ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-12-06 08:16:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: ThatGuyJack:cde7460b5ee0c7381ef4f811856339ee515937ee
Branches Tags
ThatGuyJack:develop ThatGuyJack:dependabot/npm_and_yarn/backend/jws-3.2.3 ThatGuyJack:dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1 ThatGuyJack:dependabot/npm_and_yarn/backend/express-4.22.0 ThatGuyJack:dependabot/npm_and_yarn/test/glob-10.5.0 ThatGuyJack:master ThatGuyJack:sqlite-test ThatGuyJack:lang-persian ThatGuyJack:dependabot/npm_and_yarn/test/form-data-4.0.4 ThatGuyJack:v3-abandoned ThatGuyJack:bump-freedns ThatGuyJack:openidc ThatGuyJack:ssl-passthrough-hosts ThatGuyJack:static-content
ThatGuyJack:v2.13.5 ThatGuyJack:v2.13.4 ThatGuyJack:v2.13.3 ThatGuyJack:v2.13.2 ThatGuyJack:v2.13.1 ThatGuyJack:v2.13.0 ThatGuyJack:v2.12.6 ThatGuyJack:v2.12.5 ThatGuyJack:v2.12.4 ThatGuyJack:v2.12.3 ThatGuyJack:v2.12.2 ThatGuyJack:v2.12.1 ThatGuyJack:v2.12.0 ThatGuyJack:v2.11.3 ThatGuyJack:v2.11.2 ThatGuyJack:v2.11.1 ThatGuyJack:v2.11.0 ThatGuyJack:v2.10.4 ThatGuyJack:v2.10.3 ThatGuyJack:v2.10.2 ThatGuyJack:v2.10.1 ThatGuyJack:v2.10.0 ThatGuyJack:v2.9.22 ThatGuyJack:v2.9.21 ThatGuyJack:v2.9.20 ThatGuyJack:v2.9.19 ThatGuyJack:v2.9.18 ThatGuyJack:v2.9.17 ThatGuyJack:v2.9.16 ThatGuyJack:v2.9.15 ThatGuyJack:v2.9.14 ThatGuyJack:v2.9.13 ThatGuyJack:v2.9.12 ThatGuyJack:v2.9.11 ThatGuyJack:v2.9.10 ThatGuyJack:v2.9.9 ThatGuyJack:v2.9.8 ThatGuyJack:v2.9.7 ThatGuyJack:v2.9.6 ThatGuyJack:v2.9.5 ThatGuyJack:v2.9.4 ThatGuyJack:v2.9.3 ThatGuyJack:v2.9.2 ThatGuyJack:v2.9.1 ThatGuyJack:v2.9.0 ThatGuyJack:v2.8.1 ThatGuyJack:v2.8.0 ThatGuyJack:v2.7.3 ThatGuyJack:v2.7.2 ThatGuyJack:v2.7.1 ThatGuyJack:v2.7.0 ThatGuyJack:v2.6.2 ThatGuyJack:v2.6.1 ThatGuyJack:v2.6.0 ThatGuyJack:v2.5.0 ThatGuyJack:v2.4.0 ThatGuyJack:v2.3.1 ThatGuyJack:v2.3.0 ThatGuyJack:v2.2.4 ThatGuyJack:v2.2.3 ThatGuyJack:v2.2.2 ThatGuyJack:v2.2.1 ThatGuyJack:v2.2.0 ThatGuyJack:v2.1.2 ThatGuyJack:v2.1.1 ThatGuyJack:v2.1.0 ThatGuyJack:2.0.14 ThatGuyJack:2.0.13 ThatGuyJack:2.0.12 ThatGuyJack:2.0.11 ThatGuyJack:2.0.10 ThatGuyJack:2.0.9 ThatGuyJack:2.0.8 ThatGuyJack:2.0.7 ThatGuyJack:2.0.6 ThatGuyJack:2.0.5 ThatGuyJack:2.0.4 ThatGuyJack:2.0.3 ThatGuyJack:2.0.2 ThatGuyJack:2.0.0 ThatGuyJack:v2.0.0 ThatGuyJack:1.1.2 ThatGuyJack:1.1.1 ThatGuyJack:1.0.1
..
compare: ThatGuyJack:dependabot/npm_and_yarn/test/glob-10.5.0
Branches Tags
ThatGuyJack:dependabot/npm_and_yarn/backend/jws-3.2.3 ThatGuyJack:dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1 ThatGuyJack:dependabot/npm_and_yarn/backend/express-4.22.0 ThatGuyJack:develop ThatGuyJack:dependabot/npm_and_yarn/test/glob-10.5.0 ThatGuyJack:master ThatGuyJack:sqlite-test ThatGuyJack:lang-persian ThatGuyJack:dependabot/npm_and_yarn/test/form-data-4.0.4 ThatGuyJack:v3-abandoned ThatGuyJack:bump-freedns ThatGuyJack:openidc ThatGuyJack:ssl-passthrough-hosts ThatGuyJack:static-content
ThatGuyJack:v2.13.5 ThatGuyJack:v2.13.4 ThatGuyJack:v2.13.3 ThatGuyJack:v2.13.2 ThatGuyJack:v2.13.1 ThatGuyJack:v2.13.0 ThatGuyJack:v2.12.6 ThatGuyJack:v2.12.5 ThatGuyJack:v2.12.4 ThatGuyJack:v2.12.3 ThatGuyJack:v2.12.2 ThatGuyJack:v2.12.1 ThatGuyJack:v2.12.0 ThatGuyJack:v2.11.3 ThatGuyJack:v2.11.2 ThatGuyJack:v2.11.1 ThatGuyJack:v2.11.0 ThatGuyJack:v2.10.4 ThatGuyJack:v2.10.3 ThatGuyJack:v2.10.2 ThatGuyJack:v2.10.1 ThatGuyJack:v2.10.0 ThatGuyJack:v2.9.22 ThatGuyJack:v2.9.21 ThatGuyJack:v2.9.20 ThatGuyJack:v2.9.19 ThatGuyJack:v2.9.18 ThatGuyJack:v2.9.17 ThatGuyJack:v2.9.16 ThatGuyJack:v2.9.15 ThatGuyJack:v2.9.14 ThatGuyJack:v2.9.13 ThatGuyJack:v2.9.12 ThatGuyJack:v2.9.11 ThatGuyJack:v2.9.10 ThatGuyJack:v2.9.9 ThatGuyJack:v2.9.8 ThatGuyJack:v2.9.7 ThatGuyJack:v2.9.6 ThatGuyJack:v2.9.5 ThatGuyJack:v2.9.4 ThatGuyJack:v2.9.3 ThatGuyJack:v2.9.2 ThatGuyJack:v2.9.1 ThatGuyJack:v2.9.0 ThatGuyJack:v2.8.1 ThatGuyJack:v2.8.0 ThatGuyJack:v2.7.3 ThatGuyJack:v2.7.2 ThatGuyJack:v2.7.1 ThatGuyJack:v2.7.0 ThatGuyJack:v2.6.2 ThatGuyJack:v2.6.1 ThatGuyJack:v2.6.0 ThatGuyJack:v2.5.0 ThatGuyJack:v2.4.0 ThatGuyJack:v2.3.1 ThatGuyJack:v2.3.0 ThatGuyJack:v2.2.4 ThatGuyJack:v2.2.3 ThatGuyJack:v2.2.2 ThatGuyJack:v2.2.1 ThatGuyJack:v2.2.0 ThatGuyJack:v2.1.2 ThatGuyJack:v2.1.1 ThatGuyJack:v2.1.0 ThatGuyJack:2.0.14 ThatGuyJack:2.0.13 ThatGuyJack:2.0.12 ThatGuyJack:2.0.11 ThatGuyJack:2.0.10 ThatGuyJack:2.0.9 ThatGuyJack:2.0.8 ThatGuyJack:2.0.7 ThatGuyJack:2.0.6 ThatGuyJack:2.0.5 ThatGuyJack:2.0.4 ThatGuyJack:2.0.3 ThatGuyJack:2.0.2 ThatGuyJack:2.0.0 ThatGuyJack:v2.0.0 ThatGuyJack:1.1.2 ThatGuyJack:1.1.1 ThatGuyJack:1.0.1

271 Commits
cde7460b5e ... dependabot

Author SHA1 Message Date
dependabot[bot]
df2f684508 Bump glob from 10.4.5 to 10.5.0 in /test 
Bumps [glob](https://github.com/isaacs/node-glob) from 10.4.5 to 10.5.0.
- [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md)
- [Commits](https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0)

---
updated-dependencies:
- dependency-name: glob
  dependency-version: 10.5.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-19 02:10:49 +00:00
jc21
89b8b747e1 Merge branch 'master' into develop
All checks were successful
Close stale issues and PRs / stale (push) Successful in 27s
Details
2025-11-18 19:46:03 +10:00
Jamie Curnow
3231023513 Bump version 2025-11-18 19:42:54 +10:00
Jamie Curnow
dc89635971 Fix up locales, optimised some functions 2025-11-18 19:38:21 +10:00
jc21
cfa98361d1 Merge pull request #4955 from NginxProxyManager/lang-nl 
Add Dutch language - resolves #4935
 2025-11-18 19:03:48 +10:00
Jelcoo
c2177abe39 Add language to frontend settings & correct some translations 2025-11-18 19:00:00 +10:00
Jelcoo
2c6d614597 Add HelpDoc translations 2025-11-18 18:58:26 +10:00
Jelcoo
484ce8db3c Add Dutch language 2025-11-18 18:57:40 +10:00
jc21
2c11c0c7e2 Merge pull request #4937 from archettitechnology/develop 
Add Italian Language Support
 2025-11-18 18:50:52 +10:00
jc21
f1039ce2ef Merge pull request #4928 from 7heMech/develop 
UI/UX improvements
 2025-11-18 18:37:22 +10:00
jc21
d49ff6e7c2 Merge pull request #4934 from zdzichu6969/develop 
fix(i18n): replace "Dodaj" with "Nowy" for better Polish grammar and typo Role
 2025-11-18 18:30:24 +10:00
jc21
a87f24c9dc Merge pull request #4940 from vsc55/issues_4939 
Fix issues #4939, #4938
 2025-11-18 18:29:04 +10:00
jc21
decdfec447 Merge branch 'develop' into develop 2025-11-18 18:27:00 +10:00
jc21
32ab3faf57 Merge pull request #4943 from NginxProxyManager/dependabot/npm_and_yarn/backend/js-yaml-4.1.1 
Bump js-yaml from 4.1.0 to 4.1.1 in /backend
 2025-11-18 18:24:31 +10:00
jc21
c7f999fa7a Merge pull request #4944 from gjssss/patch-1 
Fix message for GitHub fork reference in zh.json
 2025-11-18 18:24:14 +10:00
jc21
de7d3b0d19 Merge pull request #4950 from dominhhieu1405/develop 
Add Vietnamese Support
 2025-11-18 18:22:43 +10:00
jc21
2d4b7399c0 Merge pull request #4953 from dodog/develop 
Update Slovak language label
 2025-11-18 18:20:03 +10:00
Jamie Curnow
316b758455 Tweaks to cypress suite
All checks were successful
Close stale issues and PRs / stale (push) Successful in 20s
Details
2025-11-18 07:21:06 +10:00
Jozef Gaal
890d06c863 Update Slovak language label 2025-11-17 21:07:56 +01:00
dominhhieu1405
81f2aa17d4 Add vietnamese 2025-11-17 22:28:08 +07:00
Jamie Curnow
9b4c34915c Update porkbun certbot plugin
All checks were successful
Close stale issues and PRs / stale (push) Successful in 21s
Details
2025-11-17 08:46:31 +10:00
Javier Pastor
fce569ca21 Modify host.forward-port to avoid line breaks 2025-11-16 01:53:48 +01:00
Json Gao
87ec9c4bdf Fix message for GitHub fork reference in zh.json 2025-11-15 20:09:19 +08:00
dependabot[bot]
2650648d68 Bump js-yaml from 4.1.0 to 4.1.1 in /backend 
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.0 to 4.1.1.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-15 10:40:46 +00:00
7heMech
fdc0c29f28 Improve modals in dark mode via a dark backdrop and shadow. 2025-11-14 15:51:54 +02:00
angioletto
6cae088432 Rename ProxyHost.md to ProxyHosts.md 
i think have problem with letter s ahaha
 2025-11-14 08:16:41 +01:00
angioletto
9d8c4cc30b Rename DeadHost.md to DeadHosts.md 2025-11-14 08:14:26 +01:00
angioletto
66ebecdb43 Merge branch 'develop' into develop 2025-11-14 08:01:32 +01:00
angioletto
60f3ee03c0 Fix typo in file name from 'indes.ts' to 'index.ts' 
typing error
 2025-11-14 08:00:30 +01:00
jc21
a4d54a0291 Merge pull request #4932 from kraineff/develop
All checks were successful
Close stale issues and PRs / stale (push) Successful in 20s
Details 
Update Russian locale
 2025-11-14 16:58:05 +10:00
angioletto
7536b1b1c9 Merge branch 'develop' into develop 2025-11-14 07:19:32 +01:00
angioletto
5288fbd7af Update index.ts 2025-11-14 07:18:14 +01:00
jc21
2c630bbdca Merge branch 'develop' into develop 2025-11-14 15:25:10 +10:00
Javier Pastor
0ec1a09c30 fix issues #4939 
add other translations
 2025-11-14 00:06:18 +01:00
Jamie Curnow
118c4793e3 Amend locale readme 2025-11-14 08:34:16 +10:00
Jamie Curnow
d7384c568f Fix #4933 when cert may not have domain names 2025-11-14 08:33:42 +10:00
angioletto
0bcfe0bba6 Add Italian language support to lang-list.json 2025-11-13 21:12:52 +01:00
angioletto
74cbfb2c58 Create indes.ts to export HelpDoc modules 2025-11-13 21:12:15 +01:00
angioletto
8ef65caa5a Add Italian documentation for Streams feature 2025-11-13 21:11:19 +01:00
angioletto
bc341c1dff Add RedirectionHosts.md with explanation in Italian 2025-11-13 21:10:36 +01:00
angioletto
5fc9febf1f Update title of ProxyHost.md in Italian 2025-11-13 21:09:40 +01:00
angioletto
b23ceebfd8 Add Italian documentation for ProxyHost 2025-11-13 21:09:23 +01:00
angioletto
c281fc54a1 Add Italian HelpDoc for 404 Host explanation 2025-11-13 21:08:50 +01:00
angioletto
d0f7dc5b48 Add Italian HelpDoc for certificate options 2025-11-13 21:07:26 +01:00
angioletto
fb53df862e Add Italian documentation for Access Lists 2025-11-13 21:03:33 +01:00
angioletto
8d8463ae41 Add Italian language support to HelpDoc 2025-11-13 20:57:52 +01:00
angioletto
8774cfe5f9 Add Italian locale to check-locales 2025-11-13 20:56:42 +01:00
angioletto
4ca5cadd19 Add Italian language support to IntlProvider 2025-11-13 20:55:35 +01:00
angioletto
45a8d50e03 Add IT Translation 2025-11-13 20:52:42 +01:00
7heMech
960d4bfe6f Revert change which should have no effect on theory 2025-11-13 14:51:00 +02:00
7heMech
8c3c964c52 Fix page offset 2025-11-13 14:27:55 +02:00
7heMech
afd6134a3e Get rid of logo flicker and improve LCP 2025-11-13 14:04:37 +02:00
Alexey Krainev
9b2d60e67b Update Russian locale 2025-11-13 16:58:04 +05:00
7heMech
9807e25d45 Remove unused import 2025-11-13 12:49:48 +02:00
7heMech
824c895f52 Remove cn where not needed 2025-11-13 12:47:01 +02:00
7heMech
7f9b9dfea4 Fix for dropdown menus being clipped by table-responsive containers. 2025-11-13 12:06:36 +02:00
Mateusz Gruszczyński
d848ba9f65 Fixed typo: corrected 'role' to proper Polish declension 'rola' and 'nowy' 2025-11-13 09:05:07 +01:00
Mateusz Gruszczyński
47db5c9aa6 Fixed typo: corrected 'role' to proper Polish declension 'rola' 2025-11-13 08:57:30 +01:00
Jamie Curnow
79a9653b26 Remove the compiled lang files, compile on dev server and when building in ci
All checks were successful
Close stale issues and PRs / stale (push) Successful in 23s
Details 
This avoids confusion for new translators
 2025-11-13 14:21:32 +10:00
Jamie Curnow
e5aae1f365 Fix openapi schema format 2025-11-13 11:51:13 +10:00
Jamie Curnow
8959190d32 Change docker ci expose format for docker 28 :/ 2025-11-13 11:37:58 +10:00
Jamie Curnow
7e875eb27a Change docker ci expose format for docker 28 :/ 2025-11-13 11:35:11 +10:00
Jamie Curnow
cf7306e766 Tweaks to showing new version available 
- Added frontend translation for english
- Moved frontend api logic to hook and backend api space
- Added swagger schema for the new api endpoint
- Moved backend logic to its own internal file
- Added user agent header to github api check
- Added cypress integration test for version check api
- Added a memory cache item from github check to avoid hitting it too
  much
 2025-11-13 11:20:31 +10:00
7heMech
1c442dcce6 True mobile layout with responsive table rows (sticky header) 2025-11-13 02:44:24 +02:00
7heMech
dadd10f89b Fixed my troubles with text wrap 2025-11-13 02:21:58 +02:00
jc21
8838dabe8a Merge pull request #4906 from sopex/develop 
Available upgrade notification
 2025-11-13 10:15:33 +10:00
7heMech
75c012b558 Fix linter error 2025-11-13 01:58:48 +02:00
7heMech
9be1381ffe Uhhh, I didn't like the Standard User lol 2025-11-13 01:46:39 +02:00
7heMech
f40fe56572 Add new section with theme and locale pickers. 2025-11-13 01:40:34 +02:00
Konstantinos Spartalis
b4fd242eb7 remove 1 2025-11-13 00:48:49 +02:00
7heMech
911476f82f Delay before close for smooth feel. 2025-11-13 00:46:36 +02:00
7heMech
963125f963 Space scandal retified (hopefully) 2025-11-13 00:45:07 +02:00
7heMech
e86a34f2f3 Close menu after navigation. 2025-11-13 00:30:45 +02:00
jc21
6ce9567e48 Merge pull request #4816 from fhennig42/azure-dns
All checks were successful
Close stale issues and PRs / stale (push) Successful in 22s
Details 
Bump certbot-azure-dns version
 2025-11-13 07:13:11 +10:00
jc21
f02145c5ef Merge pull request #4925 from NginxProxyManager/develop 
v2.13.4
 2025-11-13 06:57:28 +10:00
7heMech
66fa08fd8e Add profile back to main app on mobile 2025-11-12 18:12:58 +02:00
7heMech
d783cc3b90 Remove unused styles 2025-11-12 17:58:54 +02:00
7heMech
17cc75fe7d Fix language and theme selectors on mobile and desktop 2025-11-12 17:43:46 +02:00
Konstantinos Spartalis
15394c6532 trigger Jenkins that failed due to internet connection problems 2025-11-12 15:50:11 +02:00
Konstantinos Spartalis
2d6252d75d https.get 2025-11-12 15:45:59 +02:00
jc21
adee0e39de Merge branch 'master' into develop 2025-11-12 23:02:28 +10:00
Jamie Curnow
5dde98cf3e Updates to polish locale after running through automated scripts 2025-11-12 23:01:40 +10:00
jc21
c41451618e Merge pull request #4924 from zdzichu6969/develop 
Add Polish locale
 2025-11-12 22:59:23 +10:00
jc21
1a3d45f6bc Merge branch 'develop' into develop 2025-11-12 22:14:28 +10:00
jc21
2ea54975b6 Merge pull request #4922 from NginxProxyManager/dodog-slovak 
Add Slovak language by @dodog in #4911
 2025-11-12 22:13:05 +10:00
Mateusz Gruszczyński
0373017a9f Add Polish locale 2025-11-12 13:10:29 +01:00
Florian Hennig
b043e70fc0 add azure-mgmt-dns fix version as dependency 2025-11-12 13:00:34 +01:00
Jamie Curnow
2b5182d339 Add Slovak language by @dodog in #4911 2025-11-12 21:49:04 +10:00
jc21
3c5ff81a54 Merge pull request #4910 from 7heMech/develop 
Add scheme back in destination
 2025-11-12 20:48:56 +10:00
jc21
8aa46c1f40 Merge pull request #4921 from NginxProxyManager/Firfr-chinese 
Add Chinese language 添加中文
 2025-11-12 20:47:15 +10:00
Jamie Curnow
b26db50ae7 Adds cn to check locales script 2025-11-12 20:26:22 +10:00
firfe
d66bb2104a Add the new translation for "redirection-host.forward-http-code". 2025-11-12 20:23:36 +10:00
firfe
8e900dbc92 Add Chinese HelpDoc 2025-11-12 20:23:34 +10:00
firfe
66aac3eb3e Add Chinese 中文 2025-11-12 20:22:57 +10:00
jc21
221c3eddbc Merge pull request #4919 from lastsamurai26/develop 
Fix: German grammatical change
 2025-11-12 20:16:58 +10:00
Jamie Curnow
8460b28597 Bump version 2025-11-12 20:13:18 +10:00
Frank
0344bb3c19 fix: Grammatical change 
fix: Grammatical change
 2025-11-12 10:47:53 +01:00
Frank
1a36bdce76 fix: Grammatical change 
fix: Grammatical change
 2025-11-12 10:47:51 +01:00
Jamie Curnow
06d7db43f7 Fix Russion locale, compiled file was comitted without a source file 2025-11-12 18:59:37 +10:00
jc21
4557244744 Merge pull request #4870 from kraineff/develop 
Add Russian Support
 2025-11-12 18:51:43 +10:00
jc21
f649288098 Merge branch 'develop' into develop 2025-11-12 18:39:05 +10:00
jc21
28df6db52b Merge pull request #4848 from Oka-Tak/develop 
Add Japanese language support and translations
 2025-11-12 18:36:18 +10:00
jc21
eee749652c Merge pull request #4917 from lastsamurai26/develop 
Fix: wrong translate and adding missing translations
 2025-11-12 18:13:08 +10:00
jc21
f6aa25b9b3 Merge branch 'develop' into develop 2025-11-12 18:12:10 +10:00
Frank
40db26b686 Merge branch 'NginxProxyManager:develop' into develop 2025-11-12 08:06:36 +01:00
Frank
f36d4e6906 Fix: CustomCertificateModal Wrong displayname 
Fix: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4912 Wrong Locale for Custom
 2025-11-12 07:47:06 +01:00
Frank
86c7cbddab Add certificate renewal message in German locale 
Fix: add missing translation for renew certificates
 2025-11-12 07:34:44 +01:00
Frank
e52975bf6c Translate 'Renew Certificate' to German 
Fix: add missing translation for renew certificates
 2025-11-12 07:34:42 +01:00
Frank
ff792f76af Add translation for 'Renew Certificate' in de.json 
Fix: Add missing translation für renew Certificate
 2025-11-12 07:32:34 +01:00
Jamie Curnow
711f312b71 Fix up language inconsistenties 2025-11-12 16:30:22 +10:00
Jamie Curnow
9f0f89ff03 Fix wrong translation for EN 2025-11-12 15:13:14 +10:00
jc21
f3633cb696 Merge pull request #4850 from TeenBiscuits/lang-spanish 
Add Spanish language support and translations
 2025-11-12 15:12:28 +10:00
Pablo Portas López
8773ce25d7 Merge branch 'develop' into lang-spanish 2025-11-12 02:14:09 +01:00
jc21
c3954e9845 Merge pull request #4824 from lastsamurai26/develop 
Add German Support
 2025-11-12 08:52:07 +10:00
Konstantinos Spartalis
87eef10ff8 remove useCallback logic 2025-11-11 18:30:23 +02:00
Konstantinos Spartalis
dc03ad8239 minimal changes 2025-11-11 17:42:46 +02:00
7heMech
441a7262cd Add scheme back in destination 2025-11-11 12:54:01 +00:00
Pablo Portas López
1600599410 Fix column.http-code translation 2025-11-11 13:53:45 +01:00
Pablo Portas López
74d381e7fa Add missing spanish translation 2025-11-11 13:50:23 +01:00
Konstantinos Spartalis
ae5faa75fa backend test 2025-11-11 10:35:00 +02:00
Frank
ba79bbc750 Update German translation for HTTP code 
fix: Updated column http code
 2025-11-11 08:56:32 +01:00
Frank
a7231777aa FIX: Update HTTP code message in German locale 
fix: Updated column http code
 2025-11-11 08:56:20 +01:00
jc21
2578105f86 Merge pull request #4907 from NginxProxyManager/develop 
v2.13.3
 2025-11-11 16:54:38 +10:00
Frank
3a6b221b0c Add HTTP Code translation to German locale 
new: redirection-host.forward-http-code added
 2025-11-11 07:13:13 +01:00
Frank
12b000abb9 Add HTTP Code message to German locale 
new: redirection-host.forward-http-code added
 2025-11-11 07:12:57 +01:00
jc21
39c9bbb167 Merge branch 'master' into develop
All checks were successful
Close stale issues and PRs / stale (push) Successful in 18s
Details
2025-11-11 16:06:05 +10:00
jc21
30c2781a02 Merge pull request #4765 from mamasch19/develop 
add MC-HOST24 DNS plugin
 2025-11-11 16:05:32 +10:00
Jamie Curnow
53e78dcc17 Bump version 2025-11-11 16:01:06 +10:00
jc21
62092b2ddc Merge pull request #4859 from 7heMech/develop 
Fix hamburger menu on mobile
 2025-11-11 15:37:12 +10:00
Jamie Curnow
2c26ed8b11 Revert "Fix #4831 mobile header menu not working" 
This reverts commit 4bd545c88e.
 2025-11-11 15:36:46 +10:00
jc21
e3f5cd9a58 Merge pull request #4871 from prospo/develop 
chore: Bump certbot-dns-leaseweb to 1.0.3
 2025-11-11 15:24:11 +10:00
jc21
fba14817e7 Merge pull request #4894 from eduardpaul/feat-fix-pass_auth-template 
Update _access.conf to fix access_list.pass_auth logic
 2025-11-11 15:23:22 +10:00
Jamie Curnow
6825a9773b Fix #4854 Added missing forward http code for redirections 2025-11-11 15:17:43 +10:00
Jamie Curnow
8bc3078d87 Fix initial setup user bug, taking the fix from #4836 2025-11-11 14:52:39 +10:00
Jamie Curnow
8aeb2fa661 Fix #4692, #4856 - stick with auto for scheme in db, change it to $scheme when rendering 2025-11-11 14:46:25 +10:00
Jamie Curnow
4bd545c88e Fix #4831 mobile header menu not working 2025-11-11 14:05:26 +10:00
Jamie Curnow
7f0cce944d Relax the email validation in frontend 2025-11-11 08:54:48 +10:00
Pablo Portas López
7cde6ee7ca Add Spanish Test 2025-11-10 21:58:23 +01:00
Pablo Portas López
df1b414c2e Delete Spanish Test 2025-11-10 21:58:01 +01:00
Konstantinos Spartalis
b6dbb68ef3 Update SiteFooter.tsx 2025-11-10 20:42:52 +02:00
Konstantinos Spartalis
b434bba12f remove hardcoded version number 2025-11-10 20:37:25 +02:00
Konstantinos Spartalis
f1d7203212 v2 2025-11-10 19:57:55 +02:00
Konstantinos Spartalis
990ba28831 Update SiteFooter.tsx 2025-11-10 19:43:38 +02:00
Jamie Curnow
311d6a1541 Tweaks to CI stack for postgres
All checks were successful
Close stale issues and PRs / stale (push) Successful in 20s
Details
2025-11-10 10:30:16 +10:00
mamasch19
5e7276e65b Add MC-HOST24 DNS plugin configuration 
added the MC-HOST24 configuration to the new plugin file
 2025-11-09 22:31:48 +01:00
Eduard Paul
2bcb942f93 Update _access.conf to ensure Authorization header remove when pass_auth = false or 0 
Fixing prev commit as it's negative logic.
 2025-11-09 21:02:18 +01:00
Eduard Paul
b3dac3df08 Update _access.conf to fix access_list.pass_auth logic 
Wrong logic to pass auth as header: when disabled (pass_auth=0) credentials are included in Authorization header. However as soon as you enable (pass_auth=1) they are not.
 2025-11-09 20:11:33 +01:00
jc21
64c5a863f8 Merge pull request #4878 from NginxProxyManager/develop 
v2.13.2
 2025-11-09 21:16:26 +10:00
Jamie Curnow
cd94863850 Bump version
All checks were successful
Close stale issues and PRs / stale (push) Successful in 25s
Details
2025-11-09 20:25:10 +10:00
Emil
fd1d33444a chore: Bump certbot-dns-leaseweb to 1.0.3 2025-11-08 14:39:23 +01:00
Alexey Krainev
5aa56c63d4 Fixes & New Strings 2025-11-08 17:15:24 +05:00
Alexey Krainev
8fdb6091f3 More strings 2025-11-08 15:51:39 +05:00
Alexey Krainev
58182fcbdf Add Russian case 2025-11-08 15:08:08 +05:00
Alexey Krainev
b3b1e94b8c Add Russian Support 2025-11-08 15:02:05 +05:00
7heMech
6fa2d6a98a Fix hamburger menu on mobile 2025-11-07 19:34:43 +00:00
Jamie Curnow
3c252db46f Fixes #4844 with more defensive date parsing
All checks were successful
Close stale issues and PRs / stale (push) Successful in 23s
Details
2025-11-07 21:37:22 +10:00
Jamie Curnow
8eba31913f Remove pebble certs, they removed the dockerhub image that had armv7 support. 
The ghcr image doesn't have it, so it was causing builds to fail.
 2025-11-07 11:18:53 +10:00
Jamie Curnow
e4e3415120 Safer handling of backend date formats 
and add frontend testing
 2025-11-07 11:15:15 +10:00
Jamie Curnow
a03bb7ebce Remove Jenkinsfile, managed in other repo now 2025-11-07 10:54:21 +10:00
Jamie Curnow
51e25d1a40 Attempt to fix race condition with database instantiation 2025-11-07 09:46:00 +10:00
Pablo Portas López
123f7d1999 Add Spanish language support and translations 2025-11-06 01:04:02 +01:00
Takahisa-Okawa
9de40f067b Add Japanese language support and translations 
Co-authored-by: kz2870 <kz2870@users.noreply.github.com>
 2025-11-05 22:25:15 +09:00
Frank
b21d6d9d78 Fix German translations 
Fix: German translations
 2025-11-05 08:09:10 +01:00
Frank
bf1ad15ed7 Update de.json 
fix: typos
 2025-11-05 08:08:50 +01:00
Frank
1209303a1d Update DeadHosts.md 
fix: translation "Umgangssprachlich"
 2025-11-05 08:00:15 +01:00
Frank
cd3a09ebf6 Update Certificates.md 
fix: typo
 2025-11-05 07:59:45 +01:00
Frank
d0e20d4f1b Update de.json 
fix: typo dark and light mode
 2025-11-05 07:57:11 +01:00
Frank
ceb098fcfe Fix typo in German locale for min character length 
fix: typo mainimale should be minimale
 2025-11-05 07:53:56 +01:00
Frank
639ba3a525 Update de.json 
fix: typo 
fix: translate Location with Pfad
 2025-11-05 07:52:28 +01:00
jc21
e88d55f1d2 Merge pull request #4839 from NginxProxyManager/develop 
v2.13.1
 2025-11-05 15:40:32 +10:00
Jamie Curnow
4cb85f6480 Fix #4833 supports the usual proxy env vars for outgoing admin related requests
All checks were successful
Close stale issues and PRs / stale (push) Successful in 20s
Details
2025-11-05 15:16:42 +10:00
jc21
df7dea2d16 Merge branch 'master' into develop 2025-11-05 12:35:06 +10:00
Jamie Curnow
23f4948bde Bump version 2025-11-05 12:33:59 +10:00
Jamie Curnow
0ceb7d0892 Fix #4838 when showing avatars of deleted users 2025-11-05 12:33:13 +10:00
Jamie Curnow
f35671db21 Fix #4837 for those with older config 2025-11-05 10:56:23 +10:00
Jamie Curnow
a3a0614948 Fix #4828 showing incorrect certicificate value 2025-11-05 10:21:55 +10:00
Florian Hennig
a85b5f664f Bump version after rebase 2025-11-04 20:03:09 +01:00
Jamie Curnow
06b67ed4bc Remove user name column from audit log
All checks were successful
Close stale issues and PRs / stale (push) Successful in 20s
Details
2025-11-04 14:57:10 +10:00
Jamie Curnow
4a0e27572e Fix missing translation for renew cert dialog 2025-11-04 14:54:02 +10:00
jc21
fbea8dfa9e Merge pull request #4825 from NginxProxyManager/develop 
v2.13.0
 2025-11-04 14:23:00 +10:00
Jamie Curnow
8c37348b65 Properly wrap debug calls 2025-11-04 13:43:52 +10:00
Jamie Curnow
2b3e9d72f4 Updated docs screenshots 2025-11-04 13:05:21 +10:00
jc21
a3e5235d81 Merge branch 'master' into develop
All checks were successful
Close stale issues and PRs / stale (push) Successful in 26s
Details
2025-11-04 07:47:04 +10:00
jc21
9875fa92f1 Merge pull request #4794 from Johno-ACSLive/develop 
Add basic MySQL TLS support
 2025-11-04 07:13:15 +10:00
Frank
7e28d8a5d6 Add files via upload 
add german
 2025-11-03 17:51:48 +01:00
Frank
8991e88ff3 Update de.json 2025-11-03 14:22:13 +01:00
Frank
e2a8ffa2d3 Add files via upload 
Add German
 2025-11-03 14:18:08 +01:00
jc21
ef5156b613 Merge pull request #4813 from potatojuicemachine/develop 
Adds Hetzner Cloud to available plugins
 2025-11-03 13:38:11 +10:00
Jamie Curnow
b9a34ebb7e Revert to cypress 14, 15 was causing problems with executing external commands 2025-11-03 12:53:23 +10:00
Jamie Curnow
7642d0a000 Cleanup cypress tests 2025-11-03 12:35:58 +10:00
Jamie Curnow
7a6a9de0ea Update frontend deps
All checks were successful
Close stale issues and PRs / stale (push) Successful in 19s
Details
2025-11-03 10:53:46 +10:00
Jamie Curnow
a5d50f9588 Update test deps 2025-11-03 10:52:53 +10:00
Jamie Curnow
612695c2e8 Upgrade biomejs 2025-11-03 10:51:16 +10:00
Jonathon Aroutsidis
71a2277b9b Replace spaces with tabs 2025-11-03 10:48:14 +11:00
Jonathon Aroutsidis
5acf287ea7 Aligned Assignments and arrow-parens 2025-11-03 10:48:14 +11:00
Jonathon Aroutsidis
e34206b526 Include SSL Options for MySQL 2025-11-03 10:46:20 +11:00
jc21
6b00adf8b9 Merge pull request #4725 from NginxProxyManager/dependabot/npm_and_yarn/test/eslint/plugin-kit-0.3.5 
Bump @eslint/plugin-kit from 0.3.2 to 0.3.5 in /test
 2025-11-03 08:49:30 +10:00
jc21
a93558278e Merge pull request #4763 from NginxProxyManager/dependabot/npm_and_yarn/test/axios-1.12.0 
Bump axios from 1.10.0 to 1.12.0 in /test
 2025-11-03 08:37:03 +10:00
jc21
bc2867b357 Merge pull request #4803 from NginxProxyManager/dependabot/npm_and_yarn/docs/vite-5.4.21 
Bump vite from 5.4.19 to 5.4.21 in /docs
 2025-11-03 08:18:00 +10:00
jc21
52093ba258 Merge pull request #4805 from vlauciani/patch-1 
Update PostgreSQL volume path in setup documentation for 18+
 2025-11-03 08:15:23 +10:00
jc21
24216f1f2f Merge pull request #4785 from NginxProxyManager/react 
v2.13.0 React UI
 2025-11-02 22:48:16 +10:00
Jamie Curnow
52e528f217 Remove incomplete languages and cleanup 2025-11-02 21:28:25 +10:00
Jamie Curnow
4709f9826c Permissions polish for restricted users 2025-10-31 12:50:54 +10:00
Jamie Curnow
74a8c5d806 Fix app crash when do unautorized things 2025-10-30 15:03:01 +10:00
Jamie Curnow
82a1a86c3a Log in as user support 2025-10-30 14:45:22 +10:00
Jamie Curnow
95957a192c Re-add dns_provider_credentials to swagger schema 2025-10-30 12:24:17 +10:00
Jamie Curnow
906ce8ced2 Swagger/openapi schema mega fixes and Cypress validation/enforcement 2025-10-30 11:50:51 +10:00
Tim Burr
e0985bee43 Merge remote-tracking branch 'base/react' into develop 2025-10-29 13:15:58 +01:00
Tim Burr
51dd6e6a1b Sets postgres version to 17 2025-10-29 10:59:01 +01:00
Jamie Curnow
89abb9d559 Fix bugs from feedback 2025-10-29 08:48:29 +10:00
Jamie Curnow
5d6916dcf0 Tidy up 
- Add help docs for most sections
- Add translations documentation
- Fix up todos
- Remove german translation
 2025-10-28 15:41:11 +10:00
Jamie Curnow
0f718570d6 Use status components for true/false things 2025-10-28 14:18:52 +10:00
Jamie Curnow
fac5f2cbc5 Cert column provider tweaks 2025-10-28 11:51:27 +10:00
Jamie Curnow
3b9beaeae5 Various tweaks and backend improvements 2025-10-28 11:38:26 +10:00
Jamie Curnow
7331cb3675 Audit log tweaks for certificates 2025-10-28 10:38:05 +10:00
Jamie Curnow
678593111e Settings polish 2025-10-28 08:53:01 +10:00
Tim Burr
a2ea63a539 Adds Hetzner Cloud 2025-10-27 13:48:41 +01:00
Jamie Curnow
c08b1be3cb Use code edit for dns provider config dialog 2025-10-27 19:42:58 +10:00
Jamie Curnow
ca3c9aa39a Show cert expiry date in yellow when < 30 days 2025-10-27 19:34:25 +10:00
Jamie Curnow
e4e5fb3b58 Update biome 2025-10-27 19:29:14 +10:00
Jamie Curnow
83a2c79e16 Custom certificate upload 2025-10-27 19:26:33 +10:00
Jamie Curnow
0de26f2950 Certificates react work 
- renewal and download
- table columns rendering
- searching
- deleting
 2025-10-27 18:08:37 +10:00
Jamie Curnow
7b5c70ed35 Fix cert renewal backend bug after refactor 2025-10-27 18:04:58 +10:00
Jamie Curnow
e4d9f48870 Fix creating wrong cert type when trying dns 2025-10-27 18:04:29 +10:00
jc21
2893ffb1e4 Merge pull request #4801 from sopex/react 
QoL: Link to dashboard 2.13
 2025-10-27 09:52:50 +10:00
Jamie Curnow
1a117a267c Fix to postgres 17 2025-10-27 08:13:03 +10:00
Jamie Curnow
c303b69649 Update deps, the safe ones 2025-10-26 00:39:06 +10:00
Jamie Curnow
bb6c9c8daf Certificates section react work 2025-10-26 00:28:39 +10:00
Jamie Curnow
5b7013b8d5 Moved certrbot plugin list to backend 
frontend doesn't include when building in react version
adds swagger for existing dns-providers endpoint
 2025-10-26 00:28:03 +10:00
Valentino Lauciani
bfcd057755 Update PostgreSQL volume path in setup documentation for 18+ 2025-10-24 09:30:19 +02:00
dependabot[bot]
08bdc23131 Bump vite from 5.4.19 to 5.4.21 in /docs 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.4.19 to 5.4.21.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 5.4.21
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-21 07:13:05 +00:00
Konstantinos Spartalis
b8e3e594fb ;) 2025-10-17 16:00:59 +03:00
Konstantinos Spartalis
71251d2a0d :) 2025-10-17 13:51:06 +03:00
Jamie Curnow
f2b5b19a83 More react 
- consolidated lang items
- proxy host paths work
 2025-10-16 18:59:19 +10:00
Jamie Curnow
7af01d0fc7 Use a modal manager 2025-10-14 17:49:56 +10:00
Jamie Curnow
e6f7ae3fba Move from docker-compose to docker compose 2025-10-14 07:54:25 +10:00
Jamie Curnow
43599b4028 Access list modal polish 2025-10-09 22:14:54 +10:00
Jamie Curnow
227e818040 Wrap intl in span identifying translation 2025-10-02 23:06:51 +10:00
Jamie Curnow
fcb08d3003 Bump version 2025-10-02 08:57:46 +10:00
Jamie Curnow
d0767baafa Proxy host modal basis, other improvements 2025-10-02 08:12:37 +10:00
Jamie Curnow
abdf8866e0 Auto sorting of locale files 2025-10-02 08:12:37 +10:00
Jamie Curnow
e36c1b99a5 Redirection hosts ui 2025-10-02 08:12:37 +10:00
Jamie Curnow
9339626933 Streams polish 2025-10-02 08:12:37 +10:00
Jamie Curnow
100a7e3ff8 Streams modal 2025-10-02 08:12:37 +10:00
Jamie Curnow
4866988772 Fix stream creation with new ssl cert 2025-10-02 08:12:37 +10:00
Jamie Curnow
8884e3b261 TZ for dev db 2025-10-02 08:12:37 +10:00
Jamie Curnow
a3d17249d0 User table polish and audit log updates 2025-10-02 08:12:37 +10:00
Jamie Curnow
fc8a5e8b97 404 hosts search 2025-10-02 08:12:37 +10:00
Jamie Curnow
da68fe29ac 404 hosts polish 2025-10-02 08:12:37 +10:00
Jamie Curnow
18537b9288 404 hosts add update complete, fix certbot renewals 
and remove the need for email and agreement on cert requests
 2025-10-02 08:12:37 +10:00
Jamie Curnow
d85e515ab9 Dark UI for react-select 2025-10-02 08:12:37 +10:00
Jamie Curnow
94375bbc5f DNS Provider configuration 2025-10-02 08:12:37 +10:00
Jamie Curnow
54e036276a API lib cleanup, 404 hosts WIP 2025-10-02 08:12:36 +10:00
Jamie Curnow
058f49ceea Certificates react table basis 2025-10-02 08:12:33 +10:00
Jamie Curnow
efcefe0c17 Fix custom cert writes, fix schema 2025-10-02 08:12:33 +10:00
Jamie Curnow
429046f32e Audit log table and modal 2025-10-02 08:12:33 +10:00
Jamie Curnow
8ad95c5695 Set password for users 2025-10-02 08:12:31 +10:00
Jamie Curnow
038de3e5f9 Refactor from Promises to async/await 2025-10-02 08:12:28 +10:00
Jamie Curnow
1928e554fd Fix proxy hosts routes throwing errors 2025-10-02 08:12:28 +10:00
Jamie Curnow
d40e290a89 Biome update 2025-10-02 08:12:24 +10:00
Jamie Curnow
fb2708d81d Fix cypress tests following user wizard changes 2025-10-02 08:12:09 +10:00
Jamie Curnow
7a6efd8ebb User Permissions Modal 2025-10-02 08:12:09 +10:00
Jamie Curnow
0b2fa826e0 Introducing the Setup Wizard for creating the first user 
- no longer setup a default
- still able to do that with env vars however
 2025-10-02 08:12:05 +10:00
Jamie Curnow
6ab7198e61 User table polishing, user delete modal 2025-10-02 08:11:17 +10:00
Jamie Curnow
61a92906f3 Notification toasts, nicer loading, add new user support 2025-10-02 08:11:14 +10:00
Jamie Curnow
fadec9751e React 2025-10-02 08:10:42 +10:00
Jamie Curnow
330993f028 Convert backend to ESM 
- About 5 years overdue
- Remove eslint, use bomejs instead
 2025-10-02 08:10:18 +10:00
dependabot[bot]
c9aba0c928 Bump axios from 1.10.0 to 1.12.0 in /test 
Bumps [axios](https://github.com/axios/axios) from 1.10.0 to 1.12.0.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.10.0...v1.12.0)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.12.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-13 15:18:55 +00:00
Jamie Curnow
487fa6d31b Attempt to fix frontend build for node 22
All checks were successful
Close stale issues and PRs / stale (push) Successful in 19s
Details 
replaced node-sass with sass
 2025-09-10 10:38:21 +10:00
dependabot[bot]
4397f57a51 Bump @eslint/plugin-kit from 0.3.2 to 0.3.5 in /test 
Bumps [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) from 0.3.2 to 0.3.5.
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/plugin-kit/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/plugin-kit-v0.3.5/packages/plugin-kit)

---
updated-dependencies:
- dependency-name: "@eslint/plugin-kit"
  dependency-version: 0.3.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-22 02:38:28 +00:00
jc21
356eaa0691 Merge pull request #4653 from NginxProxyManager/develop 
v2.12.6
 2025-07-10 07:18:53 +10:00
507 changed files with 21899 additions and 5618 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1,5 +1,6 @@
.DS_Store
.idea
.qodo
._*
.vscode
certbot-help.txt

2
.version
View File

@@ -1 +1 @@
2.12.6
2.13.5

285
Jenkinsfile vendored
View File

@@ -1,285 +0,0 @@
import groovy.transform.Field
@Field
def shOutput = ""
def buildxPushTags = ""
pipeline {
agent {
label 'docker-multiarch'
}
options {
buildDiscarder(logRotator(numToKeepStr: '5'))
disableConcurrentBuilds()
ansiColor('xterm')
}
environment {
IMAGE = 'nginx-proxy-manager'
BUILD_VERSION = getVersion()
MAJOR_VERSION = '2'
BRANCH_LOWER = "${BRANCH_NAME.toLowerCase().replaceAll('\\\\', '-').replaceAll('/', '-').replaceAll('\\.', '-')}"
BUILDX_NAME = "npm_${BRANCH_LOWER}_${BUILD_NUMBER}"
COMPOSE_INTERACTIVE_NO_CLI = 1
}
stages {
stage('Environment') {
parallel {
stage('Master') {
when {
branch 'master'
}
steps {
script {
buildxPushTags = "-t docker.io/jc21/${IMAGE}:${BUILD_VERSION} -t docker.io/jc21/${IMAGE}:${MAJOR_VERSION} -t docker.io/jc21/${IMAGE}:latest"
}
}
}
stage('Other') {
when {
not {
branch 'master'
}
}
steps {
script {
// Defaults to the Branch name, which is applies to all branches AND pr's
buildxPushTags = "-t docker.io/nginxproxymanager/${IMAGE}-dev:${BRANCH_LOWER}"
}
}
}
stage('Versions') {
steps {
sh 'cat frontend/package.json | jq --arg BUILD_VERSION "${BUILD_VERSION}" \'.version = $BUILD_VERSION\' | sponge frontend/package.json'
sh 'echo -e "\\E[1;36mFrontend Version is:\\E[1;33m $(cat frontend/package.json | jq -r .version)\\E[0m"'
sh 'cat backend/package.json | jq --arg BUILD_VERSION "${BUILD_VERSION}" \'.version = $BUILD_VERSION\' | sponge backend/package.json'
sh 'echo -e "\\E[1;36mBackend Version is:\\E[1;33m $(cat backend/package.json | jq -r .version)\\E[0m"'
sh 'sed -i -E "s/(version-)[0-9]+\\.[0-9]+\\.[0-9]+(-green)/\\1${BUILD_VERSION}\\2/" README.md'
}
}
stage('Docker Login') {
steps {
withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
sh 'docker login -u "${duser}" -p "${dpass}"'
}
}
}
}
}
stage('Builds') {
parallel {
stage('Project') {
steps {
script {
// Frontend and Backend
def shStatusCode = sh(label: 'Checking and Building', returnStatus: true, script: '''
set -e
./scripts/ci/frontend-build > ${WORKSPACE}/tmp-sh-build 2>&1
./scripts/ci/test-and-build > ${WORKSPACE}/tmp-sh-build 2>&1
''')
shOutput = readFile "${env.WORKSPACE}/tmp-sh-build"
if (shStatusCode != 0) {
error "${shOutput}"
}
}
}
post {
always {
sh 'rm -f ${WORKSPACE}/tmp-sh-build'
}
failure {
npmGithubPrComment("CI Error:\n\n```\n${shOutput}\n```", true)
}
}
}
stage('Docs') {
steps {
dir(path: 'docs') {
sh 'yarn install'
sh 'yarn build'
}
}
}
}
}
stage('Test Sqlite') {
environment {
COMPOSE_PROJECT_NAME = "npm_${BRANCH_LOWER}_${BUILD_NUMBER}_sqlite"
COMPOSE_FILE = 'docker/docker-compose.ci.yml:docker/docker-compose.ci.sqlite.yml'
}
when {
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
steps {
sh 'rm -rf ./test/results/junit/*'
sh './scripts/ci/fulltest-cypress'
}
post {
always {
// Dumps to analyze later
sh 'mkdir -p debug/sqlite'
sh 'docker logs $(docker-compose ps --all -q fullstack) > debug/sqlite/docker_fullstack.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q stepca) > debug/sqlite/docker_stepca.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns) > debug/sqlite/docker_pdns.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns-db) > debug/sqlite/docker_pdns-db.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q dnsrouter) > debug/sqlite/docker_dnsrouter.log 2>&1'
junit 'test/results/junit/*'
sh 'docker-compose down --remove-orphans --volumes -t 30 || true'
}
unstable {
dir(path: 'test/results') {
archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml')
}
}
}
}
stage('Test Mysql') {
environment {
COMPOSE_PROJECT_NAME = "npm_${BRANCH_LOWER}_${BUILD_NUMBER}_mysql"
COMPOSE_FILE = 'docker/docker-compose.ci.yml:docker/docker-compose.ci.mysql.yml'
}
when {
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
steps {
sh 'rm -rf ./test/results/junit/*'
sh './scripts/ci/fulltest-cypress'
}
post {
always {
// Dumps to analyze later
sh 'mkdir -p debug/mysql'
sh 'docker logs $(docker-compose ps --all -q fullstack) > debug/mysql/docker_fullstack.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q stepca) > debug/mysql/docker_stepca.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns) > debug/mysql/docker_pdns.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns-db) > debug/mysql/docker_pdns-db.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q dnsrouter) > debug/mysql/docker_dnsrouter.log 2>&1'
junit 'test/results/junit/*'
sh 'docker-compose down --remove-orphans --volumes -t 30 || true'
}
unstable {
dir(path: 'test/results') {
archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml')
}
}
}
}
stage('Test Postgres') {
environment {
COMPOSE_PROJECT_NAME = "npm_${BRANCH_LOWER}_${BUILD_NUMBER}_postgres"
COMPOSE_FILE = 'docker/docker-compose.ci.yml:docker/docker-compose.ci.postgres.yml'
}
when {
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
steps {
sh 'rm -rf ./test/results/junit/*'
sh './scripts/ci/fulltest-cypress'
}
post {
always {
// Dumps to analyze later
sh 'mkdir -p debug/postgres'
sh 'docker logs $(docker-compose ps --all -q fullstack) > debug/postgres/docker_fullstack.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q stepca) > debug/postgres/docker_stepca.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns) > debug/postgres/docker_pdns.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns-db) > debug/postgres/docker_pdns-db.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q dnsrouter) > debug/postgres/docker_dnsrouter.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q db-postgres) > debug/postgres/docker_db-postgres.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q authentik) > debug/postgres/docker_authentik.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q authentik-redis) > debug/postgres/docker_authentik-redis.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q authentik-ldap) > debug/postgres/docker_authentik-ldap.log 2>&1'
junit 'test/results/junit/*'
sh 'docker-compose down --remove-orphans --volumes -t 30 || true'
}
unstable {
dir(path: 'test/results') {
archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml')
}
}
}
}
stage('MultiArch Build') {
when {
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
steps {
sh "./scripts/buildx --push ${buildxPushTags}"
}
}
stage('Docs / Comment') {
parallel {
stage('Docs Job') {
when {
allOf {
branch pattern: "^(develop|master)\$", comparator: "REGEXP"
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
}
steps {
build wait: false, job: 'nginx-proxy-manager-docs', parameters: [string(name: 'docs_branch', value: "$BRANCH_NAME")]
}
}
stage('PR Comment') {
when {
allOf {
changeRequest()
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
}
steps {
script {
npmGithubPrComment("""Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/nginxproxymanager/${IMAGE}-dev):
```
nginxproxymanager/${IMAGE}-dev:${BRANCH_LOWER}
```
> [!NOTE]
> Ensure you backup your NPM instance before testing this image! Especially if there are database changes.
> This is a different docker image namespace than the official image.
> [!WARNING]
> Changes and additions to DNS Providers require verification by at least 2 members of the community!
""", true)
}
}
}
}
}
}
post {
always {
sh 'echo Reverting ownership'
sh 'docker run --rm -v "$(pwd):/data" jc21/ci-tools chown -R "$(id -u):$(id -g)" /data'
printResult(true)
}
failure {
archiveArtifacts(artifacts: 'debug/**/*.*', allowEmptyArchive: true)
}
unstable {
archiveArtifacts(artifacts: 'debug/**/*.*', allowEmptyArchive: true)
}
}
}
def getVersion() {
ver = sh(script: 'cat .version', returnStdout: true)
return ver.trim()
}
def getCommit() {
ver = sh(script: 'git log -n 1 --format=%h', returnStdout: true)
return ver.trim()
}

14
README.md
View File

@@ -1,7 +1,7 @@
<p align="center">
<img src="https://nginxproxymanager.com/github.png">
<br><br>
<img src="https://img.shields.io/badge/version-2.12.6-green.svg?style=for-the-badge">
<img src="https://img.shields.io/badge/version-2.13.5-green.svg?style=for-the-badge">
<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
</a>
@@ -74,11 +74,7 @@ This is the bare minimum configuration required. See the [documentation](https:/
3. Bring up your stack by running
```bash
docker-compose up -d
# If using docker-compose-plugin
docker compose up -d
```
4. Log in to the Admin UI
@@ -88,14 +84,6 @@ Sometimes this can take a little bit because of the entropy of keys.
[http://127.0.0.1:81](http://127.0.0.1:81)
Default Admin User:
```
Email: admin@example.com
Password: changeme
```
Immediately after logging in with this default user you will be asked to modify your details and change your password.
## Contributing

4
backend/app.js
View File

@@ -5,7 +5,7 @@ import fileUpload from "express-fileupload";
import { isDebugMode } from "./lib/config.js";
import cors from "./lib/express/cors.js";
import jwt from "./lib/express/jwt.js";
import { express as logger } from "./logger.js";
import { debug, express as logger } from "./logger.js";
import mainRoutes from "./routes/main.js";
/**
@@ -80,7 +80,7 @@ app.use((err, req, res, _) => {
// Not every error is worth logging - but this is good for now until it gets annoying.
if (typeof err.stack !== "undefined" && err.stack) {
logger.debug(err.stack);
debug(logger, err.stack);
if (typeof err.public === "undefined" || !err.public) {
logger.warn(err.message);
}

2
backend/biome.json
View File

@@ -1,5 +1,5 @@
{
"$schema": "https://biomejs.dev/schemas/2.2.3/schema.json",
"$schema": "https://biomejs.dev/schemas/2.3.2/schema.json",
"vcs": {
"enabled": true,
"clientKind": "git",

2
global/README.md → backend/certbot/README.md
View File

@@ -1,4 +1,4 @@
# certbot-dns-plugins
# Certbot dns-plugins
This file contains info about available Certbot DNS plugins.
This only works for plugins which use the standard argument structure, so:

24
global/certbot-dns-plugins.json → backend/certbot/dns-plugins.json
View File

@@ -26,8 +26,8 @@
"azure": {
"name": "Azure",
"package_name": "certbot-dns-azure",
"version": "~=1.2.0",
"dependencies": "",
"version": "~=2.6.1",
"dependencies": "azure-mgmt-dns==8.2.0",
"credentials": "# This plugin supported API authentication using either Service Principals or utilizing a Managed Identity assigned to the virtual machine.\n# Regardless which authentication method used, the identity will need the “DNS Zone Contributor” role assigned to it.\n# As multiple Azure DNS Zones in multiple resource groups can exist, the config file needs a mapping of zone to resource group ID. Multiple zones -> ID mappings can be listed by using the key dns_azure_zoneX where X is a unique number. At least 1 zone mapping is required.\n\n# Using a service principal (option 1)\ndns_azure_sp_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\ndns_azure_sp_client_secret = E-xqXU83Y-jzTI6xe9fs2YC~mck3ZzUih9\ndns_azure_tenant_id = ed1090f3-ab18-4b12-816c-599af8a88cf7\n\n# Using used assigned MSI (option 2)\n# dns_azure_msi_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\n\n# Using system assigned MSI (option 3)\n# dns_azure_msi_system_assigned = true\n\n# Zones (at least one always required)\ndns_azure_zone1 = example.com:/subscriptions/c135abce-d87d-48df-936c-15596c6968a5/resourceGroups/dns1\ndns_azure_zone2 = example.org:/subscriptions/99800903-fb14-4992-9aff-12eaf2744622/resourceGroups/dns2",
"full_plugin_name": "dns-azure"
},
@@ -295,6 +295,14 @@
"credentials": "dns_hetzner_api_token = 0123456789abcdef0123456789abcdef",
"full_plugin_name": "dns-hetzner"
},
"hetzner-cloud": {
"name": "Hetzner Cloud",
"package_name": "certbot-dns-hetzner-cloud",
"version": "~=1.0.4",
"dependencies": "",
"credentials": "dns_hetzner_cloud_api_token = your_api_token_here",
"full_plugin_name": "dns-hetzner-cloud"
},
"hostingnl": {
"name": "Hosting.nl",
"package_name": "certbot-dns-hostingnl",
@@ -362,7 +370,7 @@
"leaseweb": {
"name": "LeaseWeb",
"package_name": "certbot-dns-leaseweb",
"version": "~=1.0.1",
"version": "~=1.0.3",
"dependencies": "",
"credentials": "dns_leaseweb_api_token = 01234556789",
"full_plugin_name": "dns-leaseweb"
@@ -391,6 +399,14 @@
"credentials": "dns_luadns_email = user@example.com\ndns_luadns_token = 0123456789abcdef0123456789abcdef",
"full_plugin_name": "dns-luadns"
},
"mchost24": {
"name": "MC-HOST24",
"package_name": "certbot-dns-mchost24",
"version": "",
"dependencies": "",
"credentials": "# Obtain API token using https://github.com/JoeJoeTV/mchost24-api-python\ndns_mchost24_api_token=<insert obtained API token here>",
"full_plugin_name": "dns-mchost24"
},
"mijnhost": {
"name": "mijn.host",
"package_name": "certbot-dns-mijn-host",
@@ -466,7 +482,7 @@
"porkbun": {
"name": "Porkbun",
"package_name": "certbot-dns-porkbun",
"version": "~=0.9",
"version": "~=0.11.0",
"dependencies": "",
"credentials": "dns_porkbun_key=your-porkbun-api-key\ndns_porkbun_secret=your-porkbun-api-secret",
"full_plugin_name": "dns-porkbun"

14
backend/db.js
View File

@@ -1,6 +1,8 @@
import knex from "knex";
import {configGet, configHas} from "./lib/config.js";
let instance = null;
const generateDbConfig = () => {
if (!configHas("database")) {
throw new Error(
@@ -21,7 +23,8 @@ const generateDbConfig = () => {
user: cfg.user,
password: cfg.password,
database: cfg.name,
port: cfg.port,
port: cfg.port,
...(cfg.ssl ? { ssl: cfg.ssl } : {})
},
migrations: {
tableName: "migrations",
@@ -29,4 +32,11 @@ const generateDbConfig = () => {
};
};
export default knex(generateDbConfig());
const getInstance = () => {
if (!instance) {
instance = knex(generateDbConfig());
}
return instance;
}
export default getInstance;

765
backend/internal/access-list.js
View File

@@ -21,88 +21,74 @@ const internalAccessList = {
* @param {Object} data
* @returns {Promise}
*/
create: (access, data) => {
return access
.can("access_lists:create", data)
.then((/*access_data*/) => {
return accessListModel
.query()
.insertAndFetch({
name: data.name,
satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth,
owner_user_id: access.token.getUserId(1),
})
.then(utils.omitRow(omissions()));
create: async (access, data) => {
await access.can("access_lists:create", data);
const row = await accessListModel
.query()
.insertAndFetch({
name: data.name,
satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth,
owner_user_id: access.token.getUserId(1),
})
.then((row) => {
data.id = row.id;
.then(utils.omitRow(omissions()));
const promises = [];
data.id = row.id;
// Now add the items
data.items.map((item) => {
promises.push(
accessListAuthModel.query().insert({
access_list_id: row.id,
username: item.username,
password: item.password,
}),
);
return true;
});
const promises = [];
// Items
data.items.map((item) => {
promises.push(
accessListAuthModel.query().insert({
access_list_id: row.id,
username: item.username,
password: item.password,
}),
);
return true;
});
// Now add the clients
if (typeof data.clients !== "undefined" && data.clients) {
data.clients.map((client) => {
promises.push(
accessListClientModel.query().insert({
access_list_id: row.id,
address: client.address,
directive: client.directive,
}),
);
return true;
});
}
// Clients
data.clients?.map((client) => {
promises.push(
accessListClientModel.query().insert({
access_list_id: row.id,
address: client.address,
directive: client.directive,
}),
);
return true;
});
return Promise.all(promises);
})
.then(() => {
// re-fetch with expansions
return internalAccessList.get(
access,
{
id: data.id,
expand: ["owner", "items", "clients", "proxy_hosts.access_list.[clients,items]"],
},
true /* <- skip masking */,
);
})
.then((row) => {
// Audit log
data.meta = _.assign({}, data.meta || {}, row.meta);
await Promise.all(promises);
return internalAccessList
.build(row)
.then(() => {
if (Number.parseInt(row.proxy_host_count, 10)) {
return internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
}
})
.then(() => {
// Add to audit log
return internalAuditLog.add(access, {
action: "created",
object_type: "access-list",
object_id: row.id,
meta: internalAccessList.maskItems(data),
});
})
.then(() => {
return internalAccessList.maskItems(row);
});
});
// re-fetch with expansions
const freshRow = await internalAccessList.get(
access,
{
id: data.id,
expand: ["owner", "items", "clients", "proxy_hosts.access_list.[clients,items]"],
},
true // skip masking
);
// Audit log
data.meta = _.assign({}, data.meta || {}, freshRow.meta);
await internalAccessList.build(freshRow);
if (Number.parseInt(freshRow.proxy_host_count, 10)) {
await internalNginx.bulkGenerateConfigs("proxy_host", freshRow.proxy_hosts);
}
// Add to audit log
await internalAuditLog.add(access, {
action: "created",
object_type: "access-list",
object_id: freshRow.id,
meta: internalAccessList.maskItems(data),
});
return internalAccessList.maskItems(freshRow);
},
/**
@@ -113,127 +99,107 @@ const internalAccessList = {
* @param {String} [data.items]
* @return {Promise}
*/
update: (access, data) => {
return access
.can("access_lists:update", data.id)
.then((/*access_data*/) => {
return internalAccessList.get(access, { id: data.id });
})
.then((row) => {
if (row.id !== data.id) {
// Sanity check that something crazy hasn't happened
throw new errs.InternalValidationError(
`Access List could not be updated, IDs do not match: ${row.id} !== ${data.id}`,
update: async (access, data) => {
await access.can("access_lists:update", data.id);
const row = await internalAccessList.get(access, { id: data.id });
if (row.id !== data.id) {
// Sanity check that something crazy hasn't happened
throw new errs.InternalValidationError(
`Access List could not be updated, IDs do not match: ${row.id} !== ${data.id}`,
);
}
// patch name if specified
if (typeof data.name !== "undefined" && data.name) {
await accessListModel.query().where({ id: data.id }).patch({
name: data.name,
satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth,
});
}
// Check for items and add/update/remove them
if (typeof data.items !== "undefined" && data.items) {
const promises = [];
const itemsToKeep = [];
data.items.map((item) => {
if (item.password) {
promises.push(
accessListAuthModel.query().insert({
access_list_id: data.id,
username: item.username,
password: item.password,
}),
);
} else {
// This was supplied with an empty password, which means keep it but don't change the password
itemsToKeep.push(item.username);
}
return true;
});
const query = accessListAuthModel.query().delete().where("access_list_id", data.id);
if (itemsToKeep.length) {
query.andWhere("username", "NOT IN", itemsToKeep);
}
await query;
// Add new items
if (promises.length) {
await Promise.all(promises);
}
}
// Check for clients and add/update/remove them
if (typeof data.clients !== "undefined" && data.clients) {
const clientPromises = [];
data.clients.map((client) => {
if (client.address) {
clientPromises.push(
accessListClientModel.query().insert({
access_list_id: data.id,
address: client.address,
directive: client.directive,
}),
);
}
})
.then(() => {
// patch name if specified
if (typeof data.name !== "undefined" && data.name) {
return accessListModel.query().where({ id: data.id }).patch({
name: data.name,
satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth,
});
}
})
.then(() => {
// Check for items and add/update/remove them
if (typeof data.items !== "undefined" && data.items) {
const promises = [];
const items_to_keep = [];
data.items.map((item) => {
if (item.password) {
promises.push(
accessListAuthModel.query().insert({
access_list_id: data.id,
username: item.username,
password: item.password,
}),
);
} else {
// This was supplied with an empty password, which means keep it but don't change the password
items_to_keep.push(item.username);
}
return true;
});
const query = accessListAuthModel.query().delete().where("access_list_id", data.id);
if (items_to_keep.length) {
query.andWhere("username", "NOT IN", items_to_keep);
}
return query.then(() => {
// Add new items
if (promises.length) {
return Promise.all(promises);
}
});
}
})
.then(() => {
// Check for clients and add/update/remove them
if (typeof data.clients !== "undefined" && data.clients) {
const promises = [];
data.clients.map((client) => {
if (client.address) {
promises.push(
accessListClientModel.query().insert({
access_list_id: data.id,
address: client.address,
directive: client.directive,
}),
);
}
return true;
});
const query = accessListClientModel.query().delete().where("access_list_id", data.id);
return query.then(() => {
// Add new items
if (promises.length) {
return Promise.all(promises);
}
});
}
})
.then(() => {
// Add to audit log
return internalAuditLog.add(access, {
action: "updated",
object_type: "access-list",
object_id: data.id,
meta: internalAccessList.maskItems(data),
});
})
.then(() => {
// re-fetch with expansions
return internalAccessList.get(
access,
{
id: data.id,
expand: ["owner", "items", "clients", "proxy_hosts.[certificate,access_list.[clients,items]]"],
},
true /* <- skip masking */,
);
})
.then((row) => {
return internalAccessList
.build(row)
.then(() => {
if (Number.parseInt(row.proxy_host_count, 10)) {
return internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
}
})
.then(internalNginx.reload)
.then(() => {
return internalAccessList.maskItems(row);
});
return true;
});
const query = accessListClientModel.query().delete().where("access_list_id", data.id);
await query;
// Add new clitens
if (clientPromises.length) {
await Promise.all(clientPromises);
}
}
// Add to audit log
await internalAuditLog.add(access, {
action: "updated",
object_type: "access-list",
object_id: data.id,
meta: internalAccessList.maskItems(data),
});
// re-fetch with expansions
const freshRow = await internalAccessList.get(
access,
{
id: data.id,
expand: ["owner", "items", "clients", "proxy_hosts.[certificate,access_list.[clients,items]]"],
},
true // skip masking
);
await internalAccessList.build(freshRow)
if (Number.parseInt(freshRow.proxy_host_count, 10)) {
await internalNginx.bulkGenerateConfigs("proxy_host", freshRow.proxy_hosts);
}
await internalNginx.reload();
return internalAccessList.maskItems(freshRow);
},
/**
@@ -242,55 +208,50 @@ const internalAccessList = {
* @param {Integer} data.id
* @param {Array} [data.expand]
* @param {Array} [data.omit]
* @param {Boolean} [skip_masking]
* @param {Boolean} [skipMasking]
* @return {Promise}
*/
get: (access, data, skip_masking) => {
get: async (access, data, skipMasking) => {
const thisData = data || {};
const accessData = await access.can("access_lists:get", thisData.id)
return access
.can("access_lists:get", thisData.id)
.then((accessData) => {
const query = accessListModel
.query()
.select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count"))
.leftJoin("proxy_host", function () {
this.on("proxy_host.access_list_id", "=", "access_list.id").andOn(
"proxy_host.is_deleted",
"=",
0,
);
})
.where("access_list.is_deleted", 0)
.andWhere("access_list.id", thisData.id)
.groupBy("access_list.id")
.allowGraph("[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]")
.first();
if (accessData.permission_visibility !== "all") {
query.andWhere("access_list.owner_user_id", access.token.getUserId(1));
}
if (typeof thisData.expand !== "undefined" && thisData.expand !== null) {
query.withGraphFetched(`[${thisData.expand.join(", ")}]`);
}
return query.then(utils.omitRow(omissions()));
const query = accessListModel
.query()
.select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count"))
.leftJoin("proxy_host", function () {
this.on("proxy_host.access_list_id", "=", "access_list.id").andOn(
"proxy_host.is_deleted",
"=",
0,
);
})
.then((row) => {
let thisRow = row;
if (!row || !row.id) {
throw new errs.ItemNotFoundError(thisData.id);
}
if (!skip_masking && typeof thisRow.items !== "undefined" && thisRow.items) {
thisRow = internalAccessList.maskItems(thisRow);
}
// Custom omissions
if (typeof data.omit !== "undefined" && data.omit !== null) {
thisRow = _.omit(thisRow, data.omit);
}
return thisRow;
});
.where("access_list.is_deleted", 0)
.andWhere("access_list.id", thisData.id)
.groupBy("access_list.id")
.allowGraph("[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]")
.first();
if (accessData.permission_visibility !== "all") {
query.andWhere("access_list.owner_user_id", access.token.getUserId(1));
}
if (typeof thisData.expand !== "undefined" && thisData.expand !== null) {
query.withGraphFetched(`[${thisData.expand.join(", ")}]`);
}
let row = await query.then(utils.omitRow(omissions()));
if (!row || !row.id) {
throw new errs.ItemNotFoundError(thisData.id);
}
if (!skipMasking && typeof row.items !== "undefined" && row.items) {
row = internalAccessList.maskItems(row);
}
// Custom omissions
if (typeof data.omit !== "undefined" && data.omit !== null) {
row = _.omit(row, data.omit);
}
return row;
},
/**
@@ -300,75 +261,64 @@ const internalAccessList = {
* @param {String} [data.reason]
* @returns {Promise}
*/
delete: (access, data) => {
return access
.can("access_lists:delete", data.id)
.then(() => {
return internalAccessList.get(access, { id: data.id, expand: ["proxy_hosts", "items", "clients"] });
})
.then((row) => {
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
delete: async (access, data) => {
await access.can("access_lists:delete", data.id);
const row = await internalAccessList.get(access, {
id: data.id,
expand: ["proxy_hosts", "items", "clients"],
});
// 1. update row to be deleted
// 2. update any proxy hosts that were using it (ignoring permissions)
// 3. reconfigure those hosts
// 4. audit log
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
// 1. update row to be deleted
return accessListModel
.query()
.where("id", row.id)
.patch({
is_deleted: 1,
})
.then(() => {
// 2. update any proxy hosts that were using it (ignoring permissions)
if (row.proxy_hosts) {
return proxyHostModel
.query()
.where("access_list_id", "=", row.id)
.patch({ access_list_id: 0 })
.then(() => {
// 3. reconfigure those hosts, then reload nginx
// 1. update row to be deleted
// 2. update any proxy hosts that were using it (ignoring permissions)
// 3. reconfigure those hosts
// 4. audit log
// set the access_list_id to zero for these items
row.proxy_hosts.map((_val, idx) => {
row.proxy_hosts[idx].access_list_id = 0;
return true;
});
// 1. update row to be deleted
await accessListModel
.query()
.where("id", row.id)
.patch({
is_deleted: 1,
});
return internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
})
.then(() => {
return internalNginx.reload();
});
}
})
.then(() => {
// delete the htpasswd file
const htpasswd_file = internalAccessList.getFilename(row);
// 2. update any proxy hosts that were using it (ignoring permissions)
if (row.proxy_hosts) {
await proxyHostModel
.query()
.where("access_list_id", "=", row.id)
.patch({ access_list_id: 0 });
try {
fs.unlinkSync(htpasswd_file);
} catch (_err) {
// do nothing
}
})
.then(() => {
// 4. audit log
return internalAuditLog.add(access, {
action: "deleted",
object_type: "access-list",
object_id: row.id,
meta: _.omit(internalAccessList.maskItems(row), ["is_deleted", "proxy_hosts"]),
});
});
})
.then(() => {
// 3. reconfigure those hosts, then reload nginx
// set the access_list_id to zero for these items
row.proxy_hosts.map((_val, idx) => {
row.proxy_hosts[idx].access_list_id = 0;
return true;
});
await internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
}
await internalNginx.reload();
// delete the htpasswd file
try {
fs.unlinkSync(internalAccessList.getFilename(row));
} catch (_err) {
// do nothing
}
// 4. audit log
await internalAuditLog.add(access, {
action: "deleted",
object_type: "access-list",
object_id: row.id,
meta: _.omit(internalAccessList.maskItems(row), ["is_deleted", "proxy_hosts"]),
});
return true;
},
/**
@@ -376,76 +326,73 @@ const internalAccessList = {
*
* @param {Access} access
* @param {Array} [expand]
* @param {String} [search_query]
* @param {String} [searchQuery]
* @returns {Promise}
*/
getAll: (access, expand, search_query) => {
return access
.can("access_lists:list")
.then((access_data) => {
const query = accessListModel
.query()
.select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count"))
.leftJoin("proxy_host", function () {
this.on("proxy_host.access_list_id", "=", "access_list.id").andOn(
"proxy_host.is_deleted",
"=",
0,
);
})
.where("access_list.is_deleted", 0)
.groupBy("access_list.id")
.allowGraph("[owner,items,clients]")
.orderBy("access_list.name", "ASC");
getAll: async (access, expand, searchQuery) => {
const accessData = await access.can("access_lists:list");
if (access_data.permission_visibility !== "all") {
query.andWhere("access_list.owner_user_id", access.token.getUserId(1));
}
// Query is used for searching
if (typeof search_query === "string") {
query.where(function () {
this.where("name", "like", `%${search_query}%`);
});
}
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
return query.then(utils.omitRows(omissions()));
const query = accessListModel
.query()
.select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count"))
.leftJoin("proxy_host", function () {
this.on("proxy_host.access_list_id", "=", "access_list.id").andOn(
"proxy_host.is_deleted",
"=",
0,
);
})
.then((rows) => {
if (rows) {
rows.map((row, idx) => {
if (typeof row.items !== "undefined" && row.items) {
rows[idx] = internalAccessList.maskItems(row);
}
return true;
});
}
.where("access_list.is_deleted", 0)
.groupBy("access_list.id")
.allowGraph("[owner,items,clients]")
.orderBy("access_list.name", "ASC");
return rows;
if (accessData.permission_visibility !== "all") {
query.andWhere("access_list.owner_user_id", access.token.getUserId(1));
}
// Query is used for searching
if (typeof searchQuery === "string") {
query.where(function () {
this.where("name", "like", `%${searchQuery}%`);
});
}
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
const rows = await query.then(utils.omitRows(omissions()));
if (rows) {
rows.map((row, idx) => {
if (typeof row.items !== "undefined" && row.items) {
rows[idx] = internalAccessList.maskItems(row);
}
return true;
});
}
return rows;
},
/**
* Report use
* Count is used in reports
*
* @param {Integer} user_id
* @param {Integer} userId
* @param {String} visibility
* @returns {Promise}
*/
getCount: (user_id, visibility) => {
const query = accessListModel.query().count("id as count").where("is_deleted", 0);
getCount: async (userId, visibility) => {
const query = accessListModel
.query()
.count("id as count")
.where("is_deleted", 0);
if (visibility !== "all") {
query.andWhere("owner_user_id", user_id);
query.andWhere("owner_user_id", userId);
}
return query.first().then((row) => {
return Number.parseInt(row.count, 10);
});
const row = await query.first();
return Number.parseInt(row.count, 10);
},
/**
@@ -455,20 +402,19 @@ const internalAccessList = {
maskItems: (list) => {
if (list && typeof list.items !== "undefined") {
list.items.map((val, idx) => {
let repeat_for = 8;
let first_char = "*";
let repeatFor = 8;
let firstChar = "*";
if (typeof val.password !== "undefined" && val.password) {
repeat_for = val.password.length - 1;
first_char = val.password.charAt(0);
repeatFor = val.password.length - 1;
firstChar = val.password.charAt(0);
}
list.items[idx].hint = first_char + "*".repeat(repeat_for);
list.items[idx].hint = firstChar + "*".repeat(repeatFor);
list.items[idx].password = "";
return true;
});
}
return list;
},
@@ -488,66 +434,55 @@ const internalAccessList = {
* @param {Array} list.items
* @returns {Promise}
*/
build: (list) => {
build: async (list) => {
logger.info(`Building Access file #${list.id} for: ${list.name}`);
return new Promise((resolve, reject) => {
const htpasswd_file = internalAccessList.getFilename(list);
const htpasswdFile = internalAccessList.getFilename(list);
// 1. remove any existing access file
try {
fs.unlinkSync(htpasswd_file);
} catch (_err) {
// do nothing
}
// 1. remove any existing access file
try {
fs.unlinkSync(htpasswdFile);
} catch (_err) {
// do nothing
}
// 2. create empty access file
try {
fs.writeFileSync(htpasswd_file, "", { encoding: "utf8" });
resolve(htpasswd_file);
} catch (err) {
reject(err);
}
}).then((htpasswd_file) => {
// 3. generate password for each user
if (list.items.length) {
return new Promise((resolve, reject) => {
batchflow(list.items)
.sequential()
.each((_i, item, next) => {
if (typeof item.password !== "undefined" && item.password.length) {
logger.info(`Adding: ${item.username}`);
// 2. create empty access file
fs.writeFileSync(htpasswdFile, '', {encoding: 'utf8'});
utils
.execFile("openssl", ["passwd", "-apr1", item.password])
.then((res) => {
try {
fs.appendFileSync(htpasswd_file, `${item.username}:${res}\n`, {
encoding: "utf8",
});
} catch (err) {
reject(err);
}
next();
})
.catch((err) => {
logger.error(err);
next(err);
});
}
})
.error((err) => {
logger.error(err);
reject(err);
})
.end((results) => {
logger.success(`Built Access file #${list.id} for: ${list.name}`);
resolve(results);
});
});
}
});
},
};
// 3. generate password for each user
if (list.items.length) {
await new Promise((resolve, reject) => {
batchflow(list.items).sequential()
.each((_i, item, next) => {
if (item.password?.length) {
logger.info(`Adding: ${item.username}`);
utils.execFile('openssl', ['passwd', '-apr1', item.password])
.then((res) => {
try {
fs.appendFileSync(htpasswdFile, `${item.username}:${res}\n`, {encoding: 'utf8'});
} catch (err) {
reject(err);
}
next();
})
.catch((err) => {
logger.error(err);
next(err);
});
}
})
.error((err) => {
logger.error(err);
reject(err);
})
.end((results) => {
logger.success(`Built Access file #${list.id} for: ${list.name}`);
resolve(results);
});
});
}
}
}
export default internalAccessList;

104
backend/internal/audit-log.js
View File

@@ -9,31 +9,60 @@ const internalAuditLog = {
*
* @param {Access} access
* @param {Array} [expand]
* @param {String} [search_query]
* @param {String} [searchQuery]
* @returns {Promise}
*/
getAll: (access, expand, search_query) => {
return access.can("auditlog:list").then(() => {
const query = auditLogModel
.query()
.orderBy("created_on", "DESC")
.orderBy("id", "DESC")
.limit(100)
.allowGraph("[user]");
getAll: async (access, expand, searchQuery) => {
await access.can("auditlog:list");
// Query is used for searching
if (typeof search_query === "string" && search_query.length > 0) {
query.where(function () {
this.where(castJsonIfNeed("meta"), "like", `%${search_query}`);
});
}
const query = auditLogModel
.query()
.orderBy("created_on", "DESC")
.orderBy("id", "DESC")
.limit(100)
.allowGraph("[user]");
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
// Query is used for searching
if (typeof searchQuery === "string" && searchQuery.length > 0) {
query.where(function () {
this.where(castJsonIfNeed("meta"), "like", `%${searchQuery}`);
});
}
return query;
});
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
return await query;
},
/**
* @param {Access} access
* @param {Object} [data]
* @param {Integer} [data.id] Defaults to the token user
* @param {Array} [data.expand]
* @return {Promise}
*/
get: async (access, data) => {
await access.can("auditlog:list");
const query = auditLogModel
.query()
.andWhere("id", data.id)
.allowGraph("[user]")
.first();
if (typeof data.expand !== "undefined" && data.expand !== null) {
query.withGraphFetched(`[${data.expand.join(", ")}]`);
}
const row = await query;
if (!row?.id) {
throw new errs.ItemNotFoundError(data.id);
}
return row;
},
/**
@@ -50,27 +79,22 @@ const internalAuditLog = {
* @param {Object} [data.meta]
* @returns {Promise}
*/
add: (access, data) => {
return new Promise((resolve, reject) => {
// Default the user id
if (typeof data.user_id === "undefined" || !data.user_id) {
data.user_id = access.token.getUserId(1);
}
add: async (access, data) => {
if (typeof data.user_id === "undefined" || !data.user_id) {
data.user_id = access.token.getUserId(1);
}
if (typeof data.action === "undefined" || !data.action) {
reject(new errs.InternalValidationError("Audit log entry must contain an Action"));
} else {
// Make sure at least 1 of the IDs are set and action
resolve(
auditLogModel.query().insert({
user_id: data.user_id,
action: data.action,
object_type: data.object_type || "",
object_id: data.object_id || 0,
meta: data.meta || {},
}),
);
}
if (typeof data.action === "undefined" || !data.action) {
throw new errs.InternalValidationError("Audit log entry must contain an Action");
}
// Make sure at least 1 of the IDs are set and action
return await auditLogModel.query().insert({
user_id: data.user_id,
action: data.action,
object_type: data.object_type || "",
object_id: data.object_id || 0,
meta: data.meta || {},
});
},
};

1368
backend/internal/certificate.js
View File

File diff suppressed because it is too large Load Diff

619
backend/internal/dead-host.js
View File

@@ -18,91 +18,79 @@ const internalDeadHost = {
* @param {Object} data
* @returns {Promise}
*/
create: (access, data) => {
create: async (access, data) => {
const createCertificate = data.certificate_id === "new";
if (createCertificate) {
delete data.certificate_id;
}
return access
.can("dead_hosts:create", data)
.then((/*access_data*/) => {
// Get a list of the domain names and check each of them against existing records
const domain_name_check_promises = [];
await access.can("dead_hosts:create", data);
data.domain_names.map((domain_name) => {
domain_name_check_promises.push(internalHost.isHostnameTaken(domain_name));
return true;
});
// Get a list of the domain names and check each of them against existing records
const domainNameCheckPromises = [];
return Promise.all(domain_name_check_promises).then((check_results) => {
check_results.map((result) => {
if (result.is_taken) {
throw new errs.ValidationError(`${result.hostname} is already in use`);
}
return true;
});
});
})
.then(() => {
// At this point the domains should have been checked
data.owner_user_id = access.token.getUserId(1);
const thisData = internalHost.cleanSslHstsData(data);
data.domain_names.map((domain_name) => {
domainNameCheckPromises.push(internalHost.isHostnameTaken(domain_name));
return true;
});
// Fix for db field not having a default value
// for this optional field.
if (typeof data.advanced_config === "undefined") {
thisData.advanced_config = "";
await Promise.all(domainNameCheckPromises).then((check_results) => {
check_results.map((result) => {
if (result.is_taken) {
throw new errs.ValidationError(`${result.hostname} is already in use`);
}
return deadHostModel.query().insertAndFetch(thisData).then(utils.omitRow(omissions()));
})
.then((row) => {
if (createCertificate) {
return internalCertificate
.createQuickCertificate(access, data)
.then((cert) => {
// update host with cert id
return internalDeadHost.update(access, {
id: row.id,
certificate_id: cert.id,
});
})
.then(() => {
return row;
});
}
return row;
})
.then((row) => {
// re-fetch with cert
return internalDeadHost.get(access, {
id: row.id,
expand: ["certificate", "owner"],
});
})
.then((row) => {
// Configure nginx
return internalNginx.configure(deadHostModel, "dead_host", row).then(() => {
return row;
});
})
.then((row) => {
data.meta = _.assign({}, data.meta || {}, row.meta);
// Add to audit log
return internalAuditLog
.add(access, {
action: "created",
object_type: "dead-host",
object_id: row.id,
meta: data,
})
.then(() => {
return row;
});
return true;
});
});
// At this point the domains should have been checked
data.owner_user_id = access.token.getUserId(1);
const thisData = internalHost.cleanSslHstsData(data);
// Fix for db field not having a default value
// for this optional field.
if (typeof data.advanced_config === "undefined") {
thisData.advanced_config = "";
}
const row = await deadHostModel.query()
.insertAndFetch(thisData)
.then(utils.omitRow(omissions()));
// Add to audit log
await internalAuditLog.add(access, {
action: "created",
object_type: "dead-host",
object_id: row.id,
meta: thisData,
});
if (createCertificate) {
const cert = await internalCertificate.createQuickCertificate(access, data);
// update host with cert id
await internalDeadHost.update(access, {
id: row.id,
certificate_id: cert.id,
});
}
// re-fetch with cert
const freshRow = await internalDeadHost.get(access, {
id: row.id,
expand: ["certificate", "owner"],
});
// Sanity check
if (createCertificate && !freshRow.certificate_id) {
throw new errs.InternalValidationError("The host was created but the Certificate creation failed.");
}
// Configure nginx
await internalNginx.configure(deadHostModel, "dead_host", freshRow);
return freshRow;
},
/**
@@ -111,107 +99,85 @@ const internalDeadHost = {
* @param {Number} data.id
* @return {Promise}
*/
update: (access, data) => {
let thisData = data;
const createCertificate = thisData.certificate_id === "new";
update: async (access, data) => {
const createCertificate = data.certificate_id === "new";
if (createCertificate) {
delete thisData.certificate_id;
delete data.certificate_id;
}
return access
.can("dead_hosts:update", thisData.id)
.then((/*access_data*/) => {
// Get a list of the domain names and check each of them against existing records
const domain_name_check_promises = [];
await access.can("dead_hosts:update", data.id);
if (typeof thisData.domain_names !== "undefined") {
thisData.domain_names.map((domain_name) => {
domain_name_check_promises.push(internalHost.isHostnameTaken(domain_name, "dead", data.id));
return true;
});
return Promise.all(domain_name_check_promises).then((check_results) => {
check_results.map((result) => {
if (result.is_taken) {
throw new errs.ValidationError(`${result.hostname} is already in use`);
}
return true;
});
});
}
})
.then(() => {
return internalDeadHost.get(access, { id: thisData.id });
})
.then((row) => {
if (row.id !== thisData.id) {
// Sanity check that something crazy hasn't happened
throw new errs.InternalValidationError(
`404 Host could not be updated, IDs do not match: ${row.id} !== ${thisData.id}`,
);
}
if (createCertificate) {
return internalCertificate
.createQuickCertificate(access, {
domain_names: thisData.domain_names || row.domain_names,
meta: _.assign({}, row.meta, thisData.meta),
})
.then((cert) => {
// update host with cert id
thisData.certificate_id = cert.id;
})
.then(() => {
return row;
});
}
return row;
})
.then((row) => {
// Add domain_names to the data in case it isn't there, so that the audit log renders correctly. The order is important here.
thisData = _.assign(
{},
{
domain_names: row.domain_names,
},
data,
);
thisData = internalHost.cleanSslHstsData(thisData, row);
return deadHostModel
.query()
.where({ id: thisData.id })
.patch(thisData)
.then((saved_row) => {
// Add to audit log
return internalAuditLog
.add(access, {
action: "updated",
object_type: "dead-host",
object_id: row.id,
meta: thisData,
})
.then(() => {
return _.omit(saved_row, omissions());
});
});
})
.then(() => {
return internalDeadHost
.get(access, {
id: thisData.id,
expand: ["owner", "certificate"],
})
.then((row) => {
// Configure nginx
return internalNginx.configure(deadHostModel, "dead_host", row).then((new_meta) => {
row.meta = new_meta;
return _.omit(internalHost.cleanRowCertificateMeta(row), omissions());
});
});
// Get a list of the domain names and check each of them against existing records
const domainNameCheckPromises = [];
if (typeof data.domain_names !== "undefined") {
data.domain_names.map((domainName) => {
domainNameCheckPromises.push(internalHost.isHostnameTaken(domainName, "dead", data.id));
return true;
});
const checkResults = await Promise.all(domainNameCheckPromises);
checkResults.map((result) => {
if (result.is_taken) {
throw new errs.ValidationError(`${result.hostname} is already in use`);
}
return true;
});
}
const row = await internalDeadHost.get(access, { id: data.id });
if (row.id !== data.id) {
// Sanity check that something crazy hasn't happened
throw new errs.InternalValidationError(
`404 Host could not be updated, IDs do not match: ${row.id} !== ${data.id}`,
);
}
if (createCertificate) {
const cert = await internalCertificate.createQuickCertificate(access, {
domain_names: data.domain_names || row.domain_names,
meta: _.assign({}, row.meta, data.meta),
});
// update host with cert id
data.certificate_id = cert.id;
}
// Add domain_names to the data in case it isn't there, so that the audit log renders correctly. The order is important here.
let thisData = _.assign(
{},
{
domain_names: row.domain_names,
},
data,
);
thisData = internalHost.cleanSslHstsData(thisData, row);
// do the row update
await deadHostModel
.query()
.where({id: data.id})
.patch(data);
// Add to audit log
await internalAuditLog.add(access, {
action: "updated",
object_type: "dead-host",
object_id: row.id,
meta: thisData,
});
const thisRow = await internalDeadHost
.get(access, {
id: thisData.id,
expand: ["owner", "certificate"],
});
// Configure nginx
const newMeta = await internalNginx.configure(deadHostModel, "dead_host", row);
row.meta = newMeta;
return _.omit(internalHost.cleanRowCertificateMeta(thisRow), omissions());
},
/**
@@ -222,39 +188,32 @@ const internalDeadHost = {
* @param {Array} [data.omit]
* @return {Promise}
*/
get: (access, data) => {
const thisData = data || {};
get: async (access, data) => {
const accessData = await access.can("dead_hosts:get", data.id);
const query = deadHostModel
.query()
.where("is_deleted", 0)
.andWhere("id", data.id)
.allowGraph("[owner,certificate]")
.first();
return access
.can("dead_hosts:get", thisData.id)
.then((access_data) => {
const query = deadHostModel
.query()
.where("is_deleted", 0)
.andWhere("id", dthisDataata.id)
.allowGraph("[owner,certificate]")
.first();
if (accessData.permission_visibility !== "all") {
query.andWhere("owner_user_id", access.token.getUserId(1));
}
if (access_data.permission_visibility !== "all") {
query.andWhere("owner_user_id", access.token.getUserId(1));
}
if (typeof data.expand !== "undefined" && data.expand !== null) {
query.withGraphFetched(`[${data.expand.join(", ")}]`);
}
if (typeof thisData.expand !== "undefined" && thisData.expand !== null) {
query.withGraphFetched(`[${data.expand.join(", ")}]`);
}
return query.then(utils.omitRow(omissions()));
})
.then((row) => {
if (!row || !row.id) {
throw new errs.ItemNotFoundError(thisData.id);
}
// Custom omissions
if (typeof thisData.omit !== "undefined" && thisData.omit !== null) {
return _.omit(row, thisData.omit);
}
return row;
});
const row = await query.then(utils.omitRow(omissions()));
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
// Custom omissions
if (typeof data.omit !== "undefined" && data.omit !== null) {
return _.omit(row, data.omit);
}
return row;
},
/**
@@ -264,42 +223,32 @@ const internalDeadHost = {
* @param {String} [data.reason]
* @returns {Promise}
*/
delete: (access, data) => {
return access
.can("dead_hosts:delete", data.id)
.then(() => {
return internalDeadHost.get(access, { id: data.id });
})
.then((row) => {
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
delete: async (access, data) => {
await access.can("dead_hosts:delete", data.id)
const row = await internalDeadHost.get(access, { id: data.id });
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
return deadHostModel
.query()
.where("id", row.id)
.patch({
is_deleted: 1,
})
.then(() => {
// Delete Nginx Config
return internalNginx.deleteConfig("dead_host", row).then(() => {
return internalNginx.reload();
});
})
.then(() => {
// Add to audit log
return internalAuditLog.add(access, {
action: "deleted",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
});
})
.then(() => {
return true;
await deadHostModel
.query()
.where("id", row.id)
.patch({
is_deleted: 1,
});
// Delete Nginx Config
await internalNginx.deleteConfig("dead_host", row);
await internalNginx.reload();
// Add to audit log
await internalAuditLog.add(access, {
action: "deleted",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
return true;
},
/**
@@ -309,48 +258,39 @@ const internalDeadHost = {
* @param {String} [data.reason]
* @returns {Promise}
*/
enable: (access, data) => {
return access
.can("dead_hosts:update", data.id)
.then(() => {
return internalDeadHost.get(access, {
id: data.id,
expand: ["certificate", "owner"],
});
})
.then((row) => {
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
if (row.enabled) {
throw new errs.ValidationError("Host is already enabled");
}
enable: async (access, data) => {
await access.can("dead_hosts:update", data.id)
const row = await internalDeadHost.get(access, {
id: data.id,
expand: ["certificate", "owner"],
});
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
if (row.enabled) {
throw new errs.ValidationError("Host is already enabled");
}
row.enabled = 1;
row.enabled = 1;
return deadHostModel
.query()
.where("id", row.id)
.patch({
enabled: 1,
})
.then(() => {
// Configure nginx
return internalNginx.configure(deadHostModel, "dead_host", row);
})
.then(() => {
// Add to audit log
return internalAuditLog.add(access, {
action: "enabled",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
});
})
.then(() => {
return true;
await deadHostModel
.query()
.where("id", row.id)
.patch({
enabled: 1,
});
// Configure nginx
await internalNginx.configure(deadHostModel, "dead_host", row);
// Add to audit log
await internalAuditLog.add(access, {
action: "enabled",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
return true;
},
/**
@@ -360,47 +300,37 @@ const internalDeadHost = {
* @param {String} [data.reason]
* @returns {Promise}
*/
disable: (access, data) => {
return access
.can("dead_hosts:update", data.id)
.then(() => {
return internalDeadHost.get(access, { id: data.id });
})
.then((row) => {
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
if (!row.enabled) {
throw new errs.ValidationError("Host is already disabled");
}
disable: async (access, data) => {
await access.can("dead_hosts:update", data.id)
const row = await internalDeadHost.get(access, { id: data.id });
if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id);
}
if (!row.enabled) {
throw new errs.ValidationError("Host is already disabled");
}
row.enabled = 0;
row.enabled = 0;
return deadHostModel
.query()
.where("id", row.id)
.patch({
enabled: 0,
})
.then(() => {
// Delete Nginx Config
return internalNginx.deleteConfig("dead_host", row).then(() => {
return internalNginx.reload();
});
})
.then(() => {
// Add to audit log
return internalAuditLog.add(access, {
action: "disabled",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
});
})
.then(() => {
return true;
await deadHostModel
.query()
.where("id", row.id)
.patch({
enabled: 0,
});
// Delete Nginx Config
await internalNginx.deleteConfig("dead_host", row);
await internalNginx.reload();
// Add to audit log
await internalAuditLog.add(access, {
action: "disabled",
object_type: "dead-host",
object_id: row.id,
meta: _.omit(row, omissions()),
});
return true;
},
/**
@@ -408,44 +338,38 @@ const internalDeadHost = {
*
* @param {Access} access
* @param {Array} [expand]
* @param {String} [search_query]
* @param {String} [searchQuery]
* @returns {Promise}
*/
getAll: (access, expand, search_query) => {
return access
.can("dead_hosts:list")
.then((access_data) => {
const query = deadHostModel
.query()
.where("is_deleted", 0)
.groupBy("id")
.allowGraph("[owner,certificate]")
.orderBy(castJsonIfNeed("domain_names"), "ASC");
getAll: async (access, expand, searchQuery) => {
const accessData = await access.can("dead_hosts:list")
const query = deadHostModel
.query()
.where("is_deleted", 0)
.groupBy("id")
.allowGraph("[owner,certificate]")
.orderBy(castJsonIfNeed("domain_names"), "ASC");
if (access_data.permission_visibility !== "all") {
query.andWhere("owner_user_id", access.token.getUserId(1));
}
if (accessData.permission_visibility !== "all") {
query.andWhere("owner_user_id", access.token.getUserId(1));
}
// Query is used for searching
if (typeof search_query === "string" && search_query.length > 0) {
query.where(function () {
this.where(castJsonIfNeed("domain_names"), "like", `%${search_query}%`);
});
}
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
return query.then(utils.omitRows(omissions()));
})
.then((rows) => {
if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) {
return internalHost.cleanAllRowsCertificateMeta(rows);
}
return rows;
// Query is used for searching
if (typeof searchQuery === "string" && searchQuery.length > 0) {
query.where(function () {
this.where(castJsonIfNeed("domain_names"), "like", `%${searchQuery}%`);
});
}
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
const rows = await query.then(utils.omitRows(omissions()));
if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) {
internalHost.cleanAllRowsCertificateMeta(rows);
}
return rows;
},
/**
@@ -455,16 +379,15 @@ const internalDeadHost = {
* @param {String} visibility
* @returns {Promise}
*/
getCount: (user_id, visibility) => {
getCount: async (user_id, visibility) => {
const query = deadHostModel.query().count("id as count").where("is_deleted", 0);
if (visibility !== "all") {
query.andWhere("owner_user_id", user_id);
}
return query.first().then((row) => {
return Number.parseInt(row.count, 10);
});
const row = await query.first();
return Number.parseInt(row.count, 10);
},
};

55
backend/internal/host.js
View File

@@ -65,50 +65,33 @@ const internalHost = {
},
/**
* This returns all the host types with any domain listed in the provided domain_names array.
* This returns all the host types with any domain listed in the provided domainNames array.
* This is used by the certificates to temporarily disable any host that is using the domain
*
* @param {Array} domain_names
* @param {Array} domainNames
* @returns {Promise}
*/
getHostsWithDomains: (domain_names) => {
const promises = [
proxyHostModel.query().where("is_deleted", 0),
redirectionHostModel.query().where("is_deleted", 0),
deadHostModel.query().where("is_deleted", 0),
];
getHostsWithDomains: async (domainNames) => {
const responseObject = {
total_count: 0,
dead_hosts: [],
proxy_hosts: [],
redirection_hosts: [],
};
return Promise.all(promises).then((promises_results) => {
const response_object = {
total_count: 0,
dead_hosts: [],
proxy_hosts: [],
redirection_hosts: [],
};
const proxyRes = await proxyHostModel.query().where("is_deleted", 0);
responseObject.proxy_hosts = internalHost._getHostsWithDomains(proxyRes, domainNames);
responseObject.total_count += responseObject.proxy_hosts.length;
if (promises_results[0]) {
// Proxy Hosts
response_object.proxy_hosts = internalHost._getHostsWithDomains(promises_results[0], domain_names);
response_object.total_count += response_object.proxy_hosts.length;
}
const redirRes = await redirectionHostModel.query().where("is_deleted", 0);
responseObject.redirection_hosts = internalHost._getHostsWithDomains(redirRes, domainNames);
responseObject.total_count += responseObject.redirection_hosts.length;
if (promises_results[1]) {
// Redirection Hosts
response_object.redirection_hosts = internalHost._getHostsWithDomains(
promises_results[1],
domain_names,
);
response_object.total_count += response_object.redirection_hosts.length;
}
const deadRes = await deadHostModel.query().where("is_deleted", 0);
responseObject.dead_hosts = internalHost._getHostsWithDomains(deadRes, domainNames);
responseObject.total_count += responseObject.dead_hosts.length;
if (promises_results[2]) {
// Dead Hosts
response_object.dead_hosts = internalHost._getHostsWithDomains(promises_results[2], domain_names);
response_object.total_count += response_object.dead_hosts.length;
}
return response_object;
});
return responseObject;
},
/**

4
backend/internal/ip_ranges.js
View File

@@ -2,6 +2,7 @@ import fs from "node:fs";
import https from "node:https";
import { dirname } from "node:path";
import { fileURLToPath } from "node:url";
import { ProxyAgent } from "proxy-agent";
import errs from "../lib/error.js";
import utils from "../lib/utils.js";
import { ipRanges as logger } from "../logger.js";
@@ -29,10 +30,11 @@ const internalIpRanges = {
},
fetchUrl: (url) => {
const agent = new ProxyAgent();
return new Promise((resolve, reject) => {
logger.info(`Fetching ${url}`);
return https
.get(url, (res) => {
.get(url, { agent }, (res) => {
res.setEncoding("utf8");
let raw_data = "";
res.on("data", (chunk) => {

36
backend/internal/nginx.js
View File

@@ -4,7 +4,7 @@ import { fileURLToPath } from "node:url";
import _ from "lodash";
import errs from "../lib/error.js";
import utils from "../lib/utils.js";
import { nginx as logger } from "../logger.js";
import { debug, nginx as logger } from "../logger.js";
const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename);
@@ -68,7 +68,7 @@ const internalNginx = {
return true;
});
logger.debug("Nginx test failed:", valid_lines.join("\n"));
debug(logger, "Nginx test failed:", valid_lines.join("\n"));
// config is bad, update meta and delete config
combined_meta = _.assign({}, host.meta, {
@@ -102,7 +102,7 @@ const internalNginx = {
* @returns {Promise}
*/
test: () => {
logger.debug("Testing Nginx configuration");
debug(logger, "Testing Nginx configuration");
return utils.execFile("/usr/sbin/nginx", ["-t", "-g", "error_log off;"]);
},
@@ -190,7 +190,7 @@ const internalNginx = {
const host = JSON.parse(JSON.stringify(host_row));
const nice_host_type = internalNginx.getFileFriendlyHostType(host_type);
logger.debug(`Generating ${nice_host_type} Config:`, JSON.stringify(host, null, 2));
debug(logger, `Generating ${nice_host_type} Config:`, JSON.stringify(host, null, 2));
const renderEngine = utils.getRenderEngine();
@@ -216,6 +216,11 @@ const internalNginx = {
}
}
// For redirection hosts, if the scheme is not http or https, set it to $scheme
if (nice_host_type === "redirection_host" && ['http', 'https'].indexOf(host.forward_scheme.toLowerCase()) === -1) {
host.forward_scheme = "$scheme";
}
if (host.locations) {
//logger.info ('host.locations = ' + JSON.stringify(host.locations, null, 2));
origLocations = [].concat(host.locations);
@@ -241,7 +246,7 @@ const internalNginx = {
.parseAndRender(template, host)
.then((config_text) => {
fs.writeFileSync(filename, config_text, { encoding: "utf8" });
logger.debug("Wrote config:", filename, config_text);
debug(logger, "Wrote config:", filename, config_text);
// Restore locations array
host.locations = origLocations;
@@ -249,7 +254,7 @@ const internalNginx = {
resolve(true);
})
.catch((err) => {
logger.debug(`Could not write ${filename}:`, err.message);
debug(logger, `Could not write ${filename}:`, err.message);
reject(new errs.ConfigurationError(err.message));
});
});
@@ -265,7 +270,7 @@ const internalNginx = {
* @returns {Promise}
*/
generateLetsEncryptRequestConfig: (certificate) => {
logger.debug("Generating LetsEncrypt Request Config:", certificate);
debug(logger, "Generating LetsEncrypt Request Config:", certificate);
const renderEngine = utils.getRenderEngine();
return new Promise((resolve, reject) => {
@@ -285,11 +290,11 @@ const internalNginx = {
.parseAndRender(template, certificate)
.then((config_text) => {
fs.writeFileSync(filename, config_text, { encoding: "utf8" });
logger.debug("Wrote config:", filename, config_text);
debug(logger, "Wrote config:", filename, config_text);
resolve(true);
})
.catch((err) => {
logger.debug(`Could not write ${filename}:`, err.message);
debug(logger, `Could not write ${filename}:`, err.message);
reject(new errs.ConfigurationError(err.message));
});
});
@@ -301,11 +306,14 @@ const internalNginx = {
* @param {String} filename
*/
deleteFile: (filename) => {
logger.debug(`Deleting file: ${filename}`);
if (!fs.existsSync(filename)) {
return;
}
try {
debug(logger, `Deleting file: ${filename}`);
fs.unlinkSync(filename);
} catch (err) {
logger.debug("Could not delete file:", JSON.stringify(err, null, 2));
debug(logger, "Could not delete file:", JSON.stringify(err, null, 2));
}
},
@@ -378,14 +386,14 @@ const internalNginx = {
},
/**
* @param {String} host_type
* @param {String} hostType
* @param {Array} hosts
* @returns {Promise}
*/
bulkGenerateConfigs: (host_type, hosts) => {
bulkGenerateConfigs: (hostType, hosts) => {
const promises = [];
hosts.map((host) => {
promises.push(internalNginx.generateConfig(host_type, host));
promises.push(internalNginx.generateConfig(hostType, host));
return true;
});

58
backend/internal/proxy-host.js
View File

@@ -420,41 +420,35 @@ const internalProxyHost = {
* @param {String} [search_query]
* @returns {Promise}
*/
getAll: (access, expand, search_query) => {
return access
.can("proxy_hosts:list")
.then((access_data) => {
const query = proxyHostModel
.query()
.where("is_deleted", 0)
.groupBy("id")
.allowGraph("[owner,access_list,certificate]")
.orderBy(castJsonIfNeed("domain_names"), "ASC");
getAll: async (access, expand, searchQuery) => {
const accessData = await access.can("proxy_hosts:list");
const query = proxyHostModel
.query()
.where("is_deleted", 0)
.groupBy("id")
.allowGraph("[owner,access_list,certificate]")
.orderBy(castJsonIfNeed("domain_names"), "ASC");
if (access_data.permission_visibility !== "all") {
query.andWhere("owner_user_id", access.token.getUserId(1));
}
if (accessData.permission_visibility !== "all") {
query.andWhere("owner_user_id", access.token.getUserId(1));
}
// Query is used for searching
if (typeof search_query === "string" && search_query.length > 0) {
query.where(function () {
this.where(castJsonIfNeed("domain_names"), "like", `%${search_query}%`);
});
}
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
return query.then(utils.omitRows(omissions()));
})
.then((rows) => {
if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) {
return internalHost.cleanAllRowsCertificateMeta(rows);
}
return rows;
// Query is used for searching
if (typeof searchQuery === "string" && searchQuery.length > 0) {
query.where(function () {
this.where(castJsonIfNeed("domain_names"), "like", `%${searchQuery}%`);
});
}
if (typeof expand !== "undefined" && expand !== null) {
query.withGraphFetched(`[${expand.join(", ")}]`);
}
const rows = await query.then(utils.omitRows(omissions()));
if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) {
return internalHost.cleanAllRowsCertificateMeta(rows);
}
return rows;
},
/**

84
backend/internal/remote-version.js Normal file
View File

@@ -0,0 +1,84 @@
import https from "node:https";
import { ProxyAgent } from "proxy-agent";
import { debug, remoteVersion as logger } from "../logger.js";
import pjson from "../package.json" with { type: "json" };
const VERSION_URL = "https://api.github.com/repos/NginxProxyManager/nginx-proxy-manager/releases/latest";
const internalRemoteVersion = {
cache_timeout: 1000 * 60 * 15, // 15 minutes
last_result: null,
last_fetch_time: null,
/**
* Fetch the latest version info, using a cached result if within the cache timeout period.
* @return {Promise<{current: string, latest: string, update_available: boolean}>} Version info
*/
get: async () => {
if (
!internalRemoteVersion.last_result ||
!internalRemoteVersion.last_fetch_time ||
Date.now() - internalRemoteVersion.last_fetch_time > internalRemoteVersion.cache_timeout
) {
const raw = await internalRemoteVersion.fetchUrl(VERSION_URL);
const data = JSON.parse(raw);
internalRemoteVersion.last_result = data;
internalRemoteVersion.last_fetch_time = Date.now();
} else {
debug(logger, "Using cached remote version result");
}
const latestVersion = internalRemoteVersion.last_result.tag_name;
const version = pjson.version.split("-").shift().split(".");
const currentVersion = `v${version[0]}.${version[1]}.${version[2]}`;
return {
current: currentVersion,
latest: latestVersion,
update_available: internalRemoteVersion.compareVersions(currentVersion, latestVersion),
};
},
fetchUrl: (url) => {
const agent = new ProxyAgent();
const headers = {
"User-Agent": `NginxProxyManager v${pjson.version}`,
};
return new Promise((resolve, reject) => {
logger.info(`Fetching ${url}`);
return https
.get(url, { agent, headers }, (res) => {
res.setEncoding("utf8");
let raw_data = "";
res.on("data", (chunk) => {
raw_data += chunk;
});
res.on("end", () => {
resolve(raw_data);
});
})
.on("error", (err) => {
reject(err);
});
});
},
compareVersions: (current, latest) => {
const cleanCurrent = current.replace(/^v/, "");
const cleanLatest = latest.replace(/^v/, "");
const currentParts = cleanCurrent.split(".").map(Number);
const latestParts = cleanLatest.split(".").map(Number);
for (let i = 0; i < Math.max(currentParts.length, latestParts.length); i++) {
const curr = currentParts[i] || 0;
const lat = latestParts[i] || 0;
if (lat > curr) return true;
if (lat < curr) return false;
}
return false;
},
};
export default internalRemoteVersion;

2
backend/internal/stream.js
View File

@@ -348,7 +348,7 @@ const internalStream = {
// Add to audit log
return internalAuditLog.add(access, {
action: "disabled",
object_type: "stream-host",
object_type: "stream",
object_id: row.id,
meta: _.omit(row, omissions()),
});

2
backend/internal/user.js
View File

@@ -131,7 +131,7 @@ const internalUser = {
action: "updated",
object_type: "user",
object_id: user.id,
meta: data,
meta: { ...data, id: user.id, name: user.name },
})
.then(() => {
return user;

14
backend/lib/access.js
View File

@@ -107,7 +107,6 @@ export default function (tokenString) {
}
const tokenUserId = tokenData.attrs.id ? tokenData.attrs.id : 0;
let query;
if (typeof objectCache[objectType] !== "undefined") {
objects = objectCache[objectType];
@@ -120,15 +119,19 @@ export default function (tokenString) {
// Proxy Hosts
case "proxy_hosts": {
query = proxyHostModel.query().select("id").andWhere("is_deleted", 0);
const query = proxyHostModel
.query()
.select("id")
.andWhere("is_deleted", 0);
if (permissions.visibility === "user") {
query.andWhere("owner_user_id", tokenUserId);
}
const rows = await query();
const rows = await query;
objects = [];
_.forEach(rows, (ruleRow) => {
result.push(ruleRow.id);
objects.push(ruleRow.id);
});
// enum should not have less than 1 item
@@ -141,7 +144,6 @@ export default function (tokenString) {
objectCache[objectType] = objects;
}
}
return objects;
};
@@ -263,7 +265,7 @@ export default function (tokenString) {
schemas: [roleSchema, permsSchema, objectSchema, permissionSchema],
});
const valid = ajv.validate("permissions", dataSchema);
const valid = await ajv.validate("permissions", dataSchema);
return valid && dataSchema[permission];
} catch (err) {
err.permission = permission;

83
backend/lib/certbot.js
View File

@@ -1,54 +1,14 @@
import batchflow from "batchflow";
import dnsPlugins from "../global/certbot-dns-plugins.json" with { type: "json" };
import dnsPlugins from "../certbot/dns-plugins.json" with { type: "json" };
import { certbot as logger } from "../logger.js";
import errs from "./error.js";
import utils from "./utils.js";
const CERTBOT_VERSION_REPLACEMENT = "$(certbot --version | grep -Eo '[0-9](\\.[0-9]+)+')";
/**
* @param {array} pluginKeys
*/
const installPlugins = async (pluginKeys) => {
let hasErrors = false;
return new Promise((resolve, reject) => {
if (pluginKeys.length === 0) {
resolve();
return;
}
batchflow(pluginKeys)
.sequential()
.each((_i, pluginKey, next) => {
certbot
.installPlugin(pluginKey)
.then(() => {
next();
})
.catch((err) => {
hasErrors = true;
next(err);
});
})
.error((err) => {
logger.error(err.message);
})
.end(() => {
if (hasErrors) {
reject(
new errs.CommandError("Some plugins failed to install. Please check the logs above", 1),
);
} else {
resolve();
}
});
});
};
/**
* Installs a cerbot plugin given the key for the object from
* ../global/certbot-dns-plugins.json
* ../certbot/dns-plugins.json
*
* @param {string} pluginKey
* @returns {Object}
@@ -84,4 +44,43 @@ const installPlugin = async (pluginKey) => {
});
};
/**
* @param {array} pluginKeys
*/
const installPlugins = async (pluginKeys) => {
let hasErrors = false;
return new Promise((resolve, reject) => {
if (pluginKeys.length === 0) {
resolve();
return;
}
batchflow(pluginKeys)
.sequential()
.each((_i, pluginKey, next) => {
installPlugin(pluginKey)
.then(() => {
next();
})
.catch((err) => {
hasErrors = true;
next(err);
});
})
.error((err) => {
logger.error(err.message);
})
.end(() => {
if (hasErrors) {
reject(
new errs.CommandError("Some plugins failed to install. Please check the logs above", 1),
);
} else {
resolve();
}
});
});
};
export { installPlugins, installPlugin };

24
backend/lib/config.js
View File

@@ -25,15 +25,26 @@ const configure = () => {
if (configData?.database) {
logger.info(`Using configuration from file: ${filename}`);
// Migrate those who have "mysql" engine to "mysql2"
if (configData.database.engine === "mysql") {
configData.database.engine = mysqlEngine;
}
instance = configData;
instance.keys = getKeys();
return;
}
}
const envMysqlHost = process.env.DB_MYSQL_HOST || null;
const envMysqlUser = process.env.DB_MYSQL_USER || null;
const envMysqlName = process.env.DB_MYSQL_NAME || null;
const toBool = (v) => /^(1|true|yes|on)$/i.test((v || '').trim());
const envMysqlHost = process.env.DB_MYSQL_HOST || null;
const envMysqlUser = process.env.DB_MYSQL_USER || null;
const envMysqlName = process.env.DB_MYSQL_NAME || null;
const envMysqlSSL = toBool(process.env.DB_MYSQL_SSL);
const envMysqlSSLRejectUnauthorized = process.env.DB_MYSQL_SSL_REJECT_UNAUTHORIZED === undefined ? true : toBool(process.env.DB_MYSQL_SSL_REJECT_UNAUTHORIZED);
const envMysqlSSLVerifyIdentity = process.env.DB_MYSQL_SSL_VERIFY_IDENTITY === undefined ? true : toBool(process.env.DB_MYSQL_SSL_VERIFY_IDENTITY);
if (envMysqlHost && envMysqlUser && envMysqlName) {
// we have enough mysql creds to go with mysql
logger.info("Using MySQL configuration");
@@ -44,7 +55,8 @@ const configure = () => {
port: process.env.DB_MYSQL_PORT || 3306,
user: envMysqlUser,
password: process.env.DB_MYSQL_PASSWORD,
name: envMysqlName,
name: envMysqlName,
ssl: envMysqlSSL ? { rejectUnauthorized: envMysqlSSLRejectUnauthorized, verifyIdentity: envMysqlSSLVerifyIdentity } : false,
},
keys: getKeys(),
};
@@ -90,7 +102,9 @@ const configure = () => {
const getKeys = () => {
// Get keys from file
logger.debug("Cheecking for keys file:", keysFile);
if (isDebugMode()) {
logger.debug("Checking for keys file:", keysFile);
}
if (!fs.existsSync(keysFile)) {
generateKeys();
} else if (process.env.DEBUG) {

6
backend/lib/utils.js
View File

@@ -3,14 +3,14 @@ import { dirname } from "node:path";
import { fileURLToPath } from "node:url";
import { Liquid } from "liquidjs";
import _ from "lodash";
import { global as logger } from "../logger.js";
import { debug, global as logger } from "../logger.js";
import errs from "./error.js";
const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename);
const exec = async (cmd, options = {}) => {
logger.debug("CMD:", cmd);
debug(logger, "CMD:", cmd);
const { stdout, stderr } = await new Promise((resolve, reject) => {
const child = nodeExec(cmd, options, (isError, stdout, stderr) => {
if (isError) {
@@ -34,7 +34,7 @@ const exec = async (cmd, options = {}) => {
* @returns {Promise}
*/
const execFile = (cmd, args, options) => {
logger.debug(`CMD: ${cmd} ${args ? args.join(" ") : ""}`);
debug(logger, `CMD: ${cmd} ${args ? args.join(" ") : ""}`);
const opts = options || {};
return new Promise((resolve, reject) => {

7
backend/lib/validator/api.js
View File

@@ -24,16 +24,21 @@ const apiValidator = async (schema, payload /*, description*/) => {
throw new errs.ValidationError("Payload is undefined");
}
const validate = ajv.compile(schema);
const valid = validate(payload);
if (valid && !validate.errors) {
return payload;
}
const message = ajv.errorsText(validate.errors);
const err = new errs.ValidationError(message);
err.debug = [validate.errors, payload];
err.debug = {validationErrors: validate.errors, payload};
throw err;
};

10
backend/logger.js
View File

@@ -1,4 +1,5 @@
import signale from "signale";
import { isDebugMode } from "./lib/config.js";
const opts = {
logLevel: "info",
@@ -14,5 +15,12 @@ const certbot = new signale.Signale({ scope: "Certbot ", ...opts });
const importer = new signale.Signale({ scope: "Importer ", ...opts });
const setup = new signale.Signale({ scope: "Setup ", ...opts });
const ipRanges = new signale.Signale({ scope: "IP Ranges", ...opts });
const remoteVersion = new signale.Signale({ scope: "Remote Version", ...opts });
export { global, migrate, express, access, nginx, ssl, certbot, importer, setup, ipRanges };
const debug = (logger, ...args) => {
if (isDebugMode()) {
logger.debug(...args);
}
};
export { debug, global, migrate, express, access, nginx, ssl, certbot, importer, setup, ipRanges, remoteVersion };

4
backend/migrate.js
View File

@@ -2,9 +2,9 @@ import db from "./db.js";
import { migrate as logger } from "./logger.js";
const migrateUp = async () => {
const version = await db.migrate.currentVersion();
const version = await db().migrate.currentVersion();
logger.info("Current database version:", version);
return await db.migrate.latest({
return await db().migrate.latest({
tableName: "migrations",
directory: "migrations",
});

50
backend/migrations/20251111090000_redirect_auto_scheme.js Normal file
View File

@@ -0,0 +1,50 @@
import { migrate as logger } from "../logger.js";
const migrateName = "redirect_auto_scheme";
/**
* Migrate
*
* @see http://knexjs.org/#Schema
*
* @param {Object} knex
* @returns {Promise}
*/
const up = (knex) => {
logger.info(`[${migrateName}] Migrating Up...`);
return knex.schema
.table("redirection_host", async (table) => {
// change the column default from $scheme to auto
await table.string("forward_scheme").notNull().defaultTo("auto").alter();
await knex('redirection_host')
.where('forward_scheme', '$scheme')
.update({ forward_scheme: 'auto' });
})
.then(() => {
logger.info(`[${migrateName}] redirection_host Table altered`);
});
};
/**
* Undo Migrate
*
* @param {Object} knex
* @returns {Promise}
*/
const down = (knex) => {
logger.info(`[${migrateName}] Migrating Down...`);
return knex.schema
.table("redirection_host", async (table) => {
await table.string("forward_scheme").notNull().defaultTo("$scheme").alter();
await knex('redirection_host')
.where('forward_scheme', 'auto')
.update({ forward_scheme: '$scheme' });
})
.then(() => {
logger.info(`[${migrateName}] redirection_host Table altered`);
});
};
export { up, down };

2
backend/models/access_list.js
View File

@@ -10,7 +10,7 @@ import now from "./now_helper.js";
import ProxyHostModel from "./proxy_host.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted", "satisfy_any", "pass_auth"];

2
backend/models/access_list_auth.js
View File

@@ -6,7 +6,7 @@ import db from "../db.js";
import accessListModel from "./access_list.js";
import now from "./now_helper.js";
Model.knex(db);
Model.knex(db());
class AccessListAuth extends Model {
$beforeInsert() {

2
backend/models/access_list_client.js
View File

@@ -6,7 +6,7 @@ import db from "../db.js";
import accessListModel from "./access_list.js";
import now from "./now_helper.js";
Model.knex(db);
Model.knex(db());
class AccessListClient extends Model {
$beforeInsert() {

2
backend/models/audit-log.js
View File

@@ -6,7 +6,7 @@ import db from "../db.js";
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
class AuditLog extends Model {
$beforeInsert() {

2
backend/models/auth.js
View File

@@ -8,7 +8,7 @@ import { convertBoolFieldsToInt, convertIntFieldsToBool } from "../lib/helpers.j
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted"];

14
backend/models/certificate.js
View File

@@ -8,9 +8,10 @@ import deadHostModel from "./dead_host.js";
import now from "./now_helper.js";
import proxyHostModel from "./proxy_host.js";
import redirectionHostModel from "./redirection_host.js";
import streamModel from "./stream.js";
import userModel from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted"];
@@ -114,6 +115,17 @@ class Certificate extends Model {
qb.where("redirection_host.is_deleted", 0);
},
},
streams: {
relation: Model.HasManyRelation,
modelClass: streamModel,
join: {
from: "certificate.id",
to: "stream.certificate_id",
},
modify: (qb) => {
qb.where("stream.is_deleted", 0);
},
},
};
}
}

2
backend/models/dead_host.js
View File

@@ -8,7 +8,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted", "ssl_forced", "http2_support", "enabled", "hsts_enabled", "hsts_subdomains"];

2
backend/models/now_helper.js
View File

@@ -2,7 +2,7 @@ import { Model } from "objection";
import db from "../db.js";
import { isSqlite } from "../lib/config.js";
Model.knex(db);
Model.knex(db());
export default () => {
if (isSqlite()) {

2
backend/models/proxy_host.js
View File

@@ -9,7 +9,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = [
"is_deleted",

2
backend/models/redirection_host.js
View File

@@ -8,7 +8,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = [
"is_deleted",

2
backend/models/setting.js
View File

@@ -4,7 +4,7 @@
import { Model } from "objection";
import db from "../db.js";
Model.knex(db);
Model.knex(db());
class Setting extends Model {
$beforeInsert () {

2
backend/models/stream.js
View File

@@ -5,7 +5,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js";
import User from "./user.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted", "enabled", "tcp_forwarding", "udp_forwarding"];

2
backend/models/token.js
View File

@@ -128,7 +128,7 @@ export default () => {
*/
getUserId: (defaultValue) => {
const attrs = self.get("attrs");
if (attrs && typeof attrs.id !== "undefined" && attrs.id) {
if (attrs?.id) {
return attrs.id;
}

2
backend/models/user.js
View File

@@ -7,7 +7,7 @@ import { convertBoolFieldsToInt, convertIntFieldsToBool } from "../lib/helpers.j
import now from "./now_helper.js";
import UserPermission from "./user_permission.js";
Model.knex(db);
Model.knex(db());
const boolFields = ["is_deleted", "is_disabled"];

2
backend/models/user_permission.js
View File

@@ -5,7 +5,7 @@ import { Model } from "objection";
import db from "../db.js";
import now from "./now_helper.js";
Model.knex(db);
Model.knex(db());
class UserPermission extends Model {
$beforeInsert () {

2
backend/nodemon.json
View File

@@ -3,5 +3,5 @@
"ignore": [
"data"
],
"ext": "js json ejs"
"ext": "js json ejs cjs"
}

19
backend/package.json
View File

@@ -20,25 +20,26 @@
"body-parser": "^1.20.3",
"compression": "^1.7.4",
"express": "^4.20.0",
"express-fileupload": "^1.1.9",
"gravatar": "^1.8.0",
"jsonwebtoken": "^9.0.0",
"express-fileupload": "^1.5.2",
"gravatar": "^1.8.2",
"jsonwebtoken": "^9.0.2",
"knex": "2.4.2",
"liquidjs": "10.6.1",
"lodash": "^4.17.21",
"moment": "^2.29.4",
"mysql2": "^3.11.1",
"node-rsa": "^1.0.8",
"moment": "^2.30.1",
"mysql2": "^3.15.3",
"node-rsa": "^1.1.1",
"objection": "3.0.1",
"path": "^0.12.7",
"pg": "^8.13.1",
"pg": "^8.16.3",
"proxy-agent": "^6.5.0",
"signale": "1.4.0",
"sqlite3": "5.1.6",
"sqlite3": "^5.1.7",
"temp-write": "^4.0.0"
},
"devDependencies": {
"@apidevtools/swagger-parser": "^10.1.0",
"@biomejs/biome": "^2.2.3",
"@biomejs/biome": "^2.3.2",
"chalk": "4.1.2",
"nodemon": "^2.0.2"
},

56
backend/routes/audit-log.js
View File

@@ -2,7 +2,7 @@ import express from "express";
import internalAuditLog from "../internal/audit-log.js";
import jwtdecode from "../lib/express/jwt-decode.js";
import validator from "../lib/validator/index.js";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
const router = express.Router({
caseSensitive: true,
@@ -47,7 +47,59 @@ router
const rows = await internalAuditLog.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
/**
* Specific audit log entry
*
* /api/audit-log/123
*/
router
.route("/:event_id")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* GET /api/audit-log/123
*
* Retrieve a specific entry
*/
.get(async (req, res, next) => {
try {
const data = await validator(
{
required: ["event_id"],
additionalProperties: false,
properties: {
event_id: {
$ref: "common#/properties/id",
},
expand: {
$ref: "common#/properties/expand",
},
},
},
{
event_id: req.params.event_id,
expand:
typeof req.query.expand === "string"
? req.query.expand.split(",")
: null,
},
);
const item = await internalAuditLog.get(res.locals.access, {
id: data.event_id,
expand: data.expand,
});
res.status(200).send(item);
} catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

2
backend/routes/main.js
View File

@@ -14,6 +14,7 @@ import schemaRoutes from "./schema.js";
import settingsRoutes from "./settings.js";
import tokensRoutes from "./tokens.js";
import usersRoutes from "./users.js";
import versionRoutes from "./version.js";
const router = express.Router({
caseSensitive: true,
@@ -46,6 +47,7 @@ router.use("/users", usersRoutes);
router.use("/audit-log", auditLogRoutes);
router.use("/reports", reportsRoutes);
router.use("/settings", settingsRoutes);
router.use("/version", versionRoutes);
router.use("/nginx/proxy-hosts", proxyHostsRoutes);
router.use("/nginx/redirection-hosts", redirectionHostsRoutes);
router.use("/nginx/dead-hosts", deadHostsRoutes);

12
backend/routes/nginx/access_lists.js
View File

@@ -3,7 +3,7 @@ import internalAccessList from "../../internal/access-list.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalAccessList.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -65,7 +65,7 @@ router
const result = await internalAccessList.create(res.locals.access, payload);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -113,7 +113,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -130,7 +130,7 @@ router
const result = await internalAccessList.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -147,7 +147,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

164
backend/routes/nginx/certificates.js
View File

@@ -1,10 +1,11 @@
import express from "express";
import dnsPlugins from "../../certbot/dns-plugins.json" with { type: "json" };
import internalCertificate from "../../internal/certificate.js";
import errs from "../../lib/error.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -43,14 +44,21 @@ router
},
},
{
expand: typeof req.query.expand === "string" ? req.query.expand.split(",") : null,
expand:
typeof req.query.expand === "string"
? req.query.expand.split(",")
: null,
query: typeof req.query.query === "string" ? req.query.query : null,
},
);
const rows = await internalCertificate.getAll(res.locals.access, data.expand, data.query);
const rows = await internalCertificate.getAll(
res.locals.access,
data.expand,
data.query,
);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -62,12 +70,52 @@ router
*/
.post(async (req, res, next) => {
try {
const payload = await apiValidator(getValidationSchema("/nginx/certificates", "post"), req.body);
const payload = await apiValidator(
getValidationSchema("/nginx/certificates", "post"),
req.body,
);
req.setTimeout(900000); // 15 minutes timeout
const result = await internalCertificate.create(res.locals.access, payload);
const result = await internalCertificate.create(
res.locals.access,
payload,
);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
/**
* /api/nginx/certificates/dns-providers
*/
router
.route("/dns-providers")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* GET /api/nginx/certificates/dns-providers
*
* Get list of all supported DNS providers
*/
.get(async (req, res, next) => {
try {
if (!res.locals.access.token.getUserId()) {
throw new errs.PermissionError("Login required");
}
const clean = Object.keys(dnsPlugins).map((key) => ({
id: key,
name: dnsPlugins[key].name,
credentials: dnsPlugins[key].credentials,
}));
clean.sort((a, b) => a.name.localeCompare(b.name));
res.status(200).send(clean);
} catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -85,24 +133,59 @@ router
.all(jwtdecode())
/**
* GET /api/nginx/certificates/test-http
* POST /api/nginx/certificates/test-http
*
* Test HTTP challenge for domains
*/
.get(async (req, res, next) => {
if (req.query.domains === undefined) {
next(new errs.ValidationError("Domains are required as query parameters"));
.post(async (req, res, next) => {
try {
const payload = await apiValidator(
getValidationSchema("/nginx/certificates/test-http", "post"),
req.body,
);
req.setTimeout(60000); // 1 minute timeout
const result = await internalCertificate.testHttpsChallenge(
res.locals.access,
payload,
);
res.status(200).send(result);
} catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
/**
* Validate Certs before saving
*
* /api/nginx/certificates/validate
*/
router
.route("/validate")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* POST /api/nginx/certificates/validate
*
* Validate certificates
*/
.post(async (req, res, next) => {
if (!req.files) {
res.status(400).send({ error: "No files were uploaded" });
return;
}
try {
const result = await internalCertificate.testHttpsChallenge(
res.locals.access,
JSON.parse(req.query.domains),
);
const result = await internalCertificate.validate({
files: req.files,
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -141,7 +224,10 @@ router
},
{
certificate_id: req.params.certificate_id,
expand: typeof req.query.expand === "string" ? req.query.expand.split(",") : null,
expand:
typeof req.query.expand === "string"
? req.query.expand.split(",")
: null,
},
);
const row = await internalCertificate.get(res.locals.access, {
@@ -150,7 +236,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -167,7 +253,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -202,7 +288,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -232,7 +318,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -261,41 +347,7 @@ router
});
res.status(200).download(result.fileName);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
/**
* Validate Certs before saving
*
* /api/nginx/certificates/validate
*/
router
.route("/validate")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* POST /api/nginx/certificates/validate
*
* Validate certificates
*/
.post(async (req, res, next) => {
if (!req.files) {
res.status(400).send({ error: "No files were uploaded" });
return;
}
try {
const result = await internalCertificate.validate({
files: req.files,
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

20
backend/routes/nginx/dead_hosts.js
View File

@@ -3,7 +3,7 @@ import internalDeadHost from "../../internal/dead-host.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalDeadHost.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -65,7 +65,7 @@ router
const result = await internalDeadHost.create(res.locals.access, payload);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -113,7 +113,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -121,7 +121,7 @@ router
/**
* PUT /api/nginx/dead-hosts/123
*
* Update and existing dead-host
* Update an existing dead-host
*/
.put(async (req, res, next) => {
try {
@@ -130,7 +130,7 @@ router
const result = await internalDeadHost.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -138,7 +138,7 @@ router
/**
* DELETE /api/nginx/dead-hosts/123
*
* Update and existing dead-host
* Delete a dead-host
*/
.delete(async (req, res, next) => {
try {
@@ -147,7 +147,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -174,7 +174,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -199,7 +199,7 @@ router
const result = internalDeadHost.disable(res.locals.access, { id: Number.parseInt(req.params.host_id, 10) });
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

16
backend/routes/nginx/proxy_hosts.js
View File

@@ -3,7 +3,7 @@ import internalProxyHost from "../../internal/proxy-host.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalProxyHost.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -65,7 +65,7 @@ router
const result = await internalProxyHost.create(res.locals.access, payload);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err} ${JSON.stringify(err.debug, null, 2)}`);
next(err);
}
});
@@ -113,7 +113,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -130,7 +130,7 @@ router
const result = await internalProxyHost.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -147,7 +147,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -174,7 +174,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -201,7 +201,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

16
backend/routes/nginx/redirection_hosts.js
View File

@@ -3,7 +3,7 @@ import internalRedirectionHost from "../../internal/redirection-host.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalRedirectionHost.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -65,7 +65,7 @@ router
const result = await internalRedirectionHost.create(res.locals.access, payload);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -113,7 +113,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -133,7 +133,7 @@ router
const result = await internalRedirectionHost.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -150,7 +150,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -177,7 +177,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -204,7 +204,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

16
backend/routes/nginx/streams.js
View File

@@ -3,7 +3,7 @@ import internalStream from "../../internal/stream.js";
import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js";
import { express as logger } from "../../logger.js";
import { debug, express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalStream.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -65,7 +65,7 @@ router
const result = await internalStream.create(res.locals.access, payload);
res.status(201).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -113,7 +113,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -130,7 +130,7 @@ router
const result = await internalStream.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -147,7 +147,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -174,7 +174,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -201,7 +201,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

7
backend/routes/reports.js
View File

@@ -1,7 +1,7 @@
import express from "express";
import internalReport from "../internal/report.js";
import jwtdecode from "../lib/express/jwt-decode.js";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
const router = express.Router({
caseSensitive: true,
@@ -14,16 +14,17 @@ router
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* GET /reports/hosts
*/
.get(jwtdecode(), async (req, res, next) => {
.get(async (req, res, next) => {
try {
const data = await internalReport.getHostsReport(res.locals.access);
res.status(200).send(data);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

4
backend/routes/schema.js
View File

@@ -1,5 +1,5 @@
import express from "express";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
import PACKAGE from "../package.json" with { type: "json" };
import { getCompiledSchema } from "../schema/index.js";
@@ -36,7 +36,7 @@ router
swaggerJSON.servers[0].url = `${origin}/api`;
res.status(200).send(swaggerJSON);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

8
backend/routes/settings.js
View File

@@ -3,7 +3,7 @@ import internalSetting from "../internal/setting.js";
import jwtdecode from "../lib/express/jwt-decode.js";
import apiValidator from "../lib/validator/api.js";
import validator from "../lib/validator/index.js";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
import { getValidationSchema } from "../schema/index.js";
const router = express.Router({
@@ -32,7 +32,7 @@ router
const rows = await internalSetting.getAll(res.locals.access);
res.status(200).send(rows);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -76,7 +76,7 @@ router
});
res.status(200).send(row);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -93,7 +93,7 @@ router
const result = await internalSetting.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

6
backend/routes/tokens.js
View File

@@ -2,7 +2,7 @@ import express from "express";
import internalToken from "../internal/token.js";
import jwtdecode from "../lib/express/jwt-decode.js";
import apiValidator from "../lib/validator/api.js";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
import { getValidationSchema } from "../schema/index.js";
const router = express.Router({
@@ -32,7 +32,7 @@ router
});
res.status(200).send(data);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -48,7 +48,7 @@ router
const result = await internalToken.getTokenFromEmail(data);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

20
backend/routes/users.js
View File

@@ -7,7 +7,7 @@ import jwtdecode from "../lib/express/jwt-decode.js";
import userIdFromMe from "../lib/express/user-id-from-me.js";
import apiValidator from "../lib/validator/api.js";
import validator from "../lib/validator/index.js";
import { express as logger } from "../logger.js";
import { debug, express as logger } from "../logger.js";
import { getValidationSchema } from "../schema/index.js";
import { isSetup } from "../setup.js";
@@ -61,7 +61,7 @@ router
);
res.status(200).send(users);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -101,7 +101,7 @@ router
const user = await internalUser.create(res.locals.access, payload);
res.status(201).send(user);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -124,7 +124,7 @@ router
await internalUser.deleteAll();
res.status(200).send(true);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
return;
@@ -185,7 +185,7 @@ router
});
res.status(200).send(user);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -205,7 +205,7 @@ router
const result = await internalUser.update(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
})
@@ -222,7 +222,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -255,7 +255,7 @@ router
const result = await internalUser.setPassword(res.locals.access, payload);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -291,7 +291,7 @@ router
);
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
@@ -320,7 +320,7 @@ router
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});

40
backend/routes/version.js Normal file
View File

@@ -0,0 +1,40 @@
import express from "express";
import internalRemoteVersion from "../internal/remote-version.js";
import { debug, express as logger } from "../logger.js";
const router = express.Router({
caseSensitive: true,
strict: true,
mergeParams: true,
});
/**
* /api/version/check
*/
router
.route("/check")
.options((_, res) => {
res.sendStatus(204);
})
/**
* GET /api/version/check
*
* Check for available updates
*/
.get(async (req, res, _next) => {
try {
const data = await internalRemoteVersion.get();
res.status(200).send(data);
} catch (error) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${error}`);
// Send 200 even though there's an error to avoid triggering update checks repeatedly
res.status(200).send({
current: null,
latest: null,
update_available: false,
});
}
});
export default router;

157
backend/schema/common.json
View File

@@ -7,7 +7,8 @@
"description": "Unique identifier",
"readOnly": true,
"type": "integer",
"minimum": 1
"minimum": 1,
"example": 11
},
"expand": {
"anyOf": [
@@ -38,35 +39,42 @@
"created_on": {
"description": "Date and time of creation",
"readOnly": true,
"type": "string"
"type": "string",
"example": "2025-10-28T04:17:54.000Z"
},
"modified_on": {
"description": "Date and time of last update",
"readOnly": true,
"type": "string"
"type": "string",
"example": "2025-10-28T04:17:54.000Z"
},
"user_id": {
"description": "User ID",
"type": "integer",
"minimum": 1
"minimum": 1,
"example": 2
},
"certificate_id": {
"description": "Certificate ID",
"anyOf": [
{
"type": "integer",
"minimum": 0
"minimum": 0,
"example": 5
},
{
"type": "string",
"pattern": "^new$"
"pattern": "^new$",
"example": "new"
}
]
],
"example": 5
},
"access_list_id": {
"description": "Access List ID",
"type": "integer",
"minimum": 0
"minimum": 0,
"example": 3
},
"domain_names": {
"description": "Domain Names separated by a comma",
@@ -77,44 +85,157 @@
"items": {
"type": "string",
"pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$"
}
},
"example": ["example.com", "www.example.com"]
},
"enabled": {
"description": "Is Enabled",
"type": "boolean"
"type": "boolean",
"example": false
},
"ssl_forced": {
"description": "Is SSL Forced",
"type": "boolean"
"type": "boolean",
"example": true
},
"hsts_enabled": {
"description": "Is HSTS Enabled",
"type": "boolean"
"type": "boolean",
"example": true
},
"hsts_subdomains": {
"description": "Is HSTS applicable to all subdomains",
"type": "boolean"
"type": "boolean",
"example": true
},
"ssl_provider": {
"type": "string",
"pattern": "^(letsencrypt|other)$"
"pattern": "^(letsencrypt|other)$",
"example": "letsencrypt"
},
"http2_support": {
"description": "HTTP2 Protocol Support",
"type": "boolean"
"type": "boolean",
"example": true
},
"block_exploits": {
"description": "Should we block common exploits",
"type": "boolean"
"type": "boolean",
"example": false
},
"caching_enabled": {
"description": "Should we cache assets",
"type": "boolean"
"type": "boolean",
"example": true
},
"email": {
"description": "Email address",
"type": "string",
"pattern": "^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,}$"
"pattern": "^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,}$",
"example": "me@example.com"
},
"directive": {
"type": "string",
"enum": ["allow", "deny"],
"example": "allow"
},
"address": {
"oneOf": [
{
"type": "string",
"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
},
{
"type": "string",
"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
{
"type": "string",
"pattern": "^all$"
}
],
"example": "192.168.0.11"
},
"access_items": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"username": {
"type": "string",
"minLength": 1
},
"password": {
"type": "string"
}
},
"example": {
"username": "admin",
"password": "pass"
}
},
"example": [
{
"username": "admin",
"password": "pass"
}
]
},
"access_clients": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"address": {
"$ref": "#/properties/address"
},
"directive": {
"$ref": "#/properties/directive"
}
},
"example": {
"directive": "allow",
"address": "192.168.0.0/24"
}
},
"example": [
{
"directive": "allow",
"address": "192.168.0.0/24"
}
]
},
"certificate_files": {
"description": "Certificate Files",
"content": {
"multipart/form-data": {
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["certificate", "certificate_key"],
"properties": {
"certificate": {
"type": "string",
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
},
"certificate_key": {
"type": "string",
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
},
"intermediate_certificate": {
"type": "string",
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
}
}
},
"example": {
"certificate": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----",
"certificate_key": "-----BEGIN PRIVATE\nMIID...-----END CERTIFICATE-----"
}
}
}
}
}
}

48
backend/schema/components/access-list-object.json
View File

@@ -1,8 +1,7 @@
{
"type": "object",
"description": "Access List object",
"required": ["id", "created_on", "modified_on", "owner_user_id", "name", "directive", "address", "satisfy_any", "pass_auth", "meta"],
"additionalProperties": false,
"required": ["id", "created_on", "modified_on", "owner_user_id", "name", "meta", "satisfy_any", "pass_auth", "proxy_host_count"],
"properties": {
"id": {
"$ref": "../common.json#/properties/id"
@@ -18,36 +17,25 @@
},
"name": {
"type": "string",
"minLength": 1
},
"directive": {
"type": "string",
"enum": ["allow", "deny"]
},
"address": {
"oneOf": [
{
"type": "string",
"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
},
{
"type": "string",
"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
{
"type": "string",
"pattern": "^all$"
}
]
},
"satisfy_any": {
"type": "boolean"
},
"pass_auth": {
"type": "boolean"
"minLength": 1,
"example": "My Access List"
},
"meta": {
"type": "object"
"type": "object",
"example": {}
},
"satisfy_any": {
"type": "boolean",
"example": true
},
"pass_auth": {
"type": "boolean",
"example": false
},
"proxy_host_count": {
"type": "integer",
"minimum": 0,
"example": 3
}
}
}

7
backend/schema/components/audit-log-list.json Normal file
View File

@@ -0,0 +1,7 @@
{
"type": "array",
"description": "Audit Log list",
"items": {
"$ref": "./audit-log-object.json"
}
}

23
backend/schema/components/audit-log-object.json
View File

@@ -1,7 +1,16 @@
{
"type": "object",
"description": "Audit Log object",
"required": ["id", "created_on", "modified_on", "user_id", "object_type", "object_id", "action", "meta"],
"required": [
"id",
"created_on",
"modified_on",
"user_id",
"object_type",
"object_id",
"action",
"meta"
],
"additionalProperties": false,
"properties": {
"id": {
@@ -17,16 +26,22 @@
"$ref": "../common.json#/properties/user_id"
},
"object_type": {
"type": "string"
"type": "string",
"example": "certificate"
},
"object_id": {
"$ref": "../common.json#/properties/id"
},
"action": {
"type": "string"
"type": "string",
"example": "created"
},
"meta": {
"type": "object"
"type": "object",
"example": {}
},
"user": {
"$ref": "./user-object.json"
}
}
}

22
backend/schema/components/certificate-object.json
View File

@@ -21,7 +21,8 @@
},
"nice_name": {
"type": "string",
"description": "Nice Name for the custom certificate"
"description": "Nice Name for the custom certificate",
"example": "My Custom Cert"
},
"domain_names": {
"description": "Domain Names separated by a comma",
@@ -31,12 +32,14 @@
"items": {
"type": "string",
"pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$"
}
},
"example": ["example.com", "www.example.com"]
},
"expires_on": {
"description": "Date and time of expiration",
"readOnly": true,
"type": "string"
"type": "string",
"example": "2025-10-28T04:17:54.000Z"
},
"owner": {
"$ref": "./user-object.json"
@@ -56,25 +59,22 @@
"dns_challenge": {
"type": "boolean"
},
"dns_provider": {
"type": "string"
},
"dns_provider_credentials": {
"type": "string"
},
"letsencrypt_agree": {
"type": "boolean"
"dns_provider": {
"type": "string"
},
"letsencrypt_certificate": {
"type": "object"
},
"letsencrypt_email": {
"$ref": "../common.json#/properties/email"
},
"propagation_seconds": {
"type": "integer",
"minimum": 0
}
},
"example": {
"dns_challenge": false
}
}
}

23
backend/schema/components/check-version-object.json Normal file
View File

@@ -0,0 +1,23 @@
{
"type": "object",
"description": "Check Version object",
"additionalProperties": false,
"required": ["current", "latest", "update_available"],
"properties": {
"current": {
"type": ["string", "null"],
"description": "Current version string",
"example": "v2.10.1"
},
"latest": {
"type": ["string", "null"],
"description": "Latest version string",
"example": "v2.13.4"
},
"update_available": {
"type": "boolean",
"description": "Whether there's an update available",
"example": true
}
}
}

21
backend/schema/components/dead-host-object.json
View File

@@ -35,13 +35,30 @@
"$ref": "../common.json#/properties/http2_support"
},
"advanced_config": {
"type": "string"
"type": "string",
"example": ""
},
"enabled": {
"$ref": "../common.json#/properties/enabled"
},
"meta": {
"type": "object"
"type": "object",
"example": {}
},
"certificate": {
"oneOf": [
{
"type": "null",
"example": null
},
{
"$ref": "./certificate-object.json"
}
],
"example": null
},
"owner": {
"$ref": "./user-object.json"
}
}
}

23
backend/schema/components/dns-providers-list.json Normal file
View File

@@ -0,0 +1,23 @@
{
"type": "array",
"description": "DNS Providers list",
"items": {
"type": "object",
"required": ["id", "name", "credentials"],
"additionalProperties": false,
"properties": {
"id": {
"type": "string",
"description": "Unique identifier for the DNS provider, matching the python package"
},
"name": {
"type": "string",
"description": "Human-readable name of the DNS provider"
},
"credentials": {
"type": "string",
"description": "Instructions on how to format the credentials for this DNS provider"
}
}
}
}

6
backend/schema/components/error-object.json
View File

@@ -5,10 +5,12 @@
"required": ["code", "message"],
"properties": {
"code": {
"type": "integer"
"type": "integer",
"example": 400
},
"message": {
"type": "string"
"type": "string",
"example": "Bad Request"
}
}
}

9
backend/schema/components/health-object.json
View File

@@ -27,15 +27,18 @@
"properties": {
"major": {
"type": "integer",
"minimum": 0
"minimum": 0,
"example": 2
},
"minor": {
"type": "integer",
"minimum": 0
"minimum": 0,
"example": 10
},
"revision": {
"type": "integer",
"minimum": 0
"minimum": 0,
"example": 1
}
}
}

21
backend/schema/components/permission-object.json
View File

@@ -5,37 +5,44 @@
"visibility": {
"type": "string",
"description": "Visibility Type",
"enum": ["all", "user"]
"enum": ["all", "user"],
"example": "all"
},
"access_lists": {
"type": "string",
"description": "Access Lists Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "view"
},
"dead_hosts": {
"type": "string",
"description": "404 Hosts Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "manage"
},
"proxy_hosts": {
"type": "string",
"description": "Proxy Hosts Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "hidden"
},
"redirection_hosts": {
"type": "string",
"description": "Redirection Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "view"
},
"streams": {
"type": "string",
"description": "Streams Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "manage"
},
"certificates": {
"type": "string",
"description": "Certificates Permissions",
"enum": ["hidden", "view", "manage"]
"enum": ["hidden", "view", "manage"],
"example": "hidden"
}
}
}

45
backend/schema/components/proxy-host-object.json
View File

@@ -24,7 +24,6 @@
"hsts_enabled",
"hsts_subdomains"
],
"additionalProperties": false,
"properties": {
"id": {
"$ref": "../common.json#/properties/id"
@@ -44,12 +43,14 @@
"forward_host": {
"type": "string",
"minLength": 1,
"maxLength": 255
"maxLength": 255,
"example": "127.0.0.1"
},
"forward_port": {
"type": "integer",
"minimum": 1,
"maximum": 65535
"maximum": 65535,
"example": 8080
},
"access_list_id": {
"$ref": "../common.json#/properties/access_list_id"
@@ -67,22 +68,28 @@
"$ref": "../common.json#/properties/block_exploits"
},
"advanced_config": {
"type": "string"
"type": "string",
"example": ""
},
"meta": {
"type": "object"
"type": "object",
"example": {
"nginx_online": true,
"nginx_err": null
}
},
"allow_websocket_upgrade": {
"description": "Allow Websocket Upgrade for all paths",
"example": true,
"type": "boolean"
"type": "boolean",
"example": true
},
"http2_support": {
"$ref": "../common.json#/properties/http2_support"
},
"forward_scheme": {
"type": "string",
"enum": ["http", "https"]
"enum": ["http", "https"],
"example": "http"
},
"enabled": {
"$ref": "../common.json#/properties/enabled"
@@ -118,7 +125,15 @@
"type": "string"
}
}
}
},
"example": [
{
"path": "/app",
"forward_scheme": "http",
"forward_host": "example.com",
"forward_port": 80
}
]
},
"hsts_enabled": {
"$ref": "../common.json#/properties/hsts_enabled"
@@ -129,12 +144,14 @@
"certificate": {
"oneOf": [
{
"type": "null"
"type": "null",
"example": null
},
{
"$ref": "./certificate-object.json"
}
]
],
"example": null
},
"owner": {
"$ref": "./user-object.json"
@@ -142,12 +159,14 @@
"access_list": {
"oneOf": [
{
"type": "null"
"type": "null",
"example": null
},
{
"$ref": "./access-list-object.json"
}
]
],
"example": null
}
}
}

64
backend/schema/components/redirection-host-object.json
View File

@@ -1,7 +1,26 @@
{
"type": "object",
"description": "Redirection Host object",
"required": ["id", "created_on", "modified_on", "owner_user_id", "domain_names", "forward_http_code", "forward_scheme", "forward_domain_name", "preserve_path", "certificate_id", "ssl_forced", "hsts_enabled", "hsts_subdomains", "http2_support", "block_exploits", "advanced_config", "enabled", "meta"],
"required": [
"id",
"created_on",
"modified_on",
"owner_user_id",
"domain_names",
"forward_http_code",
"forward_scheme",
"forward_domain_name",
"preserve_path",
"certificate_id",
"ssl_forced",
"hsts_enabled",
"hsts_subdomains",
"http2_support",
"block_exploits",
"advanced_config",
"enabled",
"meta"
],
"additionalProperties": false,
"properties": {
"id": {
@@ -21,25 +40,30 @@
},
"forward_http_code": {
"description": "Redirect HTTP Status Code",
"example": 302,
"type": "integer",
"minimum": 300,
"maximum": 308
"maximum": 308,
"example": 302
},
"forward_scheme": {
"type": "string",
"enum": ["auto", "http", "https"]
"enum": [
"auto",
"http",
"https"
],
"example": "http"
},
"forward_domain_name": {
"description": "Domain Name",
"example": "jc21.com",
"type": "string",
"pattern": "^(?:[^.*]+\\.?)+[^.]$"
"pattern": "^(?:[^.*]+\\.?)+[^.]$",
"example": "jc21.com"
},
"preserve_path": {
"description": "Should the path be preserved",
"example": true,
"type": "boolean"
"type": "boolean",
"example": true
},
"certificate_id": {
"$ref": "../common.json#/properties/certificate_id"
@@ -60,13 +84,33 @@
"$ref": "../common.json#/properties/block_exploits"
},
"advanced_config": {
"type": "string"
"type": "string",
"example": ""
},
"enabled": {
"$ref": "../common.json#/properties/enabled"
},
"meta": {
"type": "object"
"type": "object",
"example": {
"nginx_online": true,
"nginx_err": null
}
},
"certificate": {
"oneOf": [
{
"type": "null",
"example": null
},
{
"$ref": "./certificate-object.json"
}
],
"example": null
},
"owner": {
"$ref": "./user-object.json"
}
}
}

6
backend/schema/components/security-schemes.json
View File

@@ -1,6 +1,8 @@
{
"BearerAuth": {
"bearerAuth": {
"type": "http",
"scheme": "bearer"
"scheme": "bearer",
"bearerFormat": "JWT",
"description": "JWT Bearer Token authentication"
}
}

47
backend/schema/components/stream-object.json
View File

@@ -1,7 +1,19 @@
{
"type": "object",
"description": "Stream object",
"required": ["id", "created_on", "modified_on", "owner_user_id", "incoming_port", "forwarding_host", "forwarding_port", "tcp_forwarding", "udp_forwarding", "enabled", "meta"],
"required": [
"id",
"created_on",
"modified_on",
"owner_user_id",
"incoming_port",
"forwarding_host",
"forwarding_port",
"tcp_forwarding",
"udp_forwarding",
"enabled",
"meta"
],
"additionalProperties": false,
"properties": {
"id": {
@@ -19,36 +31,41 @@
"incoming_port": {
"type": "integer",
"minimum": 1,
"maximum": 65535
"maximum": 65535,
"example": 9090
},
"forwarding_host": {
"anyOf": [
{
"description": "Domain Name",
"example": "jc21.com",
"type": "string",
"pattern": "^(?:[^.*]+\\.?)+[^.]$"
"pattern": "^(?:[^.*]+\\.?)+[^.]$",
"example": "example.com"
},
{
"type": "string",
"format": "ipv4"
"format": "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}$"
},
{
"type": "string",
"format": "ipv6"
}
]
],
"example": "example.com"
},
"forwarding_port": {
"type": "integer",
"minimum": 1,
"maximum": 65535
"maximum": 65535,
"example": 80
},
"tcp_forwarding": {
"type": "boolean"
"type": "boolean",
"example": true
},
"udp_forwarding": {
"type": "boolean"
"type": "boolean",
"example": false
},
"enabled": {
"$ref": "../common.json#/properties/enabled"
@@ -57,10 +74,8 @@
"$ref": "../common.json#/properties/certificate_id"
},
"meta": {
"type": "object"
},
"owner": {
"$ref": "./user-object.json"
"type": "object",
"example": {}
},
"certificate": {
"oneOf": [
@@ -70,7 +85,11 @@
{
"$ref": "./certificate-object.json"
}
]
],
"example": null
},
"owner": {
"$ref": "./user-object.json"
}
}
}

12
backend/schema/components/user-object.json
View File

@@ -77,37 +77,37 @@
"proxy_hosts": {
"type": "string",
"description": "Proxy Hosts access level",
"example": "all",
"example": "manage",
"pattern": "^(manage|view|hidden)$"
},
"redirection_hosts": {
"type": "string",
"description": "Redirection Hosts access level",
"example": "all",
"example": "manage",
"pattern": "^(manage|view|hidden)$"
},
"dead_hosts": {
"type": "string",
"description": "Dead Hosts access level",
"example": "all",
"example": "manage",
"pattern": "^(manage|view|hidden)$"
},
"streams": {
"type": "string",
"description": "Streams access level",
"example": "all",
"example": "manage",
"pattern": "^(manage|view|hidden)$"
},
"access_lists": {
"type": "string",
"description": "Access Lists access level",
"example": "all",
"example": "hidden",
"pattern": "^(manage|view|hidden)$"
},
"certificates": {
"type": "string",
"description": "Certificates access level",
"example": "all",
"example": "view",
"pattern": "^(manage|view|hidden)$"
}
}

10
backend/schema/paths/audit-log/get.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "getAuditLog",
"summary": "Get Audit Log",
"tags": ["Audit Log"],
"operationId": "getAuditLogs",
"summary": "Get Audit Logs",
"tags": ["audit-log"],
"security": [
{
"BearerAuth": ["audit-log"]
"bearerAuth": ["admin"]
}
],
"responses": {
@@ -44,7 +44,7 @@
}
},
"schema": {
"$ref": "../../components/audit-log-object.json"
"$ref": "../../components/audit-log-list.json"
}
}
}

72
backend/schema/paths/audit-log/id/get.json Normal file
View File

@@ -0,0 +1,72 @@
{
"operationId": "getAuditLog",
"summary": "Get Audit Log Event",
"tags": ["audit-log"],
"security": [
{
"bearerAuth": [
"admin"
]
}
],
"parameters": [
{
"in": "path",
"name": "id",
"description": "Audit Log Event ID",
"schema": {
"type": "integer",
"minimum": 1
},
"required": true,
"example": 1
}
],
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"examples": {
"default": {
"value": {
"id": 1,
"created_on": "2025-09-15T17:27:45.000Z",
"modified_on": "2025-09-15T17:27:45.000Z",
"user_id": 1,
"object_type": "user",
"object_id": 1,
"action": "created",
"meta": {
"id": 1,
"created_on": "2025-09-15T17:27:45.000Z",
"modified_on": "2025-09-15T17:27:45.000Z",
"is_disabled": false,
"email": "jc@jc21.com",
"name": "Jamie",
"nickname": "Jamie",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"roles": [
"admin"
],
"permissions": {
"visibility": "all",
"proxy_hosts": "manage",
"redirection_hosts": "manage",
"dead_hosts": "manage",
"streams": "manage",
"access_lists": "manage",
"certificates": "manage"
}
}
}
}
},
"schema": {
"$ref": "../../../components/audit-log-object.json"
}
}
}
}
}
}

2
backend/schema/paths/get.json
View File

@@ -1,7 +1,7 @@
{
"operationId": "health",
"summary": "Returns the API health status",
"tags": ["Public"],
"tags": ["public"],
"responses": {
"200": {
"description": "200 response",

39
backend/schema/paths/nginx/access-lists/get.json
View File

@@ -1,10 +1,12 @@
{
"operationId": "getAccessLists",
"summary": "Get all access lists",
"tags": ["Access Lists"],
"tags": ["access-lists"],
"security": [
{
"BearerAuth": ["access_lists"]
"bearerAuth": [
"access_lists.view"
]
}
],
"parameters": [
@@ -14,7 +16,12 @@
"description": "Expansions",
"schema": {
"type": "string",
"enum": ["owner", "items", "clients", "proxy_hosts"]
"enum": [
"owner",
"items",
"clients",
"proxy_hosts"
]
}
}
],
@@ -23,22 +30,16 @@
"description": "200 response",
"content": {
"application/json": {
"examples": {
"default": {
"value": [
{
"id": 1,
"created_on": "2024-10-08T22:15:40.000Z",
"modified_on": "2024-10-08T22:15:40.000Z",
"owner_user_id": 1,
"name": "test1234",
"meta": {},
"satisfy_any": true,
"pass_auth": false,
"proxy_host_count": 0
}
]
}
"example": {
"id": 1,
"created_on": "2024-10-08T22:15:40.000Z",
"modified_on": "2024-10-08T22:15:40.000Z",
"owner_user_id": 1,
"name": "test1234",
"meta": {},
"satisfy_any": true,
"pass_auth": false,
"proxy_host_count": 0
},
"schema": {
"$ref": "../../../components/access-list-object.json"

5
backend/schema/paths/nginx/access-lists/listID/delete.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "deleteAccessList",
"summary": "Delete a Access List",
"tags": ["Access Lists"],
"tags": ["access-lists"],
"security": [
{
"BearerAuth": ["access_lists"]
"bearerAuth": ["access_lists.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "listID",
"description": "Access List ID",
"schema": {
"type": "integer",
"minimum": 1

99
backend/schema/paths/nginx/access-lists/listID/get.json
View File

@@ -1,49 +1,54 @@
{
"operationId": "getAccessList",
"summary": "Get a access List",
"tags": ["Access Lists"],
"security": [
{
"BearerAuth": ["access_lists"]
}
],
"parameters": [
{
"in": "path",
"name": "listID",
"schema": {
"type": "integer",
"minimum": 1
},
"required": true,
"example": 1
}
],
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"examples": {
"default": {
"value": {
"id": 1,
"created_on": "2020-01-30T09:36:08.000Z",
"modified_on": "2020-01-30T09:41:04.000Z",
"is_disabled": false,
"email": "jc@jc21.com",
"name": "Jamie Curnow",
"nickname": "James",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"roles": ["admin"]
}
}
},
"schema": {
"$ref": "../../../../components/access-list-object.json"
}
}
}
}
}
"operationId": "getAccessList",
"summary": "Get a access List",
"tags": [
"access-lists"
],
"security": [
{
"bearerAuth": [
"access_lists.view"
]
}
],
"parameters": [
{
"in": "path",
"name": "listID",
"description": "Access List ID",
"schema": {
"type": "integer",
"minimum": 1
},
"required": true,
"example": 1
}
],
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"examples": {
"default": {
"value": {
"id": 1,
"created_on": "2025-10-28T04:06:55.000Z",
"modified_on": "2025-10-29T22:48:20.000Z",
"owner_user_id": 1,
"name": "My Access List",
"meta": {},
"satisfy_any": false,
"pass_auth": false,
"proxy_host_count": 1
}
}
},
"schema": {
"$ref": "../../../../components/access-list-object.json"
}
}
}
}
}
}

65
backend/schema/paths/nginx/access-lists/listID/put.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "updateAccessList",
"summary": "Update a Access List",
"tags": ["Access Lists"],
"tags": ["access-lists"],
"security": [
{
"BearerAuth": ["access_lists"]
"bearerAuth": ["access_lists.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "listID",
"description": "Access List ID",
"schema": {
"type": "integer",
"minimum": 1
@@ -39,50 +40,29 @@
"$ref": "../../../../components/access-list-object.json#/properties/pass_auth"
},
"items": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"username": {
"type": "string",
"minLength": 1
},
"password": {
"type": "string"
}
}
}
"$ref": "../../../../common.json#/properties/access_items"
},
"clients": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"address": {
"oneOf": [
{
"type": "string",
"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
},
{
"type": "string",
"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
{
"type": "string",
"pattern": "^all$"
}
]
},
"directive": {
"$ref": "../../../../components/access-list-object.json#/properties/directive"
}
}
}
"$ref": "../../../../common.json#/properties/access_clients"
}
}
},
"example": {
"name": "My Access List",
"satisfy_any": true,
"pass_auth": false,
"items": [
{
"username": "admin2",
"password": "pass2"
}
],
"clients": [
{
"directive": "allow",
"address": "192.168.0.0/24"
}
]
}
}
}
@@ -108,7 +88,6 @@
"id": 1,
"created_on": "2024-10-07T22:43:55.000Z",
"modified_on": "2024-10-08T12:52:54.000Z",
"is_deleted": false,
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",

78
backend/schema/paths/nginx/access-lists/post.json
View File

@@ -1,10 +1,12 @@
{
"operationId": "createAccessList",
"summary": "Create a Access List",
"tags": ["Access Lists"],
"tags": ["access-lists"],
"security": [
{
"BearerAuth": ["access_lists"]
"bearerAuth": [
"access_lists.manage"
]
}
],
"requestBody": {
@@ -15,7 +17,9 @@
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["name"],
"required": [
"name"
],
"properties": {
"name": {
"$ref": "../../../components/access-list-object.json#/properties/name"
@@ -27,54 +31,29 @@
"$ref": "../../../components/access-list-object.json#/properties/pass_auth"
},
"items": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"username": {
"type": "string",
"minLength": 1
},
"password": {
"type": "string",
"minLength": 1
}
}
}
"$ref": "../../../common.json#/properties/access_items"
},
"clients": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"address": {
"oneOf": [
{
"type": "string",
"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
},
{
"type": "string",
"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
{
"type": "string",
"pattern": "^all$"
}
]
},
"directive": {
"$ref": "../../../components/access-list-object.json#/properties/directive"
}
}
}
},
"meta": {
"$ref": "../../../components/access-list-object.json#/properties/meta"
"$ref": "../../../common.json#/properties/access_clients"
}
}
},
"example": {
"name": "My Access List",
"satisfy_any": true,
"pass_auth": false,
"items": [
{
"username": "admin",
"password": "pass"
}
],
"clients": [
{
"directive": "allow",
"address": "192.168.0.0/24"
}
]
}
}
}
@@ -100,13 +79,14 @@
"id": 1,
"created_on": "2024-10-07T22:43:55.000Z",
"modified_on": "2024-10-08T12:52:54.000Z",
"is_deleted": false,
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",
"nickname": "some guy",
"avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm",
"roles": ["admin"]
"roles": [
"admin"
]
},
"items": [
{

5
backend/schema/paths/nginx/certificates/certID/delete.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "deleteCertificate",
"summary": "Delete a Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "certID",
"description": "Certificate ID",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/certificates/certID/download/get.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "downloadCertificate",
"summary": "Downloads a Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "certID",
"description": "Certificate ID",
"schema": {
"type": "integer",
"minimum": 1

7
backend/schema/paths/nginx/certificates/certID/get.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "getCertificate",
"summary": "Get a Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.view"]
}
],
"parameters": [
{
"in": "path",
"name": "certID",
"description": "Certificate ID",
"schema": {
"type": "integer",
"minimum": 1
@@ -36,8 +37,6 @@
"domain_names": ["test.example.com"],
"expires_on": "2025-01-07T04:34:18.000Z",
"meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false
}
}

8
backend/schema/paths/nginx/certificates/certID/renew/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "renewCertificate",
"summary": "Renews a Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "certID",
"description": "Certificate ID",
"schema": {
"type": "integer",
"minimum": 1
@@ -32,13 +33,10 @@
"id": 4,
"created_on": "2024-10-09T05:31:58.000Z",
"owner_user_id": 1,
"is_deleted": false,
"provider": "letsencrypt",
"nice_name": "My Test Cert",
"domain_names": ["test.jc21.supernerd.pro"],
"meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false
}
}

37
backend/schema/paths/nginx/certificates/certID/upload/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "uploadCertificate",
"summary": "Uploads a custom Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "certID",
"description": "Certificate ID",
"schema": {
"type": "integer",
"minimum": 1
@@ -20,28 +21,7 @@
}
],
"requestBody": {
"description": "Certificate Files",
"required": true,
"content": {
"multipart/form-data": {
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["certificate", "certificate_key"],
"properties": {
"certificate": {
"type": "string"
},
"certificate_key": {
"type": "string"
},
"intermediate_certificate": {
"type": "string"
}
}
}
}
}
"$ref": "../../../../../common.json#/properties/certificate_files"
},
"responses": {
"200": {
@@ -63,15 +43,18 @@
"properties": {
"certificate": {
"type": "string",
"minLength": 1
"minLength": 1,
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
},
"certificate_key": {
"type": "string",
"minLength": 1
"minLength": 1,
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
},
"intermediate_certificate": {
"type": "string",
"minLength": 1
"minLength": 1,
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
}
}
}

48
backend/schema/paths/nginx/certificates/dns-providers/get.json Normal file
View File

@@ -0,0 +1,48 @@
{
"operationId": "getDNSProviders",
"summary": "Get DNS Providers for Certificates",
"tags": ["certificates"],
"security": [
{
"bearerAuth": ["certificates.view"]
}
],
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"examples": {
"default": {
"value": [
{
"id": "vultr",
"name": "Vultr",
"credentials": "dns_vultr_key = YOUR_VULTR_API_KEY"
},
{
"id": "websupport",
"name": "Websupport.sk",
"credentials": "dns_websupport_identifier = <api_key>\ndns_websupport_secret_key = <secret>"
},
{
"id": "wedos",
"name": "Wedos",
"credentials": "dns_wedos_user = <wedos_registration>\ndns_wedos_auth = <wapi_password>"
},
{
"id": "zoneedit",
"name": "ZoneEdit",
"credentials": "dns_zoneedit_user = <login-user-id>\ndns_zoneedit_token = <dyn-authentication-token>"
}
]
}
},
"schema": {
"$ref": "../../../../components/dns-providers-list.json"
}
}
}
}
}
}

6
backend/schema/paths/nginx/certificates/get.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "getCertificates",
"summary": "Get all certificates",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.view"]
}
],
"parameters": [
@@ -36,8 +36,6 @@
"domain_names": ["test.example.com"],
"expires_on": "2025-01-07T04:34:18.000Z",
"meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false
}
}

14
backend/schema/paths/nginx/certificates/post.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "createCertificate",
"summary": "Create a Certificate",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"requestBody": {
@@ -30,6 +30,13 @@
"$ref": "../../../components/certificate-object.json#/properties/meta"
}
}
},
"example": {
"provider": "letsencrypt",
"domain_names": ["test.example.com"],
"meta": {
"dns_challenge": false
}
}
}
}
@@ -47,13 +54,10 @@
"id": 5,
"created_on": "2024-10-09 05:28:35",
"owner_user_id": 1,
"is_deleted": false,
"provider": "letsencrypt",
"nice_name": "test.example.com",
"domain_names": ["test.example.com"],
"meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false,
"letsencrypt_certificate": {
"cn": "test.example.com",

30
backend/schema/paths/nginx/certificates/test-http/get.json → backend/schema/paths/nginx/certificates/test-http/post.json
View File

@@ -1,24 +1,30 @@
{
"operationId": "testHttpReach",
"summary": "Test HTTP Reachability",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.view"]
}
],
"parameters": [
{
"in": "query",
"name": "domains",
"description": "Expansions",
"required": true,
"schema": {
"type": "string",
"example": "[\"test.example.ord\",\"test.example.com\",\"nonexistent.example.com\"]"
"requestBody": {
"description": "Test Payload",
"required": true,
"content": {
"application/json": {
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["domains"],
"properties": {
"domains": {
"$ref": "../../../../common.json#/properties/domain_names"
}
}
}
}
}
],
},
"responses": {
"200": {
"description": "200 response",

40
backend/schema/paths/nginx/certificates/validate/post.json
View File

@@ -1,35 +1,14 @@
{
"operationId": "validateCertificates",
"summary": "Validates given Custom Certificates",
"tags": ["Certificates"],
"tags": ["certificates"],
"security": [
{
"BearerAuth": ["certificates"]
"bearerAuth": ["certificates.manage"]
}
],
"requestBody": {
"description": "Certificate Files",
"required": true,
"content": {
"multipart/form-data": {
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["certificate", "certificate_key"],
"properties": {
"certificate": {
"type": "string"
},
"certificate_key": {
"type": "string"
},
"intermediate_certificate": {
"type": "string"
}
}
}
}
}
"$ref": "../../../../common.json#/properties/certificate_files"
},
"responses": {
"200": {
@@ -62,10 +41,12 @@
"required": ["cn", "issuer", "dates"],
"properties": {
"cn": {
"type": "string"
"type": "string",
"example": "example.com"
},
"issuer": {
"type": "string"
"type": "string",
"example": "C = US, O = Let's Encrypt, CN = E5"
},
"dates": {
"type": "object",
@@ -78,12 +59,17 @@
"to": {
"type": "integer"
}
},
"example": {
"from": 1728448218,
"to": 1736224217
}
}
}
},
"certificate_key": {
"type": "boolean"
"type": "boolean",
"example": true
}
}
}

4
backend/schema/paths/nginx/dead-hosts/get.json
View File

@@ -1,10 +1,10 @@
{
"operationId": "getDeadHosts",
"summary": "Get all 404 hosts",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.view"]
}
],
"parameters": [

5
backend/schema/paths/nginx/dead-hosts/hostID/delete.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "deleteDeadHost",
"summary": "Delete a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the 404 Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "disableDeadHost",
"summary": "Disable a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the 404 Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "enableDeadHost",
"summary": "Enable a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the 404 Host",
"schema": {
"type": "integer",
"minimum": 1

5
backend/schema/paths/nginx/dead-hosts/hostID/get.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "getDeadHost",
"summary": "Get a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.view"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the 404 Host",
"schema": {
"type": "integer",
"minimum": 1

6
backend/schema/paths/nginx/dead-hosts/hostID/put.json
View File

@@ -1,16 +1,17 @@
{
"operationId": "updateDeadHost",
"summary": "Update a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": ["dead_hosts.manage"]
}
],
"parameters": [
{
"in": "path",
"name": "hostID",
"description": "The ID of the 404 Host",
"schema": {
"type": "integer",
"minimum": 1
@@ -86,7 +87,6 @@
"id": 1,
"created_on": "2024-10-09T00:59:56.000Z",
"modified_on": "2024-10-09T00:59:56.000Z",
"is_deleted": false,
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",

31
backend/schema/paths/nginx/dead-hosts/post.json
View File

@@ -1,10 +1,12 @@
{
"operationId": "create404Host",
"summary": "Create a 404 Host",
"tags": ["404 Hosts"],
"tags": ["404-hosts"],
"security": [
{
"BearerAuth": ["dead_hosts"]
"bearerAuth": [
"dead_hosts.manage"
]
}
],
"requestBody": {
@@ -15,7 +17,9 @@
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["domain_names"],
"required": [
"domain_names"
],
"properties": {
"domain_names": {
"$ref": "../../../components/dead-host-object.json#/properties/domain_names"
@@ -42,6 +46,18 @@
"$ref": "../../../components/dead-host-object.json#/properties/meta"
}
}
},
"example": {
"domain_names": [
"test.example.com"
],
"certificate_id": 0,
"ssl_forced": false,
"advanced_config": "",
"http2_support": false,
"hsts_enabled": false,
"hsts_subdomains": false,
"meta": {}
}
}
}
@@ -58,7 +74,9 @@
"created_on": "2024-10-09T01:38:52.000Z",
"modified_on": "2024-10-09T01:38:52.000Z",
"owner_user_id": 1,
"domain_names": ["test.example.com"],
"domain_names": [
"test.example.com"
],
"certificate_id": 0,
"ssl_forced": false,
"advanced_config": "",
@@ -72,13 +90,14 @@
"id": 1,
"created_on": "2024-10-09T00:59:56.000Z",
"modified_on": "2024-10-09T00:59:56.000Z",
"is_deleted": false,
"is_disabled": false,
"email": "admin@example.com",
"name": "Administrator",
"nickname": "Admin",
"avatar": "",
"roles": ["admin"]
"roles": [
"admin"
]
}
}
}

Some files were not shown because too many files have changed in this diff Show More