2023-06-27 13:22:03 +02:00
|
|
|
|
/**
|
|
|
|
|
|
* turns a domain config to two config files for nginx web sever on proxmox and its container
|
|
|
|
|
|
* @param domainConfig
|
|
|
|
|
|
* @returns {{homeNginxConf: string, containerNginxConf: string, noContainerNginxConf: string}}
|
|
|
|
|
|
*/
|
|
|
|
|
|
export function makeHostFileForNextcloud (domainConfig) {
|
|
|
|
|
|
|
|
|
|
|
|
let domainWithoutWWW = domainConfig.domain;
|
|
|
|
|
|
if(domainConfig.domain.includes('www.')){
|
|
|
|
|
|
domainWithoutWWW = domainConfig.domain.replace('www.', '')
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
let redirectToNoWWW = domainConfig.redirectToNoWWW | false;
|
|
|
|
|
|
let redirectToNoWWWConf = `
|
|
|
|
|
|
server {
|
|
|
|
|
|
# redirect from www to non-www
|
|
|
|
|
|
server_name ${domainConfig.domain};
|
2023-08-28 23:43:54 +02:00
|
|
|
|
listen 80;
|
2023-06-27 13:22:03 +02:00
|
|
|
|
return 301 https://${domainWithoutWWW}$request_uri;
|
|
|
|
|
|
}
|
|
|
|
|
|
`;
|
|
|
|
|
|
|
|
|
|
|
|
let redirectToWWW = domainConfig.redirectToWWW | true;
|
|
|
|
|
|
let redirectToWWWConf = `
|
|
|
|
|
|
server {
|
|
|
|
|
|
# redirect from non-www to www
|
|
|
|
|
|
server_name ${domainWithoutWWW};
|
2023-08-28 23:43:54 +02:00
|
|
|
|
listen 80;
|
2023-06-27 13:22:03 +02:00
|
|
|
|
return 301 https://${domainConfig.domain}$request_uri;
|
|
|
|
|
|
}
|
|
|
|
|
|
`;
|
|
|
|
|
|
|
|
|
|
|
|
let redirectToHTTPS = domainConfig.redirectToNoHTTPS | true;
|
|
|
|
|
|
let redirectToHTTPSConf = `
|
|
|
|
|
|
server {
|
|
|
|
|
|
# redirect to https from http no WWW
|
|
|
|
|
|
server_name ${domainWithoutWWW};
|
2023-08-28 23:43:54 +02:00
|
|
|
|
listen 80;
|
2023-06-27 13:22:03 +02:00
|
|
|
|
return 301 https://${domainWithoutWWW}$request_uri;
|
|
|
|
|
|
}
|
|
|
|
|
|
`;
|
|
|
|
|
|
if(redirectToWWW && redirectToHTTPS){
|
|
|
|
|
|
redirectToWWWConf += `\tserver {
|
|
|
|
|
|
\t\t\t\t# redirect from www to HTTPS too
|
|
|
|
|
|
server_name ${domainConfig.domain};
|
2023-08-28 23:43:54 +02:00
|
|
|
|
listen 80;
|
2023-06-27 13:22:03 +02:00
|
|
|
|
return 301 https://${domainConfig.domain}$request_uri;
|
|
|
|
|
|
}`
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
let hostingFileAccess = ` `;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
*
|
|
|
|
|
|
* @type {{homeNginxConf: string, containerNginxConf: string, noContainerNginxConf: string}}
|
|
|
|
|
|
*/
|
|
|
|
|
|
const model = {
|
|
|
|
|
|
|
|
|
|
|
|
noContainerNginxConf: `
|
|
|
|
|
|
# ============ ${domainConfig.name} ===============
|
|
|
|
|
|
`,
|
|
|
|
|
|
homeNginxConf: `
|
|
|
|
|
|
# ============ ${domainConfig.name} ===============
|
|
|
|
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
|
server_name ${domainConfig.domain};
|
|
|
|
|
|
listen 80;
|
|
|
|
|
|
return 301 ${domainConfig.domain}$request_uri;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
|
listen 443 ssl http2;
|
|
|
|
|
|
listen [::]:443 ssl http2;
|
|
|
|
|
|
server_name ${domainConfig.domain};
|
|
|
|
|
|
ssl_certificate /etc/letsencrypt/live/${domainConfig.domain}/fullchain.pem;
|
|
|
|
|
|
ssl_certificate_key /etc/letsencrypt/live/${domainConfig.domain}/privkey.pem;
|
|
|
|
|
|
location / {
|
|
|
|
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
|
|
|
|
proxy_set_header Host $http_host;
|
|
|
|
|
|
# Container nextcloud
|
|
|
|
|
|
proxy_pass https://10.10.10.106;
|
|
|
|
|
|
}
|
|
|
|
|
|
add_header Permissions-Policy "interest-cohort=()";
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
`,
|
|
|
|
|
|
containerNginxConf: `
|
|
|
|
|
|
# ============ ${domainConfig.name} | côté conteneur LXC ===============
|
|
|
|
|
|
# rien à ajouter si c'est du snap
|
|
|
|
|
|
# ========================== ${domainConfig.name} | fin ================ #
|
|
|
|
|
|
`
|
|
|
|
|
|
}
|
|
|
|
|
|
return model
|
|
|
|
|
|
}
|
