feat: 反向代理支持设置回源 SNI (#5674)

Refs https://github.com/1Panel-dev/1Panel/issues/3461
This commit is contained in:
zhengkunwang 2024-07-04 15:58:32 +08:00 committed by GitHub
parent fd0260f43a
commit a4accc071d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 45 additions and 7 deletions

View File

@ -189,6 +189,7 @@ type WebsiteProxyConfig struct {
Content string `json:"content"`
FilePath string `json:"filePath"`
Replaces map[string]string `json:"replaces"`
SNI bool `json:"sni"`
}
type WebsiteProxyReq struct {

View File

@ -1643,6 +1643,11 @@ func (w WebsiteService) OperateProxy(req request.WebsiteProxyConfig) (err error)
} else {
location.RemoveSubFilter()
}
if req.SNI {
location.UpdateDirective("proxy_ssl_server_name", []string{"on"})
} else {
location.UpdateDirective("proxy_ssl_server_name", []string{"off"})
}
if err = nginx.WriteConfig(config, nginx.IndentedStyle); err != nil {
return buserr.WithErr(constant.ErrUpdateBuWebsite, err)
}
@ -1718,6 +1723,11 @@ func (w WebsiteService) GetProxies(id uint) (res []request.WebsiteProxyConfig, e
proxyConfig.Modifier = location.Modifier
proxyConfig.ProxyHost = location.Host
proxyConfig.Replaces = location.Replaces
for _, directive := range location.Directives {
if directive.GetName() == "proxy_ssl_server_name" {
proxyConfig.SNI = directive.GetParameters()[0] == "on"
}
}
res = append(res, proxyConfig)
}
return

View File

@ -2092,6 +2092,9 @@ const message = {
indexPHP: 'PHP website default page',
sslExpireDate: 'Certificate Expiry Date',
website404Helper: 'Website 404 error page only supports PHP runtime environment websites and static websites',
sni: 'Origin SNI',
sniHelper:
"When the reverse proxy backend is HTTPS, you might need to set the origin SNI. Please refer to the CDN service provider's documentation for details.",
},
php: {
short_open_tag: 'Short tag support',
@ -2336,7 +2339,11 @@ const message = {
customScriptHelper: 'Please fill in the complete startup command, for example: npm run start',
portError: 'Cannot fill in the same port',
systemRestartHelper: 'Status description: Interruption - status acquisition failed due to system restart',
javaScriptHelper: 'Please fill in the complete startup command, for example: java -jar halo.jar',
javaScriptHelper:
'Please fill in the complete startup command, for example: java -jar halo.jar -Xmx1024M -Xms256M',
javaDirHelper: 'The directory must contain jar files, subdirectories are also acceptable',
goHelper: 'Please provide a complete start command, for example: go run main.go or ./main',
goDirHelper: 'The directory must contain go files or binary files, subdirectories are also acceptable',
},
process: {
pid: 'Process ID',

View File

@ -1948,6 +1948,8 @@ const message = {
indexPHP: 'PHP 網站預設頁',
sslExpireDate: '憑證過期時間',
website404Helper: '網站 404 錯誤頁僅支援 PHP 運行環境網站和靜態網站',
sni: '回源 SNI',
sniHelper: '反代後端為 https 的時候可能需要設置回源 SNI具體需要看 CDN 服務商文檔',
},
php: {
short_open_tag: '短標簽支持',
@ -2170,7 +2172,10 @@ const message = {
customScriptHelper: '請填寫完整的啟動指令例如npm run start',
portError: '不能填寫相同連接埠',
systemRestartHelper: '狀態說明中斷-系統重新啟動導致狀態取得失敗',
javaScriptHelper: '請填寫完整啟動指令例如java -jar halo.jar',
javaScriptHelper: '請填寫完整啟動指令例如java -jar halo.jar -Xmx1024M -Xms256M',
javaDirHelper: '目錄中要包含 jar 子目錄中包含也可',
goHelper: '請填寫完整啟動命令例如go run main.go ./main',
goDirHelper: '目錄中要包含 go 文件或者二進制文件子目錄中包含也可',
},
process: {
pid: '進程ID',

View File

@ -1949,6 +1949,8 @@ const message = {
indexPHP: 'PHP 网站默认页',
sslExpireDate: '证书过期时间',
website404Helper: '网站 404 错误页仅支持 PHP 运行环境网站和静态网站',
sni: '回源 SNI',
sniHelper: '反代后端为 https 的时候可能需要设置回源 SNI具体需要看 CDN 服务商文档',
},
php: {
short_open_tag: '短标签支持',
@ -2172,7 +2174,10 @@ const message = {
customScriptHelper: '请填写完整的启动命令例如npm run start',
portError: '不能填写相同端口',
systemRestartHelper: '状态说明中断-系统重启导致状态获取失败',
javaScriptHelper: '请填写完整启动命令例如java -jar halo.jar',
javaScriptHelper: '请填写完整启动命令例如java -jar halo.jar -Xmx1024M -Xms256M',
javaDirHelper: '目录中要包含 jar 子目录中包含也可',
goHelper: '请填写完整启动命令例如go run main.go ./main',
goDirHelper: '目录中要包含 go 文件或者二进制文件子目录中包含也可',
},
process: {
pid: '进程ID',

View File

@ -55,7 +55,7 @@
</el-col>
</el-row>
</el-form-item>
<el-form-item :label="$t('runtime.codeDir')" prop="codeDir">
<el-form-item :label="$t('tool.supervisor.dir')" prop="codeDir">
<el-input v-model.trim="runtime.codeDir" :disabled="mode === 'edit'">
<template #prepend>
<FileList
@ -66,13 +66,16 @@
></FileList>
</template>
</el-input>
<span class="input-help">
{{ $t('runtime.goDirHelper') }}
</span>
</el-form-item>
<el-row :gutter="20">
<el-col :span="18">
<el-form-item :label="$t('runtime.runScript')" prop="params.EXEC_SCRIPT">
<el-input v-model="runtime.params['EXEC_SCRIPT']"></el-input>
<span class="input-help">
{{ $t('runtime.customScriptHelper') }}
{{ $t('runtime.goHelper') }}
</span>
</el-form-item>
</el-col>

View File

@ -55,7 +55,7 @@
</el-col>
</el-row>
</el-form-item>
<el-form-item :label="$t('runtime.codeDir')" prop="codeDir">
<el-form-item :label="$t('tool.supervisor.dir')" prop="codeDir">
<el-input v-model.trim="runtime.codeDir" :disabled="mode === 'edit'">
<template #prepend>
<FileList
@ -66,13 +66,16 @@
></FileList>
</template>
</el-input>
<span class="input-help">
{{ $t('runtime.javaDirHelper') }}
</span>
</el-form-item>
<el-row :gutter="20">
<el-col :span="18">
<el-form-item :label="$t('runtime.runScript')" prop="params.EXEC_SCRIPT">
<el-input v-model="runtime.params['EXEC_SCRIPT']"></el-input>
<span class="input-help">
{{ $t('runtime.customScriptHelper') }}
{{ $t('runtime.javaScriptHelper') }}
</span>
</el-form-item>
</el-col>

View File

@ -27,6 +27,10 @@
<el-form-item :label="$t('website.enableCache')" prop="cache">
<el-switch v-model="proxy.cache" @change="changeCache(proxy.cache)"></el-switch>
</el-form-item>
<el-form-item :label="$t('website.sni')" prop="sni">
<el-switch v-model="proxy.sni"></el-switch>
<span class="input-help">{{ $t('website.sniHelper') }}</span>
</el-form-item>
<el-form-item :label="$t('website.cacheTime')" prop="cacheTime" v-if="proxy.cache">
<el-input v-model.number="proxy.cacheTime" maxlength="15">
<template #append>