@lamalibre/create-portlama 1.0.17 → 1.0.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/package.json +1 -1
  2. package/src/lib/service-config.js +7 -0
  3. package/src/tasks/nginx.js +1 -0
  4. package/vendor/panel-client/dist/assets/{index-Bj0EteVS.js → index-Dro9Dzpf.js} +93 -88
  5. package/vendor/panel-client/dist/docs/01-concepts/mtls.md +41 -9
  6. package/vendor/panel-client/dist/docs/01-concepts/security-model.md +9 -2
  7. package/vendor/panel-client/dist/index.html +1 -1
  8. package/vendor/panel-server/src/index.js +2 -0
  9. package/vendor/panel-server/src/lib/mtls.js +260 -1
  10. package/vendor/panel-server/src/lib/nginx.js +1 -0
  11. package/vendor/panel-server/src/lib/revocation.js +112 -0
  12. package/vendor/panel-server/src/middleware/mtls.js +31 -8
  13. package/vendor/panel-server/src/middleware/role-guard.js +28 -0
  14. package/vendor/panel-server/src/routes/management/certs.js +101 -6
  15. package/vendor/panel-server/src/routes/management/invitations.js +9 -3
  16. package/vendor/panel-server/src/routes/management/logs.js +1 -1
  17. package/vendor/panel-server/src/routes/management/services.js +6 -2
  18. package/vendor/panel-server/src/routes/management/sites.js +24 -8
  19. package/vendor/panel-server/src/routes/management/system.js +3 -1
  20. package/vendor/panel-server/src/routes/management/tunnels.js +12 -4
  21. package/vendor/panel-server/src/routes/management/users.js +15 -5
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lamalibre/create-portlama",
3
- "version": "1.0.17",
3
+ "version": "1.0.19",
4
4
  "description": "One-command setup for secure reverse tunnels with a management dashboard",
5
5
  "type": "module",
6
6
  "license": "MIT",
package/src/lib/service-config.js CHANGED
@@ -127,6 +127,13 @@ portlama ALL=(root) NOPASSWD: /usr/bin/chmod 600 /etc/portlama/pki/*
127
127
  portlama ALL=(root) NOPASSWD: /usr/bin/chmod 644 /etc/portlama/pki/*
128
128
  portlama ALL=(root) NOPASSWD: /usr/bin/rm -f /etc/portlama/pki/*
129
129
 
130
+ # --- Agent certificates (portlama-owned directory under pki) ---
131
+ portlama ALL=(root) NOPASSWD: /usr/bin/mkdir -p /etc/portlama/pki/agents
132
+ portlama ALL=(root) NOPASSWD: /usr/bin/mkdir -p /etc/portlama/pki/agents/*
133
+ portlama ALL=(root) NOPASSWD: /usr/bin/chown portlama\\:portlama /etc/portlama/pki/agents
134
+ portlama ALL=(root) NOPASSWD: /usr/bin/chown -R portlama\\:portlama /etc/portlama/pki/agents/*
135
+ portlama ALL=(root) NOPASSWD: /usr/bin/rm -rf /etc/portlama/pki/agents/*
136
+
130
137
  # --- nginx vhost file permissions and cleanup ---
131
138
  portlama ALL=(root) NOPASSWD: /usr/bin/chmod 644 /etc/nginx/sites-available/*
132
139
  portlama ALL=(root) NOPASSWD: /usr/bin/rm -f /etc/nginx/sites-available/*
package/src/tasks/nginx.js CHANGED
@@ -90,6 +90,7 @@ ssl_verify_client on;
90
90
  # Pass client cert verification status to backend
91
91
  proxy_set_header X-SSL-Client-Verify $ssl_client_verify;
92
92
  proxy_set_header X-SSL-Client-DN $ssl_client_s_dn;
93
+ proxy_set_header X-SSL-Client-Serial $ssl_client_serial;
93
94
 
94
95
  # Standard proxy headers
95
96
  proxy_set_header Host $host;