From bfd3d2937d39ff895c4ad645bb33e1bc2e41e905 Mon Sep 17 00:00:00 2001 From: kuaifan Date: Wed, 8 Dec 2021 23:15:03 +0800 Subject: [PATCH] =?UTF-8?q?=E5=8F=96=E6=B6=88=E9=BB=98=E8=AE=A4ssl?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env.docker | 2 +- .env.example | 2 +- README.md | 9 +++++++++ README_CN.md | 9 +++++++++ app/Http/Middleware/WebApi.php | 11 +++-------- bin/run | 5 +---- cmd | 4 ++-- docker-compose.yml | 1 - 8 files changed, 26 insertions(+), 17 deletions(-) diff --git a/.env.docker b/.env.docker index 9afb58d1d..bc64392e9 100644 --- a/.env.docker +++ b/.env.docker @@ -2,12 +2,12 @@ APP_NAME=Dootask APP_ENV=local APP_KEY= APP_DEBUG=true +APP_SCHEME=auto APP_URL=http://localhost APP_ID= APP_IPPR= APP_PORT=2222 -APP_PORT_SSL=2223 LOG_CHANNEL=stack LOG_LEVEL=debug diff --git a/.env.example b/.env.example index db24d1401..3e36d2aeb 100644 --- a/.env.example +++ b/.env.example @@ -2,10 +2,10 @@ APP_NAME=Laravel APP_ENV=local APP_KEY= APP_DEBUG=true +APP_SCHEME=auto APP_URL=http://localhost APP_PORT=2222 -APP_PORT_SSL=2223 LOG_CHANNEL=stack LOG_LEVEL=debug diff --git a/README.md b/README.md index 2e3b7cefb..e0c19132e 100644 --- a/README.md +++ b/README.md @@ -63,6 +63,15 @@ password: 123456 ./cmd mysql "your command" // To run a mysql command (backup: Backup database, recovery: Restore database) ``` +### NGINX OPEN HTTPS +``` +// .env add +APP_SCHEME=1 + +// nginx add +proxy_set_header X-Forwarded-Proto $scheme; +``` + ## Upgrade **Note: Please back up your data before upgrading!** diff --git a/README_CN.md b/README_CN.md index 7f0cb49c9..83e74d4a0 100644 --- a/README_CN.md +++ b/README_CN.md @@ -63,6 +63,15 @@ password: 123456 ./cmd mysql "your command" // 运行 mysql 命令 (backup: 备份数据库,recovery: 还原数据库) ``` +### 代理开启 HTTPS +``` +// .env 文件添加 +APP_SCHEME=1 + +// nginx 代理配置添加 +proxy_set_header X-Forwarded-Proto $scheme; +``` + ## 升级更新 **注意:在升级之前请备份好你的数据!** diff --git a/app/Http/Middleware/WebApi.php b/app/Http/Middleware/WebApi.php index 07fb7f5e8..77168c009 100644 --- a/app/Http/Middleware/WebApi.php +++ b/app/Http/Middleware/WebApi.php @@ -6,7 +6,6 @@ use Closure; use Request; -use URL; class WebApi { @@ -28,13 +27,9 @@ public function handle($request, Closure $next) header('Access-Control-Allow-Headers:Content-Type, platform, platform-channel, token, release, Access-Control-Allow-Origin'); } - $APP_FORCE_URL_SCHEME = env('APP_FORCE_URL_SCHEME', 'auto'); - if ($APP_FORCE_URL_SCHEME == 'https' || $APP_FORCE_URL_SCHEME === true) { - URL::forceScheme('https'); - } elseif ($APP_FORCE_URL_SCHEME == 'http' || $APP_FORCE_URL_SCHEME === false) { - URL::forceScheme('http'); - } elseif (Request::header('x-forwarded-server-port', 80) == 443) { - URL::forceScheme('https'); + $APP_SCHEME = env('APP_SCHEME', 'auto'); + if (in_array(strtolower($APP_SCHEME), ['https', 'on', 'ssl', '1', 'true', 'yes'], true)) { + $request->setTrustedProxies([$request->getClientIp()], $request::HEADER_X_FORWARDED_PROTO); } return $next($request); diff --git a/bin/run b/bin/run index 7639e0f7b..47b05addd 100755 --- a/bin/run +++ b/bin/run @@ -73,7 +73,7 @@ class runLoader } } -$array = getopt('', ['port:', 'ssl:', 'mode:']); +$array = getopt('', ['port:', 'mode:']); $loader = new runLoader(); if (isset($array['mode'])) { @@ -84,9 +84,6 @@ $data = []; if (isset($array['port'])) { $data['APP_PORT'] = $array['port']; } -if (isset($array['ssl'])) { - $data['APP_PORT_SSL'] = $array['ssl']; -} if ($data) { $loader->modifyEnv($data); } diff --git a/cmd b/cmd index c45e25826..84ac3a350 100755 --- a/cmd +++ b/cmd @@ -211,9 +211,9 @@ if [ $# -gt 0 ];then elif [[ "$1" == "https" ]]; then shift 1 if [[ "$@" == "auto" ]];then - env_set APP_FORCE_URL_SCHEME "auto" + env_set APP_SCHEME "auto" else - env_set APP_FORCE_URL_SCHEME "true" + env_set APP_SCHEME "true" fi supervisorctl_restart php elif [[ "$1" == "artisan" ]]; then diff --git a/docker-compose.yml b/docker-compose.yml index 87748f3b5..d651602f3 100755 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -34,7 +34,6 @@ services: image: "nginx:alpine" ports: - "${APP_PORT}:80" - - "${APP_PORT_SSL}:443" volumes: - ./docker/nginx:/etc/nginx/conf.d - ./public:/var/www/public