Fabio/nginx-proxy-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

merge upstream

Browse source
This commit is contained in:
Zoey 2024-10-15 06:54:34 +02:00
parent 969fc5f5f8
commit a0e583dec3
3 changed files with 5 additions and 107 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
backend/internal/nginx.js
View file

@ -5,8 +5,6 @@ const config = require('../lib/config');
const utils = require('../lib/utils'); const utils = require('../lib/utils');
const error = require('../lib/error'); const error = require('../lib/error');
const NgxPidFilePath = '/usr/local/nginx/logs/nginx.pid';
const internalNginx = { const internalNginx = {
/** /**
* This will: * This will:
@ -40,7 +38,7 @@ const internalNginx = {
return internalNginx return internalNginx
.test() .test()
.then(() => { .then(() => {
// Nginx is OK // nginx is ok
combined_meta = _.assign({}, host.meta, { combined_meta = _.assign({}, host.meta, {
nginx_online: true, nginx_online: true,
nginx_err: null, nginx_err: null,
@ -50,13 +48,12 @@ const internalNginx = {
meta: combined_meta, meta: combined_meta,
}); });
}) })
.catch(() => { .catch((err) => {
// Handle testing failure // Handle testing failure
// Execute the command and wait for it to finish
return utils.execfg('nginx -t || true').then(() => { return utils.execfg('nginx -t || true').then(() => {
combined_meta = _.assign({}, host.meta, { combined_meta = _.assign({}, host.meta, {
nginx_online: false, nginx_online: false,
nginx_err: 'see docker logs', nginx_err: err.message,
}); });
return model return model
@ -101,8 +98,8 @@ const internalNginx = {
} catch { } catch {
// do nothing // do nothing
} }
if (fs.existsSync(NgxPidFilePath)) { if (fs.existsSync('/usr/local/nginx/logs/nginx.pid')) {
const ngxPID = fs.readFileSync(NgxPidFilePath, 'utf8').trim(); const ngxPID = fs.readFileSync('/usr/local/nginx/logs/nginx.pid', 'utf8').trim();
if (ngxPID.length > 0) { if (ngxPID.length > 0) {
logger.info('Reloading Nginx'); logger.info('Reloading Nginx');
utils.exec('nginx -s reload'); utils.exec('nginx -s reload');

7
backend/nodemon.json
View file

@ -1,7 +0,0 @@
{
"verbose": false,
"ignore": [
"data"
],
"ext": "js json ejs"
}

92
docker/dev/squid.conf
View file

@ -1,92 +0,0 @@
# WELCOME TO SQUID 6.6
# ----------------------------
#
# This is the documentation for the Squid configuration file.
# This documentation can also be found online at:
# http://www.squid-cache.org/Doc/config/
#
# You may wish to look at the Squid home page and wiki for the
# FAQ and other documentation:
# http://www.squid-cache.org/
# https://wiki.squid-cache.org/SquidFaq
# https://wiki.squid-cache.org/ConfigExamples
#
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
acl localnet src 172.0.0.0/8
acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 81
acl Safe_ports port 443 # https
#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager
# This default configuration only allows localhost requests because a more
# permissive Squid installation could introduce new attack vectors into the
# network by proxying external TCP connections to unprotected services.
http_access allow localhost
# The two deny rules below are unnecessary in this default configuration
# because they are followed by a "deny all" rule. However, they may become
# critically important when you start allowing external requests below them.
# Protect web applications running on the same server as Squid. They often
# assume that only local users can access them at "localhost" ports.
http_access deny to_localhost
# Protect cloud servers that provide local users with sensitive info about
# their server via certain well-known link-local (a.k.a. APIPA) addresses.
http_access deny to_linklocal
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
include /etc/squid/conf.d/*.conf
# For example, to allow access from your local networks, you may uncomment the
# following rule (and/or add rules that match your definition of "local"):
# http_access allow localnet
# And finally deny all other access to this proxy
http_access deny all
# Squid normally listens to port 3128
http_port 3128
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid
#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
# example pattern for deb packages
#refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600
refresh_pattern . 0 20% 4320