Merge remote-tracking branch 'origin/master' into certbot-revamp-config-file

This commit is contained in:
Eric Nemchik 2023-04-23 08:02:46 -05:00
commit d7e2455e7a
20 changed files with 181 additions and 176 deletions

View File

@ -1,12 +0,0 @@
name: Comment on invalid interaction
on:
issues:
types:
- labeled
jobs:
add-comment-on-invalid:
if: github.event.label.name == 'invalid'
permissions:
issues: write
uses: linuxserver/github-workflows/.github/workflows/invalid-interaction-helper.yml@v1
secrets: inherit

14
.github/workflows/call_issue_pr_tracker.yml vendored Executable file
View File

@ -0,0 +1,14 @@
name: Issue & PR Tracker
on:
issues:
types: [opened,reopened,labeled,unlabeled]
pull_request_target:
types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled]
jobs:
manage-project:
permissions:
issues: write
uses: linuxserver/github-workflows/.github/workflows/issue-pr-tracker.yml@v1
secrets: inherit

13
.github/workflows/call_issues_cron.yml vendored Executable file
View File

@ -0,0 +1,13 @@
name: Mark stale issues and pull requests
on:
schedule:
- cron: '35 15 * * *'
workflow_dispatch:
jobs:
stale:
permissions:
issues: write
pull-requests: write
uses: linuxserver/github-workflows/.github/workflows/issues-cron.yml@v1
secrets: inherit

View File

@ -2,7 +2,7 @@ name: Package Trigger Scheduler
on:
schedule:
- cron: '03 5 * * 4'
- cron: '1 3 * * 6'
workflow_dispatch:
jobs:

View File

@ -1,9 +1,10 @@
name: Permission check
on:
pull_request:
pull_request_target:
paths:
- '**/run'
- '**/finish'
- '**/check'
jobs:
permission_check:
uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1

View File

@ -1,23 +0,0 @@
name: Mark stale issues and pull requests
on:
schedule:
- cron: "30 1 * * *"
jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v6.0.1
with:
stale-issue-message: "This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
stale-pr-message: "This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
stale-issue-label: 'no-issue-activity'
stale-pr-label: 'no-pr-activity'
days-before-stale: 30
days-before-close: 365
exempt-issue-labels: 'awaiting-approval,work-in-progress'
exempt-pr-labels: 'awaiting-approval,work-in-progress'
repo-token: ${{ secrets.GITHUB_TOKEN }}

View File

@ -159,6 +159,8 @@ RUN \
mkdir -p /defaults/fail2ban && \
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
echo "**** define allowipv6 to silence warning ****" && \
sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
echo "**** copy proxy confs to /defaults ****" && \
mkdir -p \
/defaults/nginx/proxy-confs && \

View File

@ -159,6 +159,8 @@ RUN \
mkdir -p /defaults/fail2ban && \
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
echo "**** define allowipv6 to silence warning ****" && \
sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
echo "**** copy proxy confs to /defaults ****" && \
mkdir -p \
/defaults/nginx/proxy-confs && \

View File

@ -159,6 +159,8 @@ RUN \
mkdir -p /defaults/fail2ban && \
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
echo "**** define allowipv6 to silence warning ****" && \
sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
echo "**** copy proxy confs to /defaults ****" && \
mkdir -p \
/defaults/nginx/proxy-confs && \

23
Jenkinsfile vendored
View File

@ -57,7 +57,7 @@ pipeline {
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
env.PULL_REQUEST = env.CHANGE_ID
env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/stale.yml ./.github/workflows/call_invalid_helper.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml ./root/donate.txt'
env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml ./root/donate.txt'
}
script{
env.LS_RELEASE_NUMBER = sh(
@ -230,17 +230,14 @@ pipeline {
}
sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-shellcheck/master/checkrun.sh | /bin/bash'''
sh '''#! /bin/bash
set -e
docker pull ghcr.io/linuxserver/lsiodev-spaces-file-upload:latest
docker run --rm \
-e DESTINATION=\"${IMAGE}/${META_TAG}/shellcheck-result.xml\" \
-e FILE_NAME="shellcheck-result.xml" \
-e MIMETYPE="text/xml" \
-v ${WORKSPACE}:/mnt \
-e SECRET_KEY=\"${S3_SECRET}\" \
-e ACCESS_KEY=\"${S3_KEY}\" \
-t ghcr.io/linuxserver/lsiodev-spaces-file-upload:latest \
python /upload.py'''
-v ${WORKSPACE}:/mnt \
-e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
-e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
ghcr.io/linuxserver/baseimage-alpine:3.17 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
apk add --no-cache py3-pip && \
pip install s3cmd && \
s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :'''
}
}
}
@ -277,7 +274,7 @@ pipeline {
echo "Jenkinsfile is up to date."
fi
# Stage 2 - Delete old templates
OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md\n.github/ISSUE_TEMPLATE/issue.bug.md\n.github/ISSUE_TEMPLATE/issue.feature.md"
OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml"
for i in ${OLD_TEMPLATES}; do
if [[ -f "${i}" ]]; then
TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
@ -294,7 +291,7 @@ pipeline {
git commit -m 'Bot Updating Templated Files'
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
echo "Deleting old templates"
echo "Deleting old and deprecated templates"
rm -Rf ${TEMPDIR}
exit 0
else

View File

@ -336,6 +336,9 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **13.04.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, authelia-location.conf, authentik-location.conf, and site-confs/default.conf - Move ssl.conf include to default.conf. Remove Authorization headers in authelia. Sort proxy_set_header in authelia and authentik.
* **25.03.23:** - Fix renewal post hook.
* **10.03.23:** - Cleanup unused csr and keys folders. See [certbot 2.3.0 release notes](https://github.com/certbot/certbot/releases/tag/v2.3.0).
* **09.03.23:** - Add Google Domains DNS support, `google-domains`.
* **02.03.23:** - Set permissions on crontabs during init.
* **09.02.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) proxy.conf, authelia-location.conf and authelia-server.conf - Add Authentik configs, update Authelia configs.

View File

@ -2,27 +2,27 @@ NAME VERSION TYPE
ConfigArgParse 1.5.3 python
PyJWT 2.6.0 python
PyYAML 6.0 python
acme 2.4.0 python
acme 2.5.0 python
alpine-baselayout 3.4.0-r0 apk
alpine-baselayout-data 3.4.0-r0 apk
alpine-keys 2.4-r1 apk
alpine-release 3.17.2-r0 apk
alpine-release 3.17.3-r0 apk
aom-libs 3.5.0-r0 apk
apache2-utils 2.4.56-r0 apk
apache2-utils 2.4.57-r0 apk
apk-tools 2.12.10-r1 apk
apr 1.7.2-r0 apk
apr-util 1.6.3-r0 apk
argon2-libs 20190702-r2 apk
attrs 22.2.0 python
attrs 23.1.0 python
azure-common 1.1.28 python
azure-core 1.26.3 python
azure-core 1.26.4 python
azure-identity 1.12.0 python
azure-mgmt-core 1.3.2 python
azure-mgmt-core 1.4.0 python
azure-mgmt-dns 8.0.0 python
bash 5.2.15-r0 apk
beautifulsoup4 4.11.2 python
boto3 1.26.88 python
botocore 1.29.88 python
beautifulsoup4 4.12.2 python
boto3 1.26.118 python
botocore 1.29.118 python
brotli-libs 1.0.9-r9 apk
bs4 0.0.1 python
busybox 1.35.0 binary
@ -32,42 +32,42 @@ c-client 2007f-r14 apk
ca-certificates 20220614-r4 apk
ca-certificates-bundle 20220614-r4 apk
cachetools 5.3.0 python
certbot 2.4.0 python
certbot 2.5.0 python
certbot-dns-acmedns 0.1.0 python
certbot-dns-aliyun 2.0.0 python
certbot-dns-azure 2.1.0 python
certbot-dns-cloudflare 2.4.0 python
certbot-dns-cloudflare 2.5.0 python
certbot-dns-cpanel 0.4.0 python
certbot-dns-desec 1.2.1 python
certbot-dns-digitalocean 2.4.0 python
certbot-dns-digitalocean 2.5.0 python
certbot-dns-directadmin 1.0.3 python
certbot-dns-dnsimple 2.4.0 python
certbot-dns-dnsmadeeasy 2.4.0 python
certbot-dns-dnsimple 2.5.0 python
certbot-dns-dnsmadeeasy 2.5.0 python
certbot-dns-dnspod 0.1.0 python
certbot-dns-do 0.31.0 python
certbot-dns-domeneshop 0.2.9 python
certbot-dns-duckdns 1.2.1 python
certbot-dns-duckdns 1.3 python
certbot-dns-dynu 0.0.4 python
certbot-dns-gehirn 2.4.0 python
certbot-dns-gehirn 2.5.0 python
certbot-dns-godaddy 0.2.2 python
certbot-dns-google 2.4.0 python
certbot-dns-google-domains 0.1.6 python
certbot-dns-google 2.5.0 python
certbot-dns-google-domains 0.1.11 python
certbot-dns-he 1.0.0 python
certbot-dns-hetzner 2.0.0 python
certbot-dns-infomaniak 0.2.1 python
certbot-dns-inwx 2.2.0 python
certbot-dns-ionos 2022.11.24 python
certbot-dns-linode 2.4.0 python
certbot-dns-linode 2.5.0 python
certbot-dns-loopia 1.0.1 python
certbot-dns-luadns 2.4.0 python
certbot-dns-luadns 2.5.0 python
certbot-dns-netcup 1.2.0 python
certbot-dns-njalla 1.0.0 python
certbot-dns-nsone 2.4.0 python
certbot-dns-ovh 2.4.0 python
certbot-dns-porkbun 0.7 python
certbot-dns-rfc2136 2.4.0 python
certbot-dns-route53 2.4.0 python
certbot-dns-sakuracloud 2.4.0 python
certbot-dns-nsone 2.5.0 python
certbot-dns-ovh 2.5.0 python
certbot-dns-porkbun 0.8 python
certbot-dns-rfc2136 2.5.0 python
certbot-dns-route53 2.5.0 python
certbot-dns-sakuracloud 2.5.0 python
certbot-dns-standalone 1.1 python
certbot-dns-transip 0.5.2 python
certbot-dns-vultr 1.0.3 python
@ -78,8 +78,8 @@ charset-normalizer 3.1.0 python
cloudflare 2.11.1 python
configobj 5.0.8 python
coreutils 9.1-r0 apk
cryptography 39.0.2 python
curl 7.88.1-r0 apk
cryptography 40.0.2 python
curl 8.0.1-r0 apk
dataclasses-json 0.5.7 python
distro 1.8.0 python
dns-lexicon 3.11.7 python
@ -88,7 +88,7 @@ dnspython 2.3.0 python
domeneshop 0.4.3 python
fail2ban 1.0.2 python
fail2ban 1.0.2-r0 apk
filelock 3.9.0 python
filelock 3.12.0 python
fontconfig 2.14.1-r0 apk
freetype 2.12.1-r0 apk
future 0.18.3 python
@ -103,20 +103,20 @@ gnupg-utils 2.2.40-r0 apk
gnupg-wks-client 2.2.40-r0 apk
gnutls 3.7.8-r3 apk
google-api-core 2.11.0 python
google-api-python-client 2.80.0 python
google-auth 2.16.2 python
google-api-python-client 2.86.0 python
google-auth 2.17.3 python
google-auth-httplib2 0.1.0 python
googleapis-common-protos 1.58.0 python
googleapis-common-protos 1.59.0 python
gpg 2.2.40-r0 apk
gpg-agent 2.2.40-r0 apk
gpg-wks-server 2.2.40-r0 apk
gpgsm 2.2.40-r0 apk
gpgv 2.2.40-r0 apk
httplib2 0.21.0 python
httplib2 0.22.0 python
icu-data-en 72.1-r1 apk
icu-libs 72.1-r1 apk
idna 3.4 python
importlib-metadata 6.0.0 python
importlib-metadata 6.5.1 python
ip6tables 1.8.8-r2 apk
iptables 1.8.8-r2 apk
isodate 0.6.1 python
@ -132,8 +132,8 @@ libavif 0.11.1-r0 apk
libbsd 0.11.7-r0 apk
libbz2 1.0.8-r4 apk
libc-utils 0.7.2-r3 apk
libcrypto3 3.0.8-r0 apk
libcurl 7.88.1-r0 apk
libcrypto3 3.0.8-r4 apk
libcurl 8.0.1-r0 apk
libdav1d 1.0.0-r2 apk
libedit 20221030.3.1-r0 apk
libevent 2.1.12-r5 apk
@ -162,7 +162,7 @@ libsasl 2.1.28-r3 apk
libseccomp 2.5.4-r0 apk
libsm 1.2.3-r1 apk
libsodium 1.0.18-r2 apk
libssl3 3.0.8-r0 apk
libssl3 3.0.8-r4 apk
libstdc++ 12.2.1_git20220924-r4 apk
libtasn1 4.19.0-r0 apk
libunistring 1.1-r0 apk
@ -173,9 +173,9 @@ libxau 1.0.10-r0 apk
libxcb 1.15-r0 apk
libxdmcp 1.1.4-r0 apk
libxext 1.3.5-r0 apk
libxml2 2.10.3-r1 apk
libxml2 2.10.4-r0 apk
libxpm 3.5.15-r0 apk
libxslt 1.1.37-r0 apk
libxslt 1.1.37-r1 apk
libxt 1.2.1-r0 apk
libzip 1.9.2-r2 apk
linux-pam 1.5.2-r1 apk
@ -187,9 +187,9 @@ marshmallow 3.19.0 python
marshmallow-enum 1.5.1 python
memcached 1.6.17 binary
memcached 1.6.17-r0 apk
mock 5.0.1 python
mock 5.0.2 python
mpdecimal 2.5.1-r1 apk
msal 1.21.0 python
msal 1.22.0 python
msal-extensions 1.0.0 python
msrest 0.7.1 python
musl 1.2.3-r4 apk
@ -224,45 +224,45 @@ npth 1.6-r2 apk
oauth2client 4.1.3 python
oauthlib 3.2.2 python
oniguruma 6.9.8-r0 apk
openssl 3.0.8-r0 apk
openssl 3.0.8-r4 apk
p11-kit 0.24.1-r1 apk
packaging 23.0 python
packaging 23.1 python
parsedatetime 2.6 python
pcre 8.45-r2 apk
pcre2 10.42-r0 apk
perl 5.36.0-r0 apk
perl 5.36.0-r1 apk
perl-error 0.17029-r1 apk
perl-git 2.38.4-r1 apk
php-cli 8.1.16 binary
php-fpm 8.1.16 binary
php81 8.1.16-r0 apk
php81-bcmath 8.1.16-r0 apk
php81-bz2 8.1.16-r0 apk
php81-common 8.1.16-r0 apk
php81-ctype 8.1.16-r0 apk
php81-curl 8.1.16-r0 apk
php81-dom 8.1.16-r0 apk
php81-exif 8.1.16-r0 apk
php81-fileinfo 8.1.16-r0 apk
php81-fpm 8.1.16-r0 apk
php81-ftp 8.1.16-r0 apk
php81-gd 8.1.16-r0 apk
php81-gmp 8.1.16-r0 apk
php81-iconv 8.1.16-r0 apk
php81-imap 8.1.16-r0 apk
php81-intl 8.1.16-r0 apk
php81-ldap 8.1.16-r0 apk
php81-mbstring 8.1.16-r0 apk
php81-mysqli 8.1.16-r0 apk
php81-mysqlnd 8.1.16-r0 apk
php81-opcache 8.1.16-r0 apk
php81-openssl 8.1.16-r0 apk
php81-pdo 8.1.16-r0 apk
php81-pdo_mysql 8.1.16-r0 apk
php81-pdo_odbc 8.1.16-r0 apk
php81-pdo_pgsql 8.1.16-r0 apk
php81-pdo_sqlite 8.1.16-r0 apk
php81-pear 8.1.16-r0 apk
php-cli 8.1.18 binary
php-fpm 8.1.18 binary
php81 8.1.18-r0 apk
php81-bcmath 8.1.18-r0 apk
php81-bz2 8.1.18-r0 apk
php81-common 8.1.18-r0 apk
php81-ctype 8.1.18-r0 apk
php81-curl 8.1.18-r0 apk
php81-dom 8.1.18-r0 apk
php81-exif 8.1.18-r0 apk
php81-fileinfo 8.1.18-r0 apk
php81-fpm 8.1.18-r0 apk
php81-ftp 8.1.18-r0 apk
php81-gd 8.1.18-r0 apk
php81-gmp 8.1.18-r0 apk
php81-iconv 8.1.18-r0 apk
php81-imap 8.1.18-r0 apk
php81-intl 8.1.18-r0 apk
php81-ldap 8.1.18-r0 apk
php81-mbstring 8.1.18-r0 apk
php81-mysqli 8.1.18-r0 apk
php81-mysqlnd 8.1.18-r0 apk
php81-opcache 8.1.18-r0 apk
php81-openssl 8.1.18-r0 apk
php81-pdo 8.1.18-r0 apk
php81-pdo_mysql 8.1.18-r0 apk
php81-pdo_odbc 8.1.18-r0 apk
php81-pdo_pgsql 8.1.18-r0 apk
php81-pdo_sqlite 8.1.18-r0 apk
php81-pear 8.1.18-r0 apk
php81-pecl-apcu 5.1.22-r0 apk
php81-pecl-igbinary 3.2.12-r0 apk
php81-pecl-mailparse 3.1.4-r0 apk
@ -270,42 +270,42 @@ php81-pecl-mcrypt 1.0.6-r0 apk
php81-pecl-memcached 3.2.0-r0 apk
php81-pecl-redis 5.3.7-r0 apk
php81-pecl-xmlrpc 1.0.0_rc3-r0 apk
php81-pgsql 8.1.16-r0 apk
php81-phar 8.1.16-r0 apk
php81-posix 8.1.16-r0 apk
php81-session 8.1.16-r0 apk
php81-simplexml 8.1.16-r0 apk
php81-soap 8.1.16-r0 apk
php81-sockets 8.1.16-r0 apk
php81-sodium 8.1.16-r0 apk
php81-sqlite3 8.1.16-r0 apk
php81-tokenizer 8.1.16-r0 apk
php81-xml 8.1.16-r0 apk
php81-xmlreader 8.1.16-r0 apk
php81-xmlwriter 8.1.16-r0 apk
php81-xsl 8.1.16-r0 apk
php81-zip 8.1.16-r0 apk
php81-pgsql 8.1.18-r0 apk
php81-phar 8.1.18-r0 apk
php81-posix 8.1.18-r0 apk
php81-session 8.1.18-r0 apk
php81-simplexml 8.1.18-r0 apk
php81-soap 8.1.18-r0 apk
php81-sockets 8.1.18-r0 apk
php81-sodium 8.1.18-r0 apk
php81-sqlite3 8.1.18-r0 apk
php81-tokenizer 8.1.18-r0 apk
php81-xml 8.1.18-r0 apk
php81-xmlreader 8.1.18-r0 apk
php81-xmlwriter 8.1.18-r0 apk
php81-xsl 8.1.18-r0 apk
php81-zip 8.1.18-r0 apk
pinentry 1.2.1-r0 apk
pip 23.0.1 python
pip 23.1 python
pkb-client 1.2 python
popt 1.19-r0 apk
portalocker 2.7.0 python
procps 3.3.17-r2 apk
protobuf 4.22.1 python
publicsuffixlist 0.9.3 python
pyOpenSSL 23.0.0 python
protobuf 4.22.3 python
publicsuffixlist 0.9.4 python
pyOpenSSL 23.1.1 python
pyRFC3339 1.1 python
pyacmedns 0.4 python
pyasn1 0.4.8 python
pyasn1-modules 0.2.8 python
pyasn1 0.5.0 python
pyasn1-modules 0.3.0 python
pycparser 2.21 python
pyparsing 3.0.9 python
python 3.10.10 binary
python 3.10.11 binary
python-dateutil 2.8.2 python
python-digitalocean 1.17.0 python
python-transip 0.6.0 python
python3 3.10.10-r0 apk
pytz 2022.7.1 python
python3 3.10.11-r0 apk
pytz 2023.3 python
readline 8.2.0-r0 apk
requests 2.28.2 python
requests-file 1.5.1 python
@ -318,23 +318,23 @@ setuptools 65.5.0 python
shadow 4.13-r0 apk
six 1.16.0 python
skalibs 2.12.0.1-r0 apk
soupsieve 2.4 python
soupsieve 2.4.1 python
sqlite-libs 3.40.1-r0 apk
ssl_client 1.35.0-r29 apk
tiff 4.4.0-r1 apk
tiff 4.4.0-r3 apk
tldextract 3.4.0 python
typing-inspect 0.8.0 python
typing_extensions 4.5.0 python
tzdata 2022f-r1 apk
tzdata 2023c-r0 apk
unixodbc 2.3.11-r0 apk
uritemplate 4.1.1 python
urllib3 1.26.14 python
urllib3 1.26.15 python
utmps-libs 0.1.2.0-r1 apk
wheel 0.38.4 python
wheel 0.40.0 python
whois 5.5.14-r0 apk
xz 5.2.9-r0 apk
xz-libs 5.2.9-r0 apk
zipp 3.15.0 python
zlib 1.2.13-r0 apk
zope.interface 5.5.2 python
zstd-libs 1.5.2-r9 apk
zope.interface 6.0 python
zstd-libs 1.5.5-r0 apk

View File

@ -154,6 +154,9 @@ app_setup_block: |
# changelog
changelogs:
- { date: "13.04.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, authelia-location.conf, authentik-location.conf, and site-confs/default.conf - Move ssl.conf include to default.conf. Remove Authorization headers in authelia. Sort proxy_set_header in authelia and authentik." }
- { date: "25.03.23:", desc: "Fix renewal post hook." }
- { date: "10.03.23:", desc: "Cleanup unused csr and keys folders. See [certbot 2.3.0 release notes](https://github.com/certbot/certbot/releases/tag/v2.3.0)." }
- { date: "09.03.23:", desc: "Add Google Domains DNS support, `google-domains`." }
- { date: "02.03.23:", desc: "Set permissions on crontabs during init." }
- { date: "09.02.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) proxy.conf, authelia-location.conf and authelia-server.conf - Add Authentik configs, update Authelia configs." }

View File

@ -5,7 +5,7 @@
. /config/.donoteditthisfile.conf
if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
if pgrep -f "s6-supervise nginx" >/dev/null; then
if pgrep -f "s6-supervise svc-nginx" >/dev/null; then
s6-svc -u /run/service/svc-nginx
fi
else

View File

@ -1,6 +1,6 @@
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
## Version 2023/04/13 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
# Rename /config/nginx/proxy-confs/authelia.conf.sample to /config/nginx/proxy-confs/authelia.conf
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
# Make sure that the authelia configuration.yml has 'path: "authelia"' defined
## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource.
@ -9,20 +9,16 @@ auth_request /authelia/api/verify;
error_page 401 = @authelia_proxy_signin;
## Translate response headers from Authelia into variables
auth_request_set $user $upstream_http_remote_user;
auth_request_set $email $upstream_http_remote_email;
auth_request_set $groups $upstream_http_remote_groups;
auth_request_set $name $upstream_http_remote_name;
auth_request_set $email $upstream_http_remote_email;
auth_request_set $authorization $upstream_http_authorization;
auth_request_set $proxy_authorization $upstream_http_proxy_authorization;
auth_request_set $user $upstream_http_remote_user;
## Inject the response header variables into the request made to the actual upstream
proxy_set_header Remote-User $user;
proxy_set_header Remote-Email $email;
proxy_set_header Remote-Groups $groups;
proxy_set_header Remote-Name $name;
proxy_set_header Remote-Email $email;
proxy_set_header Authorization $authorization;
proxy_set_header Proxy-Authorization $proxy_authorization;
proxy_set_header Remote-User $user;
## Include the Set-Cookie header if present.
auth_request_set $set_cookie $upstream_http_set_cookie;

View File

@ -1,6 +1,6 @@
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
# Rename /config/nginx/proxy-confs/authelia.conf.sample to /config/nginx/proxy-confs/authelia.conf
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
# Make sure that the authelia configuration.yml has 'path: "authelia"' defined
# location for authelia subfolder requests

View File

@ -1,6 +1,6 @@
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-location.conf.sample
## Version 2023/04/13 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-location.conf.sample
# Make sure that your authentik container is in the same user defined bridge network and is named authentik-server
# Rename /config/nginx/proxy-confs/authentik.conf.sample to /config/nginx/proxy-confs/authentik.conf
# Rename /config/nginx/proxy-confs/authentik.subdomain.conf.sample to /config/nginx/proxy-confs/authentik.subdomain.conf
## Send a subrequest to Authentik to verify if the user is authenticated and has permission to access the resource.
auth_request /outpost.goauthentik.io/auth/nginx;
@ -8,18 +8,18 @@ auth_request /outpost.goauthentik.io/auth/nginx;
error_page 401 = @goauthentik_proxy_signin;
## Translate response headers from Authentik into variables
auth_request_set $authentik_username $upstream_http_x_authentik_username;
auth_request_set $authentik_groups $upstream_http_x_authentik_groups;
auth_request_set $authentik_email $upstream_http_x_authentik_email;
auth_request_set $authentik_groups $upstream_http_x_authentik_groups;
auth_request_set $authentik_name $upstream_http_x_authentik_name;
auth_request_set $authentik_uid $upstream_http_x_authentik_uid;
auth_request_set $authentik_username $upstream_http_x_authentik_username;
## Inject the response header variables into the request made to the actual upstream
proxy_set_header X-authentik-username $authentik_username;
proxy_set_header X-authentik-groups $authentik_groups;
proxy_set_header X-authentik-email $authentik_email;
proxy_set_header X-authentik-groups $authentik_groups;
proxy_set_header X-authentik-name $authentik_name;
proxy_set_header X-authentik-uid $authentik_uid;
proxy_set_header X-authentik-username $authentik_username;
## Include the Set-Cookie header if present.
auth_request_set $set_cookie $upstream_http_set_cookie;

View File

@ -1,6 +1,6 @@
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-server.conf.sample
# Make sure that your authentik container is in the same user defined bridge network and is named authentik-server
# Rename /config/nginx/proxy-confs/authentik.conf.sample to /config/nginx/proxy-confs/authentik.conf
# Rename /config/nginx/proxy-confs/authentik.subdomain.conf.sample to /config/nginx/proxy-confs/authentik.subdomain.conf
# location for authentik subfolder requests
location ^~ /outpost.goauthentik.io {

View File

@ -1,4 +1,4 @@
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
## Version 2023/04/13 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
# redirect all traffic to https
server {
@ -17,6 +17,8 @@ server {
server_name _;
include /config/nginx/ssl.conf;
root /config/www;
index index.html index.htm index.php;

View File

@ -58,6 +58,7 @@ lsiown -R abc:abc /config/etc/letsencrypt/renewal-hooks
# replace nginx service location in renewal hooks
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/run/service/nginx|/run/service/svc-nginx|g' {} \;
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/var/run/s6/services/nginx|/run/service/svc-nginx|g' {} \;
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|s6-supervise nginx|s6-supervise svc-nginx|g' {} \;
# create original config file if it doesn't exist, move non-hidden legacy file to hidden
if [[ -f "/config/donoteditthisfile.conf" ]]; then
@ -157,6 +158,10 @@ else
ln -s ../etc/letsencrypt/live/"${URL}" /config/keys/letsencrypt
fi
# cleanup unused csr and keys folders
rm -rf /etc/letsencrypt/csr
rm -rf /etc/letsencrypt/keys
# checking for changes in cert variables, revoking certs if necessary
if [[ ! "${URL}" = "${ORIGURL}" ]] ||
[[ ! "${SUBDOMAINS}" = "${ORIGSUBDOMAINS}" ]] ||
@ -292,7 +297,7 @@ if [[ "${VALIDATION}" = "dns" ]]; then
sed "/^dns-${DNSPLUGIN}-credentials /d" /config/etc/letsencrypt/cli.ini
fi
# plugins that don't support setting propagation
if [[ "${DNSPLUGIN}" =~ ^(azure|gandi|standalone)$ ]]; then
if [[ "${DNSPLUGIN}" =~ ^(azure|gandi|route53|standalone)$ ]]; then
if [[ -n "${PROPAGATION}" ]]; then echo "${DNSPLUGIN} dns plugin does not support setting propagation time"; fi
sed "/^dns-${DNSPLUGIN}-propagation-seconds /d" /config/etc/letsencrypt/cli.ini
fi