From 29eda56c25955ceebb3caa4f9772520c7f9c6492 Mon Sep 17 00:00:00 2001 From: cytopia Date: Sun, 25 Dec 2022 22:05:04 +0100 Subject: [PATCH 01/12] Update version --- bin/vhost-gen | 4 ++-- setup.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/bin/vhost-gen b/bin/vhost-gen index 845cfa1..eb338a2 100755 --- a/bin/vhost-gen +++ b/bin/vhost-gen @@ -29,8 +29,8 @@ if os.environ.get("MYPY_CHECK", False): # -------------------------------------------------------------------------------------------------- APPNAME = "vhost-gen" APPREPO = "https://github.com/devilbox/vhost-gen" -VERSION = "1.0.8" -RELDATE = "2022-12-22" +VERSION = "1.0.9" +RELDATE = "2022-12-25" # Default paths CONFIG_PATH = "/etc/vhost-gen/conf.yml" diff --git a/setup.py b/setup.py index 64c91c4..f454567 100644 --- a/setup.py +++ b/setup.py @@ -6,7 +6,7 @@ setup( name="vhost-gen", - version="1.0.8", + version="1.0.9", description="Configurable vHost generator for Apache 2.2, Apache 2.4 and Nginx.", license="MIT", long_description=long_description, From ace08dc71b420f18f40db5fab191448a87212877 Mon Sep 17 00:00:00 2001 From: cytopia Date: Sun, 25 Dec 2022 22:10:19 +0100 Subject: [PATCH 02/12] Update templates to support websockets --- etc/templates/apache22.yml | 30 ++++++++++++++++++++++++------ etc/templates/apache24.yml | 34 ++++++++++++++++++++++++---------- etc/templates/nginx.yml | 27 +++++++++++++++++++++++---- 3 files changed, 71 insertions(+), 20 deletions(-) diff --git a/etc/templates/apache22.yml b/etc/templates/apache22.yml index 8ee37cf..2fc97cc 100644 --- a/etc/templates/apache22.yml +++ b/etc/templates/apache22.yml @@ -84,14 +84,32 @@ vhost_type: Allow from all - # Reverse Proxy (-r) + # Reverse Proxy (-r http(s)://ADDR:PORT) rproxy: | - # Define the vhost to reverse proxy - ProxyRequests off - ProxyPass __LOCATION__ __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + # Define Reverse Proxy - ProxyPassReverse / - RequestHeader unset Accept-Encoding + # Reverse Proxy Settings + ProxyRequests Off + ProxyPreserveHost On + ProxyPass / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPassReverse / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + + + # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) + rproxy_ws: | + # Define Reverse Proxy with Websock support + + # Websocket Rewrite Settings + RewriteEngine On + RewriteCond %{HTTP:Connection} Upgrade [NC] + RewriteCond %{HTTP:Upgrade} websocket [NC] + RewriteRule ^/?(.*)$ __WS_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/$1 [P,L] + + # Reverse Proxy Settings + ProxyRequests Off + ProxyPreserveHost On + ProxyPass / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPassReverse / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ diff --git a/etc/templates/apache24.yml b/etc/templates/apache24.yml index 2ab661a..474d66b 100644 --- a/etc/templates/apache24.yml +++ b/etc/templates/apache24.yml @@ -86,18 +86,32 @@ vhost_type: Require all granted - # Reverse Proxy (-r) + # Reverse Proxy (-r http(s)://ADDR:PORT) rproxy: | - # Define the vhost to reverse proxy - ProxyRequests off - ProxyPass __LOCATION__ __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ - ProxyHTMLURLMap __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ __LOCATION__ + # Define Reverse Proxy - ProxyPassReverse / - SetOutputFilter proxy-html - ProxyHTMLURLMap / __LOCATION__ - ProxyHTMLURLMap __LOCATION__ __LOCATION__ - RequestHeader unset Accept-Encoding + # Reverse Proxy Settings + ProxyRequests Off + ProxyPreserveHost On + ProxyPass / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPassReverse / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + + + # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) + rproxy_ws: | + # Define Reverse Proxy with Websock support + + # Websocket Rewrite Settings + RewriteEngine On + RewriteCond %{HTTP:Connection} Upgrade [NC] + RewriteCond %{HTTP:Upgrade} websocket [NC] + RewriteRule ^/?(.*)$ __WS_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/$1 [P,L] + + # Reverse Proxy Settings + ProxyRequests Off + ProxyPreserveHost On + ProxyPass / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPassReverse / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ diff --git a/etc/templates/nginx.yml b/etc/templates/nginx.yml index 524ca69..555864d 100644 --- a/etc/templates/nginx.yml +++ b/etc/templates/nginx.yml @@ -75,12 +75,31 @@ vhost_type: root "__DOCUMENT_ROOT__"; index __INDEX__; - # Reverse Proxy (-r) + # Reverse Proxy (-r http(s)://ADDR:PORT) rproxy: | - # Define the vhost to reverse proxy + # Define Reverse Proxy location __LOCATION__ { - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; + # https://stackoverflow.com/a/72586833 + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # Proxy connection + proxy_pass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__; + } + + # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) + rproxy_ws: | + # Define Reverse Proxy with Websock support + location __LOCATION__ { + # https://stackoverflow.com/a/72586833 + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # Websocket settings + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + # Proxy connection proxy_pass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__; } From 9271417643f02f9eb9eb74416ba7ed33edb267ed Mon Sep 17 00:00:00 2001 From: cytopia Date: Sun, 25 Dec 2022 22:10:44 +0100 Subject: [PATCH 03/12] Be able to generate websocket capable reverse proxies --- README.md | 7 ++++--- bin/vhost-gen | 55 +++++++++++++++++++++++++++++++++------------------ 2 files changed, 40 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index e990347..fd7780f 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ [![pydoc](https://github.com/devilbox/vhost-gen/workflows/pydoc/badge.svg)](https://github.com/devilbox/vhost-gen/actions?query=workflow%3Apydoc) -**[vhost-gen](bin/vhost-gen)** will dynamically generate **vhost** or **reverse proxy** configuration files for Apache 2.2, Apache 2.4 and Nginx depending on what you have set in [conf.yml](etc/conf.yml). This makes it easy to switch between different web servers while keeping the exact same functionality. +**[vhost-gen](bin/vhost-gen)** will dynamically generate **vhost** or **reverse proxy** (with or without **websocket support**) configuration files for Apache 2.2, Apache 2.4 and Nginx depending on what you have set in [conf.yml](etc/conf.yml). This makes it easy to switch between different web servers while keeping the exact same functionality. --- @@ -138,7 +138,7 @@ If you are not satisfied with the default definitions for the webserver configur #### Supported Features -* Document serving vHost or Reverse Proxy +* Document serving vHost or Reverse Proxy (with or w/o websocket support) * Custom server name * Custom document root * Custom access log name @@ -248,8 +248,9 @@ in /etc/vhost-gen/conf.yml Required arguments: -p|r You need to choose one of the mutually exclusive arguments. - -p: Path to document root/ + -p: Path to document root. -r: http(s)://Host:Port for reverse proxy. + -r: ws(s)://Host:Port for reverse proxy with websocket support. Depening on the choice, it will either generate a document serving vhost or a reverse proxy vhost. Note, when using -p, this can also have a suffix directory to be set diff --git a/bin/vhost-gen b/bin/vhost-gen index eb338a2..52fe57a 100755 --- a/bin/vhost-gen +++ b/bin/vhost-gen @@ -115,8 +115,9 @@ in /etc/vhost-gen/conf.yml Required arguments: -p|r You need to choose one of the mutually exclusive arguments. - -p: Path to document root/ + -p: Path to document root. -r: http(s)://Host:Port for reverse proxy. + -r: ws(s)://Host:Port for reverse proxy with websocket support. Depening on the choice, it will either generate a document serving vhost or a reverse proxy vhost. Note, when using -p, this can also have a suffix directory to be set @@ -349,15 +350,12 @@ def validate_args_req(name, docroot, proxy, mode, location, verbose): sys.exit(1) # Regex: HOSTNAME/IP:PORT - regex = re.compile("(^http(s)?://[-_.a-zA-Z0-9]+:[0-9]+$)", re.IGNORECASE) - if not regex.match(proxy): - log( - 0, - "Invalid proxy argument string: '{}', should be {} or {}.".format( - proxy, "http(s)://HOST:PORT", "http(s)://IP:PORT" - ), - verbose, - ) + regex_http = re.compile("(^http(s)?://[-_.a-zA-Z0-9]+:[0-9]+$)", re.IGNORECASE) + regex_webs = re.compile("(^ws(s)?://[-_.a-zA-Z0-9]+:[0-9]+$)", re.IGNORECASE) + if not regex_http.match(proxy) and not regex_webs.match(proxy): + log(0, "Invalid proxy argument string: '{}', should be:".format(proxy), verbose) + log(0, " http(s)://HOST:PORT or http(s)://IP:PORT", verbose) + log(0, " ws(s)://HOST:PORT or ws(s)://IP:PORT", verbose) log(0, "Type --help for help", verbose) sys.exit(1) @@ -570,15 +568,34 @@ def vhost_get_vhost_rproxy(template, proxy, location, verbose): sys.exit(1) proxy_addr = match.group(1) - return str_replace( - template["vhost_type"]["rproxy"], - { - "__LOCATION__": location, - "__PROXY_PROTO__": re.sub("://.*$", "", proxy), - "__PROXY_ADDR__": proxy_addr, - "__PROXY_PORT__": re.sub("^.*:", "", proxy), - }, - ) + protocol = re.sub("://.*$", "", proxy) # Proxy protocol http(s) vs ws(s) + + # ws == http and wss == https + proxy_prot = "http" if protocol in ("http", "ws") else "https" + wsock_prot = "ws" if protocol in ("http", "ws") else "wss" + + # Websocket + if protocol in ("ws", "wss"): + return str_replace( + template["vhost_type"]["rproxy_ws"], + { + "__LOCATION__": location, + "__WS_PROTO__": wsock_prot, + "__PROXY_PROTO__": proxy_prot, + "__PROXY_ADDR__": proxy_addr, + "__PROXY_PORT__": re.sub("^.*:", "", proxy), + }, + ) + if protocol in ("http", "https"): + return str_replace( + template["vhost_type"]["rproxy"], + { + "__LOCATION__": location, + "__PROXY_PROTO__": proxy_prot, + "__PROXY_ADDR__": proxy_addr, + "__PROXY_PORT__": re.sub("^.*:", "", proxy), + }, + ) return "" From 4445c5c7472c228dcece92651ce6f3b6a10ae558 Mon Sep 17 00:00:00 2001 From: cytopia Date: Sun, 25 Dec 2022 22:26:45 +0100 Subject: [PATCH 04/12] Fix Apache 2\.(2|4) Reverse Proxy Settings --- etc/templates/apache22.yml | 12 ++++++------ etc/templates/apache24.yml | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/etc/templates/apache22.yml b/etc/templates/apache22.yml index 2fc97cc..97272f3 100644 --- a/etc/templates/apache22.yml +++ b/etc/templates/apache22.yml @@ -87,17 +87,18 @@ vhost_type: # Reverse Proxy (-r http(s)://ADDR:PORT) rproxy: | # Define Reverse Proxy + ProxyRequests Off # Reverse Proxy Settings - ProxyRequests Off ProxyPreserveHost On - ProxyPass / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ - ProxyPassReverse / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) rproxy_ws: | # Define Reverse Proxy with Websock support + ProxyRequests Off # Websocket Rewrite Settings RewriteEngine On @@ -106,10 +107,9 @@ vhost_type: RewriteRule ^/?(.*)$ __WS_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/$1 [P,L] # Reverse Proxy Settings - ProxyRequests Off ProxyPreserveHost On - ProxyPass / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ - ProxyPassReverse / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ diff --git a/etc/templates/apache24.yml b/etc/templates/apache24.yml index 474d66b..b2fda52 100644 --- a/etc/templates/apache24.yml +++ b/etc/templates/apache24.yml @@ -89,17 +89,18 @@ vhost_type: # Reverse Proxy (-r http(s)://ADDR:PORT) rproxy: | # Define Reverse Proxy + ProxyRequests Off # Reverse Proxy Settings - ProxyRequests Off ProxyPreserveHost On - ProxyPass / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ - ProxyPassReverse / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) rproxy_ws: | # Define Reverse Proxy with Websock support + ProxyRequests Off # Websocket Rewrite Settings RewriteEngine On @@ -108,10 +109,9 @@ vhost_type: RewriteRule ^/?(.*)$ __WS_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/$1 [P,L] # Reverse Proxy Settings - ProxyRequests Off ProxyPreserveHost On - ProxyPass / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ - ProxyPassReverse / __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ From 0ce28d965b7a16e3c5a4fdef84590747951a7d5f Mon Sep 17 00:00:00 2001 From: cytopia Date: Sun, 25 Dec 2022 22:34:43 +0100 Subject: [PATCH 05/12] Fix Apache 2.2 Reverse Proxy Settings --- etc/templates/apache22.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/etc/templates/apache22.yml b/etc/templates/apache22.yml index 97272f3..49304a7 100644 --- a/etc/templates/apache22.yml +++ b/etc/templates/apache22.yml @@ -87,10 +87,10 @@ vhost_type: # Reverse Proxy (-r http(s)://ADDR:PORT) rproxy: | # Define Reverse Proxy - ProxyRequests Off + ProxyRequests Off + ProxyPreserveHost On # Reverse Proxy Settings - ProxyPreserveHost On ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ @@ -98,7 +98,8 @@ vhost_type: # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) rproxy_ws: | # Define Reverse Proxy with Websock support - ProxyRequests Off + ProxyRequests Off + ProxyPreserveHost On # Websocket Rewrite Settings RewriteEngine On @@ -107,7 +108,6 @@ vhost_type: RewriteRule ^/?(.*)$ __WS_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/$1 [P,L] # Reverse Proxy Settings - ProxyPreserveHost On ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ From d67bcab2dbae6692afedade2e243ed3e095eee37 Mon Sep 17 00:00:00 2001 From: cytopia Date: Sun, 25 Dec 2022 22:45:04 +0100 Subject: [PATCH 06/12] Disable Proxy in location block for Apache 2\.(2|4) --- etc/templates/apache22.yml | 3 ++- etc/templates/apache24.yml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/etc/templates/apache22.yml b/etc/templates/apache22.yml index 49304a7..bc29950 100644 --- a/etc/templates/apache22.yml +++ b/etc/templates/apache22.yml @@ -54,10 +54,10 @@ vhost: | __REDIRECT__ __SSL__ __VHOST_DOCROOT__ - __VHOST_RPROXY__ __PHP_FPM__ __ALIASES__ __DENIES__ + __VHOST_RPROXY__ __SERVER_STATUS__ # Custom directives __CUSTOM__ @@ -140,6 +140,7 @@ features: # Alias Definition Alias "__ALIAS__" "__PATH____ALIAS__" + ProxyPass ! __XDOMAIN_REQ__ diff --git a/etc/templates/apache24.yml b/etc/templates/apache24.yml index b2fda52..c22a938 100644 --- a/etc/templates/apache24.yml +++ b/etc/templates/apache24.yml @@ -55,10 +55,10 @@ vhost: | __REDIRECT__ __SSL__ __VHOST_DOCROOT__ - __VHOST_RPROXY__ __PHP_FPM__ __ALIASES__ __DENIES__ + __VHOST_RPROXY__ __SERVER_STATUS__ # Custom directives __CUSTOM__ @@ -161,6 +161,7 @@ features: # Alias Definition Alias "__ALIAS__" "__PATH____ALIAS__" + ProxyPass ! __XDOMAIN_REQ__ From dd0054c4166c07dda50ca552f7ec1dab7f905f29 Mon Sep 17 00:00:00 2001 From: cytopia Date: Sun, 25 Dec 2022 23:08:18 +0100 Subject: [PATCH 07/12] Fix Apache 2\.(2|4) Reverse Proxy Settings --- etc/templates/apache22.yml | 8 ++++---- etc/templates/apache24.yml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/etc/templates/apache22.yml b/etc/templates/apache22.yml index bc29950..d73c1d0 100644 --- a/etc/templates/apache22.yml +++ b/etc/templates/apache22.yml @@ -91,8 +91,8 @@ vhost_type: ProxyPreserveHost On # Reverse Proxy Settings - ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ - ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 + ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) @@ -108,8 +108,8 @@ vhost_type: RewriteRule ^/?(.*)$ __WS_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/$1 [P,L] # Reverse Proxy Settings - ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ - ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 + ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ diff --git a/etc/templates/apache24.yml b/etc/templates/apache24.yml index c22a938..bd60e2c 100644 --- a/etc/templates/apache24.yml +++ b/etc/templates/apache24.yml @@ -93,8 +93,8 @@ vhost_type: # Reverse Proxy Settings ProxyPreserveHost On - ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ - ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 + ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) @@ -110,8 +110,8 @@ vhost_type: # Reverse Proxy Settings ProxyPreserveHost On - ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ - ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__ + ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 + ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ From 2262caf52fb786108b4e82bd31d2814a7dbfa19e Mon Sep 17 00:00:00 2001 From: cytopia Date: Sun, 25 Dec 2022 23:53:33 +0100 Subject: [PATCH 08/12] Move ProxyPass out of location block --- etc/templates/apache22.yml | 7 ++----- etc/templates/apache24.yml | 11 ++++------- 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/etc/templates/apache22.yml b/etc/templates/apache22.yml index d73c1d0..6756bb2 100644 --- a/etc/templates/apache22.yml +++ b/etc/templates/apache22.yml @@ -89,11 +89,8 @@ vhost_type: # Define Reverse Proxy ProxyRequests Off ProxyPreserveHost On - - # Reverse Proxy Settings - ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 - ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ - + ProxyPass __LOCATION__ __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 + ProxyPassReverse __LOCATION__ __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) rproxy_ws: | diff --git a/etc/templates/apache24.yml b/etc/templates/apache24.yml index bd60e2c..36430cb 100644 --- a/etc/templates/apache24.yml +++ b/etc/templates/apache24.yml @@ -89,13 +89,10 @@ vhost_type: # Reverse Proxy (-r http(s)://ADDR:PORT) rproxy: | # Define Reverse Proxy - ProxyRequests Off - - # Reverse Proxy Settings - ProxyPreserveHost On - ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 - ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ - + ProxyRequests Off + ProxyPreserveHost On + ProxyPass __LOCATION__ __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 + ProxyPassReverse __LOCATION__ __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) rproxy_ws: | From df0d5801846e0766d4d39b020ba6ea36576a8433 Mon Sep 17 00:00:00 2001 From: cytopia Date: Tue, 27 Dec 2022 01:34:47 +0100 Subject: [PATCH 09/12] Fixup Apache 2.4 proxy settings --- etc/templates/apache24.yml | 49 ++++++++++++++++++++++++++++---------- 1 file changed, 36 insertions(+), 13 deletions(-) diff --git a/etc/templates/apache24.yml b/etc/templates/apache24.yml index 36430cb..5287dfb 100644 --- a/etc/templates/apache24.yml +++ b/etc/templates/apache24.yml @@ -40,6 +40,17 @@ # __PHP_PORT__ # +### +### Notes about Apache +### + +# +# 1. Each same directive is checked in order of definition (last one wins) +# 2. Directives are ordered: Directory, DirectoryMatch, Files, and finally Location (last one wins) +# * Last match always takes precedence +# +# Exception: Directories, where shortest path is matched first +# Exception: ProxyPass and Alias first match and then stops ### ### Basic vHost skeleton @@ -55,10 +66,10 @@ vhost: | __REDIRECT__ __SSL__ __VHOST_DOCROOT__ + __VHOST_RPROXY__ __PHP_FPM__ __ALIASES__ __DENIES__ - __VHOST_RPROXY__ __SERVER_STATUS__ # Custom directives __CUSTOM__ @@ -88,28 +99,40 @@ vhost_type: # Reverse Proxy (-r http(s)://ADDR:PORT) rproxy: | - # Define Reverse Proxy + # ProxyRequests: Disable "Forward Proxy" + # ProxyPreserveHost: Pass "Host" header to remote + # ProxyAddHeaders: Add "X-Forward-*" headers + # ProxyVia: Add "Via" header ProxyRequests Off ProxyPreserveHost On - ProxyPass __LOCATION__ __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 - ProxyPassReverse __LOCATION__ __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ + ProxyAddHeaders On + ProxyVia On + + # Reverse Proxy + ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 + ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ + # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) rproxy_ws: | - # Define Reverse Proxy with Websock support - ProxyRequests Off - + # ProxyRequests: Disable "Forward Proxy" + # ProxyPreserveHost: Pass "Host" header to remote + # ProxyAddHeaders: Add "X-Forward-*" headers + # ProxyVia: Add "Via" header + ProxyRequests Off + ProxyPreserveHost On + ProxyAddHeaders On + ProxyVia On + # Websocket Rewrite Settings RewriteEngine On RewriteCond %{HTTP:Connection} Upgrade [NC] RewriteCond %{HTTP:Upgrade} websocket [NC] RewriteRule ^/?(.*)$ __WS_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/$1 [P,L] - - # Reverse Proxy Settings - ProxyPreserveHost On + # Reverse Proxy ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ - + ### @@ -169,10 +192,10 @@ features: deny: | # Deny Definition - + Order allow,deny Deny from all - + server_status: | # Status Page From b36fc9a7818000c92f309073a8326095ce9a7d62 Mon Sep 17 00:00:00 2001 From: cytopia Date: Tue, 27 Dec 2022 01:53:30 +0100 Subject: [PATCH 10/12] Fixup Apache 2.2 proxy settings --- etc/templates/apache22.yml | 47 +++++++++++++++++++++++++++++--------- 1 file changed, 36 insertions(+), 11 deletions(-) diff --git a/etc/templates/apache22.yml b/etc/templates/apache22.yml index 6756bb2..d8ca70a 100644 --- a/etc/templates/apache22.yml +++ b/etc/templates/apache22.yml @@ -40,10 +40,23 @@ # __PHP_PORT__ # +### +### Notes about Apache +### + +# +# 1. Each same directive is checked in order of definition (last one wins) +# 2. Directives are ordered: Directory, DirectoryMatch, Files, and finally Location (last one wins) +# * Last match always takes precedence +# +# Exception: Directories, where shortest path is matched first +# Exception: ProxyPass and Alias first match and then stops ### ### Basic vHost skeleton ### +### Note: Reverse Proxy section must be last for Apache 2.2 +### vhost: | ServerName __VHOST_NAME__ @@ -57,10 +70,10 @@ vhost: | __PHP_FPM__ __ALIASES__ __DENIES__ - __VHOST_RPROXY__ __SERVER_STATUS__ # Custom directives __CUSTOM__ + __VHOST_RPROXY__ ### @@ -86,28 +99,40 @@ vhost_type: # Reverse Proxy (-r http(s)://ADDR:PORT) rproxy: | - # Define Reverse Proxy + # ProxyRequests: Disable "Forward Proxy" + # ProxyPreserveHost: Pass "Host" header to remote + # ProxyAddHeaders: Add "X-Forward-*" headers + # ProxyVia: Add "Via" header ProxyRequests Off ProxyPreserveHost On - ProxyPass __LOCATION__ __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 - ProxyPassReverse __LOCATION__ __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ + ProxyAddHeaders On + ProxyVia On + + # Reverse Proxy + ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 + ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ + # Reverse Proxy with websocket support (-r ws(s)://ADDR:PORT) rproxy_ws: | - # Define Reverse Proxy with Websock support + # ProxyRequests: Disable "Forward Proxy" + # ProxyPreserveHost: Pass "Host" header to remote + # ProxyAddHeaders: Add "X-Forward-*" headers + # ProxyVia: Add "Via" header ProxyRequests Off ProxyPreserveHost On - + ProxyAddHeaders On + ProxyVia On + # Websocket Rewrite Settings RewriteEngine On RewriteCond %{HTTP:Connection} Upgrade [NC] RewriteCond %{HTTP:Upgrade} websocket [NC] RewriteRule ^/?(.*)$ __WS_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/$1 [P,L] - - # Reverse Proxy Settings + # Reverse Proxy ProxyPass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ retry=0 ProxyPassReverse __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__/ - + ### @@ -147,10 +172,10 @@ features: deny: | # Deny Definition - + Order allow,deny Deny from all - + server_status: | # Status Page From 3d9a8604aa26be2278cfed3d4b63936cfa2d674b Mon Sep 17 00:00:00 2001 From: cytopia Date: Tue, 27 Dec 2022 02:03:25 +0100 Subject: [PATCH 11/12] Remoe ProxyAddHeaders from Apache 2.2 --- etc/templates/apache22.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/etc/templates/apache22.yml b/etc/templates/apache22.yml index d8ca70a..2ed7c9a 100644 --- a/etc/templates/apache22.yml +++ b/etc/templates/apache22.yml @@ -101,11 +101,9 @@ vhost_type: rproxy: | # ProxyRequests: Disable "Forward Proxy" # ProxyPreserveHost: Pass "Host" header to remote - # ProxyAddHeaders: Add "X-Forward-*" headers # ProxyVia: Add "Via" header ProxyRequests Off ProxyPreserveHost On - ProxyAddHeaders On ProxyVia On # Reverse Proxy @@ -117,11 +115,9 @@ vhost_type: rproxy_ws: | # ProxyRequests: Disable "Forward Proxy" # ProxyPreserveHost: Pass "Host" header to remote - # ProxyAddHeaders: Add "X-Forward-*" headers # ProxyVia: Add "Via" header ProxyRequests Off ProxyPreserveHost On - ProxyAddHeaders On ProxyVia On # Websocket Rewrite Settings From 1c9277dc439598a8417ea187feaade228453dac4 Mon Sep 17 00:00:00 2001 From: cytopia Date: Tue, 27 Dec 2022 02:13:51 +0100 Subject: [PATCH 12/12] Update Release Date --- bin/vhost-gen | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/vhost-gen b/bin/vhost-gen index 52fe57a..e2de7da 100755 --- a/bin/vhost-gen +++ b/bin/vhost-gen @@ -30,7 +30,7 @@ if os.environ.get("MYPY_CHECK", False): APPNAME = "vhost-gen" APPREPO = "https://github.com/devilbox/vhost-gen" VERSION = "1.0.9" -RELDATE = "2022-12-25" +RELDATE = "2022-12-27" # Default paths CONFIG_PATH = "/etc/vhost-gen/conf.yml"