Features/nginx custom (#46)

* feat: update DomainDialog to DomainDialogV2 with advanced configuration options

- Replaced DomainDialog with DomainDialogV2 in Domains component.
- Added new fields for advanced domain settings including real IP configuration, HSTS, HTTP/2, gRPC support, and custom location blocks.
- Updated Domain type to include new properties for advanced settings.
- Created migration script to add new columns for advanced settings in the database.

* feat: Implement Access Lists management UI and functionality

- Added AccessListFormDialog component for creating and editing access lists.
- Introduced AccessListsContent component to display and manage access lists.
- Created PaginationControls component for navigating through access lists.
- Developed access-lists.service.ts for API interactions related to access lists.
- Implemented query options for fetching access lists and handling mutations.
- Added routes for access lists management under the authenticated section.
- Integrated search and filter functionalities for access lists.
- Enhanced user experience with loading skeletons during data fetching.

* feat: Enhance security by validating usernames and escaping passwords in Nginx config service

* feat: Add WebSocket support headers in Nginx configuration

* feat: Implement Backup Service with backup scheduling and nginx configuration management

Author: nguyenthuyendieu4

.gitignore

@@ -46,4 +46,5 @@ landing/*
 .pnpm-store/
 .seeded
 *.md
-/docs/*
+/docs/*
+test-*

README.md

@@ -601,7 +601,7 @@ curl -X POST http://localhost:3001/api/auth/login \
 
 ## 📄 License
 
-This project is licensed under the **MIT License** - see the [LICENSE](LICENSE) file for details.
+This project is licensed under the **License** - see the [LICENSE](LICENSE) file for details.
 
 ## 👥 Support & Community
 

apps/api/prisma/migrations/20251014043307_add_domain_advanced_settings/migration.sql

@@ -0,0 +1,5 @@
+-- AlterTable
+ALTER TABLE "domains" ADD COLUMN     "customLocations" JSONB,
+ADD COLUMN     "grpcEnabled" BOOLEAN NOT NULL DEFAULT false,
+ADD COLUMN     "hstsEnabled" BOOLEAN NOT NULL DEFAULT false,
+ADD COLUMN     "http2Enabled" BOOLEAN NOT NULL DEFAULT true;

apps/api/prisma/migrations/20251014102338_add_access_lists_management/migration.sql

@@ -0,0 +1,74 @@
+-- CreateEnum
+CREATE TYPE "AccessListType" AS ENUM ('ip_whitelist', 'http_basic_auth', 'combined');
+
+-- CreateTable
+CREATE TABLE "access_lists" (
+    "id" TEXT NOT NULL,
+    "name" TEXT NOT NULL,
+    "description" TEXT,
+    "type" "AccessListType" NOT NULL,
+    "enabled" BOOLEAN NOT NULL DEFAULT true,
+    "allowedIps" TEXT[] DEFAULT ARRAY[]::TEXT[],
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "access_lists_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "access_list_auth_users" (
+    "id" TEXT NOT NULL,
+    "accessListId" TEXT NOT NULL,
+    "username" TEXT NOT NULL,
+    "passwordHash" TEXT NOT NULL,
+    "description" TEXT,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "access_list_auth_users_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "access_list_domains" (
+    "id" TEXT NOT NULL,
+    "accessListId" TEXT NOT NULL,
+    "domainId" TEXT NOT NULL,
+    "enabled" BOOLEAN NOT NULL DEFAULT true,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "access_list_domains_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "access_lists_name_key" ON "access_lists"("name");
+
+-- CreateIndex
+CREATE INDEX "access_lists_type_idx" ON "access_lists"("type");
+
+-- CreateIndex
+CREATE INDEX "access_lists_enabled_idx" ON "access_lists"("enabled");
+
+-- CreateIndex
+CREATE INDEX "access_list_auth_users_accessListId_idx" ON "access_list_auth_users"("accessListId");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "access_list_auth_users_accessListId_username_key" ON "access_list_auth_users"("accessListId", "username");
+
+-- CreateIndex
+CREATE INDEX "access_list_domains_accessListId_idx" ON "access_list_domains"("accessListId");
+
+-- CreateIndex
+CREATE INDEX "access_list_domains_domainId_idx" ON "access_list_domains"("domainId");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "access_list_domains_accessListId_domainId_key" ON "access_list_domains"("accessListId", "domainId");
+
+-- AddForeignKey
+ALTER TABLE "access_list_auth_users" ADD CONSTRAINT "access_list_auth_users_accessListId_fkey" FOREIGN KEY ("accessListId") REFERENCES "access_lists"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "access_list_domains" ADD CONSTRAINT "access_list_domains_accessListId_fkey" FOREIGN KEY ("accessListId") REFERENCES "access_lists"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "access_list_domains" ADD CONSTRAINT "access_list_domains_domainId_fkey" FOREIGN KEY ("domainId") REFERENCES "domains"("id") ON DELETE CASCADE ON UPDATE CASCADE;

apps/api/prisma/schema.prisma

@@ -183,12 +183,19 @@ model Domain {
   realIpCloudflare Boolean  @default(false) // Use Cloudflare IP ranges
   realIpCustomCidrs String[] @default([])    // Custom CIDR ranges for set_real_ip_from
 
+  // Advanced Configuration
+  hstsEnabled      Boolean @default(false) // HTTP Strict Transport Security
+  http2Enabled     Boolean @default(true)  // Enable HTTP/2
+  grpcEnabled      Boolean @default(false) // Enable gRPC/gRPCs support
+  customLocations  Json?                   // Custom location blocks configuration
+
   // Relations
   upstreams      Upstream[]
   loadBalancer   LoadBalancerConfig?
   sslCertificate SSLCertificate?
   modsecCRSRules ModSecCRSRule[]
   modsecRules    ModSecRule[]
+  accessLists    AccessListDomain[]
 
   createdAt DateTime @default(now())
   updatedAt DateTime @updatedAt
@@ -454,6 +461,73 @@ model AclRule {
   @@map("acl_rules")
 }
 
+// Access Lists Management Models
+
+enum AccessListType {
+  ip_whitelist
+  http_basic_auth
+  combined // Both IP and Basic Auth
+}
+
+model AccessList {
+  id          String         @id @default(cuid())
+  name        String         @unique
+  description String?        @db.Text
+  type        AccessListType
+  enabled     Boolean        @default(true)
+
+  // IP Whitelist configuration
+  allowedIps String[] @default([]) // List of allowed IP addresses/CIDR
+
+  // HTTP Basic Auth configuration
+  authUsers AccessListAuthUser[]
+
+  // Relations to domains
+  domains AccessListDomain[]
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+
+  @@index([type])
+  @@index([enabled])
+  @@map("access_lists")
+}
+
+model AccessListAuthUser {
+  id           String     @id @default(cuid())
+  accessListId String
+  accessList   AccessList @relation(fields: [accessListId], references: [id], onDelete: Cascade)
+
+  username     String
+  passwordHash String // Plain text password - will be hashed by htpasswd tool with apr1/MD5 format
+  description  String?
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+
+  @@unique([accessListId, username])
+  @@index([accessListId])
+  @@map("access_list_auth_users")
+}
+
+model AccessListDomain {
+  id           String     @id @default(cuid())
+  accessListId String
+  accessList   AccessList @relation(fields: [accessListId], references: [id], onDelete: Cascade)
+  domainId     String
+  domain       Domain     @relation(fields: [domainId], references: [id], onDelete: Cascade)
+
+  enabled Boolean @default(true)
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+
+  @@unique([accessListId, domainId])
+  @@index([accessListId])
+  @@index([domainId])
+  @@map("access_list_domains")
+}
+
 model PerformanceMetric {
   id           String   @id @default(cuid())
   domain       String