tykayn/scripts
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

fix models

Browse Source
This commit is contained in:
Tykayn 2023-06-12 23:33:07 +02:00 committed by tykayn
parent aed86dd36a
commit 52a3afb98a
3 changed files with 25 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
nginx_config_maker/index.mjs
View File

@ -10,6 +10,7 @@ import { makeHostFileForSymfony } from './model.symfony.mjs'
const LXCcontainerLocalIP = '10.10.10.103' const LXCcontainerLocalIP = '10.10.10.103'
const LXCcontainerProtocol = 'https' const LXCcontainerProtocol = 'https'
const domainsConfig = [{ const domainsConfig = [{
LXCcontainerLocalIP, LXCcontainerLocalIP,
LXCcontainerProtocol, LXCcontainerProtocol,
@ -129,8 +130,8 @@ for (let configDomain of domainsConfig) {
if (configDomain.framework === 'symfony') { if (configDomain.framework === 'symfony') {
hostFile = makeHostFileForSymfony(configDomain) hostFile = makeHostFileForSymfony(configDomain)
} }
writeFile(configDomain.domain + '.host.conf', hostFile.homeNginxConf) writeFile(configDomain.domain + '_host.conf', hostFile.homeNginxConf)
writeFile(configDomain.domain + '.container.conf', hostFile.containerNginxConf) writeFile(configDomain.domain + '_container.conf', hostFile.containerNginxConf)
} }
function writeFile (fileName, fileContent) { function writeFile (fileName, fileContent) {

8
nginx_config_maker/model.symfony.mjs
View File

@ -35,23 +35,23 @@ server {
} }
`, `,
containerNginxConf : `server { containerNginxConf : `server {
if ($host = ${domainConfig.name}) { if ($host = ${domainConfig.domain}) {
return 301 https://$host$request_uri; return 301 https://$host$request_uri;
} }
listen 80 ; listen 80 ;
listen [::]:80 ; listen [::]:80 ;
server_name ${domainConfig.name}; server_name ${domainConfig.domain};
# enforce https # enforce https
return 301 https://$server_name$request_uri; return 301 https://$server_name$request_uri;
add_header Permissions-Policy "interest-cohort=()"; add_header Permissions-Policy "interest-cohort=()";
root /home/www/tykayn/${domainConfig.name}/; root /home/www/tykayn/${domainConfig.domain}/;
index index.php index.html; index index.php index.html;
} }
# ========================== ${domainConfig.name} | fin ================ #
` `
} }
return model; return model;

35
nginx_config_maker/model.wordpress.mjs
View File

@ -22,18 +22,18 @@ export function makeHostFileForWordpress (domainConfig) {
server { server {
# redirect to https from http # redirect to https from http
server_name ${domainConfig.name}; server_name ${domainConfig.domain};
listen 80 http2; listen 80 http2;
return 301 https://${domainConfig.name}$request_uri; return 301 https://${domainConfig.domain}$request_uri;
} }
server { server {
listen 443 ssl http2; listen 443 ssl http2;
listen [::]:443 ssl http2; listen [::]:443 ssl http2;
server_name ${domainConfig.name}; server_name ${domainConfig.domain};
ssl_certificate /etc/letsencrypt/live/${domainConfig.name}-0001/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${domainConfig.domain}-0001/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${domainConfig.name}-0001/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${domainConfig.domain}-0001/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
location / { location / {
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
@ -48,14 +48,14 @@ server {
containerNginxConf: ` containerNginxConf: `
# ============ ${domainConfig.name} | côté conteneur LXC =============== # ============ ${domainConfig.name} | côté conteneur LXC ===============
server { server {
if ($host = www.cipherbliss.com) { if ($host = ${domainConfig.domain}) {
return 301 https://$host$request_uri; return 301 https://$host$request_uri;
} # managed by Certbot }
listen 80 ; listen 80 ;
listen [::]:80 ; listen [::]:80 ;
server_name www.cipherbliss.com; server_name ${domainConfig.domain};
# enforce https # enforce https
return 301 https://$server_name$request_uri; return 301 https://$server_name$request_uri;
@ -63,18 +63,20 @@ server {
} }
# ==== https | côté conteneur LXC ===============
server { server {
listen 443 ssl http2; listen 443 ssl http2;
listen [::]:443 ssl http2; listen [::]:443 ssl http2;
server_name www.cipherbliss.com; server_name ${domainConfig.domain};
ssl_certificate /etc/letsencrypt/live/www.cipherbliss.com-0001/fullchain.pem; # managed by Certbot ssl_certificate /etc/letsencrypt/live/${domainConfig.domain}-0001/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.cipherbliss.com-0001/privkey.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/${domainConfig.domain}-0001/privkey.pem; # managed by Certbot
# Path to the root of your installation # Path to the root of your installation
root /home/www/tykayn/cipherbliss/; root /home/www/tykayn/${domainConfig.domain}/;
## This should be in your http block and if it is, it's not needed here.
index index.php; index index.php;
location = /favicon.ico { location = /favicon.ico {
@ -104,10 +106,9 @@ server {
expires max; expires max;
log_not_found off; log_not_found off;
} }
add_header Permissions-Policy "interest-cohort=()"; add_header Permissions-Policy "interest-cohort=()";
} }
# ========================== ${domainConfig.name} | fin ================ #
` `
} }
return model return model