74447d2690
lint
2024-04-29 12:49:20 +02:00
2a6368af60
remove usage of constants.DASHBOARD_SUBDOMAIN
2024-04-27 11:10:24 +02:00
21d7438bbe
proxyauth: user OpenID instead of basic auth
2024-04-15 15:59:16 +02:00
a6f078330f
shell: no need to promise scoping
2024-02-21 19:40:27 +01:00
cfd5c0f82b
shell: rewrite exec to use execFile
...
this also renames execFile to execArgs
2024-02-21 18:54:43 +01:00
14c9260ab0
shell: exec encoding is utf8 by default and no shell
...
explicitly mark calls that require the shell
2024-02-21 17:47:25 +01:00
c1bb4de6a3
reverseproxy: use async exec
2024-02-21 12:33:04 +01:00
4844f6d927
dashboard: remove old domain config on switch
2023-09-29 09:26:42 +05:30
28bfab6700
LOCATION_TYPE can move into location.js
2023-08-17 16:05:19 +05:30
5c98b6f080
crash fixes
2023-08-17 13:02:36 +05:30
3d0ba557e5
add Location class
2023-08-17 10:44:07 +05:30
4acbb7136a
proper task name for dashboard change
2023-08-14 10:45:12 +05:30
eee49a8291
move dashboard setting into dashboard.js
2023-08-11 21:04:10 +05:30
4cdf37b060
settings: move mailFqdn/Domain into mailServer
2023-08-04 22:02:24 +05:30
946e5caacb
split mail and mailserver
...
mail = all the per-domain code
mailserver = all the mail server level code
2023-08-04 20:54:39 +05:30
1264cd1dd7
reverseproxy: move renew and trusted ip routes
2023-08-04 13:19:48 +05:30
47d57a3971
fold sysinfo into network
...
the backends are network backends
2023-08-03 13:38:42 +05:30
bbc6ba1a35
settings: move service setting into services.js
...
this also introduces getJson/setJson
2023-08-03 11:50:00 +05:30
c7f2a04e8c
settings: move reverse proxy config
2023-08-02 23:02:39 +05:30
8fe992318e
settings: move trusted ip setting to reverseproxy
2023-08-02 23:02:39 +05:30
b26c8d20cd
network: add trusted ips
...
This allows the user to set trusted ips to Cloudflare or some other CDN
and have the logs have the correct IPs.
fixes #801
2023-05-13 16:15:47 +02:00
8448d28f6f
Implement HSTS preload
...
This allows browsers to query https directly instead of the initial http redirect
https://hstspreload.org/#opt-in says it should be explicitly opt in
2023-03-06 11:46:05 +01:00
abacc60181
tls: fix wildcard alias cert file names
...
also, do not provision redirect certs. redirect domains can never
hit the server anyway.
2023-02-25 20:22:09 +01:00
54add73d2a
reverseproxy: LE backdates certs by an hour
...
https://community.letsencrypt.org/t/valid-from-date-on-cert-off-by-1-hour/103239
2023-02-01 12:52:37 +01:00
3f70edf3ec
print subject and fix notBefore parsing
2023-02-01 12:38:29 +01:00
c63e0036cb
typo
2023-02-01 12:28:46 +01:00
3b9486596d
reverseproxy: force renewal only renews if not issued in last 5 mins
...
otherwise, this leads to repeated renewals in checkCerts
2023-02-01 11:18:39 +01:00
eddfd20f24
reverseproxy: get dates
2023-02-01 11:05:50 +01:00
690df0e5c4
reverseproxy: add option to force renewal for e2e
2023-01-31 23:45:17 +01:00
ce9e78d23b
reverseproxy: fix issue where renewed certs are not written to disk
2023-01-31 17:58:28 +01:00
d7d43c73fe
reverseproxy: fix typo in regexp matching
2022-12-08 10:05:36 +01:00
f27847950c
reverseproxy: notify cert change only in cron job
...
notifying this in ensureCertificate does not work if provider changed in the middle anyway.
might as well get them to be in sync in the cronjob.
this change also resulted in tls addon getting restarted non-stop if you change from wildcard
to non-wildcard since ensureCertificate notifies the change.
2022-11-30 15:55:32 +01:00
69b46d82ab
Fix typo
2022-11-30 14:56:40 +01:00
7e1c56161d
reverseproxy: notify services immediately
...
there are 2 cases where certs change (in db):
* LE cert is new or renewed
* fallback cert changes with fallback provider
if something is off i.e we crashed midway of above, then user can click the
rebuild button.
2022-11-29 18:27:08 +01:00
77a5f01585
reverseproxy: rebuild only when needed
...
re-creating nginx configs is only needed in 3 cases:
* provider changes. we create a rebuild file for this
* nginx config is somehow corrupt by external changes. user can click ui button
on startup, dashboard also always creates the nginx configs. so it's always up to provide the button
2022-11-29 18:17:53 +01:00
3aa3cb6e39
tls: remove any old location certs
2022-11-29 17:58:51 +01:00
302f975d5c
handle type mismatch
2022-11-29 17:13:58 +01:00
d23c65a7e7
reverseproxy: cert/key/csr are all pem
...
just use strings instead of binary/string confusion
2022-11-29 14:33:52 +01:00
1cf613dca6
Fix name of wildcard alias domain cert and configs
2022-11-29 13:35:17 +01:00
89127e1df7
reverseproxy: rework cert logic
...
9c8f78a059
2022-11-29 11:07:23 +01:00
b70572a6e9
dns: fqdn only needs domain string
...
This is from the caas days, when we had hyphenated subdomains flag
2022-11-28 21:56:25 +01:00
817e950d47
Fix upstreamUri verification
2022-11-23 12:58:17 +01:00
5d0309f1ca
reverseproxy: check renewal against cert instead of the files
2022-11-17 16:40:14 +01:00
00771d8197
reverseproxy: move dashboard config to subdir as well
2022-11-17 15:50:34 +01:00
641752a222
reverseproxy: remove getAcmeApiOptions
2022-11-17 12:39:23 +01:00
e3b0d3960a
reverseproxy: create configs in subdirectories for easy management
2022-11-17 12:16:11 +01:00
cd90864bc3
typos
2022-11-17 11:46:29 +01:00
23cc0d6f0e
acme2: do not pass around paths
2022-11-17 11:44:36 +01:00
35076b0e93
use vhost naming for nginx config terminology
2022-11-17 10:22:46 +01:00
293b8a0d34
remove location type from nginx filename
...
this will keep it consistent with upcoming cert filenames
2022-11-17 10:22:46 +01:00
Girish Ramakrishnan