diff --git a/etc/emq.conf b/etc/emq.conf index 1042d880b..70fcd762c 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -1084,6 +1084,10 @@ listener.ws.external.max_clients = 102400 ## Value: ACL Rule listener.ws.external.access.1 = allow all +## listener.ws.external.proxy_address_header = x-forwarded-for + +## listener.ws.external.proxy_port_header = x-remote-port + ## Enable the Proxy Protocol V1/2 if the EMQ cluster is deployed behind ## HAProxy or Nginx. ## @@ -1200,6 +1204,10 @@ listener.wss.external.max_clients = 64 ## Value: ACL Rule listener.wss.external.access.1 = allow all +## listener.wss.external.proxy_address_header = x-forwarded-for + +## listener.wss.external.proxy_port_header = x-remote-port + ## Enable the Proxy Protocol V1/2 support. ## ## See: listener.tcp..proxy_protocol diff --git a/priv/emq.schema b/priv/emq.schema index b07055ead..9f8dbcf74 100644 --- a/priv/emq.schema +++ b/priv/emq.schema @@ -1029,6 +1029,16 @@ end}. {datatype, string} ]}. +{mapping, "listener.ws.$name.proxy_port_header", "emqttd.listeners", [ + {datatype, string}, + hidden +]}. + +{mapping, "listener.ws.$name.proxy_address_header", "emqttd.listeners", [ + {datatype, string}, + hidden +]}. + {mapping, "listener.ws.$name.proxy_protocol", "emqttd.listeners", [ {datatype, flag} ]}. @@ -1115,6 +1125,16 @@ end}. {datatype, string} ]}. +{mapping, "listener.wss.$name.proxy_port_header", "emqttd.listeners", [ + {datatype, string}, + hidden +]}. + +{mapping, "listener.wss.$name.proxy_address_header", "emqttd.listeners", [ + {datatype, string}, + hidden +]}. + {mapping, "listener.wss.$name.proxy_protocol", "emqttd.listeners", [ {datatype, flag} ]}. @@ -1244,7 +1264,9 @@ end}. {proxy_protocol, cuttlefish:conf_get(Prefix ++ ".proxy_protocol", Conf, undefined)}, {proxy_protocol_timeout, cuttlefish:conf_get(Prefix ++ ".proxy_protocol_timeout", Conf, undefined)}, {mountpoint, MountPoint(cuttlefish:conf_get(Prefix ++ ".mountpoint", Conf, undefined))}, - {peer_cert_as_username, cuttlefish:conf_get(Prefix ++ ".peer_cert_as_username", Conf, undefined)}]) + {peer_cert_as_username, cuttlefish:conf_get(Prefix ++ ".peer_cert_as_username", Conf, undefined)}, + {proxy_port_header, cuttlefish:conf_get(Prefix ++ ".proxy_port_header", Conf, undefined)}, + {proxy_address_header, cuttlefish:conf_get(Prefix ++ ".proxy_address_header", Conf, undefined)}]) end, LisOpts = fun(Prefix) -> @@ -1290,7 +1312,8 @@ end}. undefined -> []; ListenOn -> - [{Atom(Type), ListenOn, [{connopts, ConnOpts(Prefix)}, {sockopts, TcpOpts(Prefix)} | LisOpts(Prefix)]}] + [{Atom(Type), ListenOn, [{connopts, ConnOpts(Prefix)}, + {sockopts, TcpOpts(Prefix)} | LisOpts(Prefix)]}] end end, diff --git a/src/emqttd.app.src b/src/emqttd.app.src index 4ff79090a..c1291446a 100644 --- a/src/emqttd.app.src +++ b/src/emqttd.app.src @@ -1,6 +1,6 @@ {application,emqttd, [{description,"Erlang MQTT Broker"}, - {vsn,"2.3.3"}, + {vsn,"2.3.4"}, {modules,[]}, {registered,[emqttd_sup]}, {applications,[kernel,stdlib,gproc,lager,esockd,mochiweb,