[BUG] in bunkerized-nginx-ui cannot save changes of service

[derdek]

Description Hello, in settings.json for EMAIL_LETS_ENCRYPT used bad regex. I propose this changes:

• Your: ^([a-z0-9-.]+@([a-z-0-9]+.?)|.{0})$
• My: ^([a-z0-9-.]+@([a-z-0-9]+.?)|.{0,})$

And i have problems with other SSL fields in bunkerized-nginx-ui i think need rewrite regexs for SSL fields

How to reproduce go to bunkerized-nginx-ui, services, select one, click edit, click save

Logs I have the same error text with EMAIL_LETS_ENCRYPT Something went wrong... Variable SELF_SIGNED_SSL_COUNTRY is not valid.Traceback (most recent call last): File "/opt/entrypoint/entrypoint.py", line 89, in services app.config["CONFIG"].check_variables(variables) File "/opt/entrypoint/Config.py", line 77, in check_variables raise Exception("Variable " + k + " is not valid.") Exception: Variable SELF_SIGNED_SSL_COUNTRY is not valid.

[hoaivan]

I got the same issue

[fl0ppy-d1sk]

Hello @derdek,

Regarding EMAIL_LETS_ENCRYPT regex, I don't get the point on why you are allowing any characters ? The mail is passed to the certbot new command and MUST be a valid email like address@domain.tld. Your regex is matching anything with the .{0,} part. The initial .{0} is there for a specific reason : if there is no value set for the EMAIL_LETS_ENCRYPT then bunkerized-nginx will construct a default one like contact@first-domain.tld. Can you share more information on why your change is needed ?

[derdek]

Hello, i can't save my email address for example:

• derdek@example.com i have error with not correct EMAIL_LETSENCRYPT Sorry, i writed bad regex. I was think that {0,} was written after group. `^[a-zA-Z0-9.+-]+@[a-zA-Z0-9-]+.[a-zA-Z0-9-.]+$maybe better use this ? for example@example.com ^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+(.[a-zA-Z0-9-.]+){1,}$` or this ? for example@subdomain.example.com

[fl0ppy-d1sk]

I can confirm the regex is not valid... Maybe something like ^([a-z0-9\-\.]+@[a-z\-0-9\.]+|.{0})$ would be ok ?

[derdek]

I testing regex on https://regex101.com/ and this regex work correctly

[derdek]

regex for SELF_SIGNED_SSL_COUNTRY is ^[:print:]+$ and i don't know what do with thit. Default values is CH, but regex say that SELF_SIGNED_SSL_COUNTRY not correct there may be a similar error for other fields it's easy to check, just go to the admin panel, select a service, save changes

[derdek]

https://github.com/bunkerity/bunkerized-nginx/blob/15bdb076c86bd71e7c95944b6e6b89f32556e5e6/settings.json#L613-L666 you can see, that regex is not correct

[fl0ppy-d1sk]

@hoaivan and @derdek : the new 1.2.8 release containing a fix for both SELFSIGNED* and EMAIL_LETS_ENCRYPT should have been pushed to Docker Hub. Let me know if everything is fine (don't forget to do a pull before).

[derdek]

Hello @fl0ppy-d1sk Now, nginx-ui working, but exist bug After save, reverse-proxy can dublicates. For example:

• create new service ( this service will be a reverse proxy )
• write Misc ( server name and disable serve files )
• go to Revers Proxy settings, enable reverse proxy, write host and url
• click save
• see in console nginx: [emerg] duplicate location "/" in /etc/nginx/sub.example.com/reverse-proxy.conf:564
• after i open this service in nginx-ui and see that i have two the same reverse-proxy configs, you can see screenshot

[derdek]

And after update docker images, auto conf exit with error: ERROR - wrong permission on /etc/letsencrypt i try fix this with chown -R 101:101, but this not helped

UPDATE after downgrade autoconf 1.2.7 working correctly, but exist problem with :

myautoconf_1      | Traceback (most recent call last):
myautoconf_1      |   File "/opt/entrypoint/app.py", line 67, in <module>
myautoconf_1      |     autoconf.process(server, event["Action"])
myautoconf_1      |   File "/opt/entrypoint/AutoConf.py", line 82, in process
myautoconf_1      |     self.__process_server(obj, event, id, name, labels)
myautoconf_1      |   File "/opt/entrypoint/AutoConf.py", line 176, in __process_server
myautoconf_1      |     if self.__config.reload() :
myautoconf_1      | TypeError: reload() missing 1 required positional argument: 'instances'
myautoconf_1      | [*] autoconf stopped

[fl0ppy-d1sk]

Can you share your compose so I can reproduce the bug ?

[derdek]

services:

  bunker:
    image: bunkerity/bunkerized-nginx
    restart: always
    ports:
      - 80:8080
      - 443:8443
    volumes:
      - letsencrypt:/etc/letsencrypt
      - /home/sites:/www:ro
      - autoconf:/etc/nginx
    environment:
      - SERVER_NAME=
      - MULTISITE=yes
      - AUTO_LETS_ENCRYPT=yes
      - REDIRECT_HTTP_TO_HTTPS=yes
      - DISABLE_DEFAULT_SERVER=yes
      - USE_CLIENT_CACHE=yes
      - USE_GZIP=yes
    labels:
      - "bunkerized-nginx.AUTOCONF"

  myautoconf:
    image: bunkerity/bunkerized-nginx-autoconf:1.2.7
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - autoconf:/etc/nginx
    depends_on:
      - bunker
      - example.com

  example.com:
    image: php:fpm
    restart: always
    volumes:
      - /home/sites/php-fpm/www.conf:/etc/php-fpm.d/www.conf
      - /home/sites/php-fpm/php-fpm.conf:/etc/php-fpm.conf
      - /home/sites/example.com:/www
    labels:
      - "bunkerized-nginx.SERVER_NAME=example.com"
      - "bunkerized-nginx.REMOTE_PHP=example.com"
      - "bunkerized-nginx.REMOTE_PHP_PATH=public"

volumes:
  letsencrypt:
  autoconf:```

[fl0ppy-d1sk]

Quickly tested it and it works on my side, here is the procedure.

First create a letsencrypt directory on the host :

$ mkdir letsencrypt

Give RWX rights to group 101 on the folder :

$ chgrp 101 letsencrypt
$ chmod g+rwx letsencrypt

Then your compose needs to be edited a little bit :

services:

  bunker:
    image: bunkerity/bunkerized-nginx
    restart: always
    ports:
      - 80:8080
      - 443:8443
    volumes:
      - ./letsencrypt:/etc/letsencrypt
      - /home/sites:/www:ro
      - autoconf:/etc/nginx
    environment:
      - SERVER_NAME=
      - MULTISITE=yes
      - AUTO_LETS_ENCRYPT=yes
      - REDIRECT_HTTP_TO_HTTPS=yes
      - DISABLE_DEFAULT_SERVER=yes
      - USE_CLIENT_CACHE=yes
      - USE_GZIP=yes
    labels:
      - "bunkerized-nginx.AUTOCONF"
      - "bunkerized-nginx.UI"

  myautoconf:
    image: bunkerity/bunkerized-nginx-autoconf
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - autoconf:/etc/nginx
    depends_on:
      - bunker
      - example.com

  example.com:
    image: php:fpm
    restart: always
    volumes:
      - /home/sites/php-fpm/www.conf:/etc/php-fpm.d/www.conf
      - /home/sites/php-fpm/php-fpm.conf:/etc/php-fpm.conf
      - /home/sites/example.com:/www
    labels:
      - "bunkerized-nginx.SERVER_NAME=example.com"
      - "bunkerized-nginx.REMOTE_PHP=example.com"
      - "bunkerized-nginx.REMOTE_PHP_PATH=/www"

volumes:
  autoconf:

Import things to note :

• Use a bind mount instead of named one for /etc/letsencrypt volume
• Add the bunkerized-nginx.UI label if you plan to use the web UI
• REMOTE_PHP_PATH is the absolute path of the PHP files inside the php:fpm container

[fl0ppy-d1sk]

Closing this as it should be resolved.