diff options
| author | zeripath <art27@cantab.net> | 2022-08-21 19:20:43 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-08-21 19:20:43 +0100 |
| commit | 943753f560fab8bb01946618b16c694bc2032827 (patch) | |
| tree | d4faa0f8bde73d61ee00d7252ceb79f8334088b1 /cmd/web_https.go | |
| parent | 0b4c166e8a90beeb1e71ee2fc16b3a240517c82d (diff) | |
| download | gitea-943753f560fab8bb01946618b16c694bc2032827.tar.gz gitea-943753f560fab8bb01946618b16c694bc2032827.zip | |
Support Proxy protocol (#12527)
This PR adds functionality to allow Gitea to sit behind an
HAProxy and HAProxy protocolled connections directly.
Fix #7508
Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'cmd/web_https.go')
| -rw-r--r-- | cmd/web_https.go | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/cmd/web_https.go b/cmd/web_https.go index b0910ca040..aac11517a6 100644 --- a/cmd/web_https.go +++ b/cmd/web_https.go @@ -129,14 +129,14 @@ var ( defaultCiphersChaChaFirst = append(defaultCiphersChaCha, defaultCiphersAES...) ) -// runHTTPs listens on the provided network address and then calls +// runHTTPS listens on the provided network address and then calls // Serve to handle requests on incoming TLS connections. // // Filenames containing a certificate and matching private key for the server must // be provided. If the certificate is signed by a certificate authority, the // certFile should be the concatenation of the server's certificate followed by the // CA's certificate. -func runHTTPS(network, listenAddr, name, certFile, keyFile string, m http.Handler) error { +func runHTTPS(network, listenAddr, name, certFile, keyFile string, m http.Handler, useProxyProtocol, proxyProtocolTLSBridging bool) error { tlsConfig := &tls.Config{} if tlsConfig.NextProtos == nil { tlsConfig.NextProtos = []string{"h2", "http/1.1"} @@ -184,9 +184,9 @@ func runHTTPS(network, listenAddr, name, certFile, keyFile string, m http.Handle return err } - return graceful.HTTPListenAndServeTLSConfig(network, listenAddr, name, tlsConfig, m) + return graceful.HTTPListenAndServeTLSConfig(network, listenAddr, name, tlsConfig, m, useProxyProtocol, proxyProtocolTLSBridging) } -func runHTTPSWithTLSConfig(network, listenAddr, name string, tlsConfig *tls.Config, m http.Handler) error { - return graceful.HTTPListenAndServeTLSConfig(network, listenAddr, name, tlsConfig, m) +func runHTTPSWithTLSConfig(network, listenAddr, name string, tlsConfig *tls.Config, m http.Handler, useProxyProtocol, proxyProtocolTLSBridging bool) error { + return graceful.HTTPListenAndServeTLSConfig(network, listenAddr, name, tlsConfig, m, useProxyProtocol, proxyProtocolTLSBridging) } |