handle redirect to www or not

This commit is contained in:
Tykayn 2023-06-27 10:28:46 +02:00 committed by tykayn
parent 4b15e4af89
commit 7a57caed2c
5 changed files with 197 additions and 144 deletions

View File

@ -0,0 +1,120 @@
export const LXCcontainerLocalIP = '10.10.10.103'
export const LXCcontainerProtocol = 'https'
export
const domainsConfig = [{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Blog cipherbliss',
domain: 'www.cipherbliss.com',
framework: 'wordpress',
disableSSL: false,
},{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Portfolio cipherbliss',
domain: 'portfolio.cipherbliss.com',
framework: 'symfony',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Blog tykayn - le vortex à chats',
domain: 'tykayn.fr',
framework: 'wordpress',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Site de la compagnie la puce à l\'oreille',
domain: 'www.pucealoreille.fr',
framework: 'wordpress',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Site de Didier, un bec et des ailes',
domain: 'www.unbecetdesailes.fr',
framework: 'wordpress',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Site de Catherine Fonder, conteuse',
domain: 'www.catherinefonder.fr',
framework: 'wordpress',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Site de la Fromagerie BSF',
domain: 'www.lafromagerie-bsf.com',
framework: 'wordpress',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Claire Lemoine portfolio',
domain: 'www.clairelemoine.art',
framework: 'wordpress',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Blog Qzine',
domain: 'qzine.fr',
framework: 'wordpress',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Funky Framadate Démo',
domain: 'framadate-api.cipherbliss.com',
framework: 'symfony',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Portfolio cipherbliss',
domain: 'portfolio.cipherbliss.com',
framework: 'symfony',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Caisse Bliss',
domain: 'caisse.cipherbliss.com',
framework: 'symfony',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Sondages Qzine',
domain: 'sondages.qzine.fr',
framework: 'symfony',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Chaton coussinet',
domain: 'www.coussinet.org',
framework: 'static',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Join Fediverse',
domain: 'www.joinfediverse.org',
framework: 'static',
disableSSL: false,
},
]

View File

@ -7,126 +7,10 @@ import fs from 'node-fs'
import { makeHostFileForWordpress } from './model.wordpress.mjs' import { makeHostFileForWordpress } from './model.wordpress.mjs'
import { makeHostFileForSymfony } from './model.symfony.mjs' import { makeHostFileForSymfony } from './model.symfony.mjs'
import { makeHostFileForPhpPages } from './model.php-website.mjs' import { makeHostFileForPhpPages } from './model.php-website.mjs'
import { domainsConfig } from './domains.mjs'
const LXCcontainerLocalIP = '10.10.10.103'
const LXCcontainerProtocol = 'https'
const domainsConfig = [{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Blog cipherbliss',
domain: 'www.cipherbliss.com',
framework: 'wordpress',
disableSSL: false,
},{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Portfolio cipherbliss',
domain: 'portfolio.cipherbliss.com',
framework: 'symfony',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Blog tykayn - le vortex à chats',
domain: 'tykayn.fr',
framework: 'wordpress',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Site de la compagnie la puce à l\'oreille',
domain: 'www.pucealoreille.fr',
framework: 'wordpress',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Site de Didier, un bec et des ailes',
domain: 'www.unbecetdesailes.fr',
framework: 'wordpress',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Site de Catherine Fonder, conteuse',
domain: 'www.catherinefonder.fr',
framework: 'wordpress',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Site de la Fromagerie BSF',
domain: 'www.lafromagerie-bsf.com',
framework: 'wordpress',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Claire Lemoine portfolio',
domain: 'www.clairelemoine.art',
framework: 'wordpress',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Blog Qzine',
domain: 'qzine.fr',
framework: 'symfony',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Funky Framadate Démo',
domain: 'framadate-api.cipherbliss.com',
framework: 'symfony',
disableSSL: false,
}, {
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Portfolio cipherbliss',
domain: 'portfolio.cipherbliss.com',
framework: 'symfony',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Caisse Bliss',
domain: 'caisse.cipherbliss.com',
framework: 'symfony',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Sondages Qzine',
domain: 'sondages.qzine.fr',
framework: 'symfony',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Chaton coussinet',
domain: 'www.coussinet.org',
framework: 'static',
disableSSL: false,
},
{
LXCcontainerLocalIP,
LXCcontainerProtocol,
name: 'Join Fediverse',
domain: 'www.joinfediverse.org',
framework: 'static',
disableSSL: false,
},
]
// autres frameworks: // autres frameworks:
// nextcloud: cloud.tykayn.fr // nextcloud: cloud.tykayn.fr
// vaultwarden: pass.cipherbliss.com // vaultwarden: pass.cipherbliss.com
@ -137,9 +21,17 @@ const domainsConfig = [{
// meltingpot.cipherbliss.com // meltingpot.cipherbliss.com
// joinfediverse // joinfediverse
// coussinet // coussinet
let domainsForHostFile = [];
let domainsSorted = domainsConfig.sort((a,b)=>{
return a.domain - b.domain;
})
for (let configDomain of domainsSorted) {
for (let configDomain of domainsConfig) {
console.log('domaine :', configDomain.name) console.log('domaine :', configDomain.name)
domainsForHostFile.push(configDomain.domain)
let hostFile let hostFile
if (configDomain.framework === 'wordpress') { if (configDomain.framework === 'wordpress') {
hostFile = makeHostFileForWordpress(configDomain) hostFile = makeHostFileForWordpress(configDomain)
@ -152,6 +44,10 @@ for (let configDomain of domainsConfig) {
} }
writeFile(configDomain.domain + '_host.conf', hostFile.homeNginxConf) writeFile(configDomain.domain + '_host.conf', hostFile.homeNginxConf)
writeFile(configDomain.domain + '_container.conf', hostFile.containerNginxConf) writeFile(configDomain.domain + '_container.conf', hostFile.containerNginxConf)
let hostfileDomains = domainsForHostFile.map(domain => ' 127.0.0.1 '+domain+' \n')
console.log('hostfileDomains', hostfileDomains.join('').replace(',',''))
writeFile('hosts', hostfileDomains.join('').replace(',',''))
} }
function writeFile (fileName, fileContent) { function writeFile (fileName, fileContent) {

View File

@ -5,6 +5,41 @@
*/ */
export function makeHostFileForPhpPages (domainConfig) { export function makeHostFileForPhpPages (domainConfig) {
let domainWithoutWWW = domainConfig.domain;
if(domainConfig.domain.includes('www.')){
domainWithoutWWW = domainConfig.domain.replace('www.', '')
}
let redirectToNoWWW = false;
let redirectToNoWWWConf = `
server {
# redirect from www to non-www
server_name ${domainConfig.domain};
listen 80 http2;
return 301 https://${domainWithoutWWW}$request_uri;
}
`;
let redirectToWWW = true;
let redirectToWWWConf = `
server {
# redirect from non-www to www
server_name ${domainWithoutWWW};
listen 80 http2;
return 301 https://${domainConfig.domain}$request_uri;
}
`;
let redirectToHTTPS = true;
let redirectToHTTPSConf = `
server {
# redirect to https from http
server_name ${domainConfig.domain};
listen 80 http2;
return 301 https://${domainConfig.domain}$request_uri;
}
`;
/** /**
* @type {{homeNginxConf: string, containerNginxConf: string}} * @type {{homeNginxConf: string, containerNginxConf: string}}
*/ */
@ -12,12 +47,11 @@ export function makeHostFileForPhpPages (domainConfig) {
homeNginxConf: ` homeNginxConf: `
# ============ ${domainConfig.name} =============== # ============ ${domainConfig.name} ===============
server { ${redirectToNoWWW ? redirectToNoWWWConf : '' }
# redirect to https from http
server_name ${domainConfig.domain}; ${redirectToWWW ? redirectToWWWConf : '' }
listen 80 http2;
return 301 https://${domainConfig.domain}$request_uri; ${redirectToHTTPS ? redirectToHTTPSConf : '' }
}
server { server {
listen 443 ssl http2; listen 443 ssl http2;
@ -36,6 +70,7 @@ server {
} }
add_header Permissions-Policy "interest-cohort=()"; add_header Permissions-Policy "interest-cohort=()";
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
} }
`, `,
containerNginxConf: ` containerNginxConf: `

View File

@ -0,0 +1,15 @@
127.0.0.1 www.cipherbliss.com
127.0.0.1 portfolio.cipherbliss.com
127.0.0.1 tykayn.fr
127.0.0.1 www.pucealoreille.fr
127.0.0.1 www.unbecetdesailes.fr
127.0.0.1 www.catherinefonder.fr
127.0.0.1 www.lafromagerie-bsf.com
127.0.0.1 www.clairelemoine.art
127.0.0.1 qzine.fr
127.0.0.1 framadate-api.cipherbliss.com
127.0.0.1 portfolio.cipherbliss.com
127.0.0.1 caisse.cipherbliss.com
127.0.0.1 sondages.qzine.fr
127.0.0.1 www.coussinet.org
127.0.0.1 www.joinfediverse.org

View File

@ -3,12 +3,10 @@ server {
# enforce https # enforce https
return 301 https://www.unbecetdesailes.fr$request_uri; return 301 https://www.unbecetdesailes.fr$request_uri;
listen [::]:443 ; # managed by Certbot listen [::]:443 ;
listen 443 ; # managed by Certbot listen 443 ;
# ssl_certificate /etc/letsencrypt/live/unbecetdesailes.fr/fullchain.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf;
# ssl_certificate_key /etc/letsencrypt/live/unbecetdesailes.fr/privkey.pem; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
add_header Permissions-Policy "interest-cohort=()"; add_header Permissions-Policy "interest-cohort=()";
} }
@ -16,19 +14,8 @@ server {
listen 443 http2; listen 443 http2;
listen [::]:443 http2; listen [::]:443 http2;
server_name www.unbecetdesailes.fr; server_name www.unbecetdesailes.fr;
# Use Mozilla's guidelines for SSL/TLS settings
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
# NOTE: some settings below might be redundant
# ssl_certificate /etc/letsencrypt/live/unbecetdesailes.fr/fullchain.pem; # managed by Certbot
# ssl_certificate_key /etc/letsencrypt/live/unbecetdesailes.fr/privkey.pem; # managed by Certbot
# Path to the root of your installation
root /home/www/unbecetdesailes/wordpress; root /home/www/unbecetdesailes/wordpress;
## This should be in your http block and if it is, it's not needed here.
index index.php; index index.php;
location = /favicon.ico { location = /favicon.ico {
log_not_found off; log_not_found off;
access_log off; access_log off;
@ -41,9 +28,7 @@ server {
} }
location / { location / {
# This is cool because no php is touched for static content. try_files $uri $uri/ /index.php?$args;
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
} }
location ~ \.php$ { location ~ \.php$ {
@ -59,6 +44,8 @@ server {
} }
add_header Permissions-Policy "interest-cohort=()"; add_header Permissions-Policy "interest-cohort=()";
} }
server { server {
if ($host = pucealoreille.fr) { if ($host = pucealoreille.fr) {
return 301 https://$host$request_uri; return 301 https://$host$request_uri;