Bump rollup from 4.24.0 to 4.59.0 in /docs

Bumps [rollup](https://github.com/rollup/rollup) from 4.24.0 to 4.59.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.24.0...v4.59.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

.version

@@ -1 +1 @@
-2.13.7
+2.14.0

README.md

@@ -1,7 +1,7 @@
 <p align="center">
 	<img src="https://nginxproxymanager.com/github.png">
 	<br><br>
-	<img src="https://img.shields.io/badge/version-2.13.7-green.svg?style=for-the-badge">
+	<img src="https://img.shields.io/badge/version-2.14.0-green.svg?style=for-the-badge">
 	<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
 		<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
 	</a>
@@ -36,6 +36,10 @@ so that the barrier for entry here is low.
 - Advanced Nginx configuration available for super users
 - User management, permissions and audit log
 
+::: warning
+`armv7` is no longer supported in version 2.14+. This is due to Nodejs dropping support for armhf. Please
+use the `2.13.7` image tag if this applies to you.
+:::
 
 ## Hosting your home network
 
@@ -43,16 +47,15 @@ I won't go in to too much detail here but here are the basics for someone new to
 
 1. Your home router will have a Port Forwarding section somewhere. Log in and find it
 2. Add port forwarding for port 80 and 443 to the server hosting this project
-3. Configure your domain name details to point to your home, either with a static ip or a service like DuckDNS or [Amazon Route53](https://github.com/jc21/route53-ddns)
+3. Configure your domain name details to point to your home, either with a static ip or a service like
+   - DuckDNS
+   - [Amazon Route53](https://github.com/jc21/route53-ddns)
+   - [Cloudflare](https://github.com/jc21/cloudflare-ddns)
 4. Use the Nginx Proxy Manager as your gateway to forward to your other web based services
 
 ## Quick Setup
 
-1. Install Docker and Docker-Compose
-
-- [Docker Install documentation](https://docs.docker.com/install/)
-- [Docker-Compose Install documentation](https://docs.docker.com/compose/install/)
-
+1. [Install Docker](https://docs.docker.com/install/)
 2. Create a docker-compose.yml file similar to this:
 
 ```yml

backend/biome.json

@@ -1,5 +1,5 @@
 {
-    "$schema": "https://biomejs.dev/schemas/2.3.14/schema.json",
+    "$schema": "https://biomejs.dev/schemas/2.4.3/schema.json",
     "vcs": {
         "enabled": true,
         "clientKind": "git",

backend/certbot/dns-plugins.json

@@ -23,6 +23,14 @@
 		"credentials": "dns_aliyun_access_key = 12345678\ndns_aliyun_access_key_secret = 1234567890abcdef1234567890abcdef",
 		"full_plugin_name": "dns-aliyun"
 	},
+	"arvan": {
+        "name": "ArvanCloud",
+        "package_name": "certbot-dns-arvan",
+        "version": ">=0.1.0",
+        "dependencies": "",
+        "credentials": "dns_arvan_key = Apikey xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
+        "full_plugin_name": "dns-arvan"
+    },
 	"azure": {
 		"name": "Azure",
 		"package_name": "certbot-dns-azure",

backend/config/sqlite-test-db.json

@@ -2,7 +2,7 @@
   "database": {
       "engine": "knex-native",
       "knex": {
-        "client": "sqlite3",
+        "client": "better-sqlite3",
         "connection": {
           "filename": "/app/config/mydb.sqlite"
         },

backend/internal/2fa.js

@@ -161,9 +161,12 @@ const internal2fa = {
 		}
 
 		const result = await verify({
-			token: code,
-			secret: auth.meta.totp_secret,
-		});
+            token: code,
+            secret: auth.meta.totp_secret,
+            guardrails: createGuardrails({
+                MIN_SECRET_BYTES: 10,
+            }),
+        });
 
 		if (!result.valid) {
 			throw new errs.AuthError("Invalid verification code");

backend/internal/certificate.js

@@ -630,7 +630,7 @@ const internalCertificate = {
 	 * @param {String}  privateKey    This is the entire key contents as a string
 	 */
 	checkPrivateKey: async (privateKey) => {
-		const filepath = await tempWrite(privateKey, "/tmp");
+		const filepath = await tempWrite(privateKey);
 		const failTimeout = setTimeout(() => {
 			throw new error.ValidationError(
 				"Result Validation Error: Validation timed out. This could be due to the key being passphrase-protected.",
@@ -660,8 +660,8 @@ const internalCertificate = {
 	 * @param {Boolean} [throwExpired]  Throw when the certificate is out of date
 	 */
 	getCertificateInfo: async (certificate, throwExpired) => {
+		const filepath = await tempWrite(certificate);
 		try {
-			const filepath = await tempWrite(certificate, "/tmp");
 			const certData = await internalCertificate.getCertificateInfoFromFile(filepath, throwExpired);
 			fs.unlinkSync(filepath);
 			return certData;

backend/lib/config.js

@@ -2,10 +2,13 @@ import fs from "node:fs";
 import NodeRSA from "node-rsa";
 import { global as logger } from "../logger.js";
 
-const keysFile         = '/data/keys.json';
-const mysqlEngine      = 'mysql2';
-const postgresEngine   = 'pg';
-const sqliteClientName = 'better-sqlite3';
+const keysFile               = '/data/keys.json';
+const mysqlEngine            = 'mysql2';
+const postgresEngine         = 'pg';
+const sqliteClientName       = 'better-sqlite3';
+
+// Not used for new setups anymore but may exist in legacy setups
+const legacySqliteClientName = 'sqlite3';
 
 let instance = null;
 
@@ -184,7 +187,7 @@ const configGet = (key) => {
  */
 const isSqlite = () => {
 	instance === null && configure();
-	return instance.database.knex && instance.database.knex.client === sqliteClientName;
+	return instance.database.knex && [sqliteClientName, legacySqliteClientName].includes(instance.database.knex.client);
 };
 
 /**

backend/migrations/20260131163528_trust_forwarded_proto.js

@@ -0,0 +1,43 @@
+import { migrate as logger } from "../logger.js";
+
+const migrateName = "trust_forwarded_proto";
+
+/**
+ * Migrate
+ *
+ * @see http://knexjs.org/#Schema
+ *
+ * @param   {Object} knex
+ * @returns {Promise}
+ */
+const up = function (knex) {
+    logger.info(`[${migrateName}] Migrating Up...`);
+
+    return knex.schema
+        .alterTable('proxy_host', (table) => {
+            table.tinyint('trust_forwarded_proto').notNullable().defaultTo(0);
+        })
+        .then(() => {
+            logger.info(`[${migrateName}] proxy_host Table altered`);
+        });
+};
+
+/**
+ * Undo Migrate
+ *
+ * @param   {Object} knex
+ * @returns {Promise}
+ */
+const down = function (knex) {
+    logger.info(`[${migrateName}] Migrating Down...`);
+
+    return knex.schema
+        .alterTable('proxy_host', (table) => {
+            table.dropColumn('trust_forwarded_proto');
+        })
+        .then(() => {
+            logger.info(`[${migrateName}] proxy_host Table altered`);
+        });
+};
+
+export { up, down };

backend/models/proxy_host.js

@@ -21,6 +21,7 @@ const boolFields = [
 	"enabled",
 	"hsts_enabled",
 	"hsts_subdomains",
+	"trust_forwarded_proto",
 ];
 
 class ProxyHost extends Model {

backend/package.json

@@ -9,17 +9,18 @@
 	"scripts": {
 		"lint": "biome lint",
 		"prettier": "biome format --write .",
-		"validate-schema": "node validate-schema.js"
+		"validate-schema": "node validate-schema.js",
+		"regenerate-config": "node scripts/regenerate-config"
 	},
 	"dependencies": {
-		"@apidevtools/json-schema-ref-parser": "^14.1.1",
-		"ajv": "^8.17.1",
+		"@apidevtools/json-schema-ref-parser": "^15.2.2",
+		"ajv": "^8.18.0",
 		"archiver": "^7.0.1",
 		"batchflow": "^0.4.0",
 		"bcrypt": "^6.0.0",
 		"better-sqlite3": "^12.6.2",
 		"body-parser": "^2.2.2",
-		"compression": "^1.7.4",
+		"compression": "^1.8.1",
 		"express": "^5.2.1",
 		"express-fileupload": "^1.5.2",
 		"gravatar": "^1.8.2",
@@ -28,22 +29,22 @@
 		"liquidjs": "10.24.0",
 		"lodash": "^4.17.23",
 		"moment": "^2.30.1",
-		"mysql2": "^3.16.3",
+		"mysql2": "^3.17.5",
 		"node-rsa": "^1.1.1",
 		"objection": "3.1.5",
-		"otplib": "^13.2.1",
+		"otplib": "^13.3.0",
 		"path": "^0.12.7",
 		"pg": "^8.18.0",
 		"proxy-agent": "^6.5.0",
 		"signale": "1.4.0",
 		"sqlite3": "^5.1.7",
-		"temp-write": "^4.0.0"
+		"temp-write": "^6.0.1"
 	},
 	"devDependencies": {
 		"@apidevtools/swagger-parser": "^12.1.0",
-		"@biomejs/biome": "^2.3.14",
+		"@biomejs/biome": "^2.4.3",
 		"chalk": "5.6.2",
-		"nodemon": "^3.1.11"
+		"nodemon": "^3.1.14"
 	},
 	"signale": {
 		"displayDate": true,

backend/schema/components/proxy-host-object.json

@@ -22,7 +22,8 @@
 		"enabled",
 		"locations",
 		"hsts_enabled",
-		"hsts_subdomains"
+		"hsts_subdomains",
+		"trust_forwarded_proto"
 	],
 	"properties": {
 		"id": {
@@ -141,6 +142,11 @@
 		"hsts_subdomains": {
 			"$ref": "../common.json#/properties/hsts_subdomains"
 		},
+		"trust_forwarded_proto":{
+			"type": "boolean",
+			"description": "Trust the forwarded headers",
+			"example": false
+		},
 		"certificate": {
 			"oneOf": [
 				{

backend/schema/paths/nginx/proxy-hosts/get.json

@@ -58,7 +58,8 @@
 									"enabled": true,
 									"locations": [],
 									"hsts_enabled": false,
-									"hsts_subdomains": false
+									"hsts_subdomains": false,
+									"trust_forwarded_proto": false
 								}
 							]
 						}

backend/schema/paths/nginx/proxy-hosts/hostID/get.json

@@ -56,6 +56,7 @@
 								"locations": [],
 								"hsts_enabled": false,
 								"hsts_subdomains": false,
+								"trust_forwarded_proto": false,
 								"owner": {
 									"id": 1,
 									"created_on": "2025-10-28T00:50:24.000Z",

backend/schema/paths/nginx/proxy-hosts/hostID/put.json

@@ -56,6 +56,9 @@
 						"hsts_subdomains": {
 							"$ref": "../../../../components/proxy-host-object.json#/properties/hsts_subdomains"
 						},
+						"trust_forwarded_proto": {
+    						"$ref": "../../../../components/proxy-host-object.json#/properties/trust_forwarded_proto"
+						},
 						"http2_support": {
 							"$ref": "../../../../components/proxy-host-object.json#/properties/http2_support"
 						},
@@ -122,6 +125,7 @@
 								"locations": [],
 								"hsts_enabled": false,
 								"hsts_subdomains": false,
+								"trust_forwarded_proto": false,
 								"owner": {
 									"id": 1,
 									"created_on": "2025-10-28T00:50:24.000Z",

backend/schema/paths/nginx/proxy-hosts/post.json

@@ -48,6 +48,9 @@
 						"hsts_subdomains": {
 							"$ref": "../../../components/proxy-host-object.json#/properties/hsts_subdomains"
 						},
+						"trust_forwarded_proto": {
+    						"$ref": "../../../components/proxy-host-object.json#/properties/trust_forwarded_proto"
+						},
 						"http2_support": {
 							"$ref": "../../../components/proxy-host-object.json#/properties/http2_support"
 						},
@@ -119,6 +122,7 @@
 								"locations": [],
 								"hsts_enabled": false,
 								"hsts_subdomains": false,
+								"trust_forwarded_proto": false,
 								"certificate": null,
 								"owner": {
 									"id": 1,

backend/scripts/regenerate-config

@@ -0,0 +1,104 @@
+#!/usr/bin/env node
+
+import * as process from "node:process"; // Use the node: protocol for built-ins
+import internalNginx from "../internal/nginx.js";
+import { castJsonIfNeed } from "../lib/helpers.js";
+import { global as logger } from "../logger.js";
+import deadHostModel from "../models/dead_host.js";
+import proxyHostModel from "../models/proxy_host.js";
+import redirectionHostModel from "../models/redirection_host.js";
+import streamModel from "../models/stream.js";
+
+const args = process.argv.slice(2);
+const UNATTENDED = args.includes("-y") || args.includes("--yes");
+if (args.includes("--help")) {
+	console.log("Usage: ./regenerate-config [--help] [-y|--yes]");
+}
+
+// ask for the user to confirm the action if not in unattended mode
+if (!UNATTENDED) {
+	const readline = await import("node:readline");
+	const rl = readline.createInterface({
+		input: process.stdin,
+		output: process.stdout,
+	});
+
+	const question = (query) =>
+		new Promise((resolve) => rl.question(query, resolve));
+
+	const answer = await question(
+		"This will iterate over all Hosts and regnerate their Nginx configs.\n\nAre you sure you want to proceed? (y/N) ",
+	);
+	rl.close();
+
+	if (answer.toLowerCase() !== "y") {
+		console.log("Aborting.");
+		process.exit(0);
+	}
+}
+
+// Let's do it.
+
+// Proxy hosts
+const proxyRows = await proxyHostModel
+	.query()
+	.where("is_deleted", 0)
+	.andWhere("enabled", 1)
+	.groupBy("id")
+	.allowGraph("[owner,access_list,certificate]")
+	.orderBy(castJsonIfNeed("domain_names"), "ASC");
+
+for (const row of proxyRows) {
+	logger.info(
+		`Regenerating config for Proxy Host #${row.id}: ${row.domain_names.join(", ")}`,
+	);
+	await internalNginx.configure(proxyHostModel, "proxy_host", row);
+}
+
+// Redirection hosts
+const redirectionRows = await redirectionHostModel
+	.query()
+	.where("is_deleted", 0)
+	.andWhere("enabled", 1)
+	.groupBy("id")
+	.allowGraph("[owner,access_list,certificate]")
+	.orderBy(castJsonIfNeed("domain_names"), "ASC");
+
+for (const row of redirectionRows) {
+	logger.info(
+		`Regenerating config for Redirection Host #${row.id}: ${row.domain_names.join(", ")}`,
+	);
+	await internalNginx.configure(redirectionHostModel, "redirection_host", row);
+}
+
+// 404 hosts
+const deadRows = await deadHostModel
+	.query()
+	.where("is_deleted", 0)
+	.andWhere("enabled", 1)
+	.groupBy("id")
+	.allowGraph("[owner,access_list,certificate]")
+	.orderBy(castJsonIfNeed("domain_names"), "ASC");
+
+for (const row of deadRows) {
+	logger.info(
+		`Regenerating config for 404 Host #${row.id}: ${row.domain_names.join(", ")}`,
+	);
+	await internalNginx.configure(deadHostModel, "dead_host", row);
+}
+
+// Streams
+const streamRows = await streamModel
+	.query()
+	.where("is_deleted", 0)
+	.andWhere("enabled", 1)
+	.groupBy("id")
+	.allowGraph("[owner,access_list,certificate]");
+
+for (const row of streamRows) {
+	logger.info(`Regenerating config for Stream #${row.id}: ${row.incoming_port} -> ${row.forwarding_host}:${row.forwarding_port}`);
+	await internalNginx.configure(deadHostModel, "stream", row);
+}
+
+logger.success("Completed");
+process.exit(0);

backend/templates/_forced_ssl.conf

@@ -1,6 +1,11 @@
 {% if certificate and certificate_id > 0 -%}
 {% if ssl_forced == 1 or ssl_forced == true %}
     # Force SSL
+    {% if trust_forwarded_proto == true %}
+    set $trust_forwarded_proto "T";
+    {% else %}
+    set $trust_forwarded_proto "F";
+    {% endif %}
     include conf.d/include/force-ssl.conf;
 {% endif %}
 {% endif %}

backend/yarn.lock

@@ -10,13 +10,12 @@
     "@types/json-schema" "^7.0.15"
     js-yaml "^4.1.0"
 
-"@apidevtools/json-schema-ref-parser@^14.1.1":
-  version "14.1.1"
-  resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-14.1.1.tgz#0bae59809b7848c7a89dc6bb2f3bb980b7c290b1"
-  integrity sha512-uGF1YGOzzD50L7HLNWclXmsEhQflw8/zZHIz0/AzkJrKL5r9PceUipZxR/cp/8veTk4TVfdDJLyIwXLjaP5ePg==
+"@apidevtools/json-schema-ref-parser@^15.2.2":
+  version "15.2.2"
+  resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-15.2.2.tgz#2eb1efe8534c17125901c172e49485c7179835ce"
+  integrity sha512-54fvjSwWiBTdVviiUItOCeyxtPSBmCrSEjlOl8XFEDuYD3lXY1lOBWKim/WJ3i1EYzdGx6rSOjK5KRDMppLI4Q==
   dependencies:
-    "@types/json-schema" "^7.0.15"
-    js-yaml "^4.1.0"
+    js-yaml "^4.1.1"
 
 "@apidevtools/openapi-schemas@^2.1.0":
   version "2.1.0"
@@ -40,59 +39,59 @@
     ajv-draft-04 "^1.0.0"
     call-me-maybe "^1.0.2"
 
-"@biomejs/biome@^2.3.14":
-  version "2.3.14"
-  resolved "https://registry.yarnpkg.com/@biomejs/biome/-/biome-2.3.14.tgz#b879cd5e0495334d4db7c49d6f3cc95b67d2909c"
-  integrity sha512-QMT6QviX0WqXJCaiqVMiBUCr5WRQ1iFSjvOLoTk6auKukJMvnMzWucXpwZB0e8F00/1/BsS9DzcKgWH+CLqVuA==
+"@biomejs/biome@^2.4.3":
+  version "2.4.3"
+  resolved "https://registry.yarnpkg.com/@biomejs/biome/-/biome-2.4.3.tgz#eb7a48f1763fe333949665b3ff7814267eda000f"
+  integrity sha512-cBrjf6PNF6yfL8+kcNl85AjiK2YHNsbU0EvDOwiZjBPbMbQ5QcgVGFpjD0O52p8nec5O8NYw7PKw3xUR7fPAkQ==
   optionalDependencies:
-    "@biomejs/cli-darwin-arm64" "2.3.14"
-    "@biomejs/cli-darwin-x64" "2.3.14"
-    "@biomejs/cli-linux-arm64" "2.3.14"
-    "@biomejs/cli-linux-arm64-musl" "2.3.14"
-    "@biomejs/cli-linux-x64" "2.3.14"
-    "@biomejs/cli-linux-x64-musl" "2.3.14"
-    "@biomejs/cli-win32-arm64" "2.3.14"
-    "@biomejs/cli-win32-x64" "2.3.14"
+    "@biomejs/cli-darwin-arm64" "2.4.3"
+    "@biomejs/cli-darwin-x64" "2.4.3"
+    "@biomejs/cli-linux-arm64" "2.4.3"
+    "@biomejs/cli-linux-arm64-musl" "2.4.3"
+    "@biomejs/cli-linux-x64" "2.4.3"
+    "@biomejs/cli-linux-x64-musl" "2.4.3"
+    "@biomejs/cli-win32-arm64" "2.4.3"
+    "@biomejs/cli-win32-x64" "2.4.3"
 
-"@biomejs/cli-darwin-arm64@2.3.14":
-  version "2.3.14"
-  resolved "https://registry.yarnpkg.com/@biomejs/cli-darwin-arm64/-/cli-darwin-arm64-2.3.14.tgz#da942618e1dc2d19322bc11d5dacfe7d7616a502"
-  integrity sha512-UJGPpvWJMkLxSRtpCAKfKh41Q4JJXisvxZL8ChN1eNW3m/WlPFJ6EFDCE7YfUb4XS8ZFi3C1dFpxUJ0Ety5n+A==
+"@biomejs/cli-darwin-arm64@2.4.3":
+  version "2.4.3"
+  resolved "https://registry.yarnpkg.com/@biomejs/cli-darwin-arm64/-/cli-darwin-arm64-2.4.3.tgz#ca188065f29940de1bb0029df2fd639719c92750"
+  integrity sha512-eOafSFlI/CF4id2tlwq9CVHgeEqvTL5SrhWff6ZORp6S3NL65zdsR3ugybItkgF8Pf4D9GSgtbB6sE3UNgOM9w==
 
-"@biomejs/cli-darwin-x64@2.3.14":
-  version "2.3.14"
-  resolved "https://registry.yarnpkg.com/@biomejs/cli-darwin-x64/-/cli-darwin-x64-2.3.14.tgz#3ad06cce8ef6d2b935582011bd0cc3ca98a9554d"
-  integrity sha512-PNkLNQG6RLo8lG7QoWe/hhnMxJIt1tEimoXpGQjwS/dkdNiKBLPv4RpeQl8o3s1OKI3ZOR5XPiYtmbGGHAOnLA==
+"@biomejs/cli-darwin-x64@2.4.3":
+  version "2.4.3"
+  resolved "https://registry.yarnpkg.com/@biomejs/cli-darwin-x64/-/cli-darwin-x64-2.4.3.tgz#418c55c0bfd1f5d4d22c48cddf8bbd78b02e7fd7"
+  integrity sha512-V2+av4ilbWcBMNufTtMMXVW00nPwyIjI5qf7n9wSvUaZ+tt0EvMGk46g9sAFDJBEDOzSyoRXiSP6pCvKTOEbPA==
 
-"@biomejs/cli-linux-arm64-musl@2.3.14":
-  version "2.3.14"
-  resolved "https://registry.yarnpkg.com/@biomejs/cli-linux-arm64-musl/-/cli-linux-arm64-musl-2.3.14.tgz#e92681273dc59ac57b75b72f1b64a67543e50f8c"
-  integrity sha512-LInRbXhYujtL3sH2TMCH/UBwJZsoGwfQjBrMfl84CD4hL/41C/EU5mldqf1yoFpsI0iPWuU83U+nB2TUUypWeg==
+"@biomejs/cli-linux-arm64-musl@2.4.3":
+  version "2.4.3"
+  resolved "https://registry.yarnpkg.com/@biomejs/cli-linux-arm64-musl/-/cli-linux-arm64-musl-2.4.3.tgz#58da6a862764cc6c02c27a2d737a4f187a446bcd"
+  integrity sha512-QuFzvsGo8BA4Xm7jGX5idkw6BqFblcCPySMTvq0AhGYnhUej5VJIDJbmTKfHqwjHepZiC4fA+T5i6wmiZolZNw==
 
-"@biomejs/cli-linux-arm64@2.3.14":
-  version "2.3.14"
-  resolved "https://registry.yarnpkg.com/@biomejs/cli-linux-arm64/-/cli-linux-arm64-2.3.14.tgz#bab43ee0a88ba15a6d59ec648a4b415d68d6eeb7"
-  integrity sha512-KT67FKfzIw6DNnUNdYlBg+eU24Go3n75GWK6NwU4+yJmDYFe9i/MjiI+U/iEzKvo0g7G7MZqoyrhIYuND2w8QQ==
+"@biomejs/cli-linux-arm64@2.4.3":
+  version "2.4.3"
+  resolved "https://registry.yarnpkg.com/@biomejs/cli-linux-arm64/-/cli-linux-arm64-2.4.3.tgz#7642518e76df8fc2dcd0675042e85e58c03f6a74"
+  integrity sha512-0m+O0x9FgK99FAwDK+fiDtjs2wnqq7bvfj17KJVeCkTwT/liI+Q9njJG7lwXK0iSJVXeFNRIxukpVI3SifMYAA==
 
-"@biomejs/cli-linux-x64-musl@2.3.14":
-  version "2.3.14"
-  resolved "https://registry.yarnpkg.com/@biomejs/cli-linux-x64-musl/-/cli-linux-x64-musl-2.3.14.tgz#ee90f7110dafdedf4644e0a27ac242975dcd88d3"
-  integrity sha512-KQU7EkbBBuHPW3/rAcoiVmhlPtDSGOGRPv9js7qJVpYTzjQmVR+C9Rfcz+ti8YCH+zT1J52tuBybtP4IodjxZQ==
+"@biomejs/cli-linux-x64-musl@2.4.3":
+  version "2.4.3"
+  resolved "https://registry.yarnpkg.com/@biomejs/cli-linux-x64-musl/-/cli-linux-x64-musl-2.4.3.tgz#2a2fe720f636fc3894debf23925e9fe1c06da079"
+  integrity sha512-qEc0OCpj/uytruQ4wLM0yWNJLZy0Up8H1Er5MW3SrstqM6J2d4XqdNA86xzCy8MQCHpoVZ3lFye3GBlIL4/ljw==
 
-"@biomejs/cli-linux-x64@2.3.14":
-  version "2.3.14"
-  resolved "https://registry.yarnpkg.com/@biomejs/cli-linux-x64/-/cli-linux-x64-2.3.14.tgz#d152e61c6dc847836ebc741fb70fe305414aa7fe"
-  integrity sha512-ZsZzQsl9U+wxFrGGS4f6UxREUlgHwmEfu1IrXlgNFrNnd5Th6lIJr8KmSzu/+meSa9f4rzFrbEW9LBBA6ScoMA==
+"@biomejs/cli-linux-x64@2.4.3":
+  version "2.4.3"
+  resolved "https://registry.yarnpkg.com/@biomejs/cli-linux-x64/-/cli-linux-x64-2.4.3.tgz#dad0a81804ed2043e9ea3e4b29b3bb352c4eb26a"
+  integrity sha512-NVqh0saIU0u5OfOp/0jFdlKRE59+XyMvWmtx0f6Nm/2OpdxBl04coRIftBbY9d1gfu+23JVv4CItAqPYrjYh5w==
 
-"@biomejs/cli-win32-arm64@2.3.14":
-  version "2.3.14"
-  resolved "https://registry.yarnpkg.com/@biomejs/cli-win32-arm64/-/cli-win32-arm64-2.3.14.tgz#2c59e84f3d172bada2a1df94d6cf7e511c244a4e"
-  integrity sha512-+IKYkj/pUBbnRf1G1+RlyA3LWiDgra1xpS7H2g4BuOzzRbRB+hmlw0yFsLprHhbbt7jUzbzAbAjK/Pn0FDnh1A==
+"@biomejs/cli-win32-arm64@2.4.3":
+  version "2.4.3"
+  resolved "https://registry.yarnpkg.com/@biomejs/cli-win32-arm64/-/cli-win32-arm64-2.4.3.tgz#1da3559be0924e891f9b986c8c0db7d503a34a11"
+  integrity sha512-gRO96vrIARilv/Cp2ZnmNNL5LSZg3RO75GPp13hsLO3N4YVpE7saaMDp2bcyV48y2N2Pbit1brkGVGta0yd6VQ==
 
-"@biomejs/cli-win32-x64@2.3.14":
-  version "2.3.14"
-  resolved "https://registry.yarnpkg.com/@biomejs/cli-win32-x64/-/cli-win32-x64-2.3.14.tgz#44405162f255fe153a5ff99379510c058bf7a1e8"
-  integrity sha512-oizCjdyQ3WJEswpb3Chdngeat56rIdSYK12JI3iI11Mt5T5EXcZ7WLuowzEaFPNJ3zmOQFliMN8QY1Pi+qsfdQ==
+"@biomejs/cli-win32-x64@2.4.3":
+  version "2.4.3"
+  resolved "https://registry.yarnpkg.com/@biomejs/cli-win32-x64/-/cli-win32-x64-2.4.3.tgz#58ddb4e205b274d693940f3d334debd6f4c94ff4"
+  integrity sha512-vSm/vOJe06pf14aGHfHl3Ar91Nlx4YYmohElDJ+17UbRwe99n987S/MhAlQOkONqf1utJor04ChkCPmKb8SWdw==
 
 "@gar/promisify@^1.0.1":
   version "1.1.3"
@@ -132,50 +131,50 @@
     mkdirp "^1.0.4"
     rimraf "^3.0.2"
 
-"@otplib/core@13.2.1":
-  version "13.2.1"
-  resolved "https://registry.yarnpkg.com/@otplib/core/-/core-13.2.1.tgz#83449322a390b6b4c045b2e799cbd1f7718f1f64"
-  integrity sha512-IyfHvYNCyipDxhmJdcUUvUeT3Hz84/GgM6G2G6BTEmnAKPzNA7U0kYGkxKZWY9h23W94RJk4qiClJRJN5zKGvg==
+"@otplib/core@13.3.0":
+  version "13.3.0"
+  resolved "https://registry.yarnpkg.com/@otplib/core/-/core-13.3.0.tgz#7f037af6cc5907c2cff9cf6092952088a0ce5a6e"
+  integrity sha512-pnQDOuCmFVeF/XnboJq9TOJgLoo2idNPJKMymOF8vGqJJ+ReKRYM9bUGjNPRWC0tHjMwu1TXbnzyBp494JgRag==
 
-"@otplib/hotp@13.2.1":
-  version "13.2.1"
-  resolved "https://registry.yarnpkg.com/@otplib/hotp/-/hotp-13.2.1.tgz#6149c877e5a51fd1c527ada535fe75ca4f525eee"
-  integrity sha512-iRKqvj0TnemtXXtEswzBX50Z0yMNa0lH9PSdr5N4CJc1mDEuUmFFZQqnu3PfA3fPd3WeAU+mHgmK/xq18+K1QA==
+"@otplib/hotp@13.3.0":
+  version "13.3.0"
+  resolved "https://registry.yarnpkg.com/@otplib/hotp/-/hotp-13.3.0.tgz#135e45c6350ae60bbc1170a1801a6100e49794b8"
+  integrity sha512-XJMZGz2bg4QJwK7ulvl1GUI2VMn/flaIk/E/BTKAejHsX2kUtPF1bRhlZ2+elq8uU5Fs9Z9FHcQK2CPZNQbbUQ==
   dependencies:
-    "@otplib/core" "13.2.1"
-    "@otplib/uri" "13.2.1"
+    "@otplib/core" "13.3.0"
+    "@otplib/uri" "13.3.0"
 
-"@otplib/plugin-base32-scure@13.2.1":
-  version "13.2.1"
-  resolved "https://registry.yarnpkg.com/@otplib/plugin-base32-scure/-/plugin-base32-scure-13.2.1.tgz#2e7b1849311bfafd630fa87ce2812b7c3c718675"
-  integrity sha512-vnA2qqgJ/FbFbDNGOLAS8dKfCsJFXwFsZKYklE8yl2INkCOUR0vbVdJ2TVmufzC8R1RRZHW+cDR20ACgc9XFYg==
+"@otplib/plugin-base32-scure@13.3.0":
+  version "13.3.0"
+  resolved "https://registry.yarnpkg.com/@otplib/plugin-base32-scure/-/plugin-base32-scure-13.3.0.tgz#3362fc5dd568e9cecac913fd0fa169148c469142"
+  integrity sha512-/jYbL5S6GB0Ie3XGEWtLIr9s5ZICl/BfmNL7+8/W7usZaUU4GiyLd2S+JGsNCslPyqNekSudD864nDAvRI0s8w==
   dependencies:
-    "@otplib/core" "13.2.1"
+    "@otplib/core" "13.3.0"
     "@scure/base" "^2.0.0"
 
-"@otplib/plugin-crypto-noble@13.2.1":
-  version "13.2.1"
-  resolved "https://registry.yarnpkg.com/@otplib/plugin-crypto-noble/-/plugin-crypto-noble-13.2.1.tgz#11f6325f4593f57360af2268313b94003b225807"
-  integrity sha512-Dxjmt4L+5eDWJf5EvbcMp+fxcliyKoB9N9sNQq/vuVAUvq+KiqpiiCQZ/wHyrN0ArB0NdevtK1KByyAq080ldg==
+"@otplib/plugin-crypto-noble@13.3.0":
+  version "13.3.0"
+  resolved "https://registry.yarnpkg.com/@otplib/plugin-crypto-noble/-/plugin-crypto-noble-13.3.0.tgz#edfd6c8c54730cfdfc52c6a3fcd797e204fdd0e2"
+  integrity sha512-wmV+jBVncepgwv99G7Plrdzd0tHfbpXk2U+OD7MO7DzpDqOYEgOPi+IIneksJSTL8QvWdfi+uQEuhnER4fKouA==
   dependencies:
     "@noble/hashes" "^2.0.1"
-    "@otplib/core" "13.2.1"
+    "@otplib/core" "13.3.0"
 
-"@otplib/totp@13.2.1":
-  version "13.2.1"
-  resolved "https://registry.yarnpkg.com/@otplib/totp/-/totp-13.2.1.tgz#2c8f8a8d87cf6e440d9050d363dfd24bc25179d6"
-  integrity sha512-LzDzAAK3w8rspF3urBnWjOlxso1SCGxX9Pnu/iy+HkC0y0HgiLsW7jhkr2hJ3u4cyBdL/tOKUhhELwsjyvunwQ==
+"@otplib/totp@13.3.0":
+  version "13.3.0"
+  resolved "https://registry.yarnpkg.com/@otplib/totp/-/totp-13.3.0.tgz#1d1f61cfd1acd773e1051e6b918227ae34545808"
+  integrity sha512-XfjGNoN8d9S3Ove2j7AwkVV7+QDFsV7Lm7YwSiezNaHffkWtJ60aJYpmf+01dARdPST71U2ptueMsRJso4sq4A==
   dependencies:
-    "@otplib/core" "13.2.1"
-    "@otplib/hotp" "13.2.1"
-    "@otplib/uri" "13.2.1"
+    "@otplib/core" "13.3.0"
+    "@otplib/hotp" "13.3.0"
+    "@otplib/uri" "13.3.0"
 
-"@otplib/uri@13.2.1":
-  version "13.2.1"
-  resolved "https://registry.yarnpkg.com/@otplib/uri/-/uri-13.2.1.tgz#50054fe922f3610e7558b0c5337353770c1f382e"
-  integrity sha512-ssYnfiUrFTs/rPRUW8h59m0MVLYOC+UKk7tVGYgtG15lLaLBrNBQjM2YFanuzn9Jm4iv9JxiNG7TRkwcnyR09A==
+"@otplib/uri@13.3.0":
+  version "13.3.0"
+  resolved "https://registry.yarnpkg.com/@otplib/uri/-/uri-13.3.0.tgz#7474d6dc0fdf8ab2d0cf2b79e2001446c4e7b6b3"
+  integrity sha512-3oh6nBXy+cm3UX9cxEAGZiDrfxHU2gfelYFV+XNCx+8dq39VaQVymwlU2yjPZiMAi/3agaUeEftf2RwM5F+Cyg==
   dependencies:
-    "@otplib/core" "13.2.1"
+    "@otplib/core" "13.3.0"
 
 "@pkgjs/parseargs@^0.11.0":
   version "0.11.0"
@@ -261,10 +260,10 @@ ajv-formats@^2.1.1:
   dependencies:
     ajv "^8.0.0"
 
-ajv@^8.0.0, ajv@^8.17.1:
-  version "8.17.1"
-  resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.17.1.tgz#37d9a5c776af6bc92d7f4f9510eba4c0a60d11a6"
-  integrity sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==
+ajv@^8.0.0, ajv@^8.17.1, ajv@^8.18.0:
+  version "8.18.0"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.18.0.tgz#8864186b6738d003eb3a933172bb3833e10cefbc"
+  integrity sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A==
   dependencies:
     fast-deep-equal "^3.1.3"
     fast-uri "^3.0.1"
@@ -377,15 +376,20 @@ aws-ssl-profiles@^1.1.2:
   integrity sha512-NZKeq9AfyQvEeNlN0zSYAaWrmBffJh3IELMZfRpJVWgrpEbtEpnjvzqBPf+mxoI287JohRDoa+/nsfqqiZmF6g==
 
 b4a@^1.6.4:
-  version "1.7.3"
-  resolved "https://registry.yarnpkg.com/b4a/-/b4a-1.7.3.tgz#24cf7ccda28f5465b66aec2bac69e32809bf112f"
-  integrity sha512-5Q2mfq2WfGuFp3uS//0s6baOJLMoVduPYVeNmDYxu5OUA1/cBfvr2RIS7vi62LdNj/urk1hfmj867I3qt6uZ7Q==
+  version "1.8.0"
+  resolved "https://registry.yarnpkg.com/b4a/-/b4a-1.8.0.tgz#1ca3ba0edc9469aaabef5647e769a83d50180b1a"
+  integrity sha512-qRuSmNSkGQaHwNbM7J78Wwy+ghLEYF1zNrSeMxj4Kgw6y33O3mXcQ6Ie9fRvfU/YnxWkOchPXbaLb73TkIsfdg==
 
 balanced-match@^1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.2.tgz#e83e3a7e3f300b34cb9d87f615fa0cbf357690ee"
   integrity sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==
 
+balanced-match@^4.0.2:
+  version "4.0.3"
+  resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-4.0.3.tgz#6337a2f23e0604a30481423432f99eac603599f9"
+  integrity sha512-1pHv8LX9CpKut1Zp4EXey7Z8OfH11ONNH6Dhi2WDUt31VVZFXZzKwXcysBgqSumFCmR+0dqjMK5v5JiFHzi0+g==
+
 bare-events@^2.7.0:
   version "2.8.2"
   resolved "https://registry.yarnpkg.com/bare-events/-/bare-events-2.8.2.tgz#7b3e10bd8e1fc80daf38bb516921678f566ab89f"
@@ -397,9 +401,9 @@ base64-js@^1.3.1:
   integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==
 
 basic-ftp@^5.0.2:
-  version "5.0.5"
-  resolved "https://registry.yarnpkg.com/basic-ftp/-/basic-ftp-5.0.5.tgz#14a474f5fffecca1f4f406f1c26b18f800225ac0"
-  integrity sha512-4Bcg1P8xhUuqcii/S0Z9wiHIrQVPMermM1any+MX5GeGD7faD3/msQUDGLol9wOcz4/jbg/WJnGqoJF6LiBdtg==
+  version "5.1.0"
+  resolved "https://registry.yarnpkg.com/basic-ftp/-/basic-ftp-5.1.0.tgz#00eb8128ce536aa697c45716c739bf38e8d890f5"
+  integrity sha512-RkaJzeJKDbaDWTIPiJwubyljaEPwpVWkm9Rt5h9Nd6h7tEXTJ3VB4qxdZBioV7JO5yLUaOKwz7vDOzlncUsegw==
 
 batchflow@^0.4.0:
   version "0.4.0"
@@ -478,6 +482,13 @@ brace-expansion@^2.0.1:
   dependencies:
     balanced-match "^1.0.0"
 
+brace-expansion@^5.0.2:
+  version "5.0.2"
+  resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-5.0.2.tgz#b6c16d0791087af6c2bc463f52a8142046c06b6f"
+  integrity sha512-Pdk8c9poy+YhOgVWw1JNN22/HcivgKWwpxKq04M/jTmHyCZn12WPJebZxdjSa5TmBqISrUSgNYU3eRORljfCCw==
+  dependencies:
+    balanced-match "^4.0.2"
+
 braces@~3.0.2:
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789"
@@ -683,7 +694,7 @@ compressible@~2.0.18:
   dependencies:
     mime-db ">= 1.43.0 < 2"
 
-compression@^1.7.4:
+compression@^1.8.1:
   version "1.8.1"
   resolved "https://registry.yarnpkg.com/compression/-/compression-1.8.1.tgz#4a45d909ac16509195a9a28bd91094889c180d79"
   integrity sha512-9mAqGPHLakhCLeNyxPkK4xVo746zQ/czLH1Ky+vkitMnWfWZps8r0qXuwhwizagCRttsL4lfG4pIOvaWLpAP0w==
@@ -826,9 +837,9 @@ depd@^2.0.0, depd@~2.0.0:
   integrity sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==
 
 detect-libc@^2.0.0:
-  version "2.0.4"
-  resolved "https://registry.yarnpkg.com/detect-libc/-/detect-libc-2.0.4.tgz#f04715b8ba815e53b4d8109655b6508a6865a7e8"
-  integrity sha512-3UDv+G9CsCKO1WKMGw9fwq/SWJYbI0c5Y7LU1AXYoDdbhE2AHQ6N6Nb34sG8Fj7T5APy8qXDCKuuIHd1BR0tVA==
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/detect-libc/-/detect-libc-2.1.2.tgz#689c5dcdc1900ef5583a4cb9f6d7b473742074ad"
+  integrity sha512-Btj2BOOO83o3WyH59e8MgXsxEQVcarkUOpEYrubB0urwnN10yQ364rsiByU11nZlqWYZm05i/of7io4mzihBtQ==
 
 dunder-proto@^1.0.1:
   version "1.0.1"
@@ -901,9 +912,9 @@ err-code@^2.0.2:
   integrity sha512-2bmlRpNKBxT/CRmPOlyISQpNj+qSeYvcym/uT0Jx2bMOlKLtSy1ZmLuVxSEKKyor/N5yhvp/ZiG1oE3DEYMSFA==
 
 error-ex@^1.3.1:
-  version "1.3.2"
-  resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.2.tgz#b4ac40648107fdcdcfae242f428bea8a14d4f1bf"
-  integrity sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==
+  version "1.3.4"
+  resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.4.tgz#b3a8d8bb6f92eecc1629e3e27d3c8607a8a32414"
+  integrity sha512-sqQamAnR14VgCr1A618A3sGrygcpK+HEbenA/HiEAkkUwcZIIB/tgWqHFxWgOyDh4nB4JCRimh79dR5Ywc9MDQ==
   dependencies:
     is-arrayish "^0.2.1"
 
@@ -1254,7 +1265,7 @@ gopd@^1.2.0:
   resolved "https://registry.yarnpkg.com/gopd/-/gopd-1.2.0.tgz#89f56b8217bdbc8802bd299df6d7f1081d7e51a1"
   integrity sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==
 
-graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.2.0, graceful-fs@^4.2.6:
+graceful-fs@^4.1.2, graceful-fs@^4.2.0, graceful-fs@^4.2.11, graceful-fs@^4.2.6:
   version "4.2.11"
   resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.11.tgz#4183e4e8bf08bb6e05bbb2f7d2e0c8f712ca40e3"
   integrity sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==
@@ -1415,9 +1426,9 @@ interpret@^2.2.0:
   integrity sha512-Ju0Bz/cEia55xDwUWEa8+olFpCiQoypjnQySseKtmjNrnps3P+xfpUmGr90T7yjlVJmOtybRvPXhKMbHr+fWnw==
 
 ip-address@^10.0.1:
-  version "10.0.1"
-  resolved "https://registry.yarnpkg.com/ip-address/-/ip-address-10.0.1.tgz#a8180b783ce7788777d796286d61bce4276818ed"
-  integrity sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==
+  version "10.1.0"
+  resolved "https://registry.yarnpkg.com/ip-address/-/ip-address-10.1.0.tgz#d8dcffb34d0e02eb241427444a6e23f5b0595aa4"
+  integrity sha512-XXADHxXmvT9+CRxhXg56LJovE+bmWnEWB78LB83VZTprKTmaC5QfruXocxzTZ2Kl0DNwKuBdlIhjL8LeY8Sf8Q==
 
 ipaddr.js@1.9.1:
   version "1.9.1"
@@ -1436,7 +1447,7 @@ is-binary-path@~2.1.0:
   dependencies:
     binary-extensions "^2.0.0"
 
-is-core-module@^2.16.0:
+is-core-module@^2.16.1:
   version "2.16.1"
   resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.16.1.tgz#2a98801a849f43e2add644fbb6bc6229b19a4ef4"
   integrity sha512-UfoeMA6fIJ8wTYFEUjelnaGI67v6+N7qXJEvQuIGa99l4xsCruSYOVSQ0uPANn4dAzm8lkYPaKLrrijLq7x23w==
@@ -1480,11 +1491,16 @@ is-property@^1.0.2:
   resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84"
   integrity sha512-Ks/IoX00TtClbGQr4TWXemAnktAQvYB7HzcCxDGqEZU6oCmb2INHuOoKxbtR+HFkmYWBKv/dOZtGRiAjDhj92g==
 
-is-stream@^2.0.0, is-stream@^2.0.1:
+is-stream@^2.0.1:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-2.0.1.tgz#fac1e3d53b97ad5a9d0ae9cef2389f5810a5c077"
   integrity sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==
 
+is-stream@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-4.0.1.tgz#375cf891e16d2e4baec250b85926cffc14720d9b"
+  integrity sha512-Dnz92NInDqYckGEUJv689RbRiTSEHCQ7wOVeALbkOz999YpqT46yMRIGtSNl2iCL1waAZSx40+h59NV/EwzV/A==
+
 isarray@~1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
@@ -1504,7 +1520,7 @@ jackspeak@^3.1.2:
   optionalDependencies:
     "@pkgjs/parseargs" "^0.11.0"
 
-js-yaml@^4.1.0:
+js-yaml@^4.1.0, js-yaml@^4.1.1:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.1.tgz#854c292467705b699476e1a2decc0c8a3458806b"
   integrity sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==
@@ -1675,17 +1691,10 @@ lru-cache@^7.14.1:
   resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-7.18.3.tgz#f793896e0fd0e954a59dfdd82f0773808df6aa89"
   integrity sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==
 
-lru.min@^1.1.0, lru.min@^1.1.3:
-  version "1.1.3"
-  resolved "https://registry.yarnpkg.com/lru.min/-/lru.min-1.1.3.tgz#c8c3d001dfb4cbe5b8d1f4bea207d4a320e5d76f"
-  integrity sha512-Lkk/vx6ak3rYkRR0Nhu4lFUT2VDnQSxBe8Hbl7f36358p6ow8Bnvr8lrLt98H8J1aGxfhbX4Fs5tYg2+FTwr5Q==
-
-make-dir@^3.0.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-3.1.0.tgz#415e967046b3a7f1d185277d84aa58203726a13f"
-  integrity sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==
-  dependencies:
-    semver "^6.0.0"
+lru.min@^1.1.0, lru.min@^1.1.4:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/lru.min/-/lru.min-1.1.4.tgz#6ea1737a8c1ba2300cc87ad46910a4bdffa0117b"
+  integrity sha512-DqC6n3QQ77zdFpCMASA1a3Jlb64Hv2N2DciFGkO/4L9+q/IpIAuRlKOvCXabtRW6cQf8usbmM6BE/TOPysCdIA==
 
 make-fetch-happen@^9.1.0:
   version "9.1.0"
@@ -1741,7 +1750,14 @@ mimic-response@^3.1.0:
   resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-3.1.0.tgz#2d1d59af9c1b129815accc2c46a022a5ce1fa3c9"
   integrity sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==
 
-minimatch@^3.1.1, minimatch@^3.1.2:
+minimatch@^10.2.1:
+  version "10.2.2"
+  resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-10.2.2.tgz#361603ee323cfb83496fea2ae17cc44ea4e1f99f"
+  integrity sha512-+G4CpNBxa5MprY+04MbgOw1v7So6n5JY166pFi9KfYwT78fxScCeSNQSNzp6dpPSW2rONOps6Ocam1wFhCgoVw==
+  dependencies:
+    brace-expansion "^5.0.2"
+
+minimatch@^3.1.1:
   version "3.1.2"
   resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b"
   integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==
@@ -1819,9 +1835,9 @@ minipass@^5.0.0:
   integrity sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==
 
 "minipass@^5.0.0 || ^6.0.2 || ^7.0.0", minipass@^7.1.2:
-  version "7.1.2"
-  resolved "https://registry.yarnpkg.com/minipass/-/minipass-7.1.2.tgz#93a9626ce5e5e66bd4db86849e7515e92340a707"
-  integrity sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==
+  version "7.1.3"
+  resolved "https://registry.yarnpkg.com/minipass/-/minipass-7.1.3.tgz#79389b4eb1bb2d003a9bba87d492f2bd37bdc65b"
+  integrity sha512-tEBHqDnIoM/1rXME1zgka9g6Q2lcoCkxHLuc7ODJ5BxbP5d4c2Z5cGgtXAku59200Cx7diuHTOYfSBD8n6mm8A==
 
 minizlib@^2.0.0, minizlib@^2.1.1:
   version "2.1.2"
@@ -1861,20 +1877,19 @@ ms@^2.0.0, ms@^2.1.1, ms@^2.1.3:
   resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.3.tgz#574c8138ce1d2b5861f0b44579dbadd60c6615b2"
   integrity sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==
 
-mysql2@^3.16.3:
-  version "3.16.3"
-  resolved "https://registry.yarnpkg.com/mysql2/-/mysql2-3.16.3.tgz#59491bfa13f1979c2a87fd1ef68a3eb83fd58fcb"
-  integrity sha512-+3XhQEt4FEFuvGV0JjIDj4eP2OT/oIj/54dYvqhblnSzlfcxVOuj+cd15Xz6hsG4HU1a+A5+BA9gm0618C4z7A==
+mysql2@^3.17.5:
+  version "3.17.5"
+  resolved "https://registry.yarnpkg.com/mysql2/-/mysql2-3.17.5.tgz#c0a0fdd73812ba65d08d47ee639df5ec46409087"
+  integrity sha512-Qb5kOObI10PUTjMRrvJhegiu2i7EmbCm2F2tbYHp9gCfpbLWjk39+TeoA6ususBc8xZa3pmRI6z0kPQldpcA8A==
   dependencies:
     aws-ssl-profiles "^1.1.2"
     denque "^2.1.0"
     generate-function "^2.3.1"
     iconv-lite "^0.7.2"
     long "^5.3.2"
-    lru.min "^1.1.3"
+    lru.min "^1.1.4"
     named-placeholders "^1.1.6"
-    seq-queue "^0.0.5"
-    sqlstring "^2.3.3"
+    sql-escaper "^1.3.3"
 
 named-placeholders@^1.1.6:
   version "1.1.6"
@@ -1904,9 +1919,9 @@ netmask@^2.0.2:
   integrity sha512-dBpDMdxv9Irdq66304OLfEmQ9tbNRFnFTuZiLo+bD+r332bBmMJ8GBLXklIXXgxd3+v9+KUnZaUR5PJMa75Gsg==
 
 node-abi@^3.3.0:
-  version "3.78.0"
-  resolved "https://registry.yarnpkg.com/node-abi/-/node-abi-3.78.0.tgz#fd0ecbd0aa89857b98da06bd3909194abb0821ba"
-  integrity sha512-E2wEyrgX/CqvicaQYU3Ze1PFGjc4QYPGsjUrlYkqAE0WjHEZwgOsGMPMzkMse4LjJbDmaEuDX3CM036j5K2DSQ==
+  version "3.87.0"
+  resolved "https://registry.yarnpkg.com/node-abi/-/node-abi-3.87.0.tgz#423e28fea5c2f195fddd98acded9938c001ae6dd"
+  integrity sha512-+CGM1L1CgmtheLcBuleyYOn7NWPVu0s0EJH2C4puxgEZb9h8QpR9G2dBfZJOAUhi7VQxuBPMd0hiISWcTyiYyQ==
   dependencies:
     semver "^7.3.5"
 
@@ -1948,15 +1963,15 @@ node-rsa@^1.1.1:
   dependencies:
     asn1 "^0.2.4"
 
-nodemon@^3.1.11:
-  version "3.1.11"
-  resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-3.1.11.tgz#04a54d1e794fbec9d8f6ffd8bf1ba9ea93a756ed"
-  integrity sha512-is96t8F/1//UHAjNPHpbsNY46ELPpftGUoSVNXwUfMk/qdjSylYrWSu1XavVTBOn526kFiOR733ATgNBCQyH0g==
+nodemon@^3.1.14:
+  version "3.1.14"
+  resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-3.1.14.tgz#8487ca379c515301d221ec007f27f24ecafa2b51"
+  integrity sha512-jakjZi93UtB3jHMWsXL68FXSAosbLfY0In5gtKq3niLSkrWznrVBzXFNOEMJUfc9+Ke7SHWoAZsiMkNP3vq6Jw==
   dependencies:
     chokidar "^3.5.2"
     debug "^4"
     ignore-by-default "^1.0.1"
-    minimatch "^3.1.2"
+    minimatch "^10.2.1"
     pstree.remy "^1.1.8"
     semver "^7.5.3"
     simple-update-notifier "^2.0.0"
@@ -2019,17 +2034,17 @@ once@^1.3.0, once@^1.3.1, once@^1.4.0:
   dependencies:
     wrappy "1"
 
-otplib@^13.2.1:
-  version "13.2.1"
-  resolved "https://registry.yarnpkg.com/otplib/-/otplib-13.2.1.tgz#39cc114228409ff30cfa6779e2f8cb007b535942"
-  integrity sha512-Cft9h/m34LtvnoB2TjP1E1E6v0biwcUntl6U4e+HgWrTa0bpwmb+u/D9gLFA+U6/ztlvrult0811Bu30nUVUuA==
+otplib@^13.3.0:
+  version "13.3.0"
+  resolved "https://registry.yarnpkg.com/otplib/-/otplib-13.3.0.tgz#2ead040ab29d1a829d1d7c510b059a3e4c76b2b0"
+  integrity sha512-VYMKyyDG8yt2q+z58sz54/EIyTh7+tyMrjeemR44iVh5+dkKtIs57irTqxjH+IkAL1uMmG1JIFhG5CxTpqdU5g==
   dependencies:
-    "@otplib/core" "13.2.1"
-    "@otplib/hotp" "13.2.1"
-    "@otplib/plugin-base32-scure" "13.2.1"
-    "@otplib/plugin-crypto-noble" "13.2.1"
-    "@otplib/totp" "13.2.1"
-    "@otplib/uri" "13.2.1"
+    "@otplib/core" "13.3.0"
+    "@otplib/hotp" "13.3.0"
+    "@otplib/plugin-base32-scure" "13.3.0"
+    "@otplib/plugin-crypto-noble" "13.3.0"
+    "@otplib/totp" "13.3.0"
+    "@otplib/uri" "13.3.0"
 
 p-limit@^1.1.0:
   version "1.3.0"
@@ -2247,9 +2262,9 @@ postgres-array@~2.0.0:
   integrity sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==
 
 postgres-bytea@~1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/postgres-bytea/-/postgres-bytea-1.0.0.tgz#027b533c0aa890e26d172d47cf9ccecc521acd35"
-  integrity sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/postgres-bytea/-/postgres-bytea-1.0.1.tgz#c40b3da0222c500ff1e51c5d7014b60b79697c7a"
+  integrity sha512-5+5HqXnsZPE65IJZSMkZtURARZelel2oXUEO8rH83VS/hxH5vv1uHquPg5wZs8yMAfdv971IU+kcPUczi7NVBQ==
 
 postgres-date@~1.0.4:
   version "1.0.7"
@@ -2345,9 +2360,9 @@ pump@^3.0.0:
     once "^1.3.1"
 
 qs@^6.14.0, qs@^6.14.1:
-  version "6.14.1"
-  resolved "https://registry.yarnpkg.com/qs/-/qs-6.14.1.tgz#a41d85b9d3902f31d27861790506294881871159"
-  integrity sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==
+  version "6.15.0"
+  resolved "https://registry.yarnpkg.com/qs/-/qs-6.15.0.tgz#db8fd5d1b1d2d6b5b33adaf87429805f1909e7b3"
+  integrity sha512-mAZTtNCeetKMH+pSjrb76NAM8V9a05I9aBZOHztWy/UqcJdQYNsf59vrRKWnojAT9Y+GbIvoTBC++CPHqpDBhQ==
   dependencies:
     side-channel "^1.1.0"
 
@@ -2456,11 +2471,11 @@ resolve-from@^5.0.0:
   integrity sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==
 
 resolve@^1.20.0:
-  version "1.22.10"
-  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.10.tgz#b663e83ffb09bbf2386944736baae803029b8b39"
-  integrity sha512-NPRy+/ncIMeDlTAsuqwKIiferiawhefFJtkNSW0qZJEqMEb+qBt/77B/jGeeek+F0uOeN05CDa6HXbbIgtVX4w==
+  version "1.22.11"
+  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.11.tgz#aad857ce1ffb8bfa9b0b1ac29f1156383f68c262"
+  integrity sha512-RfqAvLnMl313r7c9oclB1HhUEAezcpLjz95wFH4LVuhk9JF/r22qmVP9AMmOU4vMX7Q8pN8jwNg/CSpdFnMjTQ==
   dependencies:
-    is-core-module "^2.16.0"
+    is-core-module "^2.16.1"
     path-parse "^1.0.7"
     supports-preserve-symlinks-flag "^1.0.0"
 
@@ -2502,15 +2517,10 @@ safe-buffer@~5.1.0, safe-buffer@~5.1.1:
   resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
   integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
 
-semver@^6.0.0:
-  version "6.3.1"
-  resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4"
-  integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==
-
 semver@^7.3.5, semver@^7.5.3, semver@^7.5.4:
-  version "7.7.3"
-  resolved "https://registry.yarnpkg.com/semver/-/semver-7.7.3.tgz#4b5f4143d007633a8dc671cd0a6ef9147b8bb946"
-  integrity sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q==
+  version "7.7.4"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-7.7.4.tgz#28464e36060e991fa7a11d0279d2d3f3b57a7e8a"
+  integrity sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==
 
 send@^1.1.0, send@^1.2.0:
   version "1.2.1"
@@ -2529,11 +2539,6 @@ send@^1.1.0, send@^1.2.0:
     range-parser "^1.2.1"
     statuses "^2.0.2"
 
-seq-queue@^0.0.5:
-  version "0.0.5"
-  resolved "https://registry.yarnpkg.com/seq-queue/-/seq-queue-0.0.5.tgz#d56812e1c017a6e4e7c3e3a37a1da6d78dd3c93e"
-  integrity sha512-hr3Wtp/GZIc/6DAGPDcV4/9WoZhjrkXsi5B/07QgX8tsdc6ilr7BFM6PM6rbdAX1kFSDYeZGLipIZZKyQP0O5Q==
-
 serve-static@^2.2.0:
   version "2.2.1"
   resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-2.2.1.tgz#7f186a4a4e5f5b663ad7a4294ff1bf37cf0e98a9"
@@ -2687,6 +2692,11 @@ split2@^4.1.0:
   resolved "https://registry.yarnpkg.com/split2/-/split2-4.2.0.tgz#c9c5920904d148bab0b9f67145f245a86aadbfa4"
   integrity sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==
 
+sql-escaper@^1.3.3:
+  version "1.3.3"
+  resolved "https://registry.yarnpkg.com/sql-escaper/-/sql-escaper-1.3.3.tgz#65faf89f048d26bb9a75566b82b5990ddf8a5b7f"
+  integrity sha512-BsTCV265VpTp8tm1wyIm1xqQCS+Q9NHx2Sr+WcnUrgLrQ6yiDIvHYJV5gHxsj1lMBy2zm5twLaZao8Jd+S8JJw==
+
 sqlite3@^5.1.7:
   version "5.1.7"
   resolved "https://registry.yarnpkg.com/sqlite3/-/sqlite3-5.1.7.tgz#59ca1053c1ab38647396586edad019b1551041b7"
@@ -2699,11 +2709,6 @@ sqlite3@^5.1.7:
   optionalDependencies:
     node-gyp "8.x"
 
-sqlstring@^2.3.3:
-  version "2.3.3"
-  resolved "https://registry.yarnpkg.com/sqlstring/-/sqlstring-2.3.3.tgz#2ddc21f03bce2c387ed60680e739922c65751d0c"
-  integrity sha512-qC9iz2FlN7DQl3+wjwn3802RTyjCx7sDvfQEXchwa6CWOx07/WVfh91gBmQ9fahw8snwGEWU3xGzOt4tFyHLxg==
-
 ssri@^8.0.0, ssri@^8.0.1:
   version "8.0.1"
   resolved "https://registry.yarnpkg.com/ssri/-/ssri-8.0.1.tgz#638e4e439e2ffbd2cd289776d5ca457c4f51a2af"
@@ -2861,26 +2866,24 @@ tarn@^3.0.2:
   resolved "https://registry.yarnpkg.com/tarn/-/tarn-3.0.2.tgz#73b6140fbb881b71559c4f8bfde3d9a4b3d27693"
   integrity sha512-51LAVKUSZSVfI05vjPESNc5vwqqZpbXCsU+/+wxlOrUjk2SnFTt97v9ZgQrD4YmxYW1Px6w2KjaDitCfkvgxMQ==
 
-temp-dir@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/temp-dir/-/temp-dir-1.0.0.tgz#0a7c0ea26d3a39afa7e0ebea9c1fc0bc4daa011d"
-  integrity sha512-xZFXEGbG7SNC3itwBzI3RYjq/cEhBkx2hJuKGIUOcEULmkQExXiHat2z/qkISYsuR+IKumhEfKKbV5qXmhICFQ==
+temp-dir@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/temp-dir/-/temp-dir-3.0.0.tgz#7f147b42ee41234cc6ba3138cd8e8aa2302acffa"
+  integrity sha512-nHc6S/bwIilKHNRgK/3jlhDoIHcp45YgyiwcAk46Tr0LfEqGBVpmiAyuiuxeVE44m3mXnEeVhaipLOEWmH+Njw==
 
-temp-write@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/temp-write/-/temp-write-4.0.0.tgz#cd2e0825fc826ae72d201dc26eef3bf7e6fc9320"
-  integrity sha512-HIeWmj77uOOHb0QX7siN3OtwV3CTntquin6TNVg6SHOqCP3hYKmox90eeFOGaY1MqJ9WYDDjkyZrW6qS5AWpbw==
+temp-write@^6.0.1:
+  version "6.0.1"
+  resolved "https://registry.yarnpkg.com/temp-write/-/temp-write-6.0.1.tgz#b1ed81e80e120ba4957db3e01e010669d7c15870"
+  integrity sha512-6bj9LlNld+knzEOQvnZK6YxiPF+foOUjvG/WoWj1/Mt9c6f2kQCPsh8KZ+NyTk0AejubTQSPpx2alcswE1bF8g==
   dependencies:
-    graceful-fs "^4.1.15"
-    is-stream "^2.0.0"
-    make-dir "^3.0.0"
-    temp-dir "^1.0.0"
-    uuid "^3.3.2"
+    graceful-fs "^4.2.11"
+    is-stream "^4.0.1"
+    temp-dir "^3.0.0"
 
 text-decoder@^1.1.0:
-  version "1.2.3"
-  resolved "https://registry.yarnpkg.com/text-decoder/-/text-decoder-1.2.3.tgz#b19da364d981b2326d5f43099c310cc80d770c65"
-  integrity sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==
+  version "1.2.7"
+  resolved "https://registry.yarnpkg.com/text-decoder/-/text-decoder-1.2.7.tgz#5d073a9a74b9c0a9d28dfadcab96b604af57d8ba"
+  integrity sha512-vlLytXkeP4xvEq2otHeJfSQIRyWxo/oZGEbXrtEEF9Hnmrdly59sUbzZ/QgyWuLYHctCHxFF4tRQZNQ9k60ExQ==
   dependencies:
     b4a "^1.6.4"
 
@@ -2963,11 +2966,6 @@ util@^0.10.3:
   dependencies:
     inherits "2.0.3"
 
-uuid@^3.3.2:
-  version "3.4.0"
-  resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.4.0.tgz#b23e4358afa8a202fe7a100af1f5f883f02007ee"
-  integrity sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==
-
 vary@^1.1.2, vary@~1.1.2:
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.2.tgz#2299f02c6ded30d4a5961b0b9f74524a18f634fc"

docker/rootfs/etc/nginx/conf.d/include/force-ssl.conf

@@ -5,9 +5,28 @@ if ($scheme = "http") {
 if ($request_uri = /.well-known/acme-challenge/test-challenge) {
 	set $test "${test}T";
 }
+
+# Check if the ssl staff has been handled
+set $test_ssl_handled "";
+if ($trust_forwarded_proto = "") {
+	set $trust_forwarded_proto "F";
+}
+if ($trust_forwarded_proto = "T") {
+	set $test_ssl_handled "${test_ssl_handled}T";
+}
 if ($http_x_forwarded_proto = "https") {
+	set $test_ssl_handled "${test_ssl_handled}S";
+}
+if ($http_x_forwarded_scheme = "https") {
+	set $test_ssl_handled "${test_ssl_handled}S";
+}
+if ($test_ssl_handled = "TSS") {
+	set $test_ssl_handled "TS";
+}
+if ($test_ssl_handled = "TS") {
 	set $test "${test}S";
 }
+
 if ($test = H) {
 	return 301 https://$host$request_uri;
 }

docker/rootfs/etc/nginx/conf.d/include/proxy.conf

@@ -1,7 +1,7 @@
 add_header       X-Served-By $host;
 proxy_set_header Host $host;
-proxy_set_header X-Forwarded-Scheme $scheme;
-proxy_set_header X-Forwarded-Proto  $scheme;
+proxy_set_header X-Forwarded-Scheme $x_forwarded_scheme;
+proxy_set_header X-Forwarded-Proto  $x_forwarded_proto;
 proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
 proxy_set_header X-Real-IP          $remote_addr;
 proxy_pass       $forward_scheme://$server:$port$request_uri;

docker/rootfs/etc/nginx/nginx.conf

@@ -47,16 +47,28 @@ http {
 	proxy_cache_path              /var/lib/nginx/cache/private levels=1:2 keys_zone=private-cache:5m max_size=1024m;
 
 	# Log format and fallback log file
-	include /etc/nginx/conf.d/include/log-proxy.conf;
+	include /etc/nginx/conf.d/include/log-proxy[.]conf;
 
 	# Dynamically generated resolvers file
-	include /etc/nginx/conf.d/include/resolvers.conf;
+	include /etc/nginx/conf.d/include/resolvers[.]conf;
 
 	# Default upstream scheme
 	map $host $forward_scheme {
 		default http;
 	}
 
+	# Handle upstream X-Forwarded-Proto and X-Forwarded-Scheme header
+	map $http_x_forwarded_proto $x_forwarded_proto {
+		"http" "http";
+		"https" "https";
+		default $scheme;
+	}
+	map $http_x_forwarded_scheme $x_forwarded_scheme {
+		"http" "http";
+		"https" "https";
+		default $scheme;
+	}
+
 	# Real IP Determination
 
 	# Local subnets:
@@ -64,7 +76,7 @@ http {
 	set_real_ip_from 172.16.0.0/12; # Includes Docker subnet
 	set_real_ip_from 192.168.0.0/16;
 	# NPM generated CDN ip ranges:
-	include conf.d/include/ip_ranges.conf;
+	include conf.d/include/ip_ranges[.]conf;
 	# always put the following 2 lines after ip subnets:
 	real_ip_header X-Real-IP;
 	real_ip_recursive on;
@@ -86,7 +98,7 @@ http {
 
 stream {
 	# Log format and fallback log file
-	include /etc/nginx/conf.d/include/log-stream.conf;
+	include /etc/nginx/conf.d/include/log-stream[.]conf;
 
 	# Files generated by NPM
 	include /data/nginx/stream/*.conf;

docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh

@@ -7,8 +7,10 @@ log_info 'Dynamic resolvers ...'
 
 # Dynamically generate resolvers file, if resolver is IPv6, enclose in `[]`
 # thanks @tfmm
-if [ "$(is_true "$DISABLE_IPV6")" = '1' ]; then
-	echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) ipv6=off valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf
-else
-	echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf
+if [ "$(is_true "${DISABLE_RESOLVER:-}")" = '0' ]; then
+	if [ "$(is_true "${DISABLE_IPV6:-}")" = '1' ]; then
+		echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) ipv6=off valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf
+	else
+		echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf
+	fi
 fi

docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh

@@ -12,7 +12,7 @@ process_folder () {
 	FILES=$(find "$1" -type f -name "*.conf")
 	SED_REGEX=
 
-	if [ "$(is_true "$DISABLE_IPV6")" = '1' ]; then
+	if [ "$(is_true "${DISABLE_IPV6:-}")" = '1' ]; then
 		# IPV6 is disabled
 		echo "Disabling IPV6 in hosts in: $1"
 		SED_REGEX='s/^([^#]*)listen \[::\]/\1#listen [::]/g'
@@ -25,7 +25,13 @@ process_folder () {
 	for FILE in $FILES
 	do
 		echo "- ${FILE}"
-		echo "$(sed -E "$SED_REGEX" "$FILE")" > $FILE
+		TMPFILE="${FILE}.tmp"
+		if sed -E "$SED_REGEX" "$FILE" > "$TMPFILE" && [ -s "$TMPFILE" ]; then
+			mv "$TMPFILE" "$FILE"
+		else
+			echo "WARNING: skipping ${FILE} — sed produced empty output" >&2
+			rm -f "$TMPFILE"
+		fi
 	done
 
 	# ensure the files are still owned by the npm user

docker/scripts/install-s6

@@ -17,10 +17,6 @@ case $TARGETPLATFORM in
 		S6_ARCH=aarch64
 		;;
 
-	linux/arm/v7)
-		S6_ARCH=armhf
-		;;
-
 	*)
 		S6_ARCH=x86_64
 		;;

docs/package.json

@@ -2,7 +2,8 @@
   "scripts": {
     "dev": "vitepress dev --host",
     "build": "vitepress build",
-    "preview": "vitepress preview"
+    "preview": "vitepress preview",
+    "set-version": "./scripts/set-version.sh"
   },
   "devDependencies": {
     "vitepress": "^1.6.4"

docs/scripts/set-version.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+set -euf
+
+# this script accepts a version number as an argument
+# and replaces {{VERSION}} in src/*.md with the provided version number.
+
+if [ "$#" -ne 1 ]; then
+	echo "Usage: $0 <version>"
+	exit 1
+fi
+
+DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+cd "$DIR/.." || exit 1
+
+VERSION="$1"
+# find all .md files in src/ and replace {{VERSION}} with the provided version number
+find src/ -type f -name "*.md" -exec sed -i "s/{{VERSION}}/$VERSION/g" {} \;

docs/src/advanced-config/index.md

@@ -14,7 +14,7 @@ on the `data` and `letsencrypt` folders at startup.
 ```yml
 services:
   app:
-    image: 'jc21/nginx-proxy-manager:latest'
+    image: 'jc21/nginx-proxy-manager:{{VERSION}}'
     environment:
       PUID: 1000
       PGID: 1000
@@ -101,7 +101,7 @@ secrets:
 
 services:
   app:
-    image: 'jc21/nginx-proxy-manager:latest'
+    image: 'jc21/nginx-proxy-manager:{{VERSION}}'
     restart: unless-stopped
     ports:
       # Public HTTP Port:
@@ -130,18 +130,16 @@ services:
       - db
 
   db:
-    image: jc21/mariadb-aria
+    image: 'linuxserver/mariadb'
     restart: unless-stopped
     environment:
-      # MYSQL_ROOT_PASSWORD: "npm"  # use secret instead
       MYSQL_ROOT_PASSWORD__FILE: /run/secrets/DB_ROOT_PWD
-      MYSQL_DATABASE: "npm"
-      MYSQL_USER: "npm"
-      # MYSQL_PASSWORD: "npm"  # use secret instead
+      MYSQL_DATABASE: 'npm'
+      MYSQL_USER: 'npm'
       MYSQL_PASSWORD__FILE: /run/secrets/MYSQL_PWD
-      MARIADB_AUTO_UPGRADE: '1'
+      TZ: 'Australia/Brisbane'
     volumes:
-      - ./mysql:/var/lib/mysql
+      - ./mariadb:/config
     secrets:
       - DB_ROOT_PWD
       - MYSQL_PWD
@@ -233,8 +231,20 @@ load_module /usr/lib/nginx/modules/ngx_stream_geoip2_module.so;
 
 Setting these environment variables will create the default user on startup, skipping the UI first user setup screen:
 
-```
+```yml
     environment:
       INITIAL_ADMIN_EMAIL: my@example.com
       INITIAL_ADMIN_PASSWORD: mypassword1
 ```
+
+## Disable Nginx Resolver
+
+On startup, we generate a resolvers directive for Nginx unless this is defined:
+
+```yml
+    environment:
+      DISABLE_RESOLVER: true
+```
+
+In this configuration, all DNS queries performed by Nginx will fall to the `/etc/hosts` file
+and then the `/etc/resolv.conf`.

docs/src/guide/index.md

@@ -64,7 +64,7 @@ I won't go in to too much detail here but here are the basics for someone new to
 ```yml
 services:
   app:
-    image: 'jc21/nginx-proxy-manager:latest'
+    image: 'jc21/nginx-proxy-manager:{{VERSION}}'
     restart: unless-stopped
     environment:
       TZ: "Australia/Brisbane"

docs/src/setup/index.md

@@ -11,7 +11,7 @@ Create a `docker-compose.yml` file:
 ```yml
 services:
   app:
-    image: 'jc21/nginx-proxy-manager:latest'
+    image: 'jc21/nginx-proxy-manager:{{VERSION}}'
     restart: unless-stopped
 
     ports:
@@ -45,10 +45,7 @@ docker compose up -d
 
 ## Using MySQL / MariaDB Database
 
-If you opt for the MySQL configuration you will have to provide the database server yourself. You can also use MariaDB. Here are the minimum supported versions:
-
-- MySQL v5.7.8+
-- MariaDB v10.2.7+
+If you opt for the MySQL configuration you will have to provide the database server yourself.
 
 It's easy to use another docker container for your database also and link it as part of the docker stack, so that's what the following examples
 are going to use.
@@ -58,7 +55,7 @@ Here is an example of what your `docker-compose.yml` will look like when using a
 ```yml
 services:
   app:
-    image: 'jc21/nginx-proxy-manager:latest'
+    image: 'jc21/nginx-proxy-manager:{{VERSION}}'
     restart: unless-stopped
     ports:
       # These ports are in format <host-port>:<container-port>
@@ -88,31 +85,29 @@ services:
       - db
 
   db:
-    image: 'jc21/mariadb-aria:latest'
+    image: 'linuxserver/mariadb'
     restart: unless-stopped
     environment:
       MYSQL_ROOT_PASSWORD: 'npm'
       MYSQL_DATABASE: 'npm'
       MYSQL_USER: 'npm'
       MYSQL_PASSWORD: 'npm'
-      MARIADB_AUTO_UPGRADE: '1'
+      TZ: 'Australia/Brisbane'
     volumes:
-      - ./mysql:/var/lib/mysql
+      - ./mariadb:/config
 ```
 
 ::: warning
-
 Please note, that `DB_MYSQL_*` environment variables will take precedent over `DB_SQLITE_*` variables. So if you keep the MySQL variables, you will not be able to use SQLite.
-
 :::
 
 ### Optional: MySQL / MariaDB SSL
 
 You can enable TLS for the MySQL/MariaDB connection with these environment variables:
 
-- DB_MYSQL_SSL: Enable SSL when set to true. If unset or false, SSL disabled (previous default behaviour).
-- DB_MYSQL_SSL_REJECT_UNAUTHORIZED: (default: true) Validate the server certificate chain. Set to false to allow self‑signed/unknown CA.
-- DB_MYSQL_SSL_VERIFY_IDENTITY: (default: true) Performs host name / identity verification.
+- `DB_MYSQL_SSL`: Enable SSL when set to true. If unset or false, SSL disabled (previous default behaviour).
+- `DB_MYSQL_SSL_REJECT_UNAUTHORIZED`: (default: true) Validate the server certificate chain. Set to false to allow self‑signed/unknown CA.
+- `DB_MYSQL_SSL_VERIFY_IDENTITY`: (default: true) Performs host name / identity verification.
 
 Enabling SSL using a self-signed cert (not recommended for production).
 
@@ -123,7 +118,7 @@ Similar to the MySQL server setup:
 ```yml
 services:
   app:
-    image: 'jc21/nginx-proxy-manager:latest'
+    image: 'jc21/nginx-proxy-manager:{{VERSION}}'
     restart: unless-stopped
     ports:
       # These ports are in format <host-port>:<container-port>
@@ -169,7 +164,11 @@ Custom Postgres schema is not supported, as such `public` will be used.
 The docker images support the following architectures:
 - amd64
 - arm64
-- armv7
+
+::: warning
+`armv7` is no longer supported in version 2.14+. This is due to Nodejs dropping support for armhf. Please
+use the `2.13.7` image tag if this applies to you.
+:::
 
 The docker images are a manifest of all the architecture docker builds supported, so this means
 you don't have to worry about doing anything special and you can follow the common instructions above.
@@ -181,8 +180,6 @@ for a list of supported architectures and if you want one that doesn't exist,
 Also, if you don't know how to already, follow [this guide to install docker and docker-compose](https://manre-universe.net/how-to-run-docker-and-docker-compose-on-raspbian/)
 on Raspbian.
 
-Please note that the `jc21/mariadb-aria:latest` image might have some problems on some ARM devices, if you want a separate database container, use the `yobasystems/alpine-mariadb:latest` image.
-
 ## Initial Run
 
 After the app is running for the first time, the following will happen:

docs/yarn.lock

@@ -335,85 +335,130 @@
   resolved "https://registry.yarnpkg.com/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz#6912b00d2c631c0d15ce1a7ab57cd657f2a8f8ba"
   integrity sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==
 
-"@rollup/rollup-android-arm-eabi@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.24.0.tgz#1661ff5ea9beb362795304cb916049aba7ac9c54"
-  integrity sha512-Q6HJd7Y6xdB48x8ZNVDOqsbh2uByBhgK8PiQgPhwkIw/HC/YX5Ghq2mQY5sRMZWHb3VsFkWooUVOZHKr7DmDIA==
+"@rollup/rollup-android-arm-eabi@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.59.0.tgz#a6742c74c7d9d6d604ef8a48f99326b4ecda3d82"
+  integrity sha512-upnNBkA6ZH2VKGcBj9Fyl9IGNPULcjXRlg0LLeaioQWueH30p6IXtJEbKAgvyv+mJaMxSm1l6xwDXYjpEMiLMg==
 
-"@rollup/rollup-android-arm64@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.24.0.tgz#2ffaa91f1b55a0082b8a722525741aadcbd3971e"
-  integrity sha512-ijLnS1qFId8xhKjT81uBHuuJp2lU4x2yxa4ctFPtG+MqEE6+C5f/+X/bStmxapgmwLwiL3ih122xv8kVARNAZA==
+"@rollup/rollup-android-arm64@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.59.0.tgz#97247be098de4df0c11971089fd2edf80a5da8cf"
+  integrity sha512-hZ+Zxj3SySm4A/DylsDKZAeVg0mvi++0PYVceVyX7hemkw7OreKdCvW2oQ3T1FMZvCaQXqOTHb8qmBShoqk69Q==
 
-"@rollup/rollup-darwin-arm64@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.24.0.tgz#627007221b24b8cc3063703eee0b9177edf49c1f"
-  integrity sha512-bIv+X9xeSs1XCk6DVvkO+S/z8/2AMt/2lMqdQbMrmVpgFvXlmde9mLcbQpztXm1tajC3raFDqegsH18HQPMYtA==
+"@rollup/rollup-darwin-arm64@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.59.0.tgz#674852cf14cf11b8056e0b1a2f4e872b523576cf"
+  integrity sha512-W2Psnbh1J8ZJw0xKAd8zdNgF9HRLkdWwwdWqubSVk0pUuQkoHnv7rx4GiF9rT4t5DIZGAsConRE3AxCdJ4m8rg==
 
-"@rollup/rollup-darwin-x64@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.24.0.tgz#0605506142b9e796c370d59c5984ae95b9758724"
-  integrity sha512-X6/nOwoFN7RT2svEQWUsW/5C/fYMBe4fnLK9DQk4SX4mgVBiTA9h64kjUYPvGQ0F/9xwJ5U5UfTbl6BEjaQdBQ==
+"@rollup/rollup-darwin-x64@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.59.0.tgz#36dfd7ed0aaf4d9d89d9ef983af72632455b0246"
+  integrity sha512-ZW2KkwlS4lwTv7ZVsYDiARfFCnSGhzYPdiOU4IM2fDbL+QGlyAbjgSFuqNRbSthybLbIJ915UtZBtmuLrQAT/w==
 
-"@rollup/rollup-linux-arm-gnueabihf@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.24.0.tgz#62dfd196d4b10c0c2db833897164d2d319ee0cbb"
-  integrity sha512-0KXvIJQMOImLCVCz9uvvdPgfyWo93aHHp8ui3FrtOP57svqrF/roSSR5pjqL2hcMp0ljeGlU4q9o/rQaAQ3AYA==
+"@rollup/rollup-freebsd-arm64@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.59.0.tgz#2f87c2074b4220260fdb52a9996246edfc633c22"
+  integrity sha512-EsKaJ5ytAu9jI3lonzn3BgG8iRBjV4LxZexygcQbpiU0wU0ATxhNVEpXKfUa0pS05gTcSDMKpn3Sx+QB9RlTTA==
 
-"@rollup/rollup-linux-arm-musleabihf@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.24.0.tgz#53ce72aeb982f1f34b58b380baafaf6a240fddb3"
-  integrity sha512-it2BW6kKFVh8xk/BnHfakEeoLPv8STIISekpoF+nBgWM4d55CZKc7T4Dx1pEbTnYm/xEKMgy1MNtYuoA8RFIWw==
+"@rollup/rollup-freebsd-x64@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.59.0.tgz#9b5a26522a38a95dc06616d1939d4d9a76937803"
+  integrity sha512-d3DuZi2KzTMjImrxoHIAODUZYoUUMsuUiY4SRRcJy6NJoZ6iIqWnJu9IScV9jXysyGMVuW+KNzZvBLOcpdl3Vg==
 
-"@rollup/rollup-linux-arm64-gnu@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.24.0.tgz#1632990f62a75c74f43e4b14ab3597d7ed416496"
-  integrity sha512-i0xTLXjqap2eRfulFVlSnM5dEbTVque/3Pi4g2y7cxrs7+a9De42z4XxKLYJ7+OhE3IgxvfQM7vQc43bwTgPwA==
+"@rollup/rollup-linux-arm-gnueabihf@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.59.0.tgz#86aa4859385a8734235b5e40a48e52d770758c3a"
+  integrity sha512-t4ONHboXi/3E0rT6OZl1pKbl2Vgxf9vJfWgmUoCEVQVxhW6Cw/c8I6hbbu7DAvgp82RKiH7TpLwxnJeKv2pbsw==
 
-"@rollup/rollup-linux-arm64-musl@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.24.0.tgz#8c03a996efb41e257b414b2e0560b7a21f2d9065"
-  integrity sha512-9E6MKUJhDuDh604Qco5yP/3qn3y7SLXYuiC0Rpr89aMScS2UAmK1wHP2b7KAa1nSjWJc/f/Lc0Wl1L47qjiyQw==
+"@rollup/rollup-linux-arm-musleabihf@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.59.0.tgz#cbe70e56e6ece8dac83eb773b624fc9e5a460976"
+  integrity sha512-CikFT7aYPA2ufMD086cVORBYGHffBo4K8MQ4uPS/ZnY54GKj36i196u8U+aDVT2LX4eSMbyHtyOh7D7Zvk2VvA==
 
-"@rollup/rollup-linux-powerpc64le-gnu@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-powerpc64le-gnu/-/rollup-linux-powerpc64le-gnu-4.24.0.tgz#5b98729628d5bcc8f7f37b58b04d6845f85c7b5d"
-  integrity sha512-2XFFPJ2XMEiF5Zi2EBf4h73oR1V/lycirxZxHZNc93SqDN/IWhYYSYj8I9381ikUFXZrz2v7r2tOVk2NBwxrWw==
+"@rollup/rollup-linux-arm64-gnu@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.59.0.tgz#d14992a2e653bc3263d284bc6579b7a2890e1c45"
+  integrity sha512-jYgUGk5aLd1nUb1CtQ8E+t5JhLc9x5WdBKew9ZgAXg7DBk0ZHErLHdXM24rfX+bKrFe+Xp5YuJo54I5HFjGDAA==
 
-"@rollup/rollup-linux-riscv64-gnu@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.24.0.tgz#48e42e41f4cabf3573cfefcb448599c512e22983"
-  integrity sha512-M3Dg4hlwuntUCdzU7KjYqbbd+BLq3JMAOhCKdBE3TcMGMZbKkDdJ5ivNdehOssMCIokNHFOsv7DO4rlEOfyKpg==
+"@rollup/rollup-linux-arm64-musl@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.59.0.tgz#2fdd1ddc434ea90aeaa0851d2044789b4d07f6da"
+  integrity sha512-peZRVEdnFWZ5Bh2KeumKG9ty7aCXzzEsHShOZEFiCQlDEepP1dpUl/SrUNXNg13UmZl+gzVDPsiCwnV1uI0RUA==
 
-"@rollup/rollup-linux-s390x-gnu@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.24.0.tgz#e0b4f9a966872cb7d3e21b9e412a4b7efd7f0b58"
-  integrity sha512-mjBaoo4ocxJppTorZVKWFpy1bfFj9FeCMJqzlMQGjpNPY9JwQi7OuS1axzNIk0nMX6jSgy6ZURDZ2w0QW6D56g==
+"@rollup/rollup-linux-loong64-gnu@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.59.0.tgz#8a181e6f89f969f21666a743cd411416c80099e7"
+  integrity sha512-gbUSW/97f7+r4gHy3Jlup8zDG190AuodsWnNiXErp9mT90iCy9NKKU0Xwx5k8VlRAIV2uU9CsMnEFg/xXaOfXg==
 
-"@rollup/rollup-linux-x64-gnu@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.24.0.tgz#78144741993100f47bd3da72fce215e077ae036b"
-  integrity sha512-ZXFk7M72R0YYFN5q13niV0B7G8/5dcQ9JDp8keJSfr3GoZeXEoMHP/HlvqROA3OMbMdfr19IjCeNAnPUG93b6A==
+"@rollup/rollup-linux-loong64-musl@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.59.0.tgz#904125af2babc395f8061daa27b5af1f4e3f2f78"
+  integrity sha512-yTRONe79E+o0FWFijasoTjtzG9EBedFXJMl888NBEDCDV9I2wGbFFfJQQe63OijbFCUZqxpHz1GzpbtSFikJ4Q==
 
-"@rollup/rollup-linux-x64-musl@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.24.0.tgz#d9fe32971883cd1bd858336bd33a1c3ca6146127"
-  integrity sha512-w1i+L7kAXZNdYl+vFvzSZy8Y1arS7vMgIy8wusXJzRrPyof5LAb02KGr1PD2EkRcl73kHulIID0M501lN+vobQ==
+"@rollup/rollup-linux-ppc64-gnu@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.59.0.tgz#a57970ac6864c9a3447411a658224bdcf948be22"
+  integrity sha512-sw1o3tfyk12k3OEpRddF68a1unZ5VCN7zoTNtSn2KndUE+ea3m3ROOKRCZxEpmT9nsGnogpFP9x6mnLTCaoLkA==
 
-"@rollup/rollup-win32-arm64-msvc@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.24.0.tgz#71fa3ea369316db703a909c790743972e98afae5"
-  integrity sha512-VXBrnPWgBpVDCVY6XF3LEW0pOU51KbaHhccHw6AS6vBWIC60eqsH19DAeeObl+g8nKAz04QFdl/Cefta0xQtUQ==
+"@rollup/rollup-linux-ppc64-musl@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.59.0.tgz#bb84de5b26870567a4267666e08891e80bb56a63"
+  integrity sha512-+2kLtQ4xT3AiIxkzFVFXfsmlZiG5FXYW7ZyIIvGA7Bdeuh9Z0aN4hVyXS/G1E9bTP/vqszNIN/pUKCk/BTHsKA==
 
-"@rollup/rollup-win32-ia32-msvc@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.24.0.tgz#653f5989a60658e17d7576a3996deb3902e342e2"
-  integrity sha512-xrNcGDU0OxVcPTH/8n/ShH4UevZxKIO6HJFK0e15XItZP2UcaiLFd5kiX7hJnqCbSztUF8Qot+JWBC/QXRPYWQ==
+"@rollup/rollup-linux-riscv64-gnu@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.59.0.tgz#72d00d2c7fb375ce3564e759db33f17a35bffab9"
+  integrity sha512-NDYMpsXYJJaj+I7UdwIuHHNxXZ/b/N2hR15NyH3m2qAtb/hHPA4g4SuuvrdxetTdndfj9b1WOmy73kcPRoERUg==
 
-"@rollup/rollup-win32-x64-msvc@4.24.0":
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.24.0.tgz#0574d7e87b44ee8511d08cc7f914bcb802b70818"
-  integrity sha512-fbMkAF7fufku0N2dE5TBXcNlg0pt0cJue4xBRE2Qc5Vqikxr4VCgKj/ht6SMdFcOacVA9rqF70APJ8RN/4vMJw==
+"@rollup/rollup-linux-riscv64-musl@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.59.0.tgz#4c166ef58e718f9245bd31873384ba15a5c1a883"
+  integrity sha512-nLckB8WOqHIf1bhymk+oHxvM9D3tyPndZH8i8+35p/1YiVoVswPid2yLzgX7ZJP0KQvnkhM4H6QZ5m0LzbyIAg==
+
+"@rollup/rollup-linux-s390x-gnu@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.59.0.tgz#bb5025cde9a61db478c2ca7215808ad3bce73a09"
+  integrity sha512-oF87Ie3uAIvORFBpwnCvUzdeYUqi2wY6jRFWJAy1qus/udHFYIkplYRW+wo+GRUP4sKzYdmE1Y3+rY5Gc4ZO+w==
+
+"@rollup/rollup-linux-x64-gnu@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.59.0.tgz#9b66b1f9cd95c6624c788f021c756269ffed1552"
+  integrity sha512-3AHmtQq/ppNuUspKAlvA8HtLybkDflkMuLK4DPo77DfthRb71V84/c4MlWJXixZz4uruIH4uaa07IqoAkG64fg==
+
+"@rollup/rollup-linux-x64-musl@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.59.0.tgz#b007ca255dc7166017d57d7d2451963f0bd23fd9"
+  integrity sha512-2UdiwS/9cTAx7qIUZB/fWtToJwvt0Vbo0zmnYt7ED35KPg13Q0ym1g442THLC7VyI6JfYTP4PiSOWyoMdV2/xg==
+
+"@rollup/rollup-openbsd-x64@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.59.0.tgz#e8b357b2d1aa2c8d76a98f5f0d889eabe93f4ef9"
+  integrity sha512-M3bLRAVk6GOwFlPTIxVBSYKUaqfLrn8l0psKinkCFxl4lQvOSz8ZrKDz2gxcBwHFpci0B6rttydI4IpS4IS/jQ==
+
+"@rollup/rollup-openharmony-arm64@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.59.0.tgz#96c2e3f4aacd3d921981329831ff8dde492204dc"
+  integrity sha512-tt9KBJqaqp5i5HUZzoafHZX8b5Q2Fe7UjYERADll83O4fGqJ49O1FsL6LpdzVFQcpwvnyd0i+K/VSwu/o/nWlA==
+
+"@rollup/rollup-win32-arm64-msvc@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.59.0.tgz#2d865149d706d938df8b4b8f117e69a77646d581"
+  integrity sha512-V5B6mG7OrGTwnxaNUzZTDTjDS7F75PO1ae6MJYdiMu60sq0CqN5CVeVsbhPxalupvTX8gXVSU9gq+Rx1/hvu6A==
+
+"@rollup/rollup-win32-ia32-msvc@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.59.0.tgz#abe1593be0fa92325e9971c8da429c5e05b92c36"
+  integrity sha512-UKFMHPuM9R0iBegwzKF4y0C4J9u8C6MEJgFuXTBerMk7EJ92GFVFYBfOZaSGLu6COf7FxpQNqhNS4c4icUPqxA==
+
+"@rollup/rollup-win32-x64-gnu@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.59.0.tgz#c4af3e9518c9a5cd4b1c163dc81d0ad4d82e7eab"
+  integrity sha512-laBkYlSS1n2L8fSo1thDNGrCTQMmxjYY5G0WFWjFFYZkKPjsMBsgJfGf4TLxXrF6RyhI60L8TMOjBMvXiTcxeA==
+
+"@rollup/rollup-win32-x64-msvc@4.59.0":
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.59.0.tgz#4584a8a87b29188a4c1fe987a9fcf701e256d86c"
+  integrity sha512-2HRCml6OztYXyJXAvdDXPKcawukWY2GpR5/nxKp4iBgiO3wcoEGkAaqctIbZcNB6KlUQBIqt8VYkNSj2397EfA==
 
 "@shikijs/core@2.5.0", "@shikijs/core@^2.1.0":
   version "2.5.0"
@@ -479,10 +524,10 @@
   resolved "https://registry.yarnpkg.com/@shikijs/vscode-textmate/-/vscode-textmate-10.0.2.tgz#a90ab31d0cc1dfb54c66a69e515bf624fa7b2224"
   integrity sha512-83yeghZ2xxin3Nj8z1NMd/NCuca+gsYXswywDy5bHvwlWL8tpTQmzGeUuHd9FC3E/SBEMvzJRwWEOz5gGes9Qg==
 
-"@types/estree@1.0.6":
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.6.tgz#628effeeae2064a1b4e79f78e81d87b7e5fc7b50"
-  integrity sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw==
+"@types/estree@1.0.8":
+  version "1.0.8"
+  resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.8.tgz#958b91c991b1867ced318bedea0e215ee050726e"
+  integrity sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==
 
 "@types/hast@^3.0.0", "@types/hast@^3.0.4":
   version "3.0.4"
@@ -994,28 +1039,37 @@ rfdc@^1.4.1:
   integrity sha512-q1b3N5QkRUWUl7iyylaaj3kOpIT0N2i9MqIEQXP73GVsN9cw3fdx8X63cEmWhJGi2PPCF23Ijp7ktmd39rawIA==
 
 rollup@^4.20.0:
-  version "4.24.0"
-  resolved "https://registry.yarnpkg.com/rollup/-/rollup-4.24.0.tgz#c14a3576f20622ea6a5c9cad7caca5e6e9555d05"
-  integrity sha512-DOmrlGSXNk1DM0ljiQA+i+o0rSLhtii1je5wgk60j49d1jHT5YYttBv1iWOnYSTG+fZZESUOSNiAl89SIet+Cg==
+  version "4.59.0"
+  resolved "https://registry.yarnpkg.com/rollup/-/rollup-4.59.0.tgz#cf74edac17c1486f562d728a4d923a694abdf06f"
+  integrity sha512-2oMpl67a3zCH9H79LeMcbDhXW/UmWG/y2zuqnF2jQq5uq9TbM9TVyXvA4+t+ne2IIkBdrLpAaRQAvo7YI/Yyeg==
   dependencies:
-    "@types/estree" "1.0.6"
+    "@types/estree" "1.0.8"
   optionalDependencies:
-    "@rollup/rollup-android-arm-eabi" "4.24.0"
-    "@rollup/rollup-android-arm64" "4.24.0"
-    "@rollup/rollup-darwin-arm64" "4.24.0"
-    "@rollup/rollup-darwin-x64" "4.24.0"
-    "@rollup/rollup-linux-arm-gnueabihf" "4.24.0"
-    "@rollup/rollup-linux-arm-musleabihf" "4.24.0"
-    "@rollup/rollup-linux-arm64-gnu" "4.24.0"
-    "@rollup/rollup-linux-arm64-musl" "4.24.0"
-    "@rollup/rollup-linux-powerpc64le-gnu" "4.24.0"
-    "@rollup/rollup-linux-riscv64-gnu" "4.24.0"
-    "@rollup/rollup-linux-s390x-gnu" "4.24.0"
-    "@rollup/rollup-linux-x64-gnu" "4.24.0"
-    "@rollup/rollup-linux-x64-musl" "4.24.0"
-    "@rollup/rollup-win32-arm64-msvc" "4.24.0"
-    "@rollup/rollup-win32-ia32-msvc" "4.24.0"
-    "@rollup/rollup-win32-x64-msvc" "4.24.0"
+    "@rollup/rollup-android-arm-eabi" "4.59.0"
+    "@rollup/rollup-android-arm64" "4.59.0"
+    "@rollup/rollup-darwin-arm64" "4.59.0"
+    "@rollup/rollup-darwin-x64" "4.59.0"
+    "@rollup/rollup-freebsd-arm64" "4.59.0"
+    "@rollup/rollup-freebsd-x64" "4.59.0"
+    "@rollup/rollup-linux-arm-gnueabihf" "4.59.0"
+    "@rollup/rollup-linux-arm-musleabihf" "4.59.0"
+    "@rollup/rollup-linux-arm64-gnu" "4.59.0"
+    "@rollup/rollup-linux-arm64-musl" "4.59.0"
+    "@rollup/rollup-linux-loong64-gnu" "4.59.0"
+    "@rollup/rollup-linux-loong64-musl" "4.59.0"
+    "@rollup/rollup-linux-ppc64-gnu" "4.59.0"
+    "@rollup/rollup-linux-ppc64-musl" "4.59.0"
+    "@rollup/rollup-linux-riscv64-gnu" "4.59.0"
+    "@rollup/rollup-linux-riscv64-musl" "4.59.0"
+    "@rollup/rollup-linux-s390x-gnu" "4.59.0"
+    "@rollup/rollup-linux-x64-gnu" "4.59.0"
+    "@rollup/rollup-linux-x64-musl" "4.59.0"
+    "@rollup/rollup-openbsd-x64" "4.59.0"
+    "@rollup/rollup-openharmony-arm64" "4.59.0"
+    "@rollup/rollup-win32-arm64-msvc" "4.59.0"
+    "@rollup/rollup-win32-ia32-msvc" "4.59.0"
+    "@rollup/rollup-win32-x64-gnu" "4.59.0"
+    "@rollup/rollup-win32-x64-msvc" "4.59.0"
     fsevents "~2.3.2"
 
 shiki@^2.1.0:

frontend/biome.json

@@ -1,5 +1,5 @@
 {
-    "$schema": "https://biomejs.dev/schemas/2.3.14/schema.json",
+    "$schema": "https://biomejs.dev/schemas/2.4.3/schema.json",
     "vcs": {
         "enabled": true,
         "clientKind": "git",

frontend/check-locales.cjs

@@ -11,6 +11,7 @@ const allLocales = [
   ["de", "de-DE"],
   ["pt", "pt-PT"],
   ["es", "es-ES"],
+  ["et", "et-EE"],
   ["fr", "fr-FR"],
   ["it", "it-IT"],
   ["ja", "ja-JP"],
@@ -18,6 +19,7 @@ const allLocales = [
   ["pl", "pl-PL"],
   ["ru", "ru-RU"],
   ["sk", "sk-SK"],
+  ["cs", "cs-CZ"],
   ["vi", "vi-VN"],
   ["zh", "zh-CN"],
   ["ko", "ko-KR"],
@@ -25,6 +27,7 @@ const allLocales = [
   ["id", "id-ID"],
   ["tr", "tr-TR"],
   ["hu", "hu-HU"],
+  ["no", "no-NO"],
 ];
 
 const ignoreUnused = [/^.*$/];

frontend/package.json

@@ -17,12 +17,12 @@
 	},
 	"dependencies": {
 		"@tabler/core": "^1.4.0",
-		"@tabler/icons-react": "^3.36.1",
-		"@tanstack/react-query": "^5.90.20",
+		"@tabler/icons-react": "^3.37.1",
+		"@tanstack/react-query": "^5.90.21",
 		"@tanstack/react-table": "^8.21.3",
 		"@uiw/react-textarea-code-editor": "^3.1.1",
 		"classnames": "^2.5.1",
-		"country-flag-icons": "^1.6.12",
+		"country-flag-icons": "^1.6.14",
 		"date-fns": "^4.1.0",
 		"ez-modal-react": "^1.0.5",
 		"formik": "^2.4.9",
@@ -40,19 +40,19 @@
 		"rooks": "^9.5.0"
 	},
 	"devDependencies": {
-		"@biomejs/biome": "^2.3.14",
-		"@formatjs/cli": "^6.12.2",
+		"@biomejs/biome": "^2.4.3",
+		"@formatjs/cli": "^6.13.0",
 		"@tanstack/react-query-devtools": "^5.91.3",
 		"@testing-library/dom": "^10.4.1",
 		"@testing-library/jest-dom": "^6.9.1",
 		"@testing-library/react": "^16.3.2",
 		"@types/country-flag-icons": "^1.2.2",
 		"@types/humps": "^2.0.6",
-		"@types/react": "^19.2.10",
+		"@types/react": "^19.2.14",
 		"@types/react-dom": "^19.2.3",
 		"@types/react-table": "^7.7.20",
-		"@vitejs/plugin-react": "^5.1.3",
-		"happy-dom": "^20.5.0",
+		"@vitejs/plugin-react": "^5.1.4",
+		"happy-dom": "^20.7.0",
 		"postcss": "^8.5.6",
 		"postcss-simple-vars": "^7.0.1",
 		"sass": "^1.97.3",
@@ -60,7 +60,7 @@
 		"typescript": "5.9.3",
 		"vite": "^7.3.1",
 		"vite-plugin-checker": "^0.12.0",
-		"vite-tsconfig-paths": "^6.0.5",
+		"vite-tsconfig-paths": "^6.1.1",
 		"vitest": "^4.0.18"
 	}
 }

frontend/src/api/backend/models.ts

@@ -127,6 +127,7 @@ export interface ProxyHost {
 	locations?: ProxyLocation[];
 	hstsEnabled: boolean;
 	hstsSubdomains: boolean;
+	trustForwardedProto: boolean;
 	// Expansions:
 	owner?: User;
 	accessList?: AccessList;

frontend/src/components/Form/SSLOptionsFields.tsx

@@ -5,17 +5,18 @@ import { T } from "src/locale";
 
 interface Props {
 	forHttp?: boolean; // the sslForced, http2Support, hstsEnabled, hstsSubdomains fields
+	forProxyHost?: boolean; // the advanced fields
 	forceDNSForNew?: boolean;
 	requireDomainNames?: boolean; // used for streams
 	color?: string;
 }
-export function SSLOptionsFields({ forHttp = true, forceDNSForNew, requireDomainNames, color = "bg-cyan" }: Props) {
+export function SSLOptionsFields({ forHttp = true, forProxyHost = false, forceDNSForNew, requireDomainNames, color = "bg-cyan" }: Props) {
 	const { values, setFieldValue } = useFormikContext();
 	const v: any = values || {};
 
 	const newCertificate = v?.certificateId === "new";
 	const hasCertificate = newCertificate || (v?.certificateId && v?.certificateId > 0);
-	const { sslForced, http2Support, hstsEnabled, hstsSubdomains, meta } = v;
+	const { sslForced, http2Support, hstsEnabled, hstsSubdomains, trustForwardedProto, meta } = v;
 	const { dnsChallenge } = meta || {};
 
 	if (forceDNSForNew && newCertificate && !dnsChallenge) {
@@ -115,6 +116,34 @@ export function SSLOptionsFields({ forHttp = true, forceDNSForNew, requireDomain
 		</div>
 	);
 
+	const getHttpAdvancedOptions = () =>(
+		<div>
+			<details>
+				<summary className="mb-1"><T id="domains.advanced" /></summary>
+				<div className="row">
+					<div className="col-12">
+						<Field name="trustForwardedProto">
+							{({ field }: any) => (
+								<label className="form-check form-switch mt-1">
+									<input
+										className={trustForwardedProto ? toggleEnabled : toggleClasses}
+										type="checkbox"
+										checked={!!trustForwardedProto}
+										onChange={(e) => handleToggleChange(e, field.name)}
+										disabled={!hasCertificate || !sslForced}
+									/>
+									<span className="form-check-label">
+										<T id="domains.trust-forwarded-proto" />
+									</span>
+								</label>
+							)}
+						</Field>
+					</div>
+				</div>
+			</details>
+		</div>
+	);
+
 	return (
 		<div>
 			{forHttp ? getHttpOptions() : null}
@@ -140,6 +169,7 @@ export function SSLOptionsFields({ forHttp = true, forceDNSForNew, requireDomain
 					{dnsChallenge ? <DNSProviderFields showBoundaryBox /> : null}
 				</>
 			) : null}
+			{forProxyHost && forHttp ? getHttpAdvancedOptions() : null}
 		</div>
 	);
 }

frontend/src/hooks/useProxyHost.ts

@@ -24,6 +24,7 @@ const fetchProxyHost = (id: number | "new") => {
 			enabled: true,
 			hstsEnabled: false,
 			hstsSubdomains: false,
+			trustForwardedProto: false,
 		} as ProxyHost);
 	}
 	return getProxyHost(id, ["owner"]);

frontend/src/locale/IntlProvider.tsx

@@ -4,6 +4,7 @@ import langDe from "./lang/de.json";
 import langPt from "./lang/pt.json";
 import langEn from "./lang/en.json";
 import langEs from "./lang/es.json";
+import langEt from "./lang/et.json";
 import langFr from "./lang/fr.json";
 import langGa from "./lang/ga.json";
 import langId from "./lang/id.json";
@@ -14,10 +15,12 @@ import langNl from "./lang/nl.json";
 import langPl from "./lang/pl.json";
 import langRu from "./lang/ru.json";
 import langSk from "./lang/sk.json";
+import langCs from "./lang/cs.json";
 import langVi from "./lang/vi.json";
 import langZh from "./lang/zh.json";
 import langTr from "./lang/tr.json";
 import langHu from "./lang/hu.json";
+import langNo from "./lang/no.json";
 import langList from "./lang/lang-list.json";
 
 // first item of each array should be the language code,
@@ -27,6 +30,7 @@ const localeOptions = [
   ["en", "en-US", langEn],
   ["de", "de-DE", langDe],
   ["es", "es-ES", langEs],
+  ["et", "et-EE", langEt],
   ["pt", "pt-PT", langPt],
   ["fr", "fr-FR", langFr],
   ["ga", "ga-IE", langGa],
@@ -36,6 +40,7 @@ const localeOptions = [
   ["pl", "pl-PL", langPl],
   ["ru", "ru-RU", langRu],
   ["sk", "sk-SK", langSk],
+  ["cs", "cs-CZ", langCs],
   ["vi", "vi-VN", langVi],
   ["zh", "zh-CN", langZh],
   ["ko", "ko-KR", langKo],
@@ -43,6 +48,7 @@ const localeOptions = [
   ["id", "id-ID", langId],
   ["tr", "tr-TR", langTr],
   ["hu", "hu-HU", langHu],
+  ["no", "no-NO", langNo],
 ];
 
 const loadMessages = (locale?: string): typeof langList & typeof langEn => {
@@ -65,6 +71,7 @@ const getFlagCodeForLocale = (locale?: string) => {
     zh: "cn", // China
     vi: "vn", // Vietnam
     ko: "kr", // Korea
+    cs: "cz", // Czechia
   };
 
   if (specialCases[thisLocale]) {

frontend/src/locale/src/HelpDoc/cs/AccessLists.md

@@ -0,0 +1,7 @@
+## Co je seznam přístupů?
+
+Seznamy přístupů poskytují blacklist nebo whitelist konkrétních IP adres klientů spolu s ověřením pro proxy hostitele prostřednictvím základního ověřování HTTP.
+
+Můžete nakonfigurovat více pravidel pro klienty, uživatelská jména a hesla pro jeden seznam přístupu a poté ho použít na jednoho nebo více proxy hostitelů.
+
+Toto je nejužitečnější pro přesměrované webové služby, které nemají vestavěné ověřovací mechanismy, nebo pokud se chcete chránit před neznámými klienty.

frontend/src/locale/src/HelpDoc/cs/Certificates.md

@@ -0,0 +1,32 @@
+## Pomoc s certifikáty
+
+### Certifikát HTTP
+
+Certifikát ověřený prostřednictvím protokolu HTTP znamená, že servery Let's Encrypt se
+pokusí připojit k vašim doménám přes protokol HTTP (nikoli HTTPS!) a v případě úspěchu
+vydají váš certifikát.
+
+Pro tuto metodu budete muset mít pro své domény vytvořeného _Proxy Host_, který
+je přístupný přes HTTP a směruje na tuto instalaci Nginx. Po vydání certifikátu
+můžete změnit _Proxy Host_ tak, aby tento certifikát používal i pro HTTPS
+připojení. _Proxy Host_ však bude stále potřeba nakonfigurovat pro přístup přes HTTP,
+aby se certifikát mohl obnovit.
+
+Tento proces _nepodporuje_ domény se zástupnými znaky.
+
+### Certifikát DNS
+
+Certifikát ověřený DNS vyžaduje použití pluginu DNS Provider. Tento DNS
+Provider se použije na vytvoření dočasných záznamů ve vaší doméně a poté Let's
+Encrypt ověří tyto záznamy, aby se ujistil, že jste vlastníkem, a pokud bude úspěšný,
+vydá váš certifikát.
+
+Před požádáním o tento typ certifikátu není potřeba vytvořit _Proxy Host_.
+Není také potřeba mít _Proxy Host_ nakonfigurovaný pro přístup HTTP.
+
+Tento proces _podporuje_ domény se zástupnými znaky.
+
+### Vlastní certifikát
+
+Tuto možnost použijte na nahrání vlastního SSL certifikátu, který vám poskytla vaše
+certifikační autorita.

frontend/src/locale/src/HelpDoc/cs/DeadHosts.md

@@ -0,0 +1,10 @@
+## Co je to 404 Host?
+
+404 Host je jednoduše nastavení hostitele, které zobrazuje stránku 404.
+
+To může být užitečné, pokud je vaše doména uvedena ve vyhledávačích a chcete
+poskytnout hezčí chybovou stránku nebo konkrétně oznámit vyhledávačům, že
+stránky domény již neexistují.
+
+Další výhodou tohoto hostitele je sledování protokolů o návštěvách a
+zobrazení odkazů.

frontend/src/locale/src/HelpDoc/cs/ProxyHosts.md

@@ -0,0 +1,7 @@
+## Co je proxy hostitel?
+
+Proxy hostitel je příchozí koncový bod pro webovou službu, kterou chcete přesměrovat.
+
+Poskytuje volitelné ukončení SSL pro vaši službu, která nemusí mít zabudovanou podporu SSL.
+
+Proxy hostitelé jsou nejběžnějším použitím pro Nginx Proxy Manager.

frontend/src/locale/src/HelpDoc/cs/RedirectionHosts.md

@@ -0,0 +1,7 @@
+## Co je přesměrovací hostitel?
+
+Přesměrovací hostitel přesměruje požadavky z příchozí domény a přesměruje
+návštěvníka na jinou doménu.
+
+Nejčastějším důvodem pro použití tohoto typu hostitele je situace, kdy vaše webová stránka změní
+doménu, ale stále máte odkazy ve vyhledávačích nebo referenční odkazy směřující na starou doménu.

frontend/src/locale/src/HelpDoc/cs/Streams.md

@@ -0,0 +1,6 @@
+## Co je stream?
+
+Stream je relativně nová funkce pro Nginx, která slouží na přesměrování TCP/UDP
+datového toku přímo do jiného počítače v síti.
+
+Pokud provozujete herní servery, FTP nebo SSH servery, tato funkce se vám může hodit.

frontend/src/locale/src/HelpDoc/cs/index.ts

@@ -0,0 +1,6 @@
+export * as AccessLists from "./AccessLists.md";
+export * as Certificates from "./Certificates.md";
+export * as DeadHosts from "./DeadHosts.md";
+export * as ProxyHosts from "./ProxyHosts.md";
+export * as RedirectionHosts from "./RedirectionHosts.md";
+export * as Streams from "./Streams.md";

frontend/src/locale/src/HelpDoc/et/AccessLists.md

@@ -0,0 +1,7 @@
+## Mis on juurdepääsuloend?
+
+Ligipääsuloendid pakuvad konkreetsete klientide IP-aadresside musta või valget nimekirja koos puhverserverite autentimisega põhilise HTTP-autentimise kaudu.
+
+Saate ühe juurdepääsuloendi jaoks konfigureerida mitu kliendireeglit, kasutajanime ja parooli ning seejärel rakendada neid ühele või mitmele _puhverserverile_.
+
+See on kõige kasulikum edastatud veebiteenuste puhul, millel pole sisseehitatud autentimismehhanisme või kui soovite kaitsta tundmatute klientide eest.

frontend/src/locale/src/HelpDoc/et/Certificates.md

@@ -0,0 +1,26 @@
+## Sertifikaatide abi
+
+### HTTP-sertifikaat
+
+HTTP-valideeritud sertifikaat tähendab, et Let's Encrypti serverid
+
+proovivad teie domeenidega ühendust luua HTTP (mitte HTTPS!) kaudu ja kui see õnnestub,
+väljastavad nad teile sertifikaadi.
+
+Selle meetodi jaoks peate oma domeeni(de) jaoks looma _Proxy Host_, millele pääseb ligi HTTP kaudu ja mis osutab sellele Nginxi installile. Pärast sertifikaadi väljastamist saate muuta _Proxy Host_'i, et seda sertifikaati ka HTTPS
+ühenduste jaoks kasutada. Sertifikaadi uuendamiseks tuleb aga _Proxy Host_ ikkagi HTTP-juurdepääsu jaoks konfigureerida.
+
+See protsess _ei_ toeta metamärke kasutavaid domeene.
+
+### DNS-sertifikaat
+
+DNS-i poolt valideeritud sertifikaadi saamiseks peate kasutama DNS-pakkuja pistikprogrammi. Seda DNS-teenuse pakkujat kasutatakse teie domeenis ajutiste kirjete loomiseks ja seejärel pärib Let's
+Encrypt nende kirjete kohta päringu, et veenduda, et olete omanik, ja kui see õnnestub, väljastavad nad teile sertifikaadi.
+
+Selle tüüpi sertifikaadi taotlemiseks ei ole vaja luua _Proxy Host_'i. Samuti ei pea teie _Proxy Host_ olema HTTP-juurdepääsu jaoks konfigureeritud.
+
+See protsess _toetab_ metamärke kasutavaid domeene.
+
+### Kohandatud sertifikaat
+
+Kasutage seda valikut oma SSL-sertifikaadi üleslaadimiseks, mille on esitanud teie enda sertifitseerimisasutus.

frontend/src/locale/src/HelpDoc/et/DeadHosts.md

@@ -0,0 +1,9 @@
+## Mis on 404 host?
+
+404 host on lihtsalt hosti seadistus, mis kuvab 404 lehte.
+
+See võib olla kasulik, kui teie domeen on otsingumootorites loetletud ja soovite
+esitada kenama vealehe või konkreetselt otsingu indekseerijatele öelda, et
+domeenilehed enam ei eksisteeri.
+
+Selle hosti teine eelis on selle külastatavuste logide jälgimine ja suunajate vaatamine.

frontend/src/locale/src/HelpDoc/et/ProxyHosts.md

@@ -0,0 +1,7 @@
+## Mis on puhverserver?
+
+Puhverserver on veebiteenuse sissetuleva andmevoo lõpp-punkt, mida soovite edastada.
+
+See pakub valikulist SSL-i lõpetamist teie teenusele, millel ei pruugi olla sisseehitatud SSL-tuge.
+
+Puhverserverid on Nginxi puhverserveri halduri kõige levinum kasutusala.

frontend/src/locale/src/HelpDoc/et/RedirectionHosts.md

@@ -0,0 +1,5 @@
+## Mis on ümbersuunamishost?
+
+Ümbersuunamishost suunab sissetuleva domeeni päringud ümber ja suunab vaataja teisele domeenile.
+
+Kõige levinum põhjus seda tüüpi hosti kasutamiseks on see, kui teie veebisaidi domeenid muutuvad, kuid otsingumootori või suunaja lingid osutavad endiselt vanale domeenile.

frontend/src/locale/src/HelpDoc/et/Streams.md

@@ -0,0 +1,5 @@
+## Mis on voog?
+
+Nginxi suhteliselt uus funktsioon, voog, edastab TCP/UDP liiklust otse võrgus olevale teisele arvutile.
+
+Kui sul on mänguserverid, FTP- või SSH-serverid, võib see kasuks tulla.

frontend/src/locale/src/HelpDoc/et/index.ts

@@ -0,0 +1,6 @@
+export * as AccessLists from "./AccessLists.md";
+export * as Certificates from "./Certificates.md";
+export * as DeadHosts from "./DeadHosts.md";
+export * as ProxyHosts from "./ProxyHosts.md";
+export * as RedirectionHosts from "./RedirectionHosts.md";
+export * as Streams from "./Streams.md";

frontend/src/locale/src/HelpDoc/index.ts

@@ -3,6 +3,7 @@ import * as de from "./de/index";
 import * as pt from "./pt/index";
 import * as en from "./en/index";
 import * as es from "./es/index";
+import * as et from "./et/index";
 import * as fr from "./fr/index";
 import * as ga from "./ga/index";
 import * as id from "./id/index";
@@ -13,12 +14,13 @@ import * as nl from "./nl/index";
 import * as pl from "./pl/index";
 import * as ru from "./ru/index";
 import * as sk from "./sk/index";
+import * as cs from "./cs/index";
 import * as vi from "./vi/index";
 import * as zh from "./zh/index";
 import * as tr from "./tr/index";
 import * as hu from "./hu/index";
 
-const items: any = { en, de, pt, es, ja, sk, zh, pl, ru, it, vi, nl, bg, ko, ga, id, fr, tr, hu };
+const items: any = { en, de, pt, es, et, ja, sk, cs, zh, pl, ru, it, vi, nl, bg, ko, ga, id, fr, tr, hu };
 
 
 const fallbackLang = "en";

frontend/src/locale/src/HelpDoc/no/AccessLists.md

@@ -0,0 +1,7 @@
+## Hva er en tilgangsliste?
+
+Tilgangslister gir en svarteliste eller hviteliste over spesifikke klient‑IP‑adresser, sammen med autentisering for `Proxy‑hosts` via Basic HTTP‑autentisering.
+
+Du kan konfigurere flere klientregler, brukernavn og passord for én tilgangsliste og deretter bruke denne på én eller flere `Proxy‑hosts`.
+
+Dette er spesielt nyttig for videresendte webtjenester som ikke har innebygd autentisering, eller når du ønsker å beskytte mot ukjente klienter.

frontend/src/locale/src/HelpDoc/no/Certificates.md

@@ -0,0 +1,29 @@
+## Hjelp om sertifikater
+
+### HTTP‑sertifikat
+
+Et HTTP‑validert sertifikat betyr at Let's Encrypt‑serverne vil forsøke å nå
+domenene dine over HTTP (ikke HTTPS!) og hvis det lykkes, vil de utstede sertifikatet.
+
+For denne metoden må du ha en `Proxy‑host` opprettet for domenet/domenene dine som
+er tilgjengelig over HTTP og peker til denne Nginx‑installasjonen. Etter at et sertifikat
+er utstedt, kan du endre `Proxy‑host` til også å bruke dette sertifikatet for HTTPS‑tilkoblinger.
+Proxy‑hosten må imidlertid fortsatt være konfigurert for HTTP‑tilgang for at sertifikatet skal kunne fornyes.
+
+Denne prosessen _støtter ikke_ wildcard‑domener.
+
+### DNS‑sertifikat
+
+Et DNS‑validert sertifikat krever at du bruker en DNS‑leverandør‑plugin. Denne leverandøren
+vil opprette midlertidige DNS‑poster på domenet ditt, og Let's Encrypt vil deretter spørre
+disse postene for å bekrefte at du eier domenet. Hvis valideringen lykkes, utstedes sertifikatet.
+
+Du trenger ikke å ha en `Proxy‑host` opprettet før du ber om denne typen sertifikat. Du trenger heller
+ikke at `Proxy‑host` er konfigurert for HTTP‑tilgang.
+
+Denne prosessen _støtter_ wildcard‑domener.
+
+### Egendefinert sertifikat
+
+Bruk dette alternativet for å laste opp ditt eget SSL‑sertifikat, levert av din
+egen sertifikatmyndighet (CA).

frontend/src/locale/src/HelpDoc/no/DeadHosts.md

@@ -0,0 +1,10 @@
+## Hva er en 404‑host?
+
+En 404‑host er enkelt og greit en host‑oppsett som viser en 404‑side.
+
+Dette kan være nyttig når domenet ditt er oppført i søkemotorer og du ønsker å
+vise en penere feilmelding, eller for å fortelle søkeindekser at sidene på domenet
+ikke lenger eksisterer.
+
+En annen fordel med å ha denne hosten er å kunne spore treff i loggene og
+se hvilke henvisere som kommer til den.

frontend/src/locale/src/HelpDoc/no/ProxyHosts.md

@@ -0,0 +1,7 @@
+## Hva er en Proxy‑host?
+
+En Proxy‑host er inngangspunktet (innkommende endepunkt) for en webtjeneste du ønsker å videresende.
+
+Den tilbyr valgfri SSL‑terminering for tjenesten din hvis tjenesten ikke har innebygd støtte for SSL.
+
+Proxy‑hosts er den vanligste bruken av Nginx Proxy Manager.

frontend/src/locale/src/HelpDoc/no/RedirectionHosts.md

@@ -0,0 +1,7 @@
+## Hva er en omdirigerings‑host?
+
+En omdirigerings‑host omdirigerer forespørsler fra det innkommende domenet og videresender
+brukeren til et annet domene.
+
+Den vanligste årsaken til å bruke denne typen host er når nettstedet ditt har byttet
+domene, men søkemotorer eller henvisningslenker fortsatt peker til det gamle domenet.

frontend/src/locale/src/HelpDoc/no/Streams.md

@@ -0,0 +1,6 @@
+## Hva er en Stream?
+
+En relativt ny funksjon i Nginx. En Stream brukes til å videresende TCP/UDP‑trafikk
+direkte til en annen maskin i nettverket.
+
+Dette er nyttig hvis du kjører spillservere, FTP‑ eller SSH‑servere.

frontend/src/locale/src/HelpDoc/no/index.ts

@@ -0,0 +1,6 @@
+export * as AccessLists from "./AccessLists.md";
+export * as Certificates from "./Certificates.md";
+export * as DeadHosts from "./DeadHosts.md";
+export * as ProxyHosts from "./ProxyHosts.md";
+export * as RedirectionHosts from "./RedirectionHosts.md";
+export * as Streams from "./Streams.md";

frontend/src/locale/src/cs.json

@@ -0,0 +1,770 @@
+{
+	"2fa.backup-codes-remaining": {
+		"defaultMessage": "Počet zbývajících záložních kódů: {count}"
+	},
+	"2fa.backup-warning": {
+		"defaultMessage": "Tyto záložní kódy si uložte na bezpečném místě. Každý kód lze použít pouze jednou."
+	},
+	"2fa.disable": {
+		"defaultMessage": "Vypnout dvoufaktorové ověřování"
+	},
+	"2fa.disable-confirm": {
+		"defaultMessage": "Vypnout 2FA"
+	},
+	"2fa.disable-warning": {
+		"defaultMessage": "Vypnutím dvoufaktorového ověřování snížíte bezpečnost svého účtu."
+	},
+	"2fa.disabled": {
+		"defaultMessage": "Vypnuto"
+	},
+	"2fa.done": {
+		"defaultMessage": "Uložil jsem si své záložní kódy."
+	},
+	"2fa.enable": {
+		"defaultMessage": "Zapnout dvoufaktorové ověřování"
+	},
+	"2fa.enabled": {
+		"defaultMessage": "Zapnuto"
+	},
+	"2fa.enter-code": {
+		"defaultMessage": "Zadejte ověřovací kód"
+	},
+	"2fa.enter-code-disable": {
+		"defaultMessage": "Zadejte ověřovací kód pro vypnutí"
+	},
+	"2fa.regenerate": {
+		"defaultMessage": "Znovu vytvořit"
+	},
+	"2fa.regenerate-backup": {
+		"defaultMessage": "Znovu vytvořit záložní kódy"
+	},
+	"2fa.regenerate-instructions": {
+		"defaultMessage": "Zadejte ověřovací kód pro vytvoření nových záložních kódů. Vaše staré kódy budou neplatné."
+	},
+	"2fa.secret-key": {
+		"defaultMessage": "Tajný klíč"
+	},
+	"2fa.setup-instructions": {
+		"defaultMessage": "Naskenujte tento QR kód pomocí své ověřovací aplikace nebo zadejte tajný klíč ručně."
+	},
+	"2fa.status": {
+		"defaultMessage": "Stav"
+	},
+	"2fa.title": {
+		"defaultMessage": "Dvoufaktorové ověření"
+	},
+	"2fa.verify-enable": {
+		"defaultMessage": "Ověřit a zapnout"
+	},
+	"access-list": {
+		"defaultMessage": "seznam přístupů"
+	},
+	"access-list.access-count": {
+		"defaultMessage": "{count} {count, plural, one {pravidlo} few {pravidla} other {pravidel}}"
+	},
+	"access-list.auth-count": {
+		"defaultMessage": "{count} {count, plural, one {uživatel} few {uživatelé} other {uživatelů}}"
+	},
+	"access-list.help-rules-last": {
+		"defaultMessage": "Když existuje alespoň jedno pravidlo, toto pravidlo „zamítnout vše“ bude přidáno jako poslední"
+	},
+	"access-list.help.rules-order": {
+		"defaultMessage": "Upozornění: pravidla povolit a zamítnout budou uplatňována v pořadí, v jakém jsou definována."
+	},
+	"access-list.pass-auth": {
+		"defaultMessage": "Odeslat ověření na Upstream"
+	},
+	"access-list.public": {
+		"defaultMessage": "Veřejně přístupné"
+	},
+	"access-list.public.subtitle": {
+		"defaultMessage": "Není potřeba základní ověření"
+	},
+	"access-list.rule-source.placeholder": {
+		"defaultMessage": "192.168.1.100 nebo 192.168.1.0/24 nebo 2001:0db8::/32"
+	},
+	"access-list.satisfy-any": {
+		"defaultMessage": "Splnit kterékoliv"
+	},
+	"access-list.subtitle": {
+		"defaultMessage": "{users} {users, plural, one {uživatel} few {uživatelé} other {uživatelů}}, {rules} {rules, plural, one {pravidlo} few {pravidla} other {pravidel}} - Vytvořeno: {date}"
+	},
+	"access-lists": {
+		"defaultMessage": "Seznamy přístupů"
+	},
+	"action.add": {
+		"defaultMessage": "Přidat"
+	},
+	"action.add-location": {
+		"defaultMessage": "Přidat umístění"
+	},
+	"action.allow": {
+		"defaultMessage": "Povolit"
+	},
+	"action.close": {
+		"defaultMessage": "Zavřít"
+	},
+	"action.delete": {
+		"defaultMessage": "Smazat"
+	},
+	"action.deny": {
+		"defaultMessage": "Zamítnout"
+	},
+	"action.disable": {
+		"defaultMessage": "Deaktivovat"
+	},
+	"action.download": {
+		"defaultMessage": "Stáhnout"
+	},
+	"action.edit": {
+		"defaultMessage": "Upravit"
+	},
+	"action.enable": {
+		"defaultMessage": "Aktivovat"
+	},
+	"action.permissions": {
+		"defaultMessage": "Oprávnění"
+	},
+	"action.renew": {
+		"defaultMessage": "Obnovit"
+	},
+	"action.view-details": {
+		"defaultMessage": "Zobrazit podrobnosti"
+	},
+	"auditlogs": {
+		"defaultMessage": "Záznamy auditu"
+	},
+	"auto": {
+		"defaultMessage": "Automaticky"
+	},
+	"cancel": {
+		"defaultMessage": "Zrušit"
+	},
+	"certificate": {
+		"defaultMessage": "certifikát"
+	},
+	"certificate.custom-certificate": {
+		"defaultMessage": "Certifikát"
+	},
+	"certificate.custom-certificate-key": {
+		"defaultMessage": "Klíč certifikátu"
+	},
+	"certificate.custom-intermediate": {
+		"defaultMessage": "Zprostředkovatelský certifikát"
+	},
+	"certificate.in-use": {
+		"defaultMessage": "Používá se"
+	},
+	"certificate.none.subtitle": {
+		"defaultMessage": "Není přiřazen žádný certifikát"
+	},
+	"certificate.none.subtitle.for-http": {
+		"defaultMessage": "Tento hostitel nebude používat HTTPS"
+	},
+	"certificate.none.title": {
+		"defaultMessage": "Žádný"
+	},
+	"certificate.not-in-use": {
+		"defaultMessage": "Nepoužívá se"
+	},
+	"certificate.renew": {
+		"defaultMessage": "Obnovit certifikát"
+	},
+	"certificates": {
+		"defaultMessage": "Certifikáty"
+	},
+	"certificates.custom": {
+		"defaultMessage": "Vlastní certifikát"
+	},
+	"certificates.custom.warning": {
+		"defaultMessage": "Soubory klíčů chráněné heslem nejsou podporovány."
+	},
+	"certificates.dns.credentials": {
+		"defaultMessage": "Obsah souboru s přihlašovacími údaji"
+	},
+	"certificates.dns.credentials-note": {
+		"defaultMessage": "Tento doplněk vyžaduje konfigurační soubor obsahující API token nebo jiné přihlašovací údaje vašeho poskytovatele"
+	},
+	"certificates.dns.credentials-warning": {
+		"defaultMessage": "Tyto údaje budou uloženy v databázi a v souboru jako obyčejný text!"
+	},
+	"certificates.dns.propagation-seconds": {
+		"defaultMessage": "Propagace v sekundách"
+	},
+	"certificates.dns.propagation-seconds-note": {
+		"defaultMessage": "Nechte prázdné pro výchozí hodnotu doplňku. Počet sekund, po které se čeká na propagaci DNS."
+	},
+	"certificates.dns.provider": {
+		"defaultMessage": "DNS poskytovatel"
+	},
+	"certificates.dns.provider.placeholder": {
+		"defaultMessage": "Vyberte poskytovatele..."
+	},
+	"certificates.dns.warning": {
+		"defaultMessage": "Tato sekce vyžaduje znalost Certbotu a jeho DNS doplňků. Prosím, podívejte se do dokumentace příslušného doplňku."
+	},
+	"certificates.http.reachability-404": {
+		"defaultMessage": "Na této doméně byl nalezen server, ale nezdá se, že jde o Nginx Proxy Manager. Ujistěte se, že vaše doména směřuje na IP, kde běží vaše instance NPM."
+	},
+	"certificates.http.reachability-failed-to-check": {
+		"defaultMessage": "Nepodařilo se ověřit dostupnost kvůli chybě komunikace se službou site24x7.com."
+	},
+	"certificates.http.reachability-not-resolved": {
+		"defaultMessage": "Na této doméně není dostupný žádný server. Ujistěte se, že doména existuje a směřuje na IP adresu s NPM a pokud je to potřeba, port 80 je přesměrován ve vašem routeru."
+	},
+	"certificates.http.reachability-ok": {
+		"defaultMessage": "Váš server je dostupný a vytvoření certifikátu by mělo být možné."
+	},
+	"certificates.http.reachability-other": {
+		"defaultMessage": "Na této doméně byl nalezen server, ale vrátil neočekávaný stavový kód {code}. Je to NPM server? Ujistěte se prosím, že doména směřuje na IP, kde běží vaše instance NPM."
+	},
+	"certificates.http.reachability-wrong-data": {
+		"defaultMessage": "Na této doméně byl nalezen server, ale vrátil neočekávaná data. Je to NPM server? Ujistěte se, že doména směřuje na IP, kde běží vaše instance NPM."
+	},
+	"certificates.http.test-results": {
+		"defaultMessage": "Výsledky testu"
+	},
+	"certificates.http.warning": {
+		"defaultMessage": "Tyto domény musí být již nakonfigurovány tak, aby směřovaly na tuto instalaci."
+	},
+	"certificates.key-type": {
+		"defaultMessage": "Typ klíče"
+	},
+	"certificates.key-type-description": {
+		"defaultMessage": "RSA je široce kompatibilní, ECDSA je rychlejší a bezpečnější, ale nemusí být podporován staršími systémy"
+	},
+	"certificates.key-type-ecdsa": {
+		"defaultMessage": "ECDSA 256"
+	},
+	"certificates.key-type-rsa": {
+		"defaultMessage": "RSA 2048"
+	},
+	"certificates.request.subtitle": {
+		"defaultMessage": "pomocí Let's Encrypt"
+	},
+	"certificates.request.title": {
+		"defaultMessage": "Vyžádat nový certifikát"
+	},
+	"column.access": {
+		"defaultMessage": "Přístup"
+	},
+	"column.authorization": {
+		"defaultMessage": "Autorizace"
+	},
+	"column.authorizations": {
+		"defaultMessage": "Autorizace"
+	},
+	"column.custom-locations": {
+		"defaultMessage": "Vlastní umístění"
+	},
+	"column.destination": {
+		"defaultMessage": "Cíl"
+	},
+	"column.details": {
+		"defaultMessage": "Podrobnosti"
+	},
+	"column.email": {
+		"defaultMessage": "Email"
+	},
+	"column.event": {
+		"defaultMessage": "Událost"
+	},
+	"column.expires": {
+		"defaultMessage": "Platnost do"
+	},
+	"column.http-code": {
+		"defaultMessage": "Přístup"
+	},
+	"column.incoming-port": {
+		"defaultMessage": "Vstupní port"
+	},
+	"column.name": {
+		"defaultMessage": "Název"
+	},
+	"column.protocol": {
+		"defaultMessage": "Protokol"
+	},
+	"column.provider": {
+		"defaultMessage": "Poskytovatel"
+	},
+	"column.roles": {
+		"defaultMessage": "Role"
+	},
+	"column.rules": {
+		"defaultMessage": "Pravidla"
+	},
+	"column.satisfy": {
+		"defaultMessage": "Splnit"
+	},
+	"column.satisfy-all": {
+		"defaultMessage": "Všechny"
+	},
+	"column.satisfy-any": {
+		"defaultMessage": "Kterékoliv"
+	},
+	"column.scheme": {
+		"defaultMessage": "Schéma"
+	},
+	"column.source": {
+		"defaultMessage": "Zdroj"
+	},
+	"column.ssl": {
+		"defaultMessage": "SSL"
+	},
+	"column.status": {
+		"defaultMessage": "Stav"
+	},
+	"created-on": {
+		"defaultMessage": "Vytvořeno: {date}"
+	},
+	"dashboard": {
+		"defaultMessage": "Panel"
+	},
+	"dead-host": {
+		"defaultMessage": "404 hostitel"
+	},
+	"dead-hosts": {
+		"defaultMessage": "404 Hostitelé"
+	},
+	"dead-hosts.count": {
+		"defaultMessage": "{count} {count, plural, one {404 hostitel} few {404 hostitelé} other {404 hostitelů}}"
+	},
+	"disabled": {
+		"defaultMessage": "Deaktivováno"
+	},
+	"domain-names": {
+		"defaultMessage": "Doménová jména"
+	},
+	"domain-names.max": {
+		"defaultMessage": "Maximálně {count} doménových jmen"
+	},
+	"domain-names.placeholder": {
+		"defaultMessage": "Začněte psát pro přidání domény..."
+	},
+	"domain-names.wildcards-not-permitted": {
+		"defaultMessage": "Wildcards nejsou pro tento typ povoleny"
+	},
+	"domain-names.wildcards-not-supported": {
+		"defaultMessage": "Wildcards nejsou podporovány pro tuto certifikační autoritu"
+	},
+	"domains.force-ssl": {
+		"defaultMessage": "Vynutit SSL"
+	},
+	"domains.hsts-enabled": {
+		"defaultMessage": "HSTS povoleno"
+	},
+	"domains.hsts-subdomains": {
+		"defaultMessage": "HSTS pro subdomény"
+	},
+	"domains.http2-support": {
+		"defaultMessage": "Podpora HTTP/2"
+	},
+	"domains.use-dns": {
+		"defaultMessage": "Použít DNS výzvu"
+	},
+	"email-address": {
+		"defaultMessage": "Emailová adresa"
+	},
+	"empty-search": {
+		"defaultMessage": "Nebyly nalezeny žádné výsledky"
+	},
+	"empty-subtitle": {
+		"defaultMessage": "Proč nevytvoříte nějaký?"
+	},
+	"enabled": {
+		"defaultMessage": "Aktivováno"
+	},
+	"error.access.at-least-one": {
+		"defaultMessage": "Je vyžadována alespoň jedna autorizace nebo jedno přístupové pravidlo"
+	},
+	"error.access.duplicate-usernames": {
+		"defaultMessage": "Uživatelská jména pro autorizaci musí být jedinečná"
+	},
+	"error.invalid-auth": {
+		"defaultMessage": "Neplatný email nebo heslo"
+	},
+	"error.invalid-domain": {
+		"defaultMessage": "Neplatná doména: {domain}"
+	},
+	"error.invalid-email": {
+		"defaultMessage": "Neplatná emailová adresa"
+	},
+	"error.max-character-length": {
+		"defaultMessage": "Maximální délka je {max} znak{max, plural, one {} few {y} other {ů}}"
+	},
+	"error.max-domains": {
+		"defaultMessage": "Příliš mnoho domén, maximum je {max}"
+	},
+	"error.maximum": {
+		"defaultMessage": "Maximum je {max}"
+	},
+	"error.min-character-length": {
+		"defaultMessage": "Minimální délka je {min} znak{min, plural, one {} few {y} other {ů}}"
+	},
+	"error.minimum": {
+		"defaultMessage": "Minimum je {min}"
+	},
+	"error.passwords-must-match": {
+		"defaultMessage": "Hesla se musí shodovat"
+	},
+	"error.required": {
+		"defaultMessage": "Toto pole je povinné"
+	},
+	"expires.on": {
+		"defaultMessage": "Platnost do: {date}"
+	},
+	"footer.github-fork": {
+		"defaultMessage": "Forkněte mě na GitHubu"
+	},
+	"host.flags.block-exploits": {
+		"defaultMessage": "Blokovat běžné exploity"
+	},
+	"host.flags.cache-assets": {
+		"defaultMessage": "Uložit zdroje do mezipaměti"
+	},
+	"host.flags.preserve-path": {
+		"defaultMessage": "Zachovat cestu"
+	},
+	"host.flags.protocols": {
+		"defaultMessage": "Protokoly"
+	},
+	"host.flags.websockets-upgrade": {
+		"defaultMessage": "Podpora WebSockets"
+	},
+	"host.forward-port": {
+		"defaultMessage": "Port přesměrování"
+	},
+	"host.forward-scheme": {
+		"defaultMessage": "Schéma"
+	},
+	"hosts": {
+		"defaultMessage": "Hostitelé"
+	},
+	"http-only": {
+		"defaultMessage": "Pouze HTTP"
+	},
+	"lets-encrypt": {
+		"defaultMessage": "Let's Encrypt"
+	},
+	"lets-encrypt-via-dns": {
+		"defaultMessage": "Let's Encrypt přes DNS"
+	},
+	"lets-encrypt-via-http": {
+		"defaultMessage": "Let's Encrypt přes HTTP"
+	},
+	"loading": {
+		"defaultMessage": "Načítá se…"
+	},
+	"login.2fa-code": {
+		"defaultMessage": "Ověřovací kód"
+	},
+	"login.2fa-code-placeholder": {
+		"defaultMessage": "Vložit kód"
+	},
+	"login.2fa-description": {
+		"defaultMessage": "Vložte kód z vaší ověřovací aplikace"
+	},
+	"login.2fa-title": {
+		"defaultMessage": "Dvoufaktorové ověření"
+	},
+	"login.2fa-verify": {
+		"defaultMessage": "Ověřit"
+	},
+	"login.title": {
+		"defaultMessage": "Přihlaste se ke svému účtu"
+	},
+	"nginx-config.label": {
+		"defaultMessage": "Vlastní Nginx konfigurace"
+	},
+	"nginx-config.placeholder": {
+		"defaultMessage": "# Zadejte vlastní Nginx konfiguraci na vlastní riziko!"
+	},
+	"no-permission-error": {
+		"defaultMessage": "Nemáte oprávnění k zobrazení tohoto obsahu."
+	},
+	"notfound.action": {
+		"defaultMessage": "Zpět na hlavní stránku"
+	},
+	"notfound.content": {
+		"defaultMessage": "Omlouváme se, stránka, kterou hledáte, nebyla nalezena"
+	},
+	"notfound.title": {
+		"defaultMessage": "Ups… Našli jste chybovou stránku"
+	},
+	"notification.error": {
+		"defaultMessage": "Chyba"
+	},
+	"notification.object-deleted": {
+		"defaultMessage": "{object} byl odstraněn"
+	},
+	"notification.object-disabled": {
+		"defaultMessage": "{object} byl deaktivován"
+	},
+	"notification.object-enabled": {
+		"defaultMessage": "{object} byl aktivován"
+	},
+	"notification.object-renewed": {
+		"defaultMessage": "{object} byl obnoven"
+	},
+	"notification.object-saved": {
+		"defaultMessage": "{object} byl uložen"
+	},
+	"notification.success": {
+		"defaultMessage": "Úspěch"
+	},
+	"object.actions-title": {
+		"defaultMessage": "{object} #{id}"
+	},
+	"object.add": {
+		"defaultMessage": "Přidat {object}"
+	},
+	"object.delete": {
+		"defaultMessage": "Smazat {object}"
+	},
+	"object.delete.content": {
+		"defaultMessage": "Opravdu chcete smazat tento {object}?"
+	},
+	"object.edit": {
+		"defaultMessage": "Upravit {object}"
+	},
+	"object.empty": {
+		"defaultMessage": "Nejsou {objects}"
+	},
+	"object.event.created": {
+		"defaultMessage": "Vytvořen {object}"
+	},
+	"object.event.deleted": {
+		"defaultMessage": "Smazán {object}"
+	},
+	"object.event.disabled": {
+		"defaultMessage": "Deaktivován {object}"
+	},
+	"object.event.enabled": {
+		"defaultMessage": "Aktivován {object}"
+	},
+	"object.event.renewed": {
+		"defaultMessage": "Obnoven {object}"
+	},
+	"object.event.updated": {
+		"defaultMessage": "Aktualizován {object}"
+	},
+	"offline": {
+		"defaultMessage": "Offline"
+	},
+	"online": {
+		"defaultMessage": "Online"
+	},
+	"options": {
+		"defaultMessage": "Možnosti"
+	},
+	"password": {
+		"defaultMessage": "Heslo"
+	},
+	"password.generate": {
+		"defaultMessage": "Vygenerovat náhodné heslo"
+	},
+	"password.hide": {
+		"defaultMessage": "Skrýt heslo"
+	},
+	"password.show": {
+		"defaultMessage": "Zobrazit heslo"
+	},
+	"permissions.hidden": {
+		"defaultMessage": "Skryté"
+	},
+	"permissions.manage": {
+		"defaultMessage": "Spravovat"
+	},
+	"permissions.view": {
+		"defaultMessage": "Pouze pro zobrazení"
+	},
+	"permissions.visibility.all": {
+		"defaultMessage": "Všechny položky"
+	},
+	"permissions.visibility.title": {
+		"defaultMessage": "Viditelnost položky"
+	},
+	"permissions.visibility.user": {
+		"defaultMessage": "Pouze vytvořené položky"
+	},
+	"proxy-host": {
+		"defaultMessage": "proxy hostitele"
+	},
+	"proxy-host.forward-host": {
+		"defaultMessage": "Cílový název hostitele / IP"
+	},
+	"proxy-hosts": {
+		"defaultMessage": "Proxy hostitelé"
+	},
+	"proxy-hosts.count": {
+		"defaultMessage": "{count} {count, plural, one {proxy hostitel} few {proxy hostitelé} other {proxy hostitelů}}"
+	},
+	"public": {
+		"defaultMessage": "Veřejné"
+	},
+	"redirection-host": {
+		"defaultMessage": "přesměrovacího hostitele"
+	},
+	"redirection-host.forward-domain": {
+		"defaultMessage": "Cílová doména"
+	},
+	"redirection-host.forward-http-code": {
+		"defaultMessage": "HTTP kód"
+	},
+	"redirection-hosts": {
+		"defaultMessage": "Přesměrovací hostitelé"
+	},
+	"redirection-hosts.count": {
+		"defaultMessage": "{count} {count, plural, one {přesměrovací hostitel} few {přesměrovací hostitelé} other {přesměrovacích hostitelů}}"
+	},
+	"redirection-hosts.http-code.300": {
+		"defaultMessage": "300 Více možností"
+	},
+	"redirection-hosts.http-code.301": {
+		"defaultMessage": "301 Trvale přesunuto"
+	},
+	"redirection-hosts.http-code.302": {
+		"defaultMessage": "302 Dočasně přesunuto"
+	},
+	"redirection-hosts.http-code.303": {
+		"defaultMessage": "303 Podívat se na jiné"
+	},
+	"redirection-hosts.http-code.307": {
+		"defaultMessage": "307 Dočasné přesměrování"
+	},
+	"redirection-hosts.http-code.308": {
+		"defaultMessage": "308 Trvalé přesměrování"
+	},
+	"role.admin": {
+		"defaultMessage": "Administrátor"
+	},
+	"role.standard-user": {
+		"defaultMessage": "Běžný uživatel"
+	},
+	"save": {
+		"defaultMessage": "Uložit"
+	},
+	"setting": {
+		"defaultMessage": "Nastavení"
+	},
+	"settings": {
+		"defaultMessage": "Nastavení"
+	},
+	"settings.default-site": {
+		"defaultMessage": "Výchozí stránka"
+	},
+	"settings.default-site.404": {
+		"defaultMessage": "Stránka 404"
+	},
+	"settings.default-site.444": {
+		"defaultMessage": "Bez odpovědi (444)"
+	},
+	"settings.default-site.congratulations": {
+		"defaultMessage": "Gratulační stránka"
+	},
+	"settings.default-site.description": {
+		"defaultMessage": "Co zobrazit, když Nginx zachytí neznámého hostitele"
+	},
+	"settings.default-site.html": {
+		"defaultMessage": "Vlastní HTML"
+	},
+	"settings.default-site.html.placeholder": {
+		"defaultMessage": "<!-- Sem zadejte vlastní HTML obsah -->"
+	},
+	"settings.default-site.redirect": {
+		"defaultMessage": "Přesměrovat"
+	},
+	"setup.preamble": {
+		"defaultMessage": "Začněte vytvořením administrátorského účtu."
+	},
+	"setup.title": {
+		"defaultMessage": "Vítejte!"
+	},
+	"sign-in": {
+		"defaultMessage": "Přihlásit se"
+	},
+	"ssl-certificate": {
+		"defaultMessage": "SSL certifikát"
+	},
+	"stream": {
+		"defaultMessage": "stream"
+	},
+	"stream.forward-host": {
+		"defaultMessage": "Cílový hostitel"
+	},
+	"stream.forward-host.placeholder": {
+		"defaultMessage": "napriklad.cz nebo 10.0.0.1 nebo 2001:db8:3333:4444:5555:6666:7777:8888"
+	},
+	"stream.incoming-port": {
+		"defaultMessage": "Vstupní port"
+	},
+	"streams": {
+		"defaultMessage": "Streamy"
+	},
+	"streams.count": {
+		"defaultMessage": "{count} {count, plural, one {stream} few {streamy} other {streamů}}"
+	},
+	"streams.tcp": {
+		"defaultMessage": "TCP"
+	},
+	"streams.udp": {
+		"defaultMessage": "UDP"
+	},
+	"test": {
+		"defaultMessage": "Test"
+	},
+	"update-available": {
+		"defaultMessage": "Dostupná aktualizace: {latestVersion}"
+	},
+	"user": {
+		"defaultMessage": "uživatele"
+	},
+	"user.change-password": {
+		"defaultMessage": "Změnit heslo"
+	},
+	"user.confirm-password": {
+		"defaultMessage": "Potvrdit heslo"
+	},
+	"user.current-password": {
+		"defaultMessage": "Aktuální heslo"
+	},
+	"user.edit-profile": {
+		"defaultMessage": "Upravit profil"
+	},
+	"user.full-name": {
+		"defaultMessage": "Celé jméno"
+	},
+	"user.login-as": {
+		"defaultMessage": "Přihlásit se jako {name}"
+	},
+	"user.logout": {
+		"defaultMessage": "Odhlásit se"
+	},
+	"user.new-password": {
+		"defaultMessage": "Nové heslo"
+	},
+	"user.nickname": {
+		"defaultMessage": "Přezdívka"
+	},
+	"user.set-password": {
+		"defaultMessage": "Nastavit heslo"
+	},
+	"user.set-permissions": {
+		"defaultMessage": "Nastavit oprávnění pro {name}"
+	},
+	"user.switch-dark": {
+		"defaultMessage": "Přepnout na tmavý režim"
+	},
+	"user.switch-light": {
+		"defaultMessage": "Přepnout na světlý režim"
+	},
+	"user.two-factor": {
+		"defaultMessage": "Dvoufaktorové ověření"
+	},
+	"username": {
+		"defaultMessage": "Uživatelské jméno"
+	},
+	"users": {
+		"defaultMessage": "Uživatelé"
+	}
+}

frontend/src/locale/src/en.json

@@ -347,6 +347,9 @@
 	"domain-names.wildcards-not-supported": {
 		"defaultMessage": "Wildcards not supported for this CA"
 	},
+	"domains.advanced": {
+		"defaultMessage": "Advanced"
+	},
 	"domains.force-ssl": {
 		"defaultMessage": "Force SSL"
 	},
@@ -359,6 +362,9 @@
 	"domains.http2-support": {
 		"defaultMessage": "HTTP/2 Support"
 	},
+	"domains.trust-forwarded-proto": {
+		"defaultMessage": "Trust Upstream Forwarded Proto Headers"
+	},
 	"domains.use-dns": {
 		"defaultMessage": "Use DNS Challenge"
 	},

frontend/src/locale/src/et.json

@@ -0,0 +1,776 @@
+{
+	"2fa.backup-codes-remaining": {
+		"defaultMessage": "Backup codes remaining: {count}"
+	},
+	"2fa.backup-warning": {
+		"defaultMessage": "Save these backup codes in a secure place. Each code can only be used once."
+	},
+	"2fa.disable": {
+		"defaultMessage": "Disable Two-Factor Authentication"
+	},
+	"2fa.disable-confirm": {
+		"defaultMessage": "Disable 2FA"
+	},
+	"2fa.disable-warning": {
+		"defaultMessage": "Disabling two-factor authentication will make your account less secure."
+	},
+	"2fa.disabled": {
+		"defaultMessage": "Disabled"
+	},
+	"2fa.done": {
+		"defaultMessage": "I have saved my backup codes"
+	},
+	"2fa.enable": {
+		"defaultMessage": "Enable Two-Factor Authentication"
+	},
+	"2fa.enabled": {
+		"defaultMessage": "Enabled"
+	},
+	"2fa.enter-code": {
+		"defaultMessage": "Enter verification code"
+	},
+	"2fa.enter-code-disable": {
+		"defaultMessage": "Enter verification code to disable"
+	},
+	"2fa.regenerate": {
+		"defaultMessage": "Regenerate"
+	},
+	"2fa.regenerate-backup": {
+		"defaultMessage": "Regenerate Backup Codes"
+	},
+	"2fa.regenerate-instructions": {
+		"defaultMessage": "Enter a verification code to generate new backup codes. Your old codes will be invalidated."
+	},
+	"2fa.secret-key": {
+		"defaultMessage": "Secret Key"
+	},
+	"2fa.setup-instructions": {
+		"defaultMessage": "Scan this QR code with your authenticator app, or enter the secret manually."
+	},
+	"2fa.status": {
+		"defaultMessage": "Status"
+	},
+	"2fa.title": {
+		"defaultMessage": "Two-Factor Authentication"
+	},
+	"2fa.verify-enable": {
+		"defaultMessage": "Verify and Enable"
+	},
+	"access-list": {
+		"defaultMessage": "Access List"
+	},
+	"access-list.access-count": {
+		"defaultMessage": "{count} {count, plural, one {Rule} other {Rules}}"
+	},
+	"access-list.auth-count": {
+		"defaultMessage": "{count} {count, plural, one {User} other {Users}}"
+	},
+	"access-list.help-rules-last": {
+		"defaultMessage": "When at least 1 rule exists, this deny all rule will be added last"
+	},
+	"access-list.help.rules-order": {
+		"defaultMessage": "Note that the allow and deny directives will be applied in the order they are defined."
+	},
+	"access-list.pass-auth": {
+		"defaultMessage": "Pass Auth to Upstream"
+	},
+	"access-list.public": {
+		"defaultMessage": "Publicly Accessible"
+	},
+	"access-list.public.subtitle": {
+		"defaultMessage": "No basic auth required"
+	},
+	"access-list.rule-source.placeholder": {
+		"defaultMessage": "192.168.1.100 or 192.168.1.0/24 or 2001:0db8::/32"
+	},
+	"access-list.satisfy-any": {
+		"defaultMessage": "Satisfy Any"
+	},
+	"access-list.subtitle": {
+		"defaultMessage": "{users} {users, plural, one {User} other {Users}}, {rules} {rules, plural, one {Rule} other {Rules}} - Created: {date}"
+	},
+	"access-lists": {
+		"defaultMessage": "Access Lists"
+	},
+	"action.add": {
+		"defaultMessage": "Add"
+	},
+	"action.add-location": {
+		"defaultMessage": "Add Location"
+	},
+	"action.allow": {
+		"defaultMessage": "Allow"
+	},
+	"action.close": {
+		"defaultMessage": "Close"
+	},
+	"action.delete": {
+		"defaultMessage": "Delete"
+	},
+	"action.deny": {
+		"defaultMessage": "Deny"
+	},
+	"action.disable": {
+		"defaultMessage": "Disable"
+	},
+	"action.download": {
+		"defaultMessage": "Download"
+	},
+	"action.edit": {
+		"defaultMessage": "Edit"
+	},
+	"action.enable": {
+		"defaultMessage": "Enable"
+	},
+	"action.permissions": {
+		"defaultMessage": "Permissions"
+	},
+	"action.renew": {
+		"defaultMessage": "Renew"
+	},
+	"action.view-details": {
+		"defaultMessage": "View Details"
+	},
+	"auditlogs": {
+		"defaultMessage": "Audit Logs"
+	},
+	"auto": {
+		"defaultMessage": "Auto"
+	},
+	"cancel": {
+		"defaultMessage": "Cancel"
+	},
+	"certificate": {
+		"defaultMessage": "Certificate"
+	},
+	"certificate.custom-certificate": {
+		"defaultMessage": "Certificate"
+	},
+	"certificate.custom-certificate-key": {
+		"defaultMessage": "Certificate Key"
+	},
+	"certificate.custom-intermediate": {
+		"defaultMessage": "Intermediate Certificate"
+	},
+	"certificate.in-use": {
+		"defaultMessage": "In Use"
+	},
+	"certificate.none.subtitle": {
+		"defaultMessage": "No certificate assigned"
+	},
+	"certificate.none.subtitle.for-http": {
+		"defaultMessage": "This host will not use HTTPS"
+	},
+	"certificate.none.title": {
+		"defaultMessage": "None"
+	},
+	"certificate.not-in-use": {
+		"defaultMessage": "Not Used"
+	},
+	"certificate.renew": {
+		"defaultMessage": "Renew Certificate"
+	},
+	"certificates": {
+		"defaultMessage": "Certificates"
+	},
+	"certificates.custom": {
+		"defaultMessage": "Custom Certificate"
+	},
+	"certificates.custom.warning": {
+		"defaultMessage": "Key files protected with a passphrase are not supported."
+	},
+	"certificates.dns.credentials": {
+		"defaultMessage": "Credentials File Content"
+	},
+	"certificates.dns.credentials-note": {
+		"defaultMessage": "This plugin requires a configuration file containing an API token or other credentials for your provider"
+	},
+	"certificates.dns.credentials-warning": {
+		"defaultMessage": "This data will be stored as plaintext in the database and in a file!"
+	},
+	"certificates.dns.propagation-seconds": {
+		"defaultMessage": "Propagation Seconds"
+	},
+	"certificates.dns.propagation-seconds-note": {
+		"defaultMessage": "Leave empty to use the plugins default value. Number of seconds to wait for DNS propagation."
+	},
+	"certificates.dns.provider": {
+		"defaultMessage": "DNS Provider"
+	},
+	"certificates.dns.provider.placeholder": {
+		"defaultMessage": "Select a Provider..."
+	},
+	"certificates.dns.warning": {
+		"defaultMessage": "This section requires some knowledge about Certbot and its DNS plugins. Please consult the respective plugins documentation."
+	},
+	"certificates.http.reachability-404": {
+		"defaultMessage": "There is a server found at this domain but it does not seem to be Nginx Proxy Manager. Please make sure your domain points to the IP where your NPM instance is running."
+	},
+	"certificates.http.reachability-failed-to-check": {
+		"defaultMessage": "Failed to check the reachability due to a communication error with site24x7.com."
+	},
+	"certificates.http.reachability-not-resolved": {
+		"defaultMessage": "There is no server available at this domain. Please make sure your domain exists and points to the IP where your NPM instance is running and if necessary port 80 is forwarded in your router."
+	},
+	"certificates.http.reachability-ok": {
+		"defaultMessage": "Your server is reachable and creating certificates should be possible."
+	},
+	"certificates.http.reachability-other": {
+		"defaultMessage": "There is a server found at this domain but it returned an unexpected status code {code}. Is it the NPM server? Please make sure your domain points to the IP where your NPM instance is running."
+	},
+	"certificates.http.reachability-wrong-data": {
+		"defaultMessage": "There is a server found at this domain but it returned an unexpected data. Is it the NPM server? Please make sure your domain points to the IP where your NPM instance is running."
+	},
+	"certificates.http.test-results": {
+		"defaultMessage": "Test Results"
+	},
+	"certificates.http.warning": {
+		"defaultMessage": "These domains must be already configured to point to this installation."
+	},
+	"certificates.key-type": {
+		"defaultMessage": "Key Type"
+	},
+	"certificates.key-type-description": {
+		"defaultMessage": "RSA is widely compatible, ECDSA is faster and more secure but may not be supported by older systems"
+	},
+	"certificates.key-type-ecdsa": {
+		"defaultMessage": "ECDSA 256"
+	},
+	"certificates.key-type-rsa": {
+		"defaultMessage": "RSA 2048"
+	},
+	"certificates.request.subtitle": {
+		"defaultMessage": "with Let's Encrypt"
+	},
+	"certificates.request.title": {
+		"defaultMessage": "Request a new Certificate"
+	},
+	"column.access": {
+		"defaultMessage": "Access"
+	},
+	"column.authorization": {
+		"defaultMessage": "Authorization"
+	},
+	"column.authorizations": {
+		"defaultMessage": "Authorizations"
+	},
+	"column.custom-locations": {
+		"defaultMessage": "Custom Locations"
+	},
+	"column.destination": {
+		"defaultMessage": "Destination"
+	},
+	"column.details": {
+		"defaultMessage": "Details"
+	},
+	"column.email": {
+		"defaultMessage": "Email"
+	},
+	"column.event": {
+		"defaultMessage": "Event"
+	},
+	"column.expires": {
+		"defaultMessage": "Expires"
+	},
+	"column.http-code": {
+		"defaultMessage": "HTTP Code"
+	},
+	"column.incoming-port": {
+		"defaultMessage": "Incoming Port"
+	},
+	"column.name": {
+		"defaultMessage": "Name"
+	},
+	"column.protocol": {
+		"defaultMessage": "Protocol"
+	},
+	"column.provider": {
+		"defaultMessage": "Provider"
+	},
+	"column.roles": {
+		"defaultMessage": "Roles"
+	},
+	"column.rules": {
+		"defaultMessage": "Rules"
+	},
+	"column.satisfy": {
+		"defaultMessage": "Satisfy"
+	},
+	"column.satisfy-all": {
+		"defaultMessage": "All"
+	},
+	"column.satisfy-any": {
+		"defaultMessage": "Any"
+	},
+	"column.scheme": {
+		"defaultMessage": "Scheme"
+	},
+	"column.source": {
+		"defaultMessage": "Source"
+	},
+	"column.ssl": {
+		"defaultMessage": "SSL"
+	},
+	"column.status": {
+		"defaultMessage": "Status"
+	},
+	"created-on": {
+		"defaultMessage": "Created: {date}"
+	},
+	"dashboard": {
+		"defaultMessage": "Dashboard"
+	},
+	"dead-host": {
+		"defaultMessage": "404 Host"
+	},
+	"dead-hosts": {
+		"defaultMessage": "404 Hosts"
+	},
+	"dead-hosts.count": {
+		"defaultMessage": "{count} {count, plural, one {404 Host} other {404 Hosts}}"
+	},
+	"disabled": {
+		"defaultMessage": "Disabled"
+	},
+	"domain-names": {
+		"defaultMessage": "Domain Names"
+	},
+	"domain-names.max": {
+		"defaultMessage": "{count} domain names maximum"
+	},
+	"domain-names.placeholder": {
+		"defaultMessage": "Start typing to add domain..."
+	},
+	"domain-names.wildcards-not-permitted": {
+		"defaultMessage": "Wildcards not permitted for this type"
+	},
+	"domain-names.wildcards-not-supported": {
+		"defaultMessage": "Wildcards not supported for this CA"
+	},
+	"domains.advanced": {
+		"defaultMessage": "Advanced"
+	},
+	"domains.force-ssl": {
+		"defaultMessage": "Force SSL"
+	},
+	"domains.hsts-enabled": {
+		"defaultMessage": "HSTS Enabled"
+	},
+	"domains.hsts-subdomains": {
+		"defaultMessage": "HSTS Sub-domains"
+	},
+	"domains.http2-support": {
+		"defaultMessage": "HTTP/2 Support"
+	},
+	"domains.trust-forwarded-proto": {
+		"defaultMessage": "Trust Upstream Forwarded Proto Headers"
+	},
+	"domains.use-dns": {
+		"defaultMessage": "Use DNS Challenge"
+	},
+	"email-address": {
+		"defaultMessage": "Email address"
+	},
+	"empty-search": {
+		"defaultMessage": "No results found"
+	},
+	"empty-subtitle": {
+		"defaultMessage": "Why don't you create one?"
+	},
+	"enabled": {
+		"defaultMessage": "Enabled"
+	},
+	"error.access.at-least-one": {
+		"defaultMessage": "Either one Authorization or one Access Rule is required"
+	},
+	"error.access.duplicate-usernames": {
+		"defaultMessage": "Authorization Usernames must be unique"
+	},
+	"error.invalid-auth": {
+		"defaultMessage": "Invalid email or password"
+	},
+	"error.invalid-domain": {
+		"defaultMessage": "Invalid domain: {domain}"
+	},
+	"error.invalid-email": {
+		"defaultMessage": "Invalid email address"
+	},
+	"error.max-character-length": {
+		"defaultMessage": "Maximum length is {max} character{max, plural, one {} other {s}}"
+	},
+	"error.max-domains": {
+		"defaultMessage": "Too many domains, max is {max}"
+	},
+	"error.maximum": {
+		"defaultMessage": "Maximum is {max}"
+	},
+	"error.min-character-length": {
+		"defaultMessage": "Minimum length is {min} character{min, plural, one {} other {s}}"
+	},
+	"error.minimum": {
+		"defaultMessage": "Minimum is {min}"
+	},
+	"error.passwords-must-match": {
+		"defaultMessage": "Passwords must match"
+	},
+	"error.required": {
+		"defaultMessage": "This is required"
+	},
+	"expires.on": {
+		"defaultMessage": "Expires: {date}"
+	},
+	"footer.github-fork": {
+		"defaultMessage": "Fork me on Github"
+	},
+	"host.flags.block-exploits": {
+		"defaultMessage": "Block Common Exploits"
+	},
+	"host.flags.cache-assets": {
+		"defaultMessage": "Cache Assets"
+	},
+	"host.flags.preserve-path": {
+		"defaultMessage": "Preserve Path"
+	},
+	"host.flags.protocols": {
+		"defaultMessage": "Protocols"
+	},
+	"host.flags.websockets-upgrade": {
+		"defaultMessage": "Websockets Support"
+	},
+	"host.forward-port": {
+		"defaultMessage": "Forward Port"
+	},
+	"host.forward-scheme": {
+		"defaultMessage": "Scheme"
+	},
+	"hosts": {
+		"defaultMessage": "Hosts"
+	},
+	"http-only": {
+		"defaultMessage": "HTTP Only"
+	},
+	"lets-encrypt": {
+		"defaultMessage": "Let's Encrypt"
+	},
+	"lets-encrypt-via-dns": {
+		"defaultMessage": "Let's Encrypt via DNS"
+	},
+	"lets-encrypt-via-http": {
+		"defaultMessage": "Let's Encrypt via HTTP"
+	},
+	"loading": {
+		"defaultMessage": "Loading…"
+	},
+	"login.2fa-code": {
+		"defaultMessage": "Verification Code"
+	},
+	"login.2fa-code-placeholder": {
+		"defaultMessage": "Enter code"
+	},
+	"login.2fa-description": {
+		"defaultMessage": "Enter the code from your authenticator app"
+	},
+	"login.2fa-title": {
+		"defaultMessage": "Two-Factor Authentication"
+	},
+	"login.2fa-verify": {
+		"defaultMessage": "Verify"
+	},
+	"login.title": {
+		"defaultMessage": "Login to your account"
+	},
+	"nginx-config.label": {
+		"defaultMessage": "Custom Nginx Configuration"
+	},
+	"nginx-config.placeholder": {
+		"defaultMessage": "# Enter your custom Nginx configuration here at your own risk!"
+	},
+	"no-permission-error": {
+		"defaultMessage": "You do not have access to view this."
+	},
+	"notfound.action": {
+		"defaultMessage": "Take me home"
+	},
+	"notfound.content": {
+		"defaultMessage": "We are sorry but the page you are looking for was not found"
+	},
+	"notfound.title": {
+		"defaultMessage": "Oops… You just found an error page"
+	},
+	"notification.error": {
+		"defaultMessage": "Error"
+	},
+	"notification.object-deleted": {
+		"defaultMessage": "{object} has been deleted"
+	},
+	"notification.object-disabled": {
+		"defaultMessage": "{object} has been disabled"
+	},
+	"notification.object-enabled": {
+		"defaultMessage": "{object} has been enabled"
+	},
+	"notification.object-renewed": {
+		"defaultMessage": "{object} has been renewed"
+	},
+	"notification.object-saved": {
+		"defaultMessage": "{object} has been saved"
+	},
+	"notification.success": {
+		"defaultMessage": "Success"
+	},
+	"object.actions-title": {
+		"defaultMessage": "{object} #{id}"
+	},
+	"object.add": {
+		"defaultMessage": "Add {object}"
+	},
+	"object.delete": {
+		"defaultMessage": "Delete {object}"
+	},
+	"object.delete.content": {
+		"defaultMessage": "Are you sure you want to delete this {object}?"
+	},
+	"object.edit": {
+		"defaultMessage": "Edit {object}"
+	},
+	"object.empty": {
+		"defaultMessage": "There are no {objects}"
+	},
+	"object.event.created": {
+		"defaultMessage": "Created {object}"
+	},
+	"object.event.deleted": {
+		"defaultMessage": "Deleted {object}"
+	},
+	"object.event.disabled": {
+		"defaultMessage": "Disabled {object}"
+	},
+	"object.event.enabled": {
+		"defaultMessage": "Enabled {object}"
+	},
+	"object.event.renewed": {
+		"defaultMessage": "Renewed {object}"
+	},
+	"object.event.updated": {
+		"defaultMessage": "Updated {object}"
+	},
+	"offline": {
+		"defaultMessage": "Offline"
+	},
+	"online": {
+		"defaultMessage": "Online"
+	},
+	"options": {
+		"defaultMessage": "Options"
+	},
+	"password": {
+		"defaultMessage": "Password"
+	},
+	"password.generate": {
+		"defaultMessage": "Generate random password"
+	},
+	"password.hide": {
+		"defaultMessage": "Hide Password"
+	},
+	"password.show": {
+		"defaultMessage": "Show Password"
+	},
+	"permissions.hidden": {
+		"defaultMessage": "Hidden"
+	},
+	"permissions.manage": {
+		"defaultMessage": "Manage"
+	},
+	"permissions.view": {
+		"defaultMessage": "View Only"
+	},
+	"permissions.visibility.all": {
+		"defaultMessage": "All Items"
+	},
+	"permissions.visibility.title": {
+		"defaultMessage": "Item Visibility"
+	},
+	"permissions.visibility.user": {
+		"defaultMessage": "Created Items Only"
+	},
+	"proxy-host": {
+		"defaultMessage": "Proxy Host"
+	},
+	"proxy-host.forward-host": {
+		"defaultMessage": "Forward Hostname / IP"
+	},
+	"proxy-hosts": {
+		"defaultMessage": "Proxy Hosts"
+	},
+	"proxy-hosts.count": {
+		"defaultMessage": "{count} {count, plural, one {Proxy Host} other {Proxy Hosts}}"
+	},
+	"public": {
+		"defaultMessage": "Public"
+	},
+	"redirection-host": {
+		"defaultMessage": "Redirection Host"
+	},
+	"redirection-host.forward-domain": {
+		"defaultMessage": "Forward Domain"
+	},
+	"redirection-host.forward-http-code": {
+		"defaultMessage": "HTTP Code"
+	},
+	"redirection-hosts": {
+		"defaultMessage": "Redirection Hosts"
+	},
+	"redirection-hosts.count": {
+		"defaultMessage": "{count} {count, plural, one {Redirection Host} other {Redirection Hosts}}"
+	},
+	"redirection-hosts.http-code.300": {
+		"defaultMessage": "300 Multiple Choices"
+	},
+	"redirection-hosts.http-code.301": {
+		"defaultMessage": "301 Moved permanently"
+	},
+	"redirection-hosts.http-code.302": {
+		"defaultMessage": "302 Moved temporarily"
+	},
+	"redirection-hosts.http-code.303": {
+		"defaultMessage": "303 See other"
+	},
+	"redirection-hosts.http-code.307": {
+		"defaultMessage": "307 Temporary redirect"
+	},
+	"redirection-hosts.http-code.308": {
+		"defaultMessage": "308 Permanent redirect"
+	},
+	"role.admin": {
+		"defaultMessage": "Administrator"
+	},
+	"role.standard-user": {
+		"defaultMessage": "Standard User"
+	},
+	"save": {
+		"defaultMessage": "Save"
+	},
+	"setting": {
+		"defaultMessage": "Setting"
+	},
+	"settings": {
+		"defaultMessage": "Settings"
+	},
+	"settings.default-site": {
+		"defaultMessage": "Default Site"
+	},
+	"settings.default-site.404": {
+		"defaultMessage": "404 Page"
+	},
+	"settings.default-site.444": {
+		"defaultMessage": "No Response (444)"
+	},
+	"settings.default-site.congratulations": {
+		"defaultMessage": "Congratulations Page"
+	},
+	"settings.default-site.description": {
+		"defaultMessage": "What to show when Nginx is hit with an unknown Host"
+	},
+	"settings.default-site.html": {
+		"defaultMessage": "Custom HTML"
+	},
+	"settings.default-site.html.placeholder": {
+		"defaultMessage": "<!-- Enter your custom HTML content here -->"
+	},
+	"settings.default-site.redirect": {
+		"defaultMessage": "Redirect"
+	},
+	"setup.preamble": {
+		"defaultMessage": "Get started by creating your admin account."
+	},
+	"setup.title": {
+		"defaultMessage": "Welcome!"
+	},
+	"sign-in": {
+		"defaultMessage": "Sign in"
+	},
+	"ssl-certificate": {
+		"defaultMessage": "SSL Certificate"
+	},
+	"stream": {
+		"defaultMessage": "Stream"
+	},
+	"stream.forward-host": {
+		"defaultMessage": "Forward Host"
+	},
+	"stream.forward-host.placeholder": {
+		"defaultMessage": "example.com or 10.0.0.1 or 2001:db8:3333:4444:5555:6666:7777:8888"
+	},
+	"stream.incoming-port": {
+		"defaultMessage": "Incoming Port"
+	},
+	"streams": {
+		"defaultMessage": "Streams"
+	},
+	"streams.count": {
+		"defaultMessage": "{count} {count, plural, one {Stream} other {Streams}}"
+	},
+	"streams.tcp": {
+		"defaultMessage": "TCP"
+	},
+	"streams.udp": {
+		"defaultMessage": "UDP"
+	},
+	"test": {
+		"defaultMessage": "Test"
+	},
+	"update-available": {
+		"defaultMessage": "Update Available: {latestVersion}"
+	},
+	"user": {
+		"defaultMessage": "User"
+	},
+	"user.change-password": {
+		"defaultMessage": "Change Password"
+	},
+	"user.confirm-password": {
+		"defaultMessage": "Confirm Password"
+	},
+	"user.current-password": {
+		"defaultMessage": "Current Password"
+	},
+	"user.edit-profile": {
+		"defaultMessage": "Edit Profile"
+	},
+	"user.full-name": {
+		"defaultMessage": "Full Name"
+	},
+	"user.login-as": {
+		"defaultMessage": "Sign in as {name}"
+	},
+	"user.logout": {
+		"defaultMessage": "Logout"
+	},
+	"user.new-password": {
+		"defaultMessage": "New Password"
+	},
+	"user.nickname": {
+		"defaultMessage": "Nickname"
+	},
+	"user.set-password": {
+		"defaultMessage": "Set Password"
+	},
+	"user.set-permissions": {
+		"defaultMessage": "Set Permissions for {name}"
+	},
+	"user.switch-dark": {
+		"defaultMessage": "Switch to Dark mode"
+	},
+	"user.switch-light": {
+		"defaultMessage": "Switch to Light mode"
+	},
+	"user.two-factor": {
+		"defaultMessage": "Two-Factor Auth"
+	},
+	"username": {
+		"defaultMessage": "Username"
+	},
+	"users": {
+		"defaultMessage": "Users"
+	}
+}

frontend/src/locale/src/lang-list.json

@@ -5,6 +5,9 @@
   "locale-es-ES": {
     "defaultMessage": "Español"
   },
+  "locale-et-EE": {
+    "defaultMessage": "Eesti"
+  },
   "locale-ie-GA": {
     "defaultMessage": "Gaeilge"
   },
@@ -29,6 +32,9 @@
   "locale-sk-SK": {
     "defaultMessage": "Slovenčina"
   },
+  "locale-cs-CZ": {
+    "defaultMessage": "Čeština"
+  },
   "locale-zh-CN": {
     "defaultMessage": "中文"
   },
@@ -55,5 +61,8 @@
   },
   "locale-hu-HU": {
     "defaultMessage": "Magyar"
+  },
+  "locale-no-NO": {
+    "defaultMessage": "Norsk"
   }
 }

frontend/src/locale/src/no.json

@@ -0,0 +1,776 @@
+{
+	"2fa.backup-codes-remaining": {
+		"defaultMessage": "Gjenstående backup-koder: {count}"
+	},
+	"2fa.backup-warning": {
+		"defaultMessage": "Lagre disse backup-kodene på et sikkert sted. Hver kode kan kun brukes én gang."
+	},
+	"2fa.disable": {
+		"defaultMessage": "Deaktiver tofaktorautentisering"
+	},
+	"2fa.disable-confirm": {
+		"defaultMessage": "Deaktiver 2FA"
+	},
+	"2fa.disable-warning": {
+		"defaultMessage": "Å deaktivere tofaktorautentisering vil gjøre kontoen din mindre sikker."
+	},
+	"2fa.disabled": {
+		"defaultMessage": "Deaktivert"
+	},
+	"2fa.done": {
+		"defaultMessage": "Jeg har lagret backup-kodene mine"
+	},
+	"2fa.enable": {
+		"defaultMessage": "Aktiver tofaktorautentisering"
+	},
+	"2fa.enabled": {
+		"defaultMessage": "Aktivert"
+	},
+	"2fa.enter-code": {
+		"defaultMessage": "Angi verifiseringskode"
+	},
+	"2fa.enter-code-disable": {
+		"defaultMessage": "Angi verifiseringskode for å deaktivere"
+	},
+	"2fa.regenerate": {
+		"defaultMessage": "Regenerer"
+	},
+	"2fa.regenerate-backup": {
+		"defaultMessage": "Generer nye backup-koder"
+	},
+	"2fa.regenerate-instructions": {
+		"defaultMessage": "Angi en verifiseringskode for å generere nye backup-koder. Dine gamle koder vil bli ugyldige."
+	},
+	"2fa.secret-key": {
+		"defaultMessage": "Hemmelig nøkkel"
+	},
+	"2fa.setup-instructions": {
+		"defaultMessage": "Skann denne QR-koden med autentiseringsappen din, eller skriv inn nøkkelen manuelt."
+	},
+	"2fa.status": {
+		"defaultMessage": "Status"
+	},
+	"2fa.title": {
+		"defaultMessage": "Tofaktorautentisering"
+	},
+	"2fa.verify-enable": {
+		"defaultMessage": "Verifiser og aktiver"
+	},
+	"access-list": {
+		"defaultMessage": "Tilgangsliste"
+	},
+	"access-list.access-count": {
+		"defaultMessage": "{count} {count, plural, one {regel} other {regler}}"
+	},
+	"access-list.auth-count": {
+		"defaultMessage": "{count} {count, plural, one {bruker} other {brukere}}"
+	},
+	"access-list.help-rules-last": {
+		"defaultMessage": "Når minst én regel finnes, legges denne \"deny all\"-regelen til sist"
+	},
+	"access-list.help.rules-order": {
+		"defaultMessage": "Merk at tillat- og nekt-direktivene brukes i den rekkefølgen de er definert."
+	},
+	"access-list.pass-auth": {
+		"defaultMessage": "Send autentisering til upstream"
+	},
+	"access-list.public": {
+		"defaultMessage": "Offentlig tilgjengelig"
+	},
+	"access-list.public.subtitle": {
+		"defaultMessage": "Ingen grunnleggende autentisering kreves"
+	},
+	"access-list.rule-source.placeholder": {
+		"defaultMessage": "192.168.1.100 eller 192.168.1.0/24 eller 2001:0db8::/32"
+	},
+	"access-list.satisfy-any": {
+		"defaultMessage": "Oppfyll en av kravene"
+	},
+	"access-list.subtitle": {
+		"defaultMessage": "{users} {users, plural, one {bruker} other {brukere}}, {rules} {rules, plural, one {regel} other {regler}} - Opprettet: {date}"
+	},
+	"access-lists": {
+		"defaultMessage": "Tilgangslister"
+	},
+	"action.add": {
+		"defaultMessage": "Legg til"
+	},
+	"action.add-location": {
+		"defaultMessage": "Legg til plassering"
+	},
+	"action.allow": {
+		"defaultMessage": "Tillat"
+	},
+	"action.close": {
+		"defaultMessage": "Lukk"
+	},
+	"action.delete": {
+		"defaultMessage": "Slett"
+	},
+	"action.deny": {
+		"defaultMessage": "Nekt"
+	},
+	"action.disable": {
+		"defaultMessage": "Deaktiver"
+	},
+	"action.download": {
+		"defaultMessage": "Last ned"
+	},
+	"action.edit": {
+		"defaultMessage": "Rediger"
+	},
+	"action.enable": {
+		"defaultMessage": "Aktiver"
+	},
+	"action.permissions": {
+		"defaultMessage": "Tillatelser"
+	},
+	"action.renew": {
+		"defaultMessage": "Forny"
+	},
+	"action.view-details": {
+		"defaultMessage": "Vis detaljer"
+	},
+	"auditlogs": {
+		"defaultMessage": "Revisjonslogger"
+	},
+	"auto": {
+		"defaultMessage": "Auto"
+	},
+	"cancel": {
+		"defaultMessage": "Avbryt"
+	},
+	"certificate": {
+		"defaultMessage": "Sertifikat"
+	},
+	"certificate.custom-certificate": {
+		"defaultMessage": "Egendefinert Sertifikat"
+	},
+	"certificate.custom-certificate-key": {
+		"defaultMessage": "Egendefinert Sertifikat nøkkel"
+	},
+	"certificate.custom-intermediate": {
+		"defaultMessage": "Egendefinert Intermediate Sertifikat"
+	},
+	"certificate.in-use": {
+		"defaultMessage": "I bruk"
+	},
+	"certificate.none.subtitle": {
+		"defaultMessage": "Ingen sertifikat tildelt"
+	},
+	"certificate.none.subtitle.for-http": {
+		"defaultMessage": "Denne verten vil ikke bruke HTTPS"
+	},
+	"certificate.none.title": {
+		"defaultMessage": "Ingen"
+	},
+	"certificate.not-in-use": {
+		"defaultMessage": "Ikke i bruk"
+	},
+	"certificate.renew": {
+		"defaultMessage": "Forny sertifikat"
+	},
+	"certificates": {
+		"defaultMessage": "Sertifikater"
+	},
+	"certificates.custom": {
+		"defaultMessage": "Egendefinert Sertifikat"
+	},
+	"certificates.custom.warning": {
+		"defaultMessage": "Nøkkelfiler beskyttet med passordfrase støttes ikke."
+	},
+	"certificates.dns.credentials": {
+		"defaultMessage": "Innhold i legitimasjonsfil"
+	},
+	"certificates.dns.credentials-note": {
+		"defaultMessage": "Denne pluginen krever en konfigurasjonsfil som inneholder en API-token eller andre legitimasjoner for leverandøren din"
+	},
+	"certificates.dns.credentials-warning": {
+		"defaultMessage": "Disse dataene vil bli lagret som ren tekst i databasen og i en fil!"
+	},
+	"certificates.dns.propagation-seconds": {
+		"defaultMessage": "Propageringsekunder"
+	},
+	"certificates.dns.propagation-seconds-note": {
+		"defaultMessage": "La stå tomt for å bruke pluginens standardverdi. Antall sekunder å vente på DNS-propagasjon."
+	},
+	"certificates.dns.provider": {
+		"defaultMessage": "DNS-leverandør"
+	},
+	"certificates.dns.provider.placeholder": {
+		"defaultMessage": "Velg en leverandør..."
+	},
+	"certificates.dns.warning": {
+		"defaultMessage": "Denne seksjonen krever noe kunnskap om Certbot og dets DNS-plugins. Vennligst konsulter dokumentasjonen for de respektive pluginene."
+	},
+	"certificates.http.reachability-404": {
+		"defaultMessage": "Det finnes en server på dette domenet, men det ser ikke ut til å være Nginx Proxy Manager. Vennligst sørg for at domenet ditt peker til IP-en der NPM-instansen kjører."
+	},
+	"certificates.http.reachability-failed-to-check": {
+		"defaultMessage": "Kunne ikke sjekke tilgjengeligheten på grunn av en kommunikasjonsfeil med site24x7.com."
+	},
+	"certificates.http.reachability-not-resolved": {
+		"defaultMessage": "Det finnes ingen server tilgjengelig på dette domenet. Vennligst sørg for at domenet ditt eksisterer og peker til IP-en der NPM-instansen kjører, og om nødvendig at port 80 er videresendt i ruteren din."
+	},
+	"certificates.http.reachability-ok": {
+		"defaultMessage": "Serveren din er tilgjengelig, og det bør være mulig å opprette sertifikater."
+	},
+	"certificates.http.reachability-other": {
+		"defaultMessage": "Det finnes en server på dette domenet, men den returnerte en uventet statuskode {code}. Er det NPM-serveren? Vennligst sørg for at domenet ditt peker til IP-en der NPM-instansen kjører."
+	},
+	"certificates.http.reachability-wrong-data": {
+		"defaultMessage": "Det finnes en server på dette domenet, men den returnerte uventet data. Er det NPM-serveren? Vennligst sørg for at domenet ditt peker til IP-en der NPM-instansen kjører."
+	},
+	"certificates.http.test-results": {
+		"defaultMessage": "Testresultater"
+	},
+	"certificates.http.warning": {
+		"defaultMessage": "Disse domenene må allerede være konfigurert til å peke til denne installasjonen."
+	},
+	"certificates.key-type": {
+		"defaultMessage": "Nøkkeltype"
+	},
+	"certificates.key-type-description": {
+		"defaultMessage": "RSA er bredt kompatibel, ECDSA er raskere og mer sikker, men støttes kanskje ikke av eldre systemer"
+	},
+	"certificates.key-type-ecdsa": {
+		"defaultMessage": "ECDSA 256"
+	},
+	"certificates.key-type-rsa": {
+		"defaultMessage": "RSA 2048"
+	},
+	"certificates.request.subtitle": {
+		"defaultMessage": "med Let's Encrypt"
+	},
+	"certificates.request.title": {
+		"defaultMessage": "Be om et nytt sertifikat"
+	},
+	"column.access": {
+		"defaultMessage": "Tilgang"
+	},
+	"column.authorization": {
+		"defaultMessage": "Autorisasjon"
+	},
+	"column.authorizations": {
+		"defaultMessage": "Autorisasjoner"
+	},
+	"column.custom-locations": {
+		"defaultMessage": "Egendefinerte plasseringer"
+	},
+	"column.destination": {
+		"defaultMessage": "Destinasjon"
+	},
+	"column.details": {
+		"defaultMessage": "Detaljer"
+	},
+	"column.email": {
+		"defaultMessage": "E-post"
+	},
+	"column.event": {
+		"defaultMessage": "Hendelse"
+	},
+	"column.expires": {
+		"defaultMessage": "Utløper"
+	},
+	"column.http-code": {
+		"defaultMessage": "HTTP-kode"
+	},
+	"column.incoming-port": {
+		"defaultMessage": "Innkommende port"
+	},
+	"column.name": {
+		"defaultMessage": "Navn"
+	},
+	"column.protocol": {
+		"defaultMessage": "Protokoll"
+	},
+	"column.provider": {
+		"defaultMessage": "Leverandør"
+	},
+	"column.roles": {
+		"defaultMessage": "Roller"
+	},
+	"column.rules": {
+		"defaultMessage": "Regler"
+	},
+	"column.satisfy": {
+		"defaultMessage": "Oppfylle"
+	},
+	"column.satisfy-all": {
+		"defaultMessage": "Alle"
+	},
+	"column.satisfy-any": {
+		"defaultMessage": "Noen"
+	},
+	"column.scheme": {
+		"defaultMessage": "Skjema"
+	},
+	"column.source": {
+		"defaultMessage": "Kilde"
+	},
+	"column.ssl": {
+		"defaultMessage": "SSL"
+	},
+	"column.status": {
+		"defaultMessage": "Status"
+	},
+	"created-on": {
+		"defaultMessage": "Opprettet: {date}"
+	},
+	"dashboard": {
+		"defaultMessage": "Dashboard"
+	},
+	"dead-host": {
+		"defaultMessage": "404 Tjener ikke funnet"
+	},
+	"dead-hosts": {
+		"defaultMessage": "404 Tjenere ikke funnet"
+	},
+	"dead-hosts.count": {
+		"defaultMessage": "{count} {count, plural, one {404 Tjener} other {404 Tjenere}}"
+	},
+	"disabled": {
+		"defaultMessage": "Deaktivert"
+	},
+	"domain-names": {
+		"defaultMessage": "Domener"
+	},
+	"domain-names.max": {
+		"defaultMessage": "{count} domener maksimum"
+	},
+	"domain-names.placeholder": {
+		"defaultMessage": "Begynn å skrive for å legge til domene..."
+	},
+	"domain-names.wildcards-not-permitted": {
+		"defaultMessage": "Wildcards er ikke tillatt for denne typen"
+	},
+	"domain-names.wildcards-not-supported": {
+		"defaultMessage": "Wildcards støttes ikke for denne CA-en"
+	},
+	"domains.advanced": {
+		"defaultMessage": "Avansert"
+	},
+	"domains.force-ssl": {
+		"defaultMessage": "Tving SSL"
+	},
+	"domains.hsts-enabled": {
+		"defaultMessage": "HSTS Aktivert"
+	},
+	"domains.hsts-subdomains": {
+		"defaultMessage": "HSTS Underdomener"
+	},
+	"domains.http2-support": {
+		"defaultMessage": "HTTP/2 Støtte"
+	},
+	"domains.trust-forwarded-proto": {
+		"defaultMessage": "Stol på Upstream Forwarded Proto Headers"
+	},
+	"domains.use-dns": {
+		"defaultMessage": "Bruk DNS Utfordring"
+	},
+	"email-address": {
+		"defaultMessage": "E-postadresse"
+	},
+	"empty-search": {
+		"defaultMessage": "Ingen resultater funnet"
+	},
+	"empty-subtitle": {
+		"defaultMessage": "Hvorfor ikke opprette en?"
+	},
+	"enabled": {
+		"defaultMessage": "Aktivert"
+	},
+	"error.access.at-least-one": {
+		"defaultMessage": "Enten en autorisasjon eller en tilgangsregel er påkrevd"
+	},
+	"error.access.duplicate-usernames": {
+		"defaultMessage": "Autorisasjonsbrukernavn må være unike"
+	},
+	"error.invalid-auth": {
+		"defaultMessage": "Ugyldig e-post eller passord"
+	},
+	"error.invalid-domain": {
+		"defaultMessage": "Ugyldig domene: {domain}"
+	},
+	"error.invalid-email": {
+		"defaultMessage": "Ugyldig e-postadresse"
+	},
+	"error.max-character-length": {
+		"defaultMessage": "Maksimal lengde er {max} tegn"
+	},
+	"error.max-domains": {
+		"defaultMessage": "For mange domener, maks er {max}"
+	},
+	"error.maximum": {
+		"defaultMessage": "Maksimum er {max}"
+	},
+	"error.min-character-length": {
+		"defaultMessage": "Minimum lengde er {min} tegn"
+	},
+	"error.minimum": {
+		"defaultMessage": "Minimum er {min}"
+	},
+	"error.passwords-must-match": {
+		"defaultMessage": "Passordene må være like"
+	},
+	"error.required": {
+		"defaultMessage": "Dette er påkrevd"
+	},
+	"expires.on": {
+		"defaultMessage": "Utløper: {date}"
+	},
+	"footer.github-fork": {
+		"defaultMessage": "Fork meg på Github"
+	},
+	"host.flags.block-exploits": {
+		"defaultMessage": "Blokker vanlige utnyttelser"
+	},
+	"host.flags.cache-assets": {
+		"defaultMessage": "Mellomlagre ressurser"
+	},
+	"host.flags.preserve-path": {
+		"defaultMessage": "Behold sti"
+	},
+	"host.flags.protocols": {
+		"defaultMessage": "Protokoller"
+	},
+	"host.flags.websockets-upgrade": {
+		"defaultMessage": "Websockets-støtte"
+	},
+	"host.forward-port": {
+		"defaultMessage": "Viderekoble Port"
+	},
+	"host.forward-scheme": {
+		"defaultMessage": "Skjema"
+	},
+	"hosts": {
+		"defaultMessage": "Vertsnavn"
+	},
+	"http-only": {
+		"defaultMessage": "Kun HTTP"
+	},
+	"lets-encrypt": {
+		"defaultMessage": "Let's Encrypt"
+	},
+	"lets-encrypt-via-dns": {
+		"defaultMessage": "Let's Encrypt via DNS"
+	},
+	"lets-encrypt-via-http": {
+		"defaultMessage": "Let's Encrypt via HTTP"
+	},
+	"loading": {
+		"defaultMessage": "Laster…"
+	},
+	"login.2fa-code": {
+		"defaultMessage": "Verifikasjonskode"
+	},
+	"login.2fa-code-placeholder": {
+		"defaultMessage": "Skriv inn kode"
+	},
+	"login.2fa-description": {
+		"defaultMessage": "Skriv inn koden fra autentiseringsappen din"
+	},
+	"login.2fa-title": {
+		"defaultMessage": "To-faktorautentisering"
+	},
+	"login.2fa-verify": {
+		"defaultMessage": "Verifiser"
+	},
+	"login.title": {
+		"defaultMessage": "Logg på kontoen din"
+	},
+	"nginx-config.label": {
+		"defaultMessage": "Egendefinert Nginx-konfigurasjon"
+	},
+	"nginx-config.placeholder": {
+		"defaultMessage": "# Skriv inn din egendefinerte Nginx-konfigurasjon her på egen risiko!"
+	},
+	"no-permission-error": {
+		"defaultMessage": "Du har ikke tilgang til å se dette."
+	},
+	"notfound.action": {
+		"defaultMessage": "Ta meg hjem"
+	},
+	"notfound.content": {
+		"defaultMessage": "Beklager, siden du leter etter ble ikke funnet"
+	},
+	"notfound.title": {
+		"defaultMessage": "Oops… Du har nettopp funnet en feilsiden"
+	},
+	"notification.error": {
+		"defaultMessage": "Feil"
+	},
+	"notification.object-deleted": {
+		"defaultMessage": "{object} har blitt slettet"
+	},
+	"notification.object-disabled": {
+		"defaultMessage": "{object} har blitt deaktivert"
+	},
+	"notification.object-enabled": {
+		"defaultMessage": "{object} har blitt aktivert"
+	},
+	"notification.object-renewed": {
+		"defaultMessage": "{object} har blitt fornyet"
+	},
+	"notification.object-saved": {
+		"defaultMessage": "{object} har blitt lagret"
+	},
+	"notification.success": {
+		"defaultMessage": "Suksess"
+	},
+	"object.actions-title": {
+		"defaultMessage": "{object} #{id}"
+	},
+	"object.add": {
+		"defaultMessage": "Legg til {object}"
+	},
+	"object.delete": {
+		"defaultMessage": "Slett {object}"
+	},
+	"object.delete.content": {
+		"defaultMessage": "Er du sikker på at du vil slette dette {object}?"
+	},
+	"object.edit": {
+		"defaultMessage": "Rediger {object}"
+	},
+	"object.empty": {
+		"defaultMessage": "Det finnes ingen {objects}"
+	},
+	"object.event.created": {
+		"defaultMessage": "Opprettet {object}"
+	},
+	"object.event.deleted": {
+		"defaultMessage": "Slettet {object}"
+	},
+	"object.event.disabled": {
+		"defaultMessage": "Deaktivert {object}"
+	},
+	"object.event.enabled": {
+		"defaultMessage": "Aktivert {object}"
+	},
+	"object.event.renewed": {
+		"defaultMessage": "Fornyet {object}"
+	},
+	"object.event.updated": {
+		"defaultMessage": "Oppdatert {object}"
+	},
+	"offline": {
+		"defaultMessage": "Utilgjengelig"
+	},
+	"online": {
+		"defaultMessage": "Tilgjengelig"
+	},
+	"options": {
+		"defaultMessage": "Alternativer"
+	},
+	"password": {
+		"defaultMessage": "Passord"
+	},
+	"password.generate": {
+		"defaultMessage": "Generer tilfeldig passord"
+	},
+	"password.hide": {
+		"defaultMessage": "Skjul passord"
+	},
+	"password.show": {
+		"defaultMessage": "Vis passord"
+	},
+	"permissions.hidden": {
+		"defaultMessage": "Skjult"
+	},
+	"permissions.manage": {
+		"defaultMessage": "Administrer"
+	},
+	"permissions.view": {
+		"defaultMessage": "Kun visning"
+	},
+	"permissions.visibility.all": {
+		"defaultMessage": "Alle elementer"
+	},
+	"permissions.visibility.title": {
+		"defaultMessage": "Element Synlighet"
+	},
+	"permissions.visibility.user": {
+		"defaultMessage": "Kun opprettede elementer"
+	},
+	"proxy-host": {
+		"defaultMessage": "Proxy Host"
+	},
+	"proxy-host.forward-host": {
+		"defaultMessage": "Forward Hostname / IP"
+	},
+	"proxy-hosts": {
+		"defaultMessage": "Proxy-verter"
+	},
+	"proxy-hosts.count": {
+		"defaultMessage": "{count} {count, plural, one {Proxy-vert} other {Proxy-verter}}"
+	},
+	"public": {
+		"defaultMessage": "Offentlig"
+	},
+	"redirection-host": {
+		"defaultMessage": "Omdirigeringsvert"
+	},
+	"redirection-host.forward-domain": {
+		"defaultMessage": "Viderekoble domene"
+	},
+	"redirection-host.forward-http-code": {
+		"defaultMessage": "HTTP-kode"
+	},
+	"redirection-hosts": {
+		"defaultMessage": "Omdirigeringsverter"
+	},
+	"redirection-hosts.count": {
+		"defaultMessage": "{count} {count, plural, one {Omdirigeringsvert} other {Omdirigeringsverter}}"
+	},
+	"redirection-hosts.http-code.300": {
+		"defaultMessage": "300 Multiple Choices"
+	},
+	"redirection-hosts.http-code.301": {
+		"defaultMessage": "301 Flyttet permanent"
+	},
+	"redirection-hosts.http-code.302": {
+		"defaultMessage": "302 Flyttet midlertidig"
+	},
+	"redirection-hosts.http-code.303": {
+		"defaultMessage": "303 Se andre"
+	},
+	"redirection-hosts.http-code.307": {
+		"defaultMessage": "307 Midlertidig omdirigering"
+	},
+	"redirection-hosts.http-code.308": {
+		"defaultMessage": "308 Permanent omdirigering"
+	},
+	"role.admin": {
+		"defaultMessage": "Administrator"
+	},
+	"role.standard-user": {
+		"defaultMessage": "Standardbruker"
+	},
+	"save": {
+		"defaultMessage": "Lagre"
+	},
+	"setting": {
+		"defaultMessage": "Innstilling"
+	},
+	"settings": {
+		"defaultMessage": "Innstillinger"
+	},
+	"settings.default-site": {
+		"defaultMessage": "Standardnettsted"
+	},
+	"settings.default-site.404": {
+		"defaultMessage": "404-side"
+	},
+	"settings.default-site.444": {
+		"defaultMessage": "Ingen respons (444)"
+	},
+	"settings.default-site.congratulations": {
+		"defaultMessage": "Gratulerer-side"
+	},
+	"settings.default-site.description": {
+		"defaultMessage": "Hva som skal vises når Nginx treffes med en ukjent vert"
+	},
+	"settings.default-site.html": {
+		"defaultMessage": "Egendefinert HTML"
+	},
+	"settings.default-site.html.placeholder": {
+		"defaultMessage": "<!-- Skriv inn ditt egendefinerte HTML-innhold her -->"
+	},
+	"settings.default-site.redirect": {
+		"defaultMessage": "Omdiriger"
+	},
+	"setup.preamble": {
+		"defaultMessage": "Kom i gang ved å opprette din administratorkonto."
+	},
+	"setup.title": {
+		"defaultMessage": "Velkommen!"
+	},
+	"sign-in": {
+		"defaultMessage": "Logg inn"
+	},
+	"ssl-certificate": {
+		"defaultMessage": "SSL-sertifikat"
+	},
+	"stream": {
+		"defaultMessage": "Strøm"
+	},
+	"stream.forward-host": {
+		"defaultMessage": "Viderekoble vert"
+	},
+	"stream.forward-host.placeholder": {
+		"defaultMessage": "example.com eller 10.0.0.1 eller 2001:db8:3333:4444:5555:6666:7777:8888"
+	},
+	"stream.incoming-port": {
+		"defaultMessage": "Innkommende port"
+	},
+	"streams": {
+		"defaultMessage": "Strømmer"
+	},
+	"streams.count": {
+		"defaultMessage": "{count} {count, plural, one {Strøm} other {Strømmer}}"
+	},
+	"streams.tcp": {
+		"defaultMessage": "TCP"
+	},
+	"streams.udp": {
+		"defaultMessage": "UDP"
+	},
+	"test": {
+		"defaultMessage": "Test"
+	},
+	"update-available": {
+		"defaultMessage": "Oppdatering tilgjengelig: {latestVersion}"
+	},
+	"user": {
+		"defaultMessage": "Bruker"
+	},
+	"user.change-password": {
+		"defaultMessage": "Endre passord"
+	},
+	"user.confirm-password": {
+		"defaultMessage": "Bekreft passord"
+	},
+	"user.current-password": {
+		"defaultMessage": "Nåværende passord"
+	},
+	"user.edit-profile": {
+		"defaultMessage": "Rediger profil"
+	},
+	"user.full-name": {
+		"defaultMessage": "Fullt navn"
+	},
+	"user.login-as": {
+		"defaultMessage": "Logg inn som {name}"
+	},
+	"user.logout": {
+		"defaultMessage": "Logg ut"
+	},
+	"user.new-password": {
+		"defaultMessage": "Nytt passord"
+	},
+	"user.nickname": {
+		"defaultMessage": "Kallenavn"
+	},
+	"user.set-password": {
+		"defaultMessage": "Angi passord"
+	},
+	"user.set-permissions": {
+		"defaultMessage": "Angi tillatelser for {name}"
+	},
+	"user.switch-dark": {
+		"defaultMessage": "Bytt til mørk modus"
+	},
+	"user.switch-light": {
+		"defaultMessage": "Bytt til lys modus"
+	},
+	"user.two-factor": {
+		"defaultMessage": "To-faktor autentisering"
+	},
+	"username": {
+		"defaultMessage": "Brukernavn"
+	},
+	"users": {
+		"defaultMessage": "Brukere"
+	}
+}

frontend/src/locale/src/sk.json

@@ -1,4 +1,61 @@
 {
+	"2fa.backup-codes-remaining": {
+		"defaultMessage": "Počet zostávajúcich záložných kódov: {count}"
+	},
+	"2fa.backup-warning": {
+		"defaultMessage": "Tieto záložné kódy si uložte na bezpečnom mieste. Každý kód je možné použiť len raz."
+	},
+	"2fa.disable": {
+		"defaultMessage": "Vypnúť dvojfaktorové overovanie"
+	},
+	"2fa.disable-confirm": {
+		"defaultMessage": "Vypnúť 2FA"
+	},
+	"2fa.disable-warning": {
+		"defaultMessage": "Vypnutím dvojfaktorového overovania sa zníži bezpečnosť vášho účtu."
+	},
+	"2fa.disabled": {
+		"defaultMessage": "Vypnuté"
+	},
+	"2fa.done": {
+		"defaultMessage": "Uložil som si svoje záložné kódy."
+	},
+	"2fa.enable": {
+		"defaultMessage": "Zapnúť dvojfaktorové overovanie"
+	},
+	"2fa.enabled": {
+		"defaultMessage": "Zapnuté"
+	},
+	"2fa.enter-code": {
+		"defaultMessage": "Zadajte overovací kód"
+	},
+	"2fa.enter-code-disable": {
+		"defaultMessage": "Zadajte overovací kód na vypnutie"
+	},
+	"2fa.regenerate": {
+		"defaultMessage": "Znova vytvoriť"
+	},
+	"2fa.regenerate-backup": {
+		"defaultMessage": "Znova vytvoriť záložné kódy"
+	},
+	"2fa.regenerate-instructions": {
+		"defaultMessage": "Zadajte overovací kód, aby sa vytvorili nové záložné kódy. Vaše staré kódy budú neplatné."
+	},
+	"2fa.secret-key": {
+		"defaultMessage": "Tajný kľúč"
+	},
+	"2fa.setup-instructions": {
+		"defaultMessage": "Naskenujte tento QR kód pomocou svojej overovacej aplikácie alebo zadajte tajný kľúč ručne."
+	},
+	"2fa.status": {
+		"defaultMessage": "Stav"
+	},
+	"2fa.title": {
+		"defaultMessage": "Dvojfaktorové overenie"
+	},
+	"2fa.verify-enable": {
+		"defaultMessage": "Overiť a zapnúť"
+	},
 	"access-list": {
 		"defaultMessage": "zoznam prístupov"
 	},
@@ -23,6 +80,9 @@
 	"access-list.public.subtitle": {
 		"defaultMessage": "Nie je potrebné základné overenie"
 	},
+	"access-list.rule-source.placeholder": {
+		"defaultMessage": "192.168.1.100 alebo 192.168.1.0/24 alebo 2001:0db8::/32"
+	},
 	"access-list.satisfy-any": {
 		"defaultMessage": "Splniť ktorékoľvek"
 	},
@@ -38,12 +98,18 @@
 	"action.add-location": {
 		"defaultMessage": "Pridať umiestnenie"
 	},
+	"action.allow": {
+		"defaultMessage": "Povoliť"
+	},
 	"action.close": {
 		"defaultMessage": "Zavrieť"
 	},
 	"action.delete": {
 		"defaultMessage": "Vymazať"
 	},
+	"action.deny": {
+		"defaultMessage": "Zamietnuť"
+	},
 	"action.disable": {
 		"defaultMessage": "Deaktivovať"
 	},
@@ -68,11 +134,14 @@
 	"auditlogs": {
 		"defaultMessage": "Záznamy auditu"
 	},
+	"auto": {
+		"defaultMessage": "Automaticky"
+	},
 	"cancel": {
 		"defaultMessage": "Zrušiť"
 	},
 	"certificate": {
-		"defaultMessage": "Certifikát"
+		"defaultMessage": "certifikát"
 	},
 	"certificate.custom-certificate": {
 		"defaultMessage": "Certifikát"
@@ -128,6 +197,9 @@
 	"certificates.dns.provider": {
 		"defaultMessage": "DNS poskytovateľ"
 	},
+	"certificates.dns.provider.placeholder": {
+		"defaultMessage": "Vyberte poskytovateľa..."
+	},
 	"certificates.dns.warning": {
 		"defaultMessage": "Táto sekcia vyžaduje znalosť Certbotu a jeho DNS doplnkov. Prosím, pozrite si dokumentáciu príslušného doplnku."
 	},
@@ -249,7 +321,7 @@
 		"defaultMessage": "Panel"
 	},
 	"dead-host": {
-		"defaultMessage": "404 Hostiteľ"
+		"defaultMessage": "404 hostiteľa"
 	},
 	"dead-hosts": {
 		"defaultMessage": "404 Hostitelia"
@@ -383,6 +455,21 @@
 	"loading": {
 		"defaultMessage": "Načítava sa…"
 	},
+	"login.2fa-code": {
+		"defaultMessage": "Overovací kód"
+	},
+	"login.2fa-code-placeholder": {
+		"defaultMessage": "Vložiť kód"
+	},
+	"login.2fa-description": {
+		"defaultMessage": "Vložte kód z vašej overovacej aplikácie"
+	},
+	"login.2fa-title": {
+		"defaultMessage": "Dvoj-faktorové overenie"
+	},
+	"login.2fa-verify": {
+		"defaultMessage": "Overiť"
+	},
 	"login.title": {
 		"defaultMessage": "Prihláste sa do svojho účtu"
 	},
@@ -420,7 +507,7 @@
 		"defaultMessage": "{object} bol obnovený"
 	},
 	"notification.object-saved": {
-		"defaultMessage": "{object} bol uložené"
+		"defaultMessage": "{object} bol uložený"
 	},
 	"notification.success": {
 		"defaultMessage": "Úspech"
@@ -441,7 +528,7 @@
 		"defaultMessage": "Upraviť {object}"
 	},
 	"object.empty": {
-		"defaultMessage": "Nie sú žiadne/y {objects}"
+		"defaultMessage": "Nie sú {objects}"
 	},
 	"object.event.created": {
 		"defaultMessage": "Vytvorený {object}"
@@ -501,7 +588,7 @@
 		"defaultMessage": "Len vytvorené položky"
 	},
 	"proxy-host": {
-		"defaultMessage": "Proxy hostiteľa"
+		"defaultMessage": "proxy hostiteľa"
 	},
 	"proxy-host.forward-host": {
 		"defaultMessage": "Cieľový názov hostiteľa / IP"
@@ -530,6 +617,24 @@
 	"redirection-hosts.count": {
 		"defaultMessage": "{count} {count, plural, one {presmerovací hostiteľ} few {presmerovací hostitelia} other {presmerovacích hostiteľov}}"
 	},
+	"redirection-hosts.http-code.300": {
+		"defaultMessage": "300 Viacero možností"
+	},
+	"redirection-hosts.http-code.301": {
+		"defaultMessage": "301 Trvalo presunuté"
+	},
+	"redirection-hosts.http-code.302": {
+		"defaultMessage": "302 Dočasne presunuté"
+	},
+	"redirection-hosts.http-code.303": {
+		"defaultMessage": "303 Pozrieť iné"
+	},
+	"redirection-hosts.http-code.307": {
+		"defaultMessage": "307 Dočasné presmerovanie"
+	},
+	"redirection-hosts.http-code.308": {
+		"defaultMessage": "308 Trvalé presmerovanie"
+	},
 	"role.admin": {
 		"defaultMessage": "Administrátor"
 	},
@@ -582,11 +687,14 @@
 		"defaultMessage": "SSL certifikát"
 	},
 	"stream": {
-		"defaultMessage": "Stream"
+		"defaultMessage": "stream"
 	},
 	"stream.forward-host": {
 		"defaultMessage": "Cieľový hostiteľ"
 	},
+	"stream.forward-host.placeholder": {
+		"defaultMessage": "napriklad.sk alebo 10.0.0.1 alebo 2001:db8:3333:4444:5555:6666:7777:8888"
+	},
 	"stream.incoming-port": {
 		"defaultMessage": "Vstupný port"
 	},
@@ -605,6 +713,9 @@
 	"test": {
 		"defaultMessage": "Test"
 	},
+	"update-available": {
+		"defaultMessage": "Dostupná aktualizácia: {latestVersion}"
+	},
 	"user": {
 		"defaultMessage": "používateľa"
 	},
@@ -647,6 +758,9 @@
 	"user.switch-light": {
 		"defaultMessage": "Prepnúť na svetlý režim"
 	},
+	"user.two-factor": {
+		"defaultMessage": "Dvojfakt. overenie"
+	},
 	"username": {
 		"defaultMessage": "Používateľské meno"
 	},

frontend/src/locale/src/zh.json

@@ -275,6 +275,9 @@
 	"domain-names.wildcards-not-supported": {
 		"defaultMessage": "此 CA 不支持通配符"
 	},
+	"domains.advanced": {
+		"defaultMessage": "高级选项"
+	},
 	"domains.force-ssl": {
 		"defaultMessage": "强制 SSL"
 	},
@@ -287,6 +290,9 @@
 	"domains.http2-support": {
 		"defaultMessage": "HTTP/2 支持"
 	},
+	"domains.trust-forwarded-proto": {
+		"defaultMessage": "信任上游代理传递的协议类型头"
+	},
 	"domains.use-dns": {
 		"defaultMessage": "使用DNS验证"
 	},

frontend/src/modals/ProxyHostModal.tsx

@@ -88,6 +88,7 @@ const ProxyHostModal = EasyModal.create(({ id, visible, remove }: Props) => {
 							http2Support: data?.http2Support || false,
 							hstsEnabled: data?.hstsEnabled || false,
 							hstsSubdomains: data?.hstsSubdomains || false,
+							trustForwardedProto: data?.trustForwardedProto || false,
 							// Advanced tab
 							advancedConfig: data?.advancedConfig || "",
 							meta: data?.meta || {},
@@ -339,7 +340,7 @@ const ProxyHostModal = EasyModal.create(({ id, visible, remove }: Props) => {
 													label="ssl-certificate"
 													allowNew
 												/>
-												<SSLOptionsFields color="bg-lime" />
+												<SSLOptionsFields color="bg-lime" forProxyHost={true} />
 											</div>
 											<div className="tab-pane" id="tab-advanced" role="tabpanel">
 												<NginxConfigField />

scripts/buildx

@@ -22,7 +22,7 @@ docker buildx build \
 	--build-arg BUILD_DATE="$(date '+%Y-%m-%d %T %Z')" \
 	--build-arg GOPROXY="${GOPROXY:-}" \
 	--build-arg GOPRIVATE="${GOPRIVATE:-}" \
-	--platform linux/amd64,linux/arm64,linux/arm/7 \
+	--platform linux/amd64,linux/arm64 \
 	--progress plain \
 	--pull \
 	-f docker/Dockerfile \

test/cypress/Dockerfile

@@ -1,4 +1,4 @@
-FROM cypress/included:15.9.0
+FROM cypress/included:15.10.0
 
 # Disable Cypress CLI colors
 ENV FORCE_COLOR=0

test/package.json

@@ -5,19 +5,19 @@
 	"main": "index.js",
 	"dependencies": {
 		"@jc21/cypress-swagger-validation": "^0.3.2",
-		"@quobix/vacuum": "^0.23.4",
-		"axios": "^1.13.1",
+		"@quobix/vacuum": "^0.23.8",
+		"axios": "^1.13.5",
 		"chalk": "^5.6.2",
-		"cypress": "^15.9.0",
+		"cypress": "^15.10.0",
 		"cypress-multi-reporters": "^2.0.5",
 		"cypress-wait-until": "^3.0.2",
-		"eslint": "^9.39.0",
+		"eslint": "^10.0.0",
 		"eslint-plugin-align-assignments": "^1.1.2",
 		"eslint-plugin-chai-friendly": "^1.1.0",
-		"eslint-plugin-cypress": "^5.2.0",
-		"form-data": "^4.0.4",
-		"lodash": "^4.17.21",
-		"mocha": "^11.7.4",
+		"eslint-plugin-cypress": "^6.0.0",
+		"form-data": "^4.0.5",
+		"lodash": "^4.17.23",
+		"mocha": "^11.7.5",
 		"mocha-junit-reporter": "^2.2.1"
 	},
 	"scripts": {