fix start if the fancyindex module is not loaded/also include stdout in error output of execFile

Zoey2936 · Zoey2936 · commit 90d9361f7ae5 · 2025-03-11T12:47:50.000+01:00
Signed-off-by: Zoey &lt;zoey@z0ey.de&gt;
diff --git a/README.md b/README.md
@@ -159,8 +159,7 @@ a) Custom Nginx Configuration (advanced tab), which looks the following for file
 location / {
     include conf.d/include/always.conf;
     alias /var/www/<your-html-site-folder-name>/;
-    fancyindex off; # alternative to nginxs "index" option (looks better and has more options), please load the module first in the compsoe.yaml
-}
+    fancyindex off; # alternative to nginxs "index" option (looks better and has more options), please load the module first in the compose.yaml
 ```
 b) Custom Nginx Configuration (advanced tab), which looks the following for file server and **php**:
 - Note: the slash at the end of the file path is important
@@ -171,8 +170,7 @@ b) Custom Nginx Configuration (advanced tab), which looks the following for file
 location / {
     include conf.d/include/always.conf;
     alias /var/www/<your-html-site-folder-name>/;
-    fancyindex off; # alternative to nginxs "index" option (looks better and has more options), please load the module first in the compsoe.yaml
-
+    fancyindex off; # alternative to nginxs "index" option (looks better and has more options), please load the module first in the compose.yaml
     location ~ [^/]\.php(/|$) {
         fastcgi_pass php82;
         fastcgi_split_path_info ^(.+?\.php)(/.*)$;
diff --git a/backend/lib/utils.js b/backend/lib/utils.js
@@ -26,22 +26,17 @@ module.exports = {
 	 * @param   {String} cmd
 	 * @param   {Array}  args
 	 */
-	execFile: async function (cmd, args, options = {}) {
+	execFile: function (cmd, args) {
 		logger.debug('CMD: ' + cmd + ' ' + (args ? args.join(' ') : ''));
-		const { stdout, stderr } = await new Promise((resolve, reject) => {
-			const child = execFile(cmd, args, options, (isError, stdout, stderr) => {
-				if (isError) {
-					reject(new error.CommandError(stderr, isError));
+		return new Promise((resolve, reject) => {
+			execFile(cmd, args, (err, stdout, stderr) => {
+				if (err) {
+					reject(new error.CommandError((stdout + stderr).trim(), err));
 				} else {
-					resolve({ stdout, stderr });
+					resolve((stdout + stderr).trim());
 				}
 			});
-
-			child.on('error', (e) => {
-				reject(new error.CommandError(stderr, 1, e));
-			});
 		});
-		return stdout;
 	},
 
 	/**
diff --git a/rootfs/usr/local/bin/aio.sh b/rootfs/usr/local/bin/aio.sh
@@ -3,7 +3,10 @@
 if [ "$NC_AIO" = "true" ] && [ ! -f /data/aio.lock ]; then
     while [ "$(healthcheck.sh)" != "OK" ]; do sleep 10s; done
     # shellcheck disable=SC2016
-    curl -POST http://127.0.0.1:"$NIBEP"/nginx/proxy-hosts -sH 'Content-Type: application/json' -d '{"domain_names":["'"$NC_DOMAIN"'"],"forward_scheme":"http","forward_host":"127.0.0.1","forward_port":11000,"access_list_id":"0","certificate_id":"new","meta":{"letsencrypt_email":"","letsencrypt_agree":true,"dns_challenge":false},"advanced_config":"","locations":[{"path":"/","advanced_config":"proxy_set_header Accept-Encoding $http_accept_encoding;","forward_scheme":"http","forward_host":"127.0.0.1","forward_port":11000}],"block_exploits":false,"caching_enabled":false,"allow_websocket_upgrade":true,"http2_support":true,"hsts_enabled":true,"hsts_subdomains":true,"ssl_forced":true}' -H "Authorization: Bearer $(curl -POST http://127.0.0.1:"$NIBEP"/tokens -sH 'Content-Type: application/json' -d '{"identity":"'"$INITIAL_ADMIN_EMAIL"'"],"secret":"'"$INITIAL_ADMIN_PASSWORD"'"]}' | jq -r .token)"
+    if ! curl -POST http://127.0.0.1:"$NIBEP"/nginx/proxy-hosts -sSH 'Content-Type: application/json' -d '{"domain_names":["'"$NC_DOMAIN"'"],"forward_scheme":"http","forward_host":"127.0.0.1","forward_port":11000,"allow_websocket_upgrade":true,"access_list_id":"0","certificate_id":"new","ssl_forced":true,"http2_support":true,"hsts_enabled":true,"hsts_subdomains":true,"meta":{"letsencrypt_email":"","letsencrypt_agree":true,"dns_challenge":false},"advanced_config":"","locations":[{"path":"/","advanced_config":"proxy_set_header Accept-Encoding $http_accept_encoding;","forward_scheme":"http","forward_host":"127.0.0.1","forward_port":11000}],"block_exploits":false,"caching_enabled":false}' -H "Authorization: Bearer $(curl -POST http://127.0.0.1:"$NIBEP"/tokens -sSH 'Content-Type: application/json' -d '{"identity":"'"$INITIAL_ADMIN_EMAIL"'","secret":"'"$INITIAL_ADMIN_PASSWORD"'"}' | jq -r .token)" | jq; then
+        echo "The default config for AIO should now be created."
+    else
+        echo "There was an error creating the TLS certificate for AIO. Please try to create the cert yourself in the NPMplus UI and update the AIO proxy host to use this cert, see the NPMplus config in the AIO reverse proxy guide as an example for the TLS tab."
+    fi
     touch /data/aio.lock
-    echo "The default config for AIO should now be created. Please check the log for any errors and try to resolve them, then delete the aio.lock file and retry."
 fi
diff --git a/rootfs/usr/local/bin/launch.sh b/rootfs/usr/local/bin/launch.sh
@@ -10,7 +10,7 @@ Group ID: $(id -g)
 -------------------------------------
 "
 
-if [ -z "$(find /data/tls/certbot/accounts/"$(echo "$ACME_SERVER" | sed "s|^https\?://\([^/]\+\).*$|\1|g")" -type f)" ]; then
+if [ -z "$(find /data/tls/certbot/accounts/"$(echo "$ACME_SERVER" | sed "s|^https\?://\([^/]\+\).*$|\1|g")" -type f 2> /dev/null)" ]; then
     if [ "$(echo "$ACME_SERVER" | sed "s|^https\?://\([^/]\+\).*$|\1|g")" = "acme.zerossl.com" ] && [ -z "$ACME_EAB_KID" ] && [ -z "$ACME_EAB_HMAC_KEY" ]; then
         if [ -z "$ACME_EMAIL" ]; then
             echo "ACME_EMAIL is required to use zerossl. Either set it or use a different acme server like letsencrypt (ACME_SERVER: https://acme-v02.api.letsencrypt.org/directory)"
diff --git a/rootfs/usr/local/bin/start.sh b/rootfs/usr/local/bin/start.sh
@@ -44,8 +44,8 @@ if [ -n "$NC_AIO" ] && ! echo "$NC_AIO" | grep -q "^true$\|^false$"; then
     sleep inf
 fi
 if [ "$NC_AIO" = "true" ]; then
-    if [ -z "$NC_DOMAIN" ]; then
-        echo "NC_DOMAIN is required in AIO mode."
+    if [ -z "$NC_DOMAIN" ] || ! echo "$NC_DOMAIN" | grep -q "\."; then
+        echo "NC_DOMAIN is unset (but required in AIO mode) or invalid, it needs to contain a dot."
         sleep inf
     fi
     export DISABLE_HTTP="${DISABLE_HTTP:-true}"
@@ -144,12 +144,12 @@ if [ -z "$TZ" ] || ! echo "$TZ" | grep -q "^[A-Za-z0-9_+-]\+/[A-Za-z0-9_+-]\+$";
 fi
 
 
-if ! echo "$ACME_SERVER" | grep -q "^https\?://.\+$"; then
+if ! echo "$ACME_SERVER" | grep -q "^https\?://"; then
     echo "ACME_SERVER needs to start with http:// or https://"
     sleep inf
 fi
 
-if [ -n "$ACME_EMAIL" ] && ! echo "$ACME_EMAIL" | grep -q "^.*@.*$"; then
+if [ -n "$ACME_EMAIL" ] && ! echo "$ACME_EMAIL" | grep -q "@"; then
     echo "ACME_EMAIL needs to contains @."
     sleep inf
 fi
@@ -956,6 +956,8 @@ if [ "$NGINX_LOAD_OPENTELEMETRY_MODULE" = "true" ]; then
 fi
 if [ "$NGINX_LOAD_FANCYINDEX_MODULE" = "true" ]; then
     sed -i "s|#\(load_module.\+ngx_http_fancyindex_module.so;\)|\1|g" /usr/local/nginx/conf/nginx.conf
+    sed -i "s|#fancyindex|fancyindex|g" /usr/local/nginx/conf/nginx.conf
+    sed -i "s|#fancyindex|fancyindex|g" /usr/local/nginx/conf/conf.d/include/always.conf
 fi
 if [ "$NGINX_LOAD_GEOIP2_MODULE" = "true" ]; then
     sed -i "s|#\(load_module.\+geoip2_module.so;\)|\1|g" /usr/local/nginx/conf/nginx.conf
diff --git a/rootfs/usr/local/nginx/conf/conf.d/include/always.conf b/rootfs/usr/local/nginx/conf/conf.d/include/always.conf
@@ -1,17 +1,11 @@
 location /.well-known/acme-challenge/ {
     root /tmp/acme-challenge;
-    fancyindex off;
     index off;
+    #fancyindex off;
     auth_basic off;
     allow all;
 }
 
-location /fancyindex/ {
-    alias /html/fancyindex/;
-    fancyindex off;
-    index off;
-}
-
 location ~ /\.ht {
     deny all;
 }
diff --git a/rootfs/usr/local/nginx/conf/nginx.conf b/rootfs/usr/local/nginx/conf/nginx.conf
@@ -132,20 +132,20 @@ http {
     }
 
     # Fancy Index
-    fancyindex off;
-    fancyindex_localtime on;
-    fancyindex_show_path on;
-    fancyindex_exact_size off;
-    fancyindex_show_dotfiles off;
-    fancyindex_hide_symlinks off;
-    fancyindex_case_sensitive on;
-    fancyindex_default_sort name;
-    fancyindex_hide_parent_dir off;
-    fancyindex_directories_first on;
-    fancyindex_time_format "%Y-%m-%d %T";
-    fancyindex_ignore "fancyindex";
-    fancyindex_header "/fancyindex/header.html";
-    fancyindex_footer "/fancyindex/footer.html";
+    index off;
+    #fancyindex off;
+    #fancyindex_localtime on;
+    #fancyindex_show_path on;
+    #fancyindex_exact_size off;
+    #fancyindex_show_dotfiles off;
+    #fancyindex_hide_symlinks off;
+    #fancyindex_case_sensitive on;
+    #fancyindex_default_sort name;
+    #fancyindex_hide_parent_dir off;
+    #fancyindex_directories_first on;
+    #fancyindex_time_format "%Y-%m-%d %T";
+    #fancyindex_header /html/fancyindex/header.html local;
+    #fancyindex_footer /html/fancyindex/footer.html local;
 
     # Real IP Determination
     real_ip_recursive on;

Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,7 @@ Group ID: $(id -g)`
`10`	`10`	`-------------------------------------`
`11`	`11`	`"`
`12`	`12`
`13`		`-if [ -z "$(find /data/tls/certbot/accounts/"$(echo "$ACME_SERVER" \| sed "s\|^https\?://\([^/]\+\).*$\|\1\|g")" -type f)" ]; then`
	`13`	`+if [ -z "$(find /data/tls/certbot/accounts/"$(echo "$ACME_SERVER" \| sed "s\|^https\?://\([^/]\+\).*$\|\1\|g")" -type f 2> /dev/null)" ]; then`
`14`	`14`	`if [ "$(echo "$ACME_SERVER" \| sed "s\|^https\?://\([^/]\+\).*$\|\1\|g")" = "acme.zerossl.com" ] && [ -z "$ACME_EAB_KID" ] && [ -z "$ACME_EAB_HMAC_KEY" ]; then`
`15`	`15`	`if [ -z "$ACME_EMAIL" ]; then`
`16`	`16`	`echo "ACME_EMAIL is required to use zerossl. Either set it or use a different acme server like letsencrypt (ACME_SERVER: https://acme-v02.api.letsencrypt.org/directory)"`