From 07be62684256a44fab290d6bf9798a11b489a22c Mon Sep 17 00:00:00 2001 From: bunkerity Date: Wed, 28 Apr 2021 17:40:54 +0200 Subject: [PATCH] hotfix - fix API in autoconf swarm mode --- entrypoint/global-config.sh | 1 + lua/api.lua | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/entrypoint/global-config.sh b/entrypoint/global-config.sh index 3827044..fa7c3a8 100644 --- a/entrypoint/global-config.sh +++ b/entrypoint/global-config.sh @@ -220,6 +220,7 @@ if [ "$USE_API" = "yes" ] ; then API_URI="/$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)" echo "[*] Generated API URI : $API_URI" fi + replace_in_file "/etc/nginx/api.conf" "%API_URI%" "$API_URI" else replace_in_file "/etc/nginx/nginx.conf" "%USE_API%" "" fi diff --git a/lua/api.lua b/lua/api.lua index 22c0280..e181cef 100644 --- a/lua/api.lua +++ b/lua/api.lua @@ -1,8 +1,8 @@ local M = {} local api_list = {} local api_whitelist_ip = {%API_WHITELIST_IP%} +local iputils = require "resty.iputils" local whitelist = iputils.parse_cidrs(api_whitelist_ip) -local ip = ngx.var.remote_addr api_list["^/ping$"] = function () return true @@ -13,7 +13,7 @@ api_list["^/reload$"] = function () end function M.is_api_call (api_uri) - if iputils.ip_in_cidrs(ip, whitelist) and ngx.var.request_uri:sub(1, #api_uri) .. "/" == api_uri .. "/" then + if iputils.ip_in_cidrs(ngx.var.remote_addr, whitelist) and ngx.var.request_uri:sub(1, #api_uri) .. "/" == api_uri .. "/" then for uri, code in pairs(api_list) do if string.match(ngx.var.request_uri:sub(#api_uri + 1), uri) then return true