Dont allow maintence page on remote nodes

2026-01-28 22:00:51 +00:00 · 2025-12-23 15:24:26 -05:00
parent ddaaf34dbd
commit 729c2adb3f
4 changed files with 8 additions and 6 deletions
--- a/server/lib/traefik/getTraefikConfig.ts
+++ b/server/lib/traefik/getTraefikConfig.ts
@@ -41,9 +41,10 @@ type TargetWithSite = Target & {
 export async function getTraefikConfig(
    exitNodeId: number,
    siteTypes: string[],
-    filterOutNamespaceDomains = false,
-    generateLoginPageRouters = false,
-    allowRawResources = true
+    filterOutNamespaceDomains = false, // UNUSED BUT USED IN PRIVATE
+    generateLoginPageRouters = false, // UNUSED BUT USED IN PRIVATE
+    allowRawResources = true,
+    allowMaintenancePage = true, // UNUSED BUT USED IN PRIVATE
 ): Promise<any> {
    // Get resources with their targets and sites in a single optimized query
    // Start from sites on this exit node, then join to targets and resources
--- a/server/private/lib/traefik/getTraefikConfig.ts
+++ b/server/private/lib/traefik/getTraefikConfig.ts
@@ -464,7 +464,7 @@ export async function getTraefikConfig(
                }
            }

-            if (showMaintenancePage) {
+            if (showMaintenancePage && allowMaintenancePage) {
                const maintenanceServiceName = `${key}-maintenance-service`;
                const maintenanceRouterName = `${key}-maintenance-router`;
                const rewriteMiddlewareName = `${key}-maintenance-rewrite`;
--- a/server/private/routers/hybrid.ts
+++ b/server/private/routers/hybrid.ts
@@ -247,7 +247,8 @@ hybridRouter.get(
                ["newt", "local", "wireguard"], // Allow them to use all the site types
                true, // But don't allow domain namespace resources
                false, // Dont include login pages,
-                true // allow raw resources
+                true, // allow raw resources
+                false // dont generate maintenance page
            );

            return response(res, {
--- a/src/app/[orgId]/settings/resources/proxy/[niceId]/general/page.tsx
+++ b/src/app/[orgId]/settings/resources/proxy/[niceId]/general/page.tsx
@@ -189,7 +189,7 @@ function MaintenanceSectionForm({
                                name="maintenanceModeEnabled"
                                render={({ field }) => {
                                    const isDisabled =
-                                        isSecurityFeatureDisabled();
+                                        isSecurityFeatureDisabled() || resource.http === false;

                                    return (
                                        <FormItem>