bunkerweb 1.4.0

core/misc/confs/default-server-http/disable.conf

@@ -0,0 +1,5 @@
+{% if DISABLE_DEFAULT_SERVER == "yes" +%}
+location / {
+	return 444;
+}
+{% endif %}

core/misc/confs/server-http/allowed-methods.conf

@@ -0,0 +1,5 @@
+{% if ALLOWED_METHODS != "" +%}
+if ($request_method !~ ^({{ ALLOWED_METHODS }})$) {
+	return 405;
+}
+{% endif %}

core/misc/confs/server-http/max-client-size.conf

@@ -0,0 +1 @@
+client_max_body_size {{ MAX_CLIENT_SIZE }};

core/misc/confs/server-http/open-file-cache.conf

@@ -0,0 +1,4 @@
+open_file_cache {{ OPEN_FILE_CACHE }};
+open_file_cache_errors {% if OPEN_FILE_CACHE_ERRORS == "yes" +%} on {% else +%} off {% endif +%};
+open_file_cache_min_uses {{ OPEN_FILE_CACHE_MIN_USES }};
+open_file_cache_valid {{ OPEN_FILE_CACHE_VALID }};

core/misc/confs/server-http/redirect-http-to-https.conf

@@ -0,0 +1,12 @@
+{% if REDIRECT_HTTP_TO_HTTPS == "yes" +%}
+if ($scheme = http) {
+	return 301 https://$host$request_uri;
+}
+{% elif AUTO_REDIRECT_HTTP_TO_HTTPS == "yes" +%}
+	{% if AUTO_LETS_ENCRYPT == "yes" or USE_CUSTOM_HTTPS == "yes" or GENERATE_SELF_SIGNED_SSL == "yes" +%}
+if ($scheme = http) {
+	return 301 https://$host$request_uri;
+}
+	{% endif +%}
+{% endif +%}
+

core/misc/confs/server-http/serve-files.conf

@@ -0,0 +1,6 @@
+{% if SERVE_FILES == "yes" +%}
+	root {% if ROOT_FOLDER == "" %}/opt/bunkerweb/www/{% if MULTISITE == "yes" %}{{ SERVER_NAME.split(" ")[0] }}{% endif %}{% else %}{{ ROOT_FOLDER }}{% endif %};
+	try_files $uri $uri/ =404;
+{% else +%}
+	root /nowhere;
+{% endif %}

core/misc/plugin.json

@@ -0,0 +1,144 @@
+{
+	"id": "misc",
+	"order": 999,
+	"name": "Miscellaneous",
+	"description": "Miscellaneous settings.",
+	"version": "0.1",
+	"settings": {
+		"DISABLE_DEFAULT_SERVER": {
+			"context": "global",
+			"default": "no",
+			"help": "Close connection if the request vhost is unknown.",
+			"id": "disable-default-server",
+			"label": "Disable default server",
+			"regex": "^(yes|no)$",
+			"type": "check"
+		},
+		"REDIRECT_HTTP_TO_HTTPS": {
+			"context": "multisite",
+			"default": "no",
+			"help": "Redirect all HTTP request to HTTPS.",
+			"id": "redirect-http-to-https",
+			"label": "Redirect HTTP to HTTPS",
+			"regex": ".*",
+			"type": "text"
+		},
+		"AUTO_REDIRECT_HTTP_TO_HTTPS": {
+			"context": "multisite",
+			"default": "yes",
+			"help": "Try to detect if HTTPS is used and activate HTTP to HTTPS redirection if that's the case.",
+			"id": "auto-redirect-http-to-https",
+			"label": "Auto redirect HTTP to HTTPS",
+			"regex": ".*",
+			"type": "text"
+		},		
+		"ALLOWED_METHODS": {
+			"context": "multisite",
+			"default": "GET|POST|HEAD",
+			"help": "Allowed HTTP methods to be sent by clients.",
+			"id": "allowed-methods",
+			"label": "Allowed methods",
+			"regex": ".*",
+			"type": "text"
+		},
+		"MAX_CLIENT_SIZE": {
+			"context": "multisite",
+			"default": "10m",
+			"help": "Maximum body size (0 for infinite).",
+			"id": "max-client-size",
+			"label": "Maximum body size",
+			"regex": ".*",
+			"type": "text"
+		},
+		"SERVE_FILES": {
+			"context": "multisite",
+			"default": "yes",
+			"help": "Serve files from the local folder.",
+			"id": "serve-files",
+			"label": "Serve files",
+			"regex": "^(yes|no)$",
+			"type": "check"
+		},
+		"ROOT_FOLDER": {
+			"context": "multisite",
+			"default": "",
+			"help": "Root folder containing files to serve (/opt/bunkerweb/www/{server_name} if unset).",
+			"id": "root-folder",
+			"label": "Root folder",
+			"regex": "^.*$",
+			"type": "text"
+		},
+		"HTTPS_PROTOCOLS": {
+			"context": "multisite",
+			"default": "TLSv1.2 TLSv1.3",
+			"help": "The supported version of TLS. We recommend the default value TLSv1.2 TLSv1.3 for compatibility reasons.",
+			"id": "https-protocols",
+			"label": "HTTPS protocols",
+			"regex": ".*",
+			"type": "text"
+		},
+		"HTTP2": {
+			"context": "multisite",
+			"default": "yes",
+			"help": "Support HTTP2 protocol when HTTPS is enabled.",
+			"id": "http2",
+			"label": "HTTP2",
+			"regex": ".*",
+			"type": "check"
+		},
+		"LISTEN_HTTP": {
+			"context": "multisite",
+			"default": "yes",
+			"help": "Respond to (insecure) HTTP requests.",
+			"id": "http-listen",
+			"label": "HTTP listen",
+			"regex": "^(yes|no)$",
+			"type": "check"
+		},
+		"USE_OPEN_FILE_CACHE" : {
+			"context": "multisite",
+			"default": "no",
+			"help": "Enable open file cache feature",
+			"id": "use-open-file-cache",
+			"label": "Use open file cache",
+			"regex": "^(yes|no)$",
+			"type": "check"
+		},
+		"OPEN_FILE_CACHE" : {
+			"context": "multisite",
+			"default": "max=1000 inactive=20s",
+			"help": "Open file cache directive",
+			"id": "open-file-cache",
+			"label": "Use open file cache",
+			"regex": "^.*$",
+			"type": "text"
+		},
+		"OPEN_FILE_CACHE_ERRORS" : {
+			"context": "multisite",
+			"default": "yes",
+			"help": "Enable open file cache for errors",
+			"id": "open-file-cache-errors",
+			"label": "Open file cache errors",
+			"regex": "^(yes|no)$",
+			"type": "text"
+		},
+		"OPEN_FILE_CACHE_MIN_USES" : {
+			"context": "multisite",
+			"default": "2",
+			"help": "Enable open file cache minimum uses",
+			"id": "open-file-cache-min-uses",
+			"label": "Open file cache min uses",
+			"regex": "^([1-9]+)$",
+			"type": "text"
+		},
+		"OPEN_FILE_CACHE_VALID" : {
+			"context": "multisite",
+			"default": "30s",
+			"help": "Open file cache valid time",
+			"id": "open-file-cache-valid",
+			"label": "Open file cache valid time",
+			"regex": "^\\d+(ms|s|m|h|d|w|M|y)$",
+			"type": "text"
+		}
+	}
+}