From f157e6a7f47da644d69019511ab0bf594558ff35 Mon Sep 17 00:00:00 2001 From: Jared Goodwin Date: Mon, 22 Apr 2019 07:24:02 -0700 Subject: [PATCH] Added KnownProxies configuration for using a proxy server on a different machine. --- README.md | 7 +++++-- Remotely_Server/CurrentVersion.txt | 2 +- Remotely_Server/Services/ApplicationConfig.cs | 1 + Remotely_Server/Startup.cs | 12 ++++++++++++ Remotely_Server/appsettings.json | 5 +++-- 5 files changed, 22 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index aef2e28a..45ff8440 100644 --- a/README.md +++ b/README.md @@ -38,11 +38,11 @@ The following steps will configure your Windows 10 machine for building the Remo ## Hosting a Server (Ubuntu) * Currently, only Ubuntu 18.04 is tested. The Linux server package will likely work with other distros after some alterations to the setup script. * Run Remotely_Server_Setup.sh (with sudo), which is in the [Utilities folder in source control](https://raw.githubusercontent.com/Jay-Rad/Remotely/master/Utilities/Remotely_Server_Install.sh). + * "App root" will be the directory in which the Remotely server files are placed (typically /var/www/remotely). * This script is only for Ubuntu 18.04. * The script installs the .NET Core runtime, as well as other dependencies. * Certbot is used in this script and will install an SSL certificate for your site. Your server needs to have a public domain name that is accessible from the internet for this to work. * More information: https://letsencrypt.org/, https://certbot.eff.org/ - * App root will be the above output folder. * Change values in appsettings.json for your environment. * After creating your account on the website, you can set "AllowSelfRegistration" to false in appsettings.json to disable registration. * Documentation for hosting behind Nginx can be found here: https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-2.2 @@ -91,8 +91,10 @@ There are a few shortcut keys available when using the console. ## Configuration The following settings are available in appsettings.json. -* DefaultPrompt: The default prompt string you'll see for each line on the console. +Note: To retain your settings between upgrades, copy your settings to appsettings.Production.json, which will supersede the original. + +* DefaultPrompt: The default prompt string you'll see for each line on the console. * DBProvider: Determines which of the three connection strings (at the top) will be used. The appropriate DB provider for the database type is automatically loaded in code. * AllowSelfRegistration: Enable/disable the ability for people to create accounts. * RecordRemoteControlSessions: Whether or not to record remote control sessions. @@ -102,6 +104,7 @@ The following settings are available in appsettings.json. * RemoteControlSessionLimit: How many concurrent remote control sessions are allowed per organization. * AllowApiLogin: Whether to allow logging in via the API (see below). * TrustedCorsOrigins: For cross-origin API requests via JavaScript. The websites listed in this array with be allowed to make requests to the API. This does not grant authentication, which is still required on most endpoints. +* KnownProxies: If your Nginx server is on a different machine and is forwarding requests to the Remotely server, you will need to add the IP of the Nginx server to this array. * Smpt*: SMTP settings for auto-generated system emails (such as registration and password reset). ## API and Integrations diff --git a/Remotely_Server/CurrentVersion.txt b/Remotely_Server/CurrentVersion.txt index 7c684b34..2fa392a2 100644 --- a/Remotely_Server/CurrentVersion.txt +++ b/Remotely_Server/CurrentVersion.txt @@ -1 +1 @@ -2019.04.19.0635 +2019.04.22.0711 diff --git a/Remotely_Server/Services/ApplicationConfig.cs b/Remotely_Server/Services/ApplicationConfig.cs index d644189e..268ece25 100644 --- a/Remotely_Server/Services/ApplicationConfig.cs +++ b/Remotely_Server/Services/ApplicationConfig.cs @@ -25,6 +25,7 @@ namespace Remotely_Server.Services public bool AllowApiLogin => bool.Parse(Config["ApplicationOptions:AllowApiLogin"]); public bool UseHSTS => bool.Parse(Config["ApplicationOptions:RedirectToHTTPS"]); public string[] TrustedCorsOrigins => Config.GetSection("ApplicationOptions:TrustedCorsOrigins").Get(); + public string[] KnownProxies => Config.GetSection("ApplicationOptions:KnownProxies").Get(); public string SmtpHost => Config["ApplicationOptions:SmtpHost"]; public int SmtpPort => int.Parse(Config["ApplicationOptions:SmtpPort"]); public string SmtpUserName => Config["ApplicationOptions:SmtpUserName"]; diff --git a/Remotely_Server/Startup.cs b/Remotely_Server/Startup.cs index e99d2e6f..8ca70cb0 100644 --- a/Remotely_Server/Startup.cs +++ b/Remotely_Server/Startup.cs @@ -26,6 +26,7 @@ using Microsoft.AspNetCore.Identity.UI; using Microsoft.AspNetCore.Cors.Infrastructure; using Swashbuckle.AspNetCore.Swagger; using Newtonsoft.Json; +using System.Net; namespace Remotely_Server { @@ -97,6 +98,17 @@ namespace Remotely_Server }); } + var knownProxies = Configuration.GetSection("ApplicationOptions:KnownProxies").Get(); + if (knownProxies != null) + { + services.Configure(options => + { + foreach (var proxy in knownProxies) + { + options.KnownProxies.Add(IPAddress.Parse(proxy)); + } + }); + } services.AddMvcCore() .SetCompatibilityVersion(CompatibilityVersion.Version_2_2).AddJsonOptions(options => diff --git a/Remotely_Server/appsettings.json b/Remotely_Server/appsettings.json index eadd935a..2eb40b40 100644 --- a/Remotely_Server/appsettings.json +++ b/Remotely_Server/appsettings.json @@ -12,7 +12,7 @@ "ApplicationOptions": { "DefaultPrompt": "~>", "DBProvider": "SQLite", - "EnableWindowsEventLog": false, + "EnableWindowsEventLog": false, "AllowSelfRegistration": true, "RecordRemoteControlSessions": false, "RedirectToHTTPS": false, @@ -21,12 +21,13 @@ "RemoteControlSessionLimit": 1, "AllowApiLogin": false, "TrustedCorsOrigins": [], + "KnownProxies": [], "SmtpHost": "", "SmtpPort": 25, "SmtpUserName": "", "SmtpPassword": "", "SmtpEmail": "", "SmtpDisplayName": "", - "SmtpEnableSsl": true + "SmtpEnableSsl": true } } \ No newline at end of file