What's Changed
- Sorry for taking so long for a new (beta) release, but thanks for the many stars since the last release (I think over 1000 Stars in this time)
- Testing and feedback is welcome! For all people who used the develop tag in the last time, please switch now to the beta image, as develop can always break
- This is still a beta! Make sure to create a backup of the NPMplus data folder!
- For a more complete list, see: #2299
- NPMplus now uses Lets Encrypts shortlived certs by default, which only support up to 25 domains per cert and acme profile support)
- on cert creation you can now choose to always reuse they (except on forced renewal), this is useful for TLSA
- Many Buttons changed what they do, please review if they are still correct, see the README for some background on what these buttons do
- Some nginx modules which could be loaded via env are removed, because of build time, also modsec was removed
- Some envs are removed
- the path of the logs have moved from
nginx/<filename>.logtonginx/logs/<filename>.log, there is still a symlink so crowdsec should not break - OIDC (and secure httponly cookies for tokens)
- Upstreams new frontend was merged, also some things that got lost with the new frontend were re-added
- when using x86-64, then x86-64-v2 is now required
- secpr1 is not used by default anymore, can cause issues like with element x on ios element-hq/element-x-ios#3655 (not classic element on ios and not on android), there is an env to re-enable them
- versions are now better shown in the UI
- fixes, improvements and dep updates (openssl 3.5.1 brings native quic and mlkem)
- cache gravatars locally
- option to edit custom certs
- support: zstd, early hints, file server, proxy protocol in streams, bcrypt for access lists and more
- It seems like the emby android/ios apps break when using certs from letsencrypts shortlived/tlsserver acme profiles since they don't include a Certificate Common Name, this is an issue in the emby apps and should be fixed by them. Certificate Common Name are deprecated in today's standards and with that should not be required when checking if certs are valid. See this thread: #2462 (comment)
Image tags:
docker.io/zoeyvid/npmplus:2025-12-29-b1(fixed to this beta release)ghcr.io/zoeyvid/npmplus:2025-12-29-b1(fixed to this beta release)docker.io/zoeyvid/npmplus:beta(latest beta/stable)ghcr.io/zoeyvid/npmplus:beta(latest beta/stable)
New Contributors
- Note sure if someone is missing, but many thanks!
- @StargazerCel made their first contribution in #1815
- @daeho-ro made their first contribution in #1967
- @RedCrafter07 made their first contribution in #2449
Full Changelog: 2025-05-07-r1...2025-12-29-b1