Commit Graph

260 Commits

Author SHA1 Message Date
Eric Nemchik
3f9c403fd6 Merge remote-tracking branch 'origin/authelia-subdomain' into nemchik-tik 2023-02-09 18:32:11 -06:00
Eric Nemchik
79f6dd4cb1 Prevent auth_request on auth subfolder
adjust dates and comments
2023-02-09 18:19:50 -06:00
Eric Nemchik
5683a3f232
Update default.conf.sample 2023-02-09 15:52:57 -06:00
Eric Nemchik
f9f9b677d9
Update default.conf.sample 2023-02-09 15:52:20 -06:00
Eric Nemchik
ed104eb203
Update authentik-server.conf.sample 2023-02-08 13:25:36 -06:00
Eric Nemchik
3bab8b6b77
Update proxy.conf.sample 2023-02-08 13:24:03 -06:00
Eric Nemchik
0b038edb4a
Update authentik-server.conf.sample 2023-02-08 09:26:46 -06:00
Eric Nemchik
c7eba518d6 Add porkbun support back in 2023-02-06 18:26:07 -06:00
Eric Nemchik
9e7ef6154d Remove authelia site-conf
A proxy-conf is already included
2023-02-05 17:14:34 -06:00
Eric Nemchik
cba7e6703c Keep subfolder backend signin option 2023-02-05 16:59:48 -06:00
Eric Nemchik
b73f17181a Remove proxy.conf from authentik location 2023-02-05 16:56:36 -06:00
Eric Nemchik
01c28da51e Adjustments to bring it closer to authentik docs 2023-02-05 16:50:45 -06:00
Eric Nemchik
0d92109b68 Unify auth config approach 2023-02-05 16:45:56 -06:00
Eric Nemchik
3ef896e611 overwrite header from proxy.conf to not include $server_port 2023-02-05 14:14:29 -06:00
Eric Nemchik
e057a7ce0d Unify auth config approach 2023-02-05 12:05:18 -06:00
Eric Nemchik
db4e661126
Update authelia-location.conf.sample 2023-02-03 09:14:53 -06:00
driz
c137a66726
Update root/defaults/nginx/authentik-server.conf
Co-authored-by: Eric Nemchik <eric@nemchik.com>
2023-02-02 10:33:15 -05:00
driz
7be5f1caec
Update authentik-location.conf 2023-02-02 10:32:51 -05:00
Eric Nemchik
777fa62481 Add new headers 2023-02-01 19:35:23 -06:00
driz
a95a0f639a
Update authentik-location.conf 2023-02-01 17:17:59 -05:00
driz
c686dfee47
Update authentik-server.conf 2023-02-01 17:17:42 -05:00
driz
38e1845e73
Add files via upload 2023-02-01 17:09:59 -05:00
Eric Nemchik
5e47b02496 Update Authelia configs and include site-confs sample for Authelia 2023-02-01 11:50:56 -06:00
Eric Nemchik
72cb34675c Add abc crontab 2023-01-25 19:42:05 -06:00
Eric Nemchik
2244ff579f
Merge pull request #317 from linuxserver/replace-service
Replace even older service location
2023-01-24 09:20:03 -06:00
Eric Nemchik
db1f5f88ed Temporarily remove certbot-dns-porkbun
This commit can be reverted when certbot-dns-porkbun releases a version with certbot 2.x support
2023-01-21 17:43:31 -06:00
Eric Nemchik
b109deb4dd Replace even older service location 2023-01-21 14:59:25 -06:00
Eric Nemchik
3980ee1ecf Formatting (tabs) 2023-01-21 08:13:33 -06:00
Eric Nemchik
cf21b8c68e replace nginx service location in renewal hooks 2023-01-20 23:32:43 -06:00
Eric Nemchik
3539bd10f0 Rebase to alpine 3.17 with php8.1 2023-01-20 22:42:13 -06:00
Eric Nemchik
82b3b747a1 Account for dashes and renewal authenticator 2023-01-07 18:24:58 -06:00
Eric Nemchik
7b9c67838f Fix directadmin conf prefix 2022-12-13 17:22:31 +00:00
Eric Nemchik
a728e27b97 Reorder 2022-12-13 14:27:27 +00:00
Eric Nemchik
fef9273200 directadmin plugin updates 2022-12-13 14:22:25 +00:00
Eric Nemchik
779c55fed6 Fix spelling 2022-12-08 15:42:08 +00:00
Eric Nemchik
77d02ad824 Revamp certbot init 2022-12-08 15:22:14 +00:00
Eric Nemchik
ed5efcfa75 Remove defunct cloudxns plugin 2022-12-03 15:30:41 +00:00
Eric Nemchik
c5b8744d3b Brace for impact 2022-11-29 15:18:56 +00:00
Eric Nemchik
a625256151 Merge remote-tracking branch 'origin/master' into shellcheck 2022-11-29 15:10:47 +00:00
Eric Nemchik
92092b79ea Relocate live cert symlink 2022-11-23 14:39:22 +00:00
Eric Nemchik
3db8f51eb0 Shellcheck and formatting 2022-11-22 20:55:25 +00:00
Eric Nemchik
631fe9ecc3 Use --dns-duckdns-no-txt-restore flag
Should allow local DNS records with DuckDNS
2022-11-11 15:59:29 +00:00
Alex Smith
4221059496 Add acmedns to the correct section for validation 2022-11-05 18:11:33 +13:00
Eric Nemchik
b692c69c4d Update readme with new duckdns info 2022-10-10 18:36:29 -05:00
Eric Nemchik
53db9755b2 Switch to certbot-dns-duckdns 2022-10-06 19:59:02 +00:00
Eric Nemchik
3fb6e3f54d Update cpanel and gandi dns plugin handling.
Minor adjustments to init logic.
2022-10-06 14:58:47 +00:00
Feilner
51dc4ce7b2 use certbot file hooks instead of command line hooks 2022-10-05 19:41:49 +00:00
Eric Nemchik
0de67cc224 Add godaddy and porkbun dns plugins
Also add missing python packages for dns plugins that are already supported
2022-10-04 17:51:32 -05:00
Eric Nemchik
c82e0fef4d Add default_server back to default site conf's https listen 2022-10-03 18:13:08 +00:00
Maximilian Senftleben
207256ad66 Added do (domainoffensive) validation plugin for certbot. closes #262
# Conflicts:
#	readme-vars.yml
#	root/etc/cont-init.d/50-certbot
2022-09-22 23:55:32 +02:00
aptalca
090934e854
Merge pull request #248 from j-brewer/master
Added acmedns validation plugin for certbot
2022-09-22 16:24:35 -04:00
Eric Nemchik
b346b4610c
Update authelia-server.conf.sample 2022-09-22 14:02:22 -05:00
Eric Nemchik
c51ae10f47
Update authelia-server.conf.sample 2022-09-22 13:50:02 -05:00
Duck42
132666a2a0 Added acmedns validation plugin for certbot 2022-09-22 12:56:45 -05:00
Eric Nemchik
c6c9e02285 Init authelia and ldap configs 2022-09-08 12:07:12 -05:00
Eric Nemchik
f3f295a09e
Update 45-nginx 2022-09-02 12:28:18 -05:00
Eric Nemchik
96f746d5ce Remove error_pages 2022-09-01 18:34:35 -05:00
Eric Nemchik
ea2d9b30eb nginx conf tweaks 2022-08-23 09:30:30 -05:00
aptalca
2f4c1fed51 remove workaround for authelia CVE-2021-32637
fixed upstream a long time ago
2022-08-22 09:31:02 -04:00
Eric Nemchik
6123952de7 Use standard nginx.conf from lsio alpine nginx base image 2022-08-20 09:40:38 -05:00
Corey Ramirez-Gomez
e22a083d7a Add Dynu DNS Support 2022-08-10 09:27:53 +00:00
Robin Dadswell
3893db4077 New: Azure DNS support 2022-04-17 22:09:14 +01:00
Potterer
a9fd11ff77
Add Loopia DNS Support (#226) 2022-04-09 17:14:35 +01:00
aptalca
eb7df9d9fc
Merge branch 'master' into standalone-dns-validation 2022-04-05 19:08:28 -04:00
James Stewart Miller
5501308aed
Update 50-config create fail2ban unauthorized.log
added code to test for existence of unauthorized.log and create it if not exists.
/config/log/nginx/unauthorized.log is written to by addition of nginx-unauthorized jail in jail.local at (https://github.com/linuxserver/docker-swag/blob/master/root/defaults/jail.local)
2022-03-26 20:46:39 +00:00
quietsy
665eace79f Ignore plex unauthorized requests 2022-01-11 09:19:16 +02:00
quietsy
251917b23f Added a fail2ban jail for nginx unauthorized 2022-01-09 17:16:11 +02:00
Marcel Hofer
1ff4691000
Merge branch 'master' into standalone-dns-validation 2021-12-12 01:06:20 +01:00
quietsy
4929672e62 Move maxmind to a new mod 2021-12-04 20:57:16 +02:00
Marcel Hofer
2878d84050 Merge remote-tracking branch 'linuxserver/master' into standalone-dns-validation
# Conflicts:
#	readme-vars.yml
#	root/etc/cont-init.d/50-config
2021-11-24 22:02:24 +01:00
Questionario
96e0fc7838
Update infomaniak.ini 2021-11-22 08:04:05 +01:00
Questionario
6f3a967360
Update 50-config 2021-11-22 07:50:31 +01:00
Questionario
671d51a345
Create infomaniak.ini 2021-11-22 07:46:55 +01:00
Marcel Hofer
85efd12ba4
Merge branch 'master' into standalone-dns-validation 2021-11-20 19:47:43 +01:00
aptalca
48f6b00530
Merge branch 'master' into dnspod-support 2021-11-20 12:08:46 -05:00
Marcel Hofer
f307dbbfb7
Merge branch 'master' into standalone-dns-validation 2021-11-16 21:12:06 +01:00
fariszr
8a4af00f01
Sort alphabetically.
Co-authored-by: Eric Nemchik <eric@nemchik.com>
2021-11-15 19:03:44 +03:00
fariszr
fee6fe9a17
Sorted alphabetically.
Co-authored-by: Eric Nemchik <eric@nemchik.com>
2021-11-15 19:03:16 +03:00
dongshuzhao
bf21716886 Update dnspod.ini document address
resolve linuxserver/docker-swag#98
2021-11-13 01:04:17 +08:00
FarisZR
9b169f5da2 add desec config 2021-11-12 16:22:13 +03:00
dongshuzhao
08c23bde51 Add DnsPod support.
resolve linuxserver/docker-swag#98
2021-11-12 16:58:47 +08:00
Marcel Hofer
0ce2ae551a Add support for standalone DNS validation 2021-11-06 16:07:51 +01:00
Eric Nemchik
66a4c1203b Mitigate https://httpoxy.org/ vulnerabilities.
Ref: https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx#Defeating-the-Attack-using-NGINX-and-NGINX-Plus
2021-10-26 08:33:36 -05:00
aptalca
537c47f293 fix HE dns validation 2021-10-23 14:04:11 -04:00
aptalca
915f209ea5 fix old root detection (staging and acme server) 2021-10-12 10:04:57 -04:00
aptalca
09dff4ff5e consolidate dns plugins, add lxml deps 2021-10-06 15:08:00 -04:00
obsidiangroup
0ffa850cdc Fixed HE DNS validation.
Fixed HE DNS validation to adhere to certbot/certbot PR#8131 (https://github.com/certbot/certbot/pull/8131)
2021-10-06 13:41:58 -04:00
obsidiangroup
aa9990b496 Added support for Hurricane Electric (HE) DNS validation
Adds support for Hurricane Electric's Free DNS Service validation.
2021-10-05 19:23:25 -04:00
aptalca
a73daf773a detect old root cert and revoke/regen 2021-10-01 11:18:12 -04:00
quietsy
b309e1ce45 Add an optional header to opt out of Google FLoC 2021-09-19 22:37:47 +03:00
aptalca
31190157fb add ionos dns plugin 2021-08-01 12:51:47 -04:00
aptalca
a2e3cfb521 fix libmaxminddb updater 2021-07-15 16:48:12 -04:00
aptalca
7437478c3a use single quotes 2021-05-28 18:24:23 -04:00
aptalca
020ab44638 force patch authelia-server.conf 2021-05-28 18:19:22 -04:00
aptalca
224abb686d update authelia-server.conf for resolver and CVE 2021-05-28 17:40:28 -04:00
aptalca
aa94da0665 update resolver logic 2021-05-20 17:11:51 -04:00
aptalca
012e729f49 emergency fixes to default and proxy.conf 2021-05-18 11:47:01 -04:00
aptalca
1cc2e4d395 fix typo 2021-05-18 10:27:25 -04:00
aptalca
12386fbfc7 fix typos 2021-05-14 17:07:21 -04:00
aptalca
fcd004dfdc fix typos and formatting 2021-05-14 16:22:32 -04:00
Eric Nemchik
2ea807dd02
Use nproc to detect available cpus 2021-05-14 13:25:47 -05:00
aptalca
49bd204b51 add comments to resolver.conf and worker_processes 2021-05-14 11:08:24 -04:00
aptalca
24c5e9f243 use lsio wheel index, use ffdhe4096 per rfc7919 2021-05-14 10:43:47 -04:00
Eric Nemchik
b1ae12189f Fix indentation 2021-04-27 14:32:41 -05:00
Eric Nemchik
d77a64aab8 Use default log format, set resolver and worker_processes dynamically 2021-04-27 14:23:35 -05:00
Eric Nemchik
e2e39b9f89 Format files 2021-04-27 10:08:22 -05:00
Eric Nemchik
870cd4bd93 Rework nginx.conf to be inline with alpine upstream and relocate lines from other files 2021-04-27 09:30:41 -05:00
James Elliott
e116a1829e
feat(authelia): add remote name/email headers and pass http method
This adds newer remote credential information from the auth_request headers sent by Authelia, Remote-Name includes the users display name, and Remote-Email includes their email. Additionally it sets the X-Forwarded-Method header to the original $request_method detected by nginx, which is used for the new acl rule method filter.
2021-04-21 13:17:25 +10:00
Thomas Cuthbert
0ac5a2a4f2 Add vultr certbot authenticator plugin 2021-04-12 21:10:12 +08:00
Simon Lepla
6f8101e9b1 add support for directadmin dns validation 2021-03-14 11:53:29 +01:00
Eric Nemchik
adfe04cedb
Merge pull request #83 from linuxserver/sed
fix the right inis
2021-02-10 18:11:22 -06:00
Eric Nemchik
d075d3e2c3
Merge pull request #69 from Erriez/transip-documentation
Add documentation TransIP DNS TXT usage
2021-02-10 18:11:15 -06:00
aptalca
a84c6883a6 fix the right inis 2021-02-10 13:35:55 -05:00
Erriez
dbd8fd4bd0 Add comments TransIP DNS TXT usage 2021-02-09 19:47:20 +01:00
aptalca
9074cf2d44 I like to copy pasta 2021-02-09 11:23:08 -05:00
aptalca
479ee5eac1 add brotli and dav-ext, remove lua 2021-02-09 10:50:54 -05:00
aptalca
6f25f82996 add support for hetzner dns validation 2021-01-26 18:11:44 -05:00
aptalca
cd5f29a8b0 fix typo 2021-01-23 15:49:03 -05:00
aptalca
8ac274550f fix var name 2021-01-20 09:34:20 -05:00
aptalca
07e1ab096c Add check for ZeroSSL EAB retrieval 2021-01-20 08:43:55 -05:00
aptalca
af548a0966 Merge branch 'master' into zerossl 2021-01-08 18:16:07 -05:00
Roxedus
77a82f7163
Fix issues from review 2021-01-08 15:47:36 +01:00
Roxedus
6ebfdc1e87
Update dates 2021-01-03 20:23:48 +01:00
Roxedus
76f0a8c34c
Added helpers
Replaced index.html with page with some info, including a the swag documentation.
Added http502 helper page, also linking to our docs.

UI suggestions welcome
2020-12-30 22:58:59 +01:00
aptalca
87cdcfdb18 update dns conf inis 2020-12-27 16:48:09 -05:00
aptalca
71397b40fd update dns plugin names 2020-12-20 18:17:29 -05:00
aptalca
832dde3b35 remove unnecessary eab retrieval
also suppress error when no proxy confs are activated
2020-12-20 16:55:11 -05:00
aptalca
21e9d7298a fix typo 2020-12-10 16:43:54 -05:00
aptalca
1f85492fd5 save EMAIL value for later reuse 2020-12-10 16:04:10 -05:00
aptalca
3844b7f660 add zerossl support cert revokes 2020-12-10 14:32:15 -05:00
aptalca
7f6840373a update conf name in scripts 2020-12-10 13:37:53 -05:00
aptalca
371b7d49ec Add ZeroSSL support via CERTPROVIDER var
and make donoteditthisfile.conf hidden
2020-12-10 11:58:52 -05:00
aptalca
ffd9b806f9
Merge branch 'master' into master 2020-12-10 09:38:27 -05:00
aptalca
1bdf9a98e2 add new dns methods, check confs, add workflows
add gehirn and sakuracloud dns validation
add conf checker
add trigger workflows
remove deprecated certbot option for public ip logging
2020-12-09 15:43:05 -05:00
nett_hier
1769aad85f
Update njalla.ini 2020-11-25 23:27:57 +01:00
netthier
8de14f3790
Create njalla.ini 2020-11-25 22:09:46 +01:00
netthier
1831bbbbcf
Update 50-config 2020-11-25 21:47:06 +01:00
Tristan Bastian
046fb5447a put netcup in correct order within DNSPLUGIN validation 2020-11-01 09:22:58 +01:00
Tristan Bastian
71734a4e49
reduce to just netcup as option 2020-10-31 23:58:45 +01:00
Tristan Bastian
4d9439c899
add sample netcup.ini file 2020-10-31 23:54:11 +01:00
Tristan Bastian
a910da2633
configure parameters for netcup correctly 2020-10-31 23:41:13 +01:00
Tristan Bastian
35fa03e01c
add netcup as a valid dns validation method 2020-10-31 23:20:53 +01:00
Eric Nemchik
1d08b6f2e1 Update changelog 2020-10-29 10:38:32 -05:00
Eric Nemchik
01dd12f567
Set frame-ancestors in Content-Security-Policy
https://infosec.mozilla.org/guidelines/web_security#x-frame-options
2020-10-29 10:13:55 -05:00
GilbN
a81ab8bcf1
update version 2020-10-27 09:37:00 +01:00
gilbN
38fa575e1e adds a lan allow list if default is no. 2020-10-26 22:51:04 +01:00
Eric Nemchik
2c78490f28 Fix dates 2020-10-04 10:00:32 -05:00
Eric Nemchik
8d5f6e56b8 Cleanups and reordering 2020-10-04 09:56:14 -05:00
Eric Nemchik
f626c5f0d4
Update geoip2.conf 2020-09-22 20:08:00 -05:00
Eric Nemchik
b58ee45818 Adjust geoip2 instructions 2020-09-22 19:53:40 -05:00