ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-12-06 08:16:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: ThatGuyJack:v2.13.2
Branches Tags
ThatGuyJack:develop ThatGuyJack:dependabot/npm_and_yarn/backend/jws-3.2.3 ThatGuyJack:dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1 ThatGuyJack:dependabot/npm_and_yarn/backend/express-4.22.0 ThatGuyJack:dependabot/npm_and_yarn/test/glob-10.5.0 ThatGuyJack:master ThatGuyJack:sqlite-test ThatGuyJack:lang-persian ThatGuyJack:dependabot/npm_and_yarn/test/form-data-4.0.4 ThatGuyJack:v3-abandoned ThatGuyJack:bump-freedns ThatGuyJack:openidc ThatGuyJack:ssl-passthrough-hosts ThatGuyJack:static-content
ThatGuyJack:v2.13.5 ThatGuyJack:v2.13.4 ThatGuyJack:v2.13.3 ThatGuyJack:v2.13.2 ThatGuyJack:v2.13.1 ThatGuyJack:v2.13.0 ThatGuyJack:v2.12.6 ThatGuyJack:v2.12.5 ThatGuyJack:v2.12.4 ThatGuyJack:v2.12.3 ThatGuyJack:v2.12.2 ThatGuyJack:v2.12.1 ThatGuyJack:v2.12.0 ThatGuyJack:v2.11.3 ThatGuyJack:v2.11.2 ThatGuyJack:v2.11.1 ThatGuyJack:v2.11.0 ThatGuyJack:v2.10.4 ThatGuyJack:v2.10.3 ThatGuyJack:v2.10.2 ThatGuyJack:v2.10.1 ThatGuyJack:v2.10.0 ThatGuyJack:v2.9.22 ThatGuyJack:v2.9.21 ThatGuyJack:v2.9.20 ThatGuyJack:v2.9.19 ThatGuyJack:v2.9.18 ThatGuyJack:v2.9.17 ThatGuyJack:v2.9.16 ThatGuyJack:v2.9.15 ThatGuyJack:v2.9.14 ThatGuyJack:v2.9.13 ThatGuyJack:v2.9.12 ThatGuyJack:v2.9.11 ThatGuyJack:v2.9.10 ThatGuyJack:v2.9.9 ThatGuyJack:v2.9.8 ThatGuyJack:v2.9.7 ThatGuyJack:v2.9.6 ThatGuyJack:v2.9.5 ThatGuyJack:v2.9.4 ThatGuyJack:v2.9.3 ThatGuyJack:v2.9.2 ThatGuyJack:v2.9.1 ThatGuyJack:v2.9.0 ThatGuyJack:v2.8.1 ThatGuyJack:v2.8.0 ThatGuyJack:v2.7.3 ThatGuyJack:v2.7.2 ThatGuyJack:v2.7.1 ThatGuyJack:v2.7.0 ThatGuyJack:v2.6.2 ThatGuyJack:v2.6.1 ThatGuyJack:v2.6.0 ThatGuyJack:v2.5.0 ThatGuyJack:v2.4.0 ThatGuyJack:v2.3.1 ThatGuyJack:v2.3.0 ThatGuyJack:v2.2.4 ThatGuyJack:v2.2.3 ThatGuyJack:v2.2.2 ThatGuyJack:v2.2.1 ThatGuyJack:v2.2.0 ThatGuyJack:v2.1.2 ThatGuyJack:v2.1.1 ThatGuyJack:v2.1.0 ThatGuyJack:2.0.14 ThatGuyJack:2.0.13 ThatGuyJack:2.0.12 ThatGuyJack:2.0.11 ThatGuyJack:2.0.10 ThatGuyJack:2.0.9 ThatGuyJack:2.0.8 ThatGuyJack:2.0.7 ThatGuyJack:2.0.6 ThatGuyJack:2.0.5 ThatGuyJack:2.0.4 ThatGuyJack:2.0.3 ThatGuyJack:2.0.2 ThatGuyJack:2.0.0 ThatGuyJack:v2.0.0 ThatGuyJack:1.1.2 ThatGuyJack:1.1.1 ThatGuyJack:1.0.1
..
compare: ThatGuyJack:a7d4fd55d9a53a32d2f8555cc9310852a33b3d09
Branches Tags
ThatGuyJack:dependabot/npm_and_yarn/backend/jws-3.2.3 ThatGuyJack:dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1 ThatGuyJack:dependabot/npm_and_yarn/backend/express-4.22.0 ThatGuyJack:develop ThatGuyJack:dependabot/npm_and_yarn/test/glob-10.5.0 ThatGuyJack:master ThatGuyJack:sqlite-test ThatGuyJack:lang-persian ThatGuyJack:dependabot/npm_and_yarn/test/form-data-4.0.4 ThatGuyJack:v3-abandoned ThatGuyJack:bump-freedns ThatGuyJack:openidc ThatGuyJack:ssl-passthrough-hosts ThatGuyJack:static-content
ThatGuyJack:v2.13.5 ThatGuyJack:v2.13.4 ThatGuyJack:v2.13.3 ThatGuyJack:v2.13.2 ThatGuyJack:v2.13.1 ThatGuyJack:v2.13.0 ThatGuyJack:v2.12.6 ThatGuyJack:v2.12.5 ThatGuyJack:v2.12.4 ThatGuyJack:v2.12.3 ThatGuyJack:v2.12.2 ThatGuyJack:v2.12.1 ThatGuyJack:v2.12.0 ThatGuyJack:v2.11.3 ThatGuyJack:v2.11.2 ThatGuyJack:v2.11.1 ThatGuyJack:v2.11.0 ThatGuyJack:v2.10.4 ThatGuyJack:v2.10.3 ThatGuyJack:v2.10.2 ThatGuyJack:v2.10.1 ThatGuyJack:v2.10.0 ThatGuyJack:v2.9.22 ThatGuyJack:v2.9.21 ThatGuyJack:v2.9.20 ThatGuyJack:v2.9.19 ThatGuyJack:v2.9.18 ThatGuyJack:v2.9.17 ThatGuyJack:v2.9.16 ThatGuyJack:v2.9.15 ThatGuyJack:v2.9.14 ThatGuyJack:v2.9.13 ThatGuyJack:v2.9.12 ThatGuyJack:v2.9.11 ThatGuyJack:v2.9.10 ThatGuyJack:v2.9.9 ThatGuyJack:v2.9.8 ThatGuyJack:v2.9.7 ThatGuyJack:v2.9.6 ThatGuyJack:v2.9.5 ThatGuyJack:v2.9.4 ThatGuyJack:v2.9.3 ThatGuyJack:v2.9.2 ThatGuyJack:v2.9.1 ThatGuyJack:v2.9.0 ThatGuyJack:v2.8.1 ThatGuyJack:v2.8.0 ThatGuyJack:v2.7.3 ThatGuyJack:v2.7.2 ThatGuyJack:v2.7.1 ThatGuyJack:v2.7.0 ThatGuyJack:v2.6.2 ThatGuyJack:v2.6.1 ThatGuyJack:v2.6.0 ThatGuyJack:v2.5.0 ThatGuyJack:v2.4.0 ThatGuyJack:v2.3.1 ThatGuyJack:v2.3.0 ThatGuyJack:v2.2.4 ThatGuyJack:v2.2.3 ThatGuyJack:v2.2.2 ThatGuyJack:v2.2.1 ThatGuyJack:v2.2.0 ThatGuyJack:v2.1.2 ThatGuyJack:v2.1.1 ThatGuyJack:v2.1.0 ThatGuyJack:2.0.14 ThatGuyJack:2.0.13 ThatGuyJack:2.0.12 ThatGuyJack:2.0.11 ThatGuyJack:2.0.10 ThatGuyJack:2.0.9 ThatGuyJack:2.0.8 ThatGuyJack:2.0.7 ThatGuyJack:2.0.6 ThatGuyJack:2.0.5 ThatGuyJack:2.0.4 ThatGuyJack:2.0.3 ThatGuyJack:2.0.2 ThatGuyJack:2.0.0 ThatGuyJack:v2.0.0 ThatGuyJack:1.1.2 ThatGuyJack:1.1.1 ThatGuyJack:1.0.1

9 Commits
v2.13.2 ... a7d4fd55d9

Author SHA1 Message Date
Jamie Curnow
a7d4fd55d9 Fix proxy hosts routes throwing errors 2025-09-11 08:16:11 +10:00
Jamie Curnow
9682de1830 Biome update 2025-09-10 21:38:02 +10:00
Jamie Curnow
cde7460b5e Fix cypress tests following user wizard changes 2025-09-10 21:32:16 +10:00
Jamie Curnow
ca84e3a146 User Permissions Modal 2025-09-09 15:13:34 +10:00
Jamie Curnow
fa11945235 Introducing the Setup Wizard for creating the first user 
- no longer setup a default
- still able to do that with env vars however
 2025-09-09 13:44:35 +10:00
Jamie Curnow
432afe73ad User table polishing, user delete modal 2025-09-04 14:59:01 +10:00
Jamie Curnow
5a01da2916 Notification toasts, nicer loading, add new user support 2025-09-04 12:11:39 +10:00
Jamie Curnow
ebd9148813 React 2025-09-03 14:02:14 +10:00
Jamie Curnow
a12553fec7 Convert backend to ESM 
- About 5 years overdue
- Remove eslint, use bomejs instead
 2025-09-03 13:59:40 +10:00
407 changed files with 5411 additions and 14224 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1,6 +1,5 @@
.DS_Store .DS_Store
.idea .idea
.qodo
._* ._*
.vscode .vscode
certbot-help.txt certbot-help.txt

2
.version
View File

@@ -1 +1 @@
2.13.2 2.12.6

285
Jenkinsfile vendored Normal file
View File

@@ -0,0 +1,285 @@
import groovy.transform.Field
@Field
def shOutput = ""
def buildxPushTags = ""
pipeline {
agent {
label 'docker-multiarch'
}
options {
buildDiscarder(logRotator(numToKeepStr: '5'))
disableConcurrentBuilds()
ansiColor('xterm')
}
environment {
IMAGE = 'nginx-proxy-manager'
BUILD_VERSION = getVersion()
MAJOR_VERSION = '2'
BRANCH_LOWER = "${BRANCH_NAME.toLowerCase().replaceAll('\\\\', '-').replaceAll('/', '-').replaceAll('\\.', '-')}"
BUILDX_NAME = "npm_${BRANCH_LOWER}_${BUILD_NUMBER}"
COMPOSE_INTERACTIVE_NO_CLI = 1
}
stages {
stage('Environment') {
parallel {
stage('Master') {
when {
branch 'master'
}
steps {
script {
buildxPushTags = "-t docker.io/jc21/${IMAGE}:${BUILD_VERSION} -t docker.io/jc21/${IMAGE}:${MAJOR_VERSION} -t docker.io/jc21/${IMAGE}:latest"
}
}
}
stage('Other') {
when {
not {
branch 'master'
}
}
steps {
script {
// Defaults to the Branch name, which is applies to all branches AND pr's
buildxPushTags = "-t docker.io/nginxproxymanager/${IMAGE}-dev:${BRANCH_LOWER}"
}
}
}
stage('Versions') {
steps {
sh 'cat frontend/package.json | jq --arg BUILD_VERSION "${BUILD_VERSION}" \'.version = $BUILD_VERSION\' | sponge frontend/package.json'
sh 'echo -e "\\E[1;36mFrontend Version is:\\E[1;33m $(cat frontend/package.json | jq -r .version)\\E[0m"'
sh 'cat backend/package.json | jq --arg BUILD_VERSION "${BUILD_VERSION}" \'.version = $BUILD_VERSION\' | sponge backend/package.json'
sh 'echo -e "\\E[1;36mBackend Version is:\\E[1;33m $(cat backend/package.json | jq -r .version)\\E[0m"'
sh 'sed -i -E "s/(version-)[0-9]+\\.[0-9]+\\.[0-9]+(-green)/\\1${BUILD_VERSION}\\2/" README.md'
}
}
stage('Docker Login') {
steps {
withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) {
sh 'docker login -u "${duser}" -p "${dpass}"'
}
}
}
}
}
stage('Builds') {
parallel {
stage('Project') {
steps {
script {
// Frontend and Backend
def shStatusCode = sh(label: 'Checking and Building', returnStatus: true, script: '''
set -e
./scripts/ci/frontend-build > ${WORKSPACE}/tmp-sh-build 2>&1
./scripts/ci/test-and-build > ${WORKSPACE}/tmp-sh-build 2>&1
''')
shOutput = readFile "${env.WORKSPACE}/tmp-sh-build"
if (shStatusCode != 0) {
error "${shOutput}"
}
}
}
post {
always {
sh 'rm -f ${WORKSPACE}/tmp-sh-build'
}
failure {
npmGithubPrComment("CI Error:\n\n```\n${shOutput}\n```", true)
}
}
}
stage('Docs') {
steps {
dir(path: 'docs') {
sh 'yarn install'
sh 'yarn build'
}
}
}
}
}
stage('Test Sqlite') {
environment {
COMPOSE_PROJECT_NAME = "npm_${BRANCH_LOWER}_${BUILD_NUMBER}_sqlite"
COMPOSE_FILE = 'docker/docker-compose.ci.yml:docker/docker-compose.ci.sqlite.yml'
}
when {
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
steps {
sh 'rm -rf ./test/results/junit/*'
sh './scripts/ci/fulltest-cypress'
}
post {
always {
// Dumps to analyze later
sh 'mkdir -p debug/sqlite'
sh 'docker logs $(docker-compose ps --all -q fullstack) > debug/sqlite/docker_fullstack.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q stepca) > debug/sqlite/docker_stepca.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns) > debug/sqlite/docker_pdns.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns-db) > debug/sqlite/docker_pdns-db.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q dnsrouter) > debug/sqlite/docker_dnsrouter.log 2>&1'
junit 'test/results/junit/*'
sh 'docker-compose down --remove-orphans --volumes -t 30 || true'
}
unstable {
dir(path: 'test/results') {
archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml')
}
}
}
}
stage('Test Mysql') {
environment {
COMPOSE_PROJECT_NAME = "npm_${BRANCH_LOWER}_${BUILD_NUMBER}_mysql"
COMPOSE_FILE = 'docker/docker-compose.ci.yml:docker/docker-compose.ci.mysql.yml'
}
when {
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
steps {
sh 'rm -rf ./test/results/junit/*'
sh './scripts/ci/fulltest-cypress'
}
post {
always {
// Dumps to analyze later
sh 'mkdir -p debug/mysql'
sh 'docker logs $(docker-compose ps --all -q fullstack) > debug/mysql/docker_fullstack.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q stepca) > debug/mysql/docker_stepca.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns) > debug/mysql/docker_pdns.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns-db) > debug/mysql/docker_pdns-db.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q dnsrouter) > debug/mysql/docker_dnsrouter.log 2>&1'
junit 'test/results/junit/*'
sh 'docker-compose down --remove-orphans --volumes -t 30 || true'
}
unstable {
dir(path: 'test/results') {
archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml')
}
}
}
}
stage('Test Postgres') {
environment {
COMPOSE_PROJECT_NAME = "npm_${BRANCH_LOWER}_${BUILD_NUMBER}_postgres"
COMPOSE_FILE = 'docker/docker-compose.ci.yml:docker/docker-compose.ci.postgres.yml'
}
when {
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
steps {
sh 'rm -rf ./test/results/junit/*'
sh './scripts/ci/fulltest-cypress'
}
post {
always {
// Dumps to analyze later
sh 'mkdir -p debug/postgres'
sh 'docker logs $(docker-compose ps --all -q fullstack) > debug/postgres/docker_fullstack.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q stepca) > debug/postgres/docker_stepca.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns) > debug/postgres/docker_pdns.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q pdns-db) > debug/postgres/docker_pdns-db.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q dnsrouter) > debug/postgres/docker_dnsrouter.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q db-postgres) > debug/postgres/docker_db-postgres.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q authentik) > debug/postgres/docker_authentik.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q authentik-redis) > debug/postgres/docker_authentik-redis.log 2>&1'
sh 'docker logs $(docker-compose ps --all -q authentik-ldap) > debug/postgres/docker_authentik-ldap.log 2>&1'
junit 'test/results/junit/*'
sh 'docker-compose down --remove-orphans --volumes -t 30 || true'
}
unstable {
dir(path: 'test/results') {
archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml')
}
}
}
}
stage('MultiArch Build') {
when {
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
steps {
sh "./scripts/buildx --push ${buildxPushTags}"
}
}
stage('Docs / Comment') {
parallel {
stage('Docs Job') {
when {
allOf {
branch pattern: "^(develop|master)\$", comparator: "REGEXP"
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
}
steps {
build wait: false, job: 'nginx-proxy-manager-docs', parameters: [string(name: 'docs_branch', value: "$BRANCH_NAME")]
}
}
stage('PR Comment') {
when {
allOf {
changeRequest()
not {
equals expected: 'UNSTABLE', actual: currentBuild.result
}
}
}
steps {
script {
npmGithubPrComment("""Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/nginxproxymanager/${IMAGE}-dev):
```
nginxproxymanager/${IMAGE}-dev:${BRANCH_LOWER}
```
> [!NOTE]
> Ensure you backup your NPM instance before testing this image! Especially if there are database changes.
> This is a different docker image namespace than the official image.
> [!WARNING]
> Changes and additions to DNS Providers require verification by at least 2 members of the community!
""", true)
}
}
}
}
}
}
post {
always {
sh 'echo Reverting ownership'
sh 'docker run --rm -v "$(pwd):/data" jc21/ci-tools chown -R "$(id -u):$(id -g)" /data'
printResult(true)
}
failure {
archiveArtifacts(artifacts: 'debug/**/*.*', allowEmptyArchive: true)
}
unstable {
archiveArtifacts(artifacts: 'debug/**/*.*', allowEmptyArchive: true)
}
}
}
def getVersion() {
ver = sh(script: 'cat .version', returnStdout: true)
return ver.trim()
}
def getCommit() {
ver = sh(script: 'git log -n 1 --format=%h', returnStdout: true)
return ver.trim()
}

14
README.md
View File

@@ -1,7 +1,7 @@
<p align="center"> <p align="center">
<img src="https://nginxproxymanager.com/github.png"> <img src="https://nginxproxymanager.com/github.png">
<br><br> <br><br>
<img src="https://img.shields.io/badge/version-2.13.2-green.svg?style=for-the-badge"> <img src="https://img.shields.io/badge/version-2.12.6-green.svg?style=for-the-badge">
<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager"> <a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge"> <img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
</a> </a>
@@ -74,7 +74,11 @@ This is the bare minimum configuration required. See the [documentation](https:/
3. Bring up your stack by running 3. Bring up your stack by running
```bash ```bash
docker-compose up -d
# If using docker-compose-plugin
docker compose up -d docker compose up -d
``` ```
4. Log in to the Admin UI 4. Log in to the Admin UI
@@ -84,6 +88,14 @@ Sometimes this can take a little bit because of the entropy of keys.
[http://127.0.0.1:81](http://127.0.0.1:81) [http://127.0.0.1:81](http://127.0.0.1:81)
Default Admin User:
```
Email: admin@example.com
Password: changeme
```
Immediately after logging in with this default user you will be asked to modify your details and change your password.
## Contributing ## Contributing

4
backend/app.js
View File

@@ -5,7 +5,7 @@ import fileUpload from "express-fileupload";
import { isDebugMode } from "./lib/config.js"; import { isDebugMode } from "./lib/config.js";
import cors from "./lib/express/cors.js"; import cors from "./lib/express/cors.js";
import jwt from "./lib/express/jwt.js"; import jwt from "./lib/express/jwt.js";
import { debug, express as logger } from "./logger.js"; import { express as logger } from "./logger.js";
import mainRoutes from "./routes/main.js"; import mainRoutes from "./routes/main.js";
/** /**
@@ -80,7 +80,7 @@ app.use((err, req, res, _) => {
// Not every error is worth logging - but this is good for now until it gets annoying. // Not every error is worth logging - but this is good for now until it gets annoying.
if (typeof err.stack !== "undefined" && err.stack) { if (typeof err.stack !== "undefined" && err.stack) {
debug(logger, err.stack); logger.debug(err.stack);
if (typeof err.public === "undefined" || !err.public) { if (typeof err.public === "undefined" || !err.public) {
logger.warn(err.message); logger.warn(err.message);
} }

2
backend/biome.json
View File

@@ -1,5 +1,5 @@
{ {
"$schema": "https://biomejs.dev/schemas/2.3.2/schema.json", "$schema": "https://biomejs.dev/schemas/2.2.4/schema.json",
"vcs": { "vcs": {
"enabled": true, "enabled": true,
"clientKind": "git", "clientKind": "git",

12
backend/db.js
View File

@@ -1,8 +1,6 @@
import knex from "knex"; import knex from "knex";
import {configGet, configHas} from "./lib/config.js"; import {configGet, configHas} from "./lib/config.js";
let instance = null;
const generateDbConfig = () => { const generateDbConfig = () => {
if (!configHas("database")) { if (!configHas("database")) {
throw new Error( throw new Error(
@@ -24,7 +22,6 @@ const generateDbConfig = () => {
password: cfg.password, password: cfg.password,
database: cfg.name, database: cfg.name,
port: cfg.port, port: cfg.port,
...(cfg.ssl ? { ssl: cfg.ssl } : {})
}, },
migrations: { migrations: {
tableName: "migrations", tableName: "migrations",
@@ -32,11 +29,4 @@ const generateDbConfig = () => {
}; };
}; };
const getInstance = () => { export default knex(generateDbConfig());
if (!instance) {
instance = knex(generateDbConfig());
}
return instance;
}
export default getInstance;

293
backend/internal/access-list.js
View File

@@ -21,9 +21,11 @@ const internalAccessList = {
* @param {Object} data * @param {Object} data
* @returns {Promise} * @returns {Promise}
*/ */
create: async (access, data) => { create: (access, data) => {
await access.can("access_lists:create", data); return access
const row = await accessListModel .can("access_lists:create", data)
.then((/*access_data*/) => {
return accessListModel
.query() .query()
.insertAndFetch({ .insertAndFetch({
name: data.name, name: data.name,
@@ -32,11 +34,13 @@ const internalAccessList = {
owner_user_id: access.token.getUserId(1), owner_user_id: access.token.getUserId(1),
}) })
.then(utils.omitRow(omissions())); .then(utils.omitRow(omissions()));
})
.then((row) => {
data.id = row.id; data.id = row.id;
const promises = []; const promises = [];
// Items
// Now add the items
data.items.map((item) => { data.items.map((item) => {
promises.push( promises.push(
accessListAuthModel.query().insert({ accessListAuthModel.query().insert({
@@ -48,8 +52,9 @@ const internalAccessList = {
return true; return true;
}); });
// Clients // Now add the clients
data.clients?.map((client) => { if (typeof data.clients !== "undefined" && data.clients) {
data.clients.map((client) => {
promises.push( promises.push(
accessListClientModel.query().insert({ accessListClientModel.query().insert({
access_list_id: row.id, access_list_id: row.id,
@@ -59,36 +64,45 @@ const internalAccessList = {
); );
return true; return true;
}); });
}
await Promise.all(promises); return Promise.all(promises);
})
.then(() => {
// re-fetch with expansions // re-fetch with expansions
const freshRow = await internalAccessList.get( return internalAccessList.get(
access, access,
{ {
id: data.id, id: data.id,
expand: ["owner", "items", "clients", "proxy_hosts.access_list.[clients,items]"], expand: ["owner", "items", "clients", "proxy_hosts.access_list.[clients,items]"],
}, },
true // skip masking true /* <- skip masking */,
); );
})
.then((row) => {
// Audit log // Audit log
data.meta = _.assign({}, data.meta || {}, freshRow.meta); data.meta = _.assign({}, data.meta || {}, row.meta);
await internalAccessList.build(freshRow);
if (Number.parseInt(freshRow.proxy_host_count, 10)) { return internalAccessList
await internalNginx.bulkGenerateConfigs("proxy_host", freshRow.proxy_hosts); .build(row)
.then(() => {
if (Number.parseInt(row.proxy_host_count, 10)) {
return internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
} }
})
.then(() => {
// Add to audit log // Add to audit log
await internalAuditLog.add(access, { return internalAuditLog.add(access, {
action: "created", action: "created",
object_type: "access-list", object_type: "access-list",
object_id: freshRow.id, object_id: row.id,
meta: internalAccessList.maskItems(data), meta: internalAccessList.maskItems(data),
}); });
})
return internalAccessList.maskItems(freshRow); .then(() => {
return internalAccessList.maskItems(row);
});
});
}, },
/** /**
@@ -99,29 +113,35 @@ const internalAccessList = {
* @param {String} [data.items] * @param {String} [data.items]
* @return {Promise} * @return {Promise}
*/ */
update: async (access, data) => { update: (access, data) => {
await access.can("access_lists:update", data.id); return access
const row = await internalAccessList.get(access, { id: data.id }); .can("access_lists:update", data.id)
.then((/*access_data*/) => {
return internalAccessList.get(access, { id: data.id });
})
.then((row) => {
if (row.id !== data.id) { if (row.id !== data.id) {
// Sanity check that something crazy hasn't happened // Sanity check that something crazy hasn't happened
throw new errs.InternalValidationError( throw new errs.InternalValidationError(
`Access List could not be updated, IDs do not match: ${row.id} !== ${data.id}`, `Access List could not be updated, IDs do not match: ${row.id} !== ${data.id}`,
); );
} }
})
.then(() => {
// patch name if specified // patch name if specified
if (typeof data.name !== "undefined" && data.name) { if (typeof data.name !== "undefined" && data.name) {
await accessListModel.query().where({ id: data.id }).patch({ return accessListModel.query().where({ id: data.id }).patch({
name: data.name, name: data.name,
satisfy_any: data.satisfy_any, satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth, pass_auth: data.pass_auth,
}); });
} }
})
.then(() => {
// Check for items and add/update/remove them // Check for items and add/update/remove them
if (typeof data.items !== "undefined" && data.items) { if (typeof data.items !== "undefined" && data.items) {
const promises = []; const promises = [];
const itemsToKeep = []; const items_to_keep = [];
data.items.map((item) => { data.items.map((item) => {
if (item.password) { if (item.password) {
@@ -134,30 +154,33 @@ const internalAccessList = {
); );
} else { } else {
// This was supplied with an empty password, which means keep it but don't change the password // This was supplied with an empty password, which means keep it but don't change the password
itemsToKeep.push(item.username); items_to_keep.push(item.username);
} }
return true; return true;
}); });
const query = accessListAuthModel.query().delete().where("access_list_id", data.id); const query = accessListAuthModel.query().delete().where("access_list_id", data.id);
if (itemsToKeep.length) { if (items_to_keep.length) {
query.andWhere("username", "NOT IN", itemsToKeep); query.andWhere("username", "NOT IN", items_to_keep);
} }
await query; return query.then(() => {
// Add new items // Add new items
if (promises.length) { if (promises.length) {
await Promise.all(promises); return Promise.all(promises);
} }
});
} }
})
.then(() => {
// Check for clients and add/update/remove them // Check for clients and add/update/remove them
if (typeof data.clients !== "undefined" && data.clients) { if (typeof data.clients !== "undefined" && data.clients) {
const clientPromises = []; const promises = [];
data.clients.map((client) => { data.clients.map((client) => {
if (client.address) { if (client.address) {
clientPromises.push( promises.push(
accessListClientModel.query().insert({ accessListClientModel.query().insert({
access_list_id: data.id, access_list_id: data.id,
address: client.address, address: client.address,
@@ -169,37 +192,48 @@ const internalAccessList = {
}); });
const query = accessListClientModel.query().delete().where("access_list_id", data.id); const query = accessListClientModel.query().delete().where("access_list_id", data.id);
await query;
// Add new clitens
if (clientPromises.length) {
await Promise.all(clientPromises);
}
}
return query.then(() => {
// Add new items
if (promises.length) {
return Promise.all(promises);
}
});
}
})
.then(() => {
// Add to audit log // Add to audit log
await internalAuditLog.add(access, { return internalAuditLog.add(access, {
action: "updated", action: "updated",
object_type: "access-list", object_type: "access-list",
object_id: data.id, object_id: data.id,
meta: internalAccessList.maskItems(data), meta: internalAccessList.maskItems(data),
}); });
})
.then(() => {
// re-fetch with expansions // re-fetch with expansions
const freshRow = await internalAccessList.get( return internalAccessList.get(
access, access,
{ {
id: data.id, id: data.id,
expand: ["owner", "items", "clients", "proxy_hosts.[certificate,access_list.[clients,items]]"], expand: ["owner", "items", "clients", "proxy_hosts.[certificate,access_list.[clients,items]]"],
}, },
true // skip masking true /* <- skip masking */,
); );
})
await internalAccessList.build(freshRow) .then((row) => {
if (Number.parseInt(freshRow.proxy_host_count, 10)) { return internalAccessList
await internalNginx.bulkGenerateConfigs("proxy_host", freshRow.proxy_hosts); .build(row)
.then(() => {
if (Number.parseInt(row.proxy_host_count, 10)) {
return internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
} }
await internalNginx.reload(); })
return internalAccessList.maskItems(freshRow); .then(internalNginx.reload)
.then(() => {
return internalAccessList.maskItems(row);
});
});
}, },
/** /**
@@ -208,13 +242,15 @@ const internalAccessList = {
* @param {Integer} data.id * @param {Integer} data.id
* @param {Array} [data.expand] * @param {Array} [data.expand]
* @param {Array} [data.omit] * @param {Array} [data.omit]
* @param {Boolean} [skipMasking] * @param {Boolean} [skip_masking]
* @return {Promise} * @return {Promise}
*/ */
get: async (access, data, skipMasking) => { get: (access, data, skip_masking) => {
const thisData = data || {}; const thisData = data || {};
const accessData = await access.can("access_lists:get", thisData.id)
return access
.can("access_lists:get", thisData.id)
.then((accessData) => {
const query = accessListModel const query = accessListModel
.query() .query()
.select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count")) .select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count"))
@@ -239,19 +275,22 @@ const internalAccessList = {
query.withGraphFetched(`[${thisData.expand.join(", ")}]`); query.withGraphFetched(`[${thisData.expand.join(", ")}]`);
} }
let row = await query.then(utils.omitRow(omissions())); return query.then(utils.omitRow(omissions()));
})
.then((row) => {
let thisRow = row;
if (!row || !row.id) { if (!row || !row.id) {
throw new errs.ItemNotFoundError(thisData.id); throw new errs.ItemNotFoundError(thisData.id);
} }
if (!skipMasking && typeof row.items !== "undefined" && row.items) { if (!skip_masking && typeof thisRow.items !== "undefined" && thisRow.items) {
row = internalAccessList.maskItems(row); thisRow = internalAccessList.maskItems(thisRow);
} }
// Custom omissions // Custom omissions
if (typeof data.omit !== "undefined" && data.omit !== null) { if (typeof data.omit !== "undefined" && data.omit !== null) {
row = _.omit(row, data.omit); thisRow = _.omit(thisRow, data.omit);
} }
return row; return thisRow;
});
}, },
/** /**
@@ -261,13 +300,13 @@ const internalAccessList = {
* @param {String} [data.reason] * @param {String} [data.reason]
* @returns {Promise} * @returns {Promise}
*/ */
delete: async (access, data) => { delete: (access, data) => {
await access.can("access_lists:delete", data.id); return access
const row = await internalAccessList.get(access, { .can("access_lists:delete", data.id)
id: data.id, .then(() => {
expand: ["proxy_hosts", "items", "clients"], return internalAccessList.get(access, { id: data.id, expand: ["proxy_hosts", "items", "clients"] });
}); })
.then((row) => {
if (!row || !row.id) { if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id); throw new errs.ItemNotFoundError(data.id);
} }
@@ -278,47 +317,58 @@ const internalAccessList = {
// 4. audit log // 4. audit log
// 1. update row to be deleted // 1. update row to be deleted
await accessListModel return accessListModel
.query() .query()
.where("id", row.id) .where("id", row.id)
.patch({ .patch({
is_deleted: 1, is_deleted: 1,
}); })
.then(() => {
// 2. update any proxy hosts that were using it (ignoring permissions) // 2. update any proxy hosts that were using it (ignoring permissions)
if (row.proxy_hosts) { if (row.proxy_hosts) {
await proxyHostModel return proxyHostModel
.query() .query()
.where("access_list_id", "=", row.id) .where("access_list_id", "=", row.id)
.patch({ access_list_id: 0 }); .patch({ access_list_id: 0 })
.then(() => {
// 3. reconfigure those hosts, then reload nginx // 3. reconfigure those hosts, then reload nginx
// set the access_list_id to zero for these items // set the access_list_id to zero for these items
row.proxy_hosts.map((_val, idx) => { row.proxy_hosts.map((_val, idx) => {
row.proxy_hosts[idx].access_list_id = 0; row.proxy_hosts[idx].access_list_id = 0;
return true; return true;
}); });
await internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts); return internalNginx.bulkGenerateConfigs("proxy_host", row.proxy_hosts);
})
.then(() => {
return internalNginx.reload();
});
} }
})
await internalNginx.reload(); .then(() => {
// delete the htpasswd file // delete the htpasswd file
const htpasswd_file = internalAccessList.getFilename(row);
try { try {
fs.unlinkSync(internalAccessList.getFilename(row)); fs.unlinkSync(htpasswd_file);
} catch (_err) { } catch (_err) {
// do nothing // do nothing
} }
})
.then(() => {
// 4. audit log // 4. audit log
await internalAuditLog.add(access, { return internalAuditLog.add(access, {
action: "deleted", action: "deleted",
object_type: "access-list", object_type: "access-list",
object_id: row.id, object_id: row.id,
meta: _.omit(internalAccessList.maskItems(row), ["is_deleted", "proxy_hosts"]), meta: _.omit(internalAccessList.maskItems(row), ["is_deleted", "proxy_hosts"]),
}); });
});
})
.then(() => {
return true; return true;
});
}, },
/** /**
@@ -326,12 +376,13 @@ const internalAccessList = {
* *
* @param {Access} access * @param {Access} access
* @param {Array} [expand] * @param {Array} [expand]
* @param {String} [searchQuery] * @param {String} [search_query]
* @returns {Promise} * @returns {Promise}
*/ */
getAll: async (access, expand, searchQuery) => { getAll: (access, expand, search_query) => {
const accessData = await access.can("access_lists:list"); return access
.can("access_lists:list")
.then((access_data) => {
const query = accessListModel const query = accessListModel
.query() .query()
.select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count")) .select("access_list.*", accessListModel.raw("COUNT(proxy_host.id) as proxy_host_count"))
@@ -347,14 +398,14 @@ const internalAccessList = {
.allowGraph("[owner,items,clients]") .allowGraph("[owner,items,clients]")
.orderBy("access_list.name", "ASC"); .orderBy("access_list.name", "ASC");
if (accessData.permission_visibility !== "all") { if (access_data.permission_visibility !== "all") {
query.andWhere("access_list.owner_user_id", access.token.getUserId(1)); query.andWhere("access_list.owner_user_id", access.token.getUserId(1));
} }
// Query is used for searching // Query is used for searching
if (typeof searchQuery === "string") { if (typeof search_query === "string") {
query.where(function () { query.where(function () {
this.where("name", "like", `%${searchQuery}%`); this.where("name", "like", `%${search_query}%`);
}); });
} }
@@ -362,7 +413,9 @@ const internalAccessList = {
query.withGraphFetched(`[${expand.join(", ")}]`); query.withGraphFetched(`[${expand.join(", ")}]`);
} }
const rows = await query.then(utils.omitRows(omissions())); return query.then(utils.omitRows(omissions()));
})
.then((rows) => {
if (rows) { if (rows) {
rows.map((row, idx) => { rows.map((row, idx) => {
if (typeof row.items !== "undefined" && row.items) { if (typeof row.items !== "undefined" && row.items) {
@@ -371,28 +424,28 @@ const internalAccessList = {
return true; return true;
}); });
} }
return rows; return rows;
});
}, },
/** /**
* Count is used in reports * Report use
* *
* @param {Integer} userId * @param {Integer} user_id
* @param {String} visibility * @param {String} visibility
* @returns {Promise} * @returns {Promise}
*/ */
getCount: async (userId, visibility) => { getCount: (user_id, visibility) => {
const query = accessListModel const query = accessListModel.query().count("id as count").where("is_deleted", 0);
.query()
.count("id as count")
.where("is_deleted", 0);
if (visibility !== "all") { if (visibility !== "all") {
query.andWhere("owner_user_id", userId); query.andWhere("owner_user_id", user_id);
} }
const row = await query.first(); return query.first().then((row) => {
return Number.parseInt(row.count, 10); return Number.parseInt(row.count, 10);
});
}, },
/** /**
@@ -402,19 +455,20 @@ const internalAccessList = {
maskItems: (list) => { maskItems: (list) => {
if (list && typeof list.items !== "undefined") { if (list && typeof list.items !== "undefined") {
list.items.map((val, idx) => { list.items.map((val, idx) => {
let repeatFor = 8; let repeat_for = 8;
let firstChar = "*"; let first_char = "*";
if (typeof val.password !== "undefined" && val.password) { if (typeof val.password !== "undefined" && val.password) {
repeatFor = val.password.length - 1; repeat_for = val.password.length - 1;
firstChar = val.password.charAt(0); first_char = val.password.charAt(0);
} }
list.items[idx].hint = firstChar + "*".repeat(repeatFor); list.items[idx].hint = first_char + "*".repeat(repeat_for);
list.items[idx].password = ""; list.items[idx].password = "";
return true; return true;
}); });
} }
return list; return list;
}, },
@@ -434,33 +488,43 @@ const internalAccessList = {
* @param {Array} list.items * @param {Array} list.items
* @returns {Promise} * @returns {Promise}
*/ */
build: async (list) => { build: (list) => {
logger.info(`Building Access file #${list.id} for: ${list.name}`); logger.info(`Building Access file #${list.id} for: ${list.name}`);
const htpasswdFile = internalAccessList.getFilename(list); return new Promise((resolve, reject) => {
const htpasswd_file = internalAccessList.getFilename(list);
// 1. remove any existing access file // 1. remove any existing access file
try { try {
fs.unlinkSync(htpasswdFile); fs.unlinkSync(htpasswd_file);
} catch (_err) { } catch (_err) {
// do nothing // do nothing
} }
// 2. create empty access file // 2. create empty access file
fs.writeFileSync(htpasswdFile, '', {encoding: 'utf8'}); try {
fs.writeFileSync(htpasswd_file, "", { encoding: "utf8" });
resolve(htpasswd_file);
} catch (err) {
reject(err);
}
}).then((htpasswd_file) => {
// 3. generate password for each user // 3. generate password for each user
if (list.items.length) { if (list.items.length) {
await new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
batchflow(list.items).sequential() batchflow(list.items)
.sequential()
.each((_i, item, next) => { .each((_i, item, next) => {
if (item.password?.length) { if (item.password?.length) {
logger.info(`Adding: ${item.username}`); logger.info(`Adding: ${item.username}`);
utils.execFile('openssl', ['passwd', '-apr1', item.password]) utils
.execFile("openssl", ["passwd", "-apr1", item.password])
.then((res) => { .then((res) => {
try { try {
fs.appendFileSync(htpasswdFile, `${item.username}:${res}\n`, {encoding: 'utf8'}); fs.appendFileSync(htpasswd_file, `${item.username}:${res}\n`, {
encoding: "utf8",
});
} catch (err) { } catch (err) {
reject(err); reject(err);
} }
@@ -482,7 +546,8 @@ const internalAccessList = {
}); });
}); });
} }
} });
} },
};
export default internalAccessList; export default internalAccessList;

58
backend/internal/audit-log.js
View File

@@ -9,12 +9,11 @@ const internalAuditLog = {
* *
* @param {Access} access * @param {Access} access
* @param {Array} [expand] * @param {Array} [expand]
* @param {String} [searchQuery] * @param {String} [search_query]
* @returns {Promise} * @returns {Promise}
*/ */
getAll: async (access, expand, searchQuery) => { getAll: (access, expand, search_query) => {
await access.can("auditlog:list"); return access.can("auditlog:list").then(() => {
const query = auditLogModel const query = auditLogModel
.query() .query()
.orderBy("created_on", "DESC") .orderBy("created_on", "DESC")
@@ -23,9 +22,9 @@ const internalAuditLog = {
.allowGraph("[user]"); .allowGraph("[user]");
// Query is used for searching // Query is used for searching
if (typeof searchQuery === "string" && searchQuery.length > 0) { if (typeof search_query === "string" && search_query.length > 0) {
query.where(function () { query.where(function () {
this.where(castJsonIfNeed("meta"), "like", `%${searchQuery}`); this.where(castJsonIfNeed("meta"), "like", `%${search_query}`);
}); });
} }
@@ -33,36 +32,8 @@ const internalAuditLog = {
query.withGraphFetched(`[${expand.join(", ")}]`); query.withGraphFetched(`[${expand.join(", ")}]`);
} }
return await query; return query;
}, });
/**
* @param {Access} access
* @param {Object} [data]
* @param {Integer} [data.id] Defaults to the token user
* @param {Array} [data.expand]
* @return {Promise}
*/
get: async (access, data) => {
await access.can("auditlog:list");
const query = auditLogModel
.query()
.andWhere("id", data.id)
.allowGraph("[user]")
.first();
if (typeof data.expand !== "undefined" && data.expand !== null) {
query.withGraphFetched(`[${data.expand.join(", ")}]`);
}
const row = await query;
if (!row?.id) {
throw new errs.ItemNotFoundError(data.id);
}
return row;
}, },
/** /**
@@ -79,22 +50,27 @@ const internalAuditLog = {
* @param {Object} [data.meta] * @param {Object} [data.meta]
* @returns {Promise} * @returns {Promise}
*/ */
add: async (access, data) => { add: (access, data) => {
return new Promise((resolve, reject) => {
// Default the user id
if (typeof data.user_id === "undefined" || !data.user_id) { if (typeof data.user_id === "undefined" || !data.user_id) {
data.user_id = access.token.getUserId(1); data.user_id = access.token.getUserId(1);
} }
if (typeof data.action === "undefined" || !data.action) { if (typeof data.action === "undefined" || !data.action) {
throw new errs.InternalValidationError("Audit log entry must contain an Action"); reject(new errs.InternalValidationError("Audit log entry must contain an Action"));
} } else {
// Make sure at least 1 of the IDs are set and action // Make sure at least 1 of the IDs are set and action
return await auditLogModel.query().insert({ resolve(
auditLogModel.query().insert({
user_id: data.user_id, user_id: data.user_id,
action: data.action, action: data.action,
object_type: data.object_type || "", object_type: data.object_type || "",
object_id: data.object_id || 0, object_id: data.object_id || 0,
meta: data.meta || {}, meta: data.meta || {},
}),
);
}
}); });
}, },
}; };

710
backend/internal/certificate.js
View File

File diff suppressed because it is too large Load Diff

311
backend/internal/dead-host.js
View File

@@ -18,24 +18,25 @@ const internalDeadHost = {
* @param {Object} data * @param {Object} data
* @returns {Promise} * @returns {Promise}
*/ */
create: async (access, data) => { create: (access, data) => {
const createCertificate = data.certificate_id === "new"; const createCertificate = data.certificate_id === "new";
if (createCertificate) { if (createCertificate) {
delete data.certificate_id; delete data.certificate_id;
} }
await access.can("dead_hosts:create", data); return access
.can("dead_hosts:create", data)
.then((/*access_data*/) => {
// Get a list of the domain names and check each of them against existing records // Get a list of the domain names and check each of them against existing records
const domainNameCheckPromises = []; const domain_name_check_promises = [];
data.domain_names.map((domain_name) => { data.domain_names.map((domain_name) => {
domainNameCheckPromises.push(internalHost.isHostnameTaken(domain_name)); domain_name_check_promises.push(internalHost.isHostnameTaken(domain_name));
return true; return true;
}); });
await Promise.all(domainNameCheckPromises).then((check_results) => { return Promise.all(domain_name_check_promises).then((check_results) => {
check_results.map((result) => { check_results.map((result) => {
if (result.is_taken) { if (result.is_taken) {
throw new errs.ValidationError(`${result.hostname} is already in use`); throw new errs.ValidationError(`${result.hostname} is already in use`);
@@ -43,7 +44,8 @@ const internalDeadHost = {
return true; return true;
}); });
}); });
})
.then(() => {
// At this point the domains should have been checked // At this point the domains should have been checked
data.owner_user_id = access.token.getUserId(1); data.owner_user_id = access.token.getUserId(1);
const thisData = internalHost.cleanSslHstsData(data); const thisData = internalHost.cleanSslHstsData(data);
@@ -54,43 +56,53 @@ const internalDeadHost = {
thisData.advanced_config = ""; thisData.advanced_config = "";
} }
const row = await deadHostModel.query() return deadHostModel.query().insertAndFetch(thisData).then(utils.omitRow(omissions()));
.insertAndFetch(thisData) })
.then(utils.omitRow(omissions())); .then((row) => {
// Add to audit log
await internalAuditLog.add(access, {
action: "created",
object_type: "dead-host",
object_id: row.id,
meta: thisData,
});
if (createCertificate) { if (createCertificate) {
const cert = await internalCertificate.createQuickCertificate(access, data); return internalCertificate
.createQuickCertificate(access, data)
.then((cert) => {
// update host with cert id // update host with cert id
await internalDeadHost.update(access, { return internalDeadHost.update(access, {
id: row.id, id: row.id,
certificate_id: cert.id, certificate_id: cert.id,
}); });
})
.then(() => {
return row;
});
} }
return row;
})
.then((row) => {
// re-fetch with cert // re-fetch with cert
const freshRow = await internalDeadHost.get(access, { return internalDeadHost.get(access, {
id: row.id, id: row.id,
expand: ["certificate", "owner"], expand: ["certificate", "owner"],
}); });
})
// Sanity check .then((row) => {
if (createCertificate && !freshRow.certificate_id) {
throw new errs.InternalValidationError("The host was created but the Certificate creation failed.");
}
// Configure nginx // Configure nginx
await internalNginx.configure(deadHostModel, "dead_host", freshRow); return internalNginx.configure(deadHostModel, "dead_host", row).then(() => {
return row;
});
})
.then((row) => {
data.meta = _.assign({}, data.meta || {}, row.meta);
return freshRow; // Add to audit log
return internalAuditLog
.add(access, {
action: "created",
object_type: "dead-host",
object_id: row.id,
meta: data,
})
.then(() => {
return row;
});
});
}, },
/** /**
@@ -99,51 +111,66 @@ const internalDeadHost = {
* @param {Number} data.id * @param {Number} data.id
* @return {Promise} * @return {Promise}
*/ */
update: async (access, data) => { update: (access, data) => {
const createCertificate = data.certificate_id === "new"; let thisData = data;
const createCertificate = thisData.certificate_id === "new";
if (createCertificate) { if (createCertificate) {
delete data.certificate_id; delete thisData.certificate_id;
} }
await access.can("dead_hosts:update", data.id); return access
.can("dead_hosts:update", thisData.id)
.then((/*access_data*/) => {
// Get a list of the domain names and check each of them against existing records // Get a list of the domain names and check each of them against existing records
const domainNameCheckPromises = []; const domain_name_check_promises = [];
if (typeof data.domain_names !== "undefined") {
data.domain_names.map((domainName) => { if (typeof thisData.domain_names !== "undefined") {
domainNameCheckPromises.push(internalHost.isHostnameTaken(domainName, "dead", data.id)); thisData.domain_names.map((domain_name) => {
domain_name_check_promises.push(internalHost.isHostnameTaken(domain_name, "dead", data.id));
return true; return true;
}); });
const checkResults = await Promise.all(domainNameCheckPromises); return Promise.all(domain_name_check_promises).then((check_results) => {
checkResults.map((result) => { check_results.map((result) => {
if (result.is_taken) { if (result.is_taken) {
throw new errs.ValidationError(`${result.hostname} is already in use`); throw new errs.ValidationError(`${result.hostname} is already in use`);
} }
return true; return true;
}); });
});
} }
const row = await internalDeadHost.get(access, { id: data.id }); })
.then(() => {
if (row.id !== data.id) { return internalDeadHost.get(access, { id: thisData.id });
})
.then((row) => {
if (row.id !== thisData.id) {
// Sanity check that something crazy hasn't happened // Sanity check that something crazy hasn't happened
throw new errs.InternalValidationError( throw new errs.InternalValidationError(
`404 Host could not be updated, IDs do not match: ${row.id} !== ${data.id}`, `404 Host could not be updated, IDs do not match: ${row.id} !== ${thisData.id}`,
); );
} }
if (createCertificate) { if (createCertificate) {
const cert = await internalCertificate.createQuickCertificate(access, { return internalCertificate
domain_names: data.domain_names || row.domain_names, .createQuickCertificate(access, {
meta: _.assign({}, row.meta, data.meta), domain_names: thisData.domain_names || row.domain_names,
}); meta: _.assign({}, row.meta, thisData.meta),
})
.then((cert) => {
// update host with cert id // update host with cert id
data.certificate_id = cert.id; thisData.certificate_id = cert.id;
})
.then(() => {
return row;
});
} }
return row;
})
.then((row) => {
// Add domain_names to the data in case it isn't there, so that the audit log renders correctly. The order is important here. // Add domain_names to the data in case it isn't there, so that the audit log renders correctly. The order is important here.
let thisData = _.assign( thisData = _.assign(
{}, {},
{ {
domain_names: row.domain_names, domain_names: row.domain_names,
@@ -153,31 +180,38 @@ const internalDeadHost = {
thisData = internalHost.cleanSslHstsData(thisData, row); thisData = internalHost.cleanSslHstsData(thisData, row);
return deadHostModel
// do the row update
await deadHostModel
.query() .query()
.where({id: data.id}) .where({ id: thisData.id })
.patch(data); .patch(thisData)
.then((saved_row) => {
// Add to audit log // Add to audit log
await internalAuditLog.add(access, { return internalAuditLog
.add(access, {
action: "updated", action: "updated",
object_type: "dead-host", object_type: "dead-host",
object_id: row.id, object_id: row.id,
meta: thisData, meta: thisData,
})
.then(() => {
return _.omit(saved_row, omissions());
}); });
});
const thisRow = await internalDeadHost })
.then(() => {
return internalDeadHost
.get(access, { .get(access, {
id: thisData.id, id: thisData.id,
expand: ["owner", "certificate"], expand: ["owner", "certificate"],
}); })
.then((row) => {
// Configure nginx // Configure nginx
const newMeta = await internalNginx.configure(deadHostModel, "dead_host", row); return internalNginx.configure(deadHostModel, "dead_host", row).then((new_meta) => {
row.meta = newMeta; row.meta = new_meta;
return _.omit(internalHost.cleanRowCertificateMeta(thisRow), omissions()); return _.omit(internalHost.cleanRowCertificateMeta(row), omissions());
});
});
});
}, },
/** /**
@@ -188,32 +222,39 @@ const internalDeadHost = {
* @param {Array} [data.omit] * @param {Array} [data.omit]
* @return {Promise} * @return {Promise}
*/ */
get: async (access, data) => { get: (access, data) => {
const accessData = await access.can("dead_hosts:get", data.id); const thisData = data || {};
return access
.can("dead_hosts:get", thisData.id)
.then((access_data) => {
const query = deadHostModel const query = deadHostModel
.query() .query()
.where("is_deleted", 0) .where("is_deleted", 0)
.andWhere("id", data.id) .andWhere("id", dthisDataata.id)
.allowGraph("[owner,certificate]") .allowGraph("[owner,certificate]")
.first(); .first();
if (accessData.permission_visibility !== "all") { if (access_data.permission_visibility !== "all") {
query.andWhere("owner_user_id", access.token.getUserId(1)); query.andWhere("owner_user_id", access.token.getUserId(1));
} }
if (typeof data.expand !== "undefined" && data.expand !== null) { if (typeof thisData.expand !== "undefined" && thisData.expand !== null) {
query.withGraphFetched(`[${data.expand.join(", ")}]`); query.withGraphFetched(`[${data.expand.join(", ")}]`);
} }
const row = await query.then(utils.omitRow(omissions())); return query.then(utils.omitRow(omissions()));
})
.then((row) => {
if (!row || !row.id) { if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id); throw new errs.ItemNotFoundError(thisData.id);
} }
// Custom omissions // Custom omissions
if (typeof data.omit !== "undefined" && data.omit !== null) { if (typeof thisData.omit !== "undefined" && thisData.omit !== null) {
return _.omit(row, data.omit); return _.omit(row, thisData.omit);
} }
return row; return row;
});
}, },
/** /**
@@ -223,32 +264,42 @@ const internalDeadHost = {
* @param {String} [data.reason] * @param {String} [data.reason]
* @returns {Promise} * @returns {Promise}
*/ */
delete: async (access, data) => { delete: (access, data) => {
await access.can("dead_hosts:delete", data.id) return access
const row = await internalDeadHost.get(access, { id: data.id }); .can("dead_hosts:delete", data.id)
.then(() => {
return internalDeadHost.get(access, { id: data.id });
})
.then((row) => {
if (!row || !row.id) { if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id); throw new errs.ItemNotFoundError(data.id);
} }
await deadHostModel return deadHostModel
.query() .query()
.where("id", row.id) .where("id", row.id)
.patch({ .patch({
is_deleted: 1, is_deleted: 1,
}); })
.then(() => {
// Delete Nginx Config // Delete Nginx Config
await internalNginx.deleteConfig("dead_host", row); return internalNginx.deleteConfig("dead_host", row).then(() => {
await internalNginx.reload(); return internalNginx.reload();
});
})
.then(() => {
// Add to audit log // Add to audit log
await internalAuditLog.add(access, { return internalAuditLog.add(access, {
action: "deleted", action: "deleted",
object_type: "dead-host", object_type: "dead-host",
object_id: row.id, object_id: row.id,
meta: _.omit(row, omissions()), meta: _.omit(row, omissions()),
}); });
});
})
.then(() => {
return true; return true;
});
}, },
/** /**
@@ -258,12 +309,16 @@ const internalDeadHost = {
* @param {String} [data.reason] * @param {String} [data.reason]
* @returns {Promise} * @returns {Promise}
*/ */
enable: async (access, data) => { enable: (access, data) => {
await access.can("dead_hosts:update", data.id) return access
const row = await internalDeadHost.get(access, { .can("dead_hosts:update", data.id)
.then(() => {
return internalDeadHost.get(access, {
id: data.id, id: data.id,
expand: ["certificate", "owner"], expand: ["certificate", "owner"],
}); });
})
.then((row) => {
if (!row || !row.id) { if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id); throw new errs.ItemNotFoundError(data.id);
} }
@@ -273,24 +328,29 @@ const internalDeadHost = {
row.enabled = 1; row.enabled = 1;
await deadHostModel return deadHostModel
.query() .query()
.where("id", row.id) .where("id", row.id)
.patch({ .patch({
enabled: 1, enabled: 1,
}); })
.then(() => {
// Configure nginx // Configure nginx
await internalNginx.configure(deadHostModel, "dead_host", row); return internalNginx.configure(deadHostModel, "dead_host", row);
})
.then(() => {
// Add to audit log // Add to audit log
await internalAuditLog.add(access, { return internalAuditLog.add(access, {
action: "enabled", action: "enabled",
object_type: "dead-host", object_type: "dead-host",
object_id: row.id, object_id: row.id,
meta: _.omit(row, omissions()), meta: _.omit(row, omissions()),
}); });
});
})
.then(() => {
return true; return true;
});
}, },
/** /**
@@ -300,9 +360,13 @@ const internalDeadHost = {
* @param {String} [data.reason] * @param {String} [data.reason]
* @returns {Promise} * @returns {Promise}
*/ */
disable: async (access, data) => { disable: (access, data) => {
await access.can("dead_hosts:update", data.id) return access
const row = await internalDeadHost.get(access, { id: data.id }); .can("dead_hosts:update", data.id)
.then(() => {
return internalDeadHost.get(access, { id: data.id });
})
.then((row) => {
if (!row || !row.id) { if (!row || !row.id) {
throw new errs.ItemNotFoundError(data.id); throw new errs.ItemNotFoundError(data.id);
} }
@@ -312,25 +376,31 @@ const internalDeadHost = {
row.enabled = 0; row.enabled = 0;
await deadHostModel return deadHostModel
.query() .query()
.where("id", row.id) .where("id", row.id)
.patch({ .patch({
enabled: 0, enabled: 0,
}); })
.then(() => {
// Delete Nginx Config // Delete Nginx Config
await internalNginx.deleteConfig("dead_host", row); return internalNginx.deleteConfig("dead_host", row).then(() => {
await internalNginx.reload(); return internalNginx.reload();
});
})
.then(() => {
// Add to audit log // Add to audit log
await internalAuditLog.add(access, { return internalAuditLog.add(access, {
action: "disabled", action: "disabled",
object_type: "dead-host", object_type: "dead-host",
object_id: row.id, object_id: row.id,
meta: _.omit(row, omissions()), meta: _.omit(row, omissions()),
}); });
});
})
.then(() => {
return true; return true;
});
}, },
/** /**
@@ -338,11 +408,13 @@ const internalDeadHost = {
* *
* @param {Access} access * @param {Access} access
* @param {Array} [expand] * @param {Array} [expand]
* @param {String} [searchQuery] * @param {String} [search_query]
* @returns {Promise} * @returns {Promise}
*/ */
getAll: async (access, expand, searchQuery) => { getAll: (access, expand, search_query) => {
const accessData = await access.can("dead_hosts:list") return access
.can("dead_hosts:list")
.then((access_data) => {
const query = deadHostModel const query = deadHostModel
.query() .query()
.where("is_deleted", 0) .where("is_deleted", 0)
@@ -350,14 +422,14 @@ const internalDeadHost = {
.allowGraph("[owner,certificate]") .allowGraph("[owner,certificate]")
.orderBy(castJsonIfNeed("domain_names"), "ASC"); .orderBy(castJsonIfNeed("domain_names"), "ASC");
if (accessData.permission_visibility !== "all") { if (access_data.permission_visibility !== "all") {
query.andWhere("owner_user_id", access.token.getUserId(1)); query.andWhere("owner_user_id", access.token.getUserId(1));
} }
// Query is used for searching // Query is used for searching
if (typeof searchQuery === "string" && searchQuery.length > 0) { if (typeof search_query === "string" && search_query.length > 0) {
query.where(function () { query.where(function () {
this.where(castJsonIfNeed("domain_names"), "like", `%${searchQuery}%`); this.where(castJsonIfNeed("domain_names"), "like", `%${search_query}%`);
}); });
} }
@@ -365,11 +437,15 @@ const internalDeadHost = {
query.withGraphFetched(`[${expand.join(", ")}]`); query.withGraphFetched(`[${expand.join(", ")}]`);
} }
const rows = await query.then(utils.omitRows(omissions())); return query.then(utils.omitRows(omissions()));
})
.then((rows) => {
if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) { if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) {
internalHost.cleanAllRowsCertificateMeta(rows); return internalHost.cleanAllRowsCertificateMeta(rows);
} }
return rows; return rows;
});
}, },
/** /**
@@ -379,15 +455,16 @@ const internalDeadHost = {
* @param {String} visibility * @param {String} visibility
* @returns {Promise} * @returns {Promise}
*/ */
getCount: async (user_id, visibility) => { getCount: (user_id, visibility) => {
const query = deadHostModel.query().count("id as count").where("is_deleted", 0); const query = deadHostModel.query().count("id as count").where("is_deleted", 0);
if (visibility !== "all") { if (visibility !== "all") {
query.andWhere("owner_user_id", user_id); query.andWhere("owner_user_id", user_id);
} }
const row = await query.first(); return query.first().then((row) => {
return Number.parseInt(row.count, 10); return Number.parseInt(row.count, 10);
});
}, },
}; };

45
backend/internal/host.js
View File

@@ -65,33 +65,50 @@ const internalHost = {
}, },
/** /**
* This returns all the host types with any domain listed in the provided domainNames array. * This returns all the host types with any domain listed in the provided domain_names array.
* This is used by the certificates to temporarily disable any host that is using the domain * This is used by the certificates to temporarily disable any host that is using the domain
* *
* @param {Array} domainNames * @param {Array} domain_names
* @returns {Promise} * @returns {Promise}
*/ */
getHostsWithDomains: async (domainNames) => { getHostsWithDomains: (domain_names) => {
const responseObject = { const promises = [
proxyHostModel.query().where("is_deleted", 0),
redirectionHostModel.query().where("is_deleted", 0),
deadHostModel.query().where("is_deleted", 0),
];
return Promise.all(promises).then((promises_results) => {
const response_object = {
total_count: 0, total_count: 0,
dead_hosts: [], dead_hosts: [],
proxy_hosts: [], proxy_hosts: [],
redirection_hosts: [], redirection_hosts: [],
}; };
const proxyRes = await proxyHostModel.query().where("is_deleted", 0); if (promises_results[0]) {
responseObject.proxy_hosts = internalHost._getHostsWithDomains(proxyRes, domainNames); // Proxy Hosts
responseObject.total_count += responseObject.proxy_hosts.length; response_object.proxy_hosts = internalHost._getHostsWithDomains(promises_results[0], domain_names);
response_object.total_count += response_object.proxy_hosts.length;
}
const redirRes = await redirectionHostModel.query().where("is_deleted", 0); if (promises_results[1]) {
responseObject.redirection_hosts = internalHost._getHostsWithDomains(redirRes, domainNames); // Redirection Hosts
responseObject.total_count += responseObject.redirection_hosts.length; response_object.redirection_hosts = internalHost._getHostsWithDomains(
promises_results[1],
domain_names,
);
response_object.total_count += response_object.redirection_hosts.length;
}
const deadRes = await deadHostModel.query().where("is_deleted", 0); if (promises_results[2]) {
responseObject.dead_hosts = internalHost._getHostsWithDomains(deadRes, domainNames); // Dead Hosts
responseObject.total_count += responseObject.dead_hosts.length; response_object.dead_hosts = internalHost._getHostsWithDomains(promises_results[2], domain_names);
response_object.total_count += response_object.dead_hosts.length;
}
return responseObject; return response_object;
});
}, },
/** /**

4
backend/internal/ip_ranges.js
View File

@@ -2,7 +2,6 @@ import fs from "node:fs";
import https from "node:https"; import https from "node:https";
import { dirname } from "node:path"; import { dirname } from "node:path";
import { fileURLToPath } from "node:url"; import { fileURLToPath } from "node:url";
import { ProxyAgent } from "proxy-agent";
import errs from "../lib/error.js"; import errs from "../lib/error.js";
import utils from "../lib/utils.js"; import utils from "../lib/utils.js";
import { ipRanges as logger } from "../logger.js"; import { ipRanges as logger } from "../logger.js";
@@ -30,11 +29,10 @@ const internalIpRanges = {
}, },
fetchUrl: (url) => { fetchUrl: (url) => {
const agent = new ProxyAgent();
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
logger.info(`Fetching ${url}`); logger.info(`Fetching ${url}`);
return https return https
.get(url, { agent }, (res) => { .get(url, (res) => {
res.setEncoding("utf8"); res.setEncoding("utf8");
let raw_data = ""; let raw_data = "";
res.on("data", (chunk) => { res.on("data", (chunk) => {

31
backend/internal/nginx.js
View File

@@ -4,7 +4,7 @@ import { fileURLToPath } from "node:url";
import _ from "lodash"; import _ from "lodash";
import errs from "../lib/error.js"; import errs from "../lib/error.js";
import utils from "../lib/utils.js"; import utils from "../lib/utils.js";
import { debug, nginx as logger } from "../logger.js"; import { nginx as logger } from "../logger.js";
const __filename = fileURLToPath(import.meta.url); const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename); const __dirname = dirname(__filename);
@@ -68,7 +68,7 @@ const internalNginx = {
return true; return true;
}); });
debug(logger, "Nginx test failed:", valid_lines.join("\n")); logger.debug("Nginx test failed:", valid_lines.join("\n"));
// config is bad, update meta and delete config // config is bad, update meta and delete config
combined_meta = _.assign({}, host.meta, { combined_meta = _.assign({}, host.meta, {
@@ -102,7 +102,7 @@ const internalNginx = {
* @returns {Promise} * @returns {Promise}
*/ */
test: () => { test: () => {
debug(logger, "Testing Nginx configuration"); logger.debug("Testing Nginx configuration");
return utils.execFile("/usr/sbin/nginx", ["-t", "-g", "error_log off;"]); return utils.execFile("/usr/sbin/nginx", ["-t", "-g", "error_log off;"]);
}, },
@@ -190,7 +190,7 @@ const internalNginx = {
const host = JSON.parse(JSON.stringify(host_row)); const host = JSON.parse(JSON.stringify(host_row));
const nice_host_type = internalNginx.getFileFriendlyHostType(host_type); const nice_host_type = internalNginx.getFileFriendlyHostType(host_type);
debug(logger, `Generating ${nice_host_type} Config:`, JSON.stringify(host, null, 2)); logger.debug(`Generating ${nice_host_type} Config:`, JSON.stringify(host, null, 2));
const renderEngine = utils.getRenderEngine(); const renderEngine = utils.getRenderEngine();
@@ -241,7 +241,7 @@ const internalNginx = {
.parseAndRender(template, host) .parseAndRender(template, host)
.then((config_text) => { .then((config_text) => {
fs.writeFileSync(filename, config_text, { encoding: "utf8" }); fs.writeFileSync(filename, config_text, { encoding: "utf8" });
debug(logger, "Wrote config:", filename, config_text); logger.debug("Wrote config:", filename, config_text);
// Restore locations array // Restore locations array
host.locations = origLocations; host.locations = origLocations;
@@ -249,7 +249,7 @@ const internalNginx = {
resolve(true); resolve(true);
}) })
.catch((err) => { .catch((err) => {
debug(logger, `Could not write ${filename}:`, err.message); logger.debug(`Could not write ${filename}:`, err.message);
reject(new errs.ConfigurationError(err.message)); reject(new errs.ConfigurationError(err.message));
}); });
}); });
@@ -265,7 +265,7 @@ const internalNginx = {
* @returns {Promise} * @returns {Promise}
*/ */
generateLetsEncryptRequestConfig: (certificate) => { generateLetsEncryptRequestConfig: (certificate) => {
debug(logger, "Generating LetsEncrypt Request Config:", certificate); logger.debug("Generating LetsEncrypt Request Config:", certificate);
const renderEngine = utils.getRenderEngine(); const renderEngine = utils.getRenderEngine();
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
@@ -285,11 +285,11 @@ const internalNginx = {
.parseAndRender(template, certificate) .parseAndRender(template, certificate)
.then((config_text) => { .then((config_text) => {
fs.writeFileSync(filename, config_text, { encoding: "utf8" }); fs.writeFileSync(filename, config_text, { encoding: "utf8" });
debug(logger, "Wrote config:", filename, config_text); logger.debug("Wrote config:", filename, config_text);
resolve(true); resolve(true);
}) })
.catch((err) => { .catch((err) => {
debug(logger, `Could not write ${filename}:`, err.message); logger.debug(`Could not write ${filename}:`, err.message);
reject(new errs.ConfigurationError(err.message)); reject(new errs.ConfigurationError(err.message));
}); });
}); });
@@ -301,14 +301,11 @@ const internalNginx = {
* @param {String} filename * @param {String} filename
*/ */
deleteFile: (filename) => { deleteFile: (filename) => {
if (!fs.existsSync(filename)) { logger.debug(`Deleting file: ${filename}`);
return;
}
try { try {
debug(logger, `Deleting file: ${filename}`);
fs.unlinkSync(filename); fs.unlinkSync(filename);
} catch (err) { } catch (err) {
debug(logger, "Could not delete file:", JSON.stringify(err, null, 2)); logger.debug("Could not delete file:", JSON.stringify(err, null, 2));
} }
}, },
@@ -381,14 +378,14 @@ const internalNginx = {
}, },
/** /**
* @param {String} hostType * @param {String} host_type
* @param {Array} hosts * @param {Array} hosts
* @returns {Promise} * @returns {Promise}
*/ */
bulkGenerateConfigs: (hostType, hosts) => { bulkGenerateConfigs: (host_type, hosts) => {
const promises = []; const promises = [];
hosts.map((host) => { hosts.map((host) => {
promises.push(internalNginx.generateConfig(hostType, host)); promises.push(internalNginx.generateConfig(host_type, host));
return true; return true;
}); });

3
backend/internal/proxy-host.js
View File

@@ -422,6 +422,7 @@ const internalProxyHost = {
*/ */
getAll: async (access, expand, searchQuery) => { getAll: async (access, expand, searchQuery) => {
const accessData = await access.can("proxy_hosts:list"); const accessData = await access.can("proxy_hosts:list");
const query = proxyHostModel const query = proxyHostModel
.query() .query()
.where("is_deleted", 0) .where("is_deleted", 0)
@@ -445,9 +446,11 @@ const internalProxyHost = {
} }
const rows = await query.then(utils.omitRows(omissions())); const rows = await query.then(utils.omitRows(omissions()));
if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) { if (typeof expand !== "undefined" && expand !== null && expand.indexOf("certificate") !== -1) {
return internalHost.cleanAllRowsCertificateMeta(rows); return internalHost.cleanAllRowsCertificateMeta(rows);
} }
return rows; return rows;
}, },

2
backend/internal/stream.js
View File

@@ -348,7 +348,7 @@ const internalStream = {
// Add to audit log // Add to audit log
return internalAuditLog.add(access, { return internalAuditLog.add(access, {
action: "disabled", action: "disabled",
object_type: "stream", object_type: "stream-host",
object_id: row.id, object_id: row.id,
meta: _.omit(row, omissions()), meta: _.omit(row, omissions()),
}); });

2
backend/internal/user.js
View File

@@ -131,7 +131,7 @@ const internalUser = {
action: "updated", action: "updated",
object_type: "user", object_type: "user",
object_id: user.id, object_id: user.id,
meta: { ...data, id: user.id, name: user.name }, meta: data,
}) })
.then(() => { .then(() => {
return user; return user;

4
backend/lib/access.js
View File

@@ -131,7 +131,7 @@ export default function (tokenString) {
const rows = await query; const rows = await query;
objects = []; objects = [];
_.forEach(rows, (ruleRow) => { _.forEach(rows, (ruleRow) => {
objects.push(ruleRow.id); result.push(ruleRow.id);
}); });
// enum should not have less than 1 item // enum should not have less than 1 item
@@ -265,7 +265,7 @@ export default function (tokenString) {
schemas: [roleSchema, permsSchema, objectSchema, permissionSchema], schemas: [roleSchema, permsSchema, objectSchema, permissionSchema],
}); });
const valid = await ajv.validate("permissions", dataSchema); const valid = ajv.validate("permissions", dataSchema);
return valid && dataSchema[permission]; return valid && dataSchema[permission];
} catch (err) { } catch (err) {
err.permission = permission; err.permission = permission;

83
backend/lib/certbot.js
View File

@@ -1,14 +1,54 @@
import batchflow from "batchflow"; import batchflow from "batchflow";
import dnsPlugins from "../certbot/dns-plugins.json" with { type: "json" }; import dnsPlugins from "../global/certbot-dns-plugins.json" with { type: "json" };
import { certbot as logger } from "../logger.js"; import { certbot as logger } from "../logger.js";
import errs from "./error.js"; import errs from "./error.js";
import utils from "./utils.js"; import utils from "./utils.js";
const CERTBOT_VERSION_REPLACEMENT = "$(certbot --version | grep -Eo '[0-9](\\.[0-9]+)+')"; const CERTBOT_VERSION_REPLACEMENT = "$(certbot --version | grep -Eo '[0-9](\\.[0-9]+)+')";
/**
* @param {array} pluginKeys
*/
const installPlugins = async (pluginKeys) => {
let hasErrors = false;
return new Promise((resolve, reject) => {
if (pluginKeys.length === 0) {
resolve();
return;
}
batchflow(pluginKeys)
.sequential()
.each((_i, pluginKey, next) => {
certbot
.installPlugin(pluginKey)
.then(() => {
next();
})
.catch((err) => {
hasErrors = true;
next(err);
});
})
.error((err) => {
logger.error(err.message);
})
.end(() => {
if (hasErrors) {
reject(
new errs.CommandError("Some plugins failed to install. Please check the logs above", 1),
);
} else {
resolve();
}
});
});
};
/** /**
* Installs a cerbot plugin given the key for the object from * Installs a cerbot plugin given the key for the object from
* ../certbot/dns-plugins.json * ../global/certbot-dns-plugins.json
* *
* @param {string} pluginKey * @param {string} pluginKey
* @returns {Object} * @returns {Object}
@@ -44,43 +84,4 @@ const installPlugin = async (pluginKey) => {
}); });
}; };
/**
* @param {array} pluginKeys
*/
const installPlugins = async (pluginKeys) => {
let hasErrors = false;
return new Promise((resolve, reject) => {
if (pluginKeys.length === 0) {
resolve();
return;
}
batchflow(pluginKeys)
.sequential()
.each((_i, pluginKey, next) => {
installPlugin(pluginKey)
.then(() => {
next();
})
.catch((err) => {
hasErrors = true;
next(err);
});
})
.error((err) => {
logger.error(err.message);
})
.end(() => {
if (hasErrors) {
reject(
new errs.CommandError("Some plugins failed to install. Please check the logs above", 1),
);
} else {
resolve();
}
});
});
};
export { installPlugins, installPlugin }; export { installPlugins, installPlugin };

16
backend/lib/config.js
View File

@@ -25,26 +25,15 @@ const configure = () => {
if (configData?.database) { if (configData?.database) {
logger.info(`Using configuration from file: ${filename}`); logger.info(`Using configuration from file: ${filename}`);
// Migrate those who have "mysql" engine to "mysql2"
if (configData.database.engine === "mysql") {
configData.database.engine = mysqlEngine;
}
instance = configData; instance = configData;
instance.keys = getKeys(); instance.keys = getKeys();
return; return;
} }
} }
const toBool = (v) => /^(1|true|yes|on)$/i.test((v || '').trim());
const envMysqlHost = process.env.DB_MYSQL_HOST || null; const envMysqlHost = process.env.DB_MYSQL_HOST || null;
const envMysqlUser = process.env.DB_MYSQL_USER || null; const envMysqlUser = process.env.DB_MYSQL_USER || null;
const envMysqlName = process.env.DB_MYSQL_NAME || null; const envMysqlName = process.env.DB_MYSQL_NAME || null;
const envMysqlSSL = toBool(process.env.DB_MYSQL_SSL);
const envMysqlSSLRejectUnauthorized = process.env.DB_MYSQL_SSL_REJECT_UNAUTHORIZED === undefined ? true : toBool(process.env.DB_MYSQL_SSL_REJECT_UNAUTHORIZED);
const envMysqlSSLVerifyIdentity = process.env.DB_MYSQL_SSL_VERIFY_IDENTITY === undefined ? true : toBool(process.env.DB_MYSQL_SSL_VERIFY_IDENTITY);
if (envMysqlHost && envMysqlUser && envMysqlName) { if (envMysqlHost && envMysqlUser && envMysqlName) {
// we have enough mysql creds to go with mysql // we have enough mysql creds to go with mysql
logger.info("Using MySQL configuration"); logger.info("Using MySQL configuration");
@@ -56,7 +45,6 @@ const configure = () => {
user: envMysqlUser, user: envMysqlUser,
password: process.env.DB_MYSQL_PASSWORD, password: process.env.DB_MYSQL_PASSWORD,
name: envMysqlName, name: envMysqlName,
ssl: envMysqlSSL ? { rejectUnauthorized: envMysqlSSLRejectUnauthorized, verifyIdentity: envMysqlSSLVerifyIdentity } : false,
}, },
keys: getKeys(), keys: getKeys(),
}; };
@@ -102,9 +90,7 @@ const configure = () => {
const getKeys = () => { const getKeys = () => {
// Get keys from file // Get keys from file
if (isDebugMode()) { logger.debug("Cheecking for keys file:", keysFile);
logger.debug("Checking for keys file:", keysFile);
}
if (!fs.existsSync(keysFile)) { if (!fs.existsSync(keysFile)) {
generateKeys(); generateKeys();
} else if (process.env.DEBUG) { } else if (process.env.DEBUG) {

6
backend/lib/utils.js
View File

@@ -3,14 +3,14 @@ import { dirname } from "node:path";
import { fileURLToPath } from "node:url"; import { fileURLToPath } from "node:url";
import { Liquid } from "liquidjs"; import { Liquid } from "liquidjs";
import _ from "lodash"; import _ from "lodash";
import { debug, global as logger } from "../logger.js"; import { global as logger } from "../logger.js";
import errs from "./error.js"; import errs from "./error.js";
const __filename = fileURLToPath(import.meta.url); const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename); const __dirname = dirname(__filename);
const exec = async (cmd, options = {}) => { const exec = async (cmd, options = {}) => {
debug(logger, "CMD:", cmd); logger.debug("CMD:", cmd);
const { stdout, stderr } = await new Promise((resolve, reject) => { const { stdout, stderr } = await new Promise((resolve, reject) => {
const child = nodeExec(cmd, options, (isError, stdout, stderr) => { const child = nodeExec(cmd, options, (isError, stdout, stderr) => {
if (isError) { if (isError) {
@@ -34,7 +34,7 @@ const exec = async (cmd, options = {}) => {
* @returns {Promise} * @returns {Promise}
*/ */
const execFile = (cmd, args, options) => { const execFile = (cmd, args, options) => {
debug(logger, `CMD: ${cmd} ${args ? args.join(" ") : ""}`); logger.debug(`CMD: ${cmd} ${args ? args.join(" ") : ""}`);
const opts = options || {}; const opts = options || {};
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {

7
backend/lib/validator/api.js
View File

@@ -24,21 +24,16 @@ const apiValidator = async (schema, payload /*, description*/) => {
throw new errs.ValidationError("Payload is undefined"); throw new errs.ValidationError("Payload is undefined");
} }
const validate = ajv.compile(schema); const validate = ajv.compile(schema);
const valid = validate(payload); const valid = validate(payload);
if (valid && !validate.errors) { if (valid && !validate.errors) {
return payload; return payload;
} }
const message = ajv.errorsText(validate.errors); const message = ajv.errorsText(validate.errors);
const err = new errs.ValidationError(message); const err = new errs.ValidationError(message);
err.debug = {validationErrors: validate.errors, payload}; err.debug = [validate.errors, payload];
throw err; throw err;
}; };

9
backend/logger.js
View File

@@ -1,5 +1,4 @@
import signale from "signale"; import signale from "signale";
import { isDebugMode } from "./lib/config.js";
const opts = { const opts = {
logLevel: "info", logLevel: "info",
@@ -16,10 +15,4 @@ const importer = new signale.Signale({ scope: "Importer ", ...opts });
const setup = new signale.Signale({ scope: "Setup ", ...opts }); const setup = new signale.Signale({ scope: "Setup ", ...opts });
const ipRanges = new signale.Signale({ scope: "IP Ranges", ...opts }); const ipRanges = new signale.Signale({ scope: "IP Ranges", ...opts });
const debug = (logger, ...args) => { export { global, migrate, express, access, nginx, ssl, certbot, importer, setup, ipRanges };
if (isDebugMode()) {
logger.debug(...args);
}
};
export { debug, global, migrate, express, access, nginx, ssl, certbot, importer, setup, ipRanges };

4
backend/migrate.js
View File

@@ -2,9 +2,9 @@ import db from "./db.js";
import { migrate as logger } from "./logger.js"; import { migrate as logger } from "./logger.js";
const migrateUp = async () => { const migrateUp = async () => {
const version = await db().migrate.currentVersion(); const version = await db.migrate.currentVersion();
logger.info("Current database version:", version); logger.info("Current database version:", version);
return await db().migrate.latest({ return await db.migrate.latest({
tableName: "migrations", tableName: "migrations",
directory: "migrations", directory: "migrations",
}); });

2
backend/models/access_list.js
View File

@@ -10,7 +10,7 @@ import now from "./now_helper.js";
import ProxyHostModel from "./proxy_host.js"; import ProxyHostModel from "./proxy_host.js";
import User from "./user.js"; import User from "./user.js";
Model.knex(db()); Model.knex(db);
const boolFields = ["is_deleted", "satisfy_any", "pass_auth"]; const boolFields = ["is_deleted", "satisfy_any", "pass_auth"];

2
backend/models/access_list_auth.js
View File

@@ -6,7 +6,7 @@ import db from "../db.js";
import accessListModel from "./access_list.js"; import accessListModel from "./access_list.js";
import now from "./now_helper.js"; import now from "./now_helper.js";
Model.knex(db()); Model.knex(db);
class AccessListAuth extends Model { class AccessListAuth extends Model {
$beforeInsert() { $beforeInsert() {

2
backend/models/access_list_client.js
View File

@@ -6,7 +6,7 @@ import db from "../db.js";
import accessListModel from "./access_list.js"; import accessListModel from "./access_list.js";
import now from "./now_helper.js"; import now from "./now_helper.js";
Model.knex(db()); Model.knex(db);
class AccessListClient extends Model { class AccessListClient extends Model {
$beforeInsert() { $beforeInsert() {

2
backend/models/audit-log.js
View File

@@ -6,7 +6,7 @@ import db from "../db.js";
import now from "./now_helper.js"; import now from "./now_helper.js";
import User from "./user.js"; import User from "./user.js";
Model.knex(db()); Model.knex(db);
class AuditLog extends Model { class AuditLog extends Model {
$beforeInsert() { $beforeInsert() {

2
backend/models/auth.js
View File

@@ -8,7 +8,7 @@ import { convertBoolFieldsToInt, convertIntFieldsToBool } from "../lib/helpers.j
import now from "./now_helper.js"; import now from "./now_helper.js";
import User from "./user.js"; import User from "./user.js";
Model.knex(db()); Model.knex(db);
const boolFields = ["is_deleted"]; const boolFields = ["is_deleted"];

14
backend/models/certificate.js
View File

@@ -8,10 +8,9 @@ import deadHostModel from "./dead_host.js";
import now from "./now_helper.js"; import now from "./now_helper.js";
import proxyHostModel from "./proxy_host.js"; import proxyHostModel from "./proxy_host.js";
import redirectionHostModel from "./redirection_host.js"; import redirectionHostModel from "./redirection_host.js";
import streamModel from "./stream.js";
import userModel from "./user.js"; import userModel from "./user.js";
Model.knex(db()); Model.knex(db);
const boolFields = ["is_deleted"]; const boolFields = ["is_deleted"];
@@ -115,17 +114,6 @@ class Certificate extends Model {
qb.where("redirection_host.is_deleted", 0); qb.where("redirection_host.is_deleted", 0);
}, },
}, },
streams: {
relation: Model.HasManyRelation,
modelClass: streamModel,
join: {
from: "certificate.id",
to: "stream.certificate_id",
},
modify: (qb) => {
qb.where("stream.is_deleted", 0);
},
},
}; };
} }
} }

2
backend/models/dead_host.js
View File

@@ -8,7 +8,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js"; import now from "./now_helper.js";
import User from "./user.js"; import User from "./user.js";
Model.knex(db()); Model.knex(db);
const boolFields = ["is_deleted", "ssl_forced", "http2_support", "enabled", "hsts_enabled", "hsts_subdomains"]; const boolFields = ["is_deleted", "ssl_forced", "http2_support", "enabled", "hsts_enabled", "hsts_subdomains"];

2
backend/models/now_helper.js
View File

@@ -2,7 +2,7 @@ import { Model } from "objection";
import db from "../db.js"; import db from "../db.js";
import { isSqlite } from "../lib/config.js"; import { isSqlite } from "../lib/config.js";
Model.knex(db()); Model.knex(db);
export default () => { export default () => {
if (isSqlite()) { if (isSqlite()) {

2
backend/models/proxy_host.js
View File

@@ -9,7 +9,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js"; import now from "./now_helper.js";
import User from "./user.js"; import User from "./user.js";
Model.knex(db()); Model.knex(db);
const boolFields = [ const boolFields = [
"is_deleted", "is_deleted",

2
backend/models/redirection_host.js
View File

@@ -8,7 +8,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js"; import now from "./now_helper.js";
import User from "./user.js"; import User from "./user.js";
Model.knex(db()); Model.knex(db);
const boolFields = [ const boolFields = [
"is_deleted", "is_deleted",

2
backend/models/setting.js
View File

@@ -4,7 +4,7 @@
import { Model } from "objection"; import { Model } from "objection";
import db from "../db.js"; import db from "../db.js";
Model.knex(db()); Model.knex(db);
class Setting extends Model { class Setting extends Model {
$beforeInsert () { $beforeInsert () {

2
backend/models/stream.js
View File

@@ -5,7 +5,7 @@ import Certificate from "./certificate.js";
import now from "./now_helper.js"; import now from "./now_helper.js";
import User from "./user.js"; import User from "./user.js";
Model.knex(db()); Model.knex(db);
const boolFields = ["is_deleted", "enabled", "tcp_forwarding", "udp_forwarding"]; const boolFields = ["is_deleted", "enabled", "tcp_forwarding", "udp_forwarding"];

2
backend/models/user.js
View File

@@ -7,7 +7,7 @@ import { convertBoolFieldsToInt, convertIntFieldsToBool } from "../lib/helpers.j
import now from "./now_helper.js"; import now from "./now_helper.js";
import UserPermission from "./user_permission.js"; import UserPermission from "./user_permission.js";
Model.knex(db()); Model.knex(db);
const boolFields = ["is_deleted", "is_disabled"]; const boolFields = ["is_deleted", "is_disabled"];

2
backend/models/user_permission.js
View File

@@ -5,7 +5,7 @@ import { Model } from "objection";
import db from "../db.js"; import db from "../db.js";
import now from "./now_helper.js"; import now from "./now_helper.js";
Model.knex(db()); Model.knex(db);
class UserPermission extends Model { class UserPermission extends Model {
$beforeInsert () { $beforeInsert () {

19
backend/package.json
View File

@@ -20,26 +20,25 @@
"body-parser": "^1.20.3", "body-parser": "^1.20.3",
"compression": "^1.7.4", "compression": "^1.7.4",
"express": "^4.20.0", "express": "^4.20.0",
"express-fileupload": "^1.5.2", "express-fileupload": "^1.1.9",
"gravatar": "^1.8.2", "gravatar": "^1.8.0",
"jsonwebtoken": "^9.0.2", "jsonwebtoken": "^9.0.0",
"knex": "2.4.2", "knex": "2.4.2",
"liquidjs": "10.6.1", "liquidjs": "10.6.1",
"lodash": "^4.17.21", "lodash": "^4.17.21",
"moment": "^2.30.1", "moment": "^2.29.4",
"mysql2": "^3.15.3", "mysql2": "^3.11.1",
"node-rsa": "^1.1.1", "node-rsa": "^1.0.8",
"objection": "3.0.1", "objection": "3.0.1",
"path": "^0.12.7", "path": "^0.12.7",
"pg": "^8.16.3", "pg": "^8.13.1",
"proxy-agent": "^6.5.0",
"signale": "1.4.0", "signale": "1.4.0",
"sqlite3": "^5.1.7", "sqlite3": "5.1.6",
"temp-write": "^4.0.0" "temp-write": "^4.0.0"
}, },
"devDependencies": { "devDependencies": {
"@apidevtools/swagger-parser": "^10.1.0", "@apidevtools/swagger-parser": "^10.1.0",
"@biomejs/biome": "^2.3.2", "@biomejs/biome": "^2.2.4",
"chalk": "4.1.2", "chalk": "4.1.2",
"nodemon": "^2.0.2" "nodemon": "^2.0.2"
}, },

56
backend/routes/audit-log.js
View File

@@ -2,7 +2,7 @@ import express from "express";
import internalAuditLog from "../internal/audit-log.js"; import internalAuditLog from "../internal/audit-log.js";
import jwtdecode from "../lib/express/jwt-decode.js"; import jwtdecode from "../lib/express/jwt-decode.js";
import validator from "../lib/validator/index.js"; import validator from "../lib/validator/index.js";
import { debug, express as logger } from "../logger.js"; import { express as logger } from "../logger.js";
const router = express.Router({ const router = express.Router({
caseSensitive: true, caseSensitive: true,
@@ -47,59 +47,7 @@ router
const rows = await internalAuditLog.getAll(res.locals.access, data.expand, data.query); const rows = await internalAuditLog.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows); res.status(200).send(rows);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
/**
* Specific audit log entry
*
* /api/audit-log/123
*/
router
.route("/:event_id")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* GET /api/audit-log/123
*
* Retrieve a specific entry
*/
.get(async (req, res, next) => {
try {
const data = await validator(
{
required: ["event_id"],
additionalProperties: false,
properties: {
event_id: {
$ref: "common#/properties/id",
},
expand: {
$ref: "common#/properties/expand",
},
},
},
{
event_id: req.params.event_id,
expand:
typeof req.query.expand === "string"
? req.query.expand.split(",")
: null,
},
);
const item = await internalAuditLog.get(res.locals.access, {
id: data.event_id,
expand: data.expand,
});
res.status(200).send(item);
} catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

12
backend/routes/nginx/access_lists.js
View File

@@ -3,7 +3,7 @@ import internalAccessList from "../../internal/access-list.js";
import jwtdecode from "../../lib/express/jwt-decode.js"; import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js"; import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js"; import validator from "../../lib/validator/index.js";
import { debug, express as logger } from "../../logger.js"; import { express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js"; import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({ const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalAccessList.getAll(res.locals.access, data.expand, data.query); const rows = await internalAccessList.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows); res.status(200).send(rows);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -65,7 +65,7 @@ router
const result = await internalAccessList.create(res.locals.access, payload); const result = await internalAccessList.create(res.locals.access, payload);
res.status(201).send(result); res.status(201).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -113,7 +113,7 @@ router
}); });
res.status(200).send(row); res.status(200).send(row);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -130,7 +130,7 @@ router
const result = await internalAccessList.update(res.locals.access, payload); const result = await internalAccessList.update(res.locals.access, payload);
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -147,7 +147,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

164
backend/routes/nginx/certificates.js
View File

@@ -1,11 +1,10 @@
import express from "express"; import express from "express";
import dnsPlugins from "../../certbot/dns-plugins.json" with { type: "json" };
import internalCertificate from "../../internal/certificate.js"; import internalCertificate from "../../internal/certificate.js";
import errs from "../../lib/error.js"; import errs from "../../lib/error.js";
import jwtdecode from "../../lib/express/jwt-decode.js"; import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js"; import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js"; import validator from "../../lib/validator/index.js";
import { debug, express as logger } from "../../logger.js"; import { express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js"; import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({ const router = express.Router({
@@ -44,21 +43,14 @@ router
}, },
}, },
{ {
expand: expand: typeof req.query.expand === "string" ? req.query.expand.split(",") : null,
typeof req.query.expand === "string"
? req.query.expand.split(",")
: null,
query: typeof req.query.query === "string" ? req.query.query : null, query: typeof req.query.query === "string" ? req.query.query : null,
}, },
); );
const rows = await internalCertificate.getAll( const rows = await internalCertificate.getAll(res.locals.access, data.expand, data.query);
res.locals.access,
data.expand,
data.query,
);
res.status(200).send(rows); res.status(200).send(rows);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -70,52 +62,12 @@ router
*/ */
.post(async (req, res, next) => { .post(async (req, res, next) => {
try { try {
const payload = await apiValidator( const payload = await apiValidator(getValidationSchema("/nginx/certificates", "post"), req.body);
getValidationSchema("/nginx/certificates", "post"),
req.body,
);
req.setTimeout(900000); // 15 minutes timeout req.setTimeout(900000); // 15 minutes timeout
const result = await internalCertificate.create( const result = await internalCertificate.create(res.locals.access, payload);
res.locals.access,
payload,
);
res.status(201).send(result); res.status(201).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
/**
* /api/nginx/certificates/dns-providers
*/
router
.route("/dns-providers")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* GET /api/nginx/certificates/dns-providers
*
* Get list of all supported DNS providers
*/
.get(async (req, res, next) => {
try {
if (!res.locals.access.token.getUserId()) {
throw new errs.PermissionError("Login required");
}
const clean = Object.keys(dnsPlugins).map((key) => ({
id: key,
name: dnsPlugins[key].name,
credentials: dnsPlugins[key].credentials,
}));
clean.sort((a, b) => a.name.localeCompare(b.name));
res.status(200).send(clean);
} catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -133,59 +85,24 @@ router
.all(jwtdecode()) .all(jwtdecode())
/** /**
* POST /api/nginx/certificates/test-http * GET /api/nginx/certificates/test-http
* *
* Test HTTP challenge for domains * Test HTTP challenge for domains
*/ */
.post(async (req, res, next) => { .get(async (req, res, next) => {
try { if (req.query.domains === undefined) {
const payload = await apiValidator( next(new errs.ValidationError("Domains are required as query parameters"));
getValidationSchema("/nginx/certificates/test-http", "post"),
req.body,
);
req.setTimeout(60000); // 1 minute timeout
const result = await internalCertificate.testHttpsChallenge(
res.locals.access,
payload,
);
res.status(200).send(result);
} catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
/**
* Validate Certs before saving
*
* /api/nginx/certificates/validate
*/
router
.route("/validate")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* POST /api/nginx/certificates/validate
*
* Validate certificates
*/
.post(async (req, res, next) => {
if (!req.files) {
res.status(400).send({ error: "No files were uploaded" });
return; return;
} }
try { try {
const result = await internalCertificate.validate({ const result = await internalCertificate.testHttpsChallenge(
files: req.files, res.locals.access,
}); JSON.parse(req.query.domains),
);
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -224,10 +141,7 @@ router
}, },
{ {
certificate_id: req.params.certificate_id, certificate_id: req.params.certificate_id,
expand: expand: typeof req.query.expand === "string" ? req.query.expand.split(",") : null,
typeof req.query.expand === "string"
? req.query.expand.split(",")
: null,
}, },
); );
const row = await internalCertificate.get(res.locals.access, { const row = await internalCertificate.get(res.locals.access, {
@@ -236,7 +150,7 @@ router
}); });
res.status(200).send(row); res.status(200).send(row);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -253,7 +167,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -288,7 +202,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -318,7 +232,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -347,7 +261,41 @@ router
}); });
res.status(200).download(result.fileName); res.status(200).download(result.fileName);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err);
}
});
/**
* Validate Certs before saving
*
* /api/nginx/certificates/validate
*/
router
.route("/validate")
.options((_, res) => {
res.sendStatus(204);
})
.all(jwtdecode())
/**
* POST /api/nginx/certificates/validate
*
* Validate certificates
*/
.post(async (req, res, next) => {
if (!req.files) {
res.status(400).send({ error: "No files were uploaded" });
return;
}
try {
const result = await internalCertificate.validate({
files: req.files,
});
res.status(200).send(result);
} catch (err) {
logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

20
backend/routes/nginx/dead_hosts.js
View File

@@ -3,7 +3,7 @@ import internalDeadHost from "../../internal/dead-host.js";
import jwtdecode from "../../lib/express/jwt-decode.js"; import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js"; import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js"; import validator from "../../lib/validator/index.js";
import { debug, express as logger } from "../../logger.js"; import { express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js"; import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({ const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalDeadHost.getAll(res.locals.access, data.expand, data.query); const rows = await internalDeadHost.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows); res.status(200).send(rows);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -65,7 +65,7 @@ router
const result = await internalDeadHost.create(res.locals.access, payload); const result = await internalDeadHost.create(res.locals.access, payload);
res.status(201).send(result); res.status(201).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -113,7 +113,7 @@ router
}); });
res.status(200).send(row); res.status(200).send(row);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -121,7 +121,7 @@ router
/** /**
* PUT /api/nginx/dead-hosts/123 * PUT /api/nginx/dead-hosts/123
* *
* Update an existing dead-host * Update and existing dead-host
*/ */
.put(async (req, res, next) => { .put(async (req, res, next) => {
try { try {
@@ -130,7 +130,7 @@ router
const result = await internalDeadHost.update(res.locals.access, payload); const result = await internalDeadHost.update(res.locals.access, payload);
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -138,7 +138,7 @@ router
/** /**
* DELETE /api/nginx/dead-hosts/123 * DELETE /api/nginx/dead-hosts/123
* *
* Delete a dead-host * Update and existing dead-host
*/ */
.delete(async (req, res, next) => { .delete(async (req, res, next) => {
try { try {
@@ -147,7 +147,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -174,7 +174,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -199,7 +199,7 @@ router
const result = internalDeadHost.disable(res.locals.access, { id: Number.parseInt(req.params.host_id, 10) }); const result = internalDeadHost.disable(res.locals.access, { id: Number.parseInt(req.params.host_id, 10) });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

16
backend/routes/nginx/proxy_hosts.js
View File

@@ -3,7 +3,7 @@ import internalProxyHost from "../../internal/proxy-host.js";
import jwtdecode from "../../lib/express/jwt-decode.js"; import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js"; import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js"; import validator from "../../lib/validator/index.js";
import { debug, express as logger } from "../../logger.js"; import { express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js"; import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({ const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalProxyHost.getAll(res.locals.access, data.expand, data.query); const rows = await internalProxyHost.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows); res.status(200).send(rows);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -65,7 +65,7 @@ router
const result = await internalProxyHost.create(res.locals.access, payload); const result = await internalProxyHost.create(res.locals.access, payload);
res.status(201).send(result); res.status(201).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err} ${JSON.stringify(err.debug, null, 2)}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -113,7 +113,7 @@ router
}); });
res.status(200).send(row); res.status(200).send(row);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -130,7 +130,7 @@ router
const result = await internalProxyHost.update(res.locals.access, payload); const result = await internalProxyHost.update(res.locals.access, payload);
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -147,7 +147,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -174,7 +174,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -201,7 +201,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

16
backend/routes/nginx/redirection_hosts.js
View File

@@ -3,7 +3,7 @@ import internalRedirectionHost from "../../internal/redirection-host.js";
import jwtdecode from "../../lib/express/jwt-decode.js"; import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js"; import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js"; import validator from "../../lib/validator/index.js";
import { debug, express as logger } from "../../logger.js"; import { express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js"; import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({ const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalRedirectionHost.getAll(res.locals.access, data.expand, data.query); const rows = await internalRedirectionHost.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows); res.status(200).send(rows);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -65,7 +65,7 @@ router
const result = await internalRedirectionHost.create(res.locals.access, payload); const result = await internalRedirectionHost.create(res.locals.access, payload);
res.status(201).send(result); res.status(201).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -113,7 +113,7 @@ router
}); });
res.status(200).send(row); res.status(200).send(row);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -133,7 +133,7 @@ router
const result = await internalRedirectionHost.update(res.locals.access, payload); const result = await internalRedirectionHost.update(res.locals.access, payload);
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -150,7 +150,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -177,7 +177,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -204,7 +204,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

16
backend/routes/nginx/streams.js
View File

@@ -3,7 +3,7 @@ import internalStream from "../../internal/stream.js";
import jwtdecode from "../../lib/express/jwt-decode.js"; import jwtdecode from "../../lib/express/jwt-decode.js";
import apiValidator from "../../lib/validator/api.js"; import apiValidator from "../../lib/validator/api.js";
import validator from "../../lib/validator/index.js"; import validator from "../../lib/validator/index.js";
import { debug, express as logger } from "../../logger.js"; import { express as logger } from "../../logger.js";
import { getValidationSchema } from "../../schema/index.js"; import { getValidationSchema } from "../../schema/index.js";
const router = express.Router({ const router = express.Router({
@@ -49,7 +49,7 @@ router
const rows = await internalStream.getAll(res.locals.access, data.expand, data.query); const rows = await internalStream.getAll(res.locals.access, data.expand, data.query);
res.status(200).send(rows); res.status(200).send(rows);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -65,7 +65,7 @@ router
const result = await internalStream.create(res.locals.access, payload); const result = await internalStream.create(res.locals.access, payload);
res.status(201).send(result); res.status(201).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -113,7 +113,7 @@ router
}); });
res.status(200).send(row); res.status(200).send(row);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -130,7 +130,7 @@ router
const result = await internalStream.update(res.locals.access, payload); const result = await internalStream.update(res.locals.access, payload);
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -147,7 +147,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -174,7 +174,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -201,7 +201,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

7
backend/routes/reports.js
View File

@@ -1,7 +1,7 @@
import express from "express"; import express from "express";
import internalReport from "../internal/report.js"; import internalReport from "../internal/report.js";
import jwtdecode from "../lib/express/jwt-decode.js"; import jwtdecode from "../lib/express/jwt-decode.js";
import { debug, express as logger } from "../logger.js"; import { express as logger } from "../logger.js";
const router = express.Router({ const router = express.Router({
caseSensitive: true, caseSensitive: true,
@@ -14,17 +14,16 @@ router
.options((_, res) => { .options((_, res) => {
res.sendStatus(204); res.sendStatus(204);
}) })
.all(jwtdecode())
/** /**
* GET /reports/hosts * GET /reports/hosts
*/ */
.get(async (req, res, next) => { .get(jwtdecode(), async (req, res, next) => {
try { try {
const data = await internalReport.getHostsReport(res.locals.access); const data = await internalReport.getHostsReport(res.locals.access);
res.status(200).send(data); res.status(200).send(data);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

4
backend/routes/schema.js
View File

@@ -1,5 +1,5 @@
import express from "express"; import express from "express";
import { debug, express as logger } from "../logger.js"; import { express as logger } from "../logger.js";
import PACKAGE from "../package.json" with { type: "json" }; import PACKAGE from "../package.json" with { type: "json" };
import { getCompiledSchema } from "../schema/index.js"; import { getCompiledSchema } from "../schema/index.js";
@@ -36,7 +36,7 @@ router
swaggerJSON.servers[0].url = `${origin}/api`; swaggerJSON.servers[0].url = `${origin}/api`;
res.status(200).send(swaggerJSON); res.status(200).send(swaggerJSON);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

8
backend/routes/settings.js
View File

@@ -3,7 +3,7 @@ import internalSetting from "../internal/setting.js";
import jwtdecode from "../lib/express/jwt-decode.js"; import jwtdecode from "../lib/express/jwt-decode.js";
import apiValidator from "../lib/validator/api.js"; import apiValidator from "../lib/validator/api.js";
import validator from "../lib/validator/index.js"; import validator from "../lib/validator/index.js";
import { debug, express as logger } from "../logger.js"; import { express as logger } from "../logger.js";
import { getValidationSchema } from "../schema/index.js"; import { getValidationSchema } from "../schema/index.js";
const router = express.Router({ const router = express.Router({
@@ -32,7 +32,7 @@ router
const rows = await internalSetting.getAll(res.locals.access); const rows = await internalSetting.getAll(res.locals.access);
res.status(200).send(rows); res.status(200).send(rows);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -76,7 +76,7 @@ router
}); });
res.status(200).send(row); res.status(200).send(row);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -93,7 +93,7 @@ router
const result = await internalSetting.update(res.locals.access, payload); const result = await internalSetting.update(res.locals.access, payload);
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

6
backend/routes/tokens.js
View File

@@ -2,7 +2,7 @@ import express from "express";
import internalToken from "../internal/token.js"; import internalToken from "../internal/token.js";
import jwtdecode from "../lib/express/jwt-decode.js"; import jwtdecode from "../lib/express/jwt-decode.js";
import apiValidator from "../lib/validator/api.js"; import apiValidator from "../lib/validator/api.js";
import { debug, express as logger } from "../logger.js"; import { express as logger } from "../logger.js";
import { getValidationSchema } from "../schema/index.js"; import { getValidationSchema } from "../schema/index.js";
const router = express.Router({ const router = express.Router({
@@ -32,7 +32,7 @@ router
}); });
res.status(200).send(data); res.status(200).send(data);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -48,7 +48,7 @@ router
const result = await internalToken.getTokenFromEmail(data); const result = await internalToken.getTokenFromEmail(data);
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

20
backend/routes/users.js
View File

@@ -7,7 +7,7 @@ import jwtdecode from "../lib/express/jwt-decode.js";
import userIdFromMe from "../lib/express/user-id-from-me.js"; import userIdFromMe from "../lib/express/user-id-from-me.js";
import apiValidator from "../lib/validator/api.js"; import apiValidator from "../lib/validator/api.js";
import validator from "../lib/validator/index.js"; import validator from "../lib/validator/index.js";
import { debug, express as logger } from "../logger.js"; import { express as logger } from "../logger.js";
import { getValidationSchema } from "../schema/index.js"; import { getValidationSchema } from "../schema/index.js";
import { isSetup } from "../setup.js"; import { isSetup } from "../setup.js";
@@ -61,7 +61,7 @@ router
); );
res.status(200).send(users); res.status(200).send(users);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -101,7 +101,7 @@ router
const user = await internalUser.create(res.locals.access, payload); const user = await internalUser.create(res.locals.access, payload);
res.status(201).send(user); res.status(201).send(user);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -124,7 +124,7 @@ router
await internalUser.deleteAll(); await internalUser.deleteAll();
res.status(200).send(true); res.status(200).send(true);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
return; return;
@@ -185,7 +185,7 @@ router
}); });
res.status(200).send(user); res.status(200).send(user);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -205,7 +205,7 @@ router
const result = await internalUser.update(res.locals.access, payload); const result = await internalUser.update(res.locals.access, payload);
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}) })
@@ -222,7 +222,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -255,7 +255,7 @@ router
const result = await internalUser.setPassword(res.locals.access, payload); const result = await internalUser.setPassword(res.locals.access, payload);
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -291,7 +291,7 @@ router
); );
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });
@@ -320,7 +320,7 @@ router
}); });
res.status(200).send(result); res.status(200).send(result);
} catch (err) { } catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`); logger.debug(`${req.method.toUpperCase()} ${req.path}: ${err}`);
next(err); next(err);
} }
}); });

157
backend/schema/common.json
View File

@@ -7,8 +7,7 @@
"description": "Unique identifier", "description": "Unique identifier",
"readOnly": true, "readOnly": true,
"type": "integer", "type": "integer",
"minimum": 1, "minimum": 1
"example": 11
}, },
"expand": { "expand": {
"anyOf": [ "anyOf": [
@@ -39,42 +38,35 @@
"created_on": { "created_on": {
"description": "Date and time of creation", "description": "Date and time of creation",
"readOnly": true, "readOnly": true,
"type": "string", "type": "string"
"example": "2025-10-28T04:17:54.000Z"
}, },
"modified_on": { "modified_on": {
"description": "Date and time of last update", "description": "Date and time of last update",
"readOnly": true, "readOnly": true,
"type": "string", "type": "string"
"example": "2025-10-28T04:17:54.000Z"
}, },
"user_id": { "user_id": {
"description": "User ID", "description": "User ID",
"type": "integer", "type": "integer",
"minimum": 1, "minimum": 1
"example": 2
}, },
"certificate_id": { "certificate_id": {
"description": "Certificate ID", "description": "Certificate ID",
"anyOf": [ "anyOf": [
{ {
"type": "integer", "type": "integer",
"minimum": 0, "minimum": 0
"example": 5
}, },
{ {
"type": "string", "type": "string",
"pattern": "^new$", "pattern": "^new$"
"example": "new"
} }
], ]
"example": 5
}, },
"access_list_id": { "access_list_id": {
"description": "Access List ID", "description": "Access List ID",
"type": "integer", "type": "integer",
"minimum": 0, "minimum": 0
"example": 3
}, },
"domain_names": { "domain_names": {
"description": "Domain Names separated by a comma", "description": "Domain Names separated by a comma",
@@ -85,157 +77,44 @@
"items": { "items": {
"type": "string", "type": "string",
"pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$" "pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$"
}, }
"example": ["example.com", "www.example.com"]
}, },
"enabled": { "enabled": {
"description": "Is Enabled", "description": "Is Enabled",
"type": "boolean", "type": "boolean"
"example": false
}, },
"ssl_forced": { "ssl_forced": {
"description": "Is SSL Forced", "description": "Is SSL Forced",
"type": "boolean", "type": "boolean"
"example": true
}, },
"hsts_enabled": { "hsts_enabled": {
"description": "Is HSTS Enabled", "description": "Is HSTS Enabled",
"type": "boolean", "type": "boolean"
"example": true
}, },
"hsts_subdomains": { "hsts_subdomains": {
"description": "Is HSTS applicable to all subdomains", "description": "Is HSTS applicable to all subdomains",
"type": "boolean", "type": "boolean"
"example": true
}, },
"ssl_provider": { "ssl_provider": {
"type": "string", "type": "string",
"pattern": "^(letsencrypt|other)$", "pattern": "^(letsencrypt|other)$"
"example": "letsencrypt"
}, },
"http2_support": { "http2_support": {
"description": "HTTP2 Protocol Support", "description": "HTTP2 Protocol Support",
"type": "boolean", "type": "boolean"
"example": true
}, },
"block_exploits": { "block_exploits": {
"description": "Should we block common exploits", "description": "Should we block common exploits",
"type": "boolean", "type": "boolean"
"example": false
}, },
"caching_enabled": { "caching_enabled": {
"description": "Should we cache assets", "description": "Should we cache assets",
"type": "boolean", "type": "boolean"
"example": true
}, },
"email": { "email": {
"description": "Email address", "description": "Email address",
"type": "string", "type": "string",
"pattern": "^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,}$", "pattern": "^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,}$"
"example": "me@example.com"
},
"directive": {
"type": "string",
"enum": ["allow", "deny"],
"example": "allow"
},
"address": {
"oneOf": [
{
"type": "string",
"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
},
{
"type": "string",
"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
{
"type": "string",
"pattern": "^all$"
}
],
"example": "192.168.0.11"
},
"access_items": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"username": {
"type": "string",
"minLength": 1
},
"password": {
"type": "string"
}
},
"example": {
"username": "admin",
"password": "pass"
}
},
"example": [
{
"username": "admin",
"password": "pass"
}
]
},
"access_clients": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"address": {
"$ref": "#/properties/address"
},
"directive": {
"$ref": "#/properties/directive"
}
},
"example": {
"directive": "allow",
"address": "192.168.0.0/24"
}
},
"example": [
{
"directive": "allow",
"address": "192.168.0.0/24"
}
]
},
"certificate_files": {
"description": "Certificate Files",
"content": {
"multipart/form-data": {
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["certificate", "certificate_key"],
"properties": {
"certificate": {
"type": "string",
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
},
"certificate_key": {
"type": "string",
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
},
"intermediate_certificate": {
"type": "string",
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
}
}
},
"example": {
"certificate": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----",
"certificate_key": "-----BEGIN PRIVATE\nMIID...-----END CERTIFICATE-----"
}
}
}
} }
} }
} }

40
backend/schema/components/access-list-object.json
View File

@@ -1,7 +1,8 @@
{ {
"type": "object", "type": "object",
"description": "Access List object", "description": "Access List object",
"required": ["id", "created_on", "modified_on", "owner_user_id", "name", "meta", "satisfy_any", "pass_auth", "proxy_host_count"], "required": ["id", "created_on", "modified_on", "owner_user_id", "name", "directive", "address", "satisfy_any", "pass_auth", "meta"],
"additionalProperties": false,
"properties": { "properties": {
"id": { "id": {
"$ref": "../common.json#/properties/id" "$ref": "../common.json#/properties/id"
@@ -17,25 +18,36 @@
}, },
"name": { "name": {
"type": "string", "type": "string",
"minLength": 1, "minLength": 1
"example": "My Access List"
}, },
"meta": { "directive": {
"type": "object", "type": "string",
"example": {} "enum": ["allow", "deny"]
},
"address": {
"oneOf": [
{
"type": "string",
"pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
},
{
"type": "string",
"pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
{
"type": "string",
"pattern": "^all$"
}
]
}, },
"satisfy_any": { "satisfy_any": {
"type": "boolean", "type": "boolean"
"example": true
}, },
"pass_auth": { "pass_auth": {
"type": "boolean", "type": "boolean"
"example": false
}, },
"proxy_host_count": { "meta": {
"type": "integer", "type": "object"
"minimum": 0,
"example": 3
} }
} }
} }

7
backend/schema/components/audit-log-list.json
View File

@@ -1,7 +0,0 @@
{
"type": "array",
"description": "Audit Log list",
"items": {
"$ref": "./audit-log-object.json"
}
}

23
backend/schema/components/audit-log-object.json
View File

@@ -1,16 +1,7 @@
{ {
"type": "object", "type": "object",
"description": "Audit Log object", "description": "Audit Log object",
"required": [ "required": ["id", "created_on", "modified_on", "user_id", "object_type", "object_id", "action", "meta"],
"id",
"created_on",
"modified_on",
"user_id",
"object_type",
"object_id",
"action",
"meta"
],
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {
"id": { "id": {
@@ -26,22 +17,16 @@
"$ref": "../common.json#/properties/user_id" "$ref": "../common.json#/properties/user_id"
}, },
"object_type": { "object_type": {
"type": "string", "type": "string"
"example": "certificate"
}, },
"object_id": { "object_id": {
"$ref": "../common.json#/properties/id" "$ref": "../common.json#/properties/id"
}, },
"action": { "action": {
"type": "string", "type": "string"
"example": "created"
}, },
"meta": { "meta": {
"type": "object", "type": "object"
"example": {}
},
"user": {
"$ref": "./user-object.json"
} }
} }
} }

24
backend/schema/components/certificate-object.json
View File

@@ -21,8 +21,7 @@
}, },
"nice_name": { "nice_name": {
"type": "string", "type": "string",
"description": "Nice Name for the custom certificate", "description": "Nice Name for the custom certificate"
"example": "My Custom Cert"
}, },
"domain_names": { "domain_names": {
"description": "Domain Names separated by a comma", "description": "Domain Names separated by a comma",
@@ -32,14 +31,12 @@
"items": { "items": {
"type": "string", "type": "string",
"pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$" "pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$"
}, }
"example": ["example.com", "www.example.com"]
}, },
"expires_on": { "expires_on": {
"description": "Date and time of expiration", "description": "Date and time of expiration",
"readOnly": true, "readOnly": true,
"type": "string", "type": "string"
"example": "2025-10-28T04:17:54.000Z"
}, },
"owner": { "owner": {
"$ref": "./user-object.json" "$ref": "./user-object.json"
@@ -59,22 +56,25 @@
"dns_challenge": { "dns_challenge": {
"type": "boolean" "type": "boolean"
}, },
"dns_provider_credentials": {
"type": "string"
},
"dns_provider": { "dns_provider": {
"type": "string" "type": "string"
}, },
"dns_provider_credentials": {
"type": "string"
},
"letsencrypt_agree": {
"type": "boolean"
},
"letsencrypt_certificate": { "letsencrypt_certificate": {
"type": "object" "type": "object"
}, },
"letsencrypt_email": {
"$ref": "../common.json#/properties/email"
},
"propagation_seconds": { "propagation_seconds": {
"type": "integer", "type": "integer",
"minimum": 0 "minimum": 0
} }
},
"example": {
"dns_challenge": false
} }
} }
} }

21
backend/schema/components/dead-host-object.json
View File

@@ -35,30 +35,13 @@
"$ref": "../common.json#/properties/http2_support" "$ref": "../common.json#/properties/http2_support"
}, },
"advanced_config": { "advanced_config": {
"type": "string", "type": "string"
"example": ""
}, },
"enabled": { "enabled": {
"$ref": "../common.json#/properties/enabled" "$ref": "../common.json#/properties/enabled"
}, },
"meta": { "meta": {
"type": "object", "type": "object"
"example": {}
},
"certificate": {
"oneOf": [
{
"type": "null",
"example": null
},
{
"$ref": "./certificate-object.json"
}
],
"example": null
},
"owner": {
"$ref": "./user-object.json"
} }
} }
} }

23
backend/schema/components/dns-providers-list.json
View File

@@ -1,23 +0,0 @@
{
"type": "array",
"description": "DNS Providers list",
"items": {
"type": "object",
"required": ["id", "name", "credentials"],
"additionalProperties": false,
"properties": {
"id": {
"type": "string",
"description": "Unique identifier for the DNS provider, matching the python package"
},
"name": {
"type": "string",
"description": "Human-readable name of the DNS provider"
},
"credentials": {
"type": "string",
"description": "Instructions on how to format the credentials for this DNS provider"
}
}
}
}

6
backend/schema/components/error-object.json
View File

@@ -5,12 +5,10 @@
"required": ["code", "message"], "required": ["code", "message"],
"properties": { "properties": {
"code": { "code": {
"type": "integer", "type": "integer"
"example": 400
}, },
"message": { "message": {
"type": "string", "type": "string"
"example": "Bad Request"
} }
} }
} }

9
backend/schema/components/health-object.json
View File

@@ -27,18 +27,15 @@
"properties": { "properties": {
"major": { "major": {
"type": "integer", "type": "integer",
"minimum": 0, "minimum": 0
"example": 2
}, },
"minor": { "minor": {
"type": "integer", "type": "integer",
"minimum": 0, "minimum": 0
"example": 10
}, },
"revision": { "revision": {
"type": "integer", "type": "integer",
"minimum": 0, "minimum": 0
"example": 1
} }
} }
} }

21
backend/schema/components/permission-object.json
View File

@@ -5,44 +5,37 @@
"visibility": { "visibility": {
"type": "string", "type": "string",
"description": "Visibility Type", "description": "Visibility Type",
"enum": ["all", "user"], "enum": ["all", "user"]
"example": "all"
}, },
"access_lists": { "access_lists": {
"type": "string", "type": "string",
"description": "Access Lists Permissions", "description": "Access Lists Permissions",
"enum": ["hidden", "view", "manage"], "enum": ["hidden", "view", "manage"]
"example": "view"
}, },
"dead_hosts": { "dead_hosts": {
"type": "string", "type": "string",
"description": "404 Hosts Permissions", "description": "404 Hosts Permissions",
"enum": ["hidden", "view", "manage"], "enum": ["hidden", "view", "manage"]
"example": "manage"
}, },
"proxy_hosts": { "proxy_hosts": {
"type": "string", "type": "string",
"description": "Proxy Hosts Permissions", "description": "Proxy Hosts Permissions",
"enum": ["hidden", "view", "manage"], "enum": ["hidden", "view", "manage"]
"example": "hidden"
}, },
"redirection_hosts": { "redirection_hosts": {
"type": "string", "type": "string",
"description": "Redirection Permissions", "description": "Redirection Permissions",
"enum": ["hidden", "view", "manage"], "enum": ["hidden", "view", "manage"]
"example": "view"
}, },
"streams": { "streams": {
"type": "string", "type": "string",
"description": "Streams Permissions", "description": "Streams Permissions",
"enum": ["hidden", "view", "manage"], "enum": ["hidden", "view", "manage"]
"example": "manage"
}, },
"certificates": { "certificates": {
"type": "string", "type": "string",
"description": "Certificates Permissions", "description": "Certificates Permissions",
"enum": ["hidden", "view", "manage"], "enum": ["hidden", "view", "manage"]
"example": "hidden"
} }
} }
} }

43
backend/schema/components/proxy-host-object.json
View File

@@ -24,6 +24,7 @@
"hsts_enabled", "hsts_enabled",
"hsts_subdomains" "hsts_subdomains"
], ],
"additionalProperties": false,
"properties": { "properties": {
"id": { "id": {
"$ref": "../common.json#/properties/id" "$ref": "../common.json#/properties/id"
@@ -43,14 +44,12 @@
"forward_host": { "forward_host": {
"type": "string", "type": "string",
"minLength": 1, "minLength": 1,
"maxLength": 255, "maxLength": 255
"example": "127.0.0.1"
}, },
"forward_port": { "forward_port": {
"type": "integer", "type": "integer",
"minimum": 1, "minimum": 1,
"maximum": 65535, "maximum": 65535
"example": 8080
}, },
"access_list_id": { "access_list_id": {
"$ref": "../common.json#/properties/access_list_id" "$ref": "../common.json#/properties/access_list_id"
@@ -68,28 +67,22 @@
"$ref": "../common.json#/properties/block_exploits" "$ref": "../common.json#/properties/block_exploits"
}, },
"advanced_config": { "advanced_config": {
"type": "string", "type": "string"
"example": ""
}, },
"meta": { "meta": {
"type": "object", "type": "object"
"example": {
"nginx_online": true,
"nginx_err": null
}
}, },
"allow_websocket_upgrade": { "allow_websocket_upgrade": {
"description": "Allow Websocket Upgrade for all paths", "description": "Allow Websocket Upgrade for all paths",
"type": "boolean", "example": true,
"example": true "type": "boolean"
}, },
"http2_support": { "http2_support": {
"$ref": "../common.json#/properties/http2_support" "$ref": "../common.json#/properties/http2_support"
}, },
"forward_scheme": { "forward_scheme": {
"type": "string", "type": "string",
"enum": ["http", "https"], "enum": ["http", "https"]
"example": "http"
}, },
"enabled": { "enabled": {
"$ref": "../common.json#/properties/enabled" "$ref": "../common.json#/properties/enabled"
@@ -125,15 +118,7 @@
"type": "string" "type": "string"
} }
} }
},
"example": [
{
"path": "/app",
"forward_scheme": "http",
"forward_host": "example.com",
"forward_port": 80
} }
]
}, },
"hsts_enabled": { "hsts_enabled": {
"$ref": "../common.json#/properties/hsts_enabled" "$ref": "../common.json#/properties/hsts_enabled"
@@ -144,14 +129,12 @@
"certificate": { "certificate": {
"oneOf": [ "oneOf": [
{ {
"type": "null", "type": "null"
"example": null
}, },
{ {
"$ref": "./certificate-object.json" "$ref": "./certificate-object.json"
} }
], ]
"example": null
}, },
"owner": { "owner": {
"$ref": "./user-object.json" "$ref": "./user-object.json"
@@ -159,14 +142,12 @@
"access_list": { "access_list": {
"oneOf": [ "oneOf": [
{ {
"type": "null", "type": "null"
"example": null
}, },
{ {
"$ref": "./access-list-object.json" "$ref": "./access-list-object.json"
} }
], ]
"example": null
} }
} }
} }

64
backend/schema/components/redirection-host-object.json
View File

@@ -1,26 +1,7 @@
{ {
"type": "object", "type": "object",
"description": "Redirection Host object", "description": "Redirection Host object",
"required": [ "required": ["id", "created_on", "modified_on", "owner_user_id", "domain_names", "forward_http_code", "forward_scheme", "forward_domain_name", "preserve_path", "certificate_id", "ssl_forced", "hsts_enabled", "hsts_subdomains", "http2_support", "block_exploits", "advanced_config", "enabled", "meta"],
"id",
"created_on",
"modified_on",
"owner_user_id",
"domain_names",
"forward_http_code",
"forward_scheme",
"forward_domain_name",
"preserve_path",
"certificate_id",
"ssl_forced",
"hsts_enabled",
"hsts_subdomains",
"http2_support",
"block_exploits",
"advanced_config",
"enabled",
"meta"
],
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {
"id": { "id": {
@@ -40,30 +21,25 @@
}, },
"forward_http_code": { "forward_http_code": {
"description": "Redirect HTTP Status Code", "description": "Redirect HTTP Status Code",
"example": 302,
"type": "integer", "type": "integer",
"minimum": 300, "minimum": 300,
"maximum": 308, "maximum": 308
"example": 302
}, },
"forward_scheme": { "forward_scheme": {
"type": "string", "type": "string",
"enum": [ "enum": ["auto", "http", "https"]
"auto",
"http",
"https"
],
"example": "http"
}, },
"forward_domain_name": { "forward_domain_name": {
"description": "Domain Name", "description": "Domain Name",
"example": "jc21.com",
"type": "string", "type": "string",
"pattern": "^(?:[^.*]+\\.?)+[^.]$", "pattern": "^(?:[^.*]+\\.?)+[^.]$"
"example": "jc21.com"
}, },
"preserve_path": { "preserve_path": {
"description": "Should the path be preserved", "description": "Should the path be preserved",
"type": "boolean", "example": true,
"example": true "type": "boolean"
}, },
"certificate_id": { "certificate_id": {
"$ref": "../common.json#/properties/certificate_id" "$ref": "../common.json#/properties/certificate_id"
@@ -84,33 +60,13 @@
"$ref": "../common.json#/properties/block_exploits" "$ref": "../common.json#/properties/block_exploits"
}, },
"advanced_config": { "advanced_config": {
"type": "string", "type": "string"
"example": ""
}, },
"enabled": { "enabled": {
"$ref": "../common.json#/properties/enabled" "$ref": "../common.json#/properties/enabled"
}, },
"meta": { "meta": {
"type": "object", "type": "object"
"example": {
"nginx_online": true,
"nginx_err": null
}
},
"certificate": {
"oneOf": [
{
"type": "null",
"example": null
},
{
"$ref": "./certificate-object.json"
}
],
"example": null
},
"owner": {
"$ref": "./user-object.json"
} }
} }
} }

6
backend/schema/components/security-schemes.json
View File

@@ -1,8 +1,6 @@
{ {
"bearerAuth": { "BearerAuth": {
"type": "http", "type": "http",
"scheme": "bearer", "scheme": "bearer"
"bearerFormat": "JWT",
"description": "JWT Bearer Token authentication"
} }
} }

47
backend/schema/components/stream-object.json
View File

@@ -1,19 +1,7 @@
{ {
"type": "object", "type": "object",
"description": "Stream object", "description": "Stream object",
"required": [ "required": ["id", "created_on", "modified_on", "owner_user_id", "incoming_port", "forwarding_host", "forwarding_port", "tcp_forwarding", "udp_forwarding", "enabled", "meta"],
"id",
"created_on",
"modified_on",
"owner_user_id",
"incoming_port",
"forwarding_host",
"forwarding_port",
"tcp_forwarding",
"udp_forwarding",
"enabled",
"meta"
],
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {
"id": { "id": {
@@ -31,41 +19,36 @@
"incoming_port": { "incoming_port": {
"type": "integer", "type": "integer",
"minimum": 1, "minimum": 1,
"maximum": 65535, "maximum": 65535
"example": 9090
}, },
"forwarding_host": { "forwarding_host": {
"anyOf": [ "anyOf": [
{ {
"description": "Domain Name", "description": "Domain Name",
"example": "jc21.com",
"type": "string", "type": "string",
"pattern": "^(?:[^.*]+\\.?)+[^.]$", "pattern": "^(?:[^.*]+\\.?)+[^.]$"
"example": "example.com"
}, },
{ {
"type": "string", "type": "string",
"format": "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}$" "format": "ipv4"
}, },
{ {
"type": "string", "type": "string",
"format": "ipv6" "format": "ipv6"
} }
], ]
"example": "example.com"
}, },
"forwarding_port": { "forwarding_port": {
"type": "integer", "type": "integer",
"minimum": 1, "minimum": 1,
"maximum": 65535, "maximum": 65535
"example": 80
}, },
"tcp_forwarding": { "tcp_forwarding": {
"type": "boolean", "type": "boolean"
"example": true
}, },
"udp_forwarding": { "udp_forwarding": {
"type": "boolean", "type": "boolean"
"example": false
}, },
"enabled": { "enabled": {
"$ref": "../common.json#/properties/enabled" "$ref": "../common.json#/properties/enabled"
@@ -74,8 +57,10 @@
"$ref": "../common.json#/properties/certificate_id" "$ref": "../common.json#/properties/certificate_id"
}, },
"meta": { "meta": {
"type": "object", "type": "object"
"example": {} },
"owner": {
"$ref": "./user-object.json"
}, },
"certificate": { "certificate": {
"oneOf": [ "oneOf": [
@@ -85,11 +70,7 @@
{ {
"$ref": "./certificate-object.json" "$ref": "./certificate-object.json"
} }
], ]
"example": null
},
"owner": {
"$ref": "./user-object.json"
} }
} }
} }

12
backend/schema/components/user-object.json
View File

@@ -77,37 +77,37 @@
"proxy_hosts": { "proxy_hosts": {
"type": "string", "type": "string",
"description": "Proxy Hosts access level", "description": "Proxy Hosts access level",
"example": "manage", "example": "all",
"pattern": "^(manage|view|hidden)$" "pattern": "^(manage|view|hidden)$"
}, },
"redirection_hosts": { "redirection_hosts": {
"type": "string", "type": "string",
"description": "Redirection Hosts access level", "description": "Redirection Hosts access level",
"example": "manage", "example": "all",
"pattern": "^(manage|view|hidden)$" "pattern": "^(manage|view|hidden)$"
}, },
"dead_hosts": { "dead_hosts": {
"type": "string", "type": "string",
"description": "Dead Hosts access level", "description": "Dead Hosts access level",
"example": "manage", "example": "all",
"pattern": "^(manage|view|hidden)$" "pattern": "^(manage|view|hidden)$"
}, },
"streams": { "streams": {
"type": "string", "type": "string",
"description": "Streams access level", "description": "Streams access level",
"example": "manage", "example": "all",
"pattern": "^(manage|view|hidden)$" "pattern": "^(manage|view|hidden)$"
}, },
"access_lists": { "access_lists": {
"type": "string", "type": "string",
"description": "Access Lists access level", "description": "Access Lists access level",
"example": "hidden", "example": "all",
"pattern": "^(manage|view|hidden)$" "pattern": "^(manage|view|hidden)$"
}, },
"certificates": { "certificates": {
"type": "string", "type": "string",
"description": "Certificates access level", "description": "Certificates access level",
"example": "view", "example": "all",
"pattern": "^(manage|view|hidden)$" "pattern": "^(manage|view|hidden)$"
} }
} }

10
backend/schema/paths/audit-log/get.json
View File

@@ -1,10 +1,10 @@
{ {
"operationId": "getAuditLogs", "operationId": "getAuditLog",
"summary": "Get Audit Logs", "summary": "Get Audit Log",
"tags": ["audit-log"], "tags": ["Audit Log"],
"security": [ "security": [
{ {
"bearerAuth": ["admin"] "BearerAuth": ["audit-log"]
} }
], ],
"responses": { "responses": {
@@ -44,7 +44,7 @@
} }
}, },
"schema": { "schema": {
"$ref": "../../components/audit-log-list.json" "$ref": "../../components/audit-log-object.json"
} }
} }
} }

72
backend/schema/paths/audit-log/id/get.json
View File

@@ -1,72 +0,0 @@
{
"operationId": "getAuditLog",
"summary": "Get Audit Log Event",
"tags": ["audit-log"],
"security": [
{
"bearerAuth": [
"admin"
]
}
],
"parameters": [
{
"in": "path",
"name": "id",
"description": "Audit Log Event ID",
"schema": {
"type": "integer",
"minimum": 1
},
"required": true,
"example": 1
}
],
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"examples": {
"default": {
"value": {
"id": 1,
"created_on": "2025-09-15T17:27:45.000Z",
"modified_on": "2025-09-15T17:27:45.000Z",
"user_id": 1,
"object_type": "user",
"object_id": 1,
"action": "created",
"meta": {
"id": 1,
"created_on": "2025-09-15T17:27:45.000Z",
"modified_on": "2025-09-15T17:27:45.000Z",
"is_disabled": false,
"email": "jc@jc21.com",
"name": "Jamie",
"nickname": "Jamie",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"roles": [
"admin"
],
"permissions": {
"visibility": "all",
"proxy_hosts": "manage",
"redirection_hosts": "manage",
"dead_hosts": "manage",
"streams": "manage",
"access_lists": "manage",
"certificates": "manage"
}
}
}
}
},
"schema": {
"$ref": "../../../components/audit-log-object.json"
}
}
}
}
}
}

2
backend/schema/paths/get.json
View File

@@ -1,7 +1,7 @@
{ {
"operationId": "health", "operationId": "health",
"summary": "Returns the API health status", "summary": "Returns the API health status",
"tags": ["public"], "tags": ["Public"],
"responses": { "responses": {
"200": { "200": {
"description": "200 response", "description": "200 response",

21
backend/schema/paths/nginx/access-lists/get.json
View File

@@ -1,12 +1,10 @@
{ {
"operationId": "getAccessLists", "operationId": "getAccessLists",
"summary": "Get all access lists", "summary": "Get all access lists",
"tags": ["access-lists"], "tags": ["Access Lists"],
"security": [ "security": [
{ {
"bearerAuth": [ "BearerAuth": ["access_lists"]
"access_lists.view"
]
} }
], ],
"parameters": [ "parameters": [
@@ -16,12 +14,7 @@
"description": "Expansions", "description": "Expansions",
"schema": { "schema": {
"type": "string", "type": "string",
"enum": [ "enum": ["owner", "items", "clients", "proxy_hosts"]
"owner",
"items",
"clients",
"proxy_hosts"
]
} }
} }
], ],
@@ -30,7 +23,10 @@
"description": "200 response", "description": "200 response",
"content": { "content": {
"application/json": { "application/json": {
"example": { "examples": {
"default": {
"value": [
{
"id": 1, "id": 1,
"created_on": "2024-10-08T22:15:40.000Z", "created_on": "2024-10-08T22:15:40.000Z",
"modified_on": "2024-10-08T22:15:40.000Z", "modified_on": "2024-10-08T22:15:40.000Z",
@@ -40,6 +36,9 @@
"satisfy_any": true, "satisfy_any": true,
"pass_auth": false, "pass_auth": false,
"proxy_host_count": 0 "proxy_host_count": 0
}
]
}
}, },
"schema": { "schema": {
"$ref": "../../../components/access-list-object.json" "$ref": "../../../components/access-list-object.json"

5
backend/schema/paths/nginx/access-lists/listID/delete.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "deleteAccessList", "operationId": "deleteAccessList",
"summary": "Delete a Access List", "summary": "Delete a Access List",
"tags": ["access-lists"], "tags": ["Access Lists"],
"security": [ "security": [
{ {
"bearerAuth": ["access_lists.manage"] "BearerAuth": ["access_lists"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "listID", "name": "listID",
"description": "Access List ID",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

25
backend/schema/paths/nginx/access-lists/listID/get.json
View File

@@ -1,21 +1,16 @@
{ {
"operationId": "getAccessList", "operationId": "getAccessList",
"summary": "Get a access List", "summary": "Get a access List",
"tags": [ "tags": ["Access Lists"],
"access-lists"
],
"security": [ "security": [
{ {
"bearerAuth": [ "BearerAuth": ["access_lists"]
"access_lists.view"
]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "listID", "name": "listID",
"description": "Access List ID",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1
@@ -33,14 +28,14 @@
"default": { "default": {
"value": { "value": {
"id": 1, "id": 1,
"created_on": "2025-10-28T04:06:55.000Z", "created_on": "2020-01-30T09:36:08.000Z",
"modified_on": "2025-10-29T22:48:20.000Z", "modified_on": "2020-01-30T09:41:04.000Z",
"owner_user_id": 1, "is_disabled": false,
"name": "My Access List", "email": "jc@jc21.com",
"meta": {}, "name": "Jamie Curnow",
"satisfy_any": false, "nickname": "James",
"pass_auth": false, "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"proxy_host_count": 1 "roles": ["admin"]
} }
} }
}, },

57
backend/schema/paths/nginx/access-lists/listID/put.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "updateAccessList", "operationId": "updateAccessList",
"summary": "Update a Access List", "summary": "Update a Access List",
"tags": ["access-lists"], "tags": ["Access Lists"],
"security": [ "security": [
{ {
"bearerAuth": ["access_lists.manage"] "BearerAuth": ["access_lists"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "listID", "name": "listID",
"description": "Access List ID",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1
@@ -40,29 +39,50 @@
"$ref": "../../../../components/access-list-object.json#/properties/pass_auth" "$ref": "../../../../components/access-list-object.json#/properties/pass_auth"
}, },
"items": { "items": {
"$ref": "../../../../common.json#/properties/access_items" "type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"username": {
"type": "string",
"minLength": 1
}, },
"clients": { "password": {
"$ref": "../../../../common.json#/properties/access_clients" "type": "string"
}
} }
} }
}, },
"example": { "clients": {
"name": "My Access List", "type": "array",
"satisfy_any": true, "items": {
"pass_auth": false, "type": "object",
"items": [ "additionalProperties": false,
"properties": {
"address": {
"oneOf": [
{ {
"username": "admin2", "type": "string",
"password": "pass2" "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
} },
],
"clients": [
{ {
"directive": "allow", "type": "string",
"address": "192.168.0.0/24" "pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
{
"type": "string",
"pattern": "^all$"
} }
] ]
},
"directive": {
"$ref": "../../../../components/access-list-object.json#/properties/directive"
}
}
}
}
}
} }
} }
} }
@@ -88,6 +108,7 @@
"id": 1, "id": 1,
"created_on": "2024-10-07T22:43:55.000Z", "created_on": "2024-10-07T22:43:55.000Z",
"modified_on": "2024-10-08T12:52:54.000Z", "modified_on": "2024-10-08T12:52:54.000Z",
"is_deleted": false,
"is_disabled": false, "is_disabled": false,
"email": "admin@example.com", "email": "admin@example.com",
"name": "Administrator", "name": "Administrator",

70
backend/schema/paths/nginx/access-lists/post.json
View File

@@ -1,12 +1,10 @@
{ {
"operationId": "createAccessList", "operationId": "createAccessList",
"summary": "Create a Access List", "summary": "Create a Access List",
"tags": ["access-lists"], "tags": ["Access Lists"],
"security": [ "security": [
{ {
"bearerAuth": [ "BearerAuth": ["access_lists"]
"access_lists.manage"
]
} }
], ],
"requestBody": { "requestBody": {
@@ -17,9 +15,7 @@
"schema": { "schema": {
"type": "object", "type": "object",
"additionalProperties": false, "additionalProperties": false,
"required": [ "required": ["name"],
"name"
],
"properties": { "properties": {
"name": { "name": {
"$ref": "../../../components/access-list-object.json#/properties/name" "$ref": "../../../components/access-list-object.json#/properties/name"
@@ -31,29 +27,54 @@
"$ref": "../../../components/access-list-object.json#/properties/pass_auth" "$ref": "../../../components/access-list-object.json#/properties/pass_auth"
}, },
"items": { "items": {
"$ref": "../../../common.json#/properties/access_items" "type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"username": {
"type": "string",
"minLength": 1
}, },
"clients": { "password": {
"$ref": "../../../common.json#/properties/access_clients" "type": "string",
"minLength": 1
}
} }
} }
}, },
"example": { "clients": {
"name": "My Access List", "type": "array",
"satisfy_any": true, "items": {
"pass_auth": false, "type": "object",
"items": [ "additionalProperties": false,
"properties": {
"address": {
"oneOf": [
{ {
"username": "admin", "type": "string",
"password": "pass" "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
} },
],
"clients": [
{ {
"directive": "allow", "type": "string",
"address": "192.168.0.0/24" "pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$"
},
{
"type": "string",
"pattern": "^all$"
} }
] ]
},
"directive": {
"$ref": "../../../components/access-list-object.json#/properties/directive"
}
}
}
},
"meta": {
"$ref": "../../../components/access-list-object.json#/properties/meta"
}
}
} }
} }
} }
@@ -79,14 +100,13 @@
"id": 1, "id": 1,
"created_on": "2024-10-07T22:43:55.000Z", "created_on": "2024-10-07T22:43:55.000Z",
"modified_on": "2024-10-08T12:52:54.000Z", "modified_on": "2024-10-08T12:52:54.000Z",
"is_deleted": false,
"is_disabled": false, "is_disabled": false,
"email": "admin@example.com", "email": "admin@example.com",
"name": "Administrator", "name": "Administrator",
"nickname": "some guy", "nickname": "some guy",
"avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm", "avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm",
"roles": [ "roles": ["admin"]
"admin"
]
}, },
"items": [ "items": [
{ {

5
backend/schema/paths/nginx/certificates/certID/delete.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "deleteCertificate", "operationId": "deleteCertificate",
"summary": "Delete a Certificate", "summary": "Delete a Certificate",
"tags": ["certificates"], "tags": ["Certificates"],
"security": [ "security": [
{ {
"bearerAuth": ["certificates.manage"] "BearerAuth": ["certificates"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "certID", "name": "certID",
"description": "Certificate ID",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

5
backend/schema/paths/nginx/certificates/certID/download/get.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "downloadCertificate", "operationId": "downloadCertificate",
"summary": "Downloads a Certificate", "summary": "Downloads a Certificate",
"tags": ["certificates"], "tags": ["Certificates"],
"security": [ "security": [
{ {
"bearerAuth": ["certificates.manage"] "BearerAuth": ["certificates"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "certID", "name": "certID",
"description": "Certificate ID",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

7
backend/schema/paths/nginx/certificates/certID/get.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "getCertificate", "operationId": "getCertificate",
"summary": "Get a Certificate", "summary": "Get a Certificate",
"tags": ["certificates"], "tags": ["Certificates"],
"security": [ "security": [
{ {
"bearerAuth": ["certificates.view"] "BearerAuth": ["certificates"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "certID", "name": "certID",
"description": "Certificate ID",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1
@@ -37,6 +36,8 @@
"domain_names": ["test.example.com"], "domain_names": ["test.example.com"],
"expires_on": "2025-01-07T04:34:18.000Z", "expires_on": "2025-01-07T04:34:18.000Z",
"meta": { "meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false "dns_challenge": false
} }
} }

8
backend/schema/paths/nginx/certificates/certID/renew/post.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "renewCertificate", "operationId": "renewCertificate",
"summary": "Renews a Certificate", "summary": "Renews a Certificate",
"tags": ["certificates"], "tags": ["Certificates"],
"security": [ "security": [
{ {
"bearerAuth": ["certificates.manage"] "BearerAuth": ["certificates"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "certID", "name": "certID",
"description": "Certificate ID",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1
@@ -33,10 +32,13 @@
"id": 4, "id": 4,
"created_on": "2024-10-09T05:31:58.000Z", "created_on": "2024-10-09T05:31:58.000Z",
"owner_user_id": 1, "owner_user_id": 1,
"is_deleted": false,
"provider": "letsencrypt", "provider": "letsencrypt",
"nice_name": "My Test Cert", "nice_name": "My Test Cert",
"domain_names": ["test.jc21.supernerd.pro"], "domain_names": ["test.jc21.supernerd.pro"],
"meta": { "meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false "dns_challenge": false
} }
} }

37
backend/schema/paths/nginx/certificates/certID/upload/post.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "uploadCertificate", "operationId": "uploadCertificate",
"summary": "Uploads a custom Certificate", "summary": "Uploads a custom Certificate",
"tags": ["certificates"], "tags": ["Certificates"],
"security": [ "security": [
{ {
"bearerAuth": ["certificates.manage"] "BearerAuth": ["certificates"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "certID", "name": "certID",
"description": "Certificate ID",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1
@@ -21,7 +20,28 @@
} }
], ],
"requestBody": { "requestBody": {
"$ref": "../../../../../common.json#/properties/certificate_files" "description": "Certificate Files",
"required": true,
"content": {
"multipart/form-data": {
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["certificate", "certificate_key"],
"properties": {
"certificate": {
"type": "string"
},
"certificate_key": {
"type": "string"
},
"intermediate_certificate": {
"type": "string"
}
}
}
}
}
}, },
"responses": { "responses": {
"200": { "200": {
@@ -43,18 +63,15 @@
"properties": { "properties": {
"certificate": { "certificate": {
"type": "string", "type": "string",
"minLength": 1, "minLength": 1
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
}, },
"certificate_key": { "certificate_key": {
"type": "string", "type": "string",
"minLength": 1, "minLength": 1
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
}, },
"intermediate_certificate": { "intermediate_certificate": {
"type": "string", "type": "string",
"minLength": 1, "minLength": 1
"example": "-----BEGIN CERTIFICATE-----\nMIID...-----END CERTIFICATE-----"
} }
} }
} }

48
backend/schema/paths/nginx/certificates/dns-providers/get.json
View File

@@ -1,48 +0,0 @@
{
"operationId": "getDNSProviders",
"summary": "Get DNS Providers for Certificates",
"tags": ["certificates"],
"security": [
{
"bearerAuth": ["certificates.view"]
}
],
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"examples": {
"default": {
"value": [
{
"id": "vultr",
"name": "Vultr",
"credentials": "dns_vultr_key = YOUR_VULTR_API_KEY"
},
{
"id": "websupport",
"name": "Websupport.sk",
"credentials": "dns_websupport_identifier = <api_key>\ndns_websupport_secret_key = <secret>"
},
{
"id": "wedos",
"name": "Wedos",
"credentials": "dns_wedos_user = <wedos_registration>\ndns_wedos_auth = <wapi_password>"
},
{
"id": "zoneedit",
"name": "ZoneEdit",
"credentials": "dns_zoneedit_user = <login-user-id>\ndns_zoneedit_token = <dyn-authentication-token>"
}
]
}
},
"schema": {
"$ref": "../../../../components/dns-providers-list.json"
}
}
}
}
}
}

6
backend/schema/paths/nginx/certificates/get.json
View File

@@ -1,10 +1,10 @@
{ {
"operationId": "getCertificates", "operationId": "getCertificates",
"summary": "Get all certificates", "summary": "Get all certificates",
"tags": ["certificates"], "tags": ["Certificates"],
"security": [ "security": [
{ {
"bearerAuth": ["certificates.view"] "BearerAuth": ["certificates"]
} }
], ],
"parameters": [ "parameters": [
@@ -36,6 +36,8 @@
"domain_names": ["test.example.com"], "domain_names": ["test.example.com"],
"expires_on": "2025-01-07T04:34:18.000Z", "expires_on": "2025-01-07T04:34:18.000Z",
"meta": { "meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false "dns_challenge": false
} }
} }

14
backend/schema/paths/nginx/certificates/post.json
View File

@@ -1,10 +1,10 @@
{ {
"operationId": "createCertificate", "operationId": "createCertificate",
"summary": "Create a Certificate", "summary": "Create a Certificate",
"tags": ["certificates"], "tags": ["Certificates"],
"security": [ "security": [
{ {
"bearerAuth": ["certificates.manage"] "BearerAuth": ["certificates"]
} }
], ],
"requestBody": { "requestBody": {
@@ -30,13 +30,6 @@
"$ref": "../../../components/certificate-object.json#/properties/meta" "$ref": "../../../components/certificate-object.json#/properties/meta"
} }
} }
},
"example": {
"provider": "letsencrypt",
"domain_names": ["test.example.com"],
"meta": {
"dns_challenge": false
}
} }
} }
} }
@@ -54,10 +47,13 @@
"id": 5, "id": 5,
"created_on": "2024-10-09 05:28:35", "created_on": "2024-10-09 05:28:35",
"owner_user_id": 1, "owner_user_id": 1,
"is_deleted": false,
"provider": "letsencrypt", "provider": "letsencrypt",
"nice_name": "test.example.com", "nice_name": "test.example.com",
"domain_names": ["test.example.com"], "domain_names": ["test.example.com"],
"meta": { "meta": {
"letsencrypt_email": "jc@jc21.com",
"letsencrypt_agree": true,
"dns_challenge": false, "dns_challenge": false,
"letsencrypt_certificate": { "letsencrypt_certificate": {
"cn": "test.example.com", "cn": "test.example.com",

26
backend/schema/paths/nginx/certificates/test-http/post.json → backend/schema/paths/nginx/certificates/test-http/get.json
View File

@@ -1,30 +1,24 @@
{ {
"operationId": "testHttpReach", "operationId": "testHttpReach",
"summary": "Test HTTP Reachability", "summary": "Test HTTP Reachability",
"tags": ["certificates"], "tags": ["Certificates"],
"security": [ "security": [
{ {
"bearerAuth": ["certificates.view"] "BearerAuth": ["certificates"]
} }
], ],
"requestBody": { "parameters": [
"description": "Test Payload", {
"in": "query",
"name": "domains",
"description": "Expansions",
"required": true, "required": true,
"content": {
"application/json": {
"schema": { "schema": {
"type": "object", "type": "string",
"additionalProperties": false, "example": "[\"test.example.ord\",\"test.example.com\",\"nonexistent.example.com\"]"
"required": ["domains"],
"properties": {
"domains": {
"$ref": "../../../../common.json#/properties/domain_names"
} }
} }
} ],
}
}
},
"responses": { "responses": {
"200": { "200": {
"description": "200 response", "description": "200 response",

40
backend/schema/paths/nginx/certificates/validate/post.json
View File

@@ -1,14 +1,35 @@
{ {
"operationId": "validateCertificates", "operationId": "validateCertificates",
"summary": "Validates given Custom Certificates", "summary": "Validates given Custom Certificates",
"tags": ["certificates"], "tags": ["Certificates"],
"security": [ "security": [
{ {
"bearerAuth": ["certificates.manage"] "BearerAuth": ["certificates"]
} }
], ],
"requestBody": { "requestBody": {
"$ref": "../../../../common.json#/properties/certificate_files" "description": "Certificate Files",
"required": true,
"content": {
"multipart/form-data": {
"schema": {
"type": "object",
"additionalProperties": false,
"required": ["certificate", "certificate_key"],
"properties": {
"certificate": {
"type": "string"
},
"certificate_key": {
"type": "string"
},
"intermediate_certificate": {
"type": "string"
}
}
}
}
}
}, },
"responses": { "responses": {
"200": { "200": {
@@ -41,12 +62,10 @@
"required": ["cn", "issuer", "dates"], "required": ["cn", "issuer", "dates"],
"properties": { "properties": {
"cn": { "cn": {
"type": "string", "type": "string"
"example": "example.com"
}, },
"issuer": { "issuer": {
"type": "string", "type": "string"
"example": "C = US, O = Let's Encrypt, CN = E5"
}, },
"dates": { "dates": {
"type": "object", "type": "object",
@@ -59,17 +78,12 @@
"to": { "to": {
"type": "integer" "type": "integer"
} }
},
"example": {
"from": 1728448218,
"to": 1736224217
} }
} }
} }
}, },
"certificate_key": { "certificate_key": {
"type": "boolean", "type": "boolean"
"example": true
} }
} }
} }

4
backend/schema/paths/nginx/dead-hosts/get.json
View File

@@ -1,10 +1,10 @@
{ {
"operationId": "getDeadHosts", "operationId": "getDeadHosts",
"summary": "Get all 404 hosts", "summary": "Get all 404 hosts",
"tags": ["404-hosts"], "tags": ["404 Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["dead_hosts.view"] "BearerAuth": ["dead_hosts"]
} }
], ],
"parameters": [ "parameters": [

5
backend/schema/paths/nginx/dead-hosts/hostID/delete.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "deleteDeadHost", "operationId": "deleteDeadHost",
"summary": "Delete a 404 Host", "summary": "Delete a 404 Host",
"tags": ["404-hosts"], "tags": ["404 Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["dead_hosts.manage"] "BearerAuth": ["dead_hosts"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the 404 Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

5
backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "disableDeadHost", "operationId": "disableDeadHost",
"summary": "Disable a 404 Host", "summary": "Disable a 404 Host",
"tags": ["404-hosts"], "tags": ["404 Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["dead_hosts.manage"] "BearerAuth": ["dead_hosts"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the 404 Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

5
backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "enableDeadHost", "operationId": "enableDeadHost",
"summary": "Enable a 404 Host", "summary": "Enable a 404 Host",
"tags": ["404-hosts"], "tags": ["404 Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["dead_hosts.manage"] "BearerAuth": ["dead_hosts"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the 404 Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

5
backend/schema/paths/nginx/dead-hosts/hostID/get.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "getDeadHost", "operationId": "getDeadHost",
"summary": "Get a 404 Host", "summary": "Get a 404 Host",
"tags": ["404-hosts"], "tags": ["404 Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["dead_hosts.view"] "BearerAuth": ["dead_hosts"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the 404 Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

6
backend/schema/paths/nginx/dead-hosts/hostID/put.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "updateDeadHost", "operationId": "updateDeadHost",
"summary": "Update a 404 Host", "summary": "Update a 404 Host",
"tags": ["404-hosts"], "tags": ["404 Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["dead_hosts.manage"] "BearerAuth": ["dead_hosts"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the 404 Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1
@@ -87,6 +86,7 @@
"id": 1, "id": 1,
"created_on": "2024-10-09T00:59:56.000Z", "created_on": "2024-10-09T00:59:56.000Z",
"modified_on": "2024-10-09T00:59:56.000Z", "modified_on": "2024-10-09T00:59:56.000Z",
"is_deleted": false,
"is_disabled": false, "is_disabled": false,
"email": "admin@example.com", "email": "admin@example.com",
"name": "Administrator", "name": "Administrator",

31
backend/schema/paths/nginx/dead-hosts/post.json
View File

@@ -1,12 +1,10 @@
{ {
"operationId": "create404Host", "operationId": "create404Host",
"summary": "Create a 404 Host", "summary": "Create a 404 Host",
"tags": ["404-hosts"], "tags": ["404 Hosts"],
"security": [ "security": [
{ {
"bearerAuth": [ "BearerAuth": ["dead_hosts"]
"dead_hosts.manage"
]
} }
], ],
"requestBody": { "requestBody": {
@@ -17,9 +15,7 @@
"schema": { "schema": {
"type": "object", "type": "object",
"additionalProperties": false, "additionalProperties": false,
"required": [ "required": ["domain_names"],
"domain_names"
],
"properties": { "properties": {
"domain_names": { "domain_names": {
"$ref": "../../../components/dead-host-object.json#/properties/domain_names" "$ref": "../../../components/dead-host-object.json#/properties/domain_names"
@@ -46,18 +42,6 @@
"$ref": "../../../components/dead-host-object.json#/properties/meta" "$ref": "../../../components/dead-host-object.json#/properties/meta"
} }
} }
},
"example": {
"domain_names": [
"test.example.com"
],
"certificate_id": 0,
"ssl_forced": false,
"advanced_config": "",
"http2_support": false,
"hsts_enabled": false,
"hsts_subdomains": false,
"meta": {}
} }
} }
} }
@@ -74,9 +58,7 @@
"created_on": "2024-10-09T01:38:52.000Z", "created_on": "2024-10-09T01:38:52.000Z",
"modified_on": "2024-10-09T01:38:52.000Z", "modified_on": "2024-10-09T01:38:52.000Z",
"owner_user_id": 1, "owner_user_id": 1,
"domain_names": [ "domain_names": ["test.example.com"],
"test.example.com"
],
"certificate_id": 0, "certificate_id": 0,
"ssl_forced": false, "ssl_forced": false,
"advanced_config": "", "advanced_config": "",
@@ -90,14 +72,13 @@
"id": 1, "id": 1,
"created_on": "2024-10-09T00:59:56.000Z", "created_on": "2024-10-09T00:59:56.000Z",
"modified_on": "2024-10-09T00:59:56.000Z", "modified_on": "2024-10-09T00:59:56.000Z",
"is_deleted": false,
"is_disabled": false, "is_disabled": false,
"email": "admin@example.com", "email": "admin@example.com",
"name": "Administrator", "name": "Administrator",
"nickname": "Admin", "nickname": "Admin",
"avatar": "", "avatar": "",
"roles": [ "roles": ["admin"]
"admin"
]
} }
} }
} }

28
backend/schema/paths/nginx/proxy-hosts/get.json
View File

@@ -1,12 +1,10 @@
{ {
"operationId": "getProxyHosts", "operationId": "getProxyHosts",
"summary": "Get all proxy hosts", "summary": "Get all proxy hosts",
"tags": ["proxy-hosts"], "tags": ["Proxy Hosts"],
"security": [ "security": [
{ {
"bearerAuth": [ "BearerAuth": ["proxy_hosts"]
"proxy_hosts.view"
]
} }
], ],
"parameters": [ "parameters": [
@@ -16,11 +14,7 @@
"description": "Expansions", "description": "Expansions",
"schema": { "schema": {
"type": "string", "type": "string",
"enum": [ "enum": ["access_list", "owner", "certificate"]
"access_list",
"owner",
"certificate"
]
} }
} }
], ],
@@ -34,16 +28,14 @@
"value": [ "value": [
{ {
"id": 1, "id": 1,
"created_on": "2025-10-28T01:10:26.000Z", "created_on": "2024-10-08T23:23:03.000Z",
"modified_on": "2025-10-28T04:07:16.000Z", "modified_on": "2024-10-08T23:23:04.000Z",
"owner_user_id": 1, "owner_user_id": 1,
"domain_names": [ "domain_names": ["test.example.com"],
"test.jc21com"
],
"forward_host": "127.0.0.1", "forward_host": "127.0.0.1",
"forward_port": 8081, "forward_port": 8989,
"access_list_id": 1, "access_list_id": 0,
"certificate_id": 1, "certificate_id": 0,
"ssl_forced": false, "ssl_forced": false,
"caching_enabled": false, "caching_enabled": false,
"block_exploits": false, "block_exploits": false,
@@ -56,7 +48,7 @@
"http2_support": false, "http2_support": false,
"forward_scheme": "http", "forward_scheme": "http",
"enabled": true, "enabled": true,
"locations": [], "locations": null,
"hsts_enabled": false, "hsts_enabled": false,
"hsts_subdomains": false "hsts_subdomains": false
} }

5
backend/schema/paths/nginx/proxy-hosts/hostID/delete.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "deleteProxyHost", "operationId": "deleteProxyHost",
"summary": "Delete a Proxy Host", "summary": "Delete a Proxy Host",
"tags": ["proxy-hosts"], "tags": ["Proxy Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["proxy_hosts.manage"] "BearerAuth": ["proxy_hosts"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the Proxy Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

5
backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "disableProxyHost", "operationId": "disableProxyHost",
"summary": "Disable a Proxy Host", "summary": "Disable a Proxy Host",
"tags": ["proxy-hosts"], "tags": ["Proxy Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["proxy_hosts.manage"] "BearerAuth": ["proxy_hosts"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the Proxy Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

5
backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "enableProxyHost", "operationId": "enableProxyHost",
"summary": "Enable a Proxy Host", "summary": "Enable a Proxy Host",
"tags": ["proxy-hosts"], "tags": ["Proxy Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["proxy_hosts.manage"] "BearerAuth": ["proxy_hosts"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the Proxy Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

38
backend/schema/paths/nginx/proxy-hosts/hostID/get.json
View File

@@ -1,19 +1,16 @@
{ {
"operationId": "getProxyHost", "operationId": "getProxyHost",
"summary": "Get a Proxy Host", "summary": "Get a Proxy Host",
"tags": ["proxy-hosts"], "tags": ["Proxy Hosts"],
"security": [ "security": [
{ {
"bearerAuth": [ "BearerAuth": ["proxy_hosts"]
"proxy_hosts.view"
]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the Proxy Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1
@@ -30,15 +27,13 @@
"examples": { "examples": {
"default": { "default": {
"value": { "value": {
"id": 3, "id": 1,
"created_on": "2025-10-30T01:12:05.000Z", "created_on": "2024-10-08T23:23:03.000Z",
"modified_on": "2025-10-30T01:12:05.000Z", "modified_on": "2024-10-08T23:26:38.000Z",
"owner_user_id": 1, "owner_user_id": 1,
"domain_names": [ "domain_names": ["test.example.com"],
"test.example.com" "forward_host": "192.168.0.10",
], "forward_port": 8989,
"forward_host": "127.0.0.1",
"forward_port": 8080,
"access_list_id": 0, "access_list_id": 0,
"certificate_id": 0, "certificate_id": 0,
"ssl_forced": false, "ssl_forced": false,
@@ -53,22 +48,9 @@
"http2_support": false, "http2_support": false,
"forward_scheme": "http", "forward_scheme": "http",
"enabled": true, "enabled": true,
"locations": [], "locations": null,
"hsts_enabled": false, "hsts_enabled": false,
"hsts_subdomains": false, "hsts_subdomains": false
"owner": {
"id": 1,
"created_on": "2025-10-28T00:50:24.000Z",
"modified_on": "2025-10-28T00:50:24.000Z",
"is_disabled": false,
"email": "jc@jc21.com",
"name": "jamiec",
"nickname": "jamiec",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm",
"roles": [
"admin"
]
}
} }
} }
}, },

39
backend/schema/paths/nginx/proxy-hosts/hostID/put.json
View File

@@ -1,19 +1,16 @@
{ {
"operationId": "updateProxyHost", "operationId": "updateProxyHost",
"summary": "Update a Proxy Host", "summary": "Update a Proxy Host",
"tags": ["proxy-hosts"], "tags": ["Proxy Hosts"],
"security": [ "security": [
{ {
"bearerAuth": [ "BearerAuth": ["proxy_hosts"]
"proxy_hosts.manage"
]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the Proxy Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1
@@ -96,15 +93,13 @@
"examples": { "examples": {
"default": { "default": {
"value": { "value": {
"id": 3, "id": 1,
"created_on": "2025-10-30T01:12:05.000Z", "created_on": "2024-10-08T23:23:03.000Z",
"modified_on": "2025-10-30T01:17:06.000Z", "modified_on": "2024-10-08T23:26:37.000Z",
"owner_user_id": 1, "owner_user_id": 1,
"domain_names": [ "domain_names": ["test.example.com"],
"test.example.com" "forward_host": "192.168.0.10",
], "forward_port": 8989,
"forward_host": "127.0.0.1",
"forward_port": 8080,
"access_list_id": 0, "access_list_id": 0,
"certificate_id": 0, "certificate_id": 0,
"ssl_forced": false, "ssl_forced": false,
@@ -119,21 +114,19 @@
"http2_support": false, "http2_support": false,
"forward_scheme": "http", "forward_scheme": "http",
"enabled": true, "enabled": true,
"locations": [],
"hsts_enabled": false, "hsts_enabled": false,
"hsts_subdomains": false, "hsts_subdomains": false,
"owner": { "owner": {
"id": 1, "id": 1,
"created_on": "2025-10-28T00:50:24.000Z", "created_on": "2024-10-07T22:43:55.000Z",
"modified_on": "2025-10-28T00:50:24.000Z", "modified_on": "2024-10-08T12:52:54.000Z",
"is_deleted": false,
"is_disabled": false, "is_disabled": false,
"email": "jc@jc21.com", "email": "admin@example.com",
"name": "jamiec", "name": "Administrator",
"nickname": "jamiec", "nickname": "some guy",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", "avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm",
"roles": [ "roles": ["admin"]
"admin"
]
}, },
"certificate": null, "certificate": null,
"access_list": null "access_list": null

51
backend/schema/paths/nginx/proxy-hosts/post.json
View File

@@ -1,12 +1,10 @@
{ {
"operationId": "createProxyHost", "operationId": "createProxyHost",
"summary": "Create a Proxy Host", "summary": "Create a Proxy Host",
"tags": ["proxy-hosts"], "tags": ["Proxy Hosts"],
"security": [ "security": [
{ {
"bearerAuth": [ "BearerAuth": ["proxy_hosts"]
"proxy_hosts.manage"
]
} }
], ],
"requestBody": { "requestBody": {
@@ -17,12 +15,7 @@
"schema": { "schema": {
"type": "object", "type": "object",
"additionalProperties": false, "additionalProperties": false,
"required": [ "required": ["domain_names", "forward_scheme", "forward_host", "forward_port"],
"domain_names",
"forward_scheme",
"forward_host",
"forward_port"
],
"properties": { "properties": {
"domain_names": { "domain_names": {
"$ref": "../../../components/proxy-host-object.json#/properties/domain_names" "$ref": "../../../components/proxy-host-object.json#/properties/domain_names"
@@ -76,14 +69,6 @@
"$ref": "../../../components/proxy-host-object.json#/properties/locations" "$ref": "../../../components/proxy-host-object.json#/properties/locations"
} }
} }
},
"example": {
"domain_names": [
"test.example.com"
],
"forward_scheme": "http",
"forward_host": "127.0.0.1",
"forward_port": 8080
} }
} }
} }
@@ -96,15 +81,13 @@
"examples": { "examples": {
"default": { "default": {
"value": { "value": {
"id": 3, "id": 1,
"created_on": "2025-10-30T01:12:05.000Z", "created_on": "2024-10-08T23:23:03.000Z",
"modified_on": "2025-10-30T01:12:05.000Z", "modified_on": "2024-10-08T23:23:03.000Z",
"owner_user_id": 1, "owner_user_id": 1,
"domain_names": [ "domain_names": ["test.example.com"],
"test.example.com"
],
"forward_host": "127.0.0.1", "forward_host": "127.0.0.1",
"forward_port": 8080, "forward_port": 8989,
"access_list_id": 0, "access_list_id": 0,
"certificate_id": 0, "certificate_id": 0,
"ssl_forced": false, "ssl_forced": false,
@@ -116,22 +99,20 @@
"http2_support": false, "http2_support": false,
"forward_scheme": "http", "forward_scheme": "http",
"enabled": true, "enabled": true,
"locations": [],
"hsts_enabled": false, "hsts_enabled": false,
"hsts_subdomains": false, "hsts_subdomains": false,
"certificate": null, "certificate": null,
"owner": { "owner": {
"id": 1, "id": 1,
"created_on": "2025-10-28T00:50:24.000Z", "created_on": "2024-10-07T22:43:55.000Z",
"modified_on": "2025-10-28T00:50:24.000Z", "modified_on": "2024-10-08T12:52:54.000Z",
"is_deleted": false,
"is_disabled": false, "is_disabled": false,
"email": "jc@jc21.com", "email": "admin@example.com",
"name": "jamiec", "name": "Administrator",
"nickname": "jamiec", "nickname": "some guy",
"avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", "avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm",
"roles": [ "roles": ["admin"]
"admin"
]
}, },
"access_list": null "access_list": null
} }

4
backend/schema/paths/nginx/redirection-hosts/get.json
View File

@@ -1,10 +1,10 @@
{ {
"operationId": "getRedirectionHosts", "operationId": "getRedirectionHosts",
"summary": "Get all Redirection hosts", "summary": "Get all Redirection hosts",
"tags": ["redirection-hosts"], "tags": ["Redirection Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["redirection_hosts.view"] "BearerAuth": ["redirection_hosts"]
} }
], ],
"parameters": [ "parameters": [

5
backend/schema/paths/nginx/redirection-hosts/hostID/delete.json
View File

@@ -1,17 +1,16 @@
{ {
"operationId": "deleteRedirectionHost", "operationId": "deleteRedirectionHost",
"summary": "Delete a Redirection Host", "summary": "Delete a Redirection Host",
"tags": ["redirection-hosts"], "tags": ["Redirection Hosts"],
"security": [ "security": [
{ {
"bearerAuth": ["redirection_hosts.manage"] "BearerAuth": ["redirection_hosts"]
} }
], ],
"parameters": [ "parameters": [
{ {
"in": "path", "in": "path",
"name": "hostID", "name": "hostID",
"description": "The ID of the Redirection Host",
"schema": { "schema": {
"type": "integer", "type": "integer",
"minimum": 1 "minimum": 1

Some files were not shown because too many files have changed in this diff Show More