Robosats/robosats-deploy
1
0
Fork 0
mirror of https://github.com/RoboSats/robosats-deploy.git synced 2025-08-09 11:30:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2 from KoalaSat/block-admin-public-onion

Browse Source 
Block admin in public onion
This commit is contained in:
KoalaSat
2024-07-07 13:36:04 +00:00
committed by GitHub
parent e72ae347bb 4285a176fa
commit 551a9e839b
2 changed files with 33 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
compose/nginx/mn.conf.d/local.conf
View File

@ -41,6 +41,21 @@ server {
limit_req zone=tenpersec burst=10;
}
location /coordinator {
# Blocks admin access from the public onion address
if ($host ~* "satstraoq35jffvkgpfoqld32nzw2siuvowanruindbfojowpwsjdgad.onion") {
return 403; # Forbidden
}
proxy_pass http://robosats_gunicorn_rest;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
# Replace with the onion hidden service of your coordinator
add_header Onion-Location https://satstraoq35jffvkgpfoqld32nzw2siuvowanruindbfojowpwsjdgad.onion$request_uri;
}
location /ws/ {
# websockets are passed to Daphne

19
compose/nginx/tn.conf.d/local.conf
View File

@ -18,7 +18,7 @@ upstream robosats_daphne_websocket {
server {
listen 80;
server_name testnet.robosats.com;
server_name satstralia.com;
large_client_header_buffers 4 64k;
location /static {
@ -36,10 +36,25 @@ server {
proxy_set_header Host $host;
proxy_redirect off;
# Replace with the onion hidden service of your coordinator
add_header Onion-Location https://qu6xztmzhlve6nxbb77jldek53pvhkaltz6seni7wq6g6yyj233qp4yd.onion$request_uri;
add_header Onion-Location https://testraliar7xkhos2gipv2k65obykofb4jqzl5l4danfryacifi4t7qd.onion$request_uri;
limit_req zone=fivepersec burst=10;
}
location /coordinator {
# Blocks admin access from the public onion address
if ($host ~* "testraliar7xkhos2gipv2k65obykofb4jqzl5l4danfryacifi4t7qd.onion") {
return 403; # Forbidden
}
proxy_pass http://robosats_gunicorn_rest;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
# Replace with the onion hidden service of your coordinator
add_header Onion-Location https://testraliar7xkhos2gipv2k65obykofb4jqzl5l4danfryacifi4t7qd.onion$request_uri;
}
location /ws/ {
# websockets are passed to Daphne
proxy_pass http://robosats_daphne_websocket;