diff --git a/.gitignore b/.gitignore index deb3fb55c..08462849d 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,4 @@ .idea ._* .vscode - +certbot-help.txt diff --git a/.version b/.version index 530cdd91a..276cbf9e2 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.2.4 +2.3.0 diff --git a/Jenkinsfile b/Jenkinsfile index 6cac8fe12..cee1bf122 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -5,6 +5,7 @@ pipeline { options { buildDiscarder(logRotator(numToKeepStr: '5')) disableConcurrentBuilds() + ansiColor('xterm') } environment { IMAGE = "nginx-proxy-manager" @@ -55,50 +56,44 @@ pipeline { } stage('Frontend') { steps { - ansiColor('xterm') { - sh './scripts/frontend-build' - } + sh './scripts/frontend-build' } } stage('Backend') { steps { - ansiColor('xterm') { - echo 'Checking Syntax ...' - // See: https://github.com/yarnpkg/yarn/issues/3254 - sh '''docker run --rm \\ - -v "$(pwd)/backend:/app" \\ - -w /app \\ - node:latest \\ - sh -c "yarn install && yarn eslint . && rm -rf node_modules" - ''' + echo 'Checking Syntax ...' + // See: https://github.com/yarnpkg/yarn/issues/3254 + sh '''docker run --rm \\ + -v "$(pwd)/backend:/app" \\ + -w /app \\ + node:latest \\ + sh -c "yarn install && yarn eslint . && rm -rf node_modules" + ''' - echo 'Docker Build ...' - sh '''docker build --pull --no-cache --squash --compress \\ - -t "${IMAGE}:ci-${BUILD_NUMBER}" \\ - -f docker/Dockerfile \\ - --build-arg TARGETPLATFORM=linux/amd64 \\ - --build-arg BUILDPLATFORM=linux/amd64 \\ - --build-arg BUILD_VERSION="${BUILD_VERSION}" \\ - --build-arg BUILD_COMMIT="${BUILD_COMMIT}" \\ - --build-arg BUILD_DATE="$(date '+%Y-%m-%d %T %Z')" \\ - . - ''' - } + echo 'Docker Build ...' + sh '''docker build --pull --no-cache --squash --compress \\ + -t "${IMAGE}:ci-${BUILD_NUMBER}" \\ + -f docker/Dockerfile \\ + --build-arg TARGETPLATFORM=linux/amd64 \\ + --build-arg BUILDPLATFORM=linux/amd64 \\ + --build-arg BUILD_VERSION="${BUILD_VERSION}" \\ + --build-arg BUILD_COMMIT="${BUILD_COMMIT}" \\ + --build-arg BUILD_DATE="$(date '+%Y-%m-%d %T %Z')" \\ + . + ''' } } stage('Test') { steps { - ansiColor('xterm') { - // Bring up a stack - sh 'docker-compose up -d fullstack' - sh './scripts/wait-healthy $(docker-compose ps -q fullstack) 120' + // Bring up a stack + sh 'docker-compose up -d fullstack' + sh './scripts/wait-healthy $(docker-compose ps -q fullstack) 120' - // Run tests - sh 'rm -rf test/results' - sh 'docker-compose up cypress' - // Get results - sh 'docker cp -L "$(docker-compose ps -q cypress):/results" test/' - } + // Run tests + sh 'rm -rf test/results' + sh 'docker-compose up cypress' + // Get results + sh 'docker cp -L "$(docker-compose ps -q cypress):/results" test/' } post { always { @@ -121,18 +116,16 @@ pipeline { } } steps { - ansiColor('xterm') { - dir(path: 'docs') { - sh 'yarn install' - sh 'yarn build' - } - - dir(path: 'docs/.vuepress/dist') { - sh 'tar -czf ../../docs.tgz *' - } + dir(path: 'docs') { + sh 'yarn install' + sh 'yarn build' + } - archiveArtifacts(artifacts: 'docs/docs.tgz', allowEmptyArchive: false) + dir(path: 'docs/.vuepress/dist') { + sh 'tar -czf ../../docs.tgz *' } + + archiveArtifacts(artifacts: 'docs/docs.tgz', allowEmptyArchive: false) } } stage('MultiArch Build') { @@ -142,12 +135,10 @@ pipeline { } } steps { - ansiColor('xterm') { - withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) { - sh "docker login -u '${duser}' -p '${dpass}'" - // Buildx with push - sh "./scripts/buildx --push ${BUILDX_PUSH_TAGS}" - } + withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) { + sh "docker login -u '${duser}' -p '${dpass}'" + // Buildx with push + sh "./scripts/buildx --push ${BUILDX_PUSH_TAGS}" } } } @@ -193,17 +184,15 @@ pipeline { } } steps { - ansiColor('xterm') { - script { - def comment = pullRequest.comment("Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/jc21/${IMAGE}) as `jc21/${IMAGE}:github-${BRANCH_LOWER}`") - } + script { + def comment = pullRequest.comment("Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/jc21/${IMAGE}) as `jc21/${IMAGE}:github-${BRANCH_LOWER}`") } } } } post { always { - sh 'docker-compose down --rmi all --remove-orphans --volumes -t 30' + //sh 'docker-compose down --rmi all --remove-orphans --volumes -t 30' sh 'echo Reverting ownership' sh 'docker run --rm -v $(pwd):/data ${DOCKER_CI_TOOLS} chown -R $(id -u):$(id -g) /data' } diff --git a/README.md b/README.md index 396cbe57b..4ba0f54e2 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,19 @@

- -

- - - - - - - - - - + +

+ + + + + + + + + + + + Gitter +

This project comes as a pre-built docker image that enables you to easily forward to your websites @@ -48,3 +51,119 @@ I won't go in to too much detail here but here are the basics for someone new to 2. Add port forwarding for port 80 and 443 to the server hosting this project 3. Configure your domain name details to point to your home, either with a static ip or a service like DuckDNS or [Amazon Route53](https://github.com/jc21/route53-ddns) 4. Use the Nginx Proxy Manager as your gateway to forward to your other web based services + + +## Contributors + +Special thanks to the following contributors: + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + +
Sebastian Valle + + 		+ + +
Kyle Klaus + + 		+ + +
ƬHE ЯAW + + 		+ + +
Spencer + + 		+ + +
Xantios Krugor + + 		+ + +
David Panesso + + 		+ + +
IronTooch + +
+ + +
Damiano + + 		+ + +
Russ + + 		+ + +
Marcelo Castagna + + 		+ + +
Steven Harris + + 		+ + +
Jocelyn Le Sage + + 		+ + +
Carl Mercier + + 		+ + +
Paul Mansfield + +
+ + +
OhHeyAlan + +
+ + +
Carl Sutton + +
+ + diff --git a/backend/internal/access-list.js b/backend/internal/access-list.js index 2f53ee1fc..36a9d2bb6 100644 --- a/backend/internal/access-list.js +++ b/backend/internal/access-list.js @@ -71,7 +71,7 @@ const internalAccessList = { // re-fetch with expansions return internalAccessList.get(access, { id: data.id, - expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients'] + expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients', 'proxy_hosts.access_list.items'] }, true /* <- skip masking */); }) .then((row) => { @@ -216,7 +216,7 @@ const internalAccessList = { // re-fetch with expansions return internalAccessList.get(access, { id: data.id, - expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients'] + expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients', 'proxy_hosts.access_list.items'] }, true /* <- skip masking */); }) .then((row) => { @@ -254,7 +254,7 @@ const internalAccessList = { .joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0') .where('access_list.is_deleted', 0) .andWhere('access_list.id', data.id) - .allowEager('[owner,items,clients,proxy_hosts,proxy_hosts.access_list.clients]') + .allowEager('[owner,items,clients,proxy_hosts,proxy_hosts.access_list.clients,proxy_hosts.access_list.items]') .omit(['access_list.is_deleted']) .first(); diff --git a/backend/internal/proxy-host.js b/backend/internal/proxy-host.js index c27d0ddce..115af92e1 100644 --- a/backend/internal/proxy-host.js +++ b/backend/internal/proxy-host.js @@ -73,7 +73,7 @@ const internalProxyHost = { // re-fetch with cert return internalProxyHost.get(access, { id: row.id, - expand: ['certificate', 'owner', 'access_list.clients'] + expand: ['certificate', 'owner', 'access_list.clients', 'access_list.items'] }); }) .then((row) => { @@ -186,7 +186,7 @@ const internalProxyHost = { .then(() => { return internalProxyHost.get(access, { id: data.id, - expand: ['owner', 'certificate', 'access_list.clients'] + expand: ['owner', 'certificate', 'access_list.clients', 'access_list.items'] }) .then((row) => { // Configure nginx @@ -219,7 +219,7 @@ const internalProxyHost = { .query() .where('is_deleted', 0) .andWhere('id', data.id) - .allowEager('[owner,access_list,access_list.clients,certificate]') + .allowEager('[owner,access_list,access_list.clients,access_list.items,certificate]') .first(); if (access_data.permission_visibility !== 'all') { diff --git a/backend/templates/proxy_host.conf b/backend/templates/proxy_host.conf index 0da4bed92..b553e1c1b 100644 --- a/backend/templates/proxy_host.conf +++ b/backend/templates/proxy_host.conf @@ -23,9 +23,11 @@ server { location / { {% if access_list_id > 0 %} + {% if access_list.items.length > 0 %} # Authorization auth_basic "Authorization required"; auth_basic_user_file /data/access/{{ access_list_id }}; + {% endif %} # Access Rules {% for client in access_list.clients %} diff --git a/docker/Dockerfile b/docker/Dockerfile index a08549a08..e3eefb346 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -16,7 +16,6 @@ ENV S6_FIX_ATTRS_HIDDEN=1 ENV NODE_ENV=production RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ - && rm -rf /etc/nginx \ && apk update \ && apk add python2 certbot jq \ && rm -rf /var/cache/apk/* diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index f0e2d2620..35f5651d0 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -6,7 +6,6 @@ ENV SUPPRESS_NO_CONFIG_WARNING=1 ENV S6_FIX_ATTRS_HIDDEN=1 RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ - && rm -rf /etc/nginx \ && apk update \ && apk add python2 certbot jq \ && rm -rf /var/cache/apk/* diff --git a/docker/rootfs/etc/nginx/nginx.conf b/docker/rootfs/etc/nginx/nginx.conf index e750e6c17..0643cc2a7 100644 --- a/docker/rootfs/etc/nginx/nginx.conf +++ b/docker/rootfs/etc/nginx/nginx.conf @@ -26,12 +26,15 @@ http { tcp_nopush on; tcp_nodelay on; client_body_temp_path /tmp/nginx/body 1 2; - keepalive_timeout 65; + keepalive_timeout 90s; + proxy_connect_timeout 90s; + proxy_send_timeout 90s; + proxy_read_timeout 90s; ssl_prefer_server_ciphers on; gzip on; proxy_ignore_client_abort off; client_max_body_size 2000m; - server_names_hash_bucket_size 64; + server_names_hash_bucket_size 1024; proxy_http_version 1.1; proxy_set_header X-Forwarded-Scheme $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/docker/rootfs/root/.bashrc b/docker/rootfs/root/.bashrc index fe69b7874..aec8e8f9a 100644 --- a/docker/rootfs/root/.bashrc +++ b/docker/rootfs/root/.bashrc @@ -16,5 +16,5 @@ alias h='cd ~;clear;' echo -e -n '\E[1;34m' figlet -w 120 "NginxProxyManager" -echo -e "\E[1;36mVersion \E[1;32m${NPM_BUILD_VERSION:-2.0.0-dev}\E[1;36m (${NPM_BUILD_COMMIT:-dev}) ${NPM_BUILD_DATE:-0000-00-00}, Nginx \E[1;32m${NGINX_VERSION:-unknown}\E[1;36m, Alpine \E[1;32m${VERSION_ID:-unknown}\E[1;36m, Kernel \E[1;32m$(uname -r)\E[0m" +echo -e "\E[1;36mVersion \E[1;32m${NPM_BUILD_VERSION:-2.0.0-dev} (${NPM_BUILD_COMMIT:-dev}) ${NPM_BUILD_DATE:-0000-00-00}\E[1;36m, OpenResty \E[1;32m${OPENRESTY_VERSION:-unknown}\E[1;36m, Alpine \E[1;32m${VERSION_ID:-unknown}\E[1;36m, Kernel \E[1;32m$(uname -r)\E[0m" echo diff --git a/scripts/.common.sh b/scripts/.common.sh new file mode 100644 index 000000000..3cea09167 --- /dev/null +++ b/scripts/.common.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# Colors +BLUE='\E[1;34m' +CYAN='\E[1;36m' +GREEN='\E[1;32m' +RED='\E[1;31m' +RESET='\E[0m' +YELLOW='\E[1;33m' + +export BLUE CYAN GREEN RED RESET YELLOW + +# Docker Compose +COMPOSE_PROJECT_NAME="npmdev" +COMPOSE_FILE="docker/docker-compose.dev.yml" + +export COMPOSE_FILE COMPOSE_PROJECT_NAME diff --git a/scripts/buildx b/scripts/buildx index b22d881c7..4da6c1674 100755 --- a/scripts/buildx +++ b/scripts/buildx @@ -1,10 +1,7 @@ #!/bin/bash -CYAN='\E[1;36m' -YELLOW='\E[1;33m' -BLUE='\E[1;34m' -GREEN='\E[1;32m' -RESET='\E[0m' +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +. "$DIR/.common.sh" echo -e "${BLUE}❯ ${CYAN}Building docker multiarch: ${YELLOW}${*}${RESET}" diff --git a/scripts/destroy-dev b/scripts/destroy-dev index e86b33fa5..1309aad45 100755 --- a/scripts/destroy-dev +++ b/scripts/destroy-dev @@ -1,15 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists # Make sure docker exists diff --git a/scripts/docs-build b/scripts/docs-build index cdab81171..990313912 100755 --- a/scripts/docs-build +++ b/scripts/docs-build @@ -1,12 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -GREEN='\E[1;32m' -RESET='\E[0m' +. "$DIR/.common.sh" # Ensure docker-compose exists if hash docker 2>/dev/null; then diff --git a/scripts/docs-upload b/scripts/docs-upload index 0f3761d16..ea71fb8ea 100755 --- a/scripts/docs-upload +++ b/scripts/docs-upload @@ -2,11 +2,8 @@ # Note: This script is designed to be run inside CI builds -CYAN='\E[1;36m' -YELLOW='\E[1;33m' -BLUE='\E[1;34m' -GREEN='\E[1;32m' -RESET='\E[0m' +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +. "$DIR/.common.sh" echo -e "${BLUE}❯ ${CYAN}Uploading docs in: ${YELLOW}$1${RESET}" diff --git a/scripts/frontend-build b/scripts/frontend-build index a54c46bc5..05be2eaed 100755 --- a/scripts/frontend-build +++ b/scripts/frontend-build @@ -1,12 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -GREEN='\E[1;32m' -RESET='\E[0m' +. "$DIR/.common.sh" DOCKER_IMAGE=jc21/alpine-nginx-full:node diff --git a/scripts/start-dev b/scripts/start-dev index a47a93584..a5e647f2e 100755 --- a/scripts/start-dev +++ b/scripts/start-dev @@ -1,16 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -YELLOW='\E[1;33m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists if hash docker-compose 2>/dev/null; then diff --git a/scripts/stop-dev b/scripts/stop-dev index 97c68c854..3d27551fe 100755 --- a/scripts/stop-dev +++ b/scripts/stop-dev @@ -1,15 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists # Make sure docker exists diff --git a/scripts/test-dev b/scripts/test-dev index d4ad0181c..eb5c5bd36 100755 --- a/scripts/test-dev +++ b/scripts/test-dev @@ -1,15 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists if hash docker-compose 2>/dev/null; then diff --git a/scripts/wait-healthy b/scripts/wait-healthy index b89aef33c..b8da5d69b 100755 --- a/scripts/wait-healthy +++ b/scripts/wait-healthy @@ -1,11 +1,7 @@ #!/bin/bash -CYAN='\E[1;36m' -YELLOW='\E[1;33m' -BLUE='\E[1;34m' -GREEN='\E[1;32m' -RED='\E[1;31m' -RESET='\E[0m' +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +. "$DIR/.common.sh" if [ "$1" == "" ]; then echo "Waits for a docker container to be healthy." diff --git a/test/cypress/Dockerfile b/test/cypress/Dockerfile index 6447a1639..66f7e3e5a 100644 --- a/test/cypress/Dockerfile +++ b/test/cypress/Dockerfile @@ -1,4 +1,4 @@ -FROM cypress/included:4.0.2 +FROM cypress/included:4.6.0 COPY --chown=1000 ./test /test diff --git a/test/package.json b/test/package.json index 3636fb965..0ac87e5b3 100644 --- a/test/package.json +++ b/test/package.json @@ -7,7 +7,7 @@ "@jc21/cypress-swagger-validation": "^0.0.5", "@jc21/restler": "^3.4.0", "chalk": "^3.0.0", - "cypress": "^4.0.2", + "cypress": "^4.6.0", "cypress-plugin-retries": "^1.5.2", "eslint": "^6.7.2", "eslint-plugin-align-assignments": "^1.1.2",