hilfe mein git ist komisch
This commit is contained in:
cutemeli
98
etc/sw-cp-server/conf.d/plesk_site_preview.conf
Normal file
98
etc/sw-cp-server/conf.d/plesk_site_preview.conf
Normal file
@@ -0,0 +1,98 @@
|
||||
server {
|
||||
listen 127.0.0.1:8880;
|
||||
server_name plesk-site-preview.local;
|
||||
|
||||
location ~ ^/plesk-site-preview/(?P<internal_host>.*?)/(?P<internal_scheme>https?)/(?P<internal_ip>.*?)/(?P<internal_uri>.*)$ {
|
||||
# Validate parts of uri to avoid injections
|
||||
if ($internal_host !~ "^[A-Za-z0-9]([A-Za-z0-9\-]{0,61}[A-Za-z0-9]){0,1}(\.[A-Za-z0-9]([A-Za-z0-9\-]{0,61}[A-Za-z0-9]){0,1}){1,}$") {
|
||||
return 400;
|
||||
}
|
||||
if ($internal_ip !~ "^[A-Fa-f0-9\.\:\[\]]+$") {
|
||||
return 400;
|
||||
}
|
||||
if ($internal_uri ~ "^server-status(/.*)?$") {
|
||||
return 400;
|
||||
}
|
||||
|
||||
set $dst_path "/plesk-site-preview/$internal_host/$internal_scheme/$internal_ip/";
|
||||
set $public_scheme "http";
|
||||
if ($http_x_forwarded_proto = 'https') {
|
||||
set $public_scheme "https";
|
||||
}
|
||||
set $public_ip "";
|
||||
|
||||
access_by_lua '
|
||||
local ip_map = io.open("/etc/sw-cp-server/conf.d/ip_mapping.inc")
|
||||
if (ip_map == nil) then
|
||||
ip_map = io.open("/etc/sw-cp-server/conf.d/trusted_ips.inc")
|
||||
end
|
||||
if (ip_map == nil) then
|
||||
ngx.log(ngx.ERR, "Could not find IP map file")
|
||||
ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR)
|
||||
end
|
||||
|
||||
function filter_plesk_cookie()
|
||||
local headers = ngx.req.get_headers()
|
||||
if headers == nil or headers["Cookie"] == nil then
|
||||
return
|
||||
end
|
||||
local cookie = headers["Cookie"]
|
||||
local black_list = {"PLESKSESSID[^=]*", "SBSESSION", "phpMyAdmin", "PPA_ID", "plesk%-[^=]*"}
|
||||
for k, v in pairs(black_list) do
|
||||
cookie = cookie:gsub("%s?" .. v .. "=[^;]*;?", ""):gsub("^%s*(.-);?$", "%1")
|
||||
end
|
||||
ngx.req.set_header("Cookie", cookie)
|
||||
end
|
||||
|
||||
for ips in ip_map:lines() do
|
||||
local internal_ip, public_ip = ips:match("([^,]*),?([^,]*)")
|
||||
if internal_ip == ngx.var.internal_ip then
|
||||
ngx.var.public_ip = public_ip ~= "" and public_ip or internal_ip
|
||||
ip_map:close()
|
||||
filter_plesk_cookie()
|
||||
return
|
||||
end
|
||||
end
|
||||
ip_map:close()
|
||||
ngx.log(ngx.ERR, "Forbidden for IP: " .. ngx.var.internal_ip)
|
||||
ngx.exit(ngx.HTTP_FORBIDDEN)
|
||||
';
|
||||
|
||||
rewrite ^/(.*)$ /$internal_uri break;
|
||||
proxy_pass $internal_scheme://$internal_ip;
|
||||
proxy_redirect http://$internal_host/ $public_scheme://$public_ip$dst_path;
|
||||
proxy_redirect https://$internal_host/ $public_scheme://$public_ip/plesk-site-preview/$internal_host/https/$internal_ip/;
|
||||
proxy_redirect https://$internal_host:443/ $public_scheme://$public_ip/plesk-site-preview/$internal_host/https/$internal_ip/;
|
||||
proxy_redirect http://www.$internal_host/ $public_scheme://$public_ip/plesk-site-preview/www.$internal_host/http/$internal_ip/;
|
||||
proxy_redirect https://www.$internal_host/ $public_scheme://$public_ip/plesk-site-preview/www.$internal_host/https/$internal_ip/;
|
||||
proxy_redirect https://www.$internal_host:443/ $public_scheme://$public_ip/plesk-site-preview/www.$internal_host/https/$internal_ip/;
|
||||
proxy_cookie_domain ~^.*$ $host;
|
||||
proxy_cookie_path / $dst_path;
|
||||
proxy_set_header Host $internal_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Accept-Encoding "";
|
||||
proxy_set_header Is-SitePreview "1";
|
||||
add_header X-Robots-Tag "noindex,nofollow";
|
||||
header_filter_by_lua 'ngx.header.content_length = nil';
|
||||
|
||||
body_filter_by_lua '
|
||||
local response_body = ngx.arg[1]
|
||||
local src_address = "https?://" .. ngx.var.internal_host:gsub("[%-%.%+%[%]%(%)%$%^%%%?%*]", "%%%1") .. "/?"
|
||||
local dst_address = ngx.var.public_scheme .. "://" .. ngx.var.public_ip .. ngx.var.dst_path
|
||||
response_body = response_body:gsub(src_address, dst_address)
|
||||
response_body = response_body:gsub("(src%s*=%s*[\\"\']?)/([^/])", "%1" .. ngx.var.dst_path .. "%2")
|
||||
response_body = response_body:gsub("(href%s*=%s*[\\"\']?)/([^/])", "%1" .. ngx.var.dst_path .. "%2")
|
||||
response_body = response_body:gsub("(action%s*=%s*[\\"\']?)/([^/])", "%1" .. ngx.var.dst_path .. "%2")
|
||||
response_body = response_body:gsub("(url%(%s*[\\"\']?)/([^/])", "%1" .. ngx.var.dst_path .. "%2")
|
||||
response_body = response_body:gsub("(url%(%s*")/([^/])", "%1" .. ngx.var.dst_path .. "%2")
|
||||
response_body = response_body:gsub("(srcset%s*=%s*[\\"\']?)/", "data-plesk-site-preview-ignore-%1/")
|
||||
ngx.arg[1] = response_body
|
||||
';
|
||||
}
|
||||
|
||||
location ~ ^/plesk-site-preview/(.*?)/(.*?)/(.*?)$ {
|
||||
rewrite ^ $uri/ last;
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user