├── .github └── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── .gitignore ├── CHANGELOG.md ├── LICENSE.md ├── README.md └── npm-api.sh /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | 11 | **Describe the bug** 12 | A clear and concise description of what the bug is. 13 | 14 | **To Reproduce** 15 | Steps to reproduce the behavior: 16 | 1. Command '...' 17 | 2. See error 18 | 19 | **Expected behavior** 20 | A clear and concise description of what you expected to happen. 21 | 22 | **Screenshots** 23 | If applicable, add screenshots to help explain your problem. 24 | 25 | **Operating System:** 26 | - OS: [e.g. Debian] 27 | - Version [e.g. 12] 28 | 29 | **Additional context** 30 | Add any other context about the problem here. 31 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Is your feature request related to a problem? Please describe.** 11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 12 | 13 | **Describe the solution you'd like** 14 | A clear and concise description of what you want to happen. 15 | 16 | **Describe alternatives you've considered** 17 | A clear and concise description of any alternative solutions or features you've considered. 18 | 19 | **Additional context** 20 | Add any other context or screenshots about the feature request here. 21 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # IDE specific files 2 | .vscode/ 3 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | 3 | All notable changes to the npm-api.sh script will be documented in this file. 4 | 5 | ## [3.0.0] - 2025-03-24 6 | 7 | ### 🔄 Breaking Changes 8 | 9 | - **Host Creation Command Simplified** 10 | ```diff 11 | - OLD: ./npm-api.sh -d example.com -i 192.168.1.10 -p 8080 12 | + NEW: ./npm-api.sh --host-create example.com -i 192.168.1.10 -p 8080 13 | ``` 14 | The `-d` option has been removed in favor of a more intuitive positional argument after `--host-create` 15 | 16 | ### New Commands (2.8.0) 17 | 18 | - `--access-list`: List all available access lists 19 | - `--access-list-show `: Show detailed information for a specific access list 20 | - `--access-list-create`: Create a new access list 21 | - `--access-list-update`: Update an existing access list 22 | - `--access-list-delete`: Delete an access list 23 | - `--list-cert`: List certificates filtered by domain name 24 | - `--list-cert-all`: List all SSL certificates 25 | 26 | ### New Long Options Format 27 | 28 | - Certificate Generation: 29 | ```diff 30 | - OLD: ./npm-api.sh --cert-generate example.com admin@example.com 31 | + NEW: ./npm-api.sh --cert-generate example.com --cert-email admin@example.com 32 | ``` 33 | 34 | - Wildcard Certificate with DNS Challenge: 35 | ```diff 36 | - OLD: ./npm-api.sh --cert-generate "*.example.com" admin@example.com --dns-provider cloudflare --dns-credentials '{"dns_cloudflare_email":"your@email.com","dns_cloudflare_api_key":"your_api_key"}' 37 | + NEW: ./npm-api.sh --cert-generate "*.example.com" \ 38 | + --cert-email admin@example.com \ 39 | + --dns-provider cloudflare \ 40 | + --dns-credentials '{"dns_cloudflare_email":"your@email.com","dns_cloudflare_api_key":"your_api_key"}' 41 | ``` 42 | 43 | ### Renamed Commands 44 | 45 | - `--list-ssl-cert` → `--list-cert` 46 | - `--create-user` → `--user-create` 47 | - `--delete-user` → `--user-delete` 48 | - `--list-users` → `--user-list` 49 | - `--list-access` → `--access-list` 50 | - `--update-host` → `--host-update` 51 | 52 | ### Enhanced Commands 53 | 54 | - `--generate-cert`: Added support for wildcard certificates and DNS challenges 55 | - Add Wildcard support. 56 | - Support for multiple DNS providers (Dynu, Cloudflare, DigitalOcean, etc.) 57 | 58 | ### Syntax Changes 59 | 60 | - Host-related commands now consistently use the `--host-` prefix 61 | - User-related commands now consistently use the `--user-` prefix 62 | - Certificate-related commands now consistently use the `--cert-` prefix 63 | 64 | 65 | ### ✨ New Features 66 | 67 | - **Smart certificate management in SSL configuration**: 68 | - Automatic detection of existing certificates for domains 69 | - Automatic selection of single existing certificates 70 | - Selection system for multiple certificates: 71 | * Auto-selects most recent with `-y` flag 72 | * Interactive selection without `-y` flag 73 | - Integration with certificate generation workflow 74 | - Enhanced SSL status display with detailed configuration state 75 | - Improved error handling and debug information 76 | - Configurable SSL parameters: 77 | * SSL Forced 78 | * HTTP/2 Support 79 | * HSTS 80 | * HSTS Subdomains 81 | 82 | - **Enhanced Host Creation** 83 | - Simplified command syntax with positional domain argument 84 | - Improved parameter validation 85 | - Better error messages with clear examples 86 | - Default values for optional parameters 87 | 88 | - **Improved Error Handling** 89 | - Clear error messages for missing parameters 90 | - Validation of domain name format 91 | - Parameter type checking (e.g., port numbers, boolean values) 92 | - Helpful usage examples in error messages 93 | 94 | - Added comprehensive dashboard with `display_dashboard()` showing: 95 | - Proxy hosts status (enabled/disabled) 96 | - SSL certificates (valid/expired) 97 | - Access lists and clients 98 | - System statistics 99 | 100 | - Enhanced SSL Certificate Management: 101 | - Improved wildcard certificate support 102 | - Enhanced domain validation 103 | - DNS challenge management for wildcard certificates 104 | - Support for multiple DNS providers (Cloudflare, DigitalOcean, etc.) 105 | 106 | - **Enhanced Access List Management**: 107 | - Detailed view for individual access lists 108 | - Colored output for better readability 109 | - Display of users and IP counts 110 | - Clear visualization of allow/deny rules 111 | - Authentication status indicators 112 | - Satisfaction mode display (Any/All) 113 | - Proxy host count integration 114 | - Improved formatting and layout 115 | - Better error handling for null values 116 | - Comprehensive legend for status indicators 117 | 118 | ### 🛠️ Code Optimizations 119 | 120 | - Removed redundant parameter validations 121 | - Streamlined host creation logic 122 | - Unified error message format 123 | - Better code organization 124 | - Enhanced Token Management: 125 | - Automatic validation 126 | - Smart renewal 127 | - Secure storage 128 | 129 | - Improved Host Management Commands: 130 | - Enhanced display with `host_show()` 131 | - Better error handling 132 | - Advanced configuration support 133 | 134 | - Improved access list display with: 135 | - Dynamic column sizing 136 | - Proper null value handling 137 | - Efficient data processing 138 | - Better color management 139 | - Enhanced table formatting 140 | 141 | ### 📚 Documentation 142 | 143 | - Updated access list command documentation: 144 | - Added examples for detailed view 145 | - Improved command descriptions 146 | - Better parameter explanations 147 | 148 | ### 🔐 Security 149 | 150 | - Enhanced input validation 151 | - Better parameter sanitization 152 | - Improved error handling for invalid inputs 153 | 154 | ### 🛠️ Fixes and Optimizations 155 | 156 | - Fixed SSL certificate management bugs 157 | - Improved user input validation 158 | - Optimized API requests 159 | - Enhanced HTTP error handling 160 | 161 | ### 🙏 Remerciements 162 | 163 | Thanks to [zafar-2020](https://github.com/zafar-2020) for the testing and helpful issue reports during the development of this release! 164 | 165 | 166 | ## [2.7.0] - 2025-03-08 167 | 168 | ### Added 169 | 170 | - DNS Challenge Support 171 | - Added support for multiple DNS providers (Dynu, Cloudflare, DigitalOcean, etc.) 172 | - Implemented automatic DNS challenge detection for wildcard certificates 173 | - Added validation for DNS provider and API key parameters 174 | 175 | - Wildcard Certificate Support 176 | - Added ability to generate wildcard certificates (*.domain.com) 177 | - Automatic detection of wildcard certificate requirements 178 | - Enforced DNS challenge requirement for wildcard certificates 179 | 180 | - Certificate Management Enhancements 181 | - Added ability to specify existing certificate by ID when enabling SSL 182 | - Implemented automatic certificate matching for domains 183 | - Added support for using wildcard certificates with host SSL configuration 184 | - Enhanced certificate search to match wildcard patterns 185 | 186 | ### Changed 187 | 188 | - Command Structure 189 | - Modified --generate-cert command to accept DNS parameters after email: 190 | ```bash 191 | --generate-cert domain [email] [dns-provider provider dns-api-key key] 192 | ``` 193 | - Updated --host-ssl-enable to accept optional certificate ID: 194 | ```bash 195 | --host-ssl-enable ID [cert_id] 196 | ``` 197 | 198 | - Help Documentation 199 | - Updated help section with detailed DNS challenge information 200 | - Added examples for wildcard certificates and different DNS providers 201 | - Improved documentation for SSL certificate management 202 | - Added clarification for supported DNS providers 203 | 204 | ### Improved 205 | 206 | - Error Handling 207 | - Added validation for DNS challenge parameters 208 | - Enhanced error messages for certificate operations 209 | - Improved feedback for wildcard certificate requirements 210 | 211 | - User Experience 212 | - Added automatic certificate selection when enabling SSL 213 | - Improved certificate matching logic 214 | - Enhanced feedback during certificate operations 215 | - Added clear examples for all new features 216 | 217 | ## [1.0.0] - Initial Release 218 | 219 | - Basic SSL certificate management 220 | - Proxy host configuration 221 | - User list 222 | -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2024 nginx-proxy-manager-Bash-API 4 | 5 | 6 | Permission is hereby granted, free of charge, to any person obtaining a copy 7 | of this software and associated documentation files (the "Software"), to deal 8 | in the Software without restriction, including without limitation the rights 9 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 | copies of the Software, and to permit persons to whom the Software is 11 | furnished to do so, subject to the following conditions: 12 | 13 | The above copyright notice and this permission notice shall be included in all 14 | copies or substantial portions of the Software. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 | SOFTWARE. 23 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Release][release-shield]][release] 2 | ![Project Stage][project-stage-shield] 3 | [![License][license-shield]][license] 4 | [![Contributors][contributors-shield]][contributors] 5 | [![Issues][issues-shield]][issue] 6 | [![Stargazers][stars-shield]][stars] 7 | 8 | 9 | # Nginx Proxy Manager CLI Script V3.0.1 🚀 10 | 11 | ## Table of Contents 12 | 13 | 1. [Description](#description) 14 | 2. [Reference API](#reference-api) 15 | 3. [Prerequisites](#prerequisites) 16 | 4. [Installation](#installation) 17 | 5. [Settings](#settings) 18 | 6. [Usage](#usage) 19 | 7. [Options](#options) 20 | 8. [Examples](#examples) 21 | - [Backup](#backup) 22 | - [Script Info](#script-info) 23 | - [Host List](#host-list) 24 | - [SSL Enable](#host-ssl-enable) 25 | - [Host Update](#host-update) 26 | 9. [Important Notice](#important-notice-repository-history-rewritten) 27 | 10. [TODO](#todo) 28 | 29 | > [!WARNING] 30 | > The --restore command is disabled (a fix is in progress). 31 | > 32 | 33 | # V3.0.0 is out 🚀 34 | Check the latest release with major improvements and fixes. 35 | 36 | ## Description 37 | 🛠️ This script allows you to efficiently manage [Nginx Proxy Manager](https://github.com/NginxProxyManager/nginx-proxy-manager?utm_source=nginx-proxy-manager) via its **API**. It provides advanced features such as proxy host creation, user management, and configuration display, while also integrating a backup system (BACKUP) with a user-friendly interface. 38 | 39 | It simplifies task automation, including proxy creation, SSL certificate management, and full reverse proxy administration. 40 | 41 | ⚠️ The RESTORE function is still under development. 🚧 42 | 43 | 🔑 **Automatically generates** and **manages tokens**, ensuring their validity, so you don't have to worry about token expiration. 44 | 45 |
46 | French description: 47 | Ce script permet de gérer Nginx Proxy Manager via son API de manière simple et efficace. Il offre des fonctionnalités avancées telles que la création de hosts proxy, la gestion des utilisateurs et l'affichage des configurations, tout en intégrant un système de sauvegarde (BACKUP) avec une interface conviviale. 48 | 49 | Il facilite l'automatisation des tâches courantes, comme l'ajout de proxies, la gestion des certificats SSL et l'administration complète de vos reverse proxies. 50 | 51 | ⚠️ La fonction RESTORE est encore en développement. 🚧 52 |
53 | 54 | ## Reference API 55 | [https://github.com/NginxProxyManager/nginx-proxy-manager/tree/develop/backend/schema](https://github.com/NginxProxyManager/nginx-proxy-manager/tree/develop/backend/schema) 56 | 57 | ## Prerequisites 58 | 59 | The excellent NPM (![Nginx Proxy Manager](https://github.com/NginxProxyManager/nginx-proxy-manager?utm_source=nginx-proxy-manager)) 60 | 61 | 62 |
63 | Required basic dependencies. 64 | The script will automatically check if they are installed and will download them if necessary: 65 | 66 | - `curl` 67 | - `jq` 68 | 69 |
70 | 71 | ## Installation 72 | ```bash 73 | wget https://raw.githubusercontent.com/Erreur32/nginx-proxy-manager-Bash-API/main/npm-api.sh 74 | chmod +x npm-api.sh 75 | # Run the script. 76 | ./npm-api.sh 77 | ``` 78 | 79 | 80 | ## Settings 81 | > [!IMPORTANT] 82 | > (Optional) You can create a configuration file named `npm-api.conf` with these 4 required variables. 83 | 84 | To ensure the script is functional, edit these 4 variables (mandatory). 85 | 86 | ```bash 87 | # npm-api.conf 88 | 89 | ## Nginx proxy IP address (your Nginx IP/port) 90 | NGINX_IP="127.0.0.1" 91 | NGINX_PORT="81" 92 | 93 | ## Existing user (user and password) on NPM 94 | API_USER="admin@example.com" 95 | API_PASS="changeme" 96 | 97 | # Optional (only if you want in other /path than script directory) 98 | # DATA_DIR="/path/nginx_backup/dir" 99 | 100 | ``` 101 | 102 | ## Usage 103 | ```bash 104 | ./npm-api.sh [OPTIONS] 105 | ./npm-api.sh --help 106 | ./npm-api.sh --show-default 107 | ``` 108 | 109 | 110 | ## Options 111 | ```tcl 112 | 113 | Options available: (see --examples for more details) 114 | -y Automatic yes prompts! 115 | --info Display Script Variables Information 116 | --show-default Show Default settings for host creation 117 | --check-token Check Check current token info 118 | --backup 💾 Backup All configurations to a different files in $DATA_DIR 119 | 120 | Proxy Host Management: 121 | ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 122 | --host-search domain Search Proxy host by domain name 123 | --host-list List All Proxy hosts (to find ID) 124 | --host-show 🆔 Show Full details for a specific host by ID 125 | 126 | --host-create domain -i forward_host -p forward_port [options] 127 | 128 | Required: 129 | domain Domain name (required) 130 | -i forward-host IP address or domain name of the target server (required) 131 | -p forward-port Port of the target server (required) 132 | 133 | optional: (Check default settings,no argument needed if already set!) 134 | -f FORWARD_SCHEME Scheme for forwarding (http/https, default: http) 135 | -c CACHING_ENABLED Enable caching (true/false, default: false) 136 | -b BLOCK_EXPLOITS Block exploits (true/false, default: true) 137 | -w ALLOW_WEBSOCKET_UPGRADE Allow WebSocket upgrade (true/false, default: true) 138 | -l CUSTOM_LOCATIONS Custom locations (JSON array of location objects) 139 | -a ADVANCED_CONFIG Advanced configuration (string) 140 | 141 | --host-enable 🆔 Enable Proxy host by ID 142 | --host-disable 🆔 Disable Proxy host by ID 143 | --host-delete 🆔 Delete Proxy host by ID 144 | --host-update 🆔 [field]=value Update One specific field of an existing proxy host by ID 145 | (eg., --host-update 42 forward_host=foobar.local) 146 | 147 | --host-acl-enable 🆔 access_list_id Enable ACL for Proxy host by ID with Access List ID 148 | --host-acl-disable 🆔 Disable ACL for Proxy host by ID 149 | --host-ssl-enable 🆔 [cert_id] Enable SSL for host ID optionally using specific certificate ID 150 | --host-ssl-disable 🆔 Disable SSL, HTTP/2, and HSTS for a proxy host 151 | 152 | --cert-list List ALL SSL certificates 153 | --cert-show domain Or 🆔 List SSL certificates filtered by [domain name] (JSON) 154 | --cert-delete domain Or 🆔 Delete Certificate for the given 'domain' 155 | --cert-generate domain [email] Generate Let's Encrypt Certificate or others Providers. 156 | • Standard domains: example.com, sub.example.com 157 | • Wildcard domains: *.example.com (requires DNS challenge) 158 | • DNS Challenge: Required for wildcard certificates 159 | - Format: dns-provider PROVIDER dns-api-key KEY 160 | - Providers: dynu, cloudflare, digitalocean, godaddy, namecheap, route53, ovh, gcloud, ... 161 | 162 | --user-list List All Users 163 | --user-create username password email Create User with a username, password and email 164 | --user-delete 🆔 Delete User by username 165 | 166 | --access-list List All available Access Lists (ID and Name) 167 | --access-list-show 🆔 Show detailed information for specific access list 168 | --access-list-create Create Access Lists with options: 169 | • --satisfy [any|all] Set access list satisfaction mode 170 | • --pass-auth [true|false] Enable/disable password authentication 171 | • --users "user1,user2" List of users (comma-separated) 172 | • --allow "ip1,ip2" List of allowed IPs/ranges 173 | • --deny "ip1,ip2" List of denied IPs/ranges 174 | --access-list-delete 🆔 Delete Access List by access ID 175 | --access-list-update 🆔 Update Access List by access ID with options: 176 | • --name "new_name" New name for the access list 177 | • --satisfy [any|all] Update satisfaction mode 178 | • --pass-auth [true|false] Update password authentication 179 | • --users "user1,user2" Update list of users 180 | • --allow "ip1,ip2" Update allowed IPs/ranges 181 | • --deny "ip1,ip2" Update denied IPs/ranges 182 | 183 | ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 184 | --examples 🔖 Examples commands, more explicits 185 | --help 👉 It's me 186 | 187 | ``` 188 | 189 | ## Examples 190 | 191 | ```bash 192 | 📦 Backup First ! 193 | ./npm-api.sh --backup 194 | 195 | 🌐 Host Creation: 196 | # Basic host creation 197 | ./npm-api.sh --host-create domain.com -i IP -p PORT [-b true/false] [-c true/false] [-w true/false] [-h true/false] 198 | 199 | # Create host with SSL certificate and enable SSL (all-in-one) 200 | ./npm-api.sh --host-create domain.com -i IP -p PORT [options] --cert-generate --host-ssl-enable -y 201 | 202 | # Create host with SSL certificate and enable SSL (with specific domain) 203 | ./npm-api.sh --host-create domain.com -i IP -p PORT [options] --cert-generate domain.com --host-ssl-enable -y 204 | 205 | # Create host with custom options 206 | ./npm-api.sh --host-create example.com -i 192.168.1.10 -p 8080 \ 207 | -f https \ # Forward scheme 208 | -b true \ # Block exploits 209 | -c true \ # Enable caching 210 | -w true \ # Enable websocket 211 | -h true \ # Enable HTTP/2 212 | -y # Auto confirm 213 | 214 | 🤖 Automatic operations (no prompts): 215 | ./npm-api.sh --host-create example.com -i 192.168.1.10 -p 8080 -y 216 | ./npm-api.sh --host-delete 42 -y 217 | ./npm-api.sh --host-ssl-enable 10 -y 218 | 219 | 🔍 Information and Status: 220 | ./npm-api.sh --info # Show configuration and dashboard 221 | ./npm-api.sh --show-default # Show default settings 222 | ./npm-api.sh --check-token # Verify token validity 223 | ./npm-api.sh --host-search domain.com # Search for a specific domain 224 | ./npm-api.sh --host-list # List all hosts 225 | ./npm-api.sh --host-list-full # List hosts with details 226 | ./npm-api.sh --host-show 42 # Show specific host details 227 | 228 | 🔒 SSL Management: 229 | # List all certificates 230 | ./npm-api.sh --list-ssl-cert 231 | # Generate standard Let's Encrypt certificate 232 | ./npm-api.sh --cert-generate domain.com [email] [dns_provider] [dns_credentials] [-y] 233 | # Generate wildcard certificate with Cloudflare 234 | ./npm-api.sh --cert-generate "*.example.com" \ 235 | --cert-email admin@example.com \ 236 | --dns-provider cloudflare \ 237 | --dns-credentials '{"dns_cloudflare_email":"your@email.com","dns_cloudflare_api_key":"your_api_key"}' 238 | 239 | # Delete certificate 240 | ./npm-api.sh --delete-cert domain.com 241 | # Enable SSL for host 242 | ./npm-api.sh --host-ssl-enable HOST_ID 243 | # Generate certificate and enable SSL for existing host 244 | ./npm-api.sh --cert-generate domain.com --host-ssl-enable -y 245 | 246 | 🌟 Complete Examples with Wildcard Certificates: 247 | # Create host with wildcard certificate using Cloudflare DNS 248 | ./npm-api.sh --host-create "*.example.com" -i 192.168.1.10 -p 8080 \ 249 | --cert-generate "*.example.com" \ 250 | --cert-email admin@example.com \ 251 | --dns-provider cloudflare \ 252 | --dns-credentials '{"dns_cloudflare_email":"your@email.com","dns_cloudflare_api_key":"your_api_key"}' \ 253 | --host-ssl-enable -y 254 | 255 | # Same with DigitalOcean DNS 256 | ./npm-api.sh --host-create "*.example.com" -i 192.168.1.10 -p 8080 \ 257 | --cert-generate "*.example.com" \ 258 | --cert-email admin@example.com \ 259 | --dns-provider digitalocean \ 260 | --dns-credentials '{"dns_digitalocean_token":"your_token"}' \ 261 | --host-ssl-enable -y 262 | 263 | # Same with GoDaddy DNS 264 | ./npm-api.sh --host-create "*.example.com" -i 192.168.1.10 -p 8080 \ 265 | --cert-generate "*.example.com" \ 266 | --cert-email admin@example.com \ 267 | --dns-provider godaddy \ 268 | --dns-credentials '{"dns_godaddy_key":"your_key","dns_godaddy_secret":"your_secret"}' \ 269 | --host-ssl-enable -y 270 | 271 | 🛡️ Access Control Lists: 272 | # List all access lists 273 | ./npm-api.sh --list-access 274 | # Show detailed information for specific access list 275 | ./npm-api.sh --access-list-show 123 276 | # Create a basic access list 277 | ./npm-api.sh --access-list-create "office" --satisfy any 278 | # Create access list with authentication 279 | ./npm-api.sh --access-list-create "secure_area" --satisfy all --pass-auth true 280 | # Create access list with users 281 | ./npm-api.sh --access-list-create "dev_team" --users "john,jane,bob" --pass-auth true 282 | # Create access list with IP rules 283 | ./npm-api.sh --access-list-create "internal" --allow "192.168.1.0/24" --deny "192.168.1.100" 284 | # Create comprehensive access list 285 | ./npm-api.sh --access-list-create "full_config" \ 286 | --satisfy all \ 287 | --pass-auth true \ 288 | --users "admin1,admin2" \ 289 | --allow "10.0.0.0/8,172.16.0.0/12" \ 290 | --deny "10.0.0.50,172.16.1.100" 291 | 292 | # Update an existing access list 293 | ./npm-api.sh --access-list-update 42 294 | # Delete an access list (with confirmation) 295 | ./npm-api.sh --access-list-delete 42 296 | # Delete an access list (skip confirmation) 297 | ./npm-api.sh --access-list-delete 42 -y 298 | # Enable ACL for a host 299 | ./npm-api.sh --host-acl-enable 42,5 # Enable ACL ID 5 for host 42 300 | # Disable ACL for a host 301 | ./npm-api.sh --host-acl-disable 42 # Disable ACL for host 42 302 | 303 | 👥 User Management: 304 | ./npm-api.sh --create-user newuser password123 user@example.com 305 | ./npm-api.sh --delete-user 'username' 306 | ./npm-api.sh --list-users 307 | 308 | 🔧 Advanced Examples: 309 | # Custom Nginx configuration 310 | ./npm-api.sh --host-create example.com -i 192.168.1.10 -p 8080 \ 311 | -a 'proxy_set_header X-Real-IP $remote_addr;' 312 | 313 | 🛡️ Custom locations: 314 | ./npm-api.sh --host-create example.com -i 192.168.1.10 -p 8080 \ 315 | -l '[{"path":"/api","forward_host":"192.168.1.11","forward_port":8081}]' 316 | 317 | # Update specific fields 318 | ./npm-api.sh --update-host 42 forward_scheme=https 319 | ./npm-api.sh --update-host 42 forward_port=8443 320 | 321 | 322 | 🔖 Full options: 323 | ./npm-api.sh --host-create example.com -i 192.168.1.10 -p 8080 \ 324 | -f https -c true -b true -w true \ 325 | -a 'proxy_set_header X-Real-IP $remote_addr;' \ 326 | -l '[{"path":"/api","forward_host":"192.168.1.11","forward_port":8081}]' 327 | ``` 328 | 329 | ### --backup 330 | 331 | ```bash 332 | ./npm-api.sh --backup 333 | ``` 334 | 335 | ### 💾 Backup Operations 336 | 337 | #### Schema of the backup directory: 338 | 339 | ```bash 340 | # Full backup of all configurations 341 | ./npm-api.sh --backup 342 | 343 | # This will create a backup in the following structure: 344 | 📁 data/ 345 | └── 📁 backups/ 346 | └── 📁 [IP]_[PORT]/ 347 | ├── 📁 .access_lists/ # Access list configurations 348 | ├── 📁 .Proxy_Hosts/ # All proxy host configurations 349 | │ ├── 📁 [DOMAIN]/ # Directory for each domain 350 | │ │ ├── 📁 logs/ # Log directory 351 | │ │ ├── 📁 ssl/ # SSL directory 352 | │ │ │ ├── 📄 certificate_meta.json # Certificate metadata 353 | │ │ │ ├── 📄 certificate.pem # Certificate 354 | │ │ │ ├── 📄 chain.pem # Chain of certificates 355 | │ │ │ └── 📄 private.key # Private key 356 | │ │ ├── 📄 nginx.conf # Nginx configuration 357 | │ │ └── 📄 proxy_config.json # Proxy configuration 358 | │ ├── 📄 all_hosts_[DATE].json # List of all hosts 359 | │ └── 📄 all_hosts_latest.json # Symlink to latest backup 360 | ├── 📁 .settings/ # NPM settings 361 | ├── 📁 .ssl/ # SSL certificates 362 | ├── 📁 .user/ # User configurations 363 | └── 📄 full_config.json # Complete backup file 364 | └── 📁 token/ 365 | ├── 📄 token.txt # Authentication token 366 | └── 📄 expiry.txt # Token expiry date 367 | ``` 368 | 369 | #### 🔄 Backup Contents 370 | 371 | 1. **Proxy Hosts** (`/.Proxy_Hosts/`) 372 | - Individual host configurations 373 | - Nginx configurations 374 | - Complete host list with timestamps 375 | 376 | 2. **SSL Certificates** (`/.ssl/`) 377 | - Certificates and private keys 378 | - Certificate metadata 379 | - Chain certificates 380 | 381 | 3. **Access Lists** (`/.access_lists/`) 382 | - Access list configurations 383 | - Client authorizations 384 | - Access rules 385 | 386 | 4. **Users** (`/.user/`) 387 | - User accounts 388 | - Permissions 389 | - Authentication settings 390 | 391 | 5. **Settings** (`/.settings/`) 392 | - Global NPM settings 393 | - System configurations 394 | - Default parameters 395 | 396 | #### 🔐 Token Management 397 | 398 | The `token/` directory contains: 399 | - Authentication tokens 400 | - Token expiry information 401 | - One file per NPM instance 402 | 403 | #### --host-update 404 | ##### update specific fields of an existing proxy host 405 | 406 | The `--host-update` command allows you to **update specific fields** of an existing proxy host in Nginx Proxy Manager **without recreating it**. 407 | 408 | Simply specify the **proxy host ID** and the **field you want to update**, like this: 409 | 410 | ```bash 411 | ./npm-api.sh --update-host 42 forward_host=new.backend.local 412 | ``` 413 | 414 | | Field Name | Type | Description | 415 | |--------------------------|-----------|-----------------------------------------------------------------------------| 416 | | `domain_names` | `array` | List of domains handled by this proxy. | 417 | | `forward_host` | `string` | The destination (backend) hostname or IP. | 418 | | `forward_port` | `integer` | The destination port (e.g., `8000`, `443`). | 419 | | `forward_scheme` | `string` | The scheme: `http` or `https`. | 420 | | `enabled` | `boolean` | Whether the proxy is enabled (`true` or `false`). | 421 | | `ssl_forced` | `boolean` | Redirect all HTTP requests to HTTPS. | 422 | | `certificate_id` | `integer` | The ID of the SSL certificate to use. | 423 | | `meta.letsencrypt_agree` | `boolean` | Agree to Let's Encrypt TOS (`true` or `false`). | 424 | | `meta.dns_challenge` | `boolean` | Use DNS challenge for SSL cert (`true` or `false`). | 425 | | `allow_websocket_upgrade`| `boolean` | Enable WebSocket support (`true` or `false`). | 426 | | `http2_support` | `boolean` | Enable HTTP/2 (`true` or `false`). | 427 | | `caching_enabled` | `boolean` | Enable caching (`true` or `false`). | 428 | | `block_exploits` | `boolean` | Block known exploits (`true` or `false`). | 429 | | `advanced_config` | `string` | Custom Nginx directives (multiline string). | 430 | | `locations` | `array` | Custom location blocks (advanced use). | 431 | 432 | 433 | 434 | #### Verifying the Configuration 435 | 436 | Some info of settings in the script with `./npm-api.sh --info` 437 | 438 | #### info 439 | ```bash 440 | ./npm-api.sh --info 441 | 442 | 🔍 Checking system dependencies and directories... 443 | ✅ All dependencies and directories are properly set up 444 | ├── System tools: OK 445 | ├── Directories : OK 446 | └── Permissions : OK 447 | 448 | 🔑 Checking token validity... 449 | ✅ Token is valid 450 | 📅 Expires: 2026-03-14T10:24:56.267Z 451 | 452 | Script Info: 3.0.0 453 | Script Variables Information: 454 | Config : /home/tools/Project/nginx_proxy/npm-api.conf 455 | BASE URL : http://127.0.0.1:8099/api 456 | NGINX IP : 127.0.0.1 457 | USER NPM : user@mail.com 458 | BACKUP DIR : /home/tools/Project/nginx_proxy/data/127_0_0_1_8099 459 | 460 | 📂 Backup Locations: 461 | • Backup: /home/tools/Project/nginx_proxy/data/127_0_0_1_8099/backups 462 | • Token: /home/tools/Project/nginx_proxy/data/127_0_0_1_8099/backups/token/ 463 | 464 | 📊 NGINX - Proxy Manager - Dashboard 🔧 465 | ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 466 | ┌─────────────────┬─────────┐ 467 | │ COMPONENT │ STATUS │ 468 | ├─────────────────┼─────────┤ 469 | │ 🌐 Proxy Hosts │ 11 │ 470 | │ ├─ Enabled │ 9 │ 471 | │ └─ Disabled │ 2 │ 472 | ├─────────────────┼─────────┤ 473 | │ 🔄 Redirections │ 1 │ 474 | │ 🔌 Stream Hosts │ 0 │ 475 | ├─────────────────┼─────────┤ 476 | │ 🔒 Certificates │ 1 │ 477 | │ ├─ Valid │ 1 │ 478 | │ └─ Expired │ 0 │ 479 | ├─────────────────┼─────────┤ 480 | │ 🔒 Access Lists │ 1 │ 481 | │ └─ Clients │ 0 │ 482 | ├─────────────────┼─────────┤ 483 | │ 👥 Users │ 3 │ 484 | ├─────────────────┼─────────┤ 485 | │ ⏱️ Uptime │ 2 days │ 486 | │ 📦 NPM Version │ 2.12.3 │ 487 | └─────────────────┴─────────┘ 488 | 489 | 💡 Use --help to see available commands 490 | Check --examples for more help examples 491 | ``` 492 | 493 | 494 | #### **How to activate SSL ?** 495 | 496 | By following these steps, you can enable SSL for your proxy host for the first time using Let's Encrypt. 497 | 498 | #### --host-list 499 | List all Host in one command and show ´id´ , ´status´ and ´SSL´ status: 500 | 501 | ./npm-api.sh --host-list 502 | 503 | 👉 List of proxy hosts (simple) 504 | ID Domain Status SSL Certificate Domain 505 | 14 example.com enabled ✘ 506 | 15 example.titi enabled ✘ 507 | 1 domain.com disable 8 domain.com 508 | 11 titi.eu enabled ✘ 509 | 12 toutou disable ✘ 510 | 13 toutoux enabled ✘ 511 | 512 | 513 | 514 | #### --host-ssl-enable 515 | ##### Enable SSL for the Host 516 | 517 | Assuming the host ID is *1*, you would enable SSL for the host as follows: 518 | 519 | ./npm-api.sh --host-ssl-enable 1 520 | 521 | ##### **Other Exemple command:** 522 | 523 | Host proxy info command `--host-show id` 524 | 525 | ```json 526 | ./npm-api.sh --host-show 1 527 | 528 | 👉 Full details for proxy host ID: 59... 529 | 530 | { 531 | "id": 10, 532 | "created_on": "2024-07-11 13:16:34", 533 | "modified_on": "2024-07-13 09:42:40", 534 | "owner_user_id": 1, 535 | "domain_names": [ 536 | "test.domain.com" 537 | ], 538 | "forward_host": "127.0.0.1", 539 | "forward_port": 80, 540 | "access_list_id": 0, 541 | "certificate_id": 81, 542 | "ssl_forced": 1, 543 | "caching_enabled": 0, 544 | "block_exploits": 1, 545 | "advanced_config": "", 546 | "meta": { 547 | "letsencrypt_agree": true, 548 | "letsencrypt_email": "", 549 | "nginx_online": true, 550 | "nginx_err": null 551 | }, 552 | "allow_websocket_upgrade": 1, 553 | "http2_support": 1, 554 | "forward_scheme": "http", 555 | "enabled": 1, 556 | "locations": [], 557 | "hsts_enabled": 1, 558 | "hsts_subdomains": 0 559 | } 560 | 561 | ``` 562 | 563 | ### Important Notice: Repository History Rewritten 564 | 565 | ⚠️ Action Required for All Contributors (or cloned repo.) 566 | 567 | We have performed a **force push (`git push --force`)** on this repository to remove sensitive data from the history. As a result, the commit history has been rewritten, and your local copy may be out of sync. 568 | 569 | 🛠️ What You Need to Do? 570 | To avoid any issues, please follow these steps to update your local repository: 571 | 572 | ```bash 573 | git fetch --all 574 | git reset --hard origin/main # Replace 'main' with your branch name if different 575 | ``` 576 | If you have local changes that you **don't want to lose**, consider making a backup before running these commands. 577 | 578 | ❓ Why Was This Done? 579 | This action was necessary to **remove sensitive data** from the repository's history and ensure better security. 580 | 581 | ## TODO: 582 | - [x] add setting for ADVANCED configuration in npm `location / { ... }` 583 | - [x] Add documentation on certain functions 584 | - [x] ADD: a configuration function for Custom Locations 585 | - [x] Backup all settings from NPM 586 | - [x] Add automatic confirmation with -y parameter 587 | - [X] Clean/minimize output when using -y parameter for better script integration 588 | - [X] Creation of ACCESS list through CLI 589 | - [ ] Restore Function not working properly, need to find FIX 590 | 591 | 592 | ## Credits & Thanks 593 | 594 | Special thanks to: 595 | 596 | - [@ichbinder](https://github.com/ichbinder) for implementing the `-y` parameter for automatic confirmations 597 | 598 | - 🙏 **Special thanks to [zafar-2020](https://github.com/zafar-2020)** for his valuable help with testing and reporting issues during the development of version 3.0.0! 599 | 600 | ## License 601 | 602 | MIT License - see the [LICENSE.md][license] file for details 603 | 604 | [contributors]: https://github.com/Erreur32/nginx-proxy-manager-Bash-API/graphs/contributors 605 | [erreur32]: https://github.com/Erreur32 606 | [issue]: https://github.com/Erreur32/nginx-proxy-manager-Bash-API/issues 607 | [license]: https://github.com/Erreur32/nginx-proxy-manager-Bash-API/blob/main/LICENSE.md 608 | [maintenance-shield]: https://img.shields.io/maintenance/yes/2024.svg 609 | [project-stage-shield]: https://img.shields.io/badge/project%20stage-stable-green.svg 610 | [release-shield]: https://img.shields.io/badge/version-v3.0.1-blue.svg 611 | [release]: https://github.com/Erreur32/nginx-proxy-manager-Bash-API/releases/tag/v3.0.1 612 | [contributors-shield]: https://img.shields.io/github/contributors/Erreur32/nginx-proxy-manager-Bash-API.svg 613 | [license-shield]: https://img.shields.io/github/license/Erreur32/nginx-proxy-manager-Bash-API.svg 614 | [issues-shield]: https://img.shields.io/github/issues/Erreur32/nginx-proxy-manager-Bash-API.svg 615 | [stars-shield]: https://img.shields.io/github/stars/Erreur32/nginx-proxy-manager-Bash-API.svg 616 | [stars]: https://github.com/Erreur32/nginx-proxy-manager-Bash-API/stargazers 617 | 618 | --------------------------------------------------------------------------------