ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-08-20 16:07:39 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

add PROXY to stream hosts.

Browse Source
This commit is contained in:
baudneo
2022-10-10 13:59:59 -06:00
parent b8978cb955
commit 5970b74321
11 changed files with 170 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
backend/internal/nginx.js
View File

@@ -158,6 +158,9 @@ const internalNginx = {
let locationCopy = Object.assign({}, {access_list_id: host.access_list_id}, {certificate_id: host.certificate_id},
{ssl_forced: host.ssl_forced}, {caching_enabled: host.caching_enabled}, {block_exploits: host.block_exploits},
{allow_websocket_upgrade: host.allow_websocket_upgrade}, {enable_proxy_protocol: host.enable_proxy_protocol},
{stream_enable_proxy_protocol: host.stream_enable_proxy_protocol},
{stream_allow_proxy_protocol: host.stream_allow_proxy_protocol},
{stream_load_balancer_ip: host.stream_load_balancer_ip},
{load_balancer_ip: host.load_balancer_ip}, {http2_support: host.http2_support},
{hsts_enabled: host.hsts_enabled}, {hsts_subdomains: host.hsts_subdomains}, {access_list: host.access_list},
{certificate: host.certificate}, host.locations[i]);

12
backend/migrations/22021009153423_proxy_protocol.js
View File

@@ -12,15 +12,21 @@ const logger = require('../logger').migrate;
*/
exports.up = function (knex/*, Promise*/) {
logger.info('[' + migrate_name + '] Migrating Up...');
return knex.schema.table('proxy_host', function (proxy_host) {
let ret = knex.schema.table('proxy_host', function (proxy_host) {
proxy_host.integer('enable_proxy_protocol').notNull().unsigned().defaultTo(0);
proxy_host.string('load_balancer_ip').notNull().defaultTo('');
})
.then(() => {
logger.info('[' + migrate_name + '] proxy_host Table altered - PROXY protocol added');
}).catch((err) => {
logger.error('[' + migrate_name + '] Error migrating up: ' + err);
ret = Promise.resolve(true);
});
if (!ret) {
logger.error('[' + migrate_name + '] ERROR MIGRATING UP');
ret = Promise.resolve(true);
}
return ret;
};
/**

49
backend/migrations/22021010135303_stream_proxy_protocol.js Normal file
View File

@@ -0,0 +1,49 @@
const migrate_name = 'stream_proxy_protocol';
const logger = require('../logger').migrate;
/**
* Migrate
*
* @see http://knexjs.org/#Schema
*
* @param {Object} knex
* @param {Promise} Promise
* @returns {Promise}
*/
exports.up = function (knex/*, Promise*/) {
logger.info('[' + migrate_name + '] Migrating Up...');
let ret = knex.schema.table('stream', function (stream) {
stream.integer('stream_enable_proxy_protocol').notNull().unsigned().defaultTo(0);
stream.integer('stream_access_proxy_protocol').notNull().unsigned().defaultTo(0);
stream.string('stream_load_balancer_ip').notNull().defaultTo('');
})
.then(() => {
logger.info('[' + migrate_name + '] stream Table altered - PROXY protocol added');
}).catch((err) => {
logger.error('[' + migrate_name + '] Error migrating up: ' + err);
});
if (!ret) {
logger.error('[' + migrate_name + '] ERROR MIGRATING UP');
}
};
/**
* Undo Migrate
*
* @param {Object} knex
* @param {Promise} Promise
* @returns {Promise}
*/
exports.down = function (knex/*, Promise*/) {
return knex.schema.table('stream', (stream) => {
stream.dropColumn('stream_enable_proxy_protocol');
stream.dropColumn('stream_access_proxy_protocol');
stream.dropColumn('stream_load_balancer_ip');
})
.then(function () {
logger.info('[' + migrate_name + '] MIGRATING DOWN stream Table altered - PROXY protocol removed');
});
// logger.warn('[' + migrate_name + '] You can\'t migrate down this one.');
// return Promise.resolve(true);
};

3
backend/schema/endpoints/proxy-hosts.json
View File

@@ -59,11 +59,12 @@
"type": "boolean"
},
"enable_proxy_protocol": {
"description": "Enable PROXY Protocol support",
"description": "Enable PROXY Protocol support (Pass through)",
"example": true,
"type": "boolean"
},
"load_balancer_ip": {
"description": "Authorized TCP Load Balancer IP / CIDR for setting 'set_real_ip_from'",
"type": "string",
"minLength": 0,
"maxLength": 255

51
backend/schema/endpoints/streams.json
View File

@@ -46,6 +46,22 @@
"udp_forwarding": {
"type": "boolean"
},
"stream_enable_proxy_protocol": {
"description": "Enable PROXY Protocol creation and override",
"example": true,
"type": "boolean"
},
"stream_allow_proxy_protocol": {
"description": "Enable PROXY Protocol passthrough",
"example": true,
"type": "boolean"
},
"stream_load_balancer_ip": {
"description": "Authorized TCP Load Balancer IP / CIDR for setting 'set_real_ip_from'",
"type": "string",
"minLength": 0,
"maxLength": 255
},
"enabled": {
"$ref": "../definitions.json#/definitions/enabled"
},
@@ -78,6 +94,15 @@
"udp_forwarding": {
"$ref": "#/definitions/udp_forwarding"
},
"stream_allow_proxy_protocol": {
"$ref": "#/definitions/stream_allow_proxy_protocol"
},
"stream_enable_proxy_protocol": {
"$ref": "#/definitions/stream_enable_proxy_protocol"
},
"stream_load_balancer_ip": {
"$ref": "#/definitions/stream_load_balancer_ip"
},
"enabled": {
"$ref": "#/definitions/enabled"
},
@@ -88,7 +113,7 @@
"links": [
{
"title": "List",
"description": "Returns a list of Steams",
"description": "Returns a list of Streams",
"href": "/nginx/streams",
"access": "private",
"method": "GET",
@@ -137,6 +162,15 @@
"udp_forwarding": {
"$ref": "#/definitions/udp_forwarding"
},
"stream_allow_proxy_protocol": {
"$ref": "#/definitions/stream_allow_proxy_protocol"
},
"stream_enable_proxy_protocol": {
"$ref": "#/definitions/stream_enable_proxy_protocol"
},
"stream_load_balancer_ip": {
"$ref": "#/definitions/stream_load_balancer_ip"
},
"meta": {
"$ref": "#/definitions/meta"
}
@@ -177,6 +211,15 @@
"udp_forwarding": {
"$ref": "#/definitions/udp_forwarding"
},
"stream_allow_proxy_protocol": {
"$ref": "#/definitions/stream_allow_proxy_protocol"
},
"stream_enable_proxy_protocol": {
"$ref": "#/definitions/stream_enable_proxy_protocol"
},
"stream_load_balancer_ip": {
"$ref": "#/definitions/stream_load_balancer_ip"
},
"meta": {
"$ref": "#/definitions/meta"
}
@@ -190,7 +233,7 @@
},
{
"title": "Delete",
"description": "Deletes a existing Stream",
"description": "Deletes an existing Stream",
"href": "/nginx/streams/{definitions.identity.example}",
"access": "private",
"method": "DELETE",
@@ -204,7 +247,7 @@
},
{
"title": "Enable",
"description": "Enables a existing Stream",
"description": "Enables an existing Stream",
"href": "/nginx/streams/{definitions.identity.example}/enable",
"access": "private",
"method": "POST",
@@ -218,7 +261,7 @@
},
{
"title": "Disable",
"description": "Disables a existing Stream",
"description": "Disables an existing Stream",
"href": "/nginx/streams/{definitions.identity.example}/disable",
"access": "private",
"method": "POST",

5
backend/templates/_stream_proxy_protocol.conf Normal file
View File

@@ -0,0 +1,5 @@
{%if stream_allow_proxy_protocol == 1 or stream_allow_proxy_protocol == true %}
{% if stream_load_balancer_ip != '' %}
set_real_ip_from {{ stream_load_balancer_ip }};
{% endif %}
{% endif %}

9
backend/templates/stream.conf
View File

@@ -5,13 +5,16 @@
{% if enabled %}
{% if tcp_forwarding == 1 or tcp_forwarding == true -%}
server {
listen {{ incoming_port }};
listen {{ incoming_port }}{% if stream_allow_proxy_protocol == 1 or stream_allow_proxy_protocol == true%} proxy_protocol{% endif %};
{% if ipv6 -%}
listen [::]:{{ incoming_port }};
listen [::]:{{ incoming_port }}{% if stream_allow_proxy_protocol == 1 or stream_allow_proxy_protocol == true%} proxy_protocol{% endif %};
{% else -%}
#listen [::]:{{ incoming_port }};
{% endif %}
{%if stream_enable_proxy_protocol == 1 or stream_enable_proxy_protocol == true%}
proxy_protocol on;
{% endif %}
{% include '_stream_proxy_protocol.conf' %}
proxy_pass {{ forwarding_host }}:{{ forwarding_port }};
# Custom