From dbb0883dd75ee010d46b8601caba32183b5ae91f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 11 Jul 2024 15:39:07 +0000 Subject: [PATCH] dep updates Signed-off-by: Zoey --- Caddy.Dockerfile | 2 +- Dockerfile | 16 ++++++++-------- README.md | 8 ++++---- backend/package.json | 18 +++++++++--------- frontend/package.json | 4 ++-- 5 files changed, 24 insertions(+), 24 deletions(-) diff --git a/Caddy.Dockerfile b/Caddy.Dockerfile index 93818cdd9..aa15630de 100644 --- a/Caddy.Dockerfile +++ b/Caddy.Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.20.1 +FROM alpine:3.20.2 RUN apk add --no-cache ca-certificates tzdata COPY --from=caddy:2.8.4 /usr/bin/caddy /usr/bin/caddy COPY Caddyfile /etc/caddy/Caddyfile diff --git a/Dockerfile b/Dockerfile index 1090a22d3..ad20a3432 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:labs -FROM --platform="$BUILDPLATFORM" alpine:3.20.1 AS frontend +FROM --platform="$BUILDPLATFORM" alpine:3.20.2 AS frontend COPY frontend /app COPY global/certbot-dns-plugins.json /app/certbot-dns-plugins.json ARG NODE_ENV=production \ @@ -18,7 +18,7 @@ COPY darkmode.css /app/dist/css/darkmode.css COPY security.txt /app/dist/.well-known/security.txt -FROM --platform="$BUILDPLATFORM" alpine:3.20.1 AS build-backend +FROM --platform="$BUILDPLATFORM" alpine:3.20.2 AS build-backend SHELL ["/bin/ash", "-eo", "pipefail", "-c"] COPY backend /app COPY global/certbot-dns-plugins.json /app/certbot-dns-plugins.json @@ -37,7 +37,7 @@ RUN apk upgrade --no-cache -a && \ fi && \ yarn cache clean --all && \ clean-modules --yes -FROM alpine:3.20.1 AS strip-backend +FROM alpine:3.20.2 AS strip-backend COPY --from=build-backend /app /app RUN apk upgrade --no-cache -a && \ apk add --no-cache ca-certificates binutils file && \ @@ -45,7 +45,7 @@ RUN apk upgrade --no-cache -a && \ find /app/node_modules -name "*.node" -type f -exec file {} \; -FROM --platform="$BUILDPLATFORM" alpine:3.20.1 AS crowdsec +FROM --platform="$BUILDPLATFORM" alpine:3.20.2 AS crowdsec SHELL ["/bin/ash", "-eo", "pipefail", "-c"] ARG CSNB_VER=v1.0.8 WORKDIR /src @@ -67,13 +67,13 @@ RUN apk upgrade --no-cache -a && \ sed -i "s|BOUNCING_ON_TYPE=all|BOUNCING_ON_TYPE=ban|g" /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf -FROM zoeyvid/nginx-quic:297-python +FROM zoeyvid/nginx-quic:299-python SHELL ["/bin/ash", "-eo", "pipefail", "-c"] COPY rootfs / -COPY --from=zoeyvid/certbot-docker:43 /usr/local /usr/local -COPY --from=zoeyvid/curl-quic:399 /usr/local/bin/curl /usr/local/bin/curl +COPY --from=zoeyvid/certbot-docker:44 /usr/local /usr/local +COPY --from=zoeyvid/curl-quic:404 /usr/local/bin/curl /usr/local/bin/curl -ARG CRS_VER=v4.4.0 +ARG CRS_VER=v4.5.0 RUN apk upgrade --no-cache -a && \ apk add --no-cache ca-certificates tzdata tini \ nodejs \ diff --git a/README.md b/README.md index 043f92cf8..0094c8194 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ running at home or otherwise, including free TLS, without having to know too muc **Note: NO armv7, route53 and aws cloudfront ip ranges support.**
**Note: add `net.ipv4.ip_unprivileged_port_start=0` at the end of `/etc/sysctl.conf` to support PUID/PGID in network mode host.**
**Note: If you don't use network mode host, which I don't recommend, don't forget to expose port 443 on tcp AND udp (http3/quic needs udp).**
-**Note: If you don't use network mode host, which I don't recommend, don't forget to enable IPv6 in Docker, see [here](https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md), you only need to edit the daemon.json and restart docker, if you use the bridge network, otherwise please enable IPv6 in your custom docker network!**
+**Note: If you don't use network mode host, which I don't recommend, don't forget to enable IPv6 in Docker, see [here](https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md), you only need to follow step one and two before deploying NPMplus!**
**Note: Don't forget to open Port 80 (tcp) and 443 (tcp AND udp, http3/quic needs udp) in your firewall (because of network mode host, you also need to open this ports in ufw, if you use ufw).**
**Note: ModSecurity overblocking (403 Error)? Please see `/opt/npm/etc/modsecurity`, if you also use CRS please see [here](https://coreruleset.org/docs/concepts/false_positives_tuning).**
**Note: Other Databases like MariaDB may work, but are unsupported.**
@@ -94,11 +94,11 @@ so that the barrier for entry here is low. - if you use custom certificates, you need to upload the CA/Intermediate Certificate (file name: `chain.pem`) in the `/opt/npm/tls/custom/npm-[certificate-id]` folder - some buttons have changed, check if they are still correct - please delete all dnspod certs and recreate them OR you manually change the credentialsfile (see [here](https://github.com/ZoeyVid/npmplus/blob/develop/global/certbot-dns-plugins.js) for the template) -- since this fork has dependency on `network_mode: host`, please don't forget to open port 80 and 443 (and maybe 81) in your firewall +- since this fork has dependency on `network_mode: host`, please don't forget to open port 80/tcp, 443/tcp and 443/udp (and maybe 81/tcp) in your firewall - if you have a healthcheck defined in your compose yaml file, remove it - this fork defines its own healthcheck in the Dockerfile, so you don't need to have it in compose anymore # Crowdsec -1. Install crowdsec using this compose file: https://github.com/ZoeyVid/NPMplus/blob/develop/compose.crowdsec.yaml +1. Install crowdsec using this compose file: https://github.com/ZoeyVid/NPMplus/blob/develop/compose.crowdsec.yaml and enable LOGROTATE 2. open `/opt/crowdsec/conf/acquis.d/npmplus.yaml` and fill it with: ```yaml filenames: @@ -119,7 +119,7 @@ labels: type: modsecurity --- listen_addr: 0.0.0.0:7422 -appsec_config: crowdsecurity/virtual-patching +appsec_config: crowdsecurity/appsec-default name: appsec source: appsec labels: diff --git a/backend/package.json b/backend/package.json index 119bae82a..50d340448 100644 --- a/backend/package.json +++ b/backend/package.json @@ -4,8 +4,8 @@ "description": "A beautiful interface for creating Nginx endpoints", "main": "index.js", "dependencies": { - "@apidevtools/json-schema-ref-parser": "11.6.4", - "ajv": "8.16.0", + "@apidevtools/json-schema-ref-parser": "11.7.0", + "ajv": "8.17.1", "archiver": "7.0.1", "batchflow": "0.4.0", "bcrypt": "5.1.1", @@ -13,11 +13,11 @@ "body-parser": "1.20.2", "compression": "1.7.4", "express": "4.19.2", - "express-fileupload": "1.5.0", + "express-fileupload": "1.5.1", "gravatar": "1.8.2", "jsonwebtoken": "9.0.2", "knex": "3.1.0", - "liquidjs": "10.15.0", + "liquidjs": "10.16.1", "lodash": "4.17.21", "moment": "2.30.1", "mysql": "2.18.1", @@ -29,11 +29,11 @@ "author": "Jamie Curnow and ZoeyVid ", "license": "MIT", "devDependencies": { - "@eslint/js": "9.6.0", - "eslint": "9.6.0", + "@eslint/js": "9.8.0", + "eslint": "9.8.0", "eslint-config-prettier": "9.1.0", - "eslint-plugin-prettier": "5.1.3", - "globals": "15.8.0", - "prettier": "3.3.2" + "eslint-plugin-prettier": "5.2.1", + "globals": "15.9.0", + "prettier": "3.3.3" } } diff --git a/frontend/package.json b/frontend/package.json index e50f1d959..218498905 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -4,7 +4,7 @@ "description": "A beautiful interface for creating Nginx endpoints", "main": "js/index.js", "dependencies": { - "@babel/core": "7.24.7", + "@babel/core": "7.25.2", "babel-core": "6.26.3", "babel-loader": "8.3.0", "babel-preset-env": "1.7.0", @@ -33,7 +33,7 @@ "sass-loader": "10.5.2", "style-loader": "4.0.0", "tabler-ui": "git+https://github.com/tabler/tabler.git#00f78ad823311bc3ad974ac3e5b0126198f0a813", - "underscore": "1.13.6", + "underscore": "1.13.7", "webpack": "4.47.0", "webpack-cli": "4.10.0", "webpack-visualizer-plugin": "0.1.11"