mirror of
https://github.com/jc21/nginx-proxy-manager.git
synced 2024-08-30 18:22:48 +00:00
Revert ignoring ssl proxy errors, doesn't make a difference
This commit is contained in:
Jamie Curnow
parent
86ad7d6238
commit
2657bcf30c
@ -48,11 +48,6 @@ const internalProxyHost = {
|
|||||||
// At this point the domains should have been checked
|
// At this point the domains should have been checked
|
||||||
data.owner_user_id = access.token.getUserId(1);
|
data.owner_user_id = access.token.getUserId(1);
|
||||||
|
|
||||||
// Ignoring upstream ssl errors only applies when upstream scheme is https
|
|
||||||
if (data.forward_scheme === 'http') {
|
|
||||||
data.ignore_invalid_upstream_ssl = false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return proxyHostModel
|
return proxyHostModel
|
||||||
.query()
|
.query()
|
||||||
.omit(omissions())
|
.omit(omissions())
|
||||||
@ -170,11 +165,6 @@ const internalProxyHost = {
|
|||||||
domain_names: row.domain_names
|
domain_names: row.domain_names
|
||||||
}, data);
|
}, data);
|
||||||
|
|
||||||
// Ignoring upstream ssl errors only applies when upstream scheme is https
|
|
||||||
if (typeof data.forward_scheme !== 'undefined' && data.forward_scheme === 'http') {
|
|
||||||
data.ignore_invalid_upstream_ssl = false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return proxyHostModel
|
return proxyHostModel
|
||||||
.query()
|
.query()
|
||||||
.where({id: data.id})
|
.where({id: data.id})
|
||||||
|
|||||||
@ -17,7 +17,6 @@ exports.up = function (knex/*, Promise*/) {
|
|||||||
|
|
||||||
return knex.schema.table('proxy_host', function (proxy_host) {
|
return knex.schema.table('proxy_host', function (proxy_host) {
|
||||||
proxy_host.string('forward_scheme').notNull().defaultTo('http');
|
proxy_host.string('forward_scheme').notNull().defaultTo('http');
|
||||||
proxy_host.integer('ignore_invalid_upstream_ssl').notNull().unsigned().defaultTo(0);
|
|
||||||
})
|
})
|
||||||
.then(() => {
|
.then(() => {
|
||||||
logger.info('[' + migrate_name + '] proxy_host Table altered');
|
logger.info('[' + migrate_name + '] proxy_host Table altered');
|
||||||
|
|||||||
@ -52,11 +52,6 @@
|
|||||||
"example": true,
|
"example": true,
|
||||||
"type": "boolean"
|
"type": "boolean"
|
||||||
},
|
},
|
||||||
"ignore_invalid_upstream_ssl": {
|
|
||||||
"description": "Ignore invalid upstream SSL certificates",
|
|
||||||
"example": true,
|
|
||||||
"type": "boolean"
|
|
||||||
},
|
|
||||||
"access_list_id": {
|
"access_list_id": {
|
||||||
"$ref": "../definitions.json#/definitions/access_list_id"
|
"$ref": "../definitions.json#/definitions/access_list_id"
|
||||||
},
|
},
|
||||||
@ -107,9 +102,6 @@
|
|||||||
"allow_websocket_upgrade": {
|
"allow_websocket_upgrade": {
|
||||||
"$ref": "#/definitions/allow_websocket_upgrade"
|
"$ref": "#/definitions/allow_websocket_upgrade"
|
||||||
},
|
},
|
||||||
"ignore_invalid_upstream_ssl": {
|
|
||||||
"$ref": "#/definitions/ignore_invalid_upstream_ssl"
|
|
||||||
},
|
|
||||||
"access_list_id": {
|
"access_list_id": {
|
||||||
"$ref": "#/definitions/access_list_id"
|
"$ref": "#/definitions/access_list_id"
|
||||||
},
|
},
|
||||||
@ -188,9 +180,6 @@
|
|||||||
"allow_websocket_upgrade": {
|
"allow_websocket_upgrade": {
|
||||||
"$ref": "#/definitions/allow_websocket_upgrade"
|
"$ref": "#/definitions/allow_websocket_upgrade"
|
||||||
},
|
},
|
||||||
"ignore_invalid_upstream_ssl": {
|
|
||||||
"$ref": "#/definitions/ignore_invalid_upstream_ssl"
|
|
||||||
},
|
|
||||||
"access_list_id": {
|
"access_list_id": {
|
||||||
"$ref": "#/definitions/access_list_id"
|
"$ref": "#/definitions/access_list_id"
|
||||||
},
|
},
|
||||||
@ -252,9 +241,6 @@
|
|||||||
"allow_websocket_upgrade": {
|
"allow_websocket_upgrade": {
|
||||||
"$ref": "#/definitions/allow_websocket_upgrade"
|
"$ref": "#/definitions/allow_websocket_upgrade"
|
||||||
},
|
},
|
||||||
"ignore_invalid_upstream_ssl": {
|
|
||||||
"$ref": "#/definitions/ignore_invalid_upstream_ssl"
|
|
||||||
},
|
|
||||||
"access_list_id": {
|
"access_list_id": {
|
||||||
"$ref": "#/definitions/access_list_id"
|
"$ref": "#/definitions/access_list_id"
|
||||||
},
|
},
|
||||||
|
|||||||
@ -23,11 +23,11 @@ server {
|
|||||||
|
|
||||||
{% include "_forced_ssl.conf" %}
|
{% include "_forced_ssl.conf" %}
|
||||||
|
|
||||||
{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
|
{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
proxy_set_header Connection "upgrade";
|
proxy_set_header Connection "upgrade";
|
||||||
proxy_http_version 1.1;
|
proxy_http_version 1.1;
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
# Proxy!
|
# Proxy!
|
||||||
include conf.d/include/proxy.conf;
|
include conf.d/include/proxy.conf;
|
||||||
|
|||||||
@ -59,7 +59,7 @@
|
|||||||
</label>
|
</label>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="col-sm-6 col-md-6">
|
<div class="col-sm-12 col-md-12">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label class="custom-switch">
|
<label class="custom-switch">
|
||||||
<input type="checkbox" class="custom-switch-input" name="allow_websocket_upgrade" value="1"<%- allow_websocket_upgrade ? ' checked' : '' %>>
|
<input type="checkbox" class="custom-switch-input" name="allow_websocket_upgrade" value="1"<%- allow_websocket_upgrade ? ' checked' : '' %>>
|
||||||
@ -69,16 +69,6 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="col-sm-6 col-md-6">
|
|
||||||
<div class="form-group">
|
|
||||||
<label class="custom-switch">
|
|
||||||
<input type="checkbox" class="custom-switch-input" name="ignore_invalid_upstream_ssl" value="1"<%- ignore_invalid_upstream_ssl ? ' checked' : '' %>>
|
|
||||||
<span class="custom-switch-indicator"></span>
|
|
||||||
<span class="custom-switch-description"><%- i18n('proxy-hosts', 'ignore-invalid-upstream-ssl') %></span>
|
|
||||||
</label>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="col-sm-12 col-md-12">
|
<div class="col-sm-12 col-md-12">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label class="form-label"><%- i18n('proxy-hosts', 'access-list') %></label>
|
<label class="form-label"><%- i18n('proxy-hosts', 'access-list') %></label>
|
||||||
|
|||||||
@ -27,19 +27,10 @@ module.exports = Mn.View.extend({
|
|||||||
ssl_forced: 'input[name="ssl_forced"]',
|
ssl_forced: 'input[name="ssl_forced"]',
|
||||||
http2_support: 'input[name="http2_support"]',
|
http2_support: 'input[name="http2_support"]',
|
||||||
forward_scheme: 'select[name="forward_scheme"]',
|
forward_scheme: 'select[name="forward_scheme"]',
|
||||||
ignore_ssl: 'input[name="ignore_invalid_upstream_ssl"]',
|
|
||||||
letsencrypt: '.letsencrypt'
|
letsencrypt: '.letsencrypt'
|
||||||
},
|
},
|
||||||
|
|
||||||
events: {
|
events: {
|
||||||
'change @ui.forward_scheme': function () {
|
|
||||||
let val = this.ui.forward_scheme.val();
|
|
||||||
this.ui.ignore_ssl
|
|
||||||
.prop('disabled', val === 'http')
|
|
||||||
.parents('.form-group')
|
|
||||||
.css('opacity', val === 'https' ? 1 : 0.5);
|
|
||||||
},
|
|
||||||
|
|
||||||
'change @ui.certificate_select': function () {
|
'change @ui.certificate_select': function () {
|
||||||
let id = this.ui.certificate_select.val();
|
let id = this.ui.certificate_select.val();
|
||||||
if (id === 'new') {
|
if (id === 'new') {
|
||||||
@ -71,7 +62,6 @@ module.exports = Mn.View.extend({
|
|||||||
data.block_exploits = !!data.block_exploits;
|
data.block_exploits = !!data.block_exploits;
|
||||||
data.caching_enabled = !!data.caching_enabled;
|
data.caching_enabled = !!data.caching_enabled;
|
||||||
data.allow_websocket_upgrade = !!data.allow_websocket_upgrade;
|
data.allow_websocket_upgrade = !!data.allow_websocket_upgrade;
|
||||||
data.ignore_invalid_upstream_ssl = data.forward_scheme === 'https' ? !!data.ignore_invalid_upstream_ssl : false;
|
|
||||||
|
|
||||||
if (typeof data.ssl_forced !== 'undefined' && data.ssl_forced === '1') {
|
if (typeof data.ssl_forced !== 'undefined' && data.ssl_forced === '1') {
|
||||||
data.ssl_forced = true;
|
data.ssl_forced = true;
|
||||||
@ -215,8 +205,6 @@ module.exports = Mn.View.extend({
|
|||||||
view.ui.certificate_select[0].selectize.setValue(view.model.get('certificate_id'));
|
view.ui.certificate_select[0].selectize.setValue(view.model.get('certificate_id'));
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
this.ui.forward_scheme.trigger('change');
|
|
||||||
},
|
},
|
||||||
|
|
||||||
initialize: function (options) {
|
initialize: function (options) {
|
||||||
|
|||||||
@ -7,27 +7,26 @@ const model = Backbone.Model.extend({
|
|||||||
|
|
||||||
defaults: function () {
|
defaults: function () {
|
||||||
return {
|
return {
|
||||||
id: undefined,
|
id: undefined,
|
||||||
created_on: null,
|
created_on: null,
|
||||||
modified_on: null,
|
modified_on: null,
|
||||||
domain_names: [],
|
domain_names: [],
|
||||||
forward_scheme: 'http',
|
forward_scheme: 'http',
|
||||||
forward_host: '',
|
forward_host: '',
|
||||||
forward_port: null,
|
forward_port: null,
|
||||||
access_list_id: 0,
|
access_list_id: 0,
|
||||||
certificate_id: 0,
|
certificate_id: 0,
|
||||||
ssl_forced: false,
|
ssl_forced: false,
|
||||||
caching_enabled: false,
|
caching_enabled: false,
|
||||||
allow_websocket_upgrade: false,
|
allow_websocket_upgrade: false,
|
||||||
block_exploits: false,
|
block_exploits: false,
|
||||||
http2_support: false,
|
http2_support: false,
|
||||||
ignore_invalid_upstream_ssl: false,
|
advanced_config: '',
|
||||||
advanced_config: '',
|
meta: {},
|
||||||
meta: {},
|
|
||||||
// The following are expansions:
|
// The following are expansions:
|
||||||
owner: null,
|
owner: null,
|
||||||
access_list: null,
|
access_list: null,
|
||||||
certificate: null
|
certificate: null
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user