Merge pull request #1348 from jc21/develop

v2.9.8

.version

@@ -1 +1 @@
-2.9.7
+2.9.8

README.md

@@ -1,7 +1,7 @@
 <p align="center">
 	<img src="https://nginxproxymanager.com/github.png">
 	<br><br>
-	<img src="https://img.shields.io/badge/version-2.9.7-green.svg?style=for-the-badge">
+	<img src="https://img.shields.io/badge/version-2.9.8-green.svg?style=for-the-badge">
 	<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
 		<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
 	</a>
@@ -17,7 +17,6 @@
 	<a href="https://reddit.com/r/nginxproxymanager">
 		<img alt="Reddit" src="https://img.shields.io/reddit/subreddit-subscribers/nginxproxymanager?label=Reddit%20Community&style=for-the-badge">
 	</a>
-
 </p>
 
 This project comes as a pre-built docker image that enables you to easily forward to your websites
@@ -470,6 +469,20 @@ Special thanks to the following contributors:
 				<br /><sub><b>gabbe</b></sub>
 			</a>
 		</td>
+		<td align="center">
+			<a href="https://github.com/bmbvenom">
+				<img src="https://avatars.githubusercontent.com/u/20530371?v=4" width="80" alt=""/>
+				<br /><sub><b>bmbvenom</b></sub>
+			</a>
+		</td>
+	</tr>
+	<tr>
+		<td align="center">
+			<a href="https://github.com/FMeinicke">
+				<img src="https://avatars.githubusercontent.com/u/42121639?v=4" width="80" alt=""/>
+				<br /><sub><b>Florian Meinicke</b></sub>
+			</a>
+		</td>
 	</tr>
 </table>
 <!-- markdownlint-enable -->

backend/internal/access-list.js

@@ -118,7 +118,6 @@ const internalAccessList = {
 					// Sanity check that something crazy hasn't happened
 					throw new error.InternalValidationError('Access List could not be updated, IDs do not match: ' + row.id + ' !== ' + data.id);
 				}
-
 			})
 			.then(() => {
 				// patch name if specified
@@ -205,6 +204,7 @@ const internalAccessList = {
 						});
 				}
 			})
+			.then(internalNginx.reload)
 			.then(() => {
 				// Add to audit log
 				return internalAuditLog.add(access, {

backend/migrations/20210423103500_stream_domain.js

@@ -0,0 +1,40 @@
+const migrate_name = 'stream_domain';
+const logger       = require('../logger').migrate;
+
+/**
+	* Migrate
+	*
+	* @see http://knexjs.org/#Schema
+	*
+	* @param   {Object} knex
+	* @param   {Promise} Promise
+	* @returns {Promise}
+	*/
+exports.up = function (knex/*, Promise*/) {
+	logger.info('[' + migrate_name + '] Migrating Up...');
+
+	return knex.schema.table('stream', (table) => {
+		table.renameColumn('forward_ip', 'forwarding_host');
+	})
+		.then(function () {
+			logger.info('[' + migrate_name + '] stream Table altered');
+		});
+};
+
+/**
+	* Undo Migrate
+	*
+	* @param   {Object} knex
+	* @param   {Promise} Promise
+	* @returns {Promise}
+	*/
+exports.down = function (knex/*, Promise*/) {
+	logger.info('[' + migrate_name + '] Migrating Down...');
+
+	return knex.schema.table('stream', (table) => {
+		table.renameColumn('forwarding_host', 'forward_ip');
+	})
+		.then(function () {
+			logger.info('[' + migrate_name + '] stream Table altered');
+		});
+};

backend/schema/endpoints/streams.json

@@ -20,9 +20,20 @@
       "minimum": 1,
       "maximum": 65535
     },
-    "forward_ip": {
-      "type": "string",
-      "format": "ipv4"
+    "forwarding_host": {
+      "oneOf": [
+        {
+          "$ref": "../definitions.json#/definitions/domain_name"
+        },
+        {
+          "type": "string",
+          "format": "ipv4"
+        },
+        {
+          "type": "string",
+          "format": "ipv6"
+        }
+      ]
     },
     "forwarding_port": {
       "type": "integer",
@@ -55,8 +66,8 @@
     "incoming_port": {
       "$ref": "#/definitions/incoming_port"
     },
-    "forward_ip": {
-      "$ref": "#/definitions/forward_ip"
+    "forwarding_host": {
+      "$ref": "#/definitions/forwarding_host"
     },
     "forwarding_port": {
       "$ref": "#/definitions/forwarding_port"
@@ -107,15 +118,15 @@
         "additionalProperties": false,
         "required": [
           "incoming_port",
-          "forward_ip",
+          "forwarding_host",
           "forwarding_port"
         ],
         "properties": {
           "incoming_port": {
             "$ref": "#/definitions/incoming_port"
           },
-          "forward_ip": {
-            "$ref": "#/definitions/forward_ip"
+          "forwarding_host": {
+            "$ref": "#/definitions/forwarding_host"
           },
           "forwarding_port": {
             "$ref": "#/definitions/forwarding_port"
@@ -154,8 +165,8 @@
           "incoming_port": {
             "$ref": "#/definitions/incoming_port"
           },
-          "forward_ip": {
-            "$ref": "#/definitions/forward_ip"
+          "forwarding_host": {
+            "$ref": "#/definitions/forwarding_host"
           },
           "forwarding_port": {
             "$ref": "#/definitions/forwarding_port"

backend/templates/stream.conf

@@ -12,7 +12,7 @@ server {
   #listen [::]:{{ incoming_port }};
 {% endif %}
 
-  proxy_pass {{ forward_ip }}:{{ forwarding_port }};
+  proxy_pass {{ forwarding_host }}:{{ forwarding_port }};
 
   # Custom
   include /data/nginx/custom/server_stream[.]conf;
@@ -27,7 +27,7 @@ server {
 {% else -%}
   #listen [::]:{{ incoming_port }} udp;
 {% endif %}
-  proxy_pass {{ forward_ip }}:{{ forwarding_port }};
+  proxy_pass {{ forwarding_host }}:{{ forwarding_port }};
 
   # Custom
   include /data/nginx/custom/server_stream[.]conf;

backend/yarn.lock

@@ -2340,9 +2340,9 @@ normalize-path@^3.0.0, normalize-path@~3.0.0:
   integrity sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==
 
 normalize-url@^4.1.0:
-  version "4.5.0"
-  resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-4.5.0.tgz#453354087e6ca96957bd8f5baf753f5982142129"
-  integrity sha512-2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ==
+  version "4.5.1"
+  resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-4.5.1.tgz#0dd90cf1288ee1d1313b87081c9a5932ee48518a"
+  integrity sha512-9UZCFRHQdNrfTpGg8+1INIg93B6zE0aXMVFkw1WFwvO4SlZywU6aLg5Of0Ap/PgcbSw4LNxvMWXMeugwMCX0AA==
 
 npm-bundled@^1.0.1:
   version "1.1.1"
@@ -2608,9 +2608,9 @@ path-key@^2.0.1:
   integrity sha1-QRyttXTFoUDTpLGRDUDYDMn0C0A=
 
 path-parse@^1.0.6:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.6.tgz#d62dbb5679405d72c4737ec58600e9ddcf06d24c"
-  integrity sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
+  integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
 
 path-root-regex@^0.1.0:
   version "0.1.2"

docker/.dive-ci

@@ -0,0 +1,14 @@
+rules:
+  # If the efficiency is measured below X%, mark as failed.
+  # Expressed as a ratio between 0-1.
+  lowestEfficiency: 0.99
+
+  # If the amount of wasted space is at least X or larger than X, mark as failed.
+  # Expressed in B, KB, MB, and GB.
+  highestWastedBytes: 15MB
+
+  # If the amount of wasted space makes up for X% or more of the image, mark as failed.
+  # Note: the base image layer is NOT included in the total image size.
+  # Expressed as a ratio between 0-1; fails if the threshold is met or crossed.
+  highestUserWastedPercent: 0.02
+

docker/Dockerfile

@@ -3,7 +3,7 @@
 
 # This file assumes that the frontend has been built using ./scripts/frontend-build
 
-FROM jc21/nginx-full:node
+FROM nginxproxymanager/nginx-full:node
 
 ARG TARGETPLATFORM
 ARG BUILD_VERSION
@@ -48,7 +48,6 @@ RUN chmod 644 /etc/logrotate.d/nginx-proxy-manager
 
 VOLUME [ "/data", "/etc/letsencrypt" ]
 ENTRYPOINT [ "/init" ]
-HEALTHCHECK --interval=5s --timeout=3s CMD /bin/check-health
 
 LABEL org.label-schema.schema-version="1.0" \
 	org.label-schema.license="MIT" \

docker/dev/Dockerfile

@@ -1,4 +1,4 @@
-FROM jc21/nginx-full:node
+FROM nginxproxymanager/nginx-full:node
 LABEL maintainer="Jamie Curnow <[email protected]>"
 
 ENV S6_LOGGING=0 \
@@ -26,4 +26,4 @@ RUN curl -L -o /tmp/s6-overlay-amd64.tar.gz "https://github.com/just-containers/
 
 EXPOSE 80 81 443
 ENTRYPOINT [ "/init" ]
-HEALTHCHECK --interval=5s --timeout=3s CMD /bin/check-health
+

docker/docker-compose.ci.yml

@@ -20,6 +20,10 @@ services:
       - 443
     depends_on:
       - db
+    healthcheck:
+      test: ["CMD", "/bin/check-health"]
+      interval: 10s
+      timeout: 3s
 
   fullstack-sqlite:
     image: ${IMAGE}:ci-${BUILD_NUMBER}
@@ -33,6 +37,10 @@ services:
       - 81
       - 80
       - 443
+    healthcheck:
+      test: ["CMD", "/bin/check-health"]
+      interval: 10s
+      timeout: 3s
 
   db:
     image: jc21/mariadb-aria

docker/rootfs/etc/services.d/frontend/run

@@ -4,6 +4,7 @@
 
 if [ "$DEVELOPMENT" == "true" ]; then
 	cd /app/frontend || exit 1
+	# If yarn install fails: add --verbose --network-concurrency 1
 	yarn install
 	yarn watch
 else

docker/rootfs/etc/services.d/manager/run

@@ -6,6 +6,7 @@ cd /app || echo
 
 if [ "$DEVELOPMENT" == "true" ]; then
 	cd /app || exit 1
+	# If yarn install fails: add --verbose --network-concurrency 1
 	yarn install
 	node --max_old_space_size=250 --abort_on_uncaught_exception node_modules/nodemon/bin/nodemon.js
 else

docker/rootfs/etc/services.d/nginx/run

@@ -36,7 +36,7 @@ then
 		-days 3650 \
 		-nodes \
 		-x509 \
-		-subj '/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost' \
+		-subj '/O=localhost/OU=localhost/CN=localhost' \
 		-keyout /data/nginx/dummykey.pem \
 		-out /data/nginx/dummycert.pem
 	echo "Complete"

docs/advanced-config/README.md

@@ -48,6 +48,18 @@ file, it's "exposed" by the portainer docker image for you and not available on
 the docker host outside of this docker network. The service name is used as the
 hostname, so make sure your service names are unique when using the same network.
 
+## Docker Healthcheck
+
+The `Dockerfile` that builds this project does not include a `HEALTCHECK` but you can opt in to this
+feature by adding the following to the service in your `docker-compose.yml` file:
+
+```yml
+healthcheck:
+  test: ["CMD", "/bin/check-health"]
+  interval: 10s
+  timeout: 3s
+```
+
 ## Docker Secrets
 
 This image supports the use of Docker secrets to import from file and keep sensitive usernames or passwords from being passed or preserved in plaintext.

docs/yarn.lock

@@ -2560,7 +2560,7 @@ cli-boxes@^2.2.0:
   resolved "https://registry.yarnpkg.com/cli-boxes/-/cli-boxes-2.2.0.tgz#538ecae8f9c6ca508e3c3c95b453fe93cb4c168d"
   integrity sha512-gpaBrMAizVEANOpfZp/EEUixTXDyGt7DFzdK5hU+UbWt/J0lB0w20ncZj59Z9a93xHb9u12zF5BS6i9RKbtg4w==
 
-clipboard@^2.0.0, clipboard@^2.0.6:
+clipboard@^2.0.6:
   version "2.0.6"
   resolved "https://registry.yarnpkg.com/clipboard/-/clipboard-2.0.6.tgz#52921296eec0fdf77ead1749421b21c968647376"
   integrity sha512-g5zbiixBRk/wyKakSwCKd7vQXDjFnAMGHoEyBogG/bw9kTD9GvdAvaoRR1ALcEzt3pVKxZR0pViekPMIS0QyGg==
@@ -7173,9 +7173,9 @@ path-key@^3.0.0, path-key@^3.1.0, path-key@^3.1.1:
   integrity sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==
 
 path-parse@^1.0.6:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.6.tgz#d62dbb5679405d72c4737ec58600e9ddcf06d24c"
-  integrity sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
+  integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
 
 [email protected]:
   version "0.1.7"
@@ -7699,11 +7699,9 @@ pretty-time@^1.1.0:
   integrity sha512-28iF6xPQrP8Oa6uxE6a1biz+lWeTOAPKggvjB8HAs6nVMKZwf5bG++632Dx614hIWgUPkgivRfG+a8uAXGTIbA==
 
 prismjs@^1.13.0, prismjs@^1.20.0:
-  version "1.23.0"
-  resolved "https://registry.yarnpkg.com/prismjs/-/prismjs-1.23.0.tgz#d3b3967f7d72440690497652a9d40ff046067f33"
-  integrity sha512-c29LVsqOaLbBHuIbsTxaKENh1N2EQBOHaWv7gkHN4dgRbxSREqDnDbtFJYdpPauS4YCplMSNCABQ6Eeor69bAA==
-  optionalDependencies:
-    clipboard "^2.0.0"
+  version "1.24.0"
+  resolved "https://registry.yarnpkg.com/prismjs/-/prismjs-1.24.0.tgz#0409c30068a6c52c89ef7f1089b3ca4de56be2ac"
+  integrity sha512-SqV5GRsNqnzCL8k5dfAjCNhUrF3pR0A9lTDSCUZeh/LIshheXJEaP0hwLz2t4XHivd2J/v2HR+gRnigzeKe3cQ==
 
 private@^0.1.8:
   version "0.1.8"
@@ -9652,9 +9650,9 @@ url-parse-lax@^3.0.0:
     prepend-http "^2.0.0"
 
 url-parse@^1.4.3, url-parse@^1.4.7:
-  version "1.5.0"
-  resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.0.tgz#90aba6c902aeb2d80eac17b91131c27665d5d828"
-  integrity sha512-9iT6N4s93SMfzunOyDPe4vo4nLcSu1yq0IQK1gURmjm8tQNlM6loiuCRrKG1hHGXfB2EWd6H4cGi7tGdaygMFw==
+  version "1.5.2"
+  resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.2.tgz#a4eff6fd5ff9fe6ab98ac1f79641819d13247cda"
+  integrity sha512-6bTUPERy1muxxYClbzoRo5qtQuyoGEbzbQvi0SW4/8U8UyVkAQhWFBlnigqJkRm4su4x1zDQfNbEzWkt+vchcg==
   dependencies:
     querystringify "^2.1.1"
     requires-port "^1.0.0"

frontend/js/app/nginx/stream/form.ejs

@@ -14,8 +14,8 @@
                 </div>
                 <div class="col-sm-8 col-md-8">
                     <div class="form-group">
-                        <label class="form-label"><%- i18n('streams', 'forward-ip') %><span class="form-required">*</span></label>
-                        <input type="text" name="forward_ip" class="form-control text-monospace" placeholder="000.000.000.000" value="<%- forward_ip %>" autocomplete="off" maxlength="15" required>
+                        <label class="form-label"><%- i18n('streams', 'forwarding-host') %><span class="form-required">*</span></label>
+                        <input type="text" name="forwarding_host" class="form-control text-monospace" placeholder="example.com or 10.0.0.1 or 2001:db8:3333:4444:5555:6666:7777:8888" value="<%- forwarding_host %>" autocomplete="off" maxlength="255" required>
                     </div>
                 </div>
                 <div class="col-sm-4 col-md-4">

frontend/js/app/nginx/stream/form.js

@@ -13,7 +13,7 @@ module.exports = Mn.View.extend({
 
     ui: {
         form:       'form',
-        forward_ip: 'input[name="forward_ip"]',
+        forwarding_host: 'input[name="forwarding_host"]',
         type_error: '.forward-type-error',
         buttons:    '.modal-footer button',
         switches:   '.custom-switch-input',
@@ -76,13 +76,6 @@ module.exports = Mn.View.extend({
         }
     },
 
-    onRender: function () {
-        this.ui.forward_ip.mask('099.099.099.099', {
-            clearIfNotMatch: true,
-            placeholder:     '000.000.000.000'
-        });
-    },
-
     initialize: function (options) {
         if (typeof options.model === 'undefined' || !options.model) {
             this.model = new StreamModel.Model();

frontend/js/app/nginx/stream/list/item.ejs

@@ -12,7 +12,7 @@
     </div>
 </td>
 <td>
-    <div class="text-monospace"><%- forward_ip %>:<%- forwarding_port %></div>
+    <div class="text-monospace"><%- forwarding_host %>:<%- forwarding_port %></div>
 </td>
 <td>
     <div>

frontend/js/i18n/messages.json

@@ -162,7 +162,7 @@
       "add": "Add Stream",
       "form-title": "{id, select, undefined{New} other{Edit}} Stream",
       "incoming-port": "Incoming Port",
-      "forward-ip": "Forward IP",
+      "forwarding-host": "Forward Host",
       "forwarding-port": "Forward Port",
       "tcp-forwarding": "TCP Forwarding",
       "udp-forwarding": "UDP Forwarding",

frontend/js/models/stream.js

@@ -9,7 +9,7 @@ const model = Backbone.Model.extend({
             created_on:      null,
             modified_on:     null,
             incoming_port:   null,
-            forward_ip:      null,
+            forwarding_host: null,
             forwarding_port: null,
             tcp_forwarding:  true,
             udp_forwarding:  false,

frontend/yarn.lock

@@ -5112,9 +5112,9 @@ path-key@^2.0.1:
   integrity sha1-QRyttXTFoUDTpLGRDUDYDMn0C0A=
 
 path-parse@^1.0.6:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.6.tgz#d62dbb5679405d72c4737ec58600e9ddcf06d24c"
-  integrity sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
+  integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
 
 path-type@^1.0.0:
   version "1.1.0"

global/certbot-dns-plugins.js

@@ -452,4 +452,14 @@ certbot_dns_transip:dns_transip_key_file = /etc/letsencrypt/transip-rsa.key`,
 		credentials:      'certbot_dns_vultr:dns_vultr_key = YOUR_VULTR_API_KEY',
 		full_plugin_name: 'certbot-dns-vultr:dns-vultr',
 	},
+	//####################################################//
+	desec: {
+		display_name:    'deSEC',
+		package_name:    'certbot-dns-desec',
+		package_version: '0.3.0',
+		dependencies:    '',
+		credentials:     `certbot_dns_desec:dns_desec_token = YOUR_DESEC_API_TOKEN
+certbot_dns_desec:dns_desec_endpoint = https://desec.io/api/v1/`,
+		full_plugin_name: 'certbot-dns-desec:dns-desec',
+	},
 };