mirror of
https://github.com/Adewagold/nginx-server-manager.git
synced 2025-12-19 23:39:34 -06:00
4799665932
* Fix installation issues with nginx-manager service - Add missing email-validator package to requirements.txt - Fix PATH environment variable in systemd service to include system binary paths - Service now properly finds nginx binary at /usr/sbin/nginx - Resolves service startup failures due to missing dependencies 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix sudo permission issues in systemd service - Add use_sudo configuration option to handle both systemd and development modes - Update nginx_service.py to gracefully handle NoNewPrivileges=true in systemd - Modify config validation to work without sudo when running as systemd service - Add fallback logic for nginx commands when sudo is unavailable - Update systemd service file with proper capabilities and groups - Fix regex escape sequences in nginx templates - Make sudo permissions optional in install script This fixes the "no new privileges" error when adding sites through the web interface while running as a systemd service with security restrictions enabled. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix nginx validation errors for log files and ports - Replace /var/log/nginx paths with temp directory during validation - Replace low ports (80, 443) with high ports (8080, 8443) for testing - Create temporary log directory for validation testing - Clean up temporary log files after validation This fixes the "Read-only file system" and "Permission denied" errors when validating nginx configurations in the systemd service context. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix site enabling with systemd NoNewPrivileges restrictions - Update enable_site to handle permission issues gracefully - Modify reload_nginx to skip config test when permissions insufficient - Handle authentication errors for systemctl commands - Provide clear messages when manual nginx reload is required - Continue with site enabling even when reload fails due to permissions Sites can now be enabled successfully in systemd service mode, with clear feedback when manual nginx reload is needed due to security restrictions. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Add automated nginx reload with security wrapper script - Create nginx-wrapper.sh for secure nginx operations without NoNewPrivileges issues - Add setup_nginx_wrapper() function to install script for automated setup - Configure specific sudoers rules for controlled nginx operations - Update config to use wrapper script for all nginx commands - Enable full automation: sites can be created, enabled, and nginx reloaded automatically - Maintain systemd security settings while providing nginx management capabilities - Add comprehensive logging for nginx operations Users no longer need manual nginx reloads - the system handles everything automatically while maintaining security through controlled sudo access to specific operations. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix nginx site enablement with systemd NoNewPrivileges restriction - Updated nginx service to use wrapper script for nginx operations - Prevents "no new privileges" errors when running under systemd service - Improved reliability of site enablement and nginx reloading - Made uninstall script executable 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix site enablement issues under systemd NoNewPrivileges restriction - Enhanced permission error detection in enable_site method - Updated config.yaml.example to use systemd-compatible settings (use_sudo: false) - Fixed install.sh to set proper default admin password - Improved error handling for "Cannot use sudo" and "restricted environment" messages These changes ensure fresh installations work properly with site creation and enablement through the UI. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix site disable functionality with comprehensive permission error handling - Added same permission error detection logic to disable_site method - Fixed "Cannot use sudo: Running in restricted environment" error for site disabling - Added rollback logic to restore symlink if real nginx reload failure occurs - Improved error differentiation between permission issues and actual nginx problems Now both site enable and disable work perfectly under systemd NoNewPrivileges restriction. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix httpx SSLError AttributeError in site testing functionality - Replace deprecated httpx.SSLError with httpx.ConnectError - Add intelligent SSL error detection by checking error message content - Maintain backward compatibility with proper error handling - Resolves "module 'httpx' has no attribute 'SSLError'" error The site test endpoint now works correctly with httpx 0.25.2. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix site testing to use local nginx server with Host headers - Test local nginx server (127.0.0.1) instead of external domains - Use proper Host headers to simulate domain requests - Fix remaining URL reference in RequestError handler - Resolves "Connection failed" errors when testing sites 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix session expiration handling and toast function errors - Fix 'this.showToast is not a function' by using global showToast function - Add comprehensive JWT token expiration checking and validation - Implement global fetch interceptor to catch 401 responses - Enhanced authentication error handling with automatic redirects - Improved session validation on app startup - Better error handling for expired tokens 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Add automatic nginx reload after site enable/disable operations - Implement systemd path watcher for automatic nginx reloads - Create nginx-reload.path to monitor /etc/nginx/sites-enabled changes - Create nginx-reload.service to safely reload nginx with validation - Update enable_site/disable_site messages to indicate auto-reload - Simplify reload_nginx wrapper script logic - Fix permission issues with NoNewPrivileges=true restriction Now nginx automatically reloads whenever sites are enabled/disabled, eliminating the need for manual reloads and fixing the 404 issues. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Ubuntu <ubuntu@ip-172-31-25-103.ec2.internal> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: ubuntu <ubuntu@nginx-manager.local>
16 KiB
Executable File
16 KiB
Executable File