/letsencrypt/credentials", { recursive: true });
fs.writeFileSync(
credentialsLocation,
certificate.meta.dns_provider_credentials,
{ mode: 0o600 },
);
fs.writeFileSync(credentialsLocation, certificate.meta.dns_provider_credentials, { mode: 0o600 });
// Whether the plugin has a --<name>-credentials argument
const hasConfigArg = certificate.meta.dns_provider !== "route53";
@@ -884,14 +832,16 @@ const internalCertificate = {
"--config",
letsencryptConfig,
"--work-dir",
"/tmp/letsencrypt-lib",
certbotWorkDir,
"--logs-dir",
"/tmp/letsencrypt-log",
certbotLogsDir,
"--cert-name",
`npm-${certificate.id}`,
"--agree-tos",
"--email",
"-m",
email,
"--preferred-challenges",
"dns",
"--domains",
certificate.domain_names.join(","),
"--authenticator",
@@ -899,10 +849,7 @@ const internalCertificate = {
];
if (hasConfigArg) {
args.push(
`--${dnsPlugin.full_plugin_name}-credentials`,
credentialsLocation,
);
args.push(`--${dnsPlugin.full_plugin_name}-credentials`, credentialsLocation);
}
if (certificate.meta.propagation_seconds !== undefined) {
args.push(
@@ -911,10 +858,7 @@ const internalCertificate = {
);
}
const adds = internalCertificate.getAdditionalCertbotArgs(
certificate.id,
certificate.meta.dns_provider,
);
const adds = internalCertificate.getAdditionalCertbotArgs(certificate.id, certificate.meta.dns_provider);
args.push(...adds.args);
logger.info(`Command: ${certbotCommand} ${args ? args.join(" ") : ""}`);
@@ -950,12 +894,8 @@ const internalCertificate = {
`${internalCertificate.getLiveCertPath(certificate.id)}/fullchain.pem`,
);
const updatedCertificate = await certificateModel
.query()
.patchAndFetchById(certificate.id, {
expires_on: moment(certInfo.dates.to, "X").format(
"YYYY-MM-DD HH:mm:ss",
),
const updatedCertificate = await certificateModel.query().patchAndFetchById(certificate.id, {
expires_on: moment(certInfo.dates.to, "X").format("YYYY-MM-DD HH:mm:ss"),
});
// Add to audit log
@@ -965,11 +905,11 @@ const internalCertificate = {
object_id: updatedCertificate.id,
meta: updatedCertificate,
});
} else {
throw new error.ValidationError(
"Only Let'sEncrypt certificates can be renewed",
);
return updatedCertificate;
}
throw new error.ValidationError("Only Let'sEncrypt certificates can be renewed");
},
/**
@@ -987,21 +927,18 @@ const internalCertificate = {
"--config",
letsencryptConfig,
"--work-dir",
"/tmp/letsencrypt-lib",
certbotWorkDir,
"--logs-dir",
"/tmp/letsencrypt-log",
certbotLogsDir,
"--cert-name",
`npm-${certificate.id}`,
"--preferred-challenges",
"dns,http",
"http",
"--no-random-sleep-on-renew",
"--disable-hook-validation",
];
const adds = internalCertificate.getAdditionalCertbotArgs(
certificate.id,
certificate.meta.dns_provider,
);
const adds = internalCertificate.getAdditionalCertbotArgs(certificate.id, certificate.meta.dns_provider);
args.push(...adds.args);
logger.info(`Command: ${certbotCommand} ${args ? args.join(" ") : ""}`);
@@ -1031,19 +968,18 @@ const internalCertificate = {
"--config",
letsencryptConfig,
"--work-dir",
"/tmp/letsencrypt-lib",
certbotWorkDir,
"--logs-dir",
"/tmp/letsencrypt-log",
certbotLogsDir,
"--cert-name",
`npm-${certificate.id}`,
"--preferred-challenges",
"dns",
"--disable-hook-validation",
"--no-random-sleep-on-renew",
];
const adds = internalCertificate.getAdditionalCertbotArgs(
certificate.id,
certificate.meta.dns_provider,
);
const adds = internalCertificate.getAdditionalCertbotArgs(certificate.id, certificate.meta.dns_provider);
args.push(...adds.args);
logger.info(`Command: ${certbotCommand} ${args ? args.join(" ") : ""}`);
@@ -1068,9 +1004,9 @@ const internalCertificate = {
"--config",
letsencryptConfig,
"--work-dir",
"/tmp/letsencrypt-lib",
certbotWorkDir,
"--logs-dir",
"/tmp/letsencrypt-log",
certbotLogsDir,
"--cert-path",
`${internalCertificate.getLiveCertPath(certificate.id)}/fullchain.pem`,
"--delete-after-revoke",
@@ -1083,9 +1019,7 @@ const internalCertificate = {
try {
const result = await utils.execFile(certbotCommand, args, adds.opts);
await utils.exec(
`rm -f '/etc/letsencrypt/credentials/credentials-${certificate.id}' || true`,
);
await utils.exec(`rm -f '/etc/letsencrypt/credentials/credentials-${certificate.id}' || true`);
logger.info(result);
return result;
} catch (err) {
@@ -1102,10 +1036,7 @@ const internalCertificate = {
*/
hasLetsEncryptSslCerts: (certificate) => {
const letsencryptPath = internalCertificate.getLiveCertPath(certificate.id);
return (
fs.existsSync(`${letsencryptPath}/fullchain.pem`) &&
fs.existsSync(`${letsencryptPath}/privkey.pem`)
);
return fs.existsSync(`${letsencryptPath}/fullchain.pem`) && fs.existsSync(`${letsencryptPath}/privkey.pem`);
},
/**
@@ -1119,24 +1050,15 @@ const internalCertificate = {
disableInUseHosts: async (inUseResult) => {
if (inUseResult?.total_count) {
if (inUseResult?.proxy_hosts.length) {
await internalNginx.bulkDeleteConfigs(
"proxy_host",
inUseResult.proxy_hosts,
);
await internalNginx.bulkDeleteConfigs("proxy_host", inUseResult.proxy_hosts);
}
if (inUseResult?.redirection_hosts.length) {
await internalNginx.bulkDeleteConfigs(
"redirection_host",
inUseResult.redirection_hosts,
);
await internalNginx.bulkDeleteConfigs("redirection_host", inUseResult.redirection_hosts);
}
if (inUseResult?.dead_hosts.length) {
await internalNginx.bulkDeleteConfigs(
"dead_host",
inUseResult.dead_hosts,
);
await internalNginx.bulkDeleteConfigs("dead_host", inUseResult.dead_hosts);
}
}
},
@@ -1152,24 +1074,15 @@ const internalCertificate = {
enableInUseHosts: async (inUseResult) => {
if (inUseResult.total_count) {
if (inUseResult.proxy_hosts.length) {
await internalNginx.bulkGenerateConfigs(
"proxy_host",
inUseResult.proxy_hosts,
);
await internalNginx.bulkGenerateConfigs("proxy_host", inUseResult.proxy_hosts);
}
if (inUseResult.redirection_hosts.length) {
await internalNginx.bulkGenerateConfigs(
"redirection_host",
inUseResult.redirection_hosts,
);
await internalNginx.bulkGenerateConfigs("redirection_host", inUseResult.redirection_hosts);
}
if (inUseResult.dead_hosts.length) {
await internalNginx.bulkGenerateConfigs(
"dead_host",
inUseResult.dead_hosts,
);
await internalNginx.bulkGenerateConfigs("dead_host", inUseResult.dead_hosts);
}
}
},
@@ -1184,8 +1097,7 @@ const internalCertificate = {
await access.can("certificates:list");
// Create a test challenge file
const testChallengeDir =
"/data/letsencrypt-acme-challenge/.well-known/acme-challenge";
const testChallengeDir = "/data/letsencrypt-acme-challenge/.well-known/acme-challenge";
const testChallengeFile = `${testChallengeDir}/test-challenge`;
fs.mkdirSync(testChallengeDir, { recursive: true });
fs.writeFileSync(testChallengeFile, "Success", { encoding: "utf8" });
@@ -1203,6 +1115,7 @@ const internalCertificate = {
performTestForDomain: async (domain) => {
logger.info(`Testing http challenge for ${domain}`);
const agent = new ProxyAgent();
const url = `http://${domain}/.well-known/acme-challenge/test-challenge`;
const formBody = `method=G&url=${encodeURI(url)}&bodytype=T&requestbody=&headername=User-Agent&headervalue=None&locationid=1&ch=false&cc=false`;
const options = {
@@ -1212,13 +1125,11 @@ const internalCertificate = {
"Content-Type": "application/x-www-form-urlencoded",
"Content-Length": Buffer.byteLength(formBody),
},
agent,
};
const result = await new Promise((resolve) => {
const req = https.request(
"https://www.site24x7.com/tools/restapi-tester",
options,
(res) => {
const req = https.request("https://www.site24x7.com/tools/restapi-tester", options, (res) => {
let responseBody = "";
res.on("data", (chunk) => {
@@ -1249,8 +1160,7 @@ const internalCertificate = {
resolve(undefined);
}
});
},
);
});
// Make sure to write the request body.
req.write(formBody);
@@ -1271,10 +1181,7 @@ const internalCertificate = {
);
return `other:${result.error.msg}`;
}
if (
`${result.responsecode}` === "200" &&
result.htmlresponse === "Success"
) {
if (`${result.responsecode}` === "200" && result.htmlresponse === "Success") {
// Server exists and has responded with the correct data
return "ok";
}
@@ -1288,26 +1195,19 @@ const internalCertificate = {
}
if (`${result.responsecode}` === "404") {
// Server exists but responded with a 404
logger.info(
`HTTP challenge test failed for domain ${domain} because code 404 was returned`,
);
logger.info(`HTTP challenge test failed for domain ${domain} because code 404 was returned`);
return "404";
}
if (
`${result.responsecode}` === "0" ||
(typeof result.reason === "string" &&
result.reason.toLowerCase() === "host unavailable")
(typeof result.reason === "string" && result.reason.toLowerCase() === "host unavailable")
) {
// Server does not exist at domain
logger.info(
`HTTP challenge test failed for domain ${domain} the host was not found`,
);
logger.info(`HTTP challenge test failed for domain ${domain} the host was not found`);
return "no-host";
}
// Other errors
logger.info(
`HTTP challenge test failed for domain ${domain} because code ${result.responsecode} was returned`,
);
logger.info(`HTTP challenge test failed for domain ${domain} because code ${result.responsecode} was returned`);
return `other:${result.responsecode}`;
},

4
backend/internal/ip_ranges.js
View File

@@ -2,6 +2,7 @@ import fs from "node:fs";
import https from "node:https";
import { dirname } from "node:path";
import { fileURLToPath } from "node:url";
import { ProxyAgent } from "proxy-agent";
import errs from "../lib/error.js";
import utils from "../lib/utils.js";
import { ipRanges as logger } from "../logger.js";
@@ -29,10 +30,11 @@ const internalIpRanges = {
},
fetchUrl: (url) => {
const agent = new ProxyAgent();
return new Promise((resolve, reject) => {
logger.info(`Fetching ${url}`);
return https
.get(url, (res) => {
.get(url, { agent }, (res) => {
res.setEncoding("utf8");
let raw_data = "";
res.on("data", (chunk) => {

28
backend/internal/nginx.js
View File

@@ -4,7 +4,7 @@ import { fileURLToPath } from "node:url";
import _ from "lodash";
import errs from "../lib/error.js";
import utils from "../lib/utils.js";
import { nginx as logger } from "../logger.js";
import { debug, nginx as logger } from "../logger.js";
const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename);
@@ -68,7 +68,7 @@ const internalNginx = {
return true;
});
logger.debug("Nginx test failed:", valid_lines.join("\n"));
debug(logger, "Nginx test failed:", valid_lines.join("\n"));
// config is bad, update meta and delete config
combined_meta = _.assign({}, host.meta, {
@@ -102,7 +102,7 @@ const internalNginx = {
* @returns {Promise}
*/
test: () => {
logger.debug("Testing Nginx configuration");
debug(logger, "Testing Nginx configuration");
return utils.execFile("/usr/sbin/nginx", ["-t", "-g", "error_log off;"]);
},
@@ -190,7 +190,7 @@ const internalNginx = {
const host = JSON.parse(JSON.stringify(host_row));
const nice_host_type = internalNginx.getFileFriendlyHostType(host_type);
logger.debug(`Generating ${nice_host_type} Config:`, JSON.stringify(host, null, 2));
debug(logger, `Generating ${nice_host_type} Config:`, JSON.stringify(host, null, 2));
const renderEngine = utils.getRenderEngine();
@@ -241,7 +241,7 @@ const internalNginx = {
.parseAndRender(template, host)
.then((config_text) => {
fs.writeFileSync(filename, config_text, { encoding: "utf8" });
logger.debug("Wrote config:", filename, config_text);
debug(logger, "Wrote config:", filename, config_text);
// Restore locations array
host.locations = origLocations;
@@ -249,7 +249,7 @@ const internalNginx = {
resolve(true);
})
.catch((err) => {
logger.debug(`Could not write ${filename}:`, err.message);
debug(logger, `Could not write ${filename}:`, err.message);
reject(new errs.ConfigurationError(err.message));
});
});
@@ -265,7 +265,7 @@ const internalNginx = {
* @returns {Promise}
*/
generateLetsEncryptRequestConfig: (certificate) => {
logger.debug("Generating LetsEncrypt Request Config:", certificate);
debug(logger, "Generating LetsEncrypt Request Config:", certificate);
const renderEngine = utils.getRenderEngine();
return new Promise((resolve, reject) => {
@@ -285,11 +285,11 @@ const internalNginx = {
.parseAndRender(template, certificate)
.then((config_text) => {
fs.writeFileSync(filename, config_text, { encoding: "utf8" });
logger.debug("Wrote config:", filename, config_text);
debug(logger, "Wrote config:", filename, config_text);
resolve(true);
})
.catch((err) => {
logger.debug(`Could not write ${filename}:`, err.message);
debug(logger, `Could not write ${filename}:`, err.message);
reject(new errs.ConfigurationError(err.message));
});
});
@@ -305,10 +305,10 @@ const internalNginx = {
return;
}
try {
logger.debug(`Deleting file: ${filename}`);
debug(logger, `Deleting file: ${filename}`);
fs.unlinkSync(filename);
} catch (err) {
logger.debug("Could not delete file:", JSON.stringify(err, null, 2));
debug(logger, "Could not delete file:", JSON.stringify(err, null, 2));
}
},
@@ -381,14 +381,14 @@ const internalNginx = {
},
/**
* @param {String} host_type
* @param {String} hostType
* @param {Array} hosts
* @returns {Promise}
*/
bulkGenerateConfigs: (host_type, hosts) => {
bulkGenerateConfigs: (hostType, hosts) => {
const promises = [];
hosts.map((host) => {
promises.push(internalNginx.generateConfig(host_type, host));
promises.push(internalNginx.generateConfig(hostType, host));
return true;
});

2
backend/lib/access.js
View File

@@ -265,7 +265,7 @@ export default function (tokenString) {
schemas: [roleSchema, permsSchema, objectSchema, permissionSchema],
});
const valid = ajv.validate("permissions", dataSchema);
const valid = await ajv.validate("permissions", dataSchema);
return valid && dataSchema[permission];
} catch (err) {
err.permission = permission;

16
backend/lib/config.js
View File

@@ -25,15 +25,26 @@ const configure = () => {
if (configData?.database) {
logger.info(`Using configuration from file: ${filename}`);
// Migrate those who have "mysql" engine to "mysql2"
if (configData.database.engine === "mysql") {
configData.database.engine = mysqlEngine;
}
instance = configData;
instance.keys = getKeys();
return;
}
}
const toBool = (v) => /^(1|true|yes|on)$/i.test((v || '').trim());
const envMysqlHost = process.env.DB_MYSQL_HOST || null;
const envMysqlUser = process.env.DB_MYSQL_USER || null;
const envMysqlName = process.env.DB_MYSQL_NAME || null;
const envMysqlSSL = toBool(process.env.DB_MYSQL_SSL);
const envMysqlSSLRejectUnauthorized = process.env.DB_MYSQL_SSL_REJECT_UNAUTHORIZED === undefined ? true : toBool(process.env.DB_MYSQL_SSL_REJECT_UNAUTHORIZED);
const envMysqlSSLVerifyIdentity = process.env.DB_MYSQL_SSL_VERIFY_IDENTITY === undefined ? true : toBool(process.env.DB_MYSQL_SSL_VERIFY_IDENTITY);
if (envMysqlHost && envMysqlUser && envMysqlName) {
// we have enough mysql creds to go with mysql
logger.info("Using MySQL configuration");
@@ -45,6 +56,7 @@ const configure = () => {
user: envMysqlUser,
password: process.env.DB_MYSQL_PASSWORD,
name: envMysqlName,
ssl: envMysqlSSL ? { rejectUnauthorized: envMysqlSSLRejectUnauthorized, verifyIdentity: envMysqlSSLVerifyIdentity } : false,
},
keys: getKeys(),
};
@@ -90,7 +102,9 @@ const configure = () => {
const getKeys = () => {
// Get keys from file
logger.debug("Cheecking for keys file:", keysFile);
if (isDebugMode()) {
logger.debug("Checking for keys file:", keysFile);
}
if (!fs.existsSync(keysFile)) {
generateKeys();
} else if (process.env.DEBUG) {

6
backend/lib/utils.js
View File

@@ -3,14 +3,14 @@ import { dirname } from "node:path";
import { fileURLToPath } from "node:url";
import { Liquid } from "liquidjs";
import _ from "lodash";
import { global as logger } from "../logger.js";
import { debug, global as logger } from "../logger.js";
import errs from "./error.js";
const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename);
const exec = async (cmd, options = {}) => {
logger.debug("CMD:", cmd);
debug(logger, "CMD:", cmd);
const { stdout, stderr } = await new Promise((resolve, reject) => {
const child = nodeExec(cmd, options, (isError, stdout, stderr) => {
if (isError) {
@@ -34,7 +34,7 @@ const exec = async (cmd, options = {}) => {
* @returns {Promise}
*/
const execFile = (cmd, args, options) => {
logger.debug(`CMD: ${cmd} ${args ? args.join(" ") : ""}`);
debug(logger, `CMD: ${cmd} ${args ? args.join(" ") : ""}`);
const opts = options || {};
return new Promise((resolve, reject) => {

9
backend/logger.js
View File

@@ -1,4 +1,5 @@
import signale from "signale";
import { isDebugMode } from "./lib/config.js";
const opts = {
logLevel: "info",
@@ -15,4 +16,10 @@ const importer = new signale.Signale({ scope: "Importer ", ...opts });
const setup = new signale.Signale({ scope: "Setup ", ...opts });
const ipRanges = new signale.Signale({ scope: "IP Ranges", ...opts });
export { global, migrate, express, access, nginx, ssl, certbot, importer, setup, ipRanges };
const debug = (logger, ...args) => {
if (isDebugMode()) {
logger.debug(...args);
}
};
export { debug, global, migrate, express, access, nginx, ssl, certbot, importer, setup, ipRanges };

4
backend/migrate.js
View File

@@ -2,9 +2,9 @@ import db from "./db.js";
import { migrate as logger } from "./logger.js";
const migrateUp = async () => {
const version = await db.migrate.currentVersion();
const version = await db().migrate.currentVersion();
logger.info("Current database version:", version);
return await db.migrate.latest({
return await db().migrate.latest({
tableName: "migrations",
directory: "migrations",
});

2
backend/models/access_list.js
View File

@@ -10,7 +10,7 @@ import now from "./now_helper.js";
import ProxyHostModel from "./proxy_host.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted", "satisfy_any", "pass_auth"];

2
backend/models/access_list_auth.js
View File

@@ -6,7 +6,7 @@ import db from "../db.js";
import accessListModel from "./access_list.js";
import now from "./now_helper.js";
Model.knex(db);
Model.knex(db());
class AccessListAuth extends Model {
$beforeInsert() {

2
backend/models/access_list_client.js
View File

@@ -6,7 +6,7 @@ import db from "../db.js";
import accessListModel from "./access_list.js";
import now from "./now_helper.js";
Model.knex(db);
Model.knex(db());
class AccessListClient extends Model {
$beforeInsert() {

2
backend/models/audit-log.js
View File

@@ -6,7 +6,7 @@ import db from "../db.js";
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
class AuditLog extends Model {
$beforeInsert() {

2
backend/models/auth.js
View File

@@ -8,7 +8,7 @@ import { convertBoolFieldsToInt, convertIntFieldsToBool } from "../lib/helpers.j
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted"];

14
backend/models/certificate.js
View File

@@ -8,9 +8,10 @@ import deadHostModel from "./dead_host.js";
import now from "./now_helper.js";
import proxyHostModel from "./proxy_host.js";
import redirectionHostModel from "./redirection_host.js";
import streamModel from "./stream.js";
import userModel from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted"];
@@ -114,6 +115,17 @@ class Certificate extends Model {
qb.where("redirection_host.is_deleted", 0);
},
},
streams: {
relation: Model.HasManyRelation,
modelClass: streamModel,
join: {
from: "certificate.id",
to: "stream.certificate_id",
},
modify: (qb) => {
qb.where("stream.is_deleted", 0);
},
},
};
}
}

2
backend/models/dead_host.js
View File

@@ -8,7 +8,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted", "ssl_forced", "http2_support", "enabled", "hsts_enabled", "hsts_subdomains"];

2
backend/models/now_helper.js
View File

@@ -2,7 +2,7 @@ import { Model } from "objection";
import db from "../db.js";
import { isSqlite } from "../lib/config.js";
Model.knex(db);
Model.knex(db());
export default () => {
if (isSqlite()) {

2
backend/models/proxy_host.js
View File

@@ -9,7 +9,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = [
"is_deleted",

2
backend/models/redirection_host.js
View File

@@ -8,7 +8,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = [
"is_deleted",

2
backend/models/setting.js
View File

@@ -4,7 +4,7 @@
import { Model } from "objection";
import db from "../db.js";
Model.knex(db);
Model.knex(db());
class Setting extends Model {
$beforeInsert () {

2
backend/models/stream.js
View File

@@ -5,7 +5,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted", "enabled", "tcp_forwarding", "udp_forwarding"];

2
backend/models/user.js
View File

@@ -7,7 +7,7 @@ import { convertBoolFieldsToInt, convertIntFieldsToBool } from "../lib/helpers.j
import now from "./now_helper.js";
import UserPermission from "./user_permission.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted", "is_disabled"];

2
backend/models/user_permission.js
View File

@@ -5,7 +5,7 @@ import { Model } from "objection";
import db from "../db.js";
import now from "./now_helper.js";
Model.knex(db);
Model.knex(db());
class UserPermission extends Model {
$beforeInsert () {

9
backend/package.json
View File

@@ -20,9 +20,9 @@
"body-parser": "^1.20.3",
"compression": "^1.7.4",
"express": "^4.20.0",
"express-fileupload": "^1.1.9",
"gravatar": "^1.8.0",
"jsonwebtoken": "^9.0.0",
"express-fileupload": "^1.5.2",
"gravatar": "^1.8.2",
"jsonwebtoken": "^9.0.2",
"knex": "2.4.2",
"liquidjs": "10.6.1",
"lodash": "^4.17.21",
@@ -32,13 +32,14 @@
"objection": "3.0.1",
"path": "^0.12.7",
"pg": "^8.16.3",
"proxy-agent": "^6.5.0",
"signale": "1.4.0",
"sqlite3": "^5.1.7",
"temp-write": "^4.0.0"
},
"devDependencies": {
"@apidevtools/swagger-parser": "^10.1.0",
"@biomejs/biome": "^2.3.0",
"@biomejs/biome": "^2.3.2",
"chalk": "4.1.2",
"nodemon": "^2.0.2"
},

6
backend/routes/audit-log.js
View File

@@ -2,7 +2,7 @@ import express from "express";
import internalAuditLog from "../internal/audit-log.js";
import jwtdecode from "../lib/express/jwt-decode.js";
import validator from "../lib/validator/index.js";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
const router = express.Router({
caseSensitive: true,
@@ -47,7 +47,7 @@ router
const rows = await internalAuditLog.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -99,7 +99,7 @@ router
});
res.status(200).send(item);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

12
backend/routes/nginx/access_lists.js
View File

@@ -3,7 +3,7 @@ import internalAccessList from "../../internal/access-list.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalAccessList.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -65,7 +65,7 @@ router
const result = await internalAccessList.create(res.locals.access, payload);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -113,7 +113,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -130,7 +130,7 @@ router
const result = await internalAccessList.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -147,7 +147,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

22
backend/routes/nginx/certificates.js
View File

@@ -5,7 +5,7 @@ import errs from "../../lib/error.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -58,7 +58,7 @@ router
);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -81,7 +81,7 @@ router
);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -115,7 +115,7 @@ router
clean.sort((a, b) => a.name.localeCompare(b.name));
res.status(200).send(clean);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -151,7 +151,7 @@ router
);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -185,7 +185,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -236,7 +236,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -253,7 +253,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -288,7 +288,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -318,7 +318,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -347,7 +347,7 @@ router
});
res.status(200).download(result.fileName);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

16
backend/routes/nginx/dead_hosts.js
View File

@@ -3,7 +3,7 @@ import internalDeadHost from "../../internal/dead-host.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalDeadHost.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -65,7 +65,7 @@ router
const result = await internalDeadHost.create(res.locals.access, payload);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -113,7 +113,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -130,7 +130,7 @@ router
const result = await internalDeadHost.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -147,7 +147,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -174,7 +174,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -199,7 +199,7 @@ router
const result = internalDeadHost.disable(res.locals.access, { id: Number.parseInt(req.params.host_id, 10) });
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

16
backend/routes/nginx/proxy_hosts.js
View File

@@ -3,7 +3,7 @@ import internalProxyHost from "../../internal/proxy-host.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalProxyHost.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -65,7 +65,7 @@ router
const result = await internalProxyHost.create(res.locals.access, payload);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err} ${JSON.stringify(err.debug, null, 2)}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err} ${JSON.stringify(err.debug, null, 2)}`);
next(err);
}
});
@@ -113,7 +113,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -130,7 +130,7 @@ router
const result = await internalProxyHost.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -147,7 +147,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -174,7 +174,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -201,7 +201,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

16
backend/routes/nginx/redirection_hosts.js
View File

@@ -3,7 +3,7 @@ import internalRedirectionHost from "../../internal/redirection-host.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalRedirectionHost.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -65,7 +65,7 @@ router
const result = await internalRedirectionHost.create(res.locals.access, payload);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -113,7 +113,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -133,7 +133,7 @@ router
const result = await internalRedirectionHost.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -150,7 +150,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -177,7 +177,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -204,7 +204,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

16
backend/routes/nginx/streams.js
View File

@@ -3,7 +3,7 @@ import internalStream from "../../internal/stream.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalStream.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -65,7 +65,7 @@ router
const result = await internalStream.create(res.locals.access, payload);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -113,7 +113,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -130,7 +130,7 @@ router
const result = await internalStream.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -147,7 +147,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -174,7 +174,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -201,7 +201,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

4
backend/routes/reports.js
View File

@@ -1,7 +1,7 @@
import express from "express";
import internalReport from "../internal/report.js";
import jwtdecode from "../lib/express/jwt-decode.js";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
const router = express.Router({
caseSensitive: true,
@@ -24,7 +24,7 @@ router
const data = await internalReport.getHostsReport(res.locals.access);
res.status(200).send(data);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

4
backend/routes/schema.js
View File

@@ -1,5 +1,5 @@
import express from "express";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
import PACKAGE from "../package.json" with { type: "json" };
import { getCompiledSchema } from "../schema/index.js";
@@ -36,7 +36,7 @@ router
swaggerJSON.servers[0].url = `${origin}/api`;
res.status(200).send(swaggerJSON);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

8
backend/routes/settings.js
View File

@@ -3,7 +3,7 @@ import internalSetting from "../internal/setting.js";
import jwtdecode from "../lib/express/jwt-decode.js";
import apiValidator from "../lib/validator/api.js";
import validator from "../lib/validator/index.js";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
import { getValidationSchema } from "../schema/index.js";
const router = express.Router({
@@ -32,7 +32,7 @@ router
const rows = await internalSetting.getAll(res.locals.access);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -76,7 +76,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -93,7 +93,7 @@ router
const result = await internalSetting.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

6
backend/routes/tokens.js
View File

@@ -2,7 +2,7 @@ import express from "express";
import internalToken from "../internal/token.js";
import jwtdecode from "../lib/express/jwt-decode.js";
import apiValidator from "../lib/validator/api.js";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
import { getValidationSchema } from "../schema/index.js";
const router = express.Router({
@@ -32,7 +32,7 @@ router
});
res.status(200).send(data);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -48,7 +48,7 @@ router
const result = await internalToken.getTokenFromEmail(data);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

20
backend/routes/users.js
View File

@@ -7,7 +7,7 @@ import jwtdecode from "../lib/express/jwt-decode.js";
import userIdFromMe from "../lib/express/user-id-from-me.js";
import apiValidator from "../lib/validator/api.js";
import validator from "../lib/validator/index.js";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
import { getValidationSchema } from "../schema/index.js";
import { isSetup } from "../setup.js";
@@ -61,7 +61,7 @@ router
);
res.status(200).send(users);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -101,7 +101,7 @@ router
const user = await internalUser.create(res.locals.access, payload);
res.status(201).send(user);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -124,7 +124,7 @@ router
await internalUser.deleteAll();
res.status(200).send(true);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
return;
@@ -185,7 +185,7 @@ router
});
res.status(200).send(user);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -205,7 +205,7 @@ router
const result = await internalUser.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -222,7 +222,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -255,7 +255,7 @@ router
const result = await internalUser.setPassword(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -291,7 +291,7 @@ router
);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -320,7 +320,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

157
backend/schema/common.json
View File

@@ -7,7 +7,8 @@
"description": "Unique identifier",
"readOnly": true,
"type": "integer",
"minimum": 1
"minimum": 1,
"example": 11
},
"expand": {
"anyOf": [
@@ -38,35 +39,42 @@
"created_on": {
"description": "Date and time of creation",
"readOnly": true,
"type": "string"
"type": "string",
"example": "2025-10-28T04:17:54.000Z"
},
"modified_on": {
"description": "Date and time of last update",
"readOnly": true,
"type": "string"
"type": "string",
"example": "2025-10-28T04:17:54.000Z"
},
"user_id": {
"description": "User ID",
"type": "integer",
"minimum": 1
"minimum": 1,
"example": 2
},
"certificate_id": {
"description": "Certificate ID",
"anyOf": [
{
"type": "integer",
"minimum": 0
"minimum": 0,
"example": 5
},
{
"type": "string",
"pattern": "^new$"
"pattern": "^new$",
"example": "new"
}
]
],
"example": 5
},
"access_list_id": {
"description": "Access List ID",
"type": "integer",
"minimum": 0
"minimum": 0,
"example": 3
},
"domain_names": {
"description": "Domain Names separated by a comma",
@@ -77,44 +85,157 @@
"items": {
"type": "string",
"pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$"
}
},
"example": ["example.com", "www.example.com"]
},
"enabled": {
"description": "Is Enabled",
"type": "boolean"
"type": "boolean",
"example": false
},
"ssl_forced": {
"description": "Is SSL Forced",
"type": "boolean"
"type": "boolean",
"example": true
},
"hsts_enabled": {
"description": "Is HSTS Enabled",
"type": "boolean"
"type": "boolean",
"example": true
},
"hsts_subdomains": {
"description": "Is HSTS applicable to all subdomains",
"type": "boolean"
"type": "boolean",
"example": true
},
"ssl_provider": {
"type": "string",
"pattern": "^(letsencrypt|other)$"
"pattern": "^(letsencrypt|other)$",
"example": "letsencrypt"
},
"http2_support": {
"description": "HTTP2 Protocol Support",
"type": "boolean"
"type": "boolean",
"example": true
},
"block_exploits": {
"description": "Should we block common exploits",
"type": "boolean"
"type": "boolean",
"example": false
},
"caching_enabled": {
"description": "Should we cache assets",
"type": "boolean"
"type": "boolean",
"example": true
},
"email": {
"description": "Email address",
"type": "string",
"pattern": "^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,}$"
"pattern": "^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,}$",
"example": "me@example.com"
},
"directive": {
"type": "string",
"enum": ["allow", "deny"],
"example": "allow"
},
"address": {
"oneOf": [
{
"type": "string",
"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
},
{
"type": "string",
"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
{
"type": "string",
"pattern": "^all$"
}
],
"example": "192.168.0.11"
},
"access_items": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"username": {
"type": "string",
"minLength": 1
},
"password": {
"type": "string"
}
},
"example": {
"username": "admin",
"password": "pass"
}
},
"example": [
{
"username": "admin",
"password": "pass"
}
]
},
"access_clients": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"address": {
"$ref": "#/properties/address"
},
"directive": {
"$ref": "#/properties/directive"
}
},
"example": {
"directive": "allow",
"address": "192.168.0.0/24"
}
},
"example": [
{
"directive": "allow",
"address": "192.168.0.0/24"
}
]
},
"certificate_files": {
"description": "Certificate Files",
"content": {
"multipart/form-data": {
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["certificate", "certificate_key"],
"properties": {
"certificate": {
"type": "string",
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
},
"certificate_key": {
"type": "string",
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
},
"intermediate_certificate": {
"type": "string",
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
}
}
},
"example": {
"certificate": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----",
"certificate_key": "-----BEGIN PRIVATE\nMIID...-----END CERTIFICATE-----"
}
}
}
}
}
}

48
backend/schema/components/access-list-object.json
View File

@@ -1,8 +1,7 @@
{
"type": "object",
"description": "Access List object",
"required": ["id", "created_on", "modified_on", "owner_user_id", "name", "directive", "address", "satisfy_any", "pass_auth", "meta"],
"additionalProperties": false,
"required": ["id", "created_on", "modified_on", "owner_user_id", "name", "meta", "satisfy_any", "pass_auth", "proxy_host_count"],
"properties": {
"id": {
"$ref": "../common.json#/properties/id"
@@ -18,36 +17,25 @@
},
"name": {
"type": "string",
"minLength": 1
},
"directive": {
"type": "string",
"enum": ["allow", "deny"]
},
"address": {
"oneOf": [
{
"type": "string",
"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
},
{
"type": "string",
"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
{
"type": "string",
"pattern": "^all$"
}
]
},
"satisfy_any": {
"type": "boolean"
},
"pass_auth": {
"type": "boolean"
"minLength": 1,
"example": "My Access List"
},
"meta": {
"type": "object"
"type": "object",
"example": {}
},
"satisfy_any": {
"type": "boolean",
"example": true
},
"pass_auth": {
"type": "boolean",
"example": false
},
"proxy_host_count": {
"type": "integer",
"minimum": 0,
"example": 3
}
}
}

9
backend/schema/components/audit-log-object.json
View File

@@ -26,16 +26,19 @@
"$ref": "../common.json#/properties/user_id"
},
"object_type": {
"type": "string"
"type": "string",
"example": "certificate"
},
"object_id": {
"$ref": "../common.json#/properties/id"
},
"action": {
"type": "string"
"type": "string",
"example": "created"
},
"meta": {
"type": "object"
"type": "object",
"example": {}
},
"user": {
"$ref": "./user-object.json"

16
backend/schema/components/certificate-object.json
View File

@@ -21,7 +21,8 @@
},
"nice_name": {
"type": "string",
"description": "Nice Name for the custom certificate"
"description": "Nice Name for the custom certificate",
"example": "My Custom Cert"
},
"domain_names": {
"description": "Domain Names separated by a comma",
@@ -31,12 +32,14 @@
"items": {
"type": "string",
"pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$"
}
},
"example": ["example.com", "www.example.com"]
},
"expires_on": {
"description": "Date and time of expiration",
"readOnly": true,
"type": "string"
"type": "string",
"example": "2025-10-28T04:17:54.000Z"
},
"owner": {
"$ref": "./user-object.json"
@@ -56,10 +59,10 @@
"dns_challenge": {
"type": "boolean"
},
"dns_provider": {
"dns_provider_credentials": {
"type": "string"
},
"dns_provider_credentials": {
"dns_provider": {
"type": "string"
},
"letsencrypt_certificate": {
@@ -69,6 +72,9 @@
"type": "integer",
"minimum": 0
}
},
"example": {
"dns_challenge": false
}
}
}

21
backend/schema/components/dead-host-object.json
View File

@@ -35,13 +35,30 @@
"$ref": "../common.json#/properties/http2_support"
},
"advanced_config": {
"type": "string"
"type": "string",
"example": ""
},
"enabled": {
"$ref": "../common.json#/properties/enabled"
},
"meta": {
"type": "object"
"type": "object",
"example": {}
},
"certificate": {
"oneOf": [
{
"type": "null",
"example": null
},
{
"$ref": "./certificate-object.json"
}
],
"example": null
},
"owner": {
"$ref": "./user-object.json"
}
}
}

6
backend/schema/components/error-object.json
View File

@@ -5,10 +5,12 @@
"required": ["code", "message"],
"properties": {
"code": {
"type": "integer"
"type": "integer",
"example": 400
},
"message": {
"type": "string"
"type": "string",
"example": "Bad Request"
}
}
}

9
backend/schema/components/health-object.json
View File

@@ -27,15 +27,18 @@
"properties": {
"major": {
"type": "integer",
"minimum": 0
"minimum": 0,
"example": 2
},
"minor": {
"type": "integer",
"minimum": 0
"minimum": 0,
"example": 10
},
"revision": {
"type": "integer",
"minimum": 0
"minimum": 0,
"example": 1
}
}
}

21
backend/schema/components/permission-object.json
View File

@@ -5,37 +5,44 @@
"visibility": {
"type": "string",
"description": "Visibility Type",
"enum": ["all", "user"]
"enum": ["all", "user"],
"example": "all"
},
"access_lists": {
"type": "string",
"description": "Access Lists Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "view"
},
"dead_hosts": {
"type": "string",
"description": "404 Hosts Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "manage"
},
"proxy_hosts": {
"type": "string",
"description": "Proxy Hosts Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "hidden"
},
"redirection_hosts": {
"type": "string",
"description": "Redirection Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "view"
},
"streams": {
"type": "string",
"description": "Streams Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "manage"
},
"certificates": {
"type": "string",
"description": "Certificates Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "hidden"
}
}
}

43
backend/schema/components/proxy-host-object.json
View File

@@ -24,7 +24,6 @@
"hsts_enabled",
"hsts_subdomains"
],
"additionalProperties": false,
"properties": {
"id": {
"$ref": "../common.json#/properties/id"
@@ -44,12 +43,14 @@
"forward_host": {
"type": "string",
"minLength": 1,
"maxLength": 255
"maxLength": 255,
"example": "127.0.0.1"
},
"forward_port": {
"type": "integer",
"minimum": 1,
"maximum": 65535
"maximum": 65535,
"example": 8080
},
"access_list_id": {
"$ref": "../common.json#/properties/access_list_id"
@@ -67,22 +68,28 @@
"$ref": "../common.json#/properties/block_exploits"
},
"advanced_config": {
"type": "string"
"type": "string",
"example": ""
},
"meta": {
"type": "object"
"type": "object",
"example": {
"nginx_online": true,
"nginx_err": null
}
},
"allow_websocket_upgrade": {
"description": "Allow Websocket Upgrade for all paths",
"example": true,
"type": "boolean"
"type": "boolean",
"example": true
},
"http2_support": {
"$ref": "../common.json#/properties/http2_support"
},
"forward_scheme": {
"type": "string",
"enum": ["http", "https"]
"enum": ["http", "https"],
"example": "http"
},
"enabled": {
"$ref": "../common.json#/properties/enabled"
@@ -118,7 +125,15 @@
"type": "string"
}
}
},
"example": [
{
"path": "/app",
"forward_scheme": "http",
"forward_host": "example.com",
"forward_port": 80
}
]
},
"hsts_enabled": {
"$ref": "../common.json#/properties/hsts_enabled"
@@ -129,12 +144,14 @@
"certificate": {
"oneOf": [
{
"type": "null"
"type": "null",
"example": null
},
{
"$ref": "./certificate-object.json"
}
]
],
"example": null
},
"owner": {
"$ref": "./user-object.json"
@@ -142,12 +159,14 @@
"access_list": {
"oneOf": [
{
"type": "null"
"type": "null",
"example": null
},
{
"$ref": "./access-list-object.json"
}
]
],
"example": null
}
}
}

64
backend/schema/components/redirection-host-object.json
View File

@@ -1,7 +1,26 @@
{
"type": "object",
"description": "Redirection Host object",
"required": ["id", "created_on", "modified_on", "owner_user_id", "domain_names", "forward_http_code", "forward_scheme", "forward_domain_name", "preserve_path", "certificate_id", "ssl_forced", "hsts_enabled", "hsts_subdomains", "http2_support", "block_exploits", "advanced_config", "enabled", "meta"],
"required": [
"id",
"created_on",
"modified_on",
"owner_user_id",
"domain_names",
"forward_http_code",
"forward_scheme",
"forward_domain_name",
"preserve_path",
"certificate_id",
"ssl_forced",
"hsts_enabled",
"hsts_subdomains",
"http2_support",
"block_exploits",
"advanced_config",
"enabled",
"meta"
],
"additionalProperties": false,
"properties": {
"id": {
@@ -21,25 +40,30 @@
},
"forward_http_code": {
"description": "Redirect HTTP Status Code",
"example": 302,
"type": "integer",
"minimum": 300,
"maximum": 308
"maximum": 308,
"example": 302
},
"forward_scheme": {
"type": "string",
"enum": ["auto", "http", "https"]
"enum": [
"auto",
"http",
"https"
],
"example": "http"
},
"forward_domain_name": {
"description": "Domain Name",
"example": "jc21.com",
"type": "string",
"pattern": "^(?:[^.*]+\\.?)+[^.]$"
"pattern": "^(?:[^.*]+\\.?)+[^.]$",
"example": "jc21.com"
},
"preserve_path": {
"description": "Should the path be preserved",
"example": true,
"type": "boolean"
"type": "boolean",
"example": true
},
"certificate_id": {
"$ref": "../common.json#/properties/certificate_id"
@@ -60,13 +84,33 @@
"$ref": "../common.json#/properties/block_exploits"
},
"advanced_config": {
"type": "string"
"type": "string",
"example": ""
},
"enabled": {
"$ref": "../common.json#/properties/enabled"
},
"meta": {
"type": "object"
"type": "object",
"example": {
"nginx_online": true,
"nginx_err": null
}
},
"certificate": {
"oneOf": [
{
"type": "null",
"example": null
},
{
"$ref": "./certificate-object.json"
}
],
"example": null
},
"owner": {
"$ref": "./user-object.json"
}
}
}

6
backend/schema/components/security-schemes.json
View File

@@ -1,6 +1,8 @@
{
"BearerAuth": {
"bearerAuth": {
"type": "http",
"scheme": "bearer"
"scheme": "bearer",
"bearerFormat": "JWT",
"description": "JWT Bearer Token authentication"
}
}

45
backend/schema/components/stream-object.json
View File

@@ -1,7 +1,19 @@
{
"type": "object",
"description": "Stream object",
"required": ["id", "created_on", "modified_on", "owner_user_id", "incoming_port", "forwarding_host", "forwarding_port", "tcp_forwarding", "udp_forwarding", "enabled", "meta"],
"required": [
"id",
"created_on",
"modified_on",
"owner_user_id",
"incoming_port",
"forwarding_host",
"forwarding_port",
"tcp_forwarding",
"udp_forwarding",
"enabled",
"meta"
],
"additionalProperties": false,
"properties": {
"id": {
@@ -19,15 +31,16 @@
"incoming_port": {
"type": "integer",
"minimum": 1,
"maximum": 65535
"maximum": 65535,
"example": 9090
},
"forwarding_host": {
"anyOf": [
{
"description": "Domain Name",
"example": "jc21.com",
"type": "string",
"pattern": "^(?:[^.*]+\\.?)+[^.]$"
"pattern": "^(?:[^.*]+\\.?)+[^.]$",
"example": "example.com"
},
{
"type": "string",
@@ -37,18 +50,22 @@
"type": "string",
"format": "ipv6"
}
]
],
"example": "example.com"
},
"forwarding_port": {
"type": "integer",
"minimum": 1,
"maximum": 65535
"maximum": 65535,
"example": 80
},
"tcp_forwarding": {
"type": "boolean"
"type": "boolean",
"example": true
},
"udp_forwarding": {
"type": "boolean"
"type": "boolean",
"example": false
},
"enabled": {
"$ref": "../common.json#/properties/enabled"
@@ -57,10 +74,8 @@
"$ref": "../common.json#/properties/certificate_id"
},
"meta": {
"type": "object"
},
"owner": {
"$ref": "./user-object.json"
"type": "object",
"example": {}
},
"certificate": {
"oneOf": [
@@ -70,7 +85,11 @@
{
"$ref": "./certificate-object.json"
}
]
],
"example": null
},
"owner": {
"$ref": "./user-object.json"
}
}
}

12
backend/schema/components/user-object.json
View File

@@ -77,37 +77,37 @@
"proxy_hosts": {
"type": "string",
"description": "Proxy Hosts access level",
"example": "all",
"example": "manage",
"pattern": "^(manage|view|hidden)$"
},
"redirection_hosts": {
"type": "string",
"description": "Redirection Hosts access level",
"example": "all",
"example": "manage",
"pattern": "^(manage|view|hidden)$"
},
"dead_hosts": {
"type": "string",
"description": "Dead Hosts access level",
"example": "all",
"example": "manage",
"pattern": "^(manage|view|hidden)$"
},
"streams": {
"type": "string",
"description": "Streams access level",
"example": "all",
"example": "manage",
"pattern": "^(manage|view|hidden)$"
},
"access_lists": {
"type": "string",
"description": "Access Lists access level",
"example": "all",
"example": "hidden",
"pattern": "^(manage|view|hidden)$"
},
"certificates": {
"type": "string",
"description": "Certificates access level",
"example": "all",
"example": "view",
"pattern": "^(manage|view|hidden)$"
}
}

4
backend/schema/paths/audit-log/get.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "getAuditLogs",
"summary": "Get Audit Logs",
"tags": ["Audit Log"],
"tags": ["audit-log"],
"security": [
{
"BearerAuth": ["audit-log"]
"bearerAuth": ["admin"]
}
],
"responses": {

9
backend/schema/paths/audit-log/id/get.json
View File

@@ -1,13 +1,11 @@
{
"operationId": "getAuditLog",
"summary": "Get Audit Log Event",
"tags": [
"Audit Log"
],
"tags": ["audit-log"],
"security": [
{
"BearerAuth": [
"audit-log"
"bearerAuth": [
"admin"
]
}
],
@@ -15,6 +13,7 @@
{
"in": "path",
"name": "id",
"description": "Audit Log Event ID",
"schema": {
"type": "integer",
"minimum": 1

2
backend/schema/paths/get.json
View File

@@ -1,7 +1,7 @@
{
"operationId": "health",
"summary": "Returns the API health status",
"tags": ["Public"],
"tags": ["public"],
"responses": {
"200": {
"description": "200 response",

21
backend/schema/paths/nginx/access-lists/get.json
View File

@@ -1,10 +1,12 @@
{
"operationId": "getAccessLists",
"summary": "Get all access lists",
"tags": ["Access Lists"],
"tags": ["access-lists"],
"security": [
{
"BearerAuth": ["access_lists"]
"bearerAuth": [
"access_lists.view"
]
}
],
"parameters": [
@@ -14,7 +16,12 @@
"description": "Expansions",
"schema": {
"type": "string",
"enum": ["owner", "items", "clients", "proxy_hosts"]
"enum": [
"owner",
"items",
"clients",
"proxy_hosts"
]
}
}
],
@@ -23,10 +30,7 @@
"description": "200 response",
"content": {
"application/json": {
"examples": {
"default": {
"value": [
{
"example": {
"id": 1,
"created_on": "2024-10-08T22:15:40.000Z",
"modified_on": "2024-10-08T22:15:40.000Z",
@@ -36,9 +40,6 @@
"satisfy_any": true,
"pass_auth": false,
"proxy_host_count": 0
}
]
}
},
"schema": {
"$ref": "../../../components/access-list-object.json"

5
backend/schema/paths/nginx/access-lists/listID/delete.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "deleteAccessList",
"summary": "Delete a Access List",
"tags": ["Access Lists"],
"tags": ["access-lists"],
"security": [
{
"BearerAuth": ["access_lists"]
"bearerAuth": ["access_lists.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "listID",
"description": "Access List ID",
"schema": {
"type": "integer",
"minimum": 1

25
backend/schema/paths/nginx/access-lists/listID/get.json
View File

@@ -1,16 +1,21 @@
{
"operationId": "getAccessList",
"summary": "Get a access List",
"tags": ["Access Lists"],
"tags": [
"access-lists"
],
"security": [
{
"BearerAuth": ["access_lists"]
"bearerAuth": [
"access_lists.view"
]
}
],
"parameters": [
{
"in": "path",
"name": "listID",
"description": "Access List ID",
"schema": {
"type": "integer",
"minimum": 1
@@ -28,14 +33,14 @@
"default": {
"value": {
"id": 1,
"created_on": "2020-01-30T09:36:08.000Z",
"modified_on": "2020-01-30T09:41:04.000Z",
"is_disabled": false,
"email": "jc@jc21.com",
"name": "Jamie Curnow",
"nickname": "James",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"roles": ["admin"]
"created_on": "2025-10-28T04:06:55.000Z",
"modified_on": "2025-10-29T22:48:20.000Z",
"owner_user_id": 1,
"name": "My Access List",
"meta": {},
"satisfy_any": false,
"pass_auth": false,
"proxy_host_count": 1
}
}
},

59
backend/schema/paths/nginx/access-lists/listID/put.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "updateAccessList",
"summary": "Update a Access List",
"tags": ["Access Lists"],
"tags": ["access-lists"],
"security": [
{
"BearerAuth": ["access_lists"]
"bearerAuth": ["access_lists.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "listID",
"description": "Access List ID",
"schema": {
"type": "integer",
"minimum": 1
@@ -39,50 +40,29 @@
"$ref": "../../../../components/access-list-object.json#/properties/pass_auth"
},
"items": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"username": {
"type": "string",
"minLength": 1
},
"password": {
"type": "string"
}
}
}
"$ref": "../../../../common.json#/properties/access_items"
},
"clients": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"address": {
"oneOf": [
{
"type": "string",
"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
"$ref": "../../../../common.json#/properties/access_clients"
}
}
},
"example": {
"name": "My Access List",
"satisfy_any": true,
"pass_auth": false,
"items": [
{
"type": "string",
"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
"username": "admin2",
"password": "pass2"
}
],
"clients": [
{
"type": "string",
"pattern": "^all$"
"directive": "allow",
"address": "192.168.0.0/24"
}
]
},
"directive": {
"$ref": "../../../../components/access-list-object.json#/properties/directive"
}
}
}
}
}
}
}
}
@@ -108,7 +88,6 @@
"id": 1,
"created_on": "2024-10-07T22:43:55.000Z",
"modified_on": "2024-10-08T12:52:54.000Z",
"is_deleted": false,
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",

72
backend/schema/paths/nginx/access-lists/post.json
View File

@@ -1,10 +1,12 @@
{
"operationId": "createAccessList",
"summary": "Create a Access List",
"tags": ["Access Lists"],
"tags": ["access-lists"],
"security": [
{
"BearerAuth": ["access_lists"]
"bearerAuth": [
"access_lists.manage"
]
}
],
"requestBody": {
@@ -15,7 +17,9 @@
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["name"],
"required": [
"name"
],
"properties": {
"name": {
"$ref": "../../../components/access-list-object.json#/properties/name"
@@ -27,54 +31,29 @@
"$ref": "../../../components/access-list-object.json#/properties/pass_auth"
},
"items": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"username": {
"type": "string",
"minLength": 1
},
"password": {
"type": "string",
"minLength": 1
}
}
}
"$ref": "../../../common.json#/properties/access_items"
},
"clients": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"address": {
"oneOf": [
{
"type": "string",
"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
"$ref": "../../../common.json#/properties/access_clients"
}
}
},
"example": {
"name": "My Access List",
"satisfy_any": true,
"pass_auth": false,
"items": [
{
"type": "string",
"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
"username": "admin",
"password": "pass"
}
],
"clients": [
{
"type": "string",
"pattern": "^all$"
"directive": "allow",
"address": "192.168.0.0/24"
}
]
},
"directive": {
"$ref": "../../../components/access-list-object.json#/properties/directive"
}
}
}
},
"meta": {
"$ref": "../../../components/access-list-object.json#/properties/meta"
}
}
}
}
}
@@ -100,13 +79,14 @@
"id": 1,
"created_on": "2024-10-07T22:43:55.000Z",
"modified_on": "2024-10-08T12:52:54.000Z",
"is_deleted": false,
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",
"nickname": "some guy",
"avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm",
"roles": ["admin"]
"roles": [
"admin"
]
},
"items": [
{

5
backend/schema/paths/nginx/certificates/certID/delete.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "deleteCertificate",
"summary": "Delete a Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "certID",
"description": "Certificate ID",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/certificates/certID/download/get.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "downloadCertificate",
"summary": "Downloads a Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "certID",
"description": "Certificate ID",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/certificates/certID/get.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "getCertificate",
"summary": "Get a Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.view"]
}
],
"parameters": [
{
"in": "path",
"name": "certID",
"description": "Certificate ID",
"schema": {
"type": "integer",
"minimum": 1

6
backend/schema/paths/nginx/certificates/certID/renew/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "renewCertificate",
"summary": "Renews a Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "certID",
"description": "Certificate ID",
"schema": {
"type": "integer",
"minimum": 1
@@ -32,7 +33,6 @@
"id": 4,
"created_on": "2024-10-09T05:31:58.000Z",
"owner_user_id": 1,
"is_deleted": false,
"provider": "letsencrypt",
"nice_name": "My Test Cert",
"domain_names": ["test.jc21.supernerd.pro"],

37
backend/schema/paths/nginx/certificates/certID/upload/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "uploadCertificate",
"summary": "Uploads a custom Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "certID",
"description": "Certificate ID",
"schema": {
"type": "integer",
"minimum": 1
@@ -20,28 +21,7 @@
}
],
"requestBody": {
"description": "Certificate Files",
"required": true,
"content": {
"multipart/form-data": {
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["certificate", "certificate_key"],
"properties": {
"certificate": {
"type": "string"
},
"certificate_key": {
"type": "string"
},
"intermediate_certificate": {
"type": "string"
}
}
}
}
}
"$ref": "../../../../../common.json#/properties/certificate_files"
},
"responses": {
"200": {
@@ -63,15 +43,18 @@
"properties": {
"certificate": {
"type": "string",
"minLength": 1
"minLength": 1,
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
},
"certificate_key": {
"type": "string",
"minLength": 1
"minLength": 1,
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
},
"intermediate_certificate": {
"type": "string",
"minLength": 1
"minLength": 1,
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
}
}
}

8
backend/schema/paths/nginx/certificates/dns-providers/get.json
View File

@@ -1,14 +1,10 @@
{
"operationId": "getDNSProviders",
"summary": "Get DNS Providers for Certificates",
"tags": [
"Certificates"
],
"tags": ["certificates"],
"security": [
{
"BearerAuth": [
"certificates"
]
"bearerAuth": ["certificates.view"]
}
],
"responses": {

4
backend/schema/paths/nginx/certificates/get.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "getCertificates",
"summary": "Get all certificates",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.view"]
}
],
"parameters": [

12
backend/schema/paths/nginx/certificates/post.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "createCertificate",
"summary": "Create a Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"requestBody": {
@@ -30,6 +30,13 @@
"$ref": "../../../components/certificate-object.json#/properties/meta"
}
}
},
"example": {
"provider": "letsencrypt",
"domain_names": ["test.example.com"],
"meta": {
"dns_challenge": false
}
}
}
}
@@ -47,7 +54,6 @@
"id": 5,
"created_on": "2024-10-09 05:28:35",
"owner_user_id": 1,
"is_deleted": false,
"provider": "letsencrypt",
"nice_name": "test.example.com",
"domain_names": ["test.example.com"],

4
backend/schema/paths/nginx/certificates/test-http/post.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "testHttpReach",
"summary": "Test HTTP Reachability",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.view"]
}
],
"requestBody": {

40
backend/schema/paths/nginx/certificates/validate/post.json
View File

@@ -1,35 +1,14 @@
{
"operationId": "validateCertificates",
"summary": "Validates given Custom Certificates",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"requestBody": {
"description": "Certificate Files",
"required": true,
"content": {
"multipart/form-data": {
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["certificate", "certificate_key"],
"properties": {
"certificate": {
"type": "string"
},
"certificate_key": {
"type": "string"
},
"intermediate_certificate": {
"type": "string"
}
}
}
}
}
"$ref": "../../../../common.json#/properties/certificate_files"
},
"responses": {
"200": {
@@ -62,10 +41,12 @@
"required": ["cn", "issuer", "dates"],
"properties": {
"cn": {
"type": "string"
"type": "string",
"example": "example.com"
},
"issuer": {
"type": "string"
"type": "string",
"example": "C = US, O = Let's Encrypt, CN = E5"
},
"dates": {
"type": "object",
@@ -78,12 +59,17 @@
"to": {
"type": "integer"
}
},
"example": {
"from": 1728448218,
"to": 1736224217
}
}
}
},
"certificate_key": {
"type": "boolean"
"type": "boolean",
"example": true
}
}
}

4
backend/schema/paths/nginx/dead-hosts/get.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "getDeadHosts",
"summary": "Get all 404 hosts",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.view"]
}
],
"parameters": [

5
backend/schema/paths/nginx/dead-hosts/hostID/delete.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "deleteDeadHost",
"summary": "Delete a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the 404 Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "disableDeadHost",
"summary": "Disable a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the 404 Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "enableDeadHost",
"summary": "Enable a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the 404 Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/dead-hosts/hostID/get.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "getDeadHost",
"summary": "Get a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.view"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the 404 Host",
"schema": {
"type": "integer",
"minimum": 1

6
backend/schema/paths/nginx/dead-hosts/hostID/put.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "updateDeadHost",
"summary": "Update a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the 404 Host",
"schema": {
"type": "integer",
"minimum": 1
@@ -86,7 +87,6 @@
"id": 1,
"created_on": "2024-10-09T00:59:56.000Z",
"modified_on": "2024-10-09T00:59:56.000Z",
"is_deleted": false,
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",

31
backend/schema/paths/nginx/dead-hosts/post.json
View File

@@ -1,10 +1,12 @@
{
"operationId": "create404Host",
"summary": "Create a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": [
"dead_hosts.manage"
]
}
],
"requestBody": {
@@ -15,7 +17,9 @@
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["domain_names"],
"required": [
"domain_names"
],
"properties": {
"domain_names": {
"$ref": "../../../components/dead-host-object.json#/properties/domain_names"
@@ -42,6 +46,18 @@
"$ref": "../../../components/dead-host-object.json#/properties/meta"
}
}
},
"example": {
"domain_names": [
"test.example.com"
],
"certificate_id": 0,
"ssl_forced": false,
"advanced_config": "",
"http2_support": false,
"hsts_enabled": false,
"hsts_subdomains": false,
"meta": {}
}
}
}
@@ -58,7 +74,9 @@
"created_on": "2024-10-09T01:38:52.000Z",
"modified_on": "2024-10-09T01:38:52.000Z",
"owner_user_id": 1,
"domain_names": ["test.example.com"],
"domain_names": [
"test.example.com"
],
"certificate_id": 0,
"ssl_forced": false,
"advanced_config": "",
@@ -72,13 +90,14 @@
"id": 1,
"created_on": "2024-10-09T00:59:56.000Z",
"modified_on": "2024-10-09T00:59:56.000Z",
"is_deleted": false,
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",
"nickname": "Admin",
"avatar": "",
"roles": ["admin"]
"roles": [
"admin"
]
}
}
}

28
backend/schema/paths/nginx/proxy-hosts/get.json
View File

@@ -1,10 +1,12 @@
{
"operationId": "getProxyHosts",
"summary": "Get all proxy hosts",
"tags": ["Proxy Hosts"],
"tags": ["proxy-hosts"],
"security": [
{
"BearerAuth": ["proxy_hosts"]
"bearerAuth": [
"proxy_hosts.view"
]
}
],
"parameters": [
@@ -14,7 +16,11 @@
"description": "Expansions",
"schema": {
"type": "string",
"enum": ["access_list", "owner", "certificate"]
"enum": [
"access_list",
"owner",
"certificate"
]
}
}
],
@@ -28,14 +34,16 @@
"value": [
{
"id": 1,
"created_on": "2024-10-08T23:23:03.000Z",
"modified_on": "2024-10-08T23:23:04.000Z",
"created_on": "2025-10-28T01:10:26.000Z",
"modified_on": "2025-10-28T04:07:16.000Z",
"owner_user_id": 1,
"domain_names": ["test.example.com"],
"domain_names": [
"test.jc21com"
],
"forward_host": "127.0.0.1",
"forward_port": 8989,
"access_list_id": 0,
"certificate_id": 0,
"forward_port": 8081,
"access_list_id": 1,
"certificate_id": 1,
"ssl_forced": false,
"caching_enabled": false,
"block_exploits": false,
@@ -48,7 +56,7 @@
"http2_support": false,
"forward_scheme": "http",
"enabled": true,
"locations": null,
"locations": [],
"hsts_enabled": false,
"hsts_subdomains": false
}

5
backend/schema/paths/nginx/proxy-hosts/hostID/delete.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "deleteProxyHost",
"summary": "Delete a Proxy Host",
"tags": ["Proxy Hosts"],
"tags": ["proxy-hosts"],
"security": [
{
"BearerAuth": ["proxy_hosts"]
"bearerAuth": ["proxy_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the Proxy Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "disableProxyHost",
"summary": "Disable a Proxy Host",
"tags": ["Proxy Hosts"],
"tags": ["proxy-hosts"],
"security": [
{
"BearerAuth": ["proxy_hosts"]
"bearerAuth": ["proxy_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the Proxy Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "enableProxyHost",
"summary": "Enable a Proxy Host",
"tags": ["Proxy Hosts"],
"tags": ["proxy-hosts"],
"security": [
{
"BearerAuth": ["proxy_hosts"]
"bearerAuth": ["proxy_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the Proxy Host",
"schema": {
"type": "integer",
"minimum": 1

38
backend/schema/paths/nginx/proxy-hosts/hostID/get.json
View File

@@ -1,16 +1,19 @@
{
"operationId": "getProxyHost",
"summary": "Get a Proxy Host",
"tags": ["Proxy Hosts"],
"tags": ["proxy-hosts"],
"security": [
{
"BearerAuth": ["proxy_hosts"]
"bearerAuth": [
"proxy_hosts.view"
]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the Proxy Host",
"schema": {
"type": "integer",
"minimum": 1
@@ -27,13 +30,15 @@
"examples": {
"default": {
"value": {
"id": 1,
"created_on": "2024-10-08T23:23:03.000Z",
"modified_on": "2024-10-08T23:26:38.000Z",
"id": 3,
"created_on": "2025-10-30T01:12:05.000Z",
"modified_on": "2025-10-30T01:12:05.000Z",
"owner_user_id": 1,
"domain_names": ["test.example.com"],
"forward_host": "192.168.0.10",
"forward_port": 8989,
"domain_names": [
"test.example.com"
],
"forward_host": "127.0.0.1",
"forward_port": 8080,
"access_list_id": 0,
"certificate_id": 0,
"ssl_forced": false,
@@ -48,9 +53,22 @@
"http2_support": false,
"forward_scheme": "http",
"enabled": true,
"locations": null,
"locations": [],
"hsts_enabled": false,
"hsts_subdomains": false
"hsts_subdomains": false,
"owner": {
"id": 1,
"created_on": "2025-10-28T00:50:24.000Z",
"modified_on": "2025-10-28T00:50:24.000Z",
"is_disabled": false,
"email": "jc@jc21.com",
"name": "jamiec",
"nickname": "jamiec",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"roles": [
"admin"
]
}
}
}
},

39
backend/schema/paths/nginx/proxy-hosts/hostID/put.json
View File

@@ -1,16 +1,19 @@
{
"operationId": "updateProxyHost",
"summary": "Update a Proxy Host",
"tags": ["Proxy Hosts"],
"tags": ["proxy-hosts"],
"security": [
{
"BearerAuth": ["proxy_hosts"]
"bearerAuth": [
"proxy_hosts.manage"
]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the Proxy Host",
"schema": {
"type": "integer",
"minimum": 1
@@ -93,13 +96,15 @@
"examples": {
"default": {
"value": {
"id": 1,
"created_on": "2024-10-08T23:23:03.000Z",
"modified_on": "2024-10-08T23:26:37.000Z",
"id": 3,
"created_on": "2025-10-30T01:12:05.000Z",
"modified_on": "2025-10-30T01:17:06.000Z",
"owner_user_id": 1,
"domain_names": ["test.example.com"],
"forward_host": "192.168.0.10",
"forward_port": 8989,
"domain_names": [
"test.example.com"
],
"forward_host": "127.0.0.1",
"forward_port": 8080,
"access_list_id": 0,
"certificate_id": 0,
"ssl_forced": false,
@@ -114,19 +119,21 @@
"http2_support": false,
"forward_scheme": "http",
"enabled": true,
"locations": [],
"hsts_enabled": false,
"hsts_subdomains": false,
"owner": {
"id": 1,
"created_on": "2024-10-07T22:43:55.000Z",
"modified_on": "2024-10-08T12:52:54.000Z",
"is_deleted": false,
"created_on": "2025-10-28T00:50:24.000Z",
"modified_on": "2025-10-28T00:50:24.000Z",
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",
"nickname": "some guy",
"avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm",
"roles": ["admin"]
"email": "jc@jc21.com",
"name": "jamiec",
"nickname": "jamiec",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"roles": [
"admin"
]
},
"certificate": null,
"access_list": null

51
backend/schema/paths/nginx/proxy-hosts/post.json
View File

@@ -1,10 +1,12 @@
{
"operationId": "createProxyHost",
"summary": "Create a Proxy Host",
"tags": ["Proxy Hosts"],
"tags": ["proxy-hosts"],
"security": [
{
"BearerAuth": ["proxy_hosts"]
"bearerAuth": [
"proxy_hosts.manage"
]
}
],
"requestBody": {
@@ -15,7 +17,12 @@
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["domain_names", "forward_scheme", "forward_host", "forward_port"],
"required": [
"domain_names",
"forward_scheme",
"forward_host",
"forward_port"
],
"properties": {
"domain_names": {
"$ref": "../../../components/proxy-host-object.json#/properties/domain_names"
@@ -69,6 +76,14 @@
"$ref": "../../../components/proxy-host-object.json#/properties/locations"
}
}
},
"example": {
"domain_names": [
"test.example.com"
],
"forward_scheme": "http",
"forward_host": "127.0.0.1",
"forward_port": 8080
}
}
}
@@ -81,13 +96,15 @@
"examples": {
"default": {
"value": {
"id": 1,
"created_on": "2024-10-08T23:23:03.000Z",
"modified_on": "2024-10-08T23:23:03.000Z",
"id": 3,
"created_on": "2025-10-30T01:12:05.000Z",
"modified_on": "2025-10-30T01:12:05.000Z",
"owner_user_id": 1,
"domain_names": ["test.example.com"],
"domain_names": [
"test.example.com"
],
"forward_host": "127.0.0.1",
"forward_port": 8989,
"forward_port": 8080,
"access_list_id": 0,
"certificate_id": 0,
"ssl_forced": false,
@@ -99,20 +116,22 @@
"http2_support": false,
"forward_scheme": "http",
"enabled": true,
"locations": [],
"hsts_enabled": false,
"hsts_subdomains": false,
"certificate": null,
"owner": {
"id": 1,
"created_on": "2024-10-07T22:43:55.000Z",
"modified_on": "2024-10-08T12:52:54.000Z",
"is_deleted": false,
"created_on": "2025-10-28T00:50:24.000Z",
"modified_on": "2025-10-28T00:50:24.000Z",
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",
"nickname": "some guy",
"avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm",
"roles": ["admin"]
"email": "jc@jc21.com",
"name": "jamiec",
"nickname": "jamiec",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"roles": [
"admin"
]
},
"access_list": null
}

4
backend/schema/paths/nginx/redirection-hosts/get.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "getRedirectionHosts",
"summary": "Get all Redirection hosts",
"tags": ["Redirection Hosts"],
"tags": ["redirection-hosts"],
"security": [
{
"BearerAuth": ["redirection_hosts"]
"bearerAuth": ["redirection_hosts.view"]
}
],
"parameters": [

5
backend/schema/paths/nginx/redirection-hosts/hostID/delete.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "deleteRedirectionHost",
"summary": "Delete a Redirection Host",
"tags": ["Redirection Hosts"],
"tags": ["redirection-hosts"],
"security": [
{
"BearerAuth": ["redirection_hosts"]
"bearerAuth": ["redirection_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the Redirection Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "disableRedirectionHost",
"summary": "Disable a Redirection Host",
"tags": ["Redirection Hosts"],
"tags": ["redirection-hosts"],
"security": [
{
"BearerAuth": ["redirection_hosts"]
"bearerAuth": ["redirection_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the Redirection Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "enableRedirectionHost",
"summary": "Enable a Redirection Host",
"tags": ["Redirection Hosts"],
"tags": ["redirection-hosts"],
"security": [
{
"BearerAuth": ["redirection_hosts"]
"bearerAuth": ["redirection_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the Redirection Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/redirection-hosts/hostID/get.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "getRedirectionHost",
"summary": "Get a Redirection Host",
"tags": ["Redirection Hosts"],
"tags": ["redirection-hosts"],
"security": [
{
"BearerAuth": ["redirection_hosts"]
"bearerAuth": ["redirection_hosts.view"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the Redirection Host",
"schema": {
"type": "integer",
"minimum": 1

6
backend/schema/paths/nginx/redirection-hosts/hostID/put.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "updateRedirectionHost",
"summary": "Update a Redirection Host",
"tags": ["Redirection Hosts"],
"tags": ["redirection-hosts"],
"security": [
{
"BearerAuth": ["redirection_hosts"]
"bearerAuth": ["redirection_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the Redirection Host",
"schema": {
"type": "integer",
"minimum": 1
@@ -106,7 +107,6 @@
"id": 1,
"created_on": "2024-10-09T00:59:56.000Z",
"modified_on": "2024-10-09T00:59:56.000Z",
"is_deleted": false,
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",

61
backend/schema/paths/nginx/redirection-hosts/post.json
View File

@@ -1,10 +1,12 @@
{
"operationId": "createRedirectionHost",
"summary": "Create a Redirection Host",
"tags": ["Redirection Hosts"],
"tags": ["redirection-hosts"],
"security": [
{
"BearerAuth": ["redirection_hosts"]
"bearerAuth": [
"redirection_hosts.manage"
]
}
],
"requestBody": {
@@ -15,7 +17,12 @@
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["domain_names", "forward_scheme", "forward_http_code", "forward_domain_name"],
"required": [
"domain_names",
"forward_scheme",
"forward_http_code",
"forward_domain_name"
],
"properties": {
"domain_names": {
"$ref": "../../../components/redirection-host-object.json#/properties/domain_names"
@@ -57,6 +64,23 @@
"$ref": "../../../components/redirection-host-object.json#/properties/meta"
}
}
},
"example": {
"domain_names": [
"test.example.com"
],
"forward_domain_name": "example.com",
"forward_scheme": "auto",
"forward_http_code": 301,
"preserve_path": false,
"block_exploits": false,
"certificate_id": 0,
"ssl_forced": false,
"http2_support": false,
"hsts_enabled": false,
"hsts_subdomains": false,
"advanced_config": "",
"meta": {}
}
}
}
@@ -69,12 +93,14 @@
"examples": {
"default": {
"value": {
"id": 1,
"created_on": "2024-10-09T01:13:12.000Z",
"modified_on": "2024-10-09T01:13:12.000Z",
"id": 2,
"created_on": "2025-10-30T01:27:04.000Z",
"modified_on": "2025-10-30T01:27:04.000Z",
"owner_user_id": 1,
"domain_names": ["test.example.com"],
"forward_domain_name": "something-else.com",
"domain_names": [
"test.example.com"
],
"forward_domain_name": "example.com",
"preserve_path": false,
"certificate_id": 0,
"ssl_forced": false,
@@ -85,20 +111,21 @@
"enabled": true,
"hsts_enabled": false,
"hsts_subdomains": false,
"forward_scheme": "http",
"forward_scheme": "auto",
"forward_http_code": 301,
"certificate": null,
"owner": {
"id": 1,
"created_on": "2024-10-09T00:59:56.000Z",
"modified_on": "2024-10-09T00:59:56.000Z",
"is_deleted": false,
"created_on": "2025-10-28T00:50:24.000Z",
"modified_on": "2025-10-28T00:50:24.000Z",
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",
"nickname": "Admin",
"avatar": "",
"roles": ["admin"]
"email": "jc@jc21.com",
"name": "jamiec",
"nickname": "jamiec",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"roles": [
"admin"
]
}
}
}

4
backend/schema/paths/nginx/streams/get.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "getStreams",
"summary": "Get all streams",
"tags": ["Streams"],
"tags": ["streams"],
"security": [
{
"BearerAuth": ["streams"]
"bearerAuth": ["streams.view"]
}
],
"parameters": [

26
backend/schema/paths/nginx/streams/post.json
View File

@@ -1,10 +1,12 @@
{
"operationId": "createStream",
"summary": "Create a Stream",
"tags": ["Streams"],
"tags": ["streams"],
"security": [
{
"BearerAuth": ["streams"]
"bearerAuth": [
"streams.manage"
]
}
],
"requestBody": {
@@ -15,7 +17,11 @@
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["incoming_port", "forwarding_host", "forwarding_port"],
"required": [
"incoming_port",
"forwarding_host",
"forwarding_port"
],
"properties": {
"incoming_port": {
"$ref": "../../../components/stream-object.json#/properties/incoming_port"
@@ -42,6 +48,15 @@
"$ref": "../../../components/dead-host-object.json#/properties/domain_names"
}
}
},
"example": {
"incoming_port": 8888,
"forwarding_host": "127.0.0.1",
"forwarding_port": 8080,
"tcp_forwarding": true,
"udp_forwarding": false,
"certificate_id": 0,
"meta": {}
}
}
}
@@ -72,13 +87,14 @@
"id": 1,
"created_on": "2024-10-09T02:33:16.000Z",
"modified_on": "2024-10-09T02:33:16.000Z",
"is_deleted": false,
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",
"nickname": "Admin",
"avatar": "",
"roles": ["admin"]
"roles": [
"admin"
]
},
"certificate_id": 0
}

5
backend/schema/paths/nginx/streams/streamID/delete.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "deleteStream",
"summary": "Delete a Stream",
"tags": ["Streams"],
"tags": ["streams"],
"security": [
{
"BearerAuth": ["streams"]
"bearerAuth": ["streams.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "streamID",
"description": "The ID of the Stream",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/streams/streamID/disable/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "disableStream",
"summary": "Disable a Stream",
"tags": ["Streams"],
"tags": ["streams"],
"security": [
{
"BearerAuth": ["streams"]
"bearerAuth": ["streams.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "streamID",
"description": "The ID of the Stream",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/streams/streamID/enable/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "enableStream",
"summary": "Enable a Stream",
"tags": ["Streams"],
"tags": ["streams"],
"security": [
{
"BearerAuth": ["streams"]
"bearerAuth": ["streams.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "streamID",
"description": "The ID of the Stream",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/streams/streamID/get.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "getStream",
"summary": "Get a Stream",
"tags": ["Streams"],
"tags": ["streams"],
"security": [
{
"BearerAuth": ["streams"]
"bearerAuth": ["streams.view"]
}
],
"parameters": [
{
"in": "path",
"name": "streamID",
"description": "The ID of the Stream",
"schema": {
"type": "integer",
"minimum": 1

Some files were not shown because too many files have changed in this diff Show More