Commit eac89bb0 authored by Jason's avatar Jason
Browse files

Added proxy protocol feature:

Added Global Setting to Server config tab to
  - Enable & Disable the feature
  - Set the Proxy HTTP & HTTPS Ports

Added Per site level switch to enable and disable feature (Located in the Web Tab under the advanced section)

Added Apache2 and Nginx vhost updates to enable proxy_protocol on the listen lines

Added New database column to web_domain called "proxy_protocol" to enable site level config (Patch file Added upd_0089.sql)

Updated the Base Table SQL file to include "proxy_protocol" field
parent 26009352
-- add new proxy_protocol column
ALTER TABLE `web_domain`
ADD COLUMN `proxy_protocol` ENUM('n','y') NOT NULL DEFAULT 'y' AFTER `log_retention`;
-- Update old entrys
UPDATE `web_domain` SET `proxy_protocol` = 'y';
......@@ -2071,6 +2071,7 @@ CREATE TABLE `web_domain` (
`https_port` int(11) unsigned NOT NULL DEFAULT '443',
`folder_directive_snippets` text,
`log_retention` int(11) NOT NULL DEFAULT '10',
`proxy_protocol` enum('n','y') NOT NULL default 'y',
PRIMARY KEY (`domain_id`),
UNIQUE KEY `serverdomain` ( `server_id` , `ip_address`, `domain` )
) DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
......
......@@ -820,6 +820,28 @@ $form["tabs"]['web'] = array(
'default' => 'n',
'value' => array(0 => 'n',1 => 'y')
),
'vhost_proxy_protocol_enabled' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'n',
'value' => array(0 => 'n',1 => 'y')
),
'vhost_proxy_protocol_http_port' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'default' => '880',
'value' => '',
'width' => '40',
'maxlength' => '255'
),
'vhost_proxy_protocol_https_port' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'default' => '8443',
'value' => '',
'width' => '40',
'maxlength' => '255'
),
'vhost_conf_dir' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
......
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -301,3 +301,6 @@ $wb['content_filter_txt'] = 'Filtro de conteúdo';
$wb['rspamd_url_txt'] = 'URL do rspamd';
$wb['rspamd_user_txt'] = 'Usuário do rspamd';
$wb['rspamd_password_txt'] = 'Senha do rspamd';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content-Filter';
$wb['rspamd_url_txt'] = 'Rspamd-URL';
$wb['rspamd_user_txt'] = 'Rspamd-Benutzer';
$wb['rspamd_password_txt'] = 'Rspamd-Passwort';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -300,4 +300,7 @@ $wb['content_filter_txt'] = 'Content Filter';
$wb['rspamd_url_txt'] = 'Rspamd URL';
$wb['rspamd_user_txt'] = 'Rspamd User';
$wb['rspamd_password_txt'] = 'Rspamd Password';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -294,4 +294,7 @@ $wb['log_retention_txt'] = 'Günlük Tutma Süresi (Gün)';
$wb['log_retention_error_ispositive'] = 'Günlük tutma süresi 0 değerinden büyük bir sayı olmalıdır';
$wb['php_default_name_txt'] = 'Varsayılan PHP Sürümü Açıklaması';
$wb['php_default_name_error_empty'] = 'Varsayılan PHP sürümü açıklaması boş olamaz';
$wb['vhost_proxy_protocol_enabled_txt'] = 'Enable PROXY Protocol';
$wb['vhost_proxy_protocol_http_port_txt'] = 'PROXY Protocol HTTP Port';
$wb['vhost_proxy_protocol_https_port_txt'] = 'PROXY Protocol HTTPS Port';
?>
......@@ -54,6 +54,20 @@
{tmpl_var name='vhost_rewrite_v6'}
</div>
</div>
<div class="form-group">
<label for="vhost_proxy_protocol_enabled" class="col-sm-3 control-label">{tmpl_var name='vhost_proxy_protocol_enabled_txt'}</label>
<div class="col-sm-9">
{tmpl_var name='vhost_proxy_protocol_enabled'}
</div>
</div>
<div class="form-group">
<label for="vhost_proxy_protocol_http_port" class="col-sm-3 control-label">{tmpl_var name='vhost_proxy_protocol_http_port_txt'}</label>
<div class="col-sm-9"><input type="text" name="vhost_proxy_protocol_http_port" id="vhost_proxy_protocol_http_port" value="{tmpl_var name='vhost_proxy_protocol_http_port'}" class="form-control"/></div>
</div>
<div class="form-group">
<label for="vhost_proxy_protocol_https_port" class="col-sm-3 control-label">{tmpl_var name='vhost_proxy_protocol_https_port_txt'}</label>
<div class="col-sm-9"><input type="text" name="vhost_proxy_protocol_https_port" id="vhost_proxy_protocol_https_port" value="{tmpl_var name='vhost_proxy_protocol_https_port'}" class="form-control"/></div>
</div>
<div class="form-group apache">
<label for="vhost_conf_dir" class="col-sm-3 control-label">{tmpl_var name='vhost_conf_dir_txt'}</label>
<div class="col-sm-9"><input type="text" name="vhost_conf_dir" id="vhost_conf_dir" value="{tmpl_var name='vhost_conf_dir'}" class="form-control" /></div></div>
......
......@@ -766,6 +766,12 @@ if($_SESSION["s"]["user"]["typ"] == 'admin'
'width' => '30',
'maxlength' => '255'
),
'proxy_protocol' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'y',
'value' => array(0 => 'n',1 => 'y')
),
'php_fpm_use_socket' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
......
......@@ -153,4 +153,5 @@ $wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
$wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -158,4 +158,5 @@ $wb['enable_pagespeed_txt'] = 'Habilitar PageSpeed';
$wb['log_retention_txt'] = 'Tempo de retenção do log de arquivos';
$wb['log_retention_error_regex'] = 'Tempo de retenção em dias (valores permitidos: mínimo 0, máximo 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Cota de disco não pode ser configurada para 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
$wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
$wb['log_retention_txt'] = 'Log-Dateien Aufbewahrungszeit';
$wb['log_retention_error_regex'] = 'Aufbewahrungszeit in Tagen (Erlaubte Werte: min. 0 - max. 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota kann nicht 0 sein.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
$wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
$wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -158,4 +158,5 @@ $wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
$wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
$wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
$wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['enable_pagespeed_txt'] = 'Enable PageSpeed';
$wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -153,4 +153,5 @@ $wb['log_retention_txt'] = 'Logfiles retention time';
$wb['log_retention_error_regex'] = 'Retention time in days (allowed values: min. 0 - max. 9999)';
$wb['domain_error_acme_invalid'] = 'Domain name acme.invalid not permitted.';
$wb['limit_web_quota_not_0_txt'] = 'Harddisk Quota cannot be set to 0.';
$wb['proxy_protocol_txt'] = 'Enable PROXY Protocol';
?>
......@@ -49,7 +49,13 @@
<div class="form-group nginx">
<label for="https_port" class="col-sm-3 control-label">{tmpl_var name='https_port_txt'}</label>
<div class="col-sm-9"><input name="https_port" id="https_port" value="{tmpl_var name='https_port'}" type="text" class="form-control" /></div>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='proxy_protocol_txt'}</label>
<div class="col-sm-9">
{tmpl_var name='proxy_protocol'}
</div>
</div>
<div class="phpfpm">
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='php_fpm_use_socket_txt'}</label>
......
server {
listen <tmpl_var name='ip_address'>:<tmpl_var name='http_port'>;
<tmpl_if name='proxy_protocol' op='==' value='y'>
<tmpl_if name='proxy_protocol_http' op='>' value='0'>
listen <tmpl_var name='ip_address'>:<tmpl_var name='proxy_protocol_http'> proxy_protocol;
</tmpl_if>
</tmpl_if>
<tmpl_if name='ipv6_enabled'>
listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='http_port'>;
</tmpl_if>
......@@ -8,6 +13,11 @@ server {
</tmpl_if>
<tmpl_if name='ssl_enabled'>
listen <tmpl_var name='ip_address'>:<tmpl_var name='https_port'> ssl{tmpl_if name='enable_http2' op='==' value='y'} http2{/tmpl_if}{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};
<tmpl_if name='proxy_protocol' op='==' value='y'>
<tmpl_if name='proxy_protocol_https' op='>' value='0'>
listen <tmpl_var name='ip_address'>:<tmpl_var name='proxy_protocol_https'> ssl proxy_protocol;
</tmpl_if>
</tmpl_if>
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
# ssl_prefer_server_ciphers on;
......
......@@ -12,6 +12,19 @@
<tmpl_loop name='vhosts'>
<VirtualHost {tmpl_var name='ip_address'}:{tmpl_var name='port'}>
<tmpl_if name='proxy_protocol' op='==' value='y'>
<tmpl_if name='apache_version' op='>=' value='2.4.30' format='version'>
<IfModule mod_remoteip.c>
RemoteIPProxyProtocol On
</IfModule>
</tmpl_else>
<IfModule mod_proxy_protocol.c>
ProxyProtocol On
</IfModule>
</tmpl_if>
</tmpl_if>
<tmpl_hook name='apache2_vhost:vhost_header'>
<tmpl_if name='php' op='==' value='suphp'>
DocumentRoot <tmpl_var name='web_document_root'>
......
......@@ -1675,6 +1675,16 @@ class apache2_plugin {
if(count($rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
if(count($alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $alias_seo_redirects);
$vhosts[] = $tmp_vhost_arr;
//if proxy protocol is enabled we need to add a new port to lsiten to
if($web_config['vhost_proxy_protocol_enabled'] == 'y' && $data['new']['proxy_protocol'] == 'y'){
if((int)$web_config['vhost_proxy_protocol_http_port'] > 0) {
$tmp_vhost_arr['port'] = (int)$web_config['vhost_proxy_protocol_http_port'];
$tmp_vhost_arr['proxy_protocol'] = $data['new']['proxy_protocol'];
$vhosts[] = $tmp_vhost_arr;
}
}
unset($tmp_vhost_arr);
//* Add vhost for ipv4 IP with SSL
......@@ -1689,6 +1699,16 @@ class apache2_plugin {
}
if(count($ipv4_ssl_alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $ipv4_ssl_alias_seo_redirects);
$vhosts[] = $tmp_vhost_arr;
//if proxy protocol is enabled we need to add a new port to lsiten to
if($web_config['vhost_proxy_protocol_enabled'] == 'y' && $data['new']['proxy_protocol'] == 'y'){
if((int)$web_config['vhost_proxy_protocol_https_port'] > 0) {
$tmp_vhost_arr['port'] = (int)$web_config['vhost_proxy_protocol_https_port'];
$tmp_vhost_arr['proxy_protocol'] = $data['new']['proxy_protocol'];
$vhosts[] = $tmp_vhost_arr;
}
}
unset($tmp_vhost_arr, $ipv4_ssl_alias_seo_redirects);
$app->log('Enable SSL for: '.$domain, LOGLEVEL_DEBUG);
}
......
......@@ -1519,6 +1519,15 @@ class nginx_plugin {
}
unset($tmp_output, $tmp_retval);
}
//proxy protocol settings
if($web_config['vhost_proxy_protocol_enabled'] == "y"){