bivashy/Blitz-Proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: prevent decoy site activation when no decoy path provided

Browse Source
This commit is contained in:
Whispering Wind
2025-06-08 20:12:59 +03:30
committed by GitHub
parent 5c0fd050ca
commit 6a8b5ec087
1 changed files with 5 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
core/scripts/webpanel/webpanel_shell.sh
View File

@ -6,29 +6,23 @@ CADDY_CONFIG_FILE="/etc/hysteria/core/scripts/webpanel/Caddyfile"
WEBPANEL_ENV_FILE="/etc/hysteria/core/scripts/webpanel/.env"
install_dependencies() {
# Update system
sudo apt update -y > /dev/null 2>&1
# Install dependencies
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl > /dev/null 2>&1
# Add Caddy repository
curl -fsSL https://dl.cloudsmith.io/public/caddy/stable/gpg.key | sudo tee /etc/apt/trusted.gpg.d/caddy.asc > /dev/null 2>&1
echo "deb [signed-by=/etc/apt/trusted.gpg.d/caddy.asc] https://dl.cloudsmith.io/public/caddy/stable/deb/ubuntu/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/caddy-stable.list > /dev/null 2>&1
# Update package index again with Caddy repo
sudo apt update -y > /dev/null 2>&1
apt install libnss3-tools -y > /dev/null 2>&1
# Install Caddy
sudo apt install -y caddy
if [ $? -ne 0 ]; then
echo -e "${red}Error: Failed to install Caddy. ${NC}"
exit 1
fi
# Stop and disable Caddy service
systemctl stop caddy > /dev/null 2>&1
systemctl disable caddy > /dev/null 2>&1
@ -59,7 +53,7 @@ ADMIN_PASSWORD=$admin_password_hash
EXPIRATION_MINUTES=$expiration_minutes
EOL
if [ -n "$decoy_path" ]; then
if [ -n "$decoy_path" ] && [ "$decoy_path" != "None" ]; then
echo "DECOY_PATH=$decoy_path" >> /etc/hysteria/core/scripts/webpanel/.env
fi
}
@ -67,31 +61,21 @@ EOL
update_caddy_file() {
source /etc/hysteria/core/scripts/webpanel/.env
# Ensure all required variables are set
if [ -z "$DOMAIN" ] || [ -z "$ROOT_PATH" ] || [ -z "$PORT" ]; then
echo -e "${red}Error: One or more environment variables are missing.${NC}"
return 1
fi
if [ -n "$DECOY_PATH" ] && [ "$PORT" -eq 443 ]; then
if [ -n "$DECOY_PATH" ] && [ "$DECOY_PATH" != "None" ] && [ "$PORT" -eq 443 ]; then
cat <<EOL > "$CADDY_CONFIG_FILE"
# Global configuration
{
# Disable admin panel of the Caddy
admin off
# Disable automatic HTTP to HTTPS redirects so the Caddy won't listen on port 80 (We need this port for other parts of the project)
auto_https disable_redirects
}
# Listen for incoming requests on the specified domain and port
$DOMAIN:$PORT {
# Define a route to handle all requests starting with ROOT_PATH('/$ROOT_PATH/')
route /$ROOT_PATH/* {
# We don't strip the ROOT_PATH('/$ROOT_PATH/') from the request
# uri strip_prefix /$ROOT_PATH
# We are proxying all requests under the ROOT_PATH to FastAPI at 127.0.0.1:28260
# FastAPI handles these requests because we set the 'root_path' parameter in the FastAPI instance.
reverse_proxy http://127.0.0.1:28260
}
@ -109,9 +93,7 @@ EOL
cat <<EOL > "$CADDY_CONFIG_FILE"
# Global configuration
{
# Disable admin panel of the Caddy
admin off
# Disable automatic HTTP to HTTPS redirects so the Caddy won't listen on port 80 (We need this port for other parts of the project)
auto_https disable_redirects
}
@ -137,7 +119,7 @@ $DOMAIN:$PORT {
}
EOL
if [ -n "$DECOY_PATH" ] && [ "$PORT" -ne 443 ]; then
if [ -n "$DECOY_PATH" ] && [ "$DECOY_PATH" != "None" ] && [ "$PORT" -ne 443 ]; then
cat <<EOL >> "$CADDY_CONFIG_FILE"
# Decoy site on port 443
@ -199,29 +181,24 @@ start_service() {
local debug=$6
local decoy_path=$7
# Install required dependencies
install_dependencies
# Update environment file
update_env_file "$domain" "$port" "$admin_username" "$admin_password" "$expiration_minutes" "$debug" "$decoy_path"
if [ $? -ne 0 ]; then
echo -e "${red}Error: Failed to update the environment file.${NC}"
return 1
fi
# Create the web panel service file
create_webpanel_service_file
if [ $? -ne 0 ]; then
echo -e "${red}Error: Failed to create the webpanel service file.${NC}"
return 1
fi
# Reload systemd and enable webpanel service
systemctl daemon-reload
systemctl enable hysteria-webpanel.service > /dev/null 2>&1
systemctl start hysteria-webpanel.service > /dev/null 2>&1
# Check if the web panel is running
if systemctl is-active --quiet hysteria-webpanel.service; then
echo -e "${green}Hysteria web panel setup completed. The web panel is running locally on: http://127.0.0.1:28260/${NC}"
else
@ -229,7 +206,6 @@ start_service() {
return 1
fi
# Update Caddy configuration
update_caddy_file
if [ $? -ne 0 ]; then
echo -e "${red}Error: Failed to update the Caddyfile.${NC}"
@ -242,7 +218,6 @@ start_service() {
return 1
fi
# Reload systemd and enable/start Caddy service
systemctl daemon-reload
systemctl enable hysteria-caddy.service
systemctl start hysteria-caddy.service
@ -251,13 +226,12 @@ start_service() {
return 1
fi
# Check if the web panel is still running after Caddy restart
if systemctl is-active --quiet hysteria-webpanel.service; then
source /etc/hysteria/core/scripts/webpanel/.env
local webpanel_url="http://$domain:$port/$ROOT_PATH/"
echo -e "${green}Hysteria web panel is now running. The service is accessible on: $webpanel_url ${NC}"
if [ -n "$decoy_path" ]; then
if [ -n "$DECOY_PATH" ] && [ "$DECOY_PATH" != "None" ]; then
if [ "$port" -eq 443 ]; then
echo -e "${green}Decoy site is configured on the same port (443) and will handle non-webpanel paths.${NC}"
else
@ -313,7 +287,7 @@ stop_decoy_site() {
source /etc/hysteria/core/scripts/webpanel/.env
if [ -z "$DECOY_PATH" ]; then
if [ -z "$DECOY_PATH" ] || [ "$DECOY_PATH" = "None" ]; then
echo -e "${yellow}No decoy site is currently configured.${NC}"
return 0
fi