Petro1990
/
rProxy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

фикс: v1.3.1 - устранение 504 Gateway Time-out и 403 Forbidden, улучшение стабильности SSH

This commit is contained in:
Petro1990 2026-03-13 19:24:18 +03:00
parent 22dfec1398
commit 4f4dda06a2
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
rproxy
View File

@ -3,7 +3,7 @@
# Публикация локальных сервисов через SSH-туннели + nginx на VPS # Публикация локальных сервисов через SSH-туннели + nginx на VPS
# http://5.104.75.50:3000/Petro1990/rProxy # http://5.104.75.50:3000/Petro1990/rProxy
VERSION="1.3.0" VERSION="1.3.1"
CONF_DIR="/opt/etc/rproxy" CONF_DIR="/opt/etc/rproxy"
CONF_FILE="$CONF_DIR/rproxy.conf" CONF_FILE="$CONF_DIR/rproxy.conf"
SERVICES_DIR="$CONF_DIR/services" SERVICES_DIR="$CONF_DIR/services"
@ -501,6 +501,11 @@ do_add_interactive() {
proxy_pass_request_body off; proxy_pass_request_body off;
proxy_set_header Content-Length \"\"; proxy_set_header Content-Length \"\";
proxy_set_header Authorization \$http_authorization; proxy_set_header Authorization \$http_authorization;
# Стелс-режим для авторизации
proxy_set_header Host \"$stealth_host\";
proxy_set_header Origin \"http://$stealth_host\";
proxy_set_header Referer \"http://$stealth_host/\";
} }
" "
fi fi
@ -1041,7 +1046,11 @@ do_start_service() {
local pid_file local pid_file
pid_file=$(get_pid_file "$name") pid_file=$(get_pid_file "$name")
local ssh_opts="-o StrictHostKeyChecking=no -o ServerAliveInterval=30 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes" msg "Синхронизация с VPS (очистка портов)..."
ssh_cmd "fuser -k $SVC_TUNNEL_PORT/tcp >/dev/null 2>&1 || true"
[ "$SVC_NDM_AUTH" = "yes" ] && ssh_cmd "fuser -k $((SVC_TUNNEL_PORT+1))/tcp >/dev/null 2>&1 || true"
local ssh_opts="-o StrictHostKeyChecking=no -o ServerAliveInterval=10 -o ServerAliveCountMax=3 -o ConnectTimeout=10 -o ExitOnForwardFailure=yes"
local tunnel_args="-R 0.0.0.0:$SVC_TUNNEL_PORT:$SVC_TARGET_HOST:$SVC_TARGET_PORT" local tunnel_args="-R 0.0.0.0:$SVC_TUNNEL_PORT:$SVC_TARGET_HOST:$SVC_TARGET_PORT"
[ "$SVC_NDM_AUTH" = "yes" ] && tunnel_args="$tunnel_args -R 0.0.0.0:$((SVC_TUNNEL_PORT+1)):127.0.0.1:80" [ "$SVC_NDM_AUTH" = "yes" ] && tunnel_args="$tunnel_args -R 0.0.0.0:$((SVC_TUNNEL_PORT+1)):127.0.0.1:80"
@ -1262,6 +1271,11 @@ EOF
grep -q 'sites-enabled' /etc/nginx/nginx.conf || sed -i '/http {/a\ include /etc/nginx/sites-enabled/*.conf;' /etc/nginx/nginx.conf grep -q 'sites-enabled' /etc/nginx/nginx.conf || sed -i '/http {/a\ include /etc/nginx/sites-enabled/*.conf;' /etc/nginx/nginx.conf
command -v certbot >/dev/null 2>&1 || (apt-get update -qq && apt-get install -y -qq certbot python3-certbot-nginx || yum install -y certbot python3-certbot-nginx) command -v certbot >/dev/null 2>&1 || (apt-get update -qq && apt-get install -y -qq certbot python3-certbot-nginx || yum install -y certbot python3-certbot-nginx)
systemctl enable nginx && systemctl start nginx systemctl enable nginx && systemctl start nginx
# Оптимизация SSH на стороне сервера для туннелей
grep -q 'ClientAliveInterval' /etc/ssh/sshd_config || echo 'ClientAliveInterval 30' >> /etc/ssh/sshd_config
grep -q 'ClientAliveCountMax' /etc/ssh/sshd_config || echo 'ClientAliveCountMax 2' >> /etc/ssh/sshd_config
systemctl restart ssh
" "
pause pause
} }