admin/shop-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add diaposine

Browse Source
This commit is contained in:
Kirill
2026-06-03 19:44:39 +05:00
parent 11c1e012d5
commit 5f18274b2c
3 changed files with 51 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/craftshop-netbird.conf
+33
View File
@@ -0,0 +1,33 @@
# Nginx для доступа к админке через Netbird
# Размещается на сервере в /etc/nginx/sites-available/craftshop-netbird
# с симлинком в /etc/nginx/sites-enabled/
server {
listen 100.109.3.6:80;
server_name 100.109.3.6;
root /opt/craftshop/www;
index index.html;
client_max_body_size 100M;
location /api/ {
proxy_pass http://127.0.0.1:3333;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /uploads/ {
proxy_pass http://127.0.0.1:3333;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
try_files $uri $uri/ /index.html;
}
}
scripts/deploy-auto.sh
+18
View File
@@ -202,6 +202,24 @@ if [[ "$changed_server" == true ]]; then
remote_exec bash -lc "$DEPLOY_RESTART_CMD"
fi
echo ">>> Настройка Nginx для Netbird-доступа к админке"
remote_exec bash -lc "set -e
if ! command -v nginx &>/dev/null; then
echo 'Установка nginx...'
apt-get update -qq && apt-get install -y -qq nginx
fi
mkdir -p /etc/nginx/sites-available /etc/nginx/sites-enabled
rm -f /etc/nginx/sites-enabled/default
"
cat "$ROOT/scripts/craftshop-netbird.conf" | remote_exec tee /etc/nginx/sites-available/craftshop-netbird > /dev/null
remote_exec bash -lc "set -e
ln -sf /etc/nginx/sites-available/craftshop-netbird /etc/nginx/sites-enabled/
nginx -t && systemctl reload nginx || systemctl restart nginx
systemctl enable nginx
"
echo ">>> Сервер задеплоен"
fi
server/src/plugins/auth.js
-1
View File
@@ -22,7 +22,6 @@ export function registerAuth(fastify) {
if (allowedList.length > 0) {
const reqIp = normalizeIp(request.ip)
request.log.info({ reqIp, rawIp: request.ip }, '[auth] admin IP check')
const isAllowed = allowedList.includes(reqIp) || allowedList.some((entry) => cidrMatch(reqIp, entry))
if (!isAllowed) {
return reply.code(403).send({ error: 'Доступ с данного IP запрещён' })