admin_hg/cx-nexredirect
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
54 commits 1 branch 1 tag 411 KiB
Commit graph

54 commits

This branch
This branch
All branches
Author SHA1 Message Date
Hendrik
daa13c808b Fix admin UI inaccessible via private/local IP 
isAdminHost() only matched localhost and the configured server_ip
(set to the public IP by the install script). Installations accessed
via RFC 1918 addresses (10.x, 192.168.x, 172.16-31.x) fell through
to the redirect-domain handler and returned 'Domain nicht konfiguriert'.

Extract isPrivateOrLoopbackIp() to recognize all private and loopback
addresses as admin hosts. No security risk: redirect domains are never
private IPs.
 2026-05-15 16:48:07 +02:00
Hendrik Garske
44bb7810a7 v0.1.31 — fix: PDF-Export 403 wenn IP-Allowlist aktiv 
Puppeteer rendert /r/{token} intern von 127.0.0.1 — Allowlist-Check
blockierte auch Loopback-Adressen. Loopback (127.x, ::1, ::ffff:127.)
wird jetzt vor dem Allowlist-Check ausgenommen.
 2026-05-07 15:29:40 +02:00
Hendrik Garske
ee3a72ce50 v0.1.30 — fix: username-login; feature: IP-allowlist für Admin-UI 
- fix: username-Spalte in DB-DDL ergänzt + Migration für Bestandsdatenbanken;
  createSchema in /api/users speichert username jetzt korrekt (war immer NULL)
- feature: IP-Allowlist für Admin-UI — IPs/CIDR-Bereiche in Einstellungen
  konfigurierbar; Enforcement in server.ts vor Next.js-Handoff; /api/v1 bleibt
  offen; Lockout-Warnung wenn eigene IP nicht in der Liste
 2026-05-06 19:43:41 +02:00
Hendrik
a34fa9bfa8 v0.1.29 — auth: self-heal username column on first login if migration didn't run 2026-05-01 23:47:12 +02:00
Hendrik
25644e0ea2 v0.1.28 — security: nodemailer 8.0.7 (SMTP CRLF injection fixes), uuid 11.1.1 override durchsetzen 2026-05-01 23:41:30 +02:00
Hendrik
f06e6e7df0 v0.1.27 — fix: blocklist self-creates table; settings UI redesign mit overview-cards + edit-popups 2026-05-01 22:16:52 +02:00
Hendrik
ef9c598f71 update.sh: SHA256-verification of prebuilt tarball 2026-05-01 22:07:17 +02:00
Hendrik
c60a38091b v0.1.26 — SMTP + Passwort-vergessen, Username-Login, SHA256-Verifikation der Update-Tarballs 2026-05-01 22:06:55 +02:00
Hendrik
19d16bd0c5 Bump to 0.1.25 2026-05-01 22:00:05 +02:00
Hendrik
4803fe5afa v0.1.25 — security: passwort-bestätigung, HIBP-leak-check, role-enforcement auf alle mutations, API-rate-limits 2026-05-01 21:59:52 +02:00
Hendrik
a4efe3bee2 v0.1.24 — Sign-out: client-side signOut() statt Default-NextAuth-Page (matched UI) 2026-05-01 21:46:35 +02:00
Hendrik
18157d0a2f v0.1.23 — UI: 'CoreX' aus Sichtbarkeit raus (Login, Setup, Sidebar, Report, Page-Title) 2026-05-01 21:45:51 +02:00
Hendrik
c81114f44c v0.1.22 — fix Internal Server Error on redirect: static hashIp import + resilient blocklist (no-op on schema miss) 2026-05-01 21:44:44 +02:00
Hendrik
a359e0852c Remove docs/ folder — content is in GitHub Wiki, link from README 2026-05-01 21:40:20 +02:00
Hendrik
9fce2e9db6 Bump to 0.1.21 2026-05-01 21:38:46 +02:00
Hendrik
ad44a7b8b2 v0.1.21 — Multi-User mit Rollen (admin/user), User-CRUD-UI, role-enforcement auf domain mutations 2026-05-01 21:38:33 +02:00
Hendrik
91b7b2494e Bump to 0.1.20 2026-05-01 21:36:37 +02:00
Hendrik
eb283f487c v0.1.20 — jobs (hits-retention, dns-health), login rate-limit, IP-blocklist, security headers, search/sort/csv-import on domains, test-call + per-domain PDF, webhooks, extended health 2026-05-01 21:36:24 +02:00
Hendrik
3b209db090 Add wiki content (12 pages) — to be published once GitHub Wiki is enabled 2026-05-01 21:10:00 +02:00
Hendrik
91bb41ed05 v0.1.19 — browser-signal heuristic: require Sec-Fetch + Accept-Language + Accept html (2 von 3) 2026-05-01 21:01:44 +02:00
Hendrik
47690ff96d v0.1.18 — aggressive bot filter: scanner path patterns, short-UA skip, per-IP scan detector 2026-05-01 20:56:10 +02:00
Hendrik
79108b0693 v0.1.17 — sunset continue: link back to source domain (server resolves to target), nicht direkt zum Ziel 2026-05-01 20:45:33 +02:00
Hendrik
12f16e078b v0.1.16 — DNS records overview, domain edit form, bulk delete, group edit, CSV export, audit log 2026-05-01 20:41:26 +02:00
Hendrik
63df0fe8d6 v0.1.15 — self-healing sunset_config migration: check schema each boot, not just setting flag 2026-05-01 19:36:08 +02:00
Hendrik
4bd76c9eda v0.1.14 — direct PDF download via puppeteer + chromium, fix logo on cover 2026-05-01 19:34:08 +02:00
Hendrik
cb70fbacf5 v0.1.13 — PDF Report Redesign: A4 portrait, brand layout, sauberes page-break-Verhalten 2026-05-01 19:27:06 +02:00
Hendrik
cfb35034e9 Bump to 0.1.12 2026-05-01 19:22:20 +02:00
Hendrik
aeba290d16 v0.1.12 — bot filter, unique visitors, sunset notice page (per-domain + bulk) 2026-05-01 19:22:04 +02:00
Hendrik
fd118b40bf v0.1.11 — PDF Report-Export mit Preset-Auswahl + Recharts-Tooltip-Fix 2026-05-01 19:16:05 +02:00
Hendrik
807911d026 v0.1.10 — caddy reload via 'caddy reload' CLI (avoids admin API Origin 403) 2026-05-01 19:09:45 +02:00
Hendrik
ab47513dd9 v0.1.9 — fix Caddy auto-HTTPS: chown Caddyfile to service user so app can regenerate per-domain blocks 2026-05-01 19:06:38 +02:00
Hendrik
96c541f8f6 v0.1.8 — security: bump next 15.5.15, postcss override, uuid 11 override 2026-05-01 19:00:17 +02:00
Hendrik
22d4e283b0 Bump to 0.1.7 2026-05-01 18:56:55 +02:00
Hendrik
c75fa5aa18 v0.1.7 — auto-migrate 301→302 on startup, auto-install sqlite3, ensure_sqlite helper 2026-05-01 18:56:42 +02:00
Hendrik
d695d4c8c9 v0.1.6 — fix hit tracking: default 302, no-cache headers, 301-warning in UI 2026-05-01 18:53:46 +02:00
Hendrik
8fe9f13c56 Bump to 0.1.5 2026-05-01 18:48:01 +02:00
Hendrik
cf8e01c384 v0.1.5 — skip update if current, robust UI fallback reload, force flag 2026-05-01 18:47:50 +02:00
Hendrik
e371da26a3 Bump to 0.1.4 2026-05-01 18:41:48 +02:00
Hendrik
2e412b61a7 v0.1.4 — MaxMind Basic Auth + Account-ID Field, detailed download errors 2026-05-01 18:41:38 +02:00
Hendrik
c710d874b1 v0.1.3 — update flow: detached restart, version-aware status, auto-reload UI, banner polling 2026-05-01 18:34:15 +02:00
Hendrik
3549c7cc9c Bump package.json to 0.1.2 2026-05-01 18:31:35 +02:00
Hendrik
26725f9f15 v0.1.2 — UX fixes: dark dropdowns, @ for root in DNS table, copy fallback, geo settings UI 2026-05-01 18:31:21 +02:00
Hendrik
c06a16d86e Prebuilt .next/ via GitHub Releases — install/update fetch tarball, skip build (saves ~25s) 2026-05-01 18:23:48 +02:00
Hendrik
3d8a1ac539 Add nexredirect CLI: status/logs/update/caddy/domains/hits/tokens/backup/uninstall 2026-05-01 18:22:02 +02:00
Hendrik
355db7d348 Force dynamic rendering on layouts/pages reading DB (fix redirect loop from cached static prerender) 2026-05-01 18:19:59 +02:00
Hendrik
19bbce4787 scripts: store executable bit in git tree 2026-05-01 18:09:10 +02:00
Hendrik
d1cef98e4c update.sh: run git as service user (avoid dubious-ownership when invoked as root) 2026-05-01 18:07:24 +02:00
Hendrik
198ea17414 update.sh: chmod scripts before next run 2026-05-01 18:06:47 +02:00
Hendrik
eb2d98bb0d install/update.sh: chmod +x scripts so they're executable 2026-05-01 18:06:38 +02:00
Hendrik
a5a8a89f20 Setup: hard-nav to /login after account creation (server-component layout cache) 2026-05-01 18:05:16 +02:00