ZoeyVid/NPMplus
1
0
Fork 0
mirror of https://github.com/ZoeyVid/NPMplus.git synced 2026-03-02 14:39:19 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity
2,915 Commits 3 Branches 149 Tags
develop
Commit Graph

95 Commits

Author SHA1 Message Date
Zoey
64c6d028c2 invert default of NGINX_TRUST_SECPR1 to true / add AUTH_REQUEST_ANUBIS_USE_CUSTOM_IMAGES env 2026-03-01 22:29:07 +01:00
Zoey
951062a6b9 switch to aws-lc/add patches for zlib-ng and brotli cert compression 2026-02-20 17:41:02 +01:00
Zoey
c2c33709d6 readd NGINX_WORKER_CONNECTIONS env/small fixes 2026-02-15 08:21:57 +01:00
Zoey
bdfc5a6086 remove NGINX_LOAD_GEOIP_MODULE (NOT geoip2) 2026-02-14 21:42:10 +01:00
Zoey
50f898f805 invert SKIP_IP_RANGES by renaming it to TRUST_CLOUDFLARE 2026-02-14 17:51:15 +01:00
Zoey
3cdfb6d08d validate AUTH_REQUEST_ envs/fix proxying to sub paths 
Signed-off-by: Zoey <zoey@z0ey.de>
 2026-02-14 17:51:15 +01:00
Zoey
d43a4f8fc2 only send X-Original-URL/X-Original-Method if needed 2026-02-14 17:51:15 +01:00
Zoey
1178bfbc88 add some untested templates for auth providers 2026-02-10 23:06:36 +01:00
Zoey
4ce99b36ee add x_frame_options to the webui (and auth_request but it does nothing currently) 2026-02-10 20:06:21 +01:00
renovate[bot]
fc4278625e dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2026-02-03 14:37:54 +01:00
renovate[bot]
e10cc22ff6 dep updates/Comment out ACME_EMAIL env by default 2026-01-29 14:39:09 +01:00
Zoey
93522c0879 merge upstream/dep updates 2026-01-27 23:24:17 +01:00
Zoey
da4b052b6d run certbot every six hours 2026-01-20 22:08:22 +01:00
Zoey
6053d73a3b readd njs 
Signed-off-by: Zoey <zoey@z0ey.de>
 2026-01-17 22:42:43 +01:00
Zoey
9192ef5da2 fix totp (#2531)/dep updates 2026-01-17 10:50:25 +01:00
renovate[bot]
f07a002244 run certbot every 12 hours by default/dep updates 2026-01-15 22:12:19 +01:00
renovate[bot]
3aa3a06d2d improve docs/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2026-01-15 12:55:59 +01:00
renovate[bot]
93bd44f70b dep updates/docs updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2026-01-14 22:39:07 +01:00
Zoey
ec67b04c2f keep brotli enabled when openappsecs attachment module is loaded as they now support brotli 
Signed-off-by: Zoey <zoey@z0ey.de>
 2026-01-13 22:20:21 +01:00
Zoey
8dab78e5e5 add NGINX_FORCE_X25519MLKEM768 env 2026-01-03 16:01:26 +01:00
Zoey
b848c836c7 add NGINX_DISABLE_TLS12 env 2026-01-03 15:25:16 +01:00
Zoey
19c52388c6 mention emby incompatibility with shotlived/tlsserver acme profile certs in compose.yaml 2026-01-01 20:03:42 +01:00
Zoey
fe32df24ea block watchtower auto updates again/add anubis compose.yaml example 2026-01-01 19:34:35 +01:00
Zoey
e41c804904 add compatibility to authentiks broken OIDC and add OIDC_REQUIRE_VERIFIED_EMAIL env 2025-12-29 21:26:12 +01:00
Zoey
3a1a4c1e4c add NGINX_TRUST_SECPR1 env and remove NGINX_WORKER_CONNECTIONS env 2025-12-29 18:19:59 +01:00
Zoey
98f8a5410c update docs 2025-12-29 17:24:19 +01:00
Zoey
63d49dfca1 move logfiles/remove some envs 2025-12-29 17:24:19 +01:00
Zoey
79b13750fe update aio script/dep updates 2025-12-29 17:24:19 +01:00
Zoey
1fc53f1037 set default acme settings based on ca setting (letsencrypt shotlived!) 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-12-28 02:09:03 +01:00
Zoey
facacbaec7 remove IPRT, remove not needed backend deps and switch to fetch 2025-12-25 15:13:04 +01:00
Zoey
5e2f6f3399 option to disable gravatar and cach gravatar local 2025-12-25 02:18:46 +01:00
Zoey
1d364cfda0 move oidc to env options 2025-12-25 02:18:46 +01:00
renovate[bot]
6449ee5bc9 use $request_port as h3 alt svc port/update js mime type/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-12-09 20:43:17 +01:00
Zoey
ab6bfdeca2 adjust buttons and templates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-12-07 13:02:13 +01:00
Zoey
558dd6995d remove php82 and add php85 2025-12-05 19:36:32 +01:00
Michael Kent
e16b0ef9fc Update to compose.yaml for clarity (#2305) 
* Fix PUID/PGID comment swap

* Fix misspellings

* Fix misspellings

* Further language clarity, fixes, and standardization

* add "need" back to dns section

---------

Signed-off-by: Zoey <zoey@z0ey.de>
Co-authored-by: Zoey <zoey@z0ey.de>
 2025-11-26 09:24:07 +01:00
Zoey
d3440e1b04 merge upstream 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-11-18 12:32:42 +01:00
Zoey
aed8c7e0f4 add zstd and unbrotli 
Signed-off-by: Zoey <zoey@z0ey.de>

close #2244

Lock file maintenance

update cs-nginx-bouncer version to v1.1.5

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

Update dependency sass to v1.94.0

close #2252

Signed-off-by: Zoey <zoey@z0ey.de>
 2025-11-11 12:13:38 +01:00
Zoey
8b1529758a small improvements 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-10-25 17:14:42 +02:00
Zoey
03bfef3e0f close #2111/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-09-29 22:16:30 +02:00
Zoey
b07c2ebf42 start rewrite of start chain/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-08-29 14:29:11 +02:00
renovate[bot]
ba776511e4 improve default buffer sizes/set SKIP_IP_RANGES to true by defaultdep updates/blacklist X-XSS-Protection header 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-08-12 12:57:54 +02:00
OttNorml
b770680376 Switch to ghcr.io as image registry for geoipupdate (#2001) 
* Add ghcr.io image alternative for geoipupdate
* Switch to ghcr.io as image registry for geoipupdate

According to the GeoIPUpdate DockerHub page, ghcr.io should be used to obtain new image releases (see https://hub.docker.com/r/maxmindinc/geoipupdate#new-versions-of-geoipupdate-will-be-distributed-on-ghcrio).

---------

Signed-off-by: OttNorml <2350859+ottnorml@users.noreply.github.com>
 2025-07-24 11:05:08 +02:00
renovate[bot]
11601e5664 fix #1971/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-07-13 12:41:53 +02:00
renovate[bot]
d98fa751fd dep updates/replace Hurricane Electric certbot dns plugin 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-07-05 15:41:56 +02:00
renovate[bot]
cf55e340d9 see commit body 
dep updates
rename NGINX_HSTS_SUBDMAINS env to NGINX_HSTS_SUBDOMAINS (reported and partly fixed by @dormancygrace)
fix usage of $server_port as forwarding port in streams by @joshf67
impove/unify version naming a bit (still not perfect)
also thanks to @shedowe19 for testing
add anubis example to readme and improve some config examples
enable early hints by default (now supported because of nginx update to v1.29)

Signed-off-by: Zoey <zoey@z0ey.de>
 2025-06-24 21:38:26 +02:00
renovate[bot]
8b2bc2845e see commit body 
zh-lang by @ZhWn
update alpine to 3.22 (includes openssl 3.5)
remove liboqs/oqs-provider sinc eopenssl 3.5 now has mlkem support
dep updates
run internal APIs in unix sockets instead of tcp ports
improve templates (not done yeet)

Signed-off-by: Zoey <zoey@z0ey.de>
 2025-06-14 14:00:39 +02:00
renovate[bot]
77c6c81ab7 dep updates/allow empty stream forwarding port/invert pass access list header button 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-05-21 13:30:57 +02:00
renovate[bot]
77837328cd support setting --required-profile/dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2025-05-15 22:57:19 +02:00
David
0a854029c7 see commit body 
ACME_OCSP_STAPLING is now set to false by default
new NGINX_WORKER_CONNECTIONS env
bigger server_names_hash_bucket_size
more headers are hidden
send proxy_ssl_name to upstream
use the copytruncate option in logrotate to improve log rotation
dep updates
build fancyindex module static
install lua-resty-openidc

Signed-off-by: Zoey <zoey@z0ey.de>
 2025-05-07 14:00:04 +02:00