Add option to force HTTPS; Use gunicorn for HTTPS
This commit is contained in:
parent
17739661c5
commit
0bb34191b4
|
@ -1,22 +1,27 @@
|
||||||
|
|
||||||
# myNode www service
|
# myNode www service
|
||||||
# /etc/systemd/system/www.service
|
# /etc/systemd/system/www.service
|
||||||
|
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Proxy for HTTPS
|
Description=myNode Web Server
|
||||||
Wants=www.service
|
After=network.target
|
||||||
After=www.service
|
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
KillMode=control-group
|
KillMode=mixed
|
||||||
|
KillSignal=2
|
||||||
TimeoutSec=30
|
TimeoutSec=30
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=10
|
RestartSec=10
|
||||||
ExecStartPre=/usr/bin/mynode_gen_cert.sh https 825
|
Nice=-15
|
||||||
ExecStart=/usr/sbin/hitch -u bitcoin -g bitcoin --tls --backend=[127.0.0.1]:80 --frontend=[0.0.0.0]:443 /home/bitcoin/.mynode/https/myNode.local.pem
|
IOAccounting=true
|
||||||
|
IOWeight=2000
|
||||||
|
WorkingDirectory=/var/www/mynode
|
||||||
|
ExecStart=/usr/bin/python2.7 /usr/bin/gunicorn -b 0.0.0.0:443 --certfile=/home/bitcoin/.mynode/https/myNode.local.crt --keyfile=/home/bitcoin/.mynode/https/myNode.local.key --workers 2 --timeout 300 wsgi:app
|
||||||
User=root
|
User=root
|
||||||
Group=root
|
Group=root
|
||||||
|
StandardOutput=syslog
|
||||||
|
StandardError=syslog
|
||||||
|
SyslogIdentifier=www
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|
|
@ -1,27 +0,0 @@
|
||||||
# myNode www service
|
|
||||||
# /etc/systemd/system/www.service
|
|
||||||
|
|
||||||
[Unit]
|
|
||||||
Description=myNode Web Server
|
|
||||||
After=network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
KillMode=mixed
|
|
||||||
KillSignal=2
|
|
||||||
TimeoutSec=30
|
|
||||||
Restart=always
|
|
||||||
RestartSec=10
|
|
||||||
Nice=-15
|
|
||||||
IOAccounting=true
|
|
||||||
IOWeight=2000
|
|
||||||
WorkingDirectory=/var/www/mynode
|
|
||||||
ExecStart=/usr/bin/python2.7 /usr/bin/gunicorn -b 0.0.0.0:8000 --timeout 300 wsgi:app
|
|
||||||
User=root
|
|
||||||
Group=root
|
|
||||||
StandardOutput=syslog
|
|
||||||
StandardError=syslog
|
|
||||||
SyslogIdentifier=www
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
|
@ -390,7 +390,13 @@ def enable_darkmode():
|
||||||
write_ui_settings(ui_settings)
|
write_ui_settings(ui_settings)
|
||||||
|
|
||||||
def is_https_forced():
|
def is_https_forced():
|
||||||
return os.path.isfile('/home/bitcoin/.mynode/https_enabled')
|
return os.path.isfile('/home/bitcoin/.mynode/https_forced')
|
||||||
|
|
||||||
|
def force_https(force):
|
||||||
|
if force:
|
||||||
|
os.system("touch /home/bitcoin/.mynode/https_forced")
|
||||||
|
else:
|
||||||
|
os.system("rm -f /home/bitcoin/.mynode/https_forced")
|
||||||
|
|
||||||
#==================================
|
#==================================
|
||||||
# Uploader Functions
|
# Uploader Functions
|
||||||
|
|
|
@ -95,6 +95,7 @@ def page_settings():
|
||||||
"product_key_skipped": pk_skipped,
|
"product_key_skipped": pk_skipped,
|
||||||
"product_key_error": pk_error,
|
"product_key_error": pk_error,
|
||||||
"changelog": changelog,
|
"changelog": changelog,
|
||||||
|
"is_https_forced": is_https_forced(),
|
||||||
"using_bitcoin_custom_config": using_bitcoin_custom_config(),
|
"using_bitcoin_custom_config": using_bitcoin_custom_config(),
|
||||||
"using_lnd_custom_config": using_lnd_custom_config(),
|
"using_lnd_custom_config": using_lnd_custom_config(),
|
||||||
"is_bitcoin_synced": is_bitcoind_synced(),
|
"is_bitcoin_synced": is_bitcoind_synced(),
|
||||||
|
@ -600,6 +601,20 @@ def page_enable_btc_lnd_tor():
|
||||||
}
|
}
|
||||||
return render_template('reboot.html', **templateData)
|
return render_template('reboot.html', **templateData)
|
||||||
|
|
||||||
|
@mynode_settings.route("/settings/set_https_forced")
|
||||||
|
def page_set_https_forced_page():
|
||||||
|
check_logged_in()
|
||||||
|
|
||||||
|
forced = request.args.get('forced')
|
||||||
|
if forced == "1":
|
||||||
|
force_https(True)
|
||||||
|
else:
|
||||||
|
force_https(False)
|
||||||
|
|
||||||
|
flash("HTTPS Settings Saved", category="message")
|
||||||
|
return redirect(url_for(".page_settings"))
|
||||||
|
|
||||||
|
|
||||||
@mynode_settings.route("/settings/enable_aptget_tor")
|
@mynode_settings.route("/settings/enable_aptget_tor")
|
||||||
def page_enable_aptget_tor():
|
def page_enable_aptget_tor():
|
||||||
check_logged_in()
|
check_logged_in()
|
||||||
|
|
|
@ -358,6 +358,21 @@
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
$('#https_forced_checkbox').change(function () {
|
||||||
|
$("#https_forced").show();
|
||||||
|
});
|
||||||
|
$("#https_forced").on("click", function() {
|
||||||
|
enabled=$('#https_forced_checkbox').is(":checked")
|
||||||
|
if (enabled)
|
||||||
|
{
|
||||||
|
window.location.href='/settings/set_https_forced?forced=1'
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
window.location.href='/settings/set_https_forced?forced=0'
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
$('#aptget_tor_checkbox').change(function () {
|
$('#aptget_tor_checkbox').change(function () {
|
||||||
$("#aptget_tor").show();
|
$("#aptget_tor").show();
|
||||||
});
|
});
|
||||||
|
@ -561,6 +576,20 @@
|
||||||
<a href="/settings/toggle-darkmode" class="ui-button ui-widget ui-corner-all settings_button">Enable</a>
|
<a href="/settings/toggle-darkmode" class="ui-button ui-widget ui-corner-all settings_button">Enable</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
<div class="divider"></div>
|
||||||
|
|
||||||
|
<div class="settings_block_subheader">Force HTTPS</div>
|
||||||
|
You can force the myNode web interface to only use HTTPS.
|
||||||
|
<br/><br/>
|
||||||
|
<label class="switch">
|
||||||
|
<input type="checkbox" id="https_forced_checkbox" {% if is_https_forced %}checked{% endif %}>
|
||||||
|
<span class="slider round"></span>
|
||||||
|
</label>
|
||||||
|
<br/><br/>
|
||||||
|
<button id="https_forced" style="display: none;" class="ui-button ui-widget ui-corner-all settings_button_small">Save</button>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
@ -816,7 +845,7 @@
|
||||||
<div class="settings_block">
|
<div class="settings_block">
|
||||||
<div class="settings_block_header">Advanced</div>
|
<div class="settings_block_header">Advanced</div>
|
||||||
|
|
||||||
<div class="settings_block_subheader">Reset HTTP Certificates</div>
|
<div class="settings_block_subheader">Reset HTTPS Certificates</div>
|
||||||
This will regenerate your HTTPS certificates.
|
This will regenerate your HTTPS certificates.
|
||||||
<br/>
|
<br/>
|
||||||
<a href="/settings/regen-https-certs" class="ui-button ui-widget ui-corner-all settings_button">Regenerate</a>
|
<a href="/settings/regen-https-certs" class="ui-button ui-widget ui-corner-all settings_button">Regenerate</a>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user