|
|
@@ -3,7 +3,40 @@
|
|
|
proxy_set_header X-Forwarded-Scheme $scheme;
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
|
+ proxy_set_header X-Real-IP $remote_addr;
|
|
|
proxy_pass {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
|
|
|
+
|
|
|
+ {% if access_list_id > 0 %}
|
|
|
+ {% if access_list.items.length > 0 %}
|
|
|
+ # Authorization
|
|
|
+ auth_basic "Authorization required";
|
|
|
+ auth_basic_user_file /data/access/{{ access_list_id }};
|
|
|
+
|
|
|
+ {{ access_list.passauth }}
|
|
|
+ {% endif %}
|
|
|
+
|
|
|
+ # Access Rules
|
|
|
+ {% for client in access_list.clients %}
|
|
|
+ {{- client.rule -}};
|
|
|
+ {% endfor %}deny all;
|
|
|
+
|
|
|
+ # Access checks must...
|
|
|
+ {% if access_list.satisfy %}
|
|
|
+ {{ access_list.satisfy }};
|
|
|
+ {% endif %}
|
|
|
+
|
|
|
+ {% endif %}
|
|
|
+
|
|
|
+
|
|
|
+ {% include "_forced_ssl.conf" %}
|
|
|
+ {% include "_hsts.conf" %}
|
|
|
+
|
|
|
+ {% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
|
|
|
+ proxy_set_header Upgrade $http_upgrade;
|
|
|
+ proxy_set_header Connection $http_connection;
|
|
|
+ proxy_http_version 1.1;
|
|
|
+ {% endif %}
|
|
|
+
|
|
|
+
|
|
|
{{ advanced_config }}
|
|
|
}
|
|
|
-
|
vipergts450