Fix guest portal and cleanup
This commit is contained in:
parent
112d654967
commit
07166ab337
|
@ -1 +1 @@
|
|||
Subproject commit df3e7fd52e5758d54c0dcad522260b1416d92884
|
||||
Subproject commit a1738a81645748892a34d990c6df07cd1b4815ad
|
|
@ -2,8 +2,6 @@ FROM alpine:latest AS builder
|
|||
|
||||
ARG UNIFI_VERSION=7.4.162
|
||||
|
||||
ENV JAVA_OPTS="-Djava.awt.headless=true"
|
||||
|
||||
RUN set -eu &&\
|
||||
apk --no-cache add curl ca-certificates unzip &&\
|
||||
cd /tmp &&\
|
||||
|
@ -14,6 +12,10 @@ RUN set -eu &&\
|
|||
FROM [[ .docker.repo ]][[ .docker.base_images.java11.image ]]
|
||||
MAINTAINER [[ .docker.maintainer ]]
|
||||
|
||||
ENV JAVA_OPTS="-Djava.awt.headless=true" \
|
||||
TZ=[[ .locale.tz ]] \
|
||||
LANG=[[ .locale.lang ]]
|
||||
|
||||
COPY --from=builder /tmp/UniFi /opt/unifi
|
||||
RUN set -eu &&\
|
||||
apk --no-cache upgrade &&\
|
||||
|
|
|
@ -9,20 +9,7 @@ server {
|
|||
server_tokens off;
|
||||
root /usr/share/html;
|
||||
|
||||
[[- range $id, $header := slice "X-Forwarded-Client-Cert"
|
||||
"X-Forwarded-Server"
|
||||
"X-Envoy-Expected-Rq-Timeout-Ms"
|
||||
"X-Envoy-Internal"
|
||||
"Sec-Ch-Ua"
|
||||
"Sec-Ch-Ua-Mobile"
|
||||
"Sec-Ch-Ua-Platform"
|
||||
"Sec-Fetch-Dest"
|
||||
"Sec-Fetch-Mode"
|
||||
"Sec-Fetch-Site"
|
||||
"Sec-Fetch-User"
|
||||
"Sec-Gpc"
|
||||
"Upgrade-Insecure-Requests"
|
||||
"Origin"
|
||||
[[- range $id, $header := slice "Origin"
|
||||
"Authorization" ]]
|
||||
proxy_set_header [[ $header ]] "";
|
||||
[[- end ]]
|
||||
|
@ -33,7 +20,9 @@ server {
|
|||
proxy_socket_keepalive on;
|
||||
client_max_body_size 100m;
|
||||
|
||||
|
||||
set_real_ip_from 127.0.0.1;
|
||||
real_ip_header X-Forwarded-For;
|
||||
real_ip_recursive on;
|
||||
|
||||
# Inform endpoint
|
||||
location ~ ^/(inform|dl/firmware-cached).* {
|
||||
|
@ -50,7 +39,7 @@ server {
|
|||
return 405;
|
||||
}
|
||||
proxy_set_header Host "[[ (urlParse .unifi.guest_portal.public_url).Hostname ]]";
|
||||
proxy_pass http://ubnt.lapiole.org:8880;
|
||||
proxy_pass https://localhost:8843;
|
||||
}
|
||||
|
||||
# Main console
|
||||
|
|
|
@ -6,7 +6,9 @@ job "unifi" {
|
|||
|
||||
network {
|
||||
mode = "bridge"
|
||||
port "stun" {}
|
||||
port "stun" {
|
||||
to = 3478
|
||||
}
|
||||
}
|
||||
|
||||
service {
|
||||
|
@ -18,9 +20,8 @@ job "unifi" {
|
|||
tags = [
|
||||
"[[ .traefik.instance ]].enable=true",
|
||||
|
||||
"[[ .traefik.instance ]].http.routers.unifi-inform[[ .env.suffix ]].rule=Host(`
|
||||
[[- (urlParse .unifi.inform.public_url).Hostname -]]
|
||||
`) && ((Path(`/inform`) && Method(`POST`)) || (PathPrefix(`/dl/firmware-cached`) && (Method(`GET`) || Method(`HEAD`))))",
|
||||
# Note : no Host as inform requests are sent without. But it's binded to the dedicated entrypoint anyway
|
||||
"[[ .traefik.instance ]].http.routers.unifi-inform[[ .env.suffix ]].rule=(Path(`/inform`) && Method(`POST`)) || (PathPrefix(`/dl/firmware-cached`) && (Method(`GET`) || Method(`HEAD`)))",
|
||||
"[[ .traefik.instance ]].http.routers.unifi-inform[[ .env.suffix ]].entrypoints=[[ join (merge .unifi.inform.traefik .traefik).entrypoints "," ]]",
|
||||
"[[ .traefik.instance ]].http.routers.unifi-inform[[ .env.suffix ]].middlewares=[[ template "common/traefik_middlewares.tpl" merge .unifi.inform.traefik .traefik ]]",
|
||||
|
||||
|
@ -56,8 +57,6 @@ job "unifi" {
|
|||
name = "unifi-mongo[[ .env.suffix ]]"
|
||||
port = 27017
|
||||
|
||||
[[ template "common/connect.tpl" dict "ctx" . "config" .unifi.mongo ]]
|
||||
|
||||
check {
|
||||
type = "script"
|
||||
command = "sh"
|
||||
|
|
|
@ -15,7 +15,7 @@ unifi:
|
|||
driver: docker
|
||||
|
||||
# The image for the controller
|
||||
image: danielberteaud/unifi:7.4.162-1
|
||||
image: danielberteaud/unifi:7.4.162-3
|
||||
|
||||
# Resource allocation for the controller
|
||||
resources:
|
||||
|
|
Loading…
Reference in New Issue