zishuo/frigate
1
0
Fork 0
mirror of https://github.com/blakeblackshear/frigate.git synced 2025-09-26 19:41:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

Limit exposed go2rtc api to bare minimum (#8762)

Browse Source 
* only permit GET requests to go2rtc

* bare minimum go2rtc passthrough

* support frigate card

* expose go2rtc streams data only
This commit is contained in:
Blake Blackshear
2023-11-28 00:25:47 +00:00
committed by GitHub
parent 15644a2b0c
commit a490c375f4
3 changed files with 56 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
docker/main/rootfs/usr/local/nginx/conf/nginx.conf
View File

@@ -164,19 +164,38 @@ http {
include proxy.conf;
}
location /live/mse/ {
proxy_pass http://go2rtc/;
# frigate lovelace card uses this path
location /live/mse/api/ws {
limit_except GET {
deny all;
}
proxy_pass http://go2rtc/api/ws;
include proxy.conf;
}
location /live/webrtc/ {
proxy_pass http://go2rtc/;
location /live/webrtc/api/ws {
limit_except GET {
deny all;
}
proxy_pass http://go2rtc/api/ws;
include proxy.conf;
}
location ~* /api/go2rtc([/]?.*)$ {
proxy_pass http://go2rtc;
rewrite ^/api/go2rtc(.*)$ /api$1 break;
# pass through go2rtc player
location /live/webrtc/webrtc.html {
limit_except GET {
deny all;
}
proxy_pass http://go2rtc/webrtc.html;
include proxy.conf;
}
# frontend uses this to fetch the version
location /api/go2rtc/api {
limit_except GET {
deny all;
}
proxy_pass http://go2rtc/api;
include proxy.conf;
}