Eric Nemchik
b095dd7d50
Merge branch 'master' into driz-tik
2023-02-09 18:37:35 -06:00
Eric Nemchik
0cc47e6922
Additional config comments and consolidation
2023-02-09 18:32:49 -06:00
Eric Nemchik
3f9c403fd6
Merge remote-tracking branch 'origin/authelia-subdomain' into nemchik-tik
2023-02-09 18:32:11 -06:00
Eric Nemchik
79f6dd4cb1
Prevent auth_request on auth subfolder
...
adjust dates and comments
2023-02-09 18:19:50 -06:00
Eric Nemchik
5683a3f232
Update default.conf.sample
2023-02-09 15:52:57 -06:00
Eric Nemchik
f9f9b677d9
Update default.conf.sample
2023-02-09 15:52:20 -06:00
Eric Nemchik
ed104eb203
Update authentik-server.conf.sample
2023-02-08 13:25:36 -06:00
Eric Nemchik
3bab8b6b77
Update proxy.conf.sample
2023-02-08 13:24:03 -06:00
Eric Nemchik
0b038edb4a
Update authentik-server.conf.sample
2023-02-08 09:26:46 -06:00
Eric Nemchik
c7eba518d6
Add porkbun support back in
2023-02-06 18:26:07 -06:00
Eric Nemchik
9e7ef6154d
Remove authelia site-conf
...
A proxy-conf is already included
2023-02-05 17:14:34 -06:00
Eric Nemchik
cba7e6703c
Keep subfolder backend signin option
2023-02-05 16:59:48 -06:00
Eric Nemchik
b73f17181a
Remove proxy.conf from authentik location
2023-02-05 16:56:36 -06:00
Eric Nemchik
01c28da51e
Adjustments to bring it closer to authentik docs
2023-02-05 16:50:45 -06:00
Eric Nemchik
0d92109b68
Unify auth config approach
2023-02-05 16:45:56 -06:00
Eric Nemchik
3ef896e611
overwrite header from proxy.conf to not include $server_port
2023-02-05 14:14:29 -06:00
Eric Nemchik
e057a7ce0d
Unify auth config approach
2023-02-05 12:05:18 -06:00
Eric Nemchik
db4e661126
Update authelia-location.conf.sample
2023-02-03 09:14:53 -06:00
driz
c137a66726
Update root/defaults/nginx/authentik-server.conf
...
Co-authored-by: Eric Nemchik <eric@nemchik.com>
2023-02-02 10:33:15 -05:00
driz
7be5f1caec
Update authentik-location.conf
2023-02-02 10:32:51 -05:00
Eric Nemchik
777fa62481
Add new headers
2023-02-01 19:35:23 -06:00
driz
a95a0f639a
Update authentik-location.conf
2023-02-01 17:17:59 -05:00
driz
c686dfee47
Update authentik-server.conf
2023-02-01 17:17:42 -05:00
driz
38e1845e73
Add files via upload
2023-02-01 17:09:59 -05:00
Eric Nemchik
5e47b02496
Update Authelia configs and include site-confs sample for Authelia
2023-02-01 11:50:56 -06:00
Eric Nemchik
72cb34675c
Add abc crontab
2023-01-25 19:42:05 -06:00
Eric Nemchik
2244ff579f
Merge pull request #317 from linuxserver/replace-service
...
Replace even older service location
2023-01-24 09:20:03 -06:00
Eric Nemchik
db1f5f88ed
Temporarily remove certbot-dns-porkbun
...
This commit can be reverted when certbot-dns-porkbun releases a version with certbot 2.x support
2023-01-21 17:43:31 -06:00
Eric Nemchik
b109deb4dd
Replace even older service location
2023-01-21 14:59:25 -06:00
Eric Nemchik
3980ee1ecf
Formatting (tabs)
2023-01-21 08:13:33 -06:00
Eric Nemchik
cf21b8c68e
replace nginx service location in renewal hooks
2023-01-20 23:32:43 -06:00
Eric Nemchik
3539bd10f0
Rebase to alpine 3.17 with php8.1
2023-01-20 22:42:13 -06:00
Eric Nemchik
82b3b747a1
Account for dashes and renewal authenticator
2023-01-07 18:24:58 -06:00
Eric Nemchik
7b9c67838f
Fix directadmin conf prefix
2022-12-13 17:22:31 +00:00
Eric Nemchik
a728e27b97
Reorder
2022-12-13 14:27:27 +00:00
Eric Nemchik
fef9273200
directadmin plugin updates
2022-12-13 14:22:25 +00:00
Eric Nemchik
779c55fed6
Fix spelling
2022-12-08 15:42:08 +00:00
Eric Nemchik
77d02ad824
Revamp certbot init
2022-12-08 15:22:14 +00:00
Eric Nemchik
ed5efcfa75
Remove defunct cloudxns plugin
2022-12-03 15:30:41 +00:00
Eric Nemchik
c5b8744d3b
Brace for impact
2022-11-29 15:18:56 +00:00
Eric Nemchik
a625256151
Merge remote-tracking branch 'origin/master' into shellcheck
2022-11-29 15:10:47 +00:00
Eric Nemchik
92092b79ea
Relocate live cert symlink
2022-11-23 14:39:22 +00:00
Eric Nemchik
3db8f51eb0
Shellcheck and formatting
2022-11-22 20:55:25 +00:00
Eric Nemchik
631fe9ecc3
Use --dns-duckdns-no-txt-restore flag
...
Should allow local DNS records with DuckDNS
2022-11-11 15:59:29 +00:00
Alex Smith
4221059496
Add acmedns
to the correct section for validation
2022-11-05 18:11:33 +13:00
Eric Nemchik
b692c69c4d
Update readme with new duckdns info
2022-10-10 18:36:29 -05:00
Eric Nemchik
53db9755b2
Switch to certbot-dns-duckdns
2022-10-06 19:59:02 +00:00
Eric Nemchik
3fb6e3f54d
Update cpanel and gandi dns plugin handling.
...
Minor adjustments to init logic.
2022-10-06 14:58:47 +00:00
Feilner
51dc4ce7b2
use certbot file hooks instead of command line hooks
2022-10-05 19:41:49 +00:00
Eric Nemchik
0de67cc224
Add godaddy and porkbun dns plugins
...
Also add missing python packages for dns plugins that are already supported
2022-10-04 17:51:32 -05:00
Eric Nemchik
c82e0fef4d
Add default_server back to default site conf's https listen
2022-10-03 18:13:08 +00:00
Maximilian Senftleben
207256ad66
Added do (domainoffensive) validation plugin for certbot. closes #262
...
# Conflicts:
# readme-vars.yml
# root/etc/cont-init.d/50-certbot
2022-09-22 23:55:32 +02:00
aptalca
090934e854
Merge pull request #248 from j-brewer/master
...
Added acmedns validation plugin for certbot
2022-09-22 16:24:35 -04:00
Eric Nemchik
b346b4610c
Update authelia-server.conf.sample
2022-09-22 14:02:22 -05:00
Eric Nemchik
c51ae10f47
Update authelia-server.conf.sample
2022-09-22 13:50:02 -05:00
Duck42
132666a2a0
Added acmedns validation plugin for certbot
2022-09-22 12:56:45 -05:00
Eric Nemchik
c6c9e02285
Init authelia and ldap configs
2022-09-08 12:07:12 -05:00
Eric Nemchik
f3f295a09e
Update 45-nginx
2022-09-02 12:28:18 -05:00
Eric Nemchik
96f746d5ce
Remove error_pages
2022-09-01 18:34:35 -05:00
Eric Nemchik
ea2d9b30eb
nginx conf tweaks
2022-08-23 09:30:30 -05:00
aptalca
2f4c1fed51
remove workaround for authelia CVE-2021-32637
...
fixed upstream a long time ago
2022-08-22 09:31:02 -04:00
Eric Nemchik
6123952de7
Use standard nginx.conf from lsio alpine nginx base image
2022-08-20 09:40:38 -05:00
Corey Ramirez-Gomez
e22a083d7a
Add Dynu DNS Support
2022-08-10 09:27:53 +00:00
Robin Dadswell
3893db4077
New: Azure DNS support
2022-04-17 22:09:14 +01:00
Potterer
a9fd11ff77
Add Loopia DNS Support ( #226 )
2022-04-09 17:14:35 +01:00
aptalca
eb7df9d9fc
Merge branch 'master' into standalone-dns-validation
2022-04-05 19:08:28 -04:00
James Stewart Miller
5501308aed
Update 50-config create fail2ban unauthorized.log
...
added code to test for existence of unauthorized.log and create it if not exists.
/config/log/nginx/unauthorized.log is written to by addition of nginx-unauthorized jail in jail.local at (https://github.com/linuxserver/docker-swag/blob/master/root/defaults/jail.local )
2022-03-26 20:46:39 +00:00
quietsy
665eace79f
Ignore plex unauthorized requests
2022-01-11 09:19:16 +02:00
quietsy
251917b23f
Added a fail2ban jail for nginx unauthorized
2022-01-09 17:16:11 +02:00
Marcel Hofer
1ff4691000
Merge branch 'master' into standalone-dns-validation
2021-12-12 01:06:20 +01:00
quietsy
4929672e62
Move maxmind to a new mod
2021-12-04 20:57:16 +02:00
Marcel Hofer
2878d84050
Merge remote-tracking branch 'linuxserver/master' into standalone-dns-validation
...
# Conflicts:
# readme-vars.yml
# root/etc/cont-init.d/50-config
2021-11-24 22:02:24 +01:00
Questionario
96e0fc7838
Update infomaniak.ini
2021-11-22 08:04:05 +01:00
Questionario
6f3a967360
Update 50-config
2021-11-22 07:50:31 +01:00
Questionario
671d51a345
Create infomaniak.ini
2021-11-22 07:46:55 +01:00
Marcel Hofer
85efd12ba4
Merge branch 'master' into standalone-dns-validation
2021-11-20 19:47:43 +01:00
aptalca
48f6b00530
Merge branch 'master' into dnspod-support
2021-11-20 12:08:46 -05:00
Marcel Hofer
f307dbbfb7
Merge branch 'master' into standalone-dns-validation
2021-11-16 21:12:06 +01:00
fariszr
8a4af00f01
Sort alphabetically.
...
Co-authored-by: Eric Nemchik <eric@nemchik.com>
2021-11-15 19:03:44 +03:00
fariszr
fee6fe9a17
Sorted alphabetically.
...
Co-authored-by: Eric Nemchik <eric@nemchik.com>
2021-11-15 19:03:16 +03:00
dongshuzhao
bf21716886
Update dnspod.ini document address
...
resolve linuxserver/docker-swag#98
2021-11-13 01:04:17 +08:00
FarisZR
9b169f5da2
add desec config
2021-11-12 16:22:13 +03:00
dongshuzhao
08c23bde51
Add DnsPod support.
...
resolve linuxserver/docker-swag#98
2021-11-12 16:58:47 +08:00
Marcel Hofer
0ce2ae551a
Add support for standalone DNS validation
2021-11-06 16:07:51 +01:00
Eric Nemchik
66a4c1203b
Mitigate https://httpoxy.org/ vulnerabilities.
...
Ref: https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx#Defeating-the-Attack-using-NGINX-and-NGINX-Plus
2021-10-26 08:33:36 -05:00
aptalca
537c47f293
fix HE dns validation
2021-10-23 14:04:11 -04:00
aptalca
915f209ea5
fix old root detection (staging and acme server)
2021-10-12 10:04:57 -04:00
aptalca
09dff4ff5e
consolidate dns plugins, add lxml deps
2021-10-06 15:08:00 -04:00
obsidiangroup
0ffa850cdc
Fixed HE DNS validation.
...
Fixed HE DNS validation to adhere to certbot/certbot PR#8131 (https://github.com/certbot/certbot/pull/8131 )
2021-10-06 13:41:58 -04:00
obsidiangroup
aa9990b496
Added support for Hurricane Electric (HE) DNS validation
...
Adds support for Hurricane Electric's Free DNS Service validation.
2021-10-05 19:23:25 -04:00
aptalca
a73daf773a
detect old root cert and revoke/regen
2021-10-01 11:18:12 -04:00
quietsy
b309e1ce45
Add an optional header to opt out of Google FLoC
2021-09-19 22:37:47 +03:00
aptalca
31190157fb
add ionos dns plugin
2021-08-01 12:51:47 -04:00
aptalca
a2e3cfb521
fix libmaxminddb updater
2021-07-15 16:48:12 -04:00
aptalca
7437478c3a
use single quotes
2021-05-28 18:24:23 -04:00
aptalca
020ab44638
force patch authelia-server.conf
2021-05-28 18:19:22 -04:00
aptalca
224abb686d
update authelia-server.conf for resolver and CVE
2021-05-28 17:40:28 -04:00
aptalca
aa94da0665
update resolver logic
2021-05-20 17:11:51 -04:00
aptalca
012e729f49
emergency fixes to default and proxy.conf
2021-05-18 11:47:01 -04:00
aptalca
1cc2e4d395
fix typo
2021-05-18 10:27:25 -04:00
aptalca
12386fbfc7
fix typos
2021-05-14 17:07:21 -04:00
aptalca
fcd004dfdc
fix typos and formatting
2021-05-14 16:22:32 -04:00
Eric Nemchik
2ea807dd02
Use nproc to detect available cpus
2021-05-14 13:25:47 -05:00
aptalca
49bd204b51
add comments to resolver.conf and worker_processes
2021-05-14 11:08:24 -04:00
aptalca
24c5e9f243
use lsio wheel index, use ffdhe4096 per rfc7919
2021-05-14 10:43:47 -04:00
Eric Nemchik
b1ae12189f
Fix indentation
2021-04-27 14:32:41 -05:00
Eric Nemchik
d77a64aab8
Use default log format, set resolver and worker_processes dynamically
2021-04-27 14:23:35 -05:00
Eric Nemchik
e2e39b9f89
Format files
2021-04-27 10:08:22 -05:00
Eric Nemchik
870cd4bd93
Rework nginx.conf to be inline with alpine upstream and relocate lines from other files
2021-04-27 09:30:41 -05:00
James Elliott
e116a1829e
feat(authelia): add remote name/email headers and pass http method
...
This adds newer remote credential information from the auth_request headers sent by Authelia, Remote-Name includes the users display name, and Remote-Email includes their email. Additionally it sets the X-Forwarded-Method header to the original $request_method detected by nginx, which is used for the new acl rule method filter.
2021-04-21 13:17:25 +10:00
Thomas Cuthbert
0ac5a2a4f2
Add vultr certbot authenticator plugin
2021-04-12 21:10:12 +08:00
Simon Lepla
6f8101e9b1
add support for directadmin dns validation
2021-03-14 11:53:29 +01:00
Eric Nemchik
adfe04cedb
Merge pull request #83 from linuxserver/sed
...
fix the right inis
2021-02-10 18:11:22 -06:00
Eric Nemchik
d075d3e2c3
Merge pull request #69 from Erriez/transip-documentation
...
Add documentation TransIP DNS TXT usage
2021-02-10 18:11:15 -06:00
aptalca
a84c6883a6
fix the right inis
2021-02-10 13:35:55 -05:00
Erriez
dbd8fd4bd0
Add comments TransIP DNS TXT usage
2021-02-09 19:47:20 +01:00
aptalca
9074cf2d44
I like to copy pasta
2021-02-09 11:23:08 -05:00
aptalca
479ee5eac1
add brotli and dav-ext, remove lua
2021-02-09 10:50:54 -05:00
aptalca
6f25f82996
add support for hetzner dns validation
2021-01-26 18:11:44 -05:00
aptalca
cd5f29a8b0
fix typo
2021-01-23 15:49:03 -05:00
aptalca
8ac274550f
fix var name
2021-01-20 09:34:20 -05:00
aptalca
07e1ab096c
Add check for ZeroSSL EAB retrieval
2021-01-20 08:43:55 -05:00
aptalca
af548a0966
Merge branch 'master' into zerossl
2021-01-08 18:16:07 -05:00
Roxedus
77a82f7163
Fix issues from review
2021-01-08 15:47:36 +01:00
Roxedus
6ebfdc1e87
Update dates
2021-01-03 20:23:48 +01:00
Roxedus
76f0a8c34c
Added helpers
...
Replaced index.html with page with some info, including a the swag documentation.
Added http502 helper page, also linking to our docs.
UI suggestions welcome
2020-12-30 22:58:59 +01:00
aptalca
87cdcfdb18
update dns conf inis
2020-12-27 16:48:09 -05:00
aptalca
71397b40fd
update dns plugin names
2020-12-20 18:17:29 -05:00
aptalca
832dde3b35
remove unnecessary eab retrieval
...
also suppress error when no proxy confs are activated
2020-12-20 16:55:11 -05:00
aptalca
21e9d7298a
fix typo
2020-12-10 16:43:54 -05:00
aptalca
1f85492fd5
save EMAIL value for later reuse
2020-12-10 16:04:10 -05:00
aptalca
3844b7f660
add zerossl support cert revokes
2020-12-10 14:32:15 -05:00
aptalca
7f6840373a
update conf name in scripts
2020-12-10 13:37:53 -05:00
aptalca
371b7d49ec
Add ZeroSSL support via CERTPROVIDER var
...
and make donoteditthisfile.conf hidden
2020-12-10 11:58:52 -05:00
aptalca
ffd9b806f9
Merge branch 'master' into master
2020-12-10 09:38:27 -05:00
aptalca
1bdf9a98e2
add new dns methods, check confs, add workflows
...
add gehirn and sakuracloud dns validation
add conf checker
add trigger workflows
remove deprecated certbot option for public ip logging
2020-12-09 15:43:05 -05:00
nett_hier
1769aad85f
Update njalla.ini
2020-11-25 23:27:57 +01:00
netthier
8de14f3790
Create njalla.ini
2020-11-25 22:09:46 +01:00
netthier
1831bbbbcf
Update 50-config
2020-11-25 21:47:06 +01:00
Tristan Bastian
046fb5447a
put netcup in correct order within DNSPLUGIN validation
2020-11-01 09:22:58 +01:00
Tristan Bastian
71734a4e49
reduce to just netcup as option
2020-10-31 23:58:45 +01:00
Tristan Bastian
4d9439c899
add sample netcup.ini file
2020-10-31 23:54:11 +01:00
Tristan Bastian
a910da2633
configure parameters for netcup correctly
2020-10-31 23:41:13 +01:00
Tristan Bastian
35fa03e01c
add netcup as a valid dns validation method
2020-10-31 23:20:53 +01:00
Eric Nemchik
1d08b6f2e1
Update changelog
2020-10-29 10:38:32 -05:00
Eric Nemchik
01dd12f567
Set frame-ancestors in Content-Security-Policy
...
https://infosec.mozilla.org/guidelines/web_security#x-frame-options
2020-10-29 10:13:55 -05:00
GilbN
a81ab8bcf1
update version
2020-10-27 09:37:00 +01:00
gilbN
38fa575e1e
adds a lan allow list if default is no.
2020-10-26 22:51:04 +01:00
Eric Nemchik
2c78490f28
Fix dates
2020-10-04 10:00:32 -05:00
Eric Nemchik
8d5f6e56b8
Cleanups and reordering
2020-10-04 09:56:14 -05:00