Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

review settings order in UI

Browse source
This commit is contained in:
florian 2024-05-03 12:25:33 +02:00
parent b7978990de
commit b5019d77e1
No known key found for this signature in database
GPG key ID: 93EE47CC3D061500
10 changed files with 313 additions and 313 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
src/common/core/antibot/plugin.json
View file

@ -32,6 +32,24 @@
"regex": "^\\/[\\w\\].~:\\/?#\\[@!$\\&'\\(\\)*+,;=\\-]*$",
"type": "text"
},
"ANTIBOT_TIME_RESOLVE": {
"context": "multisite",
"default": "60",
"help": "Maximum time (in seconds) clients have to resolve the challenge. Once this time has passed, a new challenge will be generated.",
"id": "antibot-time-resolve",
"label": "Time to resolve",
"regex": "^[0-9]+$",
"type": "text"
},
"ANTIBOT_TIME_VALID": {
"context": "multisite",
"default": "86400",
"help": "Maximum validity time of solved challenges. Once this time has passed, clients will need to resolve a new one.",
"id": "antibot-time-valid",
"label": "Time valid",
"regex": "^[0-9]+$",
"type": "text"
},
"ANTIBOT_RECAPTCHA_SCORE": {
"context": "multisite",
"default": "0.7",
@ -94,24 +112,6 @@
"label": "Turnstile secret",
"regex": "^(0x[\\w\\-]+)?$",
"type": "password"
},
"ANTIBOT_TIME_RESOLVE": {
"context": "multisite",
"default": "60",
"help": "Maximum time (in seconds) clients have to resolve the challenge. Once this time has passed, a new challenge will be generated.",
"id": "antibot-time-resolve",
"label": "Time to resolve",
"regex": "^[0-9]+$",
"type": "text"
},
"ANTIBOT_TIME_VALID": {
"context": "multisite",
"default": "86400",
"help": "Maximum validity time of solved challenges. Once this time has passed, clients will need to resolve a new one.",
"id": "antibot-time-valid",
"label": "Time valid",
"regex": "^[0-9]+$",
"type": "text"
}
}
}

20
src/common/core/backup/plugin.json
View file

@ -14,19 +14,10 @@
"regex": "^(yes|no)$",
"type": "check"
},
"BACKUP_DIRECTORY": {
"context": "global",
"default": "/var/lib/bunkerweb/backups",
"help": "The directory where the backup will be stored",
"id": "backup-directory",
"label": "Backup directory",
"regex": "^.*$",
"type": "text"
},
"BACKUP_SCHEDULE": {
"context": "global",
"default": "daily",
"help": "The frequency of the backup",
"help": "The frequency of the backup (daily, weekly or monthly)",
"id": "backup-schedule",
"label": "Backup schedule",
"regex": "^(daily|weekly|monthly)$",
@ -41,6 +32,15 @@
"label": "Backup rotation",
"regex": "^[1-9][0-9]*$",
"type": "text"
},
"BACKUP_DIRECTORY": {
"context": "global",
"default": "/var/lib/bunkerweb/backups",
"help": "The directory where the backup will be stored",
"id": "backup-directory",
"label": "Backup directory",
"regex": "^.*$",
"type": "text"
}
},
"jobs": [

18
src/common/core/badbehavior/plugin.json
View file

@ -23,15 +23,6 @@
"regex": "^( *([1-5]\\d{2})(?!.*\\2) *)+$",
"type": "text"
},
"BAD_BEHAVIOR_BAN_TIME": {
"context": "multisite",
"default": "86400",
"help": "The duration time (in seconds) of a ban when the corresponding IP has reached the threshold.",
"id": "bad-behavior-ban-time",
"label": "Ban duration (in seconds)",
"regex": "^\\d+",
"type": "text"
},
"BAD_BEHAVIOR_THRESHOLD": {
"context": "multisite",
"default": "10",
@ -49,6 +40,15 @@
"label": "Period (in seconds)",
"regex": "^\\d+",
"type": "text"
},
"BAD_BEHAVIOR_BAN_TIME": {
"context": "multisite",
"default": "86400",
"help": "The duration time (in seconds) of a ban when the corresponding IP has reached the threshold.",
"id": "bad-behavior-ban-time",
"label": "Ban duration (in seconds)",
"regex": "^\\d+",
"type": "text"
}
}
}

176
src/common/core/blacklist/plugin.json
View file

@ -23,13 +23,13 @@
"regex": "^(?! )( *(((\\b25[0-5]|\\b2[0-4]\\d|\\b[01]?\\d\\d?)(\\.(25[0-5]|2[0-4]\\d|[01]?\\d\\d?)){3})(\\/([1-2][0-9]?|3[0-2]?|[04-9]))?|(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]Z{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d)|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d))(\\/(12[0-8]|1[01][0-9]|[0-9][0-9]?))?)(?!.*\\D\\2([^\\d\\/]|$)) *)*$",
"type": "text"
},
"BLACKLIST_IP_URLS": {
"context": "global",
"default": "https://www.dan.me.uk/torlist/?exit",
"help": "List of URLs, separated with spaces, containing bad IP/network to block.",
"id": "blacklist-ip-urls",
"label": "Blacklist IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"BLACKLIST_RDNS": {
"context": "multisite",
"default": ".shodan.io .censys.io",
"help": "List of reverse DNS suffixes, separated with spaces, to block.",
"id": "blacklist-rdns",
"label": "Blacklist reverse DNS",
"regex": "^( *(([^ ]+)(?!.*\\3( |$))) *)*$",
"type": "text"
},
"BLACKLIST_RDNS_GLOBAL": {
@ -41,24 +41,6 @@
"regex": "^(yes|no)$",
"type": "check"
},
"BLACKLIST_RDNS": {
"context": "multisite",
"default": ".shodan.io .censys.io",
"help": "List of reverse DNS suffixes, separated with spaces, to block.",
"id": "blacklist-rdns",
"label": "Blacklist reverse DNS",
"regex": "^( *(([^ ]+)(?!.*\\3( |$))) *)*$",
"type": "text"
},
"BLACKLIST_RDNS_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to block.",
"id": "blacklist-rdns-urls",
"label": "Blacklist reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_ASN": {
"context": "multisite",
"default": "",
@ -68,15 +50,6 @@
"regex": "^^( *((ASN?)?(\\d+)\\b(?!.*[SN ]\\4\\b)) *)*$",
"type": "text"
},
"BLACKLIST_ASN_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to block.",
"id": "blacklist-asn-urls",
"label": "Blacklist ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_USER_AGENT": {
"context": "multisite",
"default": "",
@ -86,15 +59,6 @@
"regex": "^.*$",
"type": "text"
},
"BLACKLIST_USER_AGENT_URLS": {
"context": "global",
"default": "https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/_generator_lists/bad-user-agents.list",
"help": "List of URLs, separated with spaces, containing bad User-Agent to block.",
"id": "blacklist-user-agent-urls",
"label": "Blacklist User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_URI": {
"context": "multisite",
"default": "",
@ -104,15 +68,6 @@
"regex": "^( *(.*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_URI_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing bad URI to block.",
"id": "blacklist-uri-urls",
"label": "Blacklist URI URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_IP": {
"context": "multisite",
"default": "",
@ -122,15 +77,6 @@
"regex": "^(?! )( *(((\\b25[0-5]|\\b2[0-4]\\d|\\b[01]?\\d\\d?)(\\.(25[0-5]|2[0-4]\\d|[01]?\\d\\d?)){3})(\\/([1-2][0-9]?|3[0-2]?|[04-9]))?|(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]Z{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d)|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d))(\\/(12[0-8]|1[01][0-9]|[0-9][0-9]?))?)(?!.*\\D\\2([^\\d\\/]|$)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_IP_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing IP/network to ignore in the blacklist.",
"id": "blacklist-ignore-ip-urls",
"label": "Blacklist ignore IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_RDNS": {
"context": "multisite",
"default": "",
@ -140,15 +86,6 @@
"regex": "^( *(([^ ]+)(?!.*\\3( |$))) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_RDNS_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to ignore in the blacklist.",
"id": "blacklist-ignore-rdns-urls",
"label": "Blacklist ignore reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_ASN": {
"context": "multisite",
"default": "",
@ -158,15 +95,6 @@
"regex": "^^( *((ASN?)?(\\d+)\\b(?!.*[SN ]\\4\\b)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_ASN_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to ignore in the blacklist.",
"id": "blacklist-ignore-asn-urls",
"label": "Blacklist ignore ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_USER_AGENT": {
"context": "multisite",
"default": "",
@ -176,15 +104,6 @@
"regex": "^.*$",
"type": "text"
},
"BLACKLIST_IGNORE_USER_AGENT_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing User-Agent to ignore in the blacklist.",
"id": "blacklist-ignore-user-agent-urls",
"label": "Blacklist ignore User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_URI": {
"context": "multisite",
"default": "",
@ -194,6 +113,87 @@
"regex": "^( *(.*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IP_URLS": {
"context": "global",
"default": "https://www.dan.me.uk/torlist/?exit",
"help": "List of URLs, separated with spaces, containing bad IP/network to block.",
"id": "blacklist-ip-urls",
"label": "Blacklist IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_RDNS_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to block.",
"id": "blacklist-rdns-urls",
"label": "Blacklist reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_ASN_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to block.",
"id": "blacklist-asn-urls",
"label": "Blacklist ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_USER_AGENT_URLS": {
"context": "global",
"default": "https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/_generator_lists/bad-user-agents.list",
"help": "List of URLs, separated with spaces, containing bad User-Agent to block.",
"id": "blacklist-user-agent-urls",
"label": "Blacklist User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_URI_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing bad URI to block.",
"id": "blacklist-uri-urls",
"label": "Blacklist URI URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_IP_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing IP/network to ignore in the blacklist.",
"id": "blacklist-ignore-ip-urls",
"label": "Blacklist ignore IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_RDNS_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to ignore in the blacklist.",
"id": "blacklist-ignore-rdns-urls",
"label": "Blacklist ignore reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_ASN_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to ignore in the blacklist.",
"id": "blacklist-ignore-asn-urls",
"label": "Blacklist ignore ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_USER_AGENT_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing User-Agent to ignore in the blacklist.",
"id": "blacklist-ignore-user-agent-urls",
"label": "Blacklist ignore User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"BLACKLIST_IGNORE_URI_URLS": {
"context": "global",
"default": "",

54
src/common/core/cors/plugin.json
View file

@ -23,6 +23,33 @@
"regex": "^.*$",
"type": "text"
},
"CORS_ALLOW_METHODS": {
"context": "multisite",
"default": "GET, POST, OPTIONS",
"help": "Value of the Access-Control-Allow-Methods header.",
"id": "cors-allow-methods",
"label": "Access-Control-Allow-Methods value",
"regex": "^(\\*|(?![, ])(,? ?(GET|HEAD|POST|PUT|DELETE|CONNECT|OPTIONS|TRACE|PATCH)(?!.*\\3))*)?$",
"type": "text"
},
"CORS_ALLOW_HEADERS": {
"context": "multisite",
"default": "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range",
"help": "Value of the Access-Control-Allow-Headers header.",
"id": "cors-allow-headers",
"label": "Access-Control-Allow-Headers value",
"regex": "^(\\*|(?![, ])(,? ?([\\w\\-]+)(?!.*\\3(?!.)))*)?$",
"type": "text"
},
"CORS_ALLOW_CREDENTIALS": {
"context": "multisite",
"default": "no",
"help": "Send the Access-Control-Allow-Credentials header.",
"id": "cors-allow-credentials",
"label": "Send Access-Control-Allow-Credentials",
"regex": "^(yes|no)$",
"type": "check"
},
"CORS_EXPOSE_HEADERS": {
"context": "multisite",
"default": "Content-Length,Content-Range",
@ -71,33 +98,6 @@
"regex": "^\\d+$",
"type": "text"
},
"CORS_ALLOW_CREDENTIALS": {
"context": "multisite",
"default": "no",
"help": "Send the Access-Control-Allow-Credentials header.",
"id": "cors-allow-credentials",
"label": "Send Access-Control-Allow-Credentials",
"regex": "^(yes|no)$",
"type": "check"
},
"CORS_ALLOW_METHODS": {
"context": "multisite",
"default": "GET, POST, OPTIONS",
"help": "Value of the Access-Control-Allow-Methods header.",
"id": "cors-allow-methods",
"label": "Access-Control-Allow-Methods value",
"regex": "^(\\*|(?![, ])(,? ?(GET|HEAD|POST|PUT|DELETE|CONNECT|OPTIONS|TRACE|PATCH)(?!.*\\3))*)?$",
"type": "text"
},
"CORS_ALLOW_HEADERS": {
"context": "multisite",
"default": "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range",
"help": "Value of the Access-Control-Allow-Headers header.",
"id": "cors-allow-headers",
"label": "Access-Control-Allow-Headers value",
"regex": "^(\\*|(?![, ])(,? ?([\\w\\-]+)(?!.*\\3(?!.)))*)?$",
"type": "text"
},
"CORS_DENY_REQUEST": {
"context": "multisite",
"default": "yes",

84
src/common/core/greylist/plugin.json
View file

@ -23,13 +23,13 @@
"regex": "^(?! )( *(((\\b25[0-5]|\\b2[0-4]\\d|\\b[01]?\\d\\d?)(\\.(25[0-5]|2[0-4]\\d|[01]?\\d\\d?)){3})(\\/([1-2][0-9]?|3[0-2]?|[04-9]))?|(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]Z{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d)|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d))(\\/(12[0-8]|1[01][0-9]|[0-9][0-9]?))?)(?!.*\\D\\2([^\\d\\/]|$)) *)*$",
"type": "text"
},
"GREYLIST_IP_URLS": {
"context": "global",
"GREYLIST_RDNS": {
"context": "multisite",
"default": "",
"help": "List of URLs, separated with spaces, containing good IP/network to put into the greylist.",
"id": "greylist-ip-urls",
"label": "Greylist IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"help": "List of reverse DNS suffixes, separated with spaces, to put into the greylist.",
"id": "greylist-rdns",
"label": "Greylist reverse DNS",
"regex": "^( *(([^ ]+)(?!.*\\3( |$))) *)*$",
"type": "text"
},
"GREYLIST_RDNS_GLOBAL": {
@ -41,24 +41,6 @@
"regex": "^(yes|no)$",
"type": "check"
},
"GREYLIST_RDNS": {
"context": "multisite",
"default": "",
"help": "List of reverse DNS suffixes, separated with spaces, to put into the greylist.",
"id": "greylist-rdns",
"label": "Greylist reverse DNS",
"regex": "^( *(([^ ]+)(?!.*\\3( |$))) *)*$",
"type": "text"
},
"GREYLIST_RDNS_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to put into the greylist.",
"id": "greylist-rdns-urls",
"label": "Greylist reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_ASN": {
"context": "multisite",
"default": "",
@ -68,15 +50,6 @@
"regex": "^^( *((ASN?)?(\\d+)\\b(?!.*[SN ]\\4\\b)) *)*$",
"type": "text"
},
"GREYLIST_ASN_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to put into the greylist.",
"id": "greylist-asn-urls",
"label": "Greylist ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_USER_AGENT": {
"context": "multisite",
"default": "",
@ -86,15 +59,6 @@
"regex": "^.*$",
"type": "text"
},
"GREYLIST_USER_AGENT_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing good User-Agent to put into the greylist.",
"id": "greylist-user-agent-urls",
"label": "Greylist User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_URI": {
"context": "multisite",
"default": "",
@ -104,6 +68,42 @@
"regex": "^.*$",
"type": "text"
},
"GREYLIST_IP_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing good IP/network to put into the greylist.",
"id": "greylist-ip-urls",
"label": "Greylist IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_RDNS_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to put into the greylist.",
"id": "greylist-rdns-urls",
"label": "Greylist reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_ASN_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to put into the greylist.",
"id": "greylist-asn-urls",
"label": "Greylist ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_USER_AGENT_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing good User-Agent to put into the greylist.",
"id": "greylist-user-agent-urls",
"label": "Greylist User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"GREYLIST_URI_URLS": {
"context": "global",
"default": "",

18
src/common/core/realip/plugin.json
View file

@ -32,15 +32,6 @@
"regex": "^(?! )( *(((\\b25[0-5]|\\b2[0-4]\\d|\\b[01]?\\d\\d?)(\\.(25[0-5]|2[0-4]\\d|[01]?\\d\\d?)){3})(\\/([1-2][0-9]?|3[0-2]?|[04-9]))?|(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]Z{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d)|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d))(\\/(12[0-8]|1[01][0-9]|[0-9][0-9]?))?)(?!.*\\D\\2([^\\d\\/]|$)) *)*$",
"type": "text"
},
"REAL_IP_FROM_URLS": {
"context": "global",
"default": "",
"help": "List of URLs containing trusted IPs / networks, separated with spaces, where proxied requests come from.",
"id": "real-ip-from-urls",
"label": "Real IP from URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"REAL_IP_HEADER": {
"context": "multisite",
"default": "X-Forwarded-For",
@ -58,6 +49,15 @@
"label": "Real IP recursive",
"regex": "^(yes|no)$",
"type": "check"
},
"REAL_IP_FROM_URLS": {
"context": "global",
"default": "",
"help": "List of URLs containing trusted IPs / networks, separated with spaces, where proxied requests come from.",
"id": "real-ip-from-urls",
"label": "Real IP from URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
}
},
"jobs": [

36
src/common/core/redis/plugin.json
View file

@ -68,24 +68,6 @@
"regex": "^[0-9]+$",
"type": "text"
},
"REDIS_KEEPALIVE_IDLE": {
"context": "global",
"default": "30000",
"help": "Max idle time (in ms) before closing redis connection in the pool.",
"id": "redis-keepalive-idle",
"label": "Redis keepalive idle (ms)",
"regex": "^[0-9]+$",
"type": "text"
},
"REDIS_KEEPALIVE_POOL": {
"context": "global",
"default": "10",
"help": "Max number of redis connection(s) kept in the pool.",
"id": "redis-keepalive-pool",
"label": "Redis keepalive pool",
"regex": "^[0-9]+$",
"type": "text"
},
"REDIS_USERNAME": {
"context": "global",
"default": "",
@ -139,6 +121,24 @@
"label": "Redis sentinel master",
"regex": "^.*$",
"type": "text"
},
"REDIS_KEEPALIVE_IDLE": {
"context": "global",
"default": "30000",
"help": "Max idle time (in ms) before closing redis connection in the pool.",
"id": "redis-keepalive-idle",
"label": "Redis keepalive idle (ms)",
"regex": "^[0-9]+$",
"type": "text"
},
"REDIS_KEEPALIVE_POOL": {
"context": "global",
"default": "10",
"help": "Max number of redis connection(s) kept in the pool.",
"id": "redis-keepalive-pool",
"label": "Redis keepalive pool",
"regex": "^[0-9]+$",
"type": "text"
}
}
}

98
src/common/core/reverseproxy/plugin.json
View file

@ -23,6 +23,15 @@
"regex": "^(yes|no)$",
"type": "check"
},
"REVERSE_PROXY_CUSTOM_HOST": {
"context": "multisite",
"default": "",
"help": "Override Host header sent to upstream server.",
"id": "reverse-proxy-custom-host",
"label": "Reverse proxy custom host",
"regex": "^.*$",
"type": "text"
},
"REVERSE_PROXY_HOST": {
"context": "multisite",
"default": "",
@ -123,6 +132,46 @@
"type": "text",
"multiple": "reverse-proxy"
},
"REVERSE_PROXY_CONNECT_TIMEOUT": {
"context": "multisite",
"default": "60s",
"help": "Timeout when connecting to the proxied resource.",
"id": "reverse-proxy-connect-timeout",
"label": "Reverse proxy connect timeout",
"regex": "^\\d+(ms?|[shdwMy])$",
"type": "text",
"multiple": "reverse-proxy"
},
"REVERSE_PROXY_READ_TIMEOUT": {
"context": "multisite",
"default": "60s",
"help": "Timeout when reading from the proxied resource.",
"id": "reverse-proxy-read-timeout",
"label": "Reverse proxy read timeout",
"regex": "^\\d+(ms?|[shdwMy])$",
"type": "text",
"multiple": "reverse-proxy"
},
"REVERSE_PROXY_SEND_TIMEOUT": {
"context": "multisite",
"default": "60s",
"help": "Timeout when sending to the proxied resource.",
"id": "reverse-proxy-send-timeout",
"label": "Reverse proxy send timeout",
"regex": "^\\d+(ms?|[shdwMy])$",
"type": "text",
"multiple": "reverse-proxy"
},
"REVERSE_PROXY_INCLUDES": {
"context": "multisite",
"default": "",
"help": "Additional configuration to include in the location block, separated with spaces.",
"id": "reverse-proxy-includes",
"label": "Reverse proxy includes",
"regex": "^(?! )( ?(\\w+)(?!.*\\b\\2\\b))*$",
"type": "text",
"multiple": "reverse-proxy"
},
"USE_PROXY_CACHE": {
"context": "multisite",
"default": "no",
@ -212,55 +261,6 @@
"label": "Reverse proxy bypass",
"regex": "^.*$",
"type": "text"
},
"REVERSE_PROXY_CONNECT_TIMEOUT": {
"context": "multisite",
"default": "60s",
"help": "Timeout when connecting to the proxied resource.",
"id": "reverse-proxy-connect-timeout",
"label": "Reverse proxy connect timeout",
"regex": "^\\d+(ms?|[shdwMy])$",
"type": "text",
"multiple": "reverse-proxy"
},
"REVERSE_PROXY_READ_TIMEOUT": {
"context": "multisite",
"default": "60s",
"help": "Timeout when reading from the proxied resource.",
"id": "reverse-proxy-read-timeout",
"label": "Reverse proxy read timeout",
"regex": "^\\d+(ms?|[shdwMy])$",
"type": "text",
"multiple": "reverse-proxy"
},
"REVERSE_PROXY_SEND_TIMEOUT": {
"context": "multisite",
"default": "60s",
"help": "Timeout when sending to the proxied resource.",
"id": "reverse-proxy-send-timeout",
"label": "Reverse proxy send timeout",
"regex": "^\\d+(ms?|[shdwMy])$",
"type": "text",
"multiple": "reverse-proxy"
},
"REVERSE_PROXY_INCLUDES": {
"context": "multisite",
"default": "",
"help": "Additional configuration to include in the location block, separated with spaces.",
"id": "reverse-proxy-includes",
"label": "Reverse proxy includes",
"regex": "^(?! )( ?(\\w+)(?!.*\\b\\2\\b))*$",
"type": "text",
"multiple": "reverse-proxy"
},
"REVERSE_PROXY_CUSTOM_HOST": {
"context": "multisite",
"default": "",
"help": "Override Host header sent to upstream server.",
"id": "reverse-proxy-custom-host",
"label": "Reverse proxy custom host",
"regex": "^.*$",
"type": "text"
}
}
}

86
src/common/core/whitelist/plugin.json
View file

@ -23,13 +23,13 @@
"regex": "^(?! )( *(((\\b25[0-5]|\\b2[0-4]\\d|\\b[01]?\\d\\d?)(\\.(25[0-5]|2[0-4]\\d|[01]?\\d\\d?)){3})(\\/([1-2][0-9]?|3[0-2]?|[04-9]))?|(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]Z{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d)|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?\\d)?\\d)\\.){3}(25[0-5]|(2[0-4]|1?\\d)?\\d))(\\/(12[0-8]|1[01][0-9]|[0-9][0-9]?))?)(?!.*\\D\\2([^\\d\\/]|$)) *)*$",
"type": "text"
},
"WHITELIST_IP_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing good IP/network to whitelist.",
"id": "whitelist-ip-urls",
"label": "Whitelist IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"WHITELIST_RDNS": {
"context": "multisite",
"default": ".google.com .googlebot.com .yandex.ru .yandex.net .yandex.com .search.msn.com .baidu.com .baidu.jp .crawl.yahoo.net .fwd.linkedin.com .twitter.com .twttr.com .discord.com",
"help": "List of reverse DNS suffixes, separated with spaces, to whitelist.",
"id": "whitelist-rdns",
"label": "Whitelist reverse DNS",
"regex": "^( *(([^ ]+)(?!.*\\3( |$))) *)*$",
"type": "text"
},
"WHITELIST_RDNS_GLOBAL": {
@ -41,24 +41,6 @@
"regex": "^(yes|no)$",
"type": "check"
},
"WHITELIST_RDNS": {
"context": "multisite",
"default": ".google.com .googlebot.com .yandex.ru .yandex.net .yandex.com .search.msn.com .baidu.com .baidu.jp .crawl.yahoo.net .fwd.linkedin.com .twitter.com .twttr.com .discord.com",
"help": "List of reverse DNS suffixes, separated with spaces, to whitelist.",
"id": "whitelist-rdns",
"label": "Whitelist reverse DNS",
"regex": "^( *(([^ ]+)(?!.*\\3( |$))) *)*$",
"type": "text"
},
"WHITELIST_RDNS_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to whitelist.",
"id": "whitelist-rdns-urls",
"label": "Whitelist reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_ASN": {
"context": "multisite",
"default": "32934",
@ -68,15 +50,6 @@
"regex": "^^( *((ASN?)?(\\d+)\\b(?!.*[SN ]\\4\\b)) *)*$",
"type": "text"
},
"WHITELIST_ASN_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to whitelist.",
"id": "whitelist-asn-urls",
"label": "Whitelist ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_USER_AGENT": {
"context": "multisite",
"default": "",
@ -86,15 +59,6 @@
"regex": "^.*$",
"type": "text"
},
"WHITELIST_USER_AGENT_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing good User-Agent to whitelist.",
"id": "whitelist-user-agent-urls",
"label": "Whitelist User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_URI": {
"context": "multisite",
"default": "",
@ -104,6 +68,42 @@
"regex": "^( *(.*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_IP_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing good IP/network to whitelist.",
"id": "whitelist-ip-urls",
"label": "Whitelist IP/network URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_RDNS_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to whitelist.",
"id": "whitelist-rdns-urls",
"label": "Whitelist reverse DNS URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_ASN_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to whitelist.",
"id": "whitelist-asn-urls",
"label": "Whitelist ASN URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_USER_AGENT_URLS": {
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing good User-Agent to whitelist.",
"id": "whitelist-user-agent-urls",
"label": "Whitelist User-Agent URLs",
"regex": "^( *((https?:\\/\\/|file:\\/\\/\\/)[\\-\\w@:%.+~#=]+[\\-\\w\\(\\)!@:%+.~#?&\\/=$]*)(?!.*\\2(?!.)) *)*$",
"type": "text"
},
"WHITELIST_URI_URLS": {
"context": "global",
"default": "",