ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-05-01 11:32:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add support for proxy_protocol in proxy_hosts and streams

Browse Source 
Closes #1114
Related To #1882
Related To #3537
Related To #3618

Co-authored-by: jwklijnsma <janwiebe@janwiebe.eu>
Co-authored-by: SBado <16034687+SBado@users.noreply.github.com>
This commit is contained in:
Semjon Nordmann 2024-10-23 22:51:50 +02:00
parent eaf6335694
commit 480c772b98
32 changed files with 282 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
backend/internal/nginx.js
View File

@ -156,7 +156,8 @@ const internalNginx = {
{ssl_forced: host.ssl_forced}, {caching_enabled: host.caching_enabled}, {block_exploits: host.block_exploits},
{allow_websocket_upgrade: host.allow_websocket_upgrade}, {http2_support: host.http2_support},
{hsts_enabled: host.hsts_enabled}, {hsts_subdomains: host.hsts_subdomains}, {access_list: host.access_list},
{certificate: host.certificate}, host.locations[i]);
{certificate: host.certificate}, {proxy_protocol_enabled: host.proxy_protocol_enabled},
{loadbalancer_address: host.loadbalancer_address}, host.locations[i]);
if (locationCopy.forward_host.indexOf('/') > -1) {
const splitted = locationCopy.forward_host.split('/');

56
backend/migrations/20241022221324_proxy_protocol.js Normal file
View File

@ -0,0 +1,56 @@
const migrate_name = 'proxy_protocol';
const logger = require('../logger').migrate;
/**
* Migrate
*
* @see http://knexjs.org/#Schema
*
* @param {Object} knex
* @param {Promise} Promise
* @returns {Promise}
*/
exports.up = function (knex/*, Promise*/) {
logger.info('[' + migrate_name + '] Migrating Up...');
return knex.schema.table('proxy_host', function (proxy_host) {
proxy_host.integer('proxy_protocol_enabled').notNull().defaultTo(0);
proxy_host.string('loadbalancer_address').notNull().defaultTo('');
})
.then(() => {
logger.info('[' + migrate_name + '] proxy_host Table altered');
return knex.schema.table('stream', function (stream) {
stream.integer('proxy_protocol_enabled').notNull().defaultTo(0);
stream.string('loadbalancer_address').notNull().defaultTo('');
})
.then(() => {
logger.info('[' + migrate_name + '] stream Table altered');
});
});
};
/**
* Undo Migrate
*
* @param {Object} knex
* @param {Promise} Promise
* @returns {Promise}
*/
exports.down = function (knex/*, Promise*/) {
return knex.schema.table('proxy_host', function (proxy_host) {
proxy_host.dropColumn('proxy_protocol_enabled');
proxy_host.dropColumn('loadbalancer_address');
})
.then(function () {
logger.info('[' + migrate_name + '] proxy_host Table altered');
return knex.schema.table('stream', function (stream) {
stream.dropColumn('proxy_protocol_enabled');
stream.dropColumn('loadbalancer_address');
})
.then(function () {
logger.info('[' + migrate_name + '] stream Table altered');
});
});
};

1
backend/models/proxy_host.js
View File

@ -21,6 +21,7 @@ const boolFields = [
'enabled',
'hsts_enabled',
'hsts_subdomains',
'proxy_protocol_enabled',
];
class ProxyHost extends Model {

1
backend/models/stream.js
View File

@ -13,6 +13,7 @@ const boolFields = [
'is_deleted',
'tcp_forwarding',
'udp_forwarding',
'proxy_protocol_enabled',
];
class Stream extends Model {

10
backend/schema/common.json
View File

@ -110,6 +110,16 @@
"caching_enabled": {
"description": "Should we cache assets",
"type": "boolean"
},
"proxy_protocol_enabled": {
"description": "Should the proxy_procotol be enabled",
"type": "boolean"
},
"loadbalancer_address": {
"description": "Hostname, IP or CIDR range of the load balancer",
"type": "string",
"minLength": 0,
"maxLength": 255
}
}
}

10
backend/schema/components/proxy-host-object.json
View File

@ -23,7 +23,9 @@
"locations",
"hsts_enabled",
"hsts_subdomains",
"certificate"
"certificate",
"proxy_protocol_enabled",
"loadbalancer_address"
],
"additionalProperties": false,
"properties": {
@ -137,6 +139,12 @@
}
]
},
"proxy_protocol_enabled": {
"$ref": "../common.json#/properties/proxy_protocol_enabled"
},
"loadbalancer_address": {
"$ref": "../common.json#/properties/loadbalancer_address"
},
"owner": {
"$ref": "./user-object.json"
},

8
backend/schema/components/stream-object.json
View File

@ -1,7 +1,7 @@
{
"type": "object",
"description": "Stream object",
"required": ["id", "created_on", "modified_on", "owner_user_id", "incoming_port", "forwarding_host", "forwarding_port", "tcp_forwarding", "udp_forwarding", "enabled", "meta"],
"required": ["id", "created_on", "modified_on", "owner_user_id", "incoming_port", "forwarding_host", "forwarding_port", "tcp_forwarding", "udp_forwarding", "enabled", "meta", "proxy_protocol_enabled", "loadbalancer_address"],
"additionalProperties": false,
"properties": {
"id": {
@ -55,6 +55,12 @@
},
"meta": {
"type": "object"
},
"proxy_protocol_enabled": {
"$ref": "../common.json#/properties/proxy_protocol_enabled"
},
"loadbalancer_address": {
"$ref": "../common.json#/properties/loadbalancer_address"
}
}
}

4
backend/schema/paths/nginx/proxy-hosts/get.json
View File

@ -50,7 +50,9 @@
"enabled": true,
"locations": null,
"hsts_enabled": false,
"hsts_subdomains": false
"hsts_subdomains": false,
"proxy_protocol_enabled": false,
"loadbalancer_address": ""
}
]
}

4
backend/schema/paths/nginx/proxy-hosts/hostID/get.json
View File

@ -50,7 +50,9 @@
"enabled": true,
"locations": null,
"hsts_enabled": false,
"hsts_subdomains": false
"hsts_subdomains": false,
"proxy_protocol_enabled": false,
"loadbalancer_address": ""
}
}
},

8
backend/schema/paths/nginx/proxy-hosts/hostID/put.json
View File

@ -79,6 +79,12 @@
},
"locations": {
"$ref": "../../../../components/proxy-host-object.json#/properties/locations"
},
"proxy_protocol_enabled": {
"$ref": "../../../../components/proxy-host-object.json#/properties/proxy_protocol_enabled"
},
"loadbalancer_address": {
"$ref": "../../../../components/proxy-host-object.json#/properties/loadbalancer_address"
}
}
}
@ -116,6 +122,8 @@
"enabled": true,
"hsts_enabled": false,
"hsts_subdomains": false,
"proxy_protocol_enabled": false,
"loadbalancer_address": "",
"owner": {
"id": 1,
"created_on": "2024-10-07T22:43:55.000Z",

8
backend/schema/paths/nginx/proxy-hosts/post.json
View File

@ -67,6 +67,12 @@
},
"locations": {
"$ref": "../../../components/proxy-host-object.json#/properties/locations"
},
"proxy_protocol_enabled": {
"$ref": "../../../components/proxy-host-object.json#/properties/proxy_protocol_enabled"
},
"loadbalancer_address": {
"$ref": "../../../components/proxy-host-object.json#/properties/loadbalancer_address"
}
}
}
@ -101,6 +107,8 @@
"enabled": true,
"hsts_enabled": false,
"hsts_subdomains": false,
"proxy_protocol_enabled": false,
"loadbalancer_address": "",
"certificate": null,
"owner": {
"id": 1,

2
backend/schema/paths/nginx/streams/get.json
View File

@ -36,6 +36,8 @@
"forwarding_port": 80,
"tcp_forwarding": true,
"udp_forwarding": false,
"proxy_protocol_enabled": false,
"loadbalancer_address": "",
"meta": {
"nginx_online": true,
"nginx_err": null

8
backend/schema/paths/nginx/streams/post.json
View File

@ -32,6 +32,12 @@
"udp_forwarding": {
"$ref": "../../../components/stream-object.json#/properties/udp_forwarding"
},
"proxy_protocol_enabled": {
"$ref": "../../../components/stream-object.json#/properties/proxy_protocol_enabled"
},
"loadbalancer_address": {
"$ref": "../../../components/stream-object.json#/properties/loadbalancer_address"
},
"meta": {
"$ref": "../../../components/stream-object.json#/properties/meta"
}
@ -57,6 +63,8 @@
"forwarding_port": 80,
"tcp_forwarding": true,
"udp_forwarding": false,
"proxy_protocol_enabled": false,
"loadbalancer_address": "",
"meta": {
"nginx_online": true,
"nginx_err": null

2
backend/schema/paths/nginx/streams/streamID/get.json
View File

@ -36,6 +36,8 @@
"forwarding_port": 80,
"tcp_forwarding": true,
"udp_forwarding": false,
"proxy_protocol_enabled": false,
"loadbalancer_address": "",
"meta": {
"nginx_online": true,
"nginx_err": null

8
backend/schema/paths/nginx/streams/streamID/put.json
View File

@ -79,6 +79,12 @@
},
"locations": {
"$ref": "../../../../components/proxy-host-object.json#/properties/locations"
},
"proxy_protocol_enabled": {
"$ref": "../../../../components/proxy-host-object.json#/properties/proxy_protocol_enabled"
},
"loadbalancer_address": {
"$ref": "../../../../components/proxy-host-object.json#/properties/loadbalancer_address"
}
}
}
@ -116,6 +122,8 @@
"enabled": true,
"hsts_enabled": false,
"hsts_subdomains": false,
"proxy_protocol_enabled": false,
"loadbalancer_address": "",
"owner": {
"id": 1,
"created_on": "2024-10-07T22:43:55.000Z",

34
backend/templates/_listen.conf
View File

@ -1,17 +1,31 @@
listen 80;
{% if ipv6 -%}
listen [::]:80;
{% if proxy_protocol_enabled == 1 or proxy_protocol_enabled == true -%}
{% assign port_number_http = "88" -%}
{% assign port_number_https = "444" -%}
{% assign listen_extra_args = "proxy_protocol" -%}
{% else -%}
#listen [::]:80;
{% endif %}
{% assign port_number_http = "80" -%}
{% assign port_number_https = "443" -%}
{% assign listen_extra_args = "" -%}
{% endif -%}
listen {{ port_number_http }} {{ listen_extra_args }};
{% if ipv6 -%}
listen [::]:{{ port_number_http }} {{ listen_extra_args }};
{% else -%}
#listen [::]:{{ port_number_http }} {{ listen_extra_args }};
{% endif -%}
{% if certificate -%}
listen 443 ssl;
{% capture listen_extra_args_https %}ssl {{ listen_extra_args }}{% endcapture -%}
listen {{ port_number_https }} {{ listen_extra_args_https }};
{% if ipv6 -%}
listen [::]:443 ssl;
listen [::]:{{ port_number_https }} {{ listen_extra_args_https }};
{% else -%}
#listen [::]:443;
{% endif %}
{% endif %}
#listen [::]:{{ port_number_https }} {{ listen_extra_args_https }};
{% endif -%}
{% endif -%}
server_name {{ domain_names | join: " " }};
{% if http2_support == 1 or http2_support == true %}
http2 on;

6
backend/templates/_proxy_protocol.conf Normal file
View File

@ -0,0 +1,6 @@
{% if proxy_protocol_enabled == 1 or proxy_protocol_enabled == true %}
{% if loadbalancer_address != '' %}
set_real_ip_from {{ loadbalancer_address }};
real_ip_header proxy_protocol;
{% endif %}
{% endif %}

1
backend/templates/proxy_host.conf
View File

@ -15,6 +15,7 @@ server {
{% include "_exploits.conf" %}
{% include "_hsts.conf" %}
{% include "_forced_ssl.conf" %}
{% include "_proxy_protocol.conf" %}
{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
proxy_set_header Upgrade $http_upgrade;

19
backend/templates/stream.conf
View File

@ -1,31 +1,38 @@
# ------------------------------------------------------------
# {{ incoming_port }} TCP: {{ tcp_forwarding }} UDP: {{ udp_forwarding }}
# ------------------------------------------------------------
{% if proxy_protocol_enabled == 1 or proxy_protocol_enabled == true -%}
{% capture listen_extra_args %}proxy_protocol{% endcapture -%}
{% endif -%}
{% if enabled %}
{% if tcp_forwarding == 1 or tcp_forwarding == true -%}
server {
listen {{ incoming_port }};
listen {{ incoming_port }} {{ listen_extra_args }};
{% if ipv6 -%}
listen [::]:{{ incoming_port }};
listen [::]:{{ incoming_port }} {{ listen_extra_args }};
{% else -%}
#listen [::]:{{ incoming_port }};
#listen [::]:{{ incoming_port }}{{ listen_extra_args }};
{% endif %}
proxy_pass {{ forwarding_host }}:{{ forwarding_port }};
{% include '_proxy_protocol.conf' %}
# Custom
include /data/nginx/custom/server_stream[.]conf;
include /data/nginx/custom/server_stream_tcp[.]conf;
}
{% endif %}
{% if udp_forwarding == 1 or udp_forwarding == true %}
{% # Proxy Protocol is not supported for UDP %}
{% assign listen_extra_args = "" %}
server {
listen {{ incoming_port }} udp;
listen {{ incoming_port }} udp {{ listen_extra_args }};
{% if ipv6 -%}
listen [::]:{{ incoming_port }} udp;
listen [::]:{{ incoming_port }} udp {{ listen_extra_args }};
{% else -%}
#listen [::]:{{ incoming_port }} udp;
#listen [::]:{{ incoming_port }} udp {{ listen_extra_args }};
{% endif %}
proxy_pass {{ forwarding_host }}:{{ forwarding_port }};

3
docker/Dockerfile
View File

@ -35,7 +35,8 @@ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
COPY docker/scripts/install-s6 /tmp/install-s6
RUN /tmp/install-s6 "${TARGETPLATFORM}" && rm -f /tmp/install-s6
EXPOSE 80 81 443
# http admin_ui http_proxy_protocol https https_proxy_protocol
EXPOSE 80 81 88 443 444
COPY backend /app
COPY frontend/dist /app/frontend

3
docker/dev/Dockerfile
View File

@ -35,5 +35,6 @@ RUN rm -f /etc/nginx/conf.d/production.conf \
COPY --from=pebbleca /test/certs/pebble.minica.pem /etc/ssl/certs/pebble.minica.pem
COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/certs/NginxProxyManager.crt
EXPOSE 80 81 443
# http admin_ui http_proxy_protocol https https_proxy_protocol
EXPOSE 80 81 88 443 444
ENTRYPOINT [ "/init" ]

2
docker/docker-compose.dev.yml
View File

@ -10,7 +10,9 @@ services:
ports:
- 3080:80
- 3081:81
- 3088:88
- 3443:443
- 3444:444
networks:
nginx_proxy_manager:
aliases:

24
docs/src/advanced-config/index.md
View File

@ -222,3 +222,27 @@ To enable the geoip2 module, you can create the custom configuration file `/data
load_module /usr/lib/nginx/modules/ngx_http_geoip2_module.so;
load_module /usr/lib/nginx/modules/ngx_stream_geoip2_module.so;
```
## Enabling PROXY protocol for Proxy Hosts
When running NPM behind a load balancer, you might want to use the [PROXY procotol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) to receive client information such as the source IP address (useful for banning IPs).
When configuring the PROXY protocol for proxy hosts, NPM uses the ports 88 for http and 444 for https traffic to allow you to decide on a per host basis whether to use the PROSY protocol.
To enable the PROXY protocol for your hosts you need to perform the following steps:
1. Expose the ports `88` (and `444` is applicable) by adjusting your `docker-compose.yml`
2. Edit your proxy hosts to enable the PROXY protocol
3. Edit your upstream load balancer to redirect traffic to the port `88`/`444` and enable the PROXY protocol
## Enabling PROXY protocol for Streams
When running NPM behind a load balancer, you might want to use the [PROXY procotol](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) to receive client information such as the source IP address (useful for banning IPs).
Keep in mind that the PROXY procotol cannot be enabled for udp endpoints.
To enable the PROXY protocol for streams:
1. Expose the desired port by adjusting you `docker-compose.yml`
2. Edit the Stream to enable the PROXY protocol
3. Edit your upstream load balancer to enable the PROXY protocol

2
docs/src/setup/index.md
View File

@ -19,6 +19,8 @@ services:
- '80:80' # Public HTTP Port
- '443:443' # Public HTTPS Port
- '81:81' # Admin Web Port
# - '88:88' # Public HTTP Port with proxy_protocol enabled
# - '444:444' # Public HTTPS Port with proxy_protocol enabled
# Add any other Stream port you want to expose
# - '21:21' # FTP

20
frontend/js/app/nginx/proxy/form.ejs
View File

@ -72,7 +72,7 @@
</label>
</div>
</div>
<div class="col-sm-12 col-md-12">
<div class="col-sm-6 col-md-6">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="allow_websocket_upgrade" value="1"<%- allow_websocket_upgrade ? ' checked' : '' %>>
@ -81,6 +81,24 @@
</label>
</div>
</div>
<div class="col-sm-6 col-md-6">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="proxy_protocol_enabled" value="1"<%- proxy_protocol_enabled ? ' checked' : '' %>>
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%- i18n('proxy-hosts', 'enable-proxy-protocol') %><a href="https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/#introduction" target="_blank"><i class="fe fe-help-circle"></i></a></span>
</label>
</div>
</div>
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('proxy-hosts', 'load-balancer-ip') %> <a href="https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/#changing-the-load-balancers-ip-address-to-the-client-ip-address" target="_blank"><i class="fe fe-help-circle"></i></a></label>
<input type="text" name="loadbalancer_address" class="form-control text-monospace" placeholder="" value="<%- loadbalancer_address %>" autocomplete="off" maxlength="255" <%- proxy_protocol_enabled ? '' : ' disabled' %>>
</div>
</div>
<div class="col-sm-12 col-md-12">
<div class="form-group">

14
frontend/js/app/nginx/proxy/form.js
View File

@ -43,7 +43,9 @@ module.exports = Mn.View.extend({
dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]',
propagation_seconds: 'input[name="meta[propagation_seconds]"]',
forward_scheme: 'select[name="forward_scheme"]',
letsencrypt: '.letsencrypt'
letsencrypt: '.letsencrypt',
proxy_protocol_enabled: 'input[name="proxy_protocol_enabled"]',
loadbalancer_address: 'input[name="loadbalancer_address"]',
},
regions: {
@ -101,6 +103,14 @@ module.exports = Mn.View.extend({
}
},
'change @ui.proxy_protocol_enabled': function () {
let checked = this.ui.proxy_protocol_enabled.prop('checked');
this.ui.loadbalancer_address
.prop('disabled', !checked)
.parents('.form-group')
.css('opacity', checked ? 1 : 0.5);
},
'change @ui.dns_challenge_switch': function () {
const checked = this.ui.dns_challenge_switch.prop('checked');
if (checked) {
@ -167,6 +177,7 @@ module.exports = Mn.View.extend({
data.hsts_enabled = !!data.hsts_enabled;
data.hsts_subdomains = !!data.hsts_subdomains;
data.ssl_forced = !!data.ssl_forced;
data.proxy_protocol_enabled = !!data.proxy_protocol_enabled;
if (typeof data.meta === 'undefined') data.meta = {};
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1;
@ -266,6 +277,7 @@ module.exports = Mn.View.extend({
this.ui.ssl_forced.trigger('change');
this.ui.hsts_enabled.trigger('change');
this.ui.proxy_protocol_enabled.trigger('change');
// Domain names
this.ui.domain_names.selectize({

18
frontend/js/app/nginx/stream/form.ejs
View File

@ -42,6 +42,24 @@
</label>
</div>
</div>
<div class="col-sm-6 col-md-6">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="proxy_protocol_enabled" value="1"<%- proxy_protocol_enabled ? ' checked' : '' %>>
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%- i18n('streams', 'enable-proxy-protocol') %><a href="https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/#introduction" target="_blank"><i class="fe fe-help-circle"></i></a></span>
</label>
</div>
</div>
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('streams', 'load-balancer-ip') %><a href="https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/#changing-the-load-balancers-ip-address-to-the-client-ip-address" target="_blank"><i class="fe fe-help-circle"></i></a></label>
<input type="text" name="loadbalancer_address" class="form-control text-monospace" placeholder="" value="<%- loadbalancer_address %>" autocomplete="off" maxlength="255" <%- proxy_protocol_enabled ? '' : ' disabled' %>>
</div>
</div>
<div class="col-sm-12 col-md-12">
<div class="forward-type-error invalid-feedback"><%- i18n('streams', 'forward-type-error') %></div>
</div>

14
frontend/js/app/nginx/stream/form.js
View File

@ -14,6 +14,8 @@ module.exports = Mn.View.extend({
ui: {
form: 'form',
forwarding_host: 'input[name="forwarding_host"]',
proxy_protocol_enabled: 'input[name="proxy_protocol_enabled"]',
loadbalancer_address: 'input[name="loadbalancer_address"]',
type_error: '.forward-type-error',
buttons: '.modal-footer button',
switches: '.custom-switch-input',
@ -25,6 +27,13 @@ module.exports = Mn.View.extend({
'change @ui.switches': function () {
this.ui.type_error.hide();
},
'change @ui.proxy_protocol_enabled': function () {
let checked = this.ui.proxy_protocol_enabled.prop('checked');
this.ui.loadbalancer_address
.prop('disabled', !checked)
.parents('.form-group')
.css('opacity', checked ? 1 : 0.5);
},
'click @ui.save': function (e) {
e.preventDefault();
@ -47,6 +56,7 @@ module.exports = Mn.View.extend({
data.forwarding_port = parseInt(data.forwarding_port, 10);
data.tcp_forwarding = !!data.tcp_forwarding;
data.udp_forwarding = !!data.udp_forwarding;
data.proxy_protocol_enabled = !!data.proxy_protocol_enabled;
let method = App.Api.Nginx.Streams.create;
let is_new = true;
@ -76,6 +86,10 @@ module.exports = Mn.View.extend({
}
},
onRender: function () {
this.ui.proxy_protocol_enabled.trigger('change');
},
initialize: function (options) {
if (typeof options.model === 'undefined' || !options.model) {
this.model = new StreamModel.Model();

8
frontend/js/i18n/messages.json
View File

@ -133,7 +133,9 @@
"allow-websocket-upgrade": "Websockets Support",
"ignore-invalid-upstream-ssl": "Ignore Invalid SSL",
"custom-forward-host-help": "Add a path for sub-folder forwarding.\nExample: 203.0.113.25/path/",
"search": "Search Host…"
"search": "Search Host…",
"enable-proxy-protocol": "Enable Proxy Protocol",
"load-balancer-ip": "Load balancer or TCP proxy IP / CIDR range"
},
"redirection-hosts": {
"title": "Redirection Hosts",
@ -179,7 +181,9 @@
"delete-confirm": "Are you sure you want to delete this Stream?",
"help-title": "What is a Stream?",
"help-content": "A relatively new feature for Nginx, a Stream will serve to forward TCP/UDP traffic directly to another computer on the network.\nIf you're running game servers, FTP or SSH servers this can come in handy.",
"search": "Search Incoming Port…"
"search": "Search Incoming Port…",
"enable-proxy-protocol": "Enable Proxy Protocol",
"load-balancer-ip": "Load balancer or TCP proxy IP / CIDR range"
},
"certificates": {
"title": "SSL Certificates",

2
frontend/js/models/proxy-host.js
View File

@ -21,6 +21,8 @@ const model = Backbone.Model.extend({
allow_websocket_upgrade: false,
block_exploits: false,
http2_support: false,
proxy_protocol_enabled: false,
loadbalancer_address: '',
advanced_config: '',
enabled: true,
meta: {},

2
frontend/js/models/stream.js
View File

@ -13,6 +13,8 @@ const model = Backbone.Model.extend({
forwarding_port: null,
tcp_forwarding: true,
udp_forwarding: false,
proxy_protocol_enabled: false,
loadbalancer_address: "",
enabled: true,
meta: {},
// The following are expansions:

4
test/cypress/e2e/api/ProxyHosts.cy.js
View File

@ -32,7 +32,9 @@ describe('Proxy Hosts endpoints', () => {
http2_support: false,
hsts_enabled: false,
hsts_subdomains: false,
ssl_forced: false
ssl_forced: false,
proxy_protocol_enabled: false,
loadbalancer_address: '',
}
}).then((data) => {
cy.validateSwaggerSchema('post', 201, '/nginx/proxy-hosts', data);