Merge pull request #1270 from pikasTech/issue-2268-caddy-api-handle

fix: isolate hwlab caddy api route
This commit is contained in:
Lyon
2026-06-30 07:08:47 +08:00
committed by GitHub
2 changed files with 12 additions and 8 deletions
@@ -25,6 +25,6 @@ test("public exposure leaves auth routes on cloud-web same-origin proxy", () =>
assert.match(block, /@api path \/health\* \/v1\* \/json-rpc\* \/openapi\* \/docs\* \/swagger\*/u);
assert.doesNotMatch(block, /@api path[^\n]*\/auth\*/u);
assert.match(block, /reverse_proxy @api 127\.0\.0\.1:22089/u);
assert.match(block, /reverse_proxy 127\.0\.0\.1:22090/u);
assert.match(block, /handle @api \{\n\s+reverse_proxy 127\.0\.0\.1:22089/u);
assert.match(block, /handle \{\n\s+reverse_proxy 127\.0\.0\.1:22090/u);
});
+10 -6
View File
@@ -985,14 +985,18 @@ export function publicExposureCaddyBlock(exposure: HwlabRuntimePublicExposureSpe
const tlsLines = exposure.caddyTls === "internal" ? " tls internal\n" : "";
const mainBlock = `${exposure.hostname} {
${tlsLines} @api path /health* /v1* /json-rpc* /openapi* /docs* /swagger*
reverse_proxy @api 127.0.0.1:${exposure.apiProxy.remotePort} {
transport http {
response_header_timeout ${exposure.responseHeaderTimeoutSeconds}s
handle @api {
reverse_proxy 127.0.0.1:${exposure.apiProxy.remotePort} {
transport http {
response_header_timeout ${exposure.responseHeaderTimeoutSeconds}s
}
}
}
reverse_proxy 127.0.0.1:${exposure.webProxy.remotePort} {
transport http {
response_header_timeout ${exposure.responseHeaderTimeoutSeconds}s
handle {
reverse_proxy 127.0.0.1:${exposure.webProxy.remotePort} {
transport http {
response_header_timeout ${exposure.responseHeaderTimeoutSeconds}s
}
}
}
}`;