요약

NPMplus 사전 릴리즈입니다. 사용자를 통한 테스트를 위해서 백업해주세요. 이상이 발생하면 보고해주세요. 테스트한 사람의 반응을 확인하기 위해 테스트 후 반응을 주세요.

새 최신 릴리스 이전에 아래 사항들이 아직 처리되어야 합니다:

• 사용자 테스트
• 템플릿 버전을 샤썸으로 대체할지 결정
• 폴더 구조 개선
• security.txt 업데이트
• 상류 병합
• 리드미 업데이트
• compose.yaml의 주석 제거
• 새로운 릴리즈 생성 (이제 다시 최신 버전으로 변경하라는 사람들에게 알림)

변경 사항

• 모든 호스트는 템플릿에 영향을 주는 환경을 업데이트할 때 한 번만 다시 생성됨
• 영구 호스트 및 템플릿을 변경하기 위해 sed 대신 liquidjs 자체를 사용
• 많은 마이그레이션이 단순히 모든 호스트를 다시 생성함으로써 이루어지므로 start.sh를 줄이기
• NPMplus의 매우 오래된 버전에 대한 마이그레이션 제거 (상류 NPM에서의 마이그레이션이 가능)
• http/https 포트 변경 허용
• tls-ciphers-no-stapling.conf와 tls-ciphers.conf를 하나의 파일로 병합
• 기본으로 ACME_MUST_STAPLE 비활성화
• 스태플링이 발생해야 하는지를 제어하는 새로운 ACME_OCSP_STAPLING 환경 변수, 현재 활성화 상태로, 4월 말에 비활성화될 예정
• 환경 변수 DB_SQLITE_FILE은 더 이상 지원하지 않음
• NPM_DISABLE_IPV6 및 GOA_DISABLE_IPV6이 제거되고 DISABLE_IPV6에 포함됨

테스트 방법

• 위의 변경 사항 읽기
• 최신 버전/아무것도에서 develop로 컴포즈 yaml의 태그 변경
• 컴포즈 스택 다시 배포
• 발견한 모든 문제 보고

전체 변경 사항: 2024-12-14-r1...2025-01-03-alpha

원문 내용

Note: this is a prerelease, please back up NPMplus and test it if you can, please report back if something does not work (to see how many people test it, please give at least a reaction if you test and it works)

The following still needs to happen before new latest release:

• testing by users
• replace template version with shasum of templates?
• improve folder structure
• update security.txt
• merge upstream
• update readme
• compose.yaml remove comments
• create new release (and remember people to switch back to latest now)

What's Changed

• all your hosts will now regenerate once and when you update an env which influences a template
• use liquidjs itself instead of sed to modify persistent hosts and templates based on envs
• slim start.sh because many migrations are now done by simply recreating all hosts
• remove migrations from very old NPMplus versions (migration from upstream NPM still possible)
• allow changing http/https ports
• merge tls-ciphers-no-stapling.conf tls-ciphers.conf into one file
• disable ACME_MUST_STAPLE by default
• new ACME_OCSP_STAPLING env controlling if stapling should happen, currently on, will be disabled end april
• env DB_SQLITE_FILE is now unsupported
• NPM_DISABLE_IPV6 and GOA_DISABLE_IPV6 are now removed and included in DISABLE_IPV6
• http3 should now be way faster (http3_stream_buffer_size was too small)
• remove and recreate all stapling files before starting all services
• default host is not mounted anymore and recreated on each container start
• nginxbeautifier now only runs on hosts generation
• fix unresponsive start page (upstream issue, fixed by reverting upstream commit)
• dep updates
• support php84
• frontend now only allows enabling coreruleset if modsec is also enabled
• quic_bpf support (default off, since it needs NPMplus to run as a privileged container)
• NIBEP and GOAIWSP have switched their default values
• streams forwarding_port now allows $server_port as a valid input
• allowed syntax for domain names and stream/proxy forward_host have changed
• added support for INITIAL_DEFAULT_PAGE
• remove kyber (mlkem is supported)
• use freenginx default tls setting when connecting to upstream server
• rename nginx_custom folder to custom_nginx
• unify proxy.conf and proxy-location.conf to proxy.conf
• new dummy certs now use secp384r1 instead of rsa4096
• integrate no-servername files in the normal configs
• allow disabling hsts subdomains via env
• support upstream X_FRAME_OPTIONS env, also change its default from SAMEORIGIN to DENY, add option to not set it
• remove Referrer-Police header (default value when unset is the same as NPMplus used before: strict-origin-when-cross-origin)
• don't expose version when making a (authenticated/unauthenticated) request to NPMplus API
• add ACME_KEY_TYPE env (default and recommended is still ecdsa)
• use #!/usr/bin/env sh instead of #!/bin/sh
• dns secrets are not mounted anymore, since they are saved in the db and rewritten on every container start, so they don't need to be mounted
• certbot is now built together with nginx

How to test

• Read the changes above
• change the tag in your compose yaml from latest/nothing to develop
• redeploy the compose stack
• report any issues you find

Full Changelog: 2024-12-14-r1...2025-01-03-alpha

링크 : https://github.com/ZoeyVid/NPMplus/releases/tag/2025-01-03-alpha