github ZoeyVid/NPMplus 2025-01-03-alpha
on GitHub

pre-release4 days ago

Note: this is a prerelease, please back up NPMplus and test it if you can, please report back if something does not work (to see how many people test it, please give at least a reaction if you test and it works)

The following still needs to happen before new latest release:

  • merge upstream
  • update security.txt
  • compose.yaml remove comments
  • create new release (and remember people to switch back to latest now)

What's Changed

  • all your hosts will now regenerate once and when you update an env which influences a template
  • use liquidjs itself instead of sed to modify persistent hosts and templates based on envs
  • slim start.sh because many migrations are now done by simply recreating all hosts
  • remove migrations from very old NPMplus versions (migration from upstream NPM still possible)
  • allow changing http/https ports
  • merge tls-ciphers-no-stapling.conf tls-ciphers.conf into one file
  • disable ACME_MUST_STAPLE by default
  • new ACME_OCSP_STAPLING env controlling if stapling should happen, currently on, will be disabled end april
  • env DB_SQLITE_FILE is now unsupported
  • NPM_DISABLE_IPV6 and GOA_DISABLE_IPV6 are now removed and included in DISABLE_IPV6
  • http3 should now be way faster (http3_stream_buffer_size was too small)
  • update all stapling files before starting all services
  • default host is not mounted anymore and recreated on each container start
  • nginxbeautifier now only runs on hosts generation
  • fix unresponsive start page (upstream issue, fixed by reverting upstream commit)
  • dep updates
  • support php84
  • update readme
  • improve folder structure
  • frontend now only allows enabling coreruleset if modsec is also enabled
  • quic_bpf support (default off, since it needs NPMplus to run as a privileged container)
  • NIBEP and GOAIWSP have switched their default values
  • streams forwarding_port now allows $server_port as a valid input
  • allowed syntax for domain names and stream/proxy forward_host have changed
  • added support for INITIAL_DEFAULT_PAGE
  • remove kyber (mlkem is supported)
  • use freenginx default tls setting when connecting to upstream server
  • rename nginx_custom folder to custom_nginx
  • unify proxy.conf and proxy-location.conf to proxy.conf
  • new dummy certs now use secp384r1 instead of rsa4096
  • integrate no-servername files in the normal configs
  • allow disabling hsts subdomains via env
  • support upstream X_FRAME_OPTIONS env, also change its default from SAMEORIGIN to DENY, add option to not set it
  • remove Referrer-Police header (default value when unset is the same as NPMplus used before: strict-origin-when-cross-origin)
  • don't expose version when making a (authenticated/unauthenticated) request to NPMplus API
  • add ACME_KEY_TYPE env (default and recommended is still ecdsa)
  • use #!/usr/bin/env sh instead of #!/bin/sh
  • dns secrets are not mounted anymore, since they are saved in the db and rewritten on every container start, so they don't need to be mounted
  • certbot is now built together with nginx

How to test

  • Read the changes above
  • change the tag in your compose yaml from latest/nothing to develop
  • redeploy the compose stack
  • report any issues you find

Full Changelog: 2024-12-14-r1...2025-01-03-alpha

Check out latest releases or
releases around ZoeyVid/NPMplus 2025-01-03-alpha

Don't miss a new NPMplus release

NewReleases is sending notifications on new releases.

Get notifications