Merge pull request #1081 from vipergts450/vipergts450-custom_location-patch

Vipergts450 custom location patch
2024-08-30 18:22:48 +00:00 · 2021-06-07 12:46:23 +10:00 · 2021-06-07 12:46:23 +10:00 · f575400bc8
commit f575400bc8
parent 6d9a335b0e 69ee6b1699
2 changed files with 54 additions and 3 deletions
--- a/backend/internal/nginx.js
+++ b/backend/internal/nginx.js
@ -136,6 +136,8 @@ const internalNginx = {
 	 * @returns {Promise}
 	 */
 	renderLocations: (host) => {
+
+		//logger.info('host = ' + JSON.stringify(host, null, 2));
 		return new Promise((resolve, reject) => {
 			let template;

@ -146,13 +148,19 @@ const internalNginx = {
 				return;
 			}

-			let renderer          = new Liquid();
+			let renderer          = new Liquid({
+				root: __dirname + '/../templates/'
+			});
 			let renderedLocations = '';

 			const locationRendering = async () => {
 				for (let i = 0; i < host.locations.length; i++) {
-					let locationCopy = Object.assign({}, host.locations[i]);
-
+					let locationCopy = Object.assign({}, {access_list_id: host.access_list_id}, {certificate_id: host.certificate_id}, 
+						{ssl_forced: host.ssl_forced}, {caching_enabled: host.caching_enabled}, {block_exploits: host.block_exploits},
+						{allow_websocket_upgrade: host.allow_websocket_upgrade}, {http2_support: host.http2_support},
+						{hsts_enabled: host.hsts_enabled}, {hsts_subdomains: host.hsts_subdomains}, {access_list: host.access_list},
+						{certificate: host.certificate}, host.locations[i]);
+			
 					if (locationCopy.forward_host.indexOf('/') > -1) {
 						const splitted = locationCopy.forward_host.split('/');

@ -160,12 +168,16 @@ const internalNginx = {
 						locationCopy.forward_path = `/${splitted.join('/')}`;
 					}

+					//logger.info('locationCopy = ' + JSON.stringify(locationCopy, null, 2));
+
 					// eslint-disable-next-line
 					renderedLocations += await renderer.parseAndRender(template, locationCopy);
 				}
+
 			};

 			locationRendering().then(() => resolve(renderedLocations));
+			
 		});
 	},

@ -181,6 +193,8 @@ const internalNginx = {
 			logger.info('Generating ' + host_type + ' Config:', host);
 		}

+		// logger.info('host = ' + JSON.stringify(host, null, 2));
+
 		let renderEngine = new Liquid({
 			root: __dirname + '/../templates/'
 		});
@ -208,6 +222,7 @@ const internalNginx = {
 			}

 			if (host.locations) {
+				//logger.info ('host.locations = ' + JSON.stringify(host.locations, null, 2));
 				origLocations    = [].concat(host.locations);
 				locationsPromise = internalNginx.renderLocations(host).then((renderedLocations) => {
 					host.locations = renderedLocations;
--- a/backend/templates/_location.conf
+++ b/backend/templates/_location.conf
@ -3,7 +3,43 @@
    proxy_set_header X-Forwarded-Scheme $scheme;
    proxy_set_header X-Forwarded-Proto  $scheme;
    proxy_set_header X-Forwarded-For    $remote_addr;
+    proxy_set_header X-Real-IP		$remote_addr;
    proxy_pass       {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
+
+    {% if access_list_id > 0 %}
+    {% if access_list.items.length > 0 %}
+    # Authorization
+    auth_basic            "Authorization required";
+    auth_basic_user_file  /data/access/{{ access_list_id }};
+ 
+    {{ access_list.passauth }}
+    {% endif %}
+ 
+    # Access Rules
+    {% for client in access_list.clients %}
+    {{- client.rule -}};
+    {% endfor %}deny all;
+ 
+    # Access checks must...
+    {% if access_list.satisfy %}
+    {{ access_list.satisfy }};
+    {% endif %}
+ 
+    {% endif %}
+
+    {% include "_assets.conf" %}
+    {% include "_exploits.conf" %}
+
+    {% include "_forced_ssl.conf" %}
+    {% include "_hsts.conf" %}
+
+    {% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection $http_connection;
+    proxy_http_version 1.1;
+    {% endif %}
+
+
    {{ advanced_config }}
  }