From 9e39ddb26b5b1f9216609bc7513a4eabf0b3ea10 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 28 Feb 2024 12:24:24 +0000
Subject: [PATCH] dep updates/close #674 and parts of #673

Signed-off-by: Zoey <zoey@z0ey.de>
---
 Dockerfile                              |  2 +-
 backend/package.json                    |  4 ++--
 backend/templates/_brotli.conf          |  4 ++--
 backend/templates/_listen.conf          | 13 +++++++------
 backend/templates/dead_host.conf        |  4 ++--
 backend/templates/proxy_host.conf       |  4 ++--
 backend/templates/redirection_host.conf |  4 ++--
 backend/templates/stream.conf           |  2 +-
 frontend/package.json                   |  2 +-
 rootfs/etc/logrotate                    |  2 +-
 rootfs/usr/local/bin/start.sh           |  2 ++
 11 files changed, 23 insertions(+), 20 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 4e7cbfc9..06a5cad4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -56,7 +56,7 @@ RUN apk upgrade --no-cache -a && \
     echo "#APPSEC_FAILURE_ACTION=deny # see https://github.com/crowdsecurity/lua-cs-bouncer/issues/63" | tee -a /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf && \
     sed -i "s|BOUNCING_ON_TYPE=all|BOUNCING_ON_TYPE=ban|g" /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf
 
-FROM zoeyvid/nginx-quic:261
+FROM zoeyvid/nginx-quic:262
 SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
 
 ARG CRS_VER=v4.0.0
diff --git a/backend/package.json b/backend/package.json
index ed6204e8..16a25374 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -6,12 +6,12 @@
   "dependencies": {
     "@apidevtools/json-schema-ref-parser": "11.1.0",
     "ajv": "6.12.6",
-    "archiver": "6.0.2",
+    "archiver": "7.0.0",
     "batchflow": "0.4.0",
     "bcrypt": "5.1.1",
     "body-parser": "1.20.2",
     "compression": "1.7.4",
-    "express": "4.18.2",
+    "express": "4.18.3",
     "express-fileupload": "1.4.3",
     "gravatar": "1.8.2",
     "jsonwebtoken": "9.0.2",
diff --git a/backend/templates/_brotli.conf b/backend/templates/_brotli.conf
index 00282c2e..39ef1286 100644
--- a/backend/templates/_brotli.conf
+++ b/backend/templates/_brotli.conf
@@ -1,4 +1,4 @@
-{% if http2_support -%}
+{% if http2_support == 1 or http2_support == true -%}
     # Enable Brotli
     include conf.d/include/brotli.conf;
-{% endif %}
\ No newline at end of file
+{% endif %}
diff --git a/backend/templates/_listen.conf b/backend/templates/_listen.conf
index 775d9e2b..8ad3be22 100644
--- a/backend/templates/_listen.conf
+++ b/backend/templates/_listen.conf
@@ -3,17 +3,18 @@
   listen 80;
   listen [::]:80;
 
-{% if certificate %}
+{% if certificate and certificate_id > 0 %}
   listen 443 ssl;
   listen [::]:443 ssl;
-{% if hsts_subdomains %}
+
   listen 443 quic;
   listen [::]:443 quic;
 
+{% if hsts_subdomains == 1 or hsts_subdomains == true %}
   more_set_headers 'Alt-Svc: h3=":443"; ma=86400';
-{% endif %}
-{% endif %}
-{% unless hsts_subdomains %}
+{% else %}
   more_clear_headers "Alt-Svc";
-{% endunless %}
+  http3 off;
+{% endif %}
+{% endif %}
   server_name {{ domain_names | join: " " }};
diff --git a/backend/templates/dead_host.conf b/backend/templates/dead_host.conf
index 16193fc7..adbf0ec4 100644
--- a/backend/templates/dead_host.conf
+++ b/backend/templates/dead_host.conf
@@ -1,6 +1,6 @@
 {% include "_header_comment.conf" %}
 
-{% if enabled %}
+{% if enabled == 1 or enabled == true %}
 server {
 {% include "_listen.conf" %}
 {% include "_certificates.conf" %}
@@ -11,7 +11,7 @@ server {
 {{ advanced_config }}
   include conf.d/include/acme-challenge.conf;
   include conf.d/include/block-exploits.conf;
-{% if use_default_location %}
+{% if use_default_location == 1 or use_default_location == true %}
   location / {
     include conf.d/include/acme-challenge.conf;
     root /html/404;
diff --git a/backend/templates/proxy_host.conf b/backend/templates/proxy_host.conf
index de13e7c1..a87eedbd 100644
--- a/backend/templates/proxy_host.conf
+++ b/backend/templates/proxy_host.conf
@@ -1,6 +1,6 @@
 {% include "_header_comment.conf" %}
 
-{% if enabled %}
+{% if enabled == 1 or enabled == true %}
 server {
   set $forward_scheme {{ forward_scheme }};
   set $server         "{{ forward_host }}";
@@ -33,7 +33,7 @@ server {
 
 {{ advanced_config }}
 
-{% if use_default_location %}
+{% if use_default_location == 1 or use_default_location == true %}
   location / {
     include conf.d/include/acme-challenge.conf;
 
diff --git a/backend/templates/redirection_host.conf b/backend/templates/redirection_host.conf
index 924397ea..ec022134 100644
--- a/backend/templates/redirection_host.conf
+++ b/backend/templates/redirection_host.conf
@@ -1,6 +1,6 @@
 {% include "_header_comment.conf" %}
 
-{% if enabled %}
+{% if enabled == 1 or enabled == true %}
 server {
 {% include "_listen.conf" %}
 {% include "_certificates.conf" %}
@@ -11,7 +11,7 @@ server {
 {{ advanced_config }}
   include conf.d/include/acme-challenge.conf;
   include conf.d/include/block-exploits.conf;
-{% if use_default_location %}
+{% if use_default_location == 1 or use_default_location == true %}
   location / {
     include conf.d/include/acme-challenge.conf;
     {% if preserve_path == 1 or preserve_path == true %}
diff --git a/backend/templates/stream.conf b/backend/templates/stream.conf
index 952f4448..d7740ad1 100644
--- a/backend/templates/stream.conf
+++ b/backend/templates/stream.conf
@@ -2,7 +2,7 @@
 # {{ incoming_port }} TCP: {{ tcp_forwarding }} UDP: {{ udp_forwarding }}
 # ------------------------------------------------------------
 
-{% if enabled %}
+{% if enabled == 1 or enabled == true %}
 {% if tcp_forwarding == 1 or tcp_forwarding == true -%}
 server {
   listen {{ incoming_port }};
diff --git a/frontend/package.json b/frontend/package.json
index 500eee9f..0b7b619d 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -4,7 +4,7 @@
   "description": "A beautiful interface for creating Nginx endpoints",
   "main": "js/index.js",
   "dependencies": {
-    "@babel/core": "7.23.9",
+    "@babel/core": "7.24.0",
     "babel-core": "6.26.3",
     "babel-loader": "8.3.0",
     "babel-preset-env": "1.7.0",
diff --git a/rootfs/etc/logrotate b/rootfs/etc/logrotate
index 1e832a21..60a7ece6 100644
--- a/rootfs/etc/logrotate
+++ b/rootfs/etc/logrotate
@@ -6,6 +6,6 @@
         compress
         sharedscripts
         postrotate
-                nginx -s reload
+            if [ -f /usr/local/nginx/logs/nginx.pid ]; then nginx -s reload fi
         endscript
 }
diff --git a/rootfs/usr/local/bin/start.sh b/rootfs/usr/local/bin/start.sh
index 3867e273..2fb65ec9 100755
--- a/rootfs/usr/local/bin/start.sh
+++ b/rootfs/usr/local/bin/start.sh
@@ -364,6 +364,8 @@ fi
 if [ "$LOGROTATE" = "true" ]; then
     apk add --no-cache logrotate
     sed -i "s|rotate [0-9]\+|rotate $LOGROTATIONS|g" /etc/logrotate
+    touch /data/nginx/access.log \
+          /data/nginx/stream.log
 elif [ "$FULLCLEAN" = "true" ]; then
     rm -vrf /data/etc/logrotate.status \
             /data/nginx/access.log \