요약

참고: 이것은 사전 릴리스입니다. NPMplus를 백업하고 테스트해 보고 가능하다면 문제가 발생하면 보고해주세요. (테스트한 사람의 반응을 보려면 테스트하고 작동하는지 확인해주세요)

새로운 최신 릴리즈가 이루어지기 전에 아직 필요한 작업들:

폴더 구조 개선
security.txt 업데이트
상위버전 병합
compose.yaml 주석 제거
새 릴리스 생성 (그리고 최신 버전으로 전환하는 것을 사용자에게 알려 기억하세요)

변경 사항

환경을 수정하여 템플릿에 영향을 주는 env 업데이트 시 모든 호스트가 한 번 새로 생성됨
원고를 수정하기 위해 sed 대신 liquidjs 자체를 사용하여 영구 호스트 및 템플릿을 수정
많은 마이그레이션이 이제 단순히 모든 호스트를 다시 만들어서 수행되기 때문에 start.sh를 간소화
NPMplus의 매우 오래된 버전에서의 마이그레이션 제거 (상위 NPM에서의 마이그레이션은 여전히 가능)
http/https 포트 변경 허용
tls-ciphers-no-stapling.conf tls-ciphers.conf 파일을 하나의 파일로 병합
기본적으로 ACME_MUST_STAPLE 비활성화
ACME_OCSP_STAPLING 환경으로 스탭링 여부를 제어, 현재 적용 중이며 4월 말에 비활성화될 예정
환경 DB_SQLITE_FILE은 더 이상 지원되지 않음
NPM_DISABLE_IPV6 및 GOA_DISABLE_IPV6이 제거되고 DISABLE_IPV6에 포함됨

테스트 방법

위의 변경 사항을 읽으세요.
최신/nothing에서 개발로 compose yaml의 태그 변경
compose stack 재배포
발견한 모든 문제 보고

전체 변경 사항: 2024-12-14-r1...2025-01-03-alpha

원문 내용

Note: this is a prerelease, please back up NPMplus and test it if you can, please report back if something does not work (to see how many people test it, please give at least a reaction if you test and it works)

The following still needs to happen before new latest release:

improve folder structure
update security.txt
merge upstream
compose.yaml remove comments
create new release (and remember people to switch back to latest now)

What's Changed

all your hosts will now regenerate once and when you update an env which influences a template
use liquidjs itself instead of sed to modify persistent hosts and templates based on envs
slim start.sh because many migrations are now done by simply recreating all hosts
remove migrations from very old NPMplus versions (migration from upstream NPM still possible)
allow changing http/https ports
merge tls-ciphers-no-stapling.conf tls-ciphers.conf into one file
disable ACME_MUST_STAPLE by default
new ACME_OCSP_STAPLING env controlling if stapling should happen, currently on, will be disabled end april
env DB_SQLITE_FILE is now unsupported
NPM_DISABLE_IPV6 and GOA_DISABLE_IPV6 are now removed and included in DISABLE_IPV6
http3 should now be way faster (http3_stream_buffer_size was too small)
update all stapling files before starting all services
default host is not mounted anymore and recreated on each container start
nginxbeautifier now only runs on hosts generation
fix unresponsive start page (upstream issue, fixed by reverting upstream commit)
dep updates
support php84
update readme
frontend now only allows enabling coreruleset if modsec is also enabled
quic_bpf support (default off, since it needs NPMplus to run as a privileged container)
NIBEP and GOAIWSP have switched their default values
streams forwarding_port now allows $server_port as a valid input
allowed syntax for domain names and stream/proxy forward_host have changed
added support for INITIAL_DEFAULT_PAGE
remove kyber (mlkem is supported)
use freenginx default tls setting when connecting to upstream server
rename nginx_custom folder to custom_nginx
unify proxy.conf and proxy-location.conf to proxy.conf
new dummy certs now use secp384r1 instead of rsa4096
integrate no-servername files in the normal configs
allow disabling hsts subdomains via env
support upstream X_FRAME_OPTIONS env, also change its default from SAMEORIGIN to DENY, add option to not set it
remove Referrer-Police header (default value when unset is the same as NPMplus used before: strict-origin-when-cross-origin)
don't expose version when making a (authenticated/unauthenticated) request to NPMplus API
add ACME_KEY_TYPE env (default and recommended is still ecdsa)
use #!/usr/bin/env sh instead of #!/bin/sh
dns secrets are not mounted anymore, since they are saved in the db and rewritten on every container start, so they don't need to be mounted
certbot is now built together with nginx

How to test

Read the changes above
change the tag in your compose yaml from latest/nothing to develop
redeploy the compose stack
report any issues you find

Full Changelog: 2024-12-14-r1...2025-01-03-alpha

링크 : https://github.com/ZoeyVid/NPMplus/releases/tag/2025-01-03-alpha