diff --git a/README.MD b/README.MD index 87edb20..6c846ad 100644 --- a/README.MD +++ b/README.MD @@ -18,7 +18,6 @@ Improvements in this fork: - Choose protection modes "none", "pow" or "pow+captcha" per-domain or per-domain+path, with paths taking priority. - Whitelist IPs/subnets. - Maintenance mode page for selected domains. -- Include dataplaneapi, to sync map files to disk if edited during runtime. - In POW only mode, provide instructions and an encoded script to find the solution. - Many bugfixes. @@ -32,10 +31,11 @@ Add some env vars to docker-compose file: - RECAPTCHA_SECRET - your recaptcha secret key - CAPTCHA_COOKIE_SECRET - random string, a salt for captcha cookies - POW_COOKIE_SECRET - different random string, a salt for pow cookies +- HMAC_COOKIE_SECRET - different random string, a salt for pow cookies - RAY_ID - string to identify the HAProxy node by - BUCKET_DURATION - how long between bucket changes, invalidating cookies -- BACKEND_NAME - name of backend to build from hosts.map -- SERVER_PREFIX - prefix of server names used in server-template +- BACKEND_NAME - Optional, name of backend to build from hosts.map +- SERVER_PREFIX - Optional, prefix of server names used in server-template Add a domain name + backend IP to `haproxy/hosts.map` like: ```plain @@ -58,7 +58,6 @@ Before installing the tool, ensure that HAProxy is built with Lua support and ve - Copy [haproxy.cfg](haproxy/haproxy.cfg) to /etc/haproxy - Edit the `lua-load` directive to be the absolute path to [register.lua](src/scripts/register.lua) - Edit the paths of challenge.js and worker.js in the `http-request return` directive to the absolut path to the respective files in the haproxy/js folder -- Copy [dataplaneapi.hcl](haproxy/dataplaneapi.hcl) to /etc/haproxy - Copy or link [scripts](src/scripts) to /etc/haproxy/scripts - Copy or link [libs](src/libs) to /etc/haproxy/libs (or a path where Lua looks for modules). - Copy the map files from the haproxy folder to /etc/haproxy diff --git a/docker-compose.yml b/docker-compose.yml index 84feedd..b517855 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -18,7 +18,6 @@ services: - ./haproxy/blocked.map:/etc/haproxy/blocked.map - ./haproxy/whitelist.map:/etc/haproxy/whitelist.map - ./haproxy/maintenance.map:/etc/haproxy/maintenance.map - - ./haproxy/dataplaneapi.hcl:/etc/haproxy/dataplaneapi.hcl - ./haproxy/trace.txt:/etc/haproxy/trace.txt - ./src/scripts/:/etc/haproxy/scripts/ - ./src/libs/:/etc/haproxy/libs/ diff --git a/haproxy/Dockerfile b/haproxy/Dockerfile index 945995c..cec691b 100644 --- a/haproxy/Dockerfile +++ b/haproxy/Dockerfile @@ -37,11 +37,6 @@ RUN set -eux; \ ; \ rm -rf /var/lib/apt/lists/*; \ \ - wget -O dataplaneapi_2.4.4_Linux_x86_64.tar.gz https://github.com/haproxytech/dataplaneapi/releases/download/v2.4.4/dataplaneapi_2.4.4_Linux_x86_64.tar.gz; \ - tar -zxvf dataplaneapi_2.4.4_Linux_x86_64.tar.gz; \ - chmod +x build/dataplaneapi; \ - cp build/dataplaneapi /usr/local/bin/; \ - \ wget -O haproxy.tar.gz "$HAPROXY_URL"; \ # echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c; \ mkdir -p /usr/src/haproxy; \ diff --git a/haproxy/dataplaneapi.hcl b/haproxy/dataplaneapi.hcl deleted file mode 100644 index 97a9094..0000000 --- a/haproxy/dataplaneapi.hcl +++ /dev/null @@ -1,29 +0,0 @@ -config_version = 2 - -name = "meet_bedbug" - -mode = "single" - -dataplaneapi { - user "admin" { - insecure = true - password = "adminpwd" - } - - transaction { - transaction_dir = "/tmp/haproxy" - } - - advertised {} -} - -haproxy { - config_file = "/etc/haproxy/haproxy.cfg" - haproxy_bin = "/usr/local/sbin/haproxy" - - reload { - reload_delay = 5 - reload_cmd = "service haproxy reload" - restart_cmd = "service haproxy restart" - } -} diff --git a/haproxy/haproxy.cfg b/haproxy/haproxy.cfg index 5135127..22e77cc 100644 --- a/haproxy/haproxy.cfg +++ b/haproxy/haproxy.cfg @@ -13,10 +13,6 @@ defaults timeout client 50000ms timeout server 50000ms -program api - command dataplaneapi -f /etc/haproxy/dataplaneapi.hcl --update-map-files - no option start-on-reload - frontend http-in bind *:80 diff --git a/img/captcha.png b/img/captcha.png index 3fe498e..19545a7 100644 Binary files a/img/captcha.png and b/img/captcha.png differ diff --git a/img/nocaptcha.png b/img/nocaptcha.png index 6abbb02..4de99d7 100644 Binary files a/img/nocaptcha.png and b/img/nocaptcha.png differ