Add http-ingress config directive
Co-authored-by: delthas <delthas@dille.cc>
This commit is contained in:
parent
b76cb6d5e6
commit
fd4aa892b2
|
@ -104,6 +104,7 @@ func loadConfig() (*config.Server, *soju.Config, error) {
|
|||
MsgStoreDriver: raw.MsgStore.Driver,
|
||||
MsgStorePath: raw.MsgStore.Source,
|
||||
HTTPOrigins: raw.HTTPOrigins,
|
||||
HTTPIngress: raw.HTTPIngress,
|
||||
AcceptProxyIPs: raw.AcceptProxyIPs,
|
||||
MaxUserNetworks: raw.MaxUserNetworks,
|
||||
UpstreamUserIPs: raw.UpstreamUserIPs,
|
||||
|
|
|
@ -84,6 +84,7 @@ type Server struct {
|
|||
FileUpload *FileUpload
|
||||
|
||||
HTTPOrigins []string
|
||||
HTTPIngress string
|
||||
AcceptProxyIPs IPSet
|
||||
|
||||
MaxUserNetworks int
|
||||
|
@ -109,6 +110,7 @@ func Defaults() *Server {
|
|||
Auth: Auth{
|
||||
Driver: "internal",
|
||||
},
|
||||
HTTPIngress: "https://" + hostname,
|
||||
MaxUserNetworks: -1,
|
||||
}
|
||||
}
|
||||
|
@ -128,6 +130,7 @@ func Load(path string) (*Server, error) {
|
|||
Auth []string `scfg:"auth"`
|
||||
FileUpload []string `scfg:"file-upload"`
|
||||
HTTPOrigin []string `scfg:"http-origin"`
|
||||
HTTPIngress string `scfg:"http-ingress"`
|
||||
AcceptProxyIP []string `scfg:"accept-proxy-ip"`
|
||||
MaxUserNetworks int `scfg:"max-user-networks"`
|
||||
UpstreamUserIP []string `scfg:"upstream-user-ip"`
|
||||
|
@ -216,6 +219,11 @@ func Load(path string) (*Server, error) {
|
|||
srv.FileUpload = &FileUpload{driver, source}
|
||||
}
|
||||
srv.HTTPOrigins = raw.HTTPOrigin
|
||||
if raw.HTTPIngress != "" {
|
||||
srv.HTTPIngress = raw.HTTPIngress
|
||||
} else {
|
||||
srv.HTTPIngress = "https://" + srv.Hostname
|
||||
}
|
||||
for _, s := range raw.AcceptProxyIP {
|
||||
if s == "localhost" {
|
||||
srv.AcceptProxyIPs = append(srv.AcceptProxyIPs, loopbackIPs...)
|
||||
|
|
|
@ -160,6 +160,11 @@ The following directives are supported:
|
|||
By default, only the request host is authorized. Use this directive to
|
||||
enable cross-origin WebSockets.
|
||||
|
||||
*http-ingress* <url>
|
||||
External URL on which HTTPS listeners are exposed.
|
||||
|
||||
By default, this is _https://<hostname>_.
|
||||
|
||||
*accept-proxy-ip* <cidr...>
|
||||
Allow the specified IPs to act as a proxy. Proxys have the ability to
|
||||
overwrite the remote and local connection addresses (via the PROXY protocol,
|
||||
|
|
|
@ -1474,7 +1474,7 @@ func (dc *downstreamConn) welcome(ctx context.Context, user *user) error {
|
|||
isupport = append(isupport, "VAPID="+dc.srv.webPush.VAPIDKeys.Public)
|
||||
}
|
||||
if dc.srv.Config().FileUploader != nil {
|
||||
isupport = append(isupport, "soju.im/FILEHOST=https://"+dc.srv.Config().Hostname+"/upload")
|
||||
isupport = append(isupport, "soju.im/FILEHOST="+dc.srv.Config().HTTPIngress+"/upload")
|
||||
}
|
||||
|
||||
if uc := dc.upstream(); uc != nil {
|
||||
|
|
Loading…
Reference in a new issue