diff --git a/CHANGELOG.md b/CHANGELOG.md
index 860db8c7..532e6bad 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
* Added new scripts for service options that allows installation of software in a privileged Docker container on the node prior to marking a server as installed.
* Added ability to reinstall a server using the currently assigned service and option.
* Added ability to change a server's service and service option, as well as change pack assignments and other management services in that regard.
+* Added support for using a proxy such as Cloudflare with a node connection. Previously there was no way to tell the panel to connect over SSL without marking the Daemon as also using SSL.
### Changed
* Environment setting commands now attempt to auto-quote strings with spaces in them, as well as comment lines that are edited to avoid manual changes being overwritten.
diff --git a/app/Http/Controllers/Admin/NodesController.php b/app/Http/Controllers/Admin/NodesController.php
index 1300b964..653992ce 100644
--- a/app/Http/Controllers/Admin/NodesController.php
+++ b/app/Http/Controllers/Admin/NodesController.php
@@ -88,7 +88,7 @@ class NodesController extends Controller
]),
$request->intersect([
'name', 'location_id', 'fqdn',
- 'scheme', 'memory', 'disk',
+ 'scheme', 'memory', 'disk', 'behind_proxy',
'daemonBase', 'daemonSFTP', 'daemonListen',
])
));
@@ -218,7 +218,7 @@ class NodesController extends Controller
'public', 'disk_overallocate', 'memory_overallocate',
]),
$request->intersect([
- 'name', 'location_id', 'fqdn',
+ 'name', 'location_id', 'fqdn', 'behind_proxy',
'scheme', 'memory', 'disk', 'upload_size',
'reset_secret', 'daemonSFTP', 'daemonListen',
])
diff --git a/app/Models/Node.php b/app/Models/Node.php
index 5b046456..62b4c891 100644
--- a/app/Models/Node.php
+++ b/app/Models/Node.php
@@ -59,6 +59,7 @@ class Node extends Model
'disk' => 'integer',
'daemonListen' => 'integer',
'daemonSFTP' => 'integer',
+ 'behind_proxy' => 'boolean',
];
/**
@@ -68,8 +69,8 @@ class Node extends Model
*/
protected $fillable = [
'public', 'name', 'location_id',
- 'fqdn', 'scheme', 'memory',
- 'memory_overallocate', 'disk',
+ 'fqdn', 'scheme', 'behind_proxy',
+ 'memory', 'memory_overallocate', 'disk',
'disk_overallocate', 'upload_size',
'daemonSecret', 'daemonBase',
'daemonSFTP', 'daemonListen',
@@ -121,7 +122,7 @@ class Node extends Model
'host' => '0.0.0.0',
'listen' => $this->daemonListen,
'ssl' => [
- 'enabled' => $this->scheme === 'https',
+ 'enabled' => (! $this->behind_proxy && $this->scheme === 'https'),
'certificate' => '/etc/letsencrypt/live/' . $this->fqdn . '/fullchain.pem',
'key' => '/etc/letsencrypt/live/' . $this->fqdn . '/privkey.pem',
],
@@ -143,7 +144,7 @@ class Node extends Model
'count' => 3,
],
'remote' => [
- 'base' => config('app.url'),
+ 'base' => route('index'),
'download' => route('remote.download'),
'installed' => route('remote.install'),
],
diff --git a/app/Repositories/NodeRepository.php b/app/Repositories/NodeRepository.php
index 0b361c3d..6cb61daa 100644
--- a/app/Repositories/NodeRepository.php
+++ b/app/Repositories/NodeRepository.php
@@ -52,6 +52,7 @@ class NodeRepository
'public' => 'required|numeric|between:0,1',
'fqdn' => 'required|string|unique:nodes,fqdn',
'scheme' => 'required|regex:/^(http(s)?)$/',
+ 'behind_proxy' => 'required|boolean',
'memory' => 'required|numeric|min:1',
'memory_overallocate' => 'required|numeric|min:-1',
'disk' => 'required|numeric|min:1',
@@ -109,6 +110,7 @@ class NodeRepository
'public' => 'numeric|between:0,1',
'fqdn' => 'string|unique:nodes,fqdn,' . $id,
'scheme' => 'regex:/^(http(s)?)$/',
+ 'behind_proxy' => 'boolean',
'memory' => 'numeric|min:1',
'memory_overallocate' => 'numeric|min:-1',
'disk' => 'numeric|min:1',
@@ -166,7 +168,7 @@ class NodeRepository
'web' => [
'listen' => $node->daemonListen,
'ssl' => [
- 'enabled' => ($node->scheme === 'https'),
+ 'enabled' => (! $node->behind_proxy && $node->scheme === 'https'),
],
],
'sftp' => [
diff --git a/database/migrations/2017_04_27_223629_AddAbilityToDefineConnectionOverSSLWithDaemonBehindProxy.php b/database/migrations/2017_04_27_223629_AddAbilityToDefineConnectionOverSSLWithDaemonBehindProxy.php
new file mode 100644
index 00000000..f82d3925
--- /dev/null
+++ b/database/migrations/2017_04_27_223629_AddAbilityToDefineConnectionOverSSLWithDaemonBehindProxy.php
@@ -0,0 +1,32 @@
+boolean('behind_proxy')->after('scheme')->default(false);
+ });
+ }
+
+ /**
+ * Reverse the migrations.
+ *
+ * @return void
+ */
+ public function down()
+ {
+ Schema::table('nodes', function (Blueprint $table) {
+ $table->dropColumn('behind_proxy');
+ });
+ }
+}
diff --git a/resources/themes/pterodactyl/admin/nodes/new.blade.php b/resources/themes/pterodactyl/admin/nodes/new.blade.php
index eb58e32f..98765bee 100644
--- a/resources/themes/pterodactyl/admin/nodes/new.blade.php
+++ b/resources/themes/pterodactyl/admin/nodes/new.blade.php
@@ -78,19 +78,28 @@
- SSL should only be disabled if this node is assigned an IP address as the FQDN and not an actual FQDN. Disabling SSL could allow a malicious user to intercept traffic between the panel and the daemon potentially exposing sensitive information.
+ In most cases you should select to use a SSL connection. If using an IP Address or you do not wish to use SSL at all, select a HTTP connection.
@@ -102,6 +111,11 @@