add php custom website

nginx_config_maker/README.md

@@ -1,6 +1,9 @@
 # Nginx config maker
 
 crée une configuration nginx pour des sites web selon certaines préconfigurations
+# pile technique
+du nodejs pour générer des fichiers de conf nginx,
+pour faire marcher des sites web en PHP, avec divers frameworks comme symfony ou wordpress.
 
 # utilisation
 configurer l'objet de conf listant les domaines et leur framework,

nginx_config_maker/index.mjs

@@ -6,6 +6,7 @@
 import fs from 'node-fs'
 import { makeHostFileForWordpress } from './model.wordpress.mjs'
 import { makeHostFileForSymfony } from './model.symfony.mjs'
+import { makeHostFileForPhpPages } from './model.php-website'
 
 const LXCcontainerLocalIP = '10.10.10.103'
 const LXCcontainerProtocol = 'https'
@@ -109,6 +110,14 @@ const domainsConfig = [{
 		framework: 'symfony',
 		disableSSL: false,
 	},
+	{
+		LXCcontainerLocalIP,
+		LXCcontainerProtocol,
+		name: 'Chaton coussinet',
+		domain: 'www.coussinet.org',
+		framework: 'static',
+		disableSSL: false,
+	},
 ]
 // autres frameworks:
 // nextcloud: cloud.tykayn.fr
@@ -130,6 +139,9 @@ for (let configDomain of domainsConfig) {
 	if (configDomain.framework === 'symfony') {
 		hostFile = makeHostFileForSymfony(configDomain)
 	}
+	if (configDomain.framework === 'static') {
+		hostFile = makeHostFileForPhpPages(configDomain)
+	}
 	writeFile(configDomain.domain + '_host.conf', hostFile.homeNginxConf)
 	writeFile(configDomain.domain + '_container.conf', hostFile.containerNginxConf)
 }

nginx_config_maker/model.php-website.mjs

@@ -0,0 +1,91 @@
+/**
+ * turns a domain config to two config files for nginx web sever on proxmox and its container
+ * @param domainConfig
+ * @returns {{homeNginxConf: string, containerNginxConf: string}}
+ */
+export function makeHostFileForPhpPages (domainConfig) {
+
+	/**
+	 * @type {{homeNginxConf: string, containerNginxConf: string}}
+	 */
+	const model = {
+		homeNginxConf: `
+# ============ ${domainConfig.name} ===============
+
+server {
+			# redirect to https from http
+        server_name ${domainConfig.domain};
+        listen 80 http2;
+        return 301 https://${domainConfig.domain}$request_uri;
+}
+
+server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+
+        server_name ${domainConfig.domain};
+        ssl_certificate /etc/letsencrypt/live/${domainConfig.domain}-0001/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/${domainConfig.domain}-0001/privkey.pem;
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
+        
+        location / {
+                proxy_set_header   X-Forwarded-For $remote_addr;
+                proxy_set_header   Host $http_host;
+                # Container tksites
+                proxy_pass         ${domainConfig.LXCcontainerProtocol}://${domainConfig.LXCcontainerLocalIP};
+        }
+
+        add_header Permissions-Policy "interest-cohort=()";
+}
+`,
+		containerNginxConf: `
+		# ============ ${domainConfig.name} | côté conteneur LXC ===============
+		server {
+    if ($host = ${domainConfig.domain}) {
+        return 301 https://$host$request_uri;
+    }
+
+
+    listen 80 ;
+    listen [::]:80 ;
+    server_name ${domainConfig.domain};
+
+    add_header Permissions-Policy "interest-cohort=()";
+    
+    root /home/www/${domainConfig.domain};
+		index index.php index.html;
+
+		location = /favicon.ico {
+						log_not_found off;
+						access_log off;
+		}
+
+		location = /robots.txt {
+						allow all;
+						log_not_found off;
+						access_log off;
+		}
+
+        location / {
+                try_files $uri $uri/ /index.php?$args;
+        }
+
+        location ~ \\.php$ {
+                #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
+                include fastcgi.conf;
+                fastcgi_intercept_errors on;
+                fastcgi_pass php-handler;
+        }
+
+        location ~* \\.(js|css|png|jpg|jpeg|gif|ico)$ {
+                expires max;
+                log_not_found off;
+        }
+    add_header Permissions-Policy "interest-cohort=()";
+
+} 
+# ========================== ${domainConfig.name} | fin ================ #
+		`
+	}
+	return model
+}

nginx_config_maker/model.symfony.mjs

@@ -7,6 +7,7 @@ export function makeHostFileForSymfony(domainConfig){
 	const model = {
 		homeNginxConf : `
 # ---------------- ${domainConfig.name} -------------------------
+# ---------- un site utilisant Symfony --------------------------
 
 server {
         server_name ${domainConfig.name};

nginx_config_maker/model.wordpress.mjs

@@ -19,6 +19,7 @@ export function makeHostFileForWordpress (domainConfig) {
 	const model = {
 		homeNginxConf: `
 # ============ ${domainConfig.name} ===============
+# ---------- un site utilisant Wordpress ----------
 
 server {
 			# redirect to https from http
@@ -51,29 +52,10 @@ server {
     if ($host = ${domainConfig.domain}) {
         return 301 https://$host$request_uri;
     }
-
-
     listen 80 ;
     listen [::]:80 ;
     server_name ${domainConfig.domain};
-    # enforce https
-    return 301 https://$server_name$request_uri;
-
-    add_header Permissions-Policy "interest-cohort=()";
-
-
-}
-
-# ==== https | côté conteneur LXC ===============
-
-server {
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-    server_name ${domainConfig.domain};
-
-    ssl_certificate /etc/letsencrypt/live/${domainConfig.domain}-0001/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/${domainConfig.domain}-0001/privkey.pem; # managed by Certbot
-
+       
   	# Path to the root of your installation
     root /home/www/tykayn/${domainConfig.domain}/;