fix alignment issue

# Conflicts:
#	docker/dev/Dockerfile

backend/app.js

@@ -29,6 +29,7 @@ if (config.debug()) {
 	app.set('json spaces', 2);
 }
 
+
 // CORS for everything
 app.use(require('./lib/express/cors'));
 

backend/db.js

@@ -9,6 +9,22 @@ function generateDbConfig() {
 	if (cfg.engine === 'knex-native') {
 		return cfg.knex;
 	}
+	if (cfg.engine === 'pg') {
+
+		return {
+			client:     cfg.engine,
+			connection: {
+				host:     cfg.host,
+				user:     cfg.user,
+				password: cfg.password,
+				database: cfg.name,
+				port:     cfg.port
+			},
+			migrations: {
+				tableName: 'migrations'
+			}
+		};
+	}
 	return {
 		client:     cfg.engine,
 		connection: {

backend/internal/access-list.js

@@ -252,10 +252,14 @@ const internalAccessList = {
 				let query = accessListModel
 					.query()
 					.select('access_list.*', accessListModel.raw('COUNT(proxy_host.id) as proxy_host_count'))
-					.joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0')
+					.leftJoin('proxy_host', function() {
+						this.on('proxy_host.access_list_id', '=', 'access_list.id')
+							.andOn('proxy_host.is_deleted', '=', 0);
+					})
 					.where('access_list.is_deleted', 0)
 					.andWhere('access_list.id', data.id)
 					.allowGraph('[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]')
+					.groupBy('access_list.id')
 					.first();
 
 				if (access_data.permission_visibility !== 'all') {
@@ -373,7 +377,10 @@ const internalAccessList = {
 				let query = accessListModel
 					.query()
 					.select('access_list.*', accessListModel.raw('COUNT(proxy_host.id) as proxy_host_count'))
-					.joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0')
+					.leftJoin('proxy_host', function() {
+						this.on('proxy_host.access_list_id', '=', 'access_list.id')
+							.andOn('proxy_host.is_deleted', '=', 0);
+					})
 					.where('access_list.is_deleted', 0)
 					.groupBy('access_list.id')
 					.allowGraph('[owner,items,clients]')

backend/internal/audit-log.js

@@ -22,9 +22,9 @@ const internalAuditLog = {
 					.allowGraph('[user]');
 
 				// Query is used for searching
-				if (typeof search_query === 'string') {
+				if (typeof search_query === 'string' && search_query.length > 0) {
 					query.where(function () {
-						this.where('meta', 'like', '%' + search_query + '%');
+						this.whereRaw('CAST(meta AS VARCHAR(65535)) like ? ESCAPE \'\'', '%' + search_query + '%');
 					});
 				}
 

backend/internal/dead-host.js

@@ -409,16 +409,16 @@ const internalDeadHost = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner,certificate]')
-					.orderBy('domain_names', 'ASC');
+					.orderByRaw('CAST(domain_names AS VARCHAR(65535)) ASC');
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string') {
+				if (typeof search_query === 'string' && search_query.length > 0) {
 					query.where(function () {
-						this.where('domain_names', 'like', '%' + search_query + '%');
+						this.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%' + search_query + '%');
 					});
 				}
 

backend/internal/host.js

@@ -129,15 +129,15 @@ const internalHost = {
 			proxyHostModel
 				.query()
 				.where('is_deleted', 0)
-				.andWhere('domain_names', 'like', '%' + hostname + '%'),
+				.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%'+hostname + '%'),
 			redirectionHostModel
 				.query()
 				.where('is_deleted', 0)
-				.andWhere('domain_names', 'like', '%' + hostname + '%'),
+				.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%'+hostname + '%'),
 			deadHostModel
 				.query()
 				.where('is_deleted', 0)
-				.andWhere('domain_names', 'like', '%' + hostname + '%')
+				.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%'+hostname + '%'),
 		];
 
 		return Promise.all(promises)

backend/internal/proxy-host.js

@@ -409,6 +409,7 @@ const internalProxyHost = {
 	 * @returns {Promise}
 	 */
 	getAll: (access, expand, search_query) => {
+
 		return access.can('proxy_hosts:list')
 			.then((access_data) => {
 				let query = proxyHostModel
@@ -416,16 +417,17 @@ const internalProxyHost = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner,access_list,certificate]')
-					.orderBy('domain_names', 'ASC');
+					.orderByRaw('CAST(domain_names AS VARCHAR(65535) ) ASC')
+				;
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string') {
+				if (typeof search_query === 'string' && search_query.length > 0) {
 					query.where(function () {
-						this.where('domain_names', 'like', '%' + search_query + '%');
+						this.whereRaw('CAST(domain_names AS VARCHAR(65535) ) like ? ESCAPE \'\'', '%'+search_query + '%');
 					});
 				}
 
@@ -436,6 +438,7 @@ const internalProxyHost = {
 				return query.then(utils.omitRows(omissions()));
 			})
 			.then((rows) => {
+
 				if (typeof expand !== 'undefined' && expand !== null && expand.indexOf('certificate') !== -1) {
 					return internalHost.cleanAllRowsCertificateMeta(rows);
 				}

backend/internal/redirection-host.js

@@ -20,7 +20,6 @@ const internalRedirectionHost = {
 	 */
 	create: (access, data) => {
 		let create_certificate = data.certificate_id === 'new';
-
 		if (create_certificate) {
 			delete data.certificate_id;
 		}
@@ -409,16 +408,16 @@ const internalRedirectionHost = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner,certificate]')
-					.orderBy('domain_names', 'ASC');
+					.orderByRaw('CAST(domain_names AS VARCHAR(65535) ) ASC');
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string') {
+				if (typeof search_query === 'string' && search_query.length > 0) {
 					query.where(function () {
-						this.where('domain_names', 'like', '%' + search_query + '%');
+						this.whereRaw('CAST(domain_names AS VARCHAR(65535) ) like ? ESCAPE \'\'', '%' + search_query + '%');
 					});
 				}
 

backend/internal/stream.js

@@ -298,16 +298,18 @@ const internalStream = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner]')
-					.orderBy('incoming_port', 'ASC');
+					//.orderBy('incoming_port', 'ASC')
+					.orderByRaw('CAST(incoming_port AS INTEGER) ASC')
+				;
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string') {
+				if (typeof search_query === 'string' && search_query.length > 0) {
 					query.where(function () {
-						this.where('incoming_port', 'like', '%' + search_query + '%');
+						this.whereRaw('CAST(incoming_port AS VARCHAR(65535)) like ? ESCAPE \'\'', '%' +  search_query+ '%');
 					});
 				}
 

backend/lib/config.js

@@ -45,6 +45,25 @@ const configure = () => {
 		};
 		return;
 	}
+	const envPostgresqlHost = process.env.DB_POSTGRESQL_HOST || null;
+	const envPostgresqlUser = process.env.DB_POSTGRESQL_USER || null;
+	const envPostgresqlName = process.env.DB_POSTGRESQL_NAME || null;
+	if (envPostgresqlHost && envPostgresqlUser && envPostgresqlName) {
+		// we have enough mysql creds to go with mysql
+		logger.info('Using POSTGRESQL configuration');
+		instance = {
+			database: {
+				engine:   'pg',
+				host:     envPostgresqlHost,
+				port:     process.env.DB_POSTGRESQL_PORT || 5432,
+				user:     envPostgresqlUser,
+				password: process.env.DB_POSTGRESQL_PASSWORD,
+				name:     envPostgresqlName,
+			},
+			keys: getKeys(),
+		};
+		return;
+	}
 
 	const envSqliteFile = process.env.DB_SQLITE_FILE || '/data/database.sqlite';
 	logger.info(`Using Sqlite: ${envSqliteFile}`);

backend/models/redirection_host.js

@@ -17,6 +17,9 @@ const boolFields = [
 	'preserve_path',
 	'ssl_forced',
 	'block_exploits',
+	'hsts_enabled',
+	'hsts_subdomains',
+	'http2_support',
 ];
 
 class RedirectionHost extends Model {

backend/package.json

@@ -21,8 +21,9 @@
 		"moment": "^2.29.4",
 		"mysql2": "^3.11.1",
 		"node-rsa": "^1.0.8",
-		"objection": "3.0.1",
+		"objection": "^3.0.1",
 		"path": "^0.12.7",
+		"pg": "^8.13.0",
 		"signale": "1.4.0",
 		"sqlite3": "5.1.6",
 		"temp-write": "^4.0.0"

backend/setup.js

@@ -15,11 +15,11 @@ const certbot             = require('./lib/certbot');
 const setupDefaultUser = () => {
 	return userModel
 		.query()
-		.select(userModel.raw('COUNT(`id`) as `count`'))
+		.select('id')
 		.where('is_deleted', 0)
-		.first()
 		.then((row) => {
-			if (!row.count) {
+			if (row.length === 0) {
+
 				// Create a new user and set password
 				let email    = process.env.INITIAL_ADMIN_EMAIL || 'admin@example.com';
 				let password = process.env.INITIAL_ADMIN_PASSWORD || 'changeme';
@@ -77,11 +77,10 @@ const setupDefaultUser = () => {
 const setupDefaultSettings = () => {
 	return settingModel
 		.query()
-		.select(settingModel.raw('COUNT(`id`) as `count`'))
+		.select('id')
 		.where({id: 'default-site'})
-		.first()
 		.then((row) => {
-			if (!row.count) {
+			if (!row.length || !row[0].id) {
 				settingModel
 					.query()
 					.insert({

docker/dev/Dockerfile

@@ -26,6 +26,8 @@ WORKDIR /root
 
 COPY rootfs /
 COPY scripts/install-s6 /tmp/install-s6
+RUN /tmp/install-s6 "${TARGETPLATFORM}" && rm -f /tmp/install-s6
+RUN chmod 644 -R /root/.cache
 RUN rm -f /etc/nginx/conf.d/production.conf \
 	&& chmod 644 /etc/logrotate.d/nginx-proxy-manager \
 	&& /tmp/install-s6 "${TARGETPLATFORM}" \

docker/docker-compose.ci.postgresql.yml

@@ -0,0 +1,29 @@
+# WARNING: This is a CI docker-compose file used for building and testing of the entire app, it should not be used for production.
+services:
+
+  fullstack:
+    environment:
+      DB_POSTGRESQL_HOST: 'db'
+      DB_POSTGRESQL_PORT: '5432'
+      DB_POSTGRESQL_USER: 'npm'
+      DB_POSTGRESQL_PASSWORD: 'npmpass'
+      DB_POSTGRESQL_NAME: 'npm'
+    depends_on:
+      - db-postgresql
+
+  db-postgresql:
+    image: postgres:14.2-alpine
+    environment:
+      POSTGRES_PASSWORD: "npmpass"
+      POSTGRES_USER: "npm"
+      POSTGRES_DB: "npm"
+    ports:
+      - 5432:5432
+    volumes:
+      - postgres_vol:/var/lib/postgresql/data
+    networks:
+      - fulltest
+
+
+volumes:
+  postgres_vol:

docker/docker-compose.dev2.yml

@@ -0,0 +1,89 @@
+# WARNING: This is a DEVELOPMENT docker-compose file, it should not be used for production.
+services:
+
+  npm1:
+    image: nginxproxymanager:dev
+    container_name: npm_core1
+    build:
+      context: ./
+      dockerfile: ./dev/Dockerfile
+    ports:
+      - 4080:80
+      - 4081:81
+      - 4443:443
+    networks:
+      - nginx_proxy_manager
+    environment:
+      PUID: 1000
+      PGID: 1000
+      FORCE_COLOR: 1
+      # specifically for dev:
+      DEBUG: 'true'
+      DEVELOPMENT: 'true'
+      LE_STAGING: 'true'
+      # db:
+      DB_POSTGRESQL_HOST: 'db1'
+      DB_POSTGRESQL_PORT: '5432'
+      DB_POSTGRESQL_USER: 'npm'
+      DB_POSTGRESQL_PASSWORD: 'npmpass'
+      DB_POSTGRESQL_NAME: 'npm'
+      # DB_SQLITE_FILE: "/data/database.sqlite"
+      # DISABLE_IPV6: "true"
+    volumes:
+      - npm_data1:/data
+      - le_data1:/etc/letsencrypt
+      - ../backend:/app
+      - ../frontend:/app/frontend
+      - ../global:/app/global
+    depends_on:
+      - db1
+    working_dir: /app
+
+  db1:
+    image: postgis/postgis:17-3.5-alpine
+    container_name: npm_db1
+    ports:
+      - 5432:5432
+    networks:
+      - nginx_proxy_manager
+    environment:
+      POSTGRES_PASSWORD: "npmpass"
+      POSTGRES_USER: "npm"
+      POSTGRES_DB: "npm"
+    volumes:
+      - db_data1:/var/lib/postgresql/data
+  pgadmin:
+    image: dpage/pgadmin4
+    environment:
+      PGADMIN_DEFAULT_EMAIL: "admin@example.com"
+      PGADMIN_DEFAULT_PASSWORD: "changeme"
+    ports:
+        - 5080:80
+    networks:
+        - nginx_proxy_manager
+    depends_on:
+      - db1
+
+
+  swagger1:
+    image: swaggerapi/swagger-ui:latest
+    container_name: npm_swagger1
+    ports:
+      - 5082:80
+    environment:
+      URL: "http://npm:81/api/schema"
+      PORT: '80'
+    depends_on:
+      - npm1
+
+volumes:
+  npm_data1:
+    name: npm_core_data
+  le_data1:
+    name: npm_le_data
+  db_data1:
+    name: npm_db_data1
+
+networks:
+  nginx_proxy_manager:
+    name: npm_network