kopia lustrzana https://github.com/alecmuffett/eotk
commit: first cut
Alec Muffett
rodzic
6989b85628
commit
a99cef9b7a
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh
|
||||
exec perl -wx $0 "$@";
|
||||
#!perl
|
||||
# eotk (c) 2017-2021 Alec Muffett
|
||||
# eotk (c) 2017-2022 Alec Muffett
|
||||
|
||||
use Data::Dumper;
|
||||
|
||||
|
|
@ -586,6 +586,7 @@ sub DoProject {
|
|||
&SetEnv("suppress_header_hsts", 1); # 1 = elide completely
|
||||
&SetEnv("suppress_methods_except_get", 0); # 1 = GET/HEAD Only
|
||||
&SetEnv("suppress_tor2web", 1); # 1 = block access by tor2web sites
|
||||
|
||||
&SetEnv("template_tool", "$here/lib.d/expand-template.pl");
|
||||
&SetEnv("tor_single_onion", 1);
|
||||
&SetEnv("tor_syslog", "notice"); # https://www.torproject.org/docs/tor-manual.html.en
|
||||
|
|
@ -630,6 +631,7 @@ my @set_blank = qw(
|
|||
host_blacklist_re
|
||||
host_whitelist
|
||||
host_whitelist_re
|
||||
inject_headers_upstream
|
||||
inject_origin
|
||||
inject_referer
|
||||
kludge_disable_sri
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh
|
||||
exec perl -x $0 "$@";
|
||||
#!perl
|
||||
# eotk (c) 2017-2021 Alec Muffett
|
||||
# eotk (c) 2017-2022 Alec Muffett
|
||||
|
||||
my %known =
|
||||
(
|
||||
|
|
@ -52,6 +52,7 @@ my %known =
|
|||
'HOST_BLACKLIST_RE' => 1,
|
||||
'HOST_WHITELIST' => 1,
|
||||
'HOST_WHITELIST_RE' => 1,
|
||||
'INJECT_HEADERS_UPSTREAM' => 1,
|
||||
'INJECT_ORIGIN' => 1,
|
||||
'INJECT_REFERER' => 1,
|
||||
'IS_SOFTMAP' => 1,
|
||||
|
|
@ -97,6 +98,7 @@ my %known =
|
|||
'ONION_ADDRESS_RE6' => 1,
|
||||
'ONION_ADDRESS_RE8' => 1,
|
||||
'ONION_DIRNAME' => 1,
|
||||
'ONION_TRUNCATED' => 1,
|
||||
'ONION_VERSION' => 1,
|
||||
'ORIGIN_BLACKLIST' => 1,
|
||||
'ORIGIN_BLACKLIST_RE' => 1,
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
# -*- awk -*-
|
||||
# EMACS awk mode works quite well for nginx configs
|
||||
# eotk (c) 2017-2021 Alec Muffett
|
||||
# eotk (c) 2017-2022 Alec Muffett
|
||||
|
||||
# TODO LIST:
|
||||
|
||||
|
|
@ -787,6 +787,15 @@ http {
|
|||
# https://blog.g3rt.nl/nginx-add_header-pitfall.html
|
||||
|
||||
# request_rewrites and injections:
|
||||
%%IF %INJECT_HEADERS_UPSTREAM%
|
||||
# inject_headers_upstream
|
||||
%%CSV %INJECT_HEADERS_UPSTREAM%
|
||||
proxy_set_header %1% "%2%";
|
||||
%%ENDCSV
|
||||
%%ELSE
|
||||
# no inject_headers_upstream
|
||||
%%ENDIF
|
||||
|
||||
proxy_set_header X-From-Onion %X_FROM_ONION_VALUE%;
|
||||
proxy_set_header Host "${servernamesubdomain}%DNS_DOMAIN%";
|
||||
proxy_set_header Accept-Encoding "identity";
|
||||
|
|
|
|||
Ładowanie…
Reference in New Issue