Merge branch 'master' of https://github.com/Ylianst/MeshCentral

2025-02-05 02:38:05 -05:00 · 2022-08-17 14:15:06 -07:00 · 2022-08-17 14:15:06 -07:00 · 7c27537c20
commit 7c27537c20
parent 4092615c63 161f6977b4
2 changed files with 108 additions and 0 deletions
--- a/.github/ISSUE_TEMPLATE/question.md
+++ b/.github/ISSUE_TEMPLATE/question.md
@ -0,0 +1,68 @@
 ---
 name: Question
 about: Create a question for community help
 title: ''
 labels: question
 assignees: ''
 ---
 **Describe your issue**
 A clear and concise description of what your issue is.
 **Screenshots**
 If applicable, add screenshots to help explain your problem.
 **Server Software (please complete the following information):**
 - OS: [e.g. Ubuntu]
 - Virtualization: [e.g. Docker]
 - Network: [e.g. LAN/WAN, reverse proxy, cloudflare, ssl offload, etc...]
 - Version: [e.g. 1.0.43]
 - Node: [e.g. 18.4.0]
 **Client Device (please complete the following information):**
 - Device: [e.g. Laptop]
 - OS: [e.g. Ubuntu]
 - Network: [e.g. Local to Meshcentral, Remote over WAN]
 - Browser: [e.g. Google Chrome]
 - MeshCentralRouter Version: [if applicable]
 **Remote Device (please complete the following information):**
 - Device: [e.g. Laptop]
 - OS: [e.g. Windows 10 21H2]
 - Network: [e.g. Local to Meshcentral, Remote over WAN]
 - Current Core Version (if known): [**HINT**: Go to a device then `console` Tab then type `info`]
 **Your config.json file**
 ```
 {
  "$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
  "__comment1__": "This is a simple configuration file, all values and sections that start with underscore (_) are ignored. Edit a section and remove the _ in front of the name. Refer to the user's guide for details.",
  "__comment2__": "See node_modules/meshcentral/sample-config-advanced.json for a more advanced example.",
  "settings": {
    "_cert": "myserver.mydomain.com",
    "_WANonly": true,
    "_LANonly": true,
    "_sessionKey": "MyReallySecretPassword1",
    "_port": 443,
    "_aliasPort": 443,
    "_redirPort": 80,
    "_redirAliasPort": 80
  },
  "domains": {
    "": {
      "_title": "MyServer",
      "_title2": "Servername",
      "_minify": true,
      "_newAccounts": true,
      "_userNameIsEmail": true
    }
  },
  "_letsencrypt": {
    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before trying Let's Encrypt.",
    "email": "myemail@mydomain.com",
    "names": "myserver.mydomain.com",
    "production": false
  }
 }
 ```
--- a/configs/haproxy-with-sni-sample.cfg
+++ b/configs/haproxy-with-sni-sample.cfg
@ -0,0 +1,40 @@
 # Uses proxy protocol in HAProxy in combination with SNI to preserve the original host address
 # Update the config.json to work with HAProxy
 # 
 # Specify the hostname and port that has the public certificate
 # "tlsOffload": "https://mc.publicdomain.com:443",
 # 
 # Specify the IP address of the HAProxy instance (this might not be the address that is bound to the listener).
 # "TrustedProxy": "10.1.1.10",
 frontend sni-front
        bind 10.1.1.10:443
        mode tcp
        tcp-request inspect-delay 5s
        tcp-request content accept if { req_ssl_hello_type 1 }
        default_backend sni-back
 backend sni-back
        mode tcp
        acl gitlab-sni req_ssl_sni -i gitlab.publicdomain.com
        acl mc-sni req_ssl_sni -i mc.publicdomain.com
        use-server gitlabSNI if gitlab-sni
        use-server mc-SNI if mc-sni
        server mc-SNI 10.1.1.10:1443 send-proxy-v2-ssl-cn
 frontend mc-front-HTTPS
        mode http
        option forwardfor
        bind 10.1.1.10:1443 ssl crt /etc/haproxy/vm.publicdomain.net.pem accept-proxy
        http-request set-header X-Forwarded-Proto https
        option tcpka
        default_backend mc-back-HTTP
 backend mc-back-HTTPS
        mode http
        option forwardfor
        http-request add-header X-Forwarded-Host %[req.hdr(Host)]
        option http-server-close
        server mc-01 10.1.1.30:443 check port 443 verify none