Bump freedns plugin

and reenables dns cert test
and fixes problems with schema

.version

@@ -1 +1 @@
-2.11.3
+2.12.1

Jenkinsfile

@@ -43,7 +43,7 @@ pipeline {
 					steps {
 						script {
 							// Defaults to the Branch name, which is applies to all branches AND pr's
-							buildxPushTags = "-t docker.io/jc21/${IMAGE}:github-${BRANCH_LOWER}"
+							buildxPushTags = "-t docker.io/nginxproxymanager/${IMAGE}-dev:${BRANCH_LOWER}"
 						}
 					}
 				}
@@ -56,6 +56,13 @@ pipeline {
 						sh 'sed -i -E "s/(version-)[0-9]+\\.[0-9]+\\.[0-9]+(-green)/\\1${BUILD_VERSION}\\2/" README.md'
 					}
 				}
+				stage('Docker Login') {
+					steps {
+						withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
+							sh 'docker login -u "${duser}" -p "${dpass}"'
+						}
+					}
+				}
 			}
 		}
 		stage('Builds') {
@@ -120,6 +127,11 @@ pipeline {
 					junit 'test/results/junit/*'
 					sh 'docker-compose down --remove-orphans --volumes -t 30 || true'
 				}
+				unstable {
+					dir(path: 'testing/results') {
+						archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml')
+					}
+				}
 			}
 		}
 		stage('Test Mysql') {
@@ -148,6 +160,11 @@ pipeline {
 					junit 'test/results/junit/*'
 					sh 'docker-compose down --remove-orphans --volumes -t 30 || true'
 				}
+				unstable {
+					dir(path: 'testing/results') {
+						archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml')
+					}
+				}
 			}
 		}
 		stage('MultiArch Build') {
@@ -157,12 +174,9 @@ pipeline {
 				}
 			}
 			steps {
-				withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
-					sh 'docker login -u "${duser}" -p "${dpass}"'
 				sh "./scripts/buildx --push ${buildxPushTags}"
 			}
 		}
-		}
 		stage('Docs / Comment') {
 			parallel {
 				stage('Docs Job') {
@@ -189,7 +203,13 @@ pipeline {
 					}
 					steps {
 						script {
-							npmGithubPrComment("Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/jc21/${IMAGE}) as `jc21/${IMAGE}:github-${BRANCH_LOWER}`\n\n**Note:** ensure you backup your NPM instance before testing this PR image! Especially if this PR contains database changes.", true)
+							npmGithubPrComment("""Docker Image for build ${BUILD_NUMBER} is available on
+[DockerHub](https://cloud.docker.com/repository/docker/nginxproxymanager/${IMAGE}-dev)
+as `nginxproxymanager/${IMAGE}-dev:${BRANCH_LOWER}`
+
+**Note:** ensure you backup your NPM instance before testing this image! Especially if there are database changes
+**Note:** this is a different docker image namespace than the official image
+""", true)
 						}
 					}
 				}
@@ -200,20 +220,13 @@ pipeline {
 		always {
 			sh 'echo Reverting ownership'
 			sh 'docker run --rm -v "$(pwd):/data" jc21/ci-tools chown -R "$(id -u):$(id -g)" /data'
-		}
-		success {
-			juxtapose event: 'success'
-			sh 'figlet "SUCCESS"'
+			printResult(true)
 		}
 		failure {
 			archiveArtifacts(artifacts: 'debug/**/*.*', allowEmptyArchive: true)
-			juxtapose event: 'failure'
-			sh 'figlet "FAILURE"'
 		}
 		unstable {
 			archiveArtifacts(artifacts: 'debug/**/*.*', allowEmptyArchive: true)
-			juxtapose event: 'unstable'
-			sh 'figlet "UNSTABLE"'
 		}
 	}
 }

README.md

@@ -1,7 +1,7 @@
 <p align="center">
 	<img src="https://nginxproxymanager.com/github.png">
 	<br><br>
-	<img src="https://img.shields.io/badge/version-2.11.3-green.svg?style=for-the-badge">
+	<img src="https://img.shields.io/badge/version-2.12.1-green.svg?style=for-the-badge">
 	<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
 		<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
 	</a>

backend/config/default.json

@@ -1,6 +1,6 @@
 {
   "database": {
-    "engine": "mysql",
+    "engine": "mysql2",
     "host": "db",
     "name": "npm",
     "user": "npm",

backend/internal/certificate.js

@@ -3,27 +3,29 @@ const fs               = require('fs');
 const https            = require('https');
 const tempWrite        = require('temp-write');
 const moment           = require('moment');
+const archiver         = require('archiver');
+const path             = require('path');
+const { isArray }      = require('lodash');
 const logger           = require('../logger').ssl;
 const config           = require('../lib/config');
 const error            = require('../lib/error');
 const utils            = require('../lib/utils');
+const certbot          = require('../lib/certbot');
 const certificateModel = require('../models/certificate');
 const tokenModel       = require('../models/token');
 const dnsPlugins       = require('../global/certbot-dns-plugins.json');
 const internalAuditLog = require('./audit-log');
 const internalNginx    = require('./nginx');
 const internalHost     = require('./host');
-const certbot          = require('../lib/certbot');
-const archiver         = require('archiver');
-const path             = require('path');
-const { isArray }      = require('lodash');
+
 
 const letsencryptStaging = config.useLetsencryptStaging();
+const letsencryptServer  = config.useLetsencryptServer();
 const letsencryptConfig  = '/etc/letsencrypt.ini';
 const certbotCommand     = 'certbot';
 
 function omissions() {
-	return ['is_deleted'];
+	return ['is_deleted', 'owner.is_deleted'];
 }
 
 const internalCertificate = {
@@ -207,6 +209,7 @@ const internalCertificate = {
 										.patchAndFetchById(certificate.id, {
 											expires_on: moment(cert_info.dates.to, 'X').format('YYYY-MM-DD HH:mm:ss')
 										})
+										.then(utils.omitRow(omissions()))
 										.then((saved_row) => {
 											// Add cert data for audit log
 											saved_row.meta = _.assign({}, saved_row.meta, {
@@ -730,29 +733,29 @@ const internalCertificate = {
 
 		return utils.exec('openssl x509 -in ' + certificate_file + ' -subject -noout')
 			.then((result) => {
+				// Examples:
+				// subject=CN = *.jc21.com
 				// subject=CN = something.example.com
 				const regex = /(?:subject=)?[^=]+=\s+(\S+)/gim;
 				const match = regex.exec(result);
-
-				if (typeof match[1] === 'undefined') {
-					throw new error.ValidationError('Could not determine subject from certificate: ' + result);
-				}
-
+				if (match && typeof match[1] !== 'undefined') {
 					certData['cn'] = match[1];
+				}
 			})
 			.then(() => {
 				return utils.exec('openssl x509 -in ' + certificate_file + ' -issuer -noout');
 			})
+
 			.then((result) => {
+				// Examples:
 				// issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
+				// issuer=C = US, O = Let's Encrypt, CN = E5
+				// issuer=O = NginxProxyManager, CN = NginxProxyManager Intermediate CA","O = NginxProxyManager, CN = NginxProxyManager Intermediate CA
 				const regex = /^(?:issuer=)?(.*)$/gim;
 				const match = regex.exec(result);
-
-				if (typeof match[1] === 'undefined') {
-					throw new error.ValidationError('Could not determine issuer from certificate: ' + result);
-				}
-
+				if (match && typeof match[1] !== 'undefined') {
 					certData['issuer'] = match[1];
+				}
 			})
 			.then(() => {
 				return utils.exec('openssl x509 -in ' + certificate_file + ' -dates -noout');
@@ -827,17 +830,18 @@ const internalCertificate = {
 	requestLetsEncryptSsl: (certificate) => {
 		logger.info('Requesting Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
 
-		const cmd = certbotCommand + ' certonly ' +
-			'--config "' + letsencryptConfig + '" ' +
+		const cmd = `${certbotCommand} certonly ` +
+			`--config '${letsencryptConfig}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
-			'--cert-name "npm-' + certificate.id + '" ' +
+			`--cert-name "npm-${certificate.id}" ` +
 			'--agree-tos ' +
 			'--authenticator webroot ' +
-			'--email "' + certificate.meta.letsencrypt_email + '" ' +
+			`--email '${certificate.meta.letsencrypt_email}' ` +
 			'--preferred-challenges "dns,http" ' +
-			'--domains "' + certificate.domain_names.join(',') + '" ' +
-			(letsencryptStaging ? '--staging' : '');
+			`--domains "${certificate.domain_names.join(',')}" ` +
+			(letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') +
+			(letsencryptStaging && letsencryptServer === null ? '--staging ' : '');
 
 		logger.info('Command:', cmd);
 
@@ -868,25 +872,26 @@ const internalCertificate = {
 		const hasConfigArg = certificate.meta.dns_provider !== 'route53';
 
 		let mainCmd = certbotCommand + ' certonly ' +
-			'--config "' + letsencryptConfig + '" ' +
+			`--config '${letsencryptConfig}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
-			'--cert-name "npm-' + certificate.id + '" ' +
+			`--cert-name 'npm-${certificate.id}' ` +
 			'--agree-tos ' +
-			'--email "' + certificate.meta.letsencrypt_email + '" ' +
-			'--domains "' + certificate.domain_names.join(',') + '" ' +
-			'--authenticator ' + dnsPlugin.full_plugin_name + ' ' +
+			`--email '${certificate.meta.letsencrypt_email}' ` +
+			`--domains '${certificate.domain_names.join(',')}' ` +
+			`--authenticator '${dnsPlugin.full_plugin_name}' ` +
 			(
 				hasConfigArg
-					? '--' + dnsPlugin.full_plugin_name + '-credentials "' + credentialsLocation + '"'
+					? `--${dnsPlugin.full_plugin_name}-credentials '${credentialsLocation}' `
 					: ''
 			) +
 			(
 				certificate.meta.propagation_seconds !== undefined
-					? ' --' + dnsPlugin.full_plugin_name + '-propagation-seconds ' + certificate.meta.propagation_seconds
+					? `--${dnsPlugin.full_plugin_name}-propagation-seconds '${certificate.meta.propagation_seconds}' `
 					: ''
 			) +
-			(letsencryptStaging ? ' --staging' : '');
+			(letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') +
+			(letsencryptStaging && letsencryptServer === null ? '--staging ' : '');
 
 		// Prepend the path to the credentials file as an environment variable
 		if (certificate.meta.dns_provider === 'route53') {
@@ -963,14 +968,15 @@ const internalCertificate = {
 		logger.info('Renewing Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
 
 		const cmd = certbotCommand + ' renew --force-renewal ' +
-			'--config "' + letsencryptConfig + '" ' +
+			`--config '${letsencryptConfig}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
-			'--cert-name "npm-' + certificate.id + '" ' +
+			`--cert-name 'npm-${certificate.id}' ` +
 			'--preferred-challenges "dns,http" ' +
 			'--no-random-sleep-on-renew ' +
 			'--disable-hook-validation ' +
-			(letsencryptStaging ? '--staging' : '');
+			(letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') +
+			(letsencryptStaging && letsencryptServer === null ? '--staging ' : '');
 
 		logger.info('Command:', cmd);
 
@@ -995,13 +1001,14 @@ const internalCertificate = {
 		logger.info(`Renewing Let'sEncrypt certificates via ${dnsPlugin.name} for Cert #${certificate.id}: ${certificate.domain_names.join(', ')}`);
 
 		let mainCmd = certbotCommand + ' renew --force-renewal ' +
-			'--config "' + letsencryptConfig + '" ' +
+			`--config "${letsencryptConfig}" ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
-			'--cert-name "npm-' + certificate.id + '" ' +
+			`--cert-name 'npm-${certificate.id}' ` +
 			'--disable-hook-validation ' +
 			'--no-random-sleep-on-renew ' +
-			(letsencryptStaging ? ' --staging' : '');
+			(letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') +
+			(letsencryptStaging && letsencryptServer === null ? '--staging ' : '');
 
 		// Prepend the path to the credentials file as an environment variable
 		if (certificate.meta.dns_provider === 'route53') {
@@ -1027,12 +1034,13 @@ const internalCertificate = {
 		logger.info('Revoking Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
 
 		const mainCmd = certbotCommand + ' revoke ' +
-			'--config "' + letsencryptConfig + '" ' +
+			`--config '${letsencryptConfig}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
-			'--cert-path "/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem" ' +
+			`--cert-path '/etc/letsencrypt/live/npm-${certificate.id}/fullchain.pem' ` +
 			'--delete-after-revoke ' +
-			(letsencryptStaging ? '--staging' : '');
+			(letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') +
+			(letsencryptStaging && letsencryptServer === null ? '--staging ' : '');
 
 		// Don't fail command if file does not exist
 		const delete_credentialsCmd = `rm -f '/etc/letsencrypt/credentials/credentials-${certificate.id}' || true`;

backend/internal/nginx.js

@@ -181,7 +181,9 @@ const internalNginx = {
 	 * @param   {Object}  host
 	 * @returns {Promise}
 	 */
-	generateConfig: (host_type, host) => {
+	generateConfig: (host_type, host_row) => {
+		// Prevent modifying the original object:
+		let host             = JSON.parse(JSON.stringify(host_row));
 		const nice_host_type = internalNginx.getFileFriendlyHostType(host_type);
 
 		if (config.debug()) {

backend/internal/proxy-host.js

@@ -8,7 +8,7 @@ const internalAuditLog    = require('./audit-log');
 const internalCertificate = require('./certificate');
 
 function omissions () {
-	return ['is_deleted'];
+	return ['is_deleted', 'owner.is_deleted'];
 }
 
 const internalProxyHost = {

backend/knexfile.js

@@ -1,6 +1,6 @@
 module.exports = {
 	development: {
-		client:     'mysql',
+		client:     'mysql2',
 		migrations: {
 			tableName: 'migrations',
 			stub:      'lib/migrate_template.js',
@@ -9,7 +9,7 @@ module.exports = {
 	},
 
 	production: {
-		client:     'mysql',
+		client:     'mysql2',
 		migrations: {
 			tableName: 'migrations',
 			stub:      'lib/migrate_template.js',

backend/lib/access.js

@@ -10,7 +10,7 @@
 
 const _              = require('lodash');
 const logger         = require('../logger').access;
-const validator      = require('ajv');
+const Ajv            = require('ajv/dist/2020');
 const error          = require('./error');
 const userModel      = require('../models/user');
 const proxyHostModel = require('../models/proxy_host');
@@ -174,7 +174,6 @@ module.exports = function (token_string) {
 
 		let schema = {
 			$id:                  'objects',
-			$schema:              'http://json-schema.org/draft-07/schema#',
 			description:          'Actor Properties',
 			type:                 'object',
 			additionalProperties: false,
@@ -251,7 +250,7 @@ module.exports = function (token_string) {
 						// Initialised, token decoded ok
 						return this.getObjectSchema(permission)
 							.then((objectSchema) => {
-								let data_schema = {
+								const data_schema = {
 									[permission]: {
 										data:                         data,
 										scope:                        Token.get('scope'),
@@ -267,24 +266,18 @@ module.exports = function (token_string) {
 								};
 
 								let permissionSchema = {
-									$schema:              'http://json-schema.org/draft-07/schema#',
 									$async:               true,
 									$id:                  'permissions',
+									type:                 'object',
 									additionalProperties: false,
 									properties:           {}
 								};
 
 								permissionSchema.properties[permission] = require('./access/' + permission.replace(/:/gim, '-') + '.json');
 
-								// logger.info('objectSchema', JSON.stringify(objectSchema, null, 2));
-								// logger.info('permissionSchema', JSON.stringify(permissionSchema, null, 2));
-								// logger.info('data_schema', JSON.stringify(data_schema, null, 2));
-
-								let ajv = validator({
+								const ajv = new Ajv({
 									verbose:      true,
 									allErrors:    true,
-									format:       'full',
-									missingRefs:  'fail',
 									breakOnError: true,
 									coerceTypes:  true,
 									schemas:      [

backend/lib/access/permissions.json

@@ -1,5 +1,4 @@
 {
-	"$schema": "http://json-schema.org/draft-07/schema#",
 	"$id": "perms",
 	"definitions": {
 		"view": {

backend/lib/access/roles.json

@@ -1,5 +1,4 @@
 {
-	"$schema": "http://json-schema.org/draft-07/schema#",
 	"$id": "roles",
 	"definitions": {
 		"admin": {

backend/lib/config.js

@@ -34,7 +34,7 @@ const configure = () => {
 		logger.info('Using MySQL configuration');
 		instance = {
 			database: {
-				engine:   'mysql',
+				engine:   'mysql2',
 				host:     envMysqlHost,
 				port:     process.env.DB_MYSQL_PORT || 3306,
 				user:     envMysqlUser,
@@ -180,5 +180,15 @@ module.exports = {
 	 */
 	useLetsencryptStaging: function () {
 		return !!process.env.LE_STAGING;
+	},
+
+	/**
+	 * @returns {string|null}
+	 */
+	useLetsencryptServer: function () {
+		if (process.env.LE_SERVER) {
+			return process.env.LE_SERVER;
+		}
+		return null;
 	}
 };

backend/lib/express/cors.js

@@ -1,25 +1,5 @@
-const validator = require('../validator');
-
 module.exports = function (req, res, next) {
-
 	if (req.headers.origin) {
-
-		const originSchema = {
-			oneOf: [
-				{
-					type:    'string',
-					pattern: '^[a-z\\-]+:\\/\\/(?:[\\w\\-\\.]+(:[0-9]+)?/?)?$'
-				},
-				{
-					type:    'string',
-					pattern: '^[a-z\\-]+:\\/\\/(?:\\[([a-z0-9]{0,4}\\:?)+\\])?/?(:[0-9]+)?$'
-				}
-			]
-		};
-
-		// very relaxed validation....
-		validator(originSchema, req.headers.origin)
-			.then(function () {
 		res.set({
 			'Access-Control-Allow-Origin':      req.headers.origin,
 			'Access-Control-Allow-Credentials': true,
@@ -29,12 +9,8 @@ module.exports = function (req, res, next) {
 			'Access-Control-Expose-Headers':    'X-Dataset-Total, X-Dataset-Offset, X-Dataset-Limit'
 		});
 		next();
-			})
-			.catch(next);
-
 	} else {
 		// No origin
 		next();
 	}
-
 };

backend/lib/helpers.js

@@ -27,6 +27,24 @@ module.exports = {
 		}
 
 		return null;
+	},
+
+	convertIntFieldsToBool: function (obj, fields) {
+		fields.forEach(function (field) {
+			if (typeof obj[field] !== 'undefined') {
+				obj[field] = obj[field] === 1;
+			}
+		});
+		return obj;
+	},
+
+	convertBoolFieldsToInt: function (obj, fields) {
+		fields.forEach(function (field) {
+			if (typeof obj[field] !== 'undefined') {
+				obj[field] = obj[field] ? 1 : 0;
+			}
+		});
+		return obj;
 	}
 
 };

backend/lib/validator/api.js

@@ -1,11 +1,12 @@
+const Ajv   = require('ajv/dist/2020');
 const error = require('../error');
 
-const ajv = require('ajv')({
+const ajv = new Ajv({
 	verbose:         true,
-	validateSchema: true,
-	allErrors:      false,
-	format:         'full',
-	coerceTypes:    true
+	allErrors:       true,
+	allowUnionTypes: true,
+	strict:          false,
+	coerceTypes:     true,
 });
 
 /**
@@ -25,8 +26,8 @@ function apiValidator (schema, payload/*, description*/) {
 			return;
 		}
 
-		let validate = ajv.compile(schema);
-		let valid    = validate(payload);
+		const validate = ajv.compile(schema);
+		const valid    = validate(payload);
 
 		if (valid && !validate.errors) {
 			resolve(payload);

backend/lib/validator/index.js

@@ -1,14 +1,16 @@
 const _                 = require('lodash');
+const Ajv               = require('ajv/dist/2020');
 const error             = require('../error');
 const commonDefinitions = require('../../schema/common.json');
 
 RegExp.prototype.toJSON = RegExp.prototype.toString;
 
-const ajv = require('ajv')({
+const ajv = new Ajv({
 	verbose:         true,
 	allErrors:       true,
-	format:      'full',  // strict regexes for format checks
+	allowUnionTypes: true,
 	coerceTypes:     true,
+	strict:          false,
 	schemas:         [commonDefinitions]
 });
 
@@ -38,7 +40,6 @@ function validator (schema, payload) {
 			}
 		}
 	});
-
 }
 
 module.exports = validator;

backend/models/access_list.js

@@ -2,6 +2,7 @@
 // http://vincit.github.io/objection.js/
 
 const db               = require('../db');
+const helpers          = require('../lib/helpers');
 const Model            = require('objection').Model;
 const User             = require('./user');
 const AccessListAuth   = require('./access_list_auth');
@@ -10,6 +11,12 @@ const now              = require('./now_helper');
 
 Model.knex(db);
 
+const boolFields = [
+	'is_deleted',
+	'satisfy_any',
+	'pass_auth',
+];
+
 class AccessList extends Model {
 	$beforeInsert () {
 		this.created_on  = now();
@@ -25,6 +32,16 @@ class AccessList extends Model {
 		this.modified_on = now();
 	}
 
+	$parseDatabaseJson(json) {
+		json = super.$parseDatabaseJson(json);
+		return helpers.convertIntFieldsToBool(json, boolFields);
+	}
+
+	$formatDatabaseJson(json) {
+		json = helpers.convertBoolFieldsToInt(json, boolFields);
+		return super.$formatDatabaseJson(json);
+	}
+
 	static get name () {
 		return 'AccessList';
 	}

backend/models/auth.js

@@ -3,12 +3,17 @@
 
 const bcrypt  = require('bcrypt');
 const db      = require('../db');
+const helpers = require('../lib/helpers');
 const Model   = require('objection').Model;
 const User    = require('./user');
 const now     = require('./now_helper');
 
 Model.knex(db);
 
+const boolFields = [
+	'is_deleted',
+];
+
 function encryptPassword () {
 	/* jshint -W040 */
 	let _this = this;
@@ -41,6 +46,16 @@ class Auth extends Model {
 		return encryptPassword.apply(this, queryContext);
 	}
 
+	$parseDatabaseJson(json) {
+		json = super.$parseDatabaseJson(json);
+		return helpers.convertIntFieldsToBool(json, boolFields);
+	}
+
+	$formatDatabaseJson(json) {
+		json = helpers.convertBoolFieldsToInt(json, boolFields);
+		return super.$formatDatabaseJson(json);
+	}
+
 	/**
 	 * Verify a plain password against the encrypted password
 	 *

backend/models/certificate.js

@@ -2,12 +2,17 @@
 // http://vincit.github.io/objection.js/
 
 const db      = require('../db');
+const helpers = require('../lib/helpers');
 const Model   = require('objection').Model;
 const User    = require('./user');
 const now     = require('./now_helper');
 
 Model.knex(db);
 
+const boolFields = [
+	'is_deleted',
+];
+
 class Certificate extends Model {
 	$beforeInsert () {
 		this.created_on  = now();
@@ -40,6 +45,16 @@ class Certificate extends Model {
 		}
 	}
 
+	$parseDatabaseJson(json) {
+		json = super.$parseDatabaseJson(json);
+		return helpers.convertIntFieldsToBool(json, boolFields);
+	}
+
+	$formatDatabaseJson(json) {
+		json = helpers.convertBoolFieldsToInt(json, boolFields);
+		return super.$formatDatabaseJson(json);
+	}
+
 	static get name () {
 		return 'Certificate';
 	}

backend/models/dead_host.js

@@ -2,6 +2,7 @@
 // http://vincit.github.io/objection.js/
 
 const db          = require('../db');
+const helpers     = require('../lib/helpers');
 const Model       = require('objection').Model;
 const User        = require('./user');
 const Certificate = require('./certificate');
@@ -9,6 +10,11 @@ const now         = require('./now_helper');
 
 Model.knex(db);
 
+const boolFields = [
+	'is_deleted',
+	'enabled',
+];
+
 class DeadHost extends Model {
 	$beforeInsert () {
 		this.created_on  = now();
@@ -36,6 +42,16 @@ class DeadHost extends Model {
 		}
 	}
 
+	$parseDatabaseJson(json) {
+		json = super.$parseDatabaseJson(json);
+		return helpers.convertIntFieldsToBool(json, boolFields);
+	}
+
+	$formatDatabaseJson(json) {
+		json = helpers.convertBoolFieldsToInt(json, boolFields);
+		return super.$formatDatabaseJson(json);
+	}
+
 	static get name () {
 		return 'DeadHost';
 	}

backend/models/proxy_host.js

@@ -2,6 +2,7 @@
 // http://vincit.github.io/objection.js/
 
 const db          = require('../db');
+const helpers     = require('../lib/helpers');
 const Model       = require('objection').Model;
 const User        = require('./user');
 const AccessList  = require('./access_list');
@@ -10,6 +11,18 @@ const now         = require('./now_helper');
 
 Model.knex(db);
 
+const boolFields = [
+	'is_deleted',
+	'ssl_forced',
+	'caching_enabled',
+	'block_exploits',
+	'allow_websocket_upgrade',
+	'http2_support',
+	'enabled',
+	'hsts_enabled',
+	'hsts_subdomains',
+];
+
 class ProxyHost extends Model {
 	$beforeInsert () {
 		this.created_on  = now();
@@ -37,6 +50,16 @@ class ProxyHost extends Model {
 		}
 	}
 
+	$parseDatabaseJson(json) {
+		json = super.$parseDatabaseJson(json);
+		return helpers.convertIntFieldsToBool(json, boolFields);
+	}
+
+	$formatDatabaseJson(json) {
+		json = helpers.convertBoolFieldsToInt(json, boolFields);
+		return super.$formatDatabaseJson(json);
+	}
+
 	static get name () {
 		return 'ProxyHost';
 	}

backend/models/redirection_host.js

@@ -3,6 +3,7 @@
 // http://vincit.github.io/objection.js/
 
 const db          = require('../db');
+const helpers     = require('../lib/helpers');
 const Model       = require('objection').Model;
 const User        = require('./user');
 const Certificate = require('./certificate');
@@ -10,6 +11,14 @@ const now         = require('./now_helper');
 
 Model.knex(db);
 
+const boolFields = [
+	'is_deleted',
+	'enabled',
+	'preserve_path',
+	'ssl_forced',
+	'block_exploits',
+];
+
 class RedirectionHost extends Model {
 	$beforeInsert () {
 		this.created_on  = now();
@@ -37,6 +46,16 @@ class RedirectionHost extends Model {
 		}
 	}
 
+	$parseDatabaseJson(json) {
+		json = super.$parseDatabaseJson(json);
+		return helpers.convertIntFieldsToBool(json, boolFields);
+	}
+
+	$formatDatabaseJson(json) {
+		json = helpers.convertBoolFieldsToInt(json, boolFields);
+		return super.$formatDatabaseJson(json);
+	}
+
 	static get name () {
 		return 'RedirectionHost';
 	}

backend/models/stream.js

@@ -2,12 +2,19 @@
 // http://vincit.github.io/objection.js/
 
 const db      = require('../db');
+const helpers = require('../lib/helpers');
 const Model   = require('objection').Model;
 const User    = require('./user');
 const now     = require('./now_helper');
 
 Model.knex(db);
 
+const boolFields = [
+	'is_deleted',
+	'tcp_forwarding',
+	'udp_forwarding',
+];
+
 class Stream extends Model {
 	$beforeInsert () {
 		this.created_on  = now();
@@ -23,6 +30,16 @@ class Stream extends Model {
 		this.modified_on = now();
 	}
 
+	$parseDatabaseJson(json) {
+		json = super.$parseDatabaseJson(json);
+		return helpers.convertIntFieldsToBool(json, boolFields);
+	}
+
+	$formatDatabaseJson(json) {
+		json = helpers.convertBoolFieldsToInt(json, boolFields);
+		return super.$formatDatabaseJson(json);
+	}
+
 	static get name () {
 		return 'Stream';
 	}

backend/models/user.js

@@ -2,12 +2,18 @@
 // http://vincit.github.io/objection.js/
 
 const db             = require('../db');
+const helpers        = require('../lib/helpers');
 const Model          = require('objection').Model;
 const UserPermission = require('./user_permission');
 const now            = require('./now_helper');
 
 Model.knex(db);
 
+const boolFields = [
+	'is_deleted',
+	'is_disabled',
+];
+
 class User extends Model {
 	$beforeInsert () {
 		this.created_on  = now();
@@ -23,6 +29,16 @@ class User extends Model {
 		this.modified_on = now();
 	}
 
+	$parseDatabaseJson(json) {
+		json = super.$parseDatabaseJson(json);
+		return helpers.convertIntFieldsToBool(json, boolFields);
+	}
+
+	$formatDatabaseJson(json) {
+		json = helpers.convertBoolFieldsToInt(json, boolFields);
+		return super.$formatDatabaseJson(json);
+	}
+
 	static get name () {
 		return 'User';
 	}

backend/package.json

@@ -2,25 +2,24 @@
 	"name": "nginx-proxy-manager",
 	"version": "0.0.0",
 	"description": "A beautiful interface for creating Nginx endpoints",
-	"main": "js/index.js",
+	"main": "index.js",
 	"dependencies": {
 		"@apidevtools/json-schema-ref-parser": "^11.7.0",
-		"ajv": "^6.12.0",
+		"ajv": "^8.17.1",
 		"archiver": "^5.3.0",
 		"batchflow": "^0.4.0",
 		"bcrypt": "^5.0.0",
-		"body-parser": "^1.19.0",
+		"body-parser": "^1.20.3",
 		"compression": "^1.7.4",
-		"express": "^4.19.2",
+		"express": "^4.20.0",
 		"express-fileupload": "^1.1.9",
 		"gravatar": "^1.8.0",
-		"json-schema-ref-parser": "^8.0.0",
 		"jsonwebtoken": "^9.0.0",
 		"knex": "2.4.2",
 		"liquidjs": "10.6.1",
 		"lodash": "^4.17.21",
 		"moment": "^2.29.4",
-		"mysql": "^2.18.1",
+		"mysql2": "^3.11.1",
 		"node-rsa": "^1.0.8",
 		"objection": "3.0.1",
 		"path": "^0.12.7",
@@ -35,9 +34,14 @@
 	"author": "Jamie Curnow <jc@jc21.com>",
 	"license": "MIT",
 	"devDependencies": {
+		"@apidevtools/swagger-parser": "^10.1.0",
+		"chalk": "4.1.2",
 		"eslint": "^8.36.0",
 		"eslint-plugin-align-assignments": "^1.1.2",
 		"nodemon": "^2.0.2",
 		"prettier": "^2.0.4"
+	},
+	"scripts": {
+		"validate-schema": "node validate-schema.js"
 	}
 }

backend/routes/audit-log.js

@@ -29,10 +29,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				},
 				query: {
-					$ref: 'common#/definitions/query'
+					$ref: 'common#/properties/query'
 				}
 			}
 		}, {

backend/routes/nginx/access_lists.js

@@ -31,10 +31,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				},
 				query: {
-					$ref: 'common#/definitions/query'
+					$ref: 'common#/properties/query'
 				}
 			}
 		}, {
@@ -91,10 +91,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				list_id: {
-					$ref: 'common#/definitions/id'
+					$ref: 'common#/properties/id'
 				},
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				}
 			}
 		}, {

backend/routes/nginx/certificates.js

@@ -32,10 +32,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				},
 				query: {
-					$ref: 'common#/definitions/query'
+					$ref: 'common#/properties/query'
 				}
 			}
 		}, {
@@ -124,10 +124,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				certificate_id: {
-					$ref: 'common#/definitions/id'
+					$ref: 'common#/properties/id'
 				},
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				}
 			}
 		}, {

backend/routes/nginx/dead_hosts.js

@@ -31,10 +31,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				},
 				query: {
-					$ref: 'common#/definitions/query'
+					$ref: 'common#/properties/query'
 				}
 			}
 		}, {
@@ -91,10 +91,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				host_id: {
-					$ref: 'common#/definitions/id'
+					$ref: 'common#/properties/id'
 				},
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				}
 			}
 		}, {

backend/routes/nginx/proxy_hosts.js

@@ -31,10 +31,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				},
 				query: {
-					$ref: 'common#/definitions/query'
+					$ref: 'common#/properties/query'
 				}
 			}
 		}, {
@@ -91,10 +91,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				host_id: {
-					$ref: 'common#/definitions/id'
+					$ref: 'common#/properties/id'
 				},
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				}
 			}
 		}, {

backend/routes/nginx/redirection_hosts.js

@@ -31,10 +31,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				},
 				query: {
-					$ref: 'common#/definitions/query'
+					$ref: 'common#/properties/query'
 				}
 			}
 		}, {
@@ -91,10 +91,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				host_id: {
-					$ref: 'common#/definitions/id'
+					$ref: 'common#/properties/id'
 				},
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				}
 			}
 		}, {

backend/routes/nginx/streams.js

@@ -31,10 +31,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				},
 				query: {
-					$ref: 'common#/definitions/query'
+					$ref: 'common#/properties/query'
 				}
 			}
 		}, {
@@ -91,10 +91,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				stream_id: {
-					$ref: 'common#/definitions/id'
+					$ref: 'common#/properties/id'
 				},
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				}
 			}
 		}, {

backend/routes/users.js

@@ -32,10 +32,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				},
 				query: {
-					$ref: 'common#/definitions/query'
+					$ref: 'common#/properties/query'
 				}
 			}
 		}, {
@@ -97,10 +97,10 @@ router
 			additionalProperties: false,
 			properties:           {
 				user_id: {
-					$ref: 'common#/definitions/id'
+					$ref: 'common#/properties/id'
 				},
 				expand: {
-					$ref: 'common#/definitions/expand'
+					$ref: 'common#/properties/expand'
 				}
 			}
 		}, {

backend/schema/common.json

@@ -1,10 +1,10 @@
 {
-	"$schema": "http://json-schema.org/draft-07/schema#",
+	"$schema": "https://json-schema.org/draft/2020-12/schema",
 	"$id": "common",
-	"definitions": {
+	"type": "object",
+	"properties": {
 		"id": {
 			"description": "Unique identifier",
-			"example": 123456,
 			"readOnly": true,
 			"type": "integer",
 			"minimum": 1
@@ -37,25 +37,21 @@
 		},
 		"created_on": {
 			"description": "Date and time of creation",
-			"format": "date-time",
 			"readOnly": true,
 			"type": "string"
 		},
 		"modified_on": {
 			"description": "Date and time of last update",
-			"format": "date-time",
 			"readOnly": true,
 			"type": "string"
 		},
 		"user_id": {
 			"description": "User ID",
-			"example": 1234,
 			"type": "integer",
 			"minimum": 1
 		},
 		"certificate_id": {
 			"description": "Certificate ID",
-			"example": 1234,
 			"anyOf": [
 				{
 					"type": "integer",
@@ -69,40 +65,34 @@
 		},
 		"access_list_id": {
 			"description": "Access List ID",
-			"example": 1234,
 			"type": "integer",
 			"minimum": 0
 		},
 		"domain_names": {
 			"description": "Domain Names separated by a comma",
-			"example": "*.jc21.com,blog.jc21.com",
 			"type": "array",
 			"minItems": 1,
 			"maxItems": 100,
 			"uniqueItems": true,
 			"items": {
 				"type": "string",
-				"pattern": "^(?:\\*\\.)?(?:[^.*]+\\.?)+[^.]$"
+				"pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$"
 			}
 		},
 		"enabled": {
 			"description": "Is Enabled",
-			"example": true,
 			"type": "boolean"
 		},
 		"ssl_forced": {
 			"description": "Is SSL Forced",
-			"example": false,
 			"type": "boolean"
 		},
 		"hsts_enabled": {
 			"description": "Is HSTS Enabled",
-			"example": false,
 			"type": "boolean"
 		},
 		"hsts_subdomains": {
 			"description": "Is HSTS applicable to all subdomains",
-			"example": false,
 			"type": "boolean"
 		},
 		"ssl_provider": {
@@ -111,17 +101,14 @@
 		},
 		"http2_support": {
 			"description": "HTTP2 Protocol Support",
-			"example": false,
 			"type": "boolean"
 		},
 		"block_exploits": {
 			"description": "Should we block common exploits",
-			"example": true,
 			"type": "boolean"
 		},
 		"caching_enabled": {
 			"description": "Should we cache assets",
-			"example": true,
 			"type": "boolean"
 		}
 	}

backend/schema/components/access-list-object.json

@@ -5,16 +5,16 @@
 	"additionalProperties": false,
 	"properties": {
 		"id": {
-			"$ref": "../common.json#/definitions/id"
+			"$ref": "../common.json#/properties/id"
 		},
 		"created_on": {
-			"$ref": "../common.json#/definitions/created_on"
+			"$ref": "../common.json#/properties/created_on"
 		},
 		"modified_on": {
-			"$ref": "../common.json#/definitions/modified_on"
+			"$ref": "../common.json#/properties/modified_on"
 		},
 		"owner_user_id": {
-			"$ref": "../common.json#/definitions/user_id"
+			"$ref": "../common.json#/properties/user_id"
 		},
 		"name": {
 			"type": "string",

backend/schema/components/audit-log-object.json

@@ -5,22 +5,22 @@
 	"additionalProperties": false,
 	"properties": {
 		"id": {
-			"$ref": "../common.json#/definitions/id"
+			"$ref": "../common.json#/properties/id"
 		},
 		"created_on": {
-			"$ref": "../common.json#/definitions/created_on"
+			"$ref": "../common.json#/properties/created_on"
 		},
 		"modified_on": {
-			"$ref": "../common.json#/definitions/modified_on"
+			"$ref": "../common.json#/properties/modified_on"
 		},
 		"user_id": {
-			"$ref": "../common.json#/definitions/user_id"
+			"$ref": "../common.json#/properties/user_id"
 		},
 		"object_type": {
 			"type": "string"
 		},
 		"object_id": {
-			"$ref": "../common.json#/definitions/id"
+			"$ref": "../common.json#/properties/id"
 		},
 		"action": {
 			"type": "string"

backend/schema/components/certificate-object.json

@@ -5,43 +5,53 @@
 	"additionalProperties": false,
 	"properties": {
 		"id": {
-			"$ref": "../common.json#/definitions/id"
+			"$ref": "../common.json#/properties/id"
 		},
 		"created_on": {
-			"$ref": "../common.json#/definitions/created_on"
+			"$ref": "../common.json#/properties/created_on"
 		},
 		"modified_on": {
-			"$ref": "../common.json#/definitions/modified_on"
+			"$ref": "../common.json#/properties/modified_on"
 		},
 		"owner_user_id": {
-			"$ref": "../common.json#/definitions/user_id"
+			"$ref": "../common.json#/properties/user_id"
 		},
 		"provider": {
-			"$ref": "../common.json#/definitions/ssl_provider"
+			"$ref": "../common.json#/properties/ssl_provider"
 		},
 		"nice_name": {
 			"type": "string",
 			"description": "Nice Name for the custom certificate"
 		},
 		"domain_names": {
-			"$ref": "../common.json#/definitions/domain_names"
+			"description": "Domain Names separated by a comma",
+			"type": "array",
+			"maxItems": 100,
+			"uniqueItems": true,
+			"items": {
+				"type": "string",
+				"pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$"
+			}
 		},
 		"expires_on": {
 			"description": "Date and time of expiration",
-			"format": "date-time",
 			"readOnly": true,
 			"type": "string"
 		},
+		"owner": {
+			"$ref": "./user-object.json"
+		},
 		"meta": {
 			"type": "object",
 			"additionalProperties": false,
 			"properties": {
-				"letsencrypt_email": {
+				"certificate": {
 					"type": "string",
-					"format": "email"
+					"minLength": 1
 				},
-				"letsencrypt_agree": {
-					"type": "boolean"
+				"certificate_key": {
+					"type": "string",
+					"minLength": 1
 				},
 				"dns_challenge": {
 					"type": "boolean"
@@ -52,14 +62,19 @@
 				"dns_provider_credentials": {
 					"type": "string"
 				},
+				"letsencrypt_agree": {
+					"type": "boolean"
+				},
+				"letsencrypt_certificate": {
+					"type": "object"
+				},
+				"letsencrypt_email": {
+					"type": "string"
+				},
 				"propagation_seconds": {
-					"anyOf": [
-						{
 					"type": "integer",
 					"minimum": 0
 				}
-					]
-				}
 			}
 		}
 	}

backend/schema/components/dead-host-object.json

@@ -5,40 +5,40 @@
 	"additionalProperties": false,
 	"properties": {
 		"id": {
-			"$ref": "../common.json#/definitions/id"
+			"$ref": "../common.json#/properties/id"
 		},
 		"created_on": {
-			"$ref": "../common.json#/definitions/created_on"
+			"$ref": "../common.json#/properties/created_on"
 		},
 		"modified_on": {
-			"$ref": "../common.json#/definitions/modified_on"
+			"$ref": "../common.json#/properties/modified_on"
 		},
 		"owner_user_id": {
-			"$ref": "../common.json#/definitions/user_id"
+			"$ref": "../common.json#/properties/user_id"
 		},
 		"domain_names": {
-			"$ref": "../common.json#/definitions/domain_names"
+			"$ref": "../common.json#/properties/domain_names"
 		},
 		"certificate_id": {
-			"$ref": "../common.json#/definitions/certificate_id"
+			"$ref": "../common.json#/properties/certificate_id"
 		},
 		"ssl_forced": {
-			"$ref": "../common.json#/definitions/ssl_forced"
+			"$ref": "../common.json#/properties/ssl_forced"
 		},
 		"hsts_enabled": {
-			"$ref": "../common.json#/definitions/hsts_enabled"
+			"$ref": "../common.json#/properties/hsts_enabled"
 		},
 		"hsts_subdomains": {
-			"$ref": "../common.json#/definitions/hsts_subdomains"
+			"$ref": "../common.json#/properties/hsts_subdomains"
 		},
 		"http2_support": {
-			"$ref": "../common.json#/definitions/http2_support"
+			"$ref": "../common.json#/properties/http2_support"
 		},
 		"advanced_config": {
 			"type": "string"
 		},
 		"enabled": {
-			"$ref": "../common.json#/definitions/enabled"
+			"$ref": "../common.json#/properties/enabled"
 		},
 		"meta": {
 			"type": "object"

backend/schema/components/error.json

@@ -0,0 +1,9 @@
+{
+	"type": "object",
+	"description": "Error",
+	"properties": {
+		"error": {
+			"$ref": "./error-object.json"
+		}
+	}
+}

backend/schema/components/proxy-host-object.json

@@ -23,26 +23,24 @@
 		"locations",
 		"hsts_enabled",
 		"hsts_subdomains",
-		"certificate",
-		"use_default_location",
-		"ipv6"
+		"certificate"
 	],
 	"additionalProperties": false,
 	"properties": {
 		"id": {
-			"$ref": "../common.json#/definitions/id"
+			"$ref": "../common.json#/properties/id"
 		},
 		"created_on": {
-			"$ref": "../common.json#/definitions/created_on"
+			"$ref": "../common.json#/properties/created_on"
 		},
 		"modified_on": {
-			"$ref": "../common.json#/definitions/modified_on"
+			"$ref": "../common.json#/properties/modified_on"
 		},
 		"owner_user_id": {
-			"$ref": "../common.json#/definitions/user_id"
+			"$ref": "../common.json#/properties/user_id"
 		},
 		"domain_names": {
-			"$ref": "../common.json#/definitions/domain_names"
+			"$ref": "../common.json#/properties/domain_names"
 		},
 		"forward_host": {
 			"type": "string",
@@ -55,19 +53,19 @@
 			"maximum": 65535
 		},
 		"access_list_id": {
-			"$ref": "../common.json#/definitions/access_list_id"
+			"$ref": "../common.json#/properties/access_list_id"
 		},
 		"certificate_id": {
-			"$ref": "../common.json#/definitions/certificate_id"
+			"$ref": "../common.json#/properties/certificate_id"
 		},
 		"ssl_forced": {
-			"$ref": "../common.json#/definitions/ssl_forced"
+			"$ref": "../common.json#/properties/ssl_forced"
 		},
 		"caching_enabled": {
-			"$ref": "../common.json#/definitions/caching_enabled"
+			"$ref": "../common.json#/properties/caching_enabled"
 		},
 		"block_exploits": {
-			"$ref": "../common.json#/definitions/block_exploits"
+			"$ref": "../common.json#/properties/block_exploits"
 		},
 		"advanced_config": {
 			"type": "string"
@@ -81,14 +79,14 @@
 			"type": "boolean"
 		},
 		"http2_support": {
-			"$ref": "../common.json#/definitions/http2_support"
+			"$ref": "../common.json#/properties/http2_support"
 		},
 		"forward_scheme": {
 			"type": "string",
 			"enum": ["http", "https"]
 		},
 		"enabled": {
-			"$ref": "../common.json#/definitions/enabled"
+			"$ref": "../common.json#/properties/enabled"
 		},
 		"locations": {
 			"type": "array",
@@ -124,25 +122,33 @@
 			}
 		},
 		"hsts_enabled": {
-			"$ref": "../common.json#/definitions/hsts_enabled"
+			"$ref": "../common.json#/properties/hsts_enabled"
 		},
 		"hsts_subdomains": {
-			"$ref": "../common.json#/definitions/hsts_subdomains"
+			"$ref": "../common.json#/properties/hsts_subdomains"
 		},
 		"certificate": {
+			"oneOf": [
+				{
+					"type": "null"
+				},
+				{
 					"$ref": "./certificate-object.json"
+				}
+			]
 		},
 		"owner": {
 			"$ref": "./user-object.json"
 		},
 		"access_list": {
+			"oneOf": [
+				{
+					"type": "null"
+				},
+				{
 					"$ref": "./access-list-object.json"
-		},
-		"use_default_location": {
-			"type": "boolean"
-		},
-		"ipv6": {
-			"type": "boolean"
+				}
+			]
 		}
 	}
 }

backend/schema/components/redirection-host-object.json

@@ -5,19 +5,19 @@
 	"additionalProperties": false,
 	"properties": {
 		"id": {
-			"$ref": "../common.json#/definitions/id"
+			"$ref": "../common.json#/properties/id"
 		},
 		"created_on": {
-			"$ref": "../common.json#/definitions/created_on"
+			"$ref": "../common.json#/properties/created_on"
 		},
 		"modified_on": {
-			"$ref": "../common.json#/definitions/modified_on"
+			"$ref": "../common.json#/properties/modified_on"
 		},
 		"owner_user_id": {
-			"$ref": "../common.json#/definitions/user_id"
+			"$ref": "../common.json#/properties/user_id"
 		},
 		"domain_names": {
-			"$ref": "../common.json#/definitions/domain_names"
+			"$ref": "../common.json#/properties/domain_names"
 		},
 		"forward_http_code": {
 			"description": "Redirect HTTP Status Code",
@@ -28,7 +28,7 @@
 		},
 		"forward_scheme": {
 			"type": "string",
-			"enum": ["http", "https"]
+			"enum": ["auto", "http", "https"]
 		},
 		"forward_domain_name": {
 			"description": "Domain Name",
@@ -42,28 +42,28 @@
 			"type": "boolean"
 		},
 		"certificate_id": {
-			"$ref": "../common.json#/definitions/certificate_id"
+			"$ref": "../common.json#/properties/certificate_id"
 		},
 		"ssl_forced": {
-			"$ref": "../common.json#/definitions/ssl_forced"
+			"$ref": "../common.json#/properties/ssl_forced"
 		},
 		"hsts_enabled": {
-			"$ref": "../common.json#/definitions/hsts_enabled"
+			"$ref": "../common.json#/properties/hsts_enabled"
 		},
 		"hsts_subdomains": {
-			"$ref": "../common.json#/definitions/hsts_subdomains"
+			"$ref": "../common.json#/properties/hsts_subdomains"
 		},
 		"http2_support": {
-			"$ref": "../common.json#/definitions/http2_support"
+			"$ref": "../common.json#/properties/http2_support"
 		},
 		"block_exploits": {
-			"$ref": "../common.json#/definitions/block_exploits"
+			"$ref": "../common.json#/properties/block_exploits"
 		},
 		"advanced_config": {
 			"type": "string"
 		},
 		"enabled": {
-			"$ref": "../common.json#/definitions/enabled"
+			"$ref": "../common.json#/properties/enabled"
 		},
 		"meta": {
 			"type": "object"

backend/schema/components/setting-object.json

@@ -25,7 +25,7 @@
 		"value": {
 			"description": "Value in almost any form",
 			"example": "congratulations",
-			"oneOf": [
+			"anyOf": [
 				{
 					"type": "string",
 					"minLength": 1
@@ -46,7 +46,10 @@
 		},
 		"meta": {
 			"description": "Extra metadata",
-			"example": {},
+			"example": {
+				"redirect": "http://example.com",
+				"html": "<h1>404</h1>"
+			},
 			"type": "object"
 		}
 	}

backend/schema/components/stream-object.json

@@ -5,16 +5,16 @@
 	"additionalProperties": false,
 	"properties": {
 		"id": {
-			"$ref": "../common.json#/definitions/id"
+			"$ref": "../common.json#/properties/id"
 		},
 		"created_on": {
-			"$ref": "../common.json#/definitions/created_on"
+			"$ref": "../common.json#/properties/created_on"
 		},
 		"modified_on": {
-			"$ref": "../common.json#/definitions/modified_on"
+			"$ref": "../common.json#/properties/modified_on"
 		},
 		"owner_user_id": {
-			"$ref": "../common.json#/definitions/user_id"
+			"$ref": "../common.json#/properties/user_id"
 		},
 		"incoming_port": {
 			"type": "integer",
@@ -51,7 +51,7 @@
 			"type": "boolean"
 		},
 		"enabled": {
-			"$ref": "../common.json#/definitions/enabled"
+			"$ref": "../common.json#/properties/enabled"
 		},
 		"meta": {
 			"type": "object"

backend/schema/components/user-object.json

@@ -21,11 +21,9 @@
 			"example": "2020-01-30T09:41:04.000Z"
 		},
 		"is_disabled": {
-			"type": "integer",
-			"minimum": 0,
-			"maximum": 1,
-			"description": "Is user Disabled (0 = false, 1 = true)",
-			"example": 0
+			"type": "boolean",
+			"description": "Is user Disabled",
+			"example": true
 		},
 		"email": {
 			"type": "string",

backend/schema/paths/nginx/access-lists/get.json

@@ -33,8 +33,8 @@
 									"owner_user_id": 1,
 									"name": "test1234",
 									"meta": {},
-									"satisfy_any": 1,
-									"pass_auth": 0,
+									"satisfy_any": true,
+									"pass_auth": false,
 									"proxy_host_count": 0
 								}
 							]

backend/schema/paths/nginx/access-lists/listID/get.json

@@ -30,7 +30,7 @@
 								"id": 1,
 								"created_on": "2020-01-30T09:36:08.000Z",
 								"modified_on": "2020-01-30T09:41:04.000Z",
-								"is_disabled": 0,
+								"is_disabled": false,
 								"email": "jc@jc21.com",
 								"name": "Jamie Curnow",
 								"nickname": "James",

backend/schema/paths/nginx/access-lists/listID/put.json

@@ -102,15 +102,15 @@
 								"owner_user_id": 1,
 								"name": "test123!!",
 								"meta": {},
-								"satisfy_any": 1,
-								"pass_auth": 0,
+								"satisfy_any": true,
+								"pass_auth": false,
 								"proxy_host_count": 0,
 								"owner": {
 									"id": 1,
 									"created_on": "2024-10-07T22:43:55.000Z",
 									"modified_on": "2024-10-08T12:52:54.000Z",
-									"is_deleted": 0,
-									"is_disabled": 0,
+									"is_deleted": false,
+									"is_disabled": false,
 									"email": "admin@example.com",
 									"name": "Administrator",
 									"nickname": "some guy",

backend/schema/paths/nginx/access-lists/post.json

@@ -93,15 +93,15 @@
 								"owner_user_id": 1,
 								"name": "test1234",
 								"meta": {},
-								"satisfy_any": 1,
-								"pass_auth": 0,
+								"satisfy_any": true,
+								"pass_auth": false,
 								"proxy_host_count": 0,
 								"owner": {
 									"id": 1,
 									"created_on": "2024-10-07T22:43:55.000Z",
 									"modified_on": "2024-10-08T12:52:54.000Z",
-									"is_deleted": 0,
-									"is_disabled": 0,
+									"is_deleted": false,
+									"is_disabled": false,
 									"email": "admin@example.com",
 									"name": "Administrator",
 									"nickname": "some guy",

backend/schema/paths/nginx/certificates/certID/renew/post.json

@@ -32,7 +32,7 @@
 								"id": 4,
 								"created_on": "2024-10-09T05:31:58.000Z",
 								"owner_user_id": 1,
-								"is_deleted": 0,
+								"is_deleted": false,
 								"provider": "letsencrypt",
 								"nice_name": "My Test Cert",
 								"domain_names": ["test.jc21.supernerd.pro"],

backend/schema/paths/nginx/certificates/certID/upload/post.json

@@ -55,6 +55,25 @@
 								"certificate_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC1n9j9C5Bes1nd\nqACDckERauxXVNKCnUlUM1buGBx1xc+j2e2Ar23wUJJuWBY18VfT8yqfqVDktO2w\nrbmvZvLuPmXePOKbIKS+XXh+2NG9L5bDG9rwGFCRXnbQj+GWCdMfzx14+CR1IHge\nYz6Cv/Si2/LJPCh/CoBfM4hUQJON3lxAWrWBpdbZnKYMrxuPBRfW9OuzTbCVXToQ\noxRAHiOR9081Xn1WeoKr7kVBIa5UphlvWXa12w1YmUwJu7YndnJGIavLWeNCVc7Z\nEo+nS8Wr/4QWicatIWZXpVaEOPhRoeplQDxNWg5b/Q26rYoVd7PrCmRs7sVcH79X\nzGONeH1PAgMBAAECggEAANb3Wtwl07pCjRrMvc7WbC0xYIn82yu8/g2qtjkYUJcU\nia5lQbYN7RGCS85Oc/tkq48xQEG5JQWNH8b918jDEMTrFab0aUEyYcru1q9L8PL6\nYHaNgZSrMrDcHcS8h0QOXNRJT5jeGkiHJaTR0irvB526tqF3knbK9yW22KTfycUe\na0Z9voKn5xRk1DCbHi/nk2EpT7xnjeQeLFaTIRXbS68omkr4YGhwWm5OizoyEGZu\nW0Zum5BkQyMr6kor3wdxOTG97ske2rcyvvHi+ErnwL0xBv0qY0Dhe8DpuXpDezqw\no72yY8h31Fu84i7sAj24YuE5Df8DozItFXQpkgbQ6QKBgQDPrufhvIFm2S/MzBdW\nH8JxY7CJlJPyxOvc1NIl9RczQGAQR90kx52cgIcuIGEG6/wJ/xnGfMmW40F0DnQ+\nN+oLgB9SFxeLkRb7s9Z/8N3uIN8JJFYcerEOiRQeN2BXEEWJ7bUThNtsVrAcKoUh\nELsDmnHW/3V+GKwhd0vpk842+wKBgQDf4PGLG9PTE5tlAoyHFodJRd2RhTJQkwsU\nMDNjLJ+KecLv+Nl+QiJhoflG1ccqtSFlBSCG067CDQ5LV0xm3mLJ7pfJoMgjcq31\nqjEmX4Ls91GuVOPtbwst3yFKjsHaSoKB5fBvWRcKFpBUezM7Qcw2JP3+dQT+bQIq\ncMTkRWDSvQKBgQDOdCQFDjxg/lR7NQOZ1PaZe61aBz5P3pxNqa7ClvMaOsuEQ7w9\nvMYcdtRq8TsjA2JImbSI0TIg8gb2FQxPcYwTJKl+FICOeIwtaSg5hTtJZpnxX5LO\nutTaC0DZjNkTk5RdOdWA8tihyUdGqKoxJY2TVmwGe2rUEDjFB++J4inkEwKBgB6V\ng0nmtkxanFrzOzFlMXwgEEHF+Xaqb9QFNa/xs6XeNnREAapO7JV75Cr6H2hFMFe1\nmJjyqCgYUoCWX3iaHtLJRnEkBtNY4kzyQB6m46LtsnnnXO/dwKA2oDyoPfFNRoDq\nYatEd3JIXNU9s2T/+x7WdOBjKhh72dTkbPFmTPDdAoGAU6rlPBevqOFdObYxdPq8\nEQWu44xqky3Mf5sBpOwtu6rqCYuziLiN7K4sjN5GD5mb1cEU+oS92ZiNcUQ7MFXk\n8yTYZ7U0VcXyAcpYreWwE8thmb0BohJBr+Mp3wLTx32x0HKdO6vpUa0d35LUTUmM\nRrKmPK/msHKK/sVHiL+NFqo=\n-----END PRIVATE KEY-----\n"
 							}
 						}
+					},
+					"schema": {
+						"type": "object",
+						"additionalProperties": false,
+						"required": ["certificate", "certificate_key"],
+						"properties": {
+							"certificate": {
+								"type": "string",
+								"minLength": 1
+							},
+							"certificate_key": {
+								"type": "string",
+								"minLength": 1
+							},
+							"intermediate_certificate": {
+								"type": "string",
+								"minLength": 1
+							}
+						}
 					}
 				}
 			}

backend/schema/paths/nginx/certificates/post.json

@@ -47,7 +47,7 @@
 								"id": 5,
 								"created_on": "2024-10-09 05:28:35",
 								"owner_user_id": 1,
-								"is_deleted": 0,
+								"is_deleted": false,
 								"provider": "letsencrypt",
 								"nice_name": "test.example.com",
 								"domain_names": ["test.example.com"],
@@ -72,6 +72,26 @@
 					}
 				}
 			}
+		},
+		"400": {
+			"description": "400 response",
+			"content": {
+				"application/json": {
+					"examples": {
+						"default": {
+							"value": {
+								"error": {
+									"code": 400,
+									"message": "Domains are invalid"
+								}
+							}
+						}
+					},
+					"schema": {
+						"$ref": "../../../components/error.json"
+					}
+				}
+			}
 		}
 	}
 }

backend/schema/paths/nginx/certificates/validate/post.json

@@ -50,6 +50,42 @@
 								"certificate_key": true
 							}
 						}
+					},
+					"schema": {
+						"type": "object",
+						"additionalProperties": false,
+						"required": ["certificate", "certificate_key"],
+						"properties": {
+							"certificate": {
+								"type": "object",
+								"additionalProperties": false,
+								"required": ["cn", "issuer", "dates"],
+								"properties": {
+									"cn": {
+										"type": "string"
+									},
+									"issuer": {
+										"type": "string"
+									},
+									"dates": {
+										"type": "object",
+										"additionalProperties": false,
+										"required": ["from", "to"],
+										"properties": {
+											"from": {
+												"type": "integer"
+											},
+											"to": {
+												"type": "integer"
+											}
+										}
+									}
+								}
+							},
+							"certificate_key": {
+								"type": "boolean"
+							}
+						}
 					}
 				}
 			}
@@ -67,6 +103,9 @@
 								}
 							}
 						}
+					},
+					"schema": {
+						"$ref": "../../../../components/error.json"
 					}
 				}
 			}

backend/schema/paths/nginx/dead-hosts/get.json

@@ -33,16 +33,16 @@
 									"owner_user_id": 1,
 									"domain_names": ["test.example.com"],
 									"certificate_id": 0,
-									"ssl_forced": 0,
+									"ssl_forced": false,
 									"advanced_config": "",
 									"meta": {
 										"nginx_online": true,
 										"nginx_err": null
 									},
-									"http2_support": 0,
-									"enabled": 1,
-									"hsts_enabled": 0,
-									"hsts_subdomains": 0
+									"http2_support": false,
+									"enabled": true,
+									"hsts_enabled": false,
+									"hsts_subdomains": false
 								}
 							]
 						}

backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json

@@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}

backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json

@@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}

backend/schema/paths/nginx/dead-hosts/hostID/get.json

@@ -33,16 +33,16 @@
 								"owner_user_id": 1,
 								"domain_names": ["test.example.com"],
 								"certificate_id": 0,
-								"ssl_forced": 0,
+								"ssl_forced": false,
 								"advanced_config": "",
 								"meta": {
 									"nginx_online": true,
 									"nginx_err": null
 								},
-								"http2_support": 0,
-								"enabled": 1,
-								"hsts_enabled": 0,
-								"hsts_subdomains": 0
+								"http2_support": false,
+								"enabled": true,
+								"hsts_enabled": false,
+								"hsts_subdomains": false
 							}
 						}
 					},

backend/schema/paths/nginx/dead-hosts/hostID/put.json

@@ -72,31 +72,29 @@
 								"owner_user_id": 1,
 								"domain_names": ["test.example.com"],
 								"certificate_id": 0,
-								"ssl_forced": 0,
+								"ssl_forced": false,
 								"advanced_config": "",
 								"meta": {
 									"nginx_online": true,
 									"nginx_err": null
 								},
-								"http2_support": 0,
-								"enabled": 1,
-								"hsts_enabled": 0,
-								"hsts_subdomains": 0,
+								"http2_support": false,
+								"enabled": true,
+								"hsts_enabled": false,
+								"hsts_subdomains": false,
 								"owner": {
 									"id": 1,
 									"created_on": "2024-10-09T00:59:56.000Z",
 									"modified_on": "2024-10-09T00:59:56.000Z",
-									"is_deleted": 0,
-									"is_disabled": 0,
+									"is_deleted": false,
+									"is_disabled": false,
 									"email": "admin@example.com",
 									"name": "Administrator",
 									"nickname": "Admin",
 									"avatar": "",
 									"roles": ["admin"]
 								},
-								"certificate": null,
-								"use_default_location": true,
-								"ipv6": true
+								"certificate": null
 							}
 						}
 					},

backend/schema/paths/nginx/dead-hosts/post.json

@@ -60,28 +60,26 @@
 								"owner_user_id": 1,
 								"domain_names": ["test.example.com"],
 								"certificate_id": 0,
-								"ssl_forced": 0,
+								"ssl_forced": false,
 								"advanced_config": "",
 								"meta": {},
-								"http2_support": 0,
-								"enabled": 1,
-								"hsts_enabled": 0,
-								"hsts_subdomains": 0,
+								"http2_support": false,
+								"enabled": true,
+								"hsts_enabled": false,
+								"hsts_subdomains": false,
 								"certificate": null,
 								"owner": {
 									"id": 1,
 									"created_on": "2024-10-09T00:59:56.000Z",
 									"modified_on": "2024-10-09T00:59:56.000Z",
-									"is_deleted": 0,
-									"is_disabled": 0,
+									"is_deleted": false,
+									"is_disabled": false,
 									"email": "admin@example.com",
 									"name": "Administrator",
 									"nickname": "Admin",
 									"avatar": "",
 									"roles": ["admin"]
-								},
-								"use_default_location": true,
-								"ipv6": true
+								}
 							}
 						}
 					},

backend/schema/paths/nginx/proxy-hosts/get.json

@@ -36,21 +36,21 @@
 									"forward_port": 8989,
 									"access_list_id": 0,
 									"certificate_id": 0,
-									"ssl_forced": 0,
-									"caching_enabled": 0,
-									"block_exploits": 0,
+									"ssl_forced": false,
+									"caching_enabled": false,
+									"block_exploits": false,
 									"advanced_config": "",
 									"meta": {
 										"nginx_online": true,
 										"nginx_err": null
 									},
-									"allow_websocket_upgrade": 0,
-									"http2_support": 0,
+									"allow_websocket_upgrade": false,
+									"http2_support": false,
 									"forward_scheme": "http",
-									"enabled": 1,
+									"enabled": true,
 									"locations": null,
-									"hsts_enabled": 0,
-									"hsts_subdomains": 0
+									"hsts_enabled": false,
+									"hsts_subdomains": false
 								}
 							]
 						}

backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json

@@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}

backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json

@@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}

backend/schema/paths/nginx/proxy-hosts/hostID/get.json

@@ -36,21 +36,21 @@
 								"forward_port": 8989,
 								"access_list_id": 0,
 								"certificate_id": 0,
-								"ssl_forced": 0,
-								"caching_enabled": 0,
-								"block_exploits": 0,
+								"ssl_forced": false,
+								"caching_enabled": false,
+								"block_exploits": false,
 								"advanced_config": "",
 								"meta": {
 									"nginx_online": true,
 									"nginx_err": null
 								},
-								"allow_websocket_upgrade": 0,
-								"http2_support": 0,
+								"allow_websocket_upgrade": false,
+								"http2_support": false,
 								"forward_scheme": "http",
-								"enabled": 1,
+								"enabled": true,
 								"locations": null,
-								"hsts_enabled": 0,
-								"hsts_subdomains": 0
+								"hsts_enabled": false,
+								"hsts_subdomains": false
 							}
 						}
 					},

backend/schema/paths/nginx/proxy-hosts/hostID/put.json

@@ -102,26 +102,26 @@
 								"forward_port": 8989,
 								"access_list_id": 0,
 								"certificate_id": 0,
-								"ssl_forced": 0,
-								"caching_enabled": 0,
-								"block_exploits": 0,
+								"ssl_forced": false,
+								"caching_enabled": false,
+								"block_exploits": false,
 								"advanced_config": "",
 								"meta": {
 									"nginx_online": true,
 									"nginx_err": null
 								},
-								"allow_websocket_upgrade": 0,
-								"http2_support": 0,
+								"allow_websocket_upgrade": false,
+								"http2_support": false,
 								"forward_scheme": "http",
-								"enabled": 1,
-								"hsts_enabled": 0,
-								"hsts_subdomains": 0,
+								"enabled": true,
+								"hsts_enabled": false,
+								"hsts_subdomains": false,
 								"owner": {
 									"id": 1,
 									"created_on": "2024-10-07T22:43:55.000Z",
 									"modified_on": "2024-10-08T12:52:54.000Z",
-									"is_deleted": 0,
-									"is_disabled": 0,
+									"is_deleted": false,
+									"is_disabled": false,
 									"email": "admin@example.com",
 									"name": "Administrator",
 									"nickname": "some guy",
@@ -129,9 +129,7 @@
 									"roles": ["admin"]
 								},
 								"certificate": null,
-								"access_list": null,
-								"use_default_location": true,
-								"ipv6": true
+								"access_list": null
 							}
 						}
 					},

backend/schema/paths/nginx/proxy-hosts/post.json

@@ -90,33 +90,31 @@
 								"forward_port": 8989,
 								"access_list_id": 0,
 								"certificate_id": 0,
-								"ssl_forced": 0,
-								"caching_enabled": 0,
-								"block_exploits": 0,
+								"ssl_forced": false,
+								"caching_enabled": false,
+								"block_exploits": false,
 								"advanced_config": "",
 								"meta": {},
-								"allow_websocket_upgrade": 0,
-								"http2_support": 0,
+								"allow_websocket_upgrade": false,
+								"http2_support": false,
 								"forward_scheme": "http",
-								"enabled": 1,
-								"hsts_enabled": 0,
-								"hsts_subdomains": 0,
+								"enabled": true,
+								"hsts_enabled": false,
+								"hsts_subdomains": false,
 								"certificate": null,
 								"owner": {
 									"id": 1,
 									"created_on": "2024-10-07T22:43:55.000Z",
 									"modified_on": "2024-10-08T12:52:54.000Z",
-									"is_deleted": 0,
-									"is_disabled": 0,
+									"is_deleted": false,
+									"is_disabled": false,
 									"email": "admin@example.com",
 									"name": "Administrator",
 									"nickname": "some guy",
 									"avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm",
 									"roles": ["admin"]
 								},
-								"access_list": null,
-								"use_default_location": true,
-								"ipv6": true
+								"access_list": null
 							}
 						}
 					},

backend/schema/paths/nginx/redirection-hosts/get.json

@@ -33,19 +33,19 @@
 									"owner_user_id": 1,
 									"domain_names": ["test.example.com"],
 									"forward_domain_name": "something-else.com",
-									"preserve_path": 0,
+									"preserve_path": false,
 									"certificate_id": 0,
-									"ssl_forced": 0,
-									"block_exploits": 0,
+									"ssl_forced": false,
+									"block_exploits": false,
 									"advanced_config": "",
 									"meta": {
 										"nginx_online": true,
 										"nginx_err": null
 									},
-									"http2_support": 0,
-									"enabled": 1,
-									"hsts_enabled": 0,
-									"hsts_subdomains": 0,
+									"http2_support": false,
+									"enabled": true,
+									"hsts_enabled": false,
+									"hsts_subdomains": false,
 									"forward_scheme": "http",
 									"forward_http_code": 301
 								}

backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json

@@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}

backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json

@@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}

backend/schema/paths/nginx/redirection-hosts/hostID/get.json

@@ -33,19 +33,19 @@
 								"owner_user_id": 1,
 								"domain_names": ["test.example.com"],
 								"forward_domain_name": "something-else.com",
-								"preserve_path": 0,
+								"preserve_path": false,
 								"certificate_id": 0,
-								"ssl_forced": 0,
-								"block_exploits": 0,
+								"ssl_forced": false,
+								"block_exploits": false,
 								"advanced_config": "",
 								"meta": {
 									"nginx_online": true,
 									"nginx_err": null
 								},
-								"http2_support": 0,
-								"enabled": 1,
-								"hsts_enabled": 0,
-								"hsts_subdomains": 0,
+								"http2_support": false,
+								"enabled": true,
+								"hsts_enabled": false,
+								"hsts_subdomains": false,
 								"forward_scheme": "http",
 								"forward_http_code": 301
 							}

backend/schema/paths/nginx/redirection-hosts/hostID/put.json

@@ -87,36 +87,34 @@
 								"owner_user_id": 1,
 								"domain_names": ["test.example.com"],
 								"forward_domain_name": "something-else.com",
-								"preserve_path": 0,
+								"preserve_path": false,
 								"certificate_id": 0,
-								"ssl_forced": 0,
-								"block_exploits": 0,
+								"ssl_forced": false,
+								"block_exploits": false,
 								"advanced_config": "",
 								"meta": {
 									"nginx_online": true,
 									"nginx_err": null
 								},
-								"http2_support": 0,
-								"enabled": 1,
-								"hsts_enabled": 0,
-								"hsts_subdomains": 0,
+								"http2_support": false,
+								"enabled": true,
+								"hsts_enabled": false,
+								"hsts_subdomains": false,
 								"forward_scheme": "http",
 								"forward_http_code": 301,
 								"owner": {
 									"id": 1,
 									"created_on": "2024-10-09T00:59:56.000Z",
 									"modified_on": "2024-10-09T00:59:56.000Z",
-									"is_deleted": 0,
-									"is_disabled": 0,
+									"is_deleted": false,
+									"is_disabled": false,
 									"email": "admin@example.com",
 									"name": "Administrator",
 									"nickname": "Admin",
 									"avatar": "",
 									"roles": ["admin"]
 								},
-								"certificate": null,
-								"use_default_location": true,
-								"ipv6": true
+								"certificate": null
 							}
 						}
 					},

backend/schema/paths/nginx/redirection-hosts/post.json

@@ -75,16 +75,16 @@
 								"owner_user_id": 1,
 								"domain_names": ["test.example.com"],
 								"forward_domain_name": "something-else.com",
-								"preserve_path": 0,
+								"preserve_path": false,
 								"certificate_id": 0,
-								"ssl_forced": 0,
-								"block_exploits": 0,
+								"ssl_forced": false,
+								"block_exploits": false,
 								"advanced_config": "",
 								"meta": {},
-								"http2_support": 0,
-								"enabled": 1,
-								"hsts_enabled": 0,
-								"hsts_subdomains": 0,
+								"http2_support": false,
+								"enabled": true,
+								"hsts_enabled": false,
+								"hsts_subdomains": false,
 								"forward_scheme": "http",
 								"forward_http_code": 301,
 								"certificate": null,
@@ -92,16 +92,14 @@
 									"id": 1,
 									"created_on": "2024-10-09T00:59:56.000Z",
 									"modified_on": "2024-10-09T00:59:56.000Z",
-									"is_deleted": 0,
-									"is_disabled": 0,
+									"is_deleted": false,
+									"is_disabled": false,
 									"email": "admin@example.com",
 									"name": "Administrator",
 									"nickname": "Admin",
 									"avatar": "",
 									"roles": ["admin"]
-								},
-								"use_default_location": true,
-								"ipv6": true
+								}
 							}
 						}
 					},

backend/schema/paths/nginx/streams/get.json

@@ -34,13 +34,13 @@
 									"incoming_port": 9090,
 									"forwarding_host": "router.internal",
 									"forwarding_port": 80,
-									"tcp_forwarding": 0,
-									"udp_forwarding": 0,
+									"tcp_forwarding": true,
+									"udp_forwarding": false,
 									"meta": {
 										"nginx_online": true,
 										"nginx_err": null
 									},
-									"enabled": 1
+									"enabled": true
 								}
 							]
 						}

backend/schema/paths/nginx/streams/post.json

@@ -55,19 +55,19 @@
 								"incoming_port": 9090,
 								"forwarding_host": "router.internal",
 								"forwarding_port": 80,
-								"tcp_forwarding": 0,
-								"udp_forwarding": 0,
+								"tcp_forwarding": true,
+								"udp_forwarding": false,
 								"meta": {
 									"nginx_online": true,
 									"nginx_err": null
 								},
-								"enabled": 1,
+								"enabled": true,
 								"owner": {
 									"id": 1,
 									"created_on": "2024-10-09T02:33:16.000Z",
 									"modified_on": "2024-10-09T02:33:16.000Z",
-									"is_deleted": 0,
-									"is_disabled": 0,
+									"is_deleted": false,
+									"is_disabled": false,
 									"email": "admin@example.com",
 									"name": "Administrator",
 									"nickname": "Admin",

backend/schema/paths/nginx/streams/streamID/disable/post.json

@@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}

backend/schema/paths/nginx/streams/streamID/enable/post.json

@@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}

backend/schema/paths/nginx/streams/streamID/get.json

@@ -34,13 +34,13 @@
 								"incoming_port": 9090,
 								"forwarding_host": "router.internal",
 								"forwarding_port": 80,
-								"tcp_forwarding": 0,
-								"udp_forwarding": 0,
+								"tcp_forwarding": true,
+								"udp_forwarding": false,
 								"meta": {
 									"nginx_online": true,
 									"nginx_err": null
 								},
-								"enabled": 1
+								"enabled": true
 							}
 						}
 					},

backend/schema/paths/nginx/streams/streamID/put.json

@@ -102,26 +102,26 @@
 								"forward_port": 8989,
 								"access_list_id": 0,
 								"certificate_id": 0,
-								"ssl_forced": 0,
-								"caching_enabled": 0,
-								"block_exploits": 0,
+								"ssl_forced": false,
+								"caching_enabled": false,
+								"block_exploits": false,
 								"advanced_config": "",
 								"meta": {
 									"nginx_online": true,
 									"nginx_err": null
 								},
-								"allow_websocket_upgrade": 0,
-								"http2_support": 0,
+								"allow_websocket_upgrade": false,
+								"http2_support": false,
 								"forward_scheme": "http",
-								"enabled": 1,
-								"hsts_enabled": 0,
-								"hsts_subdomains": 0,
+								"enabled": true,
+								"hsts_enabled": false,
+								"hsts_subdomains": false,
 								"owner": {
 									"id": 1,
 									"created_on": "2024-10-07T22:43:55.000Z",
 									"modified_on": "2024-10-08T12:52:54.000Z",
-									"is_deleted": 0,
-									"is_disabled": 0,
+									"is_deleted": false,
+									"is_disabled": false,
 									"email": "admin@example.com",
 									"name": "Administrator",
 									"nickname": "some guy",
@@ -129,9 +129,7 @@
 									"roles": ["admin"]
 								},
 								"certificate": null,
-								"access_list": null,
-								"use_default_location": true,
-								"ipv6": true
+								"access_list": null
 							}
 						}
 					},

backend/schema/paths/settings/settingID/put.json

@@ -13,7 +13,8 @@
 			"name": "settingID",
 			"schema": {
 				"type": "string",
-				"minLength": 1
+				"minLength": 1,
+				"enum": ["default-site"]
 			},
 			"required": true,
 			"description": "Setting ID",
@@ -31,10 +32,21 @@
 					"minProperties": 1,
 					"properties": {
 						"value": {
-							"$ref": "../../../components/setting-object.json#/properties/value"
+							"type": "string",
+							"minLength": 1,
+							"enum": ["congratulations", "404", "444", "redirect", "html"]
 						},
 						"meta": {
-							"$ref": "../../../components/setting-object.json#/properties/meta"
+							"type": "object",
+							"additionalProperties": false,
+							"properties": {
+								"redirect": {
+									"type": "string"
+								},
+								"html": {
+									"type": "string"
+								}
+							}
 						}
 					}
 				}

backend/schema/paths/users/get.json

@@ -30,7 +30,7 @@
 									"id": 1,
 									"created_on": "2020-01-30T09:36:08.000Z",
 									"modified_on": "2020-01-30T09:41:04.000Z",
-									"is_disabled": 0,
+									"is_disabled": false,
 									"email": "jc@jc21.com",
 									"name": "Jamie Curnow",
 									"nickname": "James",
@@ -45,7 +45,7 @@
 									"id": 1,
 									"created_on": "2020-01-30T09:36:08.000Z",
 									"modified_on": "2020-01-30T09:41:04.000Z",
-									"is_disabled": 0,
+									"is_disabled": false,
 									"email": "jc@jc21.com",
 									"name": "Jamie Curnow",
 									"nickname": "James",

backend/schema/paths/users/post.json

@@ -56,7 +56,7 @@
 								"id": 2,
 								"created_on": "2020-01-30T09:41:04.000Z",
 								"modified_on": "2020-01-30T09:41:04.000Z",
-								"is_disabled": 0,
+								"is_disabled": false,
 								"email": "jc@jc21.com",
 								"name": "Jamie Curnow",
 								"nickname": "James",

backend/schema/paths/users/userID/get.json

@@ -39,7 +39,7 @@
 								"id": 1,
 								"created_on": "2020-01-30T09:36:08.000Z",
 								"modified_on": "2020-01-30T09:41:04.000Z",
-								"is_disabled": 0,
+								"is_disabled": false,
 								"email": "jc@jc21.com",
 								"name": "Jamie Curnow",
 								"nickname": "James",

backend/schema/paths/users/userID/login/post.json

@@ -34,7 +34,7 @@
 									"id": 1,
 									"created_on": "2020-01-30T10:43:44.000Z",
 									"modified_on": "2020-01-30T10:43:44.000Z",
-									"is_disabled": 0,
+									"is_disabled": false,
 									"email": "jc@jc21.com",
 									"name": "Jamie Curnow",
 									"nickname": "James",

backend/schema/paths/users/userID/put.json

@@ -69,7 +69,7 @@
 								"id": 2,
 								"created_on": "2020-01-30T09:36:08.000Z",
 								"modified_on": "2020-01-30T09:41:04.000Z",
-								"is_disabled": 0,
+								"is_disabled": false,
 								"email": "jc@jc21.com",
 								"name": "Jamie Curnow",
 								"nickname": "James",

backend/schema/swagger.json

@@ -1,5 +1,5 @@
 {
-	"openapi": "3.0.0",
+	"openapi": "3.1.0",
 	"info": {
 		"title": "Nginx Proxy Manager API",
 		"version": "2.x.x"

backend/templates/_location.conf

@@ -6,7 +6,12 @@
     proxy_set_header X-Forwarded-Proto  $scheme;
     proxy_set_header X-Forwarded-For    $remote_addr;
     proxy_set_header X-Real-IP		$remote_addr;
-    proxy_pass       {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
+
+    set $proxy_forward_scheme {{ forward_scheme }};
+    set $proxy_server         "{{ forward_host }}";
+    set $proxy_port           {{ forward_port }};
+
+    proxy_pass       $proxy_forward_scheme://$proxy_server:$proxy_port{{ forward_path }};
 
     {% include "_access.conf" %}
     {% include "_assets.conf" %}

backend/validate-schema.js

@@ -0,0 +1,16 @@
+const SwaggerParser = require('@apidevtools/swagger-parser');
+const chalk         = require('chalk');
+const schema        = require('./schema');
+const log           = console.log;
+
+schema.getCompiledSchema().then(async (swaggerJSON) => {
+	try {
+		const api = await SwaggerParser.validate(swaggerJSON);
+		console.log('API name: %s, Version: %s', api.info.title, api.info.version);
+		log(chalk.green('❯ Schema is valid'));
+	} catch (e) {
+		console.error(e);
+		log(chalk.red('❯', e.message), '\n');
+		process.exit(1);
+	}
+});

backend/yarn.lock

@@ -2,12 +2,12 @@
 # yarn lockfile v1
 
 
-"@apidevtools/json-schema-ref-parser@8.0.0":
-  version "8.0.0"
-  resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-8.0.0.tgz#9eb749499b3f8d919e90bb141e4b6f67aee4692d"
-  integrity sha512-n4YBtwQhdpLto1BaUCyAeflizmIbaloGShsPyRtFf5qdFJxfssj+GgLavczgKJFa3Bq+3St2CKcpRJdjtB4EBw==
+"@apidevtools/json-schema-ref-parser@9.0.6":
+  version "9.0.6"
+  resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-9.0.6.tgz#5d9000a3ac1fd25404da886da6b266adcd99cf1c"
+  integrity sha512-M3YgsLjI0lZxvrpeGVk9Ap032W6TPQkH6pRAZz81Ac3WUNF79VQooAFnp8umjvVzUmD93NkogxEwbSce7qMsUg==
   dependencies:
-    "@jsdevtools/ono" "^7.1.0"
+    "@jsdevtools/ono" "^7.1.3"
     call-me-maybe "^1.0.1"
     js-yaml "^3.13.1"
 
@@ -20,6 +20,29 @@
     "@types/json-schema" "^7.0.15"
     js-yaml "^4.1.0"
 
+"@apidevtools/openapi-schemas@^2.1.0":
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/@apidevtools/openapi-schemas/-/openapi-schemas-2.1.0.tgz#9fa08017fb59d80538812f03fc7cac5992caaa17"
+  integrity sha512-Zc1AlqrJlX3SlpupFGpiLi2EbteyP7fXmUOGup6/DnkRgjP9bgMM/ag+n91rsv0U1Gpz0H3VILA/o3bW7Ua6BQ==
+
+"@apidevtools/swagger-methods@^3.0.2":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@apidevtools/swagger-methods/-/swagger-methods-3.0.2.tgz#b789a362e055b0340d04712eafe7027ddc1ac267"
+  integrity sha512-QAkD5kK2b1WfjDS/UQn/qQkbwF31uqRjPTrsCs5ZG9BQGAkjwvqGFjjPqAuzac/IYzpPtRzjCP1WrTuAIjMrXg==
+
+"@apidevtools/swagger-parser@^10.1.0":
+  version "10.1.0"
+  resolved "https://registry.yarnpkg.com/@apidevtools/swagger-parser/-/swagger-parser-10.1.0.tgz#a987d71e5be61feb623203be0c96e5985b192ab6"
+  integrity sha512-9Kt7EuS/7WbMAUv2gSziqjvxwDbFSg3Xeyfuj5laUODX8o/k/CpsAKiQ8W7/R88eXFTMbJYg6+7uAmOWNKmwnw==
+  dependencies:
+    "@apidevtools/json-schema-ref-parser" "9.0.6"
+    "@apidevtools/openapi-schemas" "^2.1.0"
+    "@apidevtools/swagger-methods" "^3.0.2"
+    "@jsdevtools/ono" "^7.1.3"
+    ajv "^8.6.3"
+    ajv-draft-04 "^1.0.0"
+    call-me-maybe "^1.0.1"
+
 "@eslint-community/eslint-utils@^4.2.0":
   version "4.3.0"
   resolved "https://registry.yarnpkg.com/@eslint-community/eslint-utils/-/eslint-utils-4.3.0.tgz#a556790523a351b4e47e9d385f47265eaaf9780a"
@@ -76,7 +99,7 @@
   resolved "https://registry.yarnpkg.com/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz#b520529ec21d8e5945a1851dfd1c32e94e39ff45"
   integrity sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA==
 
-"@jsdevtools/ono@^7.1.0", "@jsdevtools/ono@^7.1.3":
+"@jsdevtools/ono@^7.1.3":
   version "7.1.3"
   resolved "https://registry.yarnpkg.com/@jsdevtools/ono/-/ono-7.1.3.tgz#9df03bbd7c696a5c58885c34aa06da41c8543796"
   integrity sha512-4JQNk+3mVzK3xh2rqd6RB4J46qUR19azEHBneZyTZM+c456qOrbbM/5xcR8huNCCcbVt7+UmizG6GuUvPvKUYg==
@@ -207,7 +230,12 @@ aggregate-error@^3.0.0:
     clean-stack "^2.0.0"
     indent-string "^4.0.0"
 
-ajv@^6.10.0, ajv@^6.12.0, ajv@^6.12.4:
+ajv-draft-04@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/ajv-draft-04/-/ajv-draft-04-1.0.0.tgz#3b64761b268ba0b9e668f0b41ba53fce0ad77fc8"
+  integrity sha512-mv00Te6nmYbRp5DCwclxtt7yV/joXJPGS7nM+97GdxvuttCOfgI3K4U25zboyeX0O+myI8ERluxQe5wljMmVIw==
+
+ajv@^6.10.0, ajv@^6.12.4:
   version "6.12.6"
   resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4"
   integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==
@@ -217,6 +245,16 @@ ajv@^6.10.0, ajv@^6.12.0, ajv@^6.12.4:
     json-schema-traverse "^0.4.1"
     uri-js "^4.2.2"
 
+ajv@^8.17.1, ajv@^8.6.3:
+  version "8.17.1"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.17.1.tgz#37d9a5c776af6bc92d7f4f9510eba4c0a60d11a6"
+  integrity sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==
+  dependencies:
+    fast-deep-equal "^3.1.3"
+    fast-uri "^3.0.1"
+    json-schema-traverse "^1.0.0"
+    require-from-string "^2.0.2"
+
 ajv@^8.6.2:
   version "8.12.0"
   resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.12.0.tgz#d1a0527323e22f53562c567c00991577dfbe19d1"
@@ -374,6 +412,11 @@ async@^3.2.0:
   resolved "https://registry.yarnpkg.com/async/-/async-3.2.4.tgz#2d22e00f8cddeb5fde5dd33522b56d1cf569a81c"
   integrity sha512-iAB+JbDEGXhyIUavoDl9WP/Jj106Kz9DEn1DPgYw5ruDn0e3Wgi3sKFm55sASdGBNOQB8F59d9qQ7deqrHA8wQ==
 
+aws-ssl-profiles@^1.1.1:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/aws-ssl-profiles/-/aws-ssl-profiles-1.1.2.tgz#157dd77e9f19b1d123678e93f120e6f193022641"
+  integrity sha512-NZKeq9AfyQvEeNlN0zSYAaWrmBffJh3IELMZfRpJVWgrpEbtEpnjvzqBPf+mxoI287JohRDoa+/nsfqqiZmF6g==
+
 balanced-match@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767"
@@ -397,11 +440,6 @@ bcrypt@^5.0.0:
     node-addon-api "^3.0.0"
     node-pre-gyp "0.15.0"
 
-bignumber.js@9.0.0:
-  version "9.0.0"
-  resolved "https://registry.yarnpkg.com/bignumber.js/-/bignumber.js-9.0.0.tgz#805880f84a329b5eac6e7cb6f8274b6d82bdf075"
-  integrity sha512-t/OYhhJ2SD+YGBQcjY8GzzDHEk9f3nerxjtfa6tlMXfe7frs/WozhvCNoGvpM0P3bNf3Gq5ZRMlGr5f3r4/N8A==
-
 binary-extensions@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.1.0.tgz#30fa40c9e7fe07dbc895678cd287024dea241dd9"
@@ -421,10 +459,10 @@ blueimp-md5@^2.16.0:
   resolved "https://registry.yarnpkg.com/blueimp-md5/-/blueimp-md5-2.17.0.tgz#f4fcac088b115f7b4045f19f5da59e9d01b1bb96"
   integrity sha512-x5PKJHY5rHQYaADj6NwPUR2QRCUVSggPzrUKkeENpj871o9l9IefJbO2jkT5UvYykeOK9dx0VmkIo6dZ+vThYw==
 
-body-parser@1.20.2, body-parser@^1.19.0:
-  version "1.20.2"
-  resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.2.tgz#6feb0e21c4724d06de7ff38da36dad4f57a747fd"
-  integrity sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==
+body-parser@1.20.3, body-parser@^1.20.3:
+  version "1.20.3"
+  resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.3.tgz#1953431221c6fb5cd63c4b36d53fab0928e548c6"
+  integrity sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==
   dependencies:
     bytes "3.1.2"
     content-type "~1.0.5"
@@ -434,7 +472,7 @@ body-parser@1.20.2, body-parser@^1.19.0:
     http-errors "2.0.0"
     iconv-lite "0.4.24"
     on-finished "2.4.1"
-    qs "6.11.0"
+    qs "6.13.0"
     raw-body "2.5.2"
     type-is "~1.6.18"
     unpipe "1.0.0"
@@ -566,6 +604,14 @@ camelcase@^5.0.0, camelcase@^5.3.1:
   resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320"
   integrity sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==
 
+chalk@4.1.2, chalk@^4.0.0:
+  version "4.1.2"
+  resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.2.tgz#aac4e2b7734a740867aeb16bf02aad556a1e7a01"
+  integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==
+  dependencies:
+    ansi-styles "^4.1.0"
+    supports-color "^7.1.0"
+
 chalk@^2.3.2:
   version "2.4.2"
   resolved "https://registry.yarnpkg.com/chalk/-/chalk-2.4.2.tgz#cd42541677a54333cf541a49108c1432b44c9424"
@@ -583,14 +629,6 @@ chalk@^3.0.0:
     ansi-styles "^4.1.0"
     supports-color "^7.1.0"
 
-chalk@^4.0.0:
-  version "4.1.2"
-  resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.2.tgz#aac4e2b7734a740867aeb16bf02aad556a1e7a01"
-  integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==
-  dependencies:
-    ansi-styles "^4.1.0"
-    supports-color "^7.1.0"
-
 chokidar@^3.2.2:
   version "3.4.1"
   resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.4.1.tgz#e905bdecf10eaa0a0b1db0c664481cc4cbc22ba1"
@@ -872,6 +910,11 @@ delegates@^1.0.0:
   resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a"
   integrity sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=
 
+denque@^2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/denque/-/denque-2.1.0.tgz#e93e1a6569fb5e66f16a3c2a2964617d349d6ab1"
+  integrity sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==
+
 depd@2.0.0, depd@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/depd/-/depd-2.0.0.tgz#b696163cc757560d09cf22cc8fad1571b79e76df"
@@ -950,6 +993,11 @@ encodeurl@~1.0.2:
   resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59"
   integrity sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=
 
+encodeurl@~2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-2.0.0.tgz#7b8ea898077d7e409d3ac45474ea38eaf0857a58"
+  integrity sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg==
+
 encoding@^0.1.12:
   version "0.1.13"
   resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.13.tgz#56574afdd791f54a8e9b2785c0582a2d26210fa9"
@@ -1147,37 +1195,37 @@ express-fileupload@^1.1.9:
   dependencies:
     busboy "^0.3.1"
 
-express@^4.19.2:
-  version "4.19.2"
-  resolved "https://registry.yarnpkg.com/express/-/express-4.19.2.tgz#e25437827a3aa7f2a827bc8171bbbb664a356465"
-  integrity sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==
+express@^4.20.0:
+  version "4.20.0"
+  resolved "https://registry.yarnpkg.com/express/-/express-4.20.0.tgz#f1d08e591fcec770c07be4767af8eb9bcfd67c48"
+  integrity sha512-pLdae7I6QqShF5PnNTCVn4hI91Dx0Grkn2+IAsMTgMIKuQVte2dN9PeGSSAME2FR8anOhVA62QDIUaWVfEXVLw==
   dependencies:
     accepts "~1.3.8"
     array-flatten "1.1.1"
-    body-parser "1.20.2"
+    body-parser "1.20.3"
     content-disposition "0.5.4"
     content-type "~1.0.4"
     cookie "0.6.0"
     cookie-signature "1.0.6"
     debug "2.6.9"
     depd "2.0.0"
-    encodeurl "~1.0.2"
+    encodeurl "~2.0.0"
     escape-html "~1.0.3"
     etag "~1.8.1"
     finalhandler "1.2.0"
     fresh "0.5.2"
     http-errors "2.0.0"
-    merge-descriptors "1.0.1"
+    merge-descriptors "1.0.3"
     methods "~1.1.2"
     on-finished "2.4.1"
     parseurl "~1.3.3"
-    path-to-regexp "0.1.7"
+    path-to-regexp "0.1.10"
     proxy-addr "~2.0.7"
     qs "6.11.0"
     range-parser "~1.2.1"
     safe-buffer "5.2.1"
-    send "0.18.0"
-    serve-static "1.15.0"
+    send "0.19.0"
+    serve-static "1.16.0"
     setprototypeof "1.2.0"
     statuses "2.0.1"
     type-is "~1.6.18"
@@ -1199,6 +1247,11 @@ fast-levenshtein@^2.0.6:
   resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917"
   integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==
 
+fast-uri@^3.0.1:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.0.2.tgz#d78b298cf70fd3b752fd951175a3da6a7b48f024"
+  integrity sha512-GR6f0hD7XXyNJa25Tb9BuIdN0tdr+0BMi6/CJPH3wJO1JjNG3n/VsSw38AwRdKZABm8lGbPfakLRkYzx2V9row==
+
 fastq@^1.6.0:
   version "1.15.0"
   resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.15.0.tgz#d04d07c6a2a68fe4599fea8d2e103a937fae6b3a"
@@ -1368,6 +1421,13 @@ gauge@~2.7.3:
     strip-ansi "^3.0.1"
     wide-align "^1.1.0"
 
+generate-function@^2.3.1:
+  version "2.3.1"
+  resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.3.1.tgz#f069617690c10c868e73b8465746764f97c3479f"
+  integrity sha512-eeB5GfMNeevm/GRYq20ShmsaGcmI81kIX2K9XQx5miC8KdHaC6Jm0qQ8ZNeGOi7wYB8OsdxKs+Y2oVuTFuVwKQ==
+  dependencies:
+    is-property "^1.0.2"
+
 get-caller-file@^2.0.1:
   version "2.0.5"
   resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e"
@@ -1612,7 +1672,7 @@ iconv-lite@0.4.24, iconv-lite@^0.4.4:
   dependencies:
     safer-buffer ">= 2.1.2 < 3"
 
-iconv-lite@^0.6.2:
+iconv-lite@^0.6.2, iconv-lite@^0.6.3:
   version "0.6.3"
   resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501"
   integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==
@@ -1815,6 +1875,11 @@ is-path-inside@^3.0.3:
   resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-3.0.3.tgz#d231362e53a07ff2b0e0ea7fed049161ffd16283"
   integrity sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==
 
+is-property@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84"
+  integrity sha512-Ks/IoX00TtClbGQr4TWXemAnktAQvYB7HzcCxDGqEZU6oCmb2INHuOoKxbtR+HFkmYWBKv/dOZtGRiAjDhj92g==
+
 is-stream@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-2.0.0.tgz#bde9c32680d6fae04129d6ac9d921ce7815f78e3"
@@ -1870,13 +1935,6 @@ json-parse-better-errors@^1.0.1:
   resolved "https://registry.yarnpkg.com/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz#bb867cfb3450e69107c131d1c514bab3dc8bcaa9"
   integrity sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==
 
-json-schema-ref-parser@^8.0.0:
-  version "8.0.0"
-  resolved "https://registry.yarnpkg.com/json-schema-ref-parser/-/json-schema-ref-parser-8.0.0.tgz#7c758fac2cf822c05e837abd0a13f8fa2c15ffd4"
-  integrity sha512-2P4icmNkZLrBr6oa5gSZaDSol/oaBHYkoP/8dsw63E54NnHGRhhiFuy9yFoxPuSm+uHKmeGxAAWMDF16SCHhcQ==
-  dependencies:
-    "@apidevtools/json-schema-ref-parser" "8.0.0"
-
 json-schema-traverse@^0.4.1:
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660"
@@ -2042,6 +2100,11 @@ lodash@^4.17.21:
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
   integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
 
+long@^5.2.1:
+  version "5.2.3"
+  resolved "https://registry.yarnpkg.com/long/-/long-5.2.3.tgz#a3ba97f3877cf1d778eccbcb048525ebb77499e1"
+  integrity sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q==
+
 lowercase-keys@^1.0.0, lowercase-keys@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.1.tgz#6f9e30b47084d971a7c820ff15a6c5167b74c26f"
@@ -2059,6 +2122,16 @@ lru-cache@^6.0.0:
   dependencies:
     yallist "^4.0.0"
 
+lru-cache@^7.14.1:
+  version "7.18.3"
+  resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-7.18.3.tgz#f793896e0fd0e954a59dfdd82f0773808df6aa89"
+  integrity sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==
+
+lru-cache@^8.0.0:
+  version "8.0.5"
+  resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-8.0.5.tgz#983fe337f3e176667f8e567cfcce7cb064ea214e"
+  integrity sha512-MhWWlVnuab1RG5/zMRRcVGXZLCXrZTgfwMikgzCegsPnG62yDQo5JnqKkrK4jO5iKqDAZGItAqN5CtKBCBWRUA==
+
 make-dir@^3.0.0, make-dir@^3.1.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-3.1.0.tgz#415e967046b3a7f1d185277d84aa58203726a13f"
@@ -2093,10 +2166,10 @@ media-typer@0.3.0:
   resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748"
   integrity sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=
 
-merge-descriptors@1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61"
-  integrity sha1-sAqqVW3YtEVoFQ7J0blT8/kMu2E=
+merge-descriptors@1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.3.tgz#d80319a65f3c7935351e5cfdac8f9318504dbed5"
+  integrity sha512-gaNvAS7TZ897/rVaZ0nMtAyxNyi/pdbjbAwUpFQpN70GqnVfOiXpeUUMKRBmzXaSQ8DdTX4/0ms62r2K+hE6mQ==
 
 methods@~1.1.2:
   version "1.1.2"
@@ -2262,15 +2335,27 @@ ms@2.1.3, ms@^2.0.0:
   resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.3.tgz#574c8138ce1d2b5861f0b44579dbadd60c6615b2"
   integrity sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==
 
-mysql@^2.18.1:
-  version "2.18.1"
-  resolved "https://registry.yarnpkg.com/mysql/-/mysql-2.18.1.tgz#2254143855c5a8c73825e4522baf2ea021766717"
-  integrity sha512-Bca+gk2YWmqp2Uf6k5NFEurwY/0td0cpebAucFpY/3jhrwrVGuxU2uQFCHjU19SJfje0yQvi+rVWdq78hR5lig==
+mysql2@^3.11.1:
+  version "3.11.1"
+  resolved "https://registry.yarnpkg.com/mysql2/-/mysql2-3.11.1.tgz#edfb856e2176fcf43d2cc066dd4959e9fc76ea85"
+  integrity sha512-Oc8Zffd0gpIJnJ/NOMp6IiiJJDdWc7nmWpS+UE3K9feTpYia8XkbgL6EaOJYz52f6+2pAoC0eAQqUzal4lnNGQ==
   dependencies:
-    bignumber.js "9.0.0"
-    readable-stream "2.3.7"
-    safe-buffer "5.1.2"
-    sqlstring "2.3.1"
+    aws-ssl-profiles "^1.1.1"
+    denque "^2.1.0"
+    generate-function "^2.3.1"
+    iconv-lite "^0.6.3"
+    long "^5.2.1"
+    lru-cache "^8.0.0"
+    named-placeholders "^1.1.3"
+    seq-queue "^0.0.5"
+    sqlstring "^2.3.2"
+
+named-placeholders@^1.1.3:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/named-placeholders/-/named-placeholders-1.1.3.tgz#df595799a36654da55dda6152ba7a137ad1d9351"
+  integrity sha512-eLoBxg6wE/rZkJPhU/xRX1WTpkFEwDJEN96oxFrTsqBdbT5ec295Q+CoHrL9IT0DipqKhmGcaZmwOt8OON5x1w==
+  dependencies:
+    lru-cache "^7.14.1"
 
 natural-compare@^1.4.0:
   version "1.4.0"
@@ -2637,10 +2722,10 @@ path-parse@^1.0.7:
   resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
   integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
 
-path-to-regexp@0.1.7:
-  version "0.1.7"
-  resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c"
-  integrity sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=
+path-to-regexp@0.1.10:
+  version "0.1.10"
+  resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.10.tgz#67e9108c5c0551b9e5326064387de4763c4d5f8b"
+  integrity sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w==
 
 path@^0.12.7:
   version "0.12.7"
@@ -2756,6 +2841,13 @@ qs@6.11.0:
   dependencies:
     side-channel "^1.0.4"
 
+qs@6.13.0:
+  version "6.13.0"
+  resolved "https://registry.yarnpkg.com/qs/-/qs-6.13.0.tgz#6ca3bd58439f7e245655798997787b0d88a51906"
+  integrity sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==
+  dependencies:
+    side-channel "^1.0.6"
+
 querystring@0.2.0:
   version "0.2.0"
   resolved "https://registry.yarnpkg.com/querystring/-/querystring-0.2.0.tgz#b209849203bb25df820da756e747005878521620"
@@ -2791,7 +2883,7 @@ rc@^1.2.7, rc@^1.2.8:
     minimist "^1.2.0"
     strip-json-comments "~2.0.1"
 
-readable-stream@2.3.7, readable-stream@^2.0.0, readable-stream@^2.0.5, readable-stream@^2.0.6:
+readable-stream@^2.0.0, readable-stream@^2.0.5, readable-stream@^2.0.6:
   version "2.3.7"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57"
   integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==
@@ -2983,10 +3075,34 @@ send@0.18.0:
     range-parser "~1.2.1"
     statuses "2.0.1"
 
-serve-static@1.15.0:
-  version "1.15.0"
-  resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.15.0.tgz#faaef08cffe0a1a62f60cad0c4e513cff0ac9540"
-  integrity sha512-XGuRDNjXUijsUL0vl6nSD7cwURuzEgglbOaFuZM9g3kwDXOWVTck0jLzjPzGD+TazWbboZYu52/9/XPdUgne9g==
+send@0.19.0:
+  version "0.19.0"
+  resolved "https://registry.yarnpkg.com/send/-/send-0.19.0.tgz#bbc5a388c8ea6c048967049dbeac0e4a3f09d7f8"
+  integrity sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw==
+  dependencies:
+    debug "2.6.9"
+    depd "2.0.0"
+    destroy "1.2.0"
+    encodeurl "~1.0.2"
+    escape-html "~1.0.3"
+    etag "~1.8.1"
+    fresh "0.5.2"
+    http-errors "2.0.0"
+    mime "1.6.0"
+    ms "2.1.3"
+    on-finished "2.4.1"
+    range-parser "~1.2.1"
+    statuses "2.0.1"
+
+seq-queue@^0.0.5:
+  version "0.0.5"
+  resolved "https://registry.yarnpkg.com/seq-queue/-/seq-queue-0.0.5.tgz#d56812e1c017a6e4e7c3e3a37a1da6d78dd3c93e"
+  integrity sha512-hr3Wtp/GZIc/6DAGPDcV4/9WoZhjrkXsi5B/07QgX8tsdc6ilr7BFM6PM6rbdAX1kFSDYeZGLipIZZKyQP0O5Q==
+
+serve-static@1.16.0:
+  version "1.16.0"
+  resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.16.0.tgz#2bf4ed49f8af311b519c46f272bf6ac3baf38a92"
+  integrity sha512-pDLK8zwl2eKaYrs8mrPZBJua4hMplRWJ1tIFksVC3FtBEBnl8dxgeHtsaMS8DhS9i4fLObaon6ABoc4/hQGdPA==
   dependencies:
     encodeurl "~1.0.2"
     escape-html "~1.0.3"
@@ -3027,7 +3143,7 @@ shebang-regex@^3.0.0:
   resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-3.0.0.tgz#ae16f1644d873ecad843b0307b143362d4c42172"
   integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==
 
-side-channel@^1.0.4:
+side-channel@^1.0.4, side-channel@^1.0.6:
   version "1.0.6"
   resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.6.tgz#abd25fb7cd24baf45466406b1096b7831c9215f2"
   integrity sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==
@@ -3094,10 +3210,10 @@ sqlite3@5.1.6:
   optionalDependencies:
     node-gyp "8.x"
 
-sqlstring@2.3.1:
-  version "2.3.1"
-  resolved "https://registry.yarnpkg.com/sqlstring/-/sqlstring-2.3.1.tgz#475393ff9e91479aea62dcaf0ca3d14983a7fb40"
-  integrity sha1-R1OT/56RR5rqYtyvDKPRSYOn+0A=
+sqlstring@^2.3.2:
+  version "2.3.3"
+  resolved "https://registry.yarnpkg.com/sqlstring/-/sqlstring-2.3.3.tgz#2ddc21f03bce2c387ed60680e739922c65751d0c"
+  integrity sha512-qC9iz2FlN7DQl3+wjwn3802RTyjCx7sDvfQEXchwa6CWOx07/WVfh91gBmQ9fahw8snwGEWU3xGzOt4tFyHLxg==
 
 ssri@^8.0.0, ssri@^8.0.1:
   version "8.0.1"

docker/Dockerfile

@@ -3,6 +3,8 @@
 
 # This file assumes that the frontend has been built using ./scripts/frontend-build
 
+FROM nginxproxymanager/testca AS testca
+FROM letsencrypt/pebble AS pebbleca
 FROM nginxproxymanager/nginx-full:certbot-node
 
 ARG TARGETPLATFORM
@@ -45,6 +47,8 @@ RUN yarn install \
 
 # add late to limit cache-busting by modifications
 COPY docker/rootfs /
+COPY --from=pebbleca /test/certs/pebble.minica.pem /etc/ssl/certs/pebble.minica.pem
+COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/certs/NginxProxyManager.crt
 
 # Remove frontend service not required for prod, dev nginx config as well
 RUN rm -rf /etc/s6-overlay/s6-rc.d/user/contents.d/frontend /etc/nginx/conf.d/dev.conf \

docker/dev/Dockerfile

@@ -1,7 +1,10 @@
+FROM nginxproxymanager/testca AS testca
+FROM letsencrypt/pebble AS pebbleca
 FROM nginxproxymanager/nginx-full:certbot-node
 LABEL maintainer="Jamie Curnow <jc@jc21.com>"
 
-# See: https://github.com/just-containers/s6-overlay/blob/master/README.md
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+
 ENV SUPPRESS_NO_CONFIG_WARNING=1 \
 	S6_BEHAVIOUR_IF_STAGE2_FAILS=1 \
 	S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \
@@ -17,17 +20,20 @@ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
 	&& rm -rf /var/lib/apt/lists/*
 
 # Task
-RUN cd /usr \
-	&& curl -sL https://taskfile.dev/install.sh | sh \
-	&& cd /root
+WORKDIR /usr
+RUN curl -sL https://taskfile.dev/install.sh | sh
+WORKDIR /root
 
 COPY rootfs /
-RUN rm -f /etc/nginx/conf.d/production.conf
-RUN chmod 644 /etc/logrotate.d/nginx-proxy-manager
-
-# s6 overlay
 COPY scripts/install-s6 /tmp/install-s6
-RUN /tmp/install-s6 "${TARGETPLATFORM}" && rm -f /tmp/install-s6
+RUN rm -f /etc/nginx/conf.d/production.conf \
+	&& chmod 644 /etc/logrotate.d/nginx-proxy-manager \
+	&& /tmp/install-s6 "${TARGETPLATFORM}" \
+	&& rm -f /tmp/install-s6
+
+# Certs for testing purposes
+COPY --from=pebbleca /test/certs/pebble.minica.pem /etc/ssl/certs/pebble.minica.pem
+COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/certs/NginxProxyManager.crt
 
 EXPOSE 80 81 443
 ENTRYPOINT [ "/init" ]

docker/dev/squid.conf

@@ -0,0 +1,92 @@
+#	WELCOME TO SQUID 6.6
+#	----------------------------
+#
+#	This is the documentation for the Squid configuration file.
+#	This documentation can also be found online at:
+#		http://www.squid-cache.org/Doc/config/
+#
+#	You may wish to look at the Squid home page and wiki for the
+#	FAQ and other documentation:
+#		http://www.squid-cache.org/
+#		https://wiki.squid-cache.org/SquidFaq
+#		https://wiki.squid-cache.org/ConfigExamples
+#
+
+# Example rule allowing access from your local networks.
+# Adapt to list your (internal) IP networks from where browsing
+# should be allowed
+acl localnet src 0.0.0.1-0.255.255.255	# RFC 1122 "this" network (LAN)
+acl localnet src 10.0.0.0/8		# RFC 1918 local private network (LAN)
+acl localnet src 100.64.0.0/10		# RFC 6598 shared address space (CGN)
+acl localnet src 169.254.0.0/16 	# RFC 3927 link-local (directly plugged) machines
+acl localnet src 172.0.0.0/8
+acl localnet src 192.168.0.0/16		# RFC 1918 local private network (LAN)
+acl localnet src fc00::/7       	# RFC 4193 local private network range
+acl localnet src fe80::/10      	# RFC 4291 link-local (directly plugged) machines
+
+acl SSL_ports port 443
+acl Safe_ports port 80		# http
+acl Safe_ports port 81
+acl Safe_ports port 443		# https
+
+#
+# Recommended minimum Access Permission configuration:
+#
+# Deny requests to certain unsafe ports
+http_access deny !Safe_ports
+
+# Deny CONNECT to other than secure SSL ports
+http_access deny CONNECT !SSL_ports
+
+# Only allow cachemgr access from localhost
+http_access allow localhost manager
+http_access deny manager
+
+# This default configuration only allows localhost requests because a more
+# permissive Squid installation could introduce new attack vectors into the
+# network by proxying external TCP connections to unprotected services.
+http_access allow localhost
+
+# The two deny rules below are unnecessary in this default configuration
+# because they are followed by a "deny all" rule. However, they may become
+# critically important when you start allowing external requests below them.
+
+# Protect web applications running on the same server as Squid. They often
+# assume that only local users can access them at "localhost" ports.
+http_access deny to_localhost
+
+# Protect cloud servers that provide local users with sensitive info about
+# their server via certain well-known link-local (a.k.a. APIPA) addresses.
+http_access deny to_linklocal
+
+#
+# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
+#
+include /etc/squid/conf.d/*.conf
+
+# For example, to allow access from your local networks, you may uncomment the
+# following rule (and/or add rules that match your definition of "local"):
+# http_access allow localnet
+
+# And finally deny all other access to this proxy
+http_access deny all
+
+# Squid normally listens to port 3128
+http_port 3128
+
+# Leave coredumps in the first cache dir
+coredump_dir /var/spool/squid
+
+#
+# Add any of your own refresh_pattern entries above these.
+#
+refresh_pattern ^ftp:		1440	20%	10080
+refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
+refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
+refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
+refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
+refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
+# example pattern for deb packages
+#refresh_pattern (\.deb|\.udeb)$   129600 100% 129600
+refresh_pattern .		0	20%	4320
+

docker/docker-compose.ci.yml

@@ -9,6 +9,9 @@ services:
     environment:
       DEBUG: 'true'
       FORCE_COLOR: 1
+      # Required for DNS Certificate provisioning in CI
+      LE_SERVER: 'https://ca.internal/acme/acme/directory'
+      REQUESTS_CA_BUNDLE: '/etc/ssl/certs/NginxProxyManager.crt'
     volumes:
       - 'npm_data_ci:/data'
       - 'npm_le_ci:/etc/letsencrypt'
@@ -91,14 +94,25 @@ services:
       context: ../
       dockerfile: test/cypress/Dockerfile
     environment:
-      CYPRESS_baseUrl: 'http://fullstack:81'
+      HTTP_PROXY: 'squid:3128'
+      HTTPS_PROXY: 'squid:3128'
     volumes:
       - 'cypress_logs:/results'
       - './dev/resolv.conf:/etc/resolv.conf:ro'
+      - '/etc/localtime:/etc/localtime:ro'
     command: cypress run --browser chrome --config-file=cypress/config/ci.js
     networks:
       - fulltest
 
+  squid:
+    image: ubuntu/squid
+    volumes:
+      - './dev/squid.conf:/etc/squid/squid.conf:ro'
+      - './dev/resolv.conf:/etc/resolv.conf:ro'
+      - '/etc/localtime:/etc/localtime:ro'
+    networks:
+      - fulltest
+
 volumes:
   cypress_logs:
   npm_data_ci:

docker/docker-compose.dev.yml

@@ -1,7 +1,7 @@
 # WARNING: This is a DEVELOPMENT docker-compose file, it should not be used for production.
 services:
 
-  npm:
+  fullstack:
     image: nginxproxymanager:dev
     container_name: npm_core
     build:
@@ -12,7 +12,11 @@ services:
       - 3081:81
       - 3443:443
     networks:
-      - nginx_proxy_manager
+      nginx_proxy_manager:
+        aliases:
+          - website1.example.com
+          - website2.example.com
+          - website3.example.com
     environment:
       PUID: 1000
       PGID: 1000
@@ -29,12 +33,20 @@ services:
       DB_MYSQL_NAME: 'npm'
       # DB_SQLITE_FILE: "/data/database.sqlite"
       # DISABLE_IPV6: "true"
+      # Required for DNS Certificate provisioning testing:
+      LE_SERVER: 'https://ca.internal/acme/acme/directory'
+      REQUESTS_CA_BUNDLE: '/etc/ssl/certs/NginxProxyManager.crt'
     volumes:
       - npm_data:/data
       - le_data:/etc/letsencrypt
+      - './dev/resolv.conf:/etc/resolv.conf:ro'
       - ../backend:/app
       - ../frontend:/app/frontend
       - ../global:/app/global
+    healthcheck:
+      test: ["CMD", "/usr/bin/check-health"]
+      interval: 10s
+      timeout: 3s
     depends_on:
       - db
     working_dir: /app
@@ -54,6 +66,23 @@ services:
     volumes:
       - db_data:/var/lib/mysql
 
+  stepca:
+    image: jc21/testca
+    volumes:
+      - './dev/resolv.conf:/etc/resolv.conf:ro'
+      - '/etc/localtime:/etc/localtime:ro'
+    networks:
+      nginx_proxy_manager:
+        aliases:
+          - ca.internal
+
+  dnsrouter:
+    image: jc21/dnsrouter
+    volumes:
+      - ./dev/dnsrouter-config.json.tmp:/dnsrouter-config.json:ro
+    networks:
+      - nginx_proxy_manager
+
   swagger:
     image: swaggerapi/swagger-ui:latest
     container_name: npm_swagger
@@ -63,7 +92,77 @@ services:
       URL: "http://npm:81/api/schema"
       PORT: '80'
     depends_on:
-      - npm
+      - fullstack
+
+  squid:
+    image: ubuntu/squid
+    container_name: npm_squid
+    volumes:
+      - './dev/squid.conf:/etc/squid/squid.conf:ro'
+      - './dev/resolv.conf:/etc/resolv.conf:ro'
+      - '/etc/localtime:/etc/localtime:ro'
+    networks:
+      - nginx_proxy_manager
+    ports:
+      - 8128:3128
+
+  pdns:
+    image: pschiffe/pdns-mysql
+    volumes:
+      - '/etc/localtime:/etc/localtime:ro'
+    environment:
+      PDNS_master: 'yes'
+      PDNS_api: 'yes'
+      PDNS_api_key: 'npm'
+      PDNS_webserver: 'yes'
+      PDNS_webserver_address: '0.0.0.0'
+      PDNS_webserver_password: 'npm'
+      PDNS_webserver-allow-from: '127.0.0.0/8,192.0.0.0/8,10.0.0.0/8,172.0.0.0/8'
+      PDNS_version_string: 'anonymous'
+      PDNS_default_ttl: 1500
+      PDNS_allow_axfr_ips: '127.0.0.0/8,192.0.0.0/8,10.0.0.0/8,172.0.0.0/8'
+      PDNS_gmysql_host: pdns-db
+      PDNS_gmysql_port: 3306
+      PDNS_gmysql_user: pdns
+      PDNS_gmysql_password: pdns
+      PDNS_gmysql_dbname: pdns
+    depends_on:
+      - pdns-db
+    networks:
+      nginx_proxy_manager:
+        aliases:
+          - ns1.pdns
+          - ns2.pdns
+
+  pdns-db:
+    image: mariadb
+    environment:
+      MYSQL_ROOT_PASSWORD: 'pdns'
+      MYSQL_DATABASE: 'pdns'
+      MYSQL_USER: 'pdns'
+      MYSQL_PASSWORD: 'pdns'
+    volumes:
+      - 'pdns_mysql:/var/lib/mysql'
+      - '/etc/localtime:/etc/localtime:ro'
+      - './dev/pdns-db.sql:/docker-entrypoint-initdb.d/01_init.sql:ro'
+    networks:
+      - nginx_proxy_manager
+
+  cypress:
+    image: "npm_dev_cypress"
+    build:
+      context: ../
+      dockerfile: test/cypress/Dockerfile
+    environment:
+      HTTP_PROXY: 'squid:3128'
+      HTTPS_PROXY: 'squid:3128'
+    volumes:
+      - '../test/results:/results'
+      - './dev/resolv.conf:/etc/resolv.conf:ro'
+      - '/etc/localtime:/etc/localtime:ro'
+    command: cypress run --browser chrome --config-file=cypress/config/ci.js
+    networks:
+      - nginx_proxy_manager
 
 volumes:
   npm_data:
@@ -72,6 +171,8 @@ volumes:
     name: npm_le_data
   db_data:
     name: npm_db_data
+  pdns_mysql:
+    name: npm_pdns_mysql
 
 networks:
   nginx_proxy_manager:

docker/rootfs/etc/logrotate.d/nginx-proxy-manager

@@ -8,7 +8,7 @@
     compress
     sharedscripts
     postrotate
-    /bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
+    kill -USR1 `cat /run/nginx/nginx.pid 2>/dev/null` 2>/dev/null || true
     endscript
 }
 
@@ -22,6 +22,6 @@
     compress
     sharedscripts
     postrotate
-    /bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
+    kill -USR1 `cat /run/nginx/nginx.pid 2>/dev/null` 2>/dev/null || true
     endscript
 }

docker/rootfs/var/www/html/index.html

@@ -5,7 +5,7 @@
         <meta http-equiv="X-UA-Compatible" content="IE=edge">
         <meta name="viewport" content="width=device-width, initial-scale=1">
         <title>Default Site</title>
-        <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet">
+        <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css" rel="stylesheet">
         <style>
             .jumbotron { margin-top: 50px; }
         </style>

docs/package.json

@@ -5,7 +5,7 @@
     "preview": "vitepress preview"
   },
   "devDependencies": {
-    "vitepress": "^1.1.4"
+    "vitepress": "^1.4.0"
   },
   "dependencies": {}
 }

docs/src/guide/index.md

@@ -62,7 +62,6 @@ I won't go in to too much detail here but here are the basics for someone new to
 2. Create a docker-compose.yml file similar to this:
 
 ```yml
-version: '3.8'
 services:
   app:
     image: 'jc21/nginx-proxy-manager:latest'

frontend/yarn.lock

@@ -2648,9 +2648,9 @@ electron-to-chromium@^1.3.47:
   integrity sha512-67V62Z4CFOiAtox+o+tosGfVk0QX4DJgH609tjT8QymbJZVAI/jWnAthnr8c5hnRNziIRwkc9EMQYejiVz3/9Q==
 
 elliptic@^6.5.3, elliptic@^6.5.4:
-  version "6.5.4"
-  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.4.tgz#da37cebd31e79a1367e941b592ed1fbebd58abbb"
-  integrity sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==
+  version "6.5.7"
+  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.7.tgz#8ec4da2cb2939926a1b9a73619d768207e647c8b"
+  integrity sha512-ESVCtTwiA+XhY3wyh24QqRGBoP3rEdDUl3EDUUo9tft074fi19IrdpH7hLCMMP3CIj7jb3W96rn8lt/BqIlt5Q==
   dependencies:
     bn.js "^4.11.9"
     brorand "^1.1.0"

global/certbot-dns-plugins.json

@@ -7,6 +7,14 @@
 		"credentials": "dns_acmedns_api_url = http://acmedns-server/\ndns_acmedns_registration_file = /data/acme-registration.json",
 		"full_plugin_name": "dns-acmedns"
 	},
+    "active24":{
+		"name": "Active24",
+		"package_name": "certbot-dns-active24",
+		"version": "~=1.5.1",
+		"dependencies": "",
+		"credentials": "dns_active24_token=\"TOKEN\"",
+		"full_plugin_name": "dns-active24"
+	},
 	"aliyun": {
 		"name": "Aliyun",
 		"package_name": "certbot-dns-aliyun",
@@ -186,7 +194,7 @@
 	"freedns": {
 		"name": "FreeDNS",
 		"package_name": "certbot-dns-freedns",
-		"version": "~=0.1.0",
+		"version": "~=0.2.0",
 		"dependencies": "",
 		"credentials": "dns_freedns_username = myremoteuser\ndns_freedns_password = verysecureremoteuserpassword",
 		"full_plugin_name": "dns-freedns"
@@ -319,6 +327,14 @@
 		"credentials": "dns_luadns_email = user@example.com\ndns_luadns_token = 0123456789abcdef0123456789abcdef",
 		"full_plugin_name": "dns-luadns"
 	},
+	"mijnhost": {
+		"name": "mijn.host",
+		"package_name": "certbot-dns-mijn-host",
+		"version": "~=0.0.4",
+		"dependencies": "",
+		"credentials": "dns-mijn-host-credentials = /etc/letsencrypt/mijnhost-credentials.ini",
+		"full_plugin_name": "dns-mijn-host"
+	},
 	"namecheap": {
 		"name": "Namecheap",
 		"package_name": "certbot-dns-namecheap",
@@ -407,6 +423,14 @@
 		"credentials": "# Target DNS server\ndns_rfc2136_server = 192.0.2.1\n# Target DNS port\ndns_rfc2136_port = 53\n# TSIG key name\ndns_rfc2136_name = keyname.\n# TSIG key secret\ndns_rfc2136_secret = 4q4wM/2I180UXoMyN4INVhJNi8V9BCV+jMw2mXgZw/CSuxUT8C7NKKFs AmKd7ak51vWKgSl12ib86oQRPkpDjg==\n# TSIG key algorithm\ndns_rfc2136_algorithm = HMAC-SHA512",
 		"full_plugin_name": "dns-rfc2136"
 	},
+	"rockenstein": {
+                "name": "rockenstein AG",
+                "package_name": "certbot-dns-rockenstein",
+                "version": "~=1.0.0",
+                "dependencies": "",
+                "credentials": "dns_rockenstein_token=<token>",
+                "full_plugin_name": "dns-rockenstein"
+        },
 	"route53": {
 		"name": "Route 53 (Amazon)",
 		"package_name": "certbot-dns-route53",
@@ -468,7 +492,15 @@
 		"package_name": "certbot-dns-wedos",
 		"version": "~=2.2",
 		"dependencies": "",
-		"credentials": "dns_wedos_user = <wedos_registration>\ndns_wedos_auth = <wapi_sha256_password>",
+		"credentials": "dns_wedos_user = <wedos_registration>\ndns_wedos_auth = <wapi_password>",
 		"full_plugin_name": "dns-wedos"
+	},
+	"edgedns": {
+		"name": "Akamai Edge DNS",
+		"package_name": "certbot-plugin-edgedns",
+		"version": "~=0.1.0",
+		"dependencies": "",
+		"credentials": "edgedns_client_secret = as3d1asd5d1a32sdfsdfs2d1asd5=\nedgedns_host = sdflskjdf-dfsdfsdf-sdfsdfsdf.luna.akamaiapis.net\nedgedns_access_token = kjdsi3-34rfsdfsdf-234234fsdfsdf\nedgedns_client_token = dkfjdf-342fsdfsd-23fsdfsdfsdf",
+		"full_plugin_name": "edgedns"
 	}
 }

scripts/.common.sh

@@ -15,3 +15,13 @@ COMPOSE_PROJECT_NAME="npmdev"
 COMPOSE_FILE="docker/docker-compose.dev.yml"
 
 export COMPOSE_FILE COMPOSE_PROJECT_NAME
+
+# $1: container_name
+get_container_ip () {
+	local container_name=$1
+	local container
+	local ip
+	container=$(docker-compose ps --all -q "${container_name}" | tail -n1)
+	ip=$(docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$container")
+	echo "$ip"
+}