diff --git a/kms.php b/kms.php index c74befa..56c760a 100755 --- a/kms.php +++ b/kms.php @@ -34,6 +34,11 @@ function load_nginx_config(int $kms_port, int $http_port): void { listen $http_port; listen [::]:$http_port ipv6only=on; + set_real_ip_from ::/0; + set_real_ip_from 0.0.0.0/0; + real_ip_header X-Real-IP; + real_ip_recursive on; + location /assets { root /kms-server; } @@ -75,17 +80,21 @@ function get_param(string $field, string $default): string { function load_params(): void { global $argv; - if (in_array('--debug', $argv)) { // enter debug mode - logging::$logLevel = logging::DEBUG; + if (strtolower(getenv('DEBUG')) === 'true' || in_array('--debug', $argv)) { + logging::$logLevel = logging::DEBUG; // enter debug mode } global $ENABLE_HTTP; - if (in_array('--disable-http', $argv)) { // disable http service + if (strtolower(getenv('DISABLE_HTTP')) === 'true' || in_array('--disable-http', $argv)) { logging::warning('Disable http service'); - $ENABLE_HTTP = false; + $ENABLE_HTTP = false; // disable http service } global $KMS_PORT; + if (getenv('KMS_PORT')) { + $KMS_PORT = intval(getenv('KMS_PORT')); + logging::debug('Get KMS_PORT from env -> ' . $KMS_PORT); + } $KMS_PORT = intval(get_param('--kms-port', strval($KMS_PORT))); if ($KMS_PORT < 1 || $KMS_PORT > 65535) { // 1 ~ 65535 logging::critical('Illegal KMS Port -> ' . $KMS_PORT); @@ -98,6 +107,10 @@ function load_params(): void { } global $HTTP_PORT; + if (getenv('HTTP_PORT')) { + $HTTP_PORT = intval(getenv('HTTP_PORT')); + logging::debug('Get HTTP_PORT from env -> ' . $HTTP_PORT); + } $HTTP_PORT = intval(get_param('--http-port', strval($HTTP_PORT))); if ($HTTP_PORT < 1 || $HTTP_PORT > 65535) { // 1 ~ 65535 logging::critical('Illegal HTTP Port -> ' . $HTTP_PORT); diff --git a/nginx/nginx.conf b/nginx/nginx.conf index b0cf953..9270db3 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -10,6 +10,9 @@ events { } http { + log_format access '[$time_iso8601] $remote_addr -> $scheme://$host - "$request"' + ' -> ($status) ↑$request_length ↓$bytes_sent {$http_user_agent}'; + access_log /var/log/nginx/access.log access; include /etc/nginx/mime.types; include /etc/nginx/kms.conf; }