diff --git a/src/nginxconfig.ejs b/src/nginxconfig.ejs index eb2958e7f..0dd7e7b07 100644 --- a/src/nginxconfig.ejs +++ b/src/nginxconfig.ejs @@ -42,7 +42,7 @@ server { # for default server, serve the notfound page. for other endpoints, redirect to HTTPS location / { -<% if ( endpoint === 'admin' || endpoint === 'setup' ) { %> +<% if ( endpoint === 'dashboard' || endpoint === 'setup' ) { %> return 301 https://$host$request_uri; <% } else if ( endpoint === 'app' ) { %> return 301 https://$host$request_uri; @@ -128,8 +128,8 @@ server { # enable for proxied requests as well gzip_proxied any; -<% if ( endpoint === 'admin' || endpoint === 'ip' || endpoint === 'setup' ) { -%> - # CSP headers for the admin/dashboard resources +<% if ( endpoint === 'dashboard' || endpoint === 'ip' || endpoint === 'setup' ) { -%> + # CSP headers for the dashboard resources add_header Content-Security-Policy "default-src 'none'; frame-src 'self' cloudron.io *.cloudron.io; connect-src wss: https: 'self' *.cloudron.io; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data:; style-src https: 'unsafe-inline'; object-src 'none'; font-src https: 'self'; frame-ancestors 'none'; base-uri 'none'; form-action 'self';"; <% } else { %> <% if (cspQuoted) { %> @@ -172,7 +172,7 @@ server { } location @wellknown-upstream { -<% if ( endpoint === 'admin' ) { %> +<% if ( endpoint === 'dashboard' ) { %> proxy_pass http://127.0.0.1:3000; <% } else if ( endpoint === 'app' ) { %> proxy_pass http://<%= ip %>:<%= port %>; @@ -208,7 +208,7 @@ server { } <% } %> -<% if ( endpoint === 'admin' || endpoint === 'setup' ) { %> +<% if ( endpoint === 'dashboard' || endpoint === 'setup' ) { %> location /api/ { proxy_pass http://127.0.0.1:3000; client_max_body_size 1m; diff --git a/src/reverseproxy.js b/src/reverseproxy.js index 18860841d..1a57f24d3 100644 --- a/src/reverseproxy.js +++ b/src/reverseproxy.js @@ -402,10 +402,9 @@ function writeDashboardNginxConfig(bundle, configFileName, vhost, callback) { const data = { sourceDir: path.resolve(__dirname, '..'), - adminOrigin: settings.dashboardOrigin(), vhost: vhost, hasIPv6: sysinfo.hasIPv6(), - endpoint: 'admin', + endpoint: 'dashboard', certFilePath: bundle.certFilePath, keyFilePath: bundle.keyFilePath, robotsTxtQuoted: JSON.stringify('User-agent: *\nDisallow: /\n'), @@ -429,12 +428,12 @@ function writeDashboardConfig(domain, callback) { domains.get(domain, function (error, domainObject) { if (error) return callback(error); - const adminFqdn = domains.fqdn(constants.DASHBOARD_LOCATION, domainObject); + const dashboardFqdn = domains.fqdn(constants.DASHBOARD_LOCATION, domainObject); - getCertificatePath(adminFqdn, domainObject.domain, function (error, bundle) { + getCertificatePath(dashboardFqdn, domainObject.domain, function (error, bundle) { if (error) return callback(error); - writeDashboardNginxConfig(bundle, `${adminFqdn}.conf`, adminFqdn, callback); + writeDashboardNginxConfig(bundle, `${dashboardFqdn}.conf`, dashboardFqdn, callback); }); }); } @@ -459,7 +458,6 @@ function writeAppNginxConfig(app, fqdn, bundle, callback) { const data = { sourceDir: sourceDir, - adminOrigin: settings.dashboardOrigin(), vhost: fqdn, hasIPv6: sysinfo.hasIPv6(), ip: app.containerIp, @@ -716,7 +714,6 @@ function writeDefaultConfig(options, callback) { const data = { sourceDir: path.resolve(__dirname, '..'), - adminOrigin: settings.dashboardOrigin(), vhost: '', hasIPv6: sysinfo.hasIPv6(), endpoint: options.activated ? 'ip' : 'setup',