Merge branch 'master' of https://github.com/Ylianst/MeshCentral

.github/ISSUE_TEMPLATE/question.md

@@ -0,0 +1,68 @@
+---
+name: Question
+about: Create a question for community help
+title: ''
+labels: question
+assignees: ''
+
+---
+
+**Describe your issue**
+A clear and concise description of what your issue is.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Server Software (please complete the following information):**
+ - OS: [e.g. Ubuntu]
+ - Virtualization: [e.g. Docker]
+ - Network: [e.g. LAN/WAN, reverse proxy, cloudflare, ssl offload, etc...]
+ - Version: [e.g. 1.0.43]
+ - Node: [e.g. 18.4.0]
+
+**Client Device (please complete the following information):**
+ - Device: [e.g. Laptop]
+ - OS: [e.g. Ubuntu]
+ - Network: [e.g. Local to Meshcentral, Remote over WAN]
+ - Browser: [e.g. Google Chrome]
+ - MeshCentralRouter Version: [if applicable]
+
+**Remote Device (please complete the following information):**
+ - Device: [e.g. Laptop]
+ - OS: [e.g. Windows 10 21H2]
+ - Network: [e.g. Local to Meshcentral, Remote over WAN]
+ - Current Core Version (if known): [**HINT**: Go to a device then `console` Tab then type `info`]
+
+**Your config.json file**
+```
+{
+  "$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
+  "__comment1__": "This is a simple configuration file, all values and sections that start with underscore (_) are ignored. Edit a section and remove the _ in front of the name. Refer to the user's guide for details.",
+  "__comment2__": "See node_modules/meshcentral/sample-config-advanced.json for a more advanced example.",
+  "settings": {
+    "_cert": "myserver.mydomain.com",
+    "_WANonly": true,
+    "_LANonly": true,
+    "_sessionKey": "MyReallySecretPassword1",
+    "_port": 443,
+    "_aliasPort": 443,
+    "_redirPort": 80,
+    "_redirAliasPort": 80
+  },
+  "domains": {
+    "": {
+      "_title": "MyServer",
+      "_title2": "Servername",
+      "_minify": true,
+      "_newAccounts": true,
+      "_userNameIsEmail": true
+    }
+  },
+  "_letsencrypt": {
+    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before trying Let's Encrypt.",
+    "email": "myemail@mydomain.com",
+    "names": "myserver.mydomain.com",
+    "production": false
+  }
+}
+```

docs/Example configs/haproxy-with-sni-sample.cfg

@@ -0,0 +1,40 @@
+# Uses proxy protocol in HAProxy in combination with SNI to preserve the original host address
+# Update the config.json to work with HAProxy
+# 
+# Specify the hostname and port that has the public certificate
+# "tlsOffload": "https://mc.publicdomain.com:443",
+# 
+# Specify the IP address of the HAProxy instance (this might not be the address that is bound to the listener).
+# "TrustedProxy": "10.1.1.10",
+
+
+frontend sni-front
+        bind 10.1.1.10:443
+        mode tcp
+        tcp-request inspect-delay 5s
+        tcp-request content accept if { req_ssl_hello_type 1 }
+        default_backend sni-back
+
+backend sni-back
+        mode tcp
+        acl gitlab-sni req_ssl_sni -i gitlab.publicdomain.com
+        acl mc-sni req_ssl_sni -i mc.publicdomain.com
+        use-server gitlabSNI if gitlab-sni
+        use-server mc-SNI if mc-sni
+        server mc-SNI 10.1.1.10:1443 send-proxy-v2-ssl-cn
+
+frontend mc-front-HTTPS
+        mode http
+        option forwardfor
+        bind 10.1.1.10:1443 ssl crt /etc/haproxy/vm.publicdomain.net.pem accept-proxy
+        http-request set-header X-Forwarded-Proto https
+        option tcpka
+        default_backend mc-back-HTTP
+
+backend mc-back-HTTPS
+        mode http
+        option forwardfor
+        http-request add-header X-Forwarded-Host %[req.hdr(Host)]
+        option http-server-close
+        server mc-01 10.1.1.30:443 check port 443 verify none
+