feat: 反代回源 SNI 支持设置 proxy_ssl_name (#6659)

Refs https://github.com/1Panel-dev/1Panel/issues/5960
1 month ago · e069db3c45
5 changed files with 32 additions and 16 deletions
--- a/backend/app/dto/request/website.go
+++ b/backend/app/dto/request/website.go
@ -175,21 +175,22 @@ type WebsiteUpdateDirPermission struct {
 }

 type WebsiteProxyConfig struct {
-	ID        uint              `json:"id" validate:"required"`
-	Operate   string            `json:"operate" validate:"required"`
-	Enable    bool              `json:"enable" `
-	Cache     bool              `json:"cache" `
-	CacheTime int               `json:"cacheTime"  `
-	CacheUnit string            `json:"cacheUnit"`
-	Name      string            `json:"name" validate:"required"`
-	Modifier  string            `json:"modifier"`
-	Match     string            `json:"match" validate:"required"`
-	ProxyPass string            `json:"proxyPass" validate:"required"`
-	ProxyHost string            `json:"proxyHost" validate:"required"`
-	Content   string            `json:"content"`
-	FilePath  string            `json:"filePath"`
-	Replaces  map[string]string `json:"replaces"`
-	SNI       bool              `json:"sni"`
+	ID           uint              `json:"id" validate:"required"`
+	Operate      string            `json:"operate" validate:"required"`
+	Enable       bool              `json:"enable" `
+	Cache        bool              `json:"cache" `
+	CacheTime    int               `json:"cacheTime"  `
+	CacheUnit    string            `json:"cacheUnit"`
+	Name         string            `json:"name" validate:"required"`
+	Modifier     string            `json:"modifier"`
+	Match        string            `json:"match" validate:"required"`
+	ProxyPass    string            `json:"proxyPass" validate:"required"`
+	ProxyHost    string            `json:"proxyHost" validate:"required"`
+	Content      string            `json:"content"`
+	FilePath     string            `json:"filePath"`
+	Replaces     map[string]string `json:"replaces"`
+	SNI          bool              `json:"sni"`
+	ProxySSLName string            `json:"proxySSLName"`
 }

 type WebsiteProxyReq struct {
--- a/backend/app/service/website.go
+++ b/backend/app/service/website.go
@ -1667,6 +1667,9 @@ func (w WebsiteService) OperateProxy(req request.WebsiteProxyConfig) (err error)
 	}
 	if req.SNI {
 		location.UpdateDirective("proxy_ssl_server_name", []string{"on"})
+		if req.ProxySSLName != "" {
+			location.UpdateDirective("proxy_ssl_name", []string{req.ProxySSLName})
+		}
 	} else {
 		location.UpdateDirective("proxy_ssl_server_name", []string{"off"})
 	}
@ -1749,6 +1752,9 @@ func (w WebsiteService) GetProxies(id uint) (res []request.WebsiteProxyConfig, e
 			if directive.GetName() == "proxy_ssl_server_name" {
 				proxyConfig.SNI = directive.GetParameters()[0] == "on"
 			}
+			if directive.GetName() == "proxy_ssl_name" {
+				proxyConfig.ProxySSLName = directive.GetParameters()[0]
+			}
 		}
 		res = append(res, proxyConfig)
 	}
--- a/cmd/server/nginx_conf/proxy.conf
+++ b/cmd/server/nginx_conf/proxy.conf
@ -11,4 +11,5 @@ location ^~ /test {
    add_header X-Cache $upstream_cache_status;
    add_header Cache-Control no-cache; 
    proxy_ssl_server_name off; 
+    proxy_ssl_name $proxy_host;
 }
--- a/frontend/src/api/interface/website.ts
+++ b/frontend/src/api/interface/website.ts
@ -373,6 +373,8 @@ export namespace Website {
        content?: string;
        proxyAddress?: string;
        proxyProtocol?: string;
+        sni: boolean;
+        proxySSLName: string;
    }

    export interface ProxReplace {
--- a/frontend/src/views/website/website/config/basic/proxy/create/index.vue
+++ b/frontend/src/views/website/website/config/basic/proxy/create/index.vue
@ -31,6 +31,9 @@
                        <el-switch v-model="proxy.sni"></el-switch>
                        <span class="input-help">{{ $t('website.sniHelper') }}</span>
                    </el-form-item>
+                    <el-form-item label="proxy_ssl_name" prop="proxySSLName" v-if="proxy.sni">
+                        <el-input v-model.trim="proxy.proxySSLName"></el-input>
+                    </el-form-item>
                    <el-form-item :label="$t('website.cacheTime')" prop="cacheTime" v-if="proxy.cache">
                        <el-input v-model.number="proxy.cacheTime" maxlength="15">
                            <template #append>
@ -47,7 +50,7 @@
                    </el-form-item>
                    <el-row :gutter="10">
                        <el-col :span="12">
-                            <el-form-item :label="$t('website.proxyPass')" prop="proxyPass">
+                            <el-form-item :label="$t('website.proxyPass')" prop="proxyAddress">
                                <el-input
                                    v-model.trim="proxy.proxyAddress"
                                    :placeholder="$t('website.proxyHelper')"
@ -139,6 +142,7 @@ const rules = ref({
    cacheTime: [Rules.requiredInput, checkNumberRange(1, 65535)],
    proxyPass: [Rules.requiredInput],
    proxyHost: [Rules.requiredInput],
+    proxyAddress: [Rules.requiredInput],
 });
 const open = ref(false);
 const loading = ref(false);
@ -159,6 +163,8 @@ const initData = (): Website.ProxyConfig => ({
    replaces: {},
    proxyAddress: '',
    proxyProtocol: 'http://',
+    sni: false,
+    proxySSLName: '$proxy_host',
 });
 let proxy = ref(initData());
 const replaces = ref<any>([]);