Next.js+React web interface for controlling HAProxy clusters (groups of servers), in conjunction with with https://gitgud.io/fatchan/haproxy-protection.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
Thomas Lynch 005549fe2a Remove branded wording from template text and tooltip 6 days ago
autorenew Make wildcard certs handled properly during renewing/getting root domain of a wildcard for a cert 2 months ago
components Remove the stupid concept of clusters being in the DB, purely read from .env for now 3 weeks ago
controllers Fix deleting IP ranges (v4 or v6) in whitelist blacklist, etc 2 weeks ago
healthcheck increase timeout 3 weeks ago
img update README 1 year ago
loki ESM other processes (worker, stats, loki, autorenew, etc) 8 months ago
maps Add notes and ASN name display to asn blocking map 6 months ago
pages Remove branded wording from template text and tooltip 6 days ago
public Add sitemap and permissive robots.txt 1 year ago
stats Add autodiscover to stat workers too 6 days ago
.dockerignore Allow ca cert and pinned fp/s to be separate, and ignore node_modules in dockerignore, vastly speeds up builds (duh) 1 year ago
.env.example cc and ccn geo blocking 7 months ago
.eslintrc.json Next.js 13, new bootstrap, ESM everything 8 months ago
.gitignore Remove unused down.js, now db controlled 9 months ago
Dockerfile Start on DNS UI 1 year ago
LICENSE add AGPLv3 license 2 years ago
README.md Make all the tables aligned and not ugly as fuck 1 year ago
acme.js Update acme.js to create CAAs for letsencrypt 5 months ago
agent.js Switch stats worker to node-fetch 2 weeks ago
api.js Make the onboarding screen reflect when NS records are properly set for the first domain on the account (assuming added by onboarding form too) and update every minute 2 months ago
ca.js Next.js 13, new bootstrap, ESM everything 8 months ago
db.js Next.js 13, new bootstrap, ESM everything 8 months ago
docker-compose.yml Start on DNS UI 1 year ago
ecosystem.config.cjs Next.js 13, new bootstrap, ESM everything 8 months ago
next.config.js Next.js 13, new bootstrap, ESM everything 8 months ago
package-lock.json ESM other processes (worker, stats, loki, autorenew, etc) 8 months ago
package.json ESM other processes (worker, stats, loki, autorenew, etc) 8 months ago
redis.js Fix stats queue 8 months ago
redlock.js Next.js 13, new bootstrap, ESM everything 8 months ago
reset.js Remove the stupid concept of clusters being in the DB, purely read from .env for now 3 weeks ago
router.js Remove the stupid concept of clusters being in the DB, purely read from .env for now 3 weeks ago
server.js make server use host and port vars in listen() 2 weeks ago
specification_openapiv3.js Next.js 13, new bootstrap, ESM everything 8 months ago
templates.js Next.js 13, new bootstrap, ESM everything 8 months ago
update.js Next.js 13, new bootstrap, ESM everything 8 months ago
util.js Add notes to other maps and improve the display to use the "-" icon like other empty rows 6 months ago

README.md

BasedFlare Control Panel

Work in progress. Not recommended for production deployment. No instructions or help provided whatsoever.

Internally uses haproxy dataplaneapi. Intended for use with haproxy-protection.

Provides a control panel interface to conveniently manage clusters (groups of identically configured) HAProxy servers. Can be used with a single server cluster. Uses haproxy runtime apis to update maps, acls, etc.

Features:
  • List/add/remove clusters (server groups).
  • List/add/remove domains for your account.
  • Control allowed hosts for a cluster.
  • Custom backend server IP and port per-domain.
  • HTTPS certificate management. Automatically generate for domain(s) and upload to cluster servers.
  • Supports local private CA. Can install root cert on all your proxies and can sign CSR's for proper origin ssl validation.
  • IP or subnet blacklist. Supports ipv4 and ipv6.
  • IP or subnet whitelist. Supports ipv4 and ipv6.
  • Redirects, rewrites url to a different domain+path.
  • Protection rules, choose bot protection mode "none" (whitelist), proof-of-work or proof-of-work+captcha. Can be domain-wide or a domain+path. Path overrides domain-wide.
  • Global override for protection mode, to enable for all domains in a cluster.
  • Maintenance mode, disables proxying for selected domains and serves an "under maintenance" page from haproxy.
  • Statistics page with server and backend-level breakdowns based on haproxy stats socket data. Ability to export statistics to influxdb.

License

GNU AGPLv3, see LICENSE.

Screenshots

screenshot

For generous people

Bitcoin (BTC): bc1q4elrlz5puak4m9xy3hfvmpempnpqpu95v8s9m6

Monero (XMR): 89J9DXPLUBr5HjNDNZTEo4WYMFTouSsGjUjBnUCCUxJGUirthnii4naZ8JafdnmhPe4NP1nkWsgcK82Uga7X515nNR1isuh

Oxen (OXEN): LBjExqjDKCFT6Tj198CfK8auAzBERJX1ogtcsjuKZ6AYWTFxwEADLgf2zZ8NHvWCa1UW7vrtY8DJmPYFpj3MEE69CryCvN6