handle redirect to www or not
This commit is contained in:
parent
4b15e4af89
commit
7a57caed2c
120
nginx_config_maker/domains.mjs
Normal file
120
nginx_config_maker/domains.mjs
Normal file
@ -0,0 +1,120 @@
|
||||
|
||||
export const LXCcontainerLocalIP = '10.10.10.103'
|
||||
export const LXCcontainerProtocol = 'https'
|
||||
|
||||
export
|
||||
const domainsConfig = [{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Blog cipherbliss',
|
||||
domain: 'www.cipherbliss.com',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
},{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Portfolio cipherbliss',
|
||||
domain: 'portfolio.cipherbliss.com',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Blog tykayn - le vortex à chats',
|
||||
domain: 'tykayn.fr',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Site de la compagnie la puce à l\'oreille',
|
||||
domain: 'www.pucealoreille.fr',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Site de Didier, un bec et des ailes',
|
||||
domain: 'www.unbecetdesailes.fr',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Site de Catherine Fonder, conteuse',
|
||||
domain: 'www.catherinefonder.fr',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Site de la Fromagerie BSF',
|
||||
domain: 'www.lafromagerie-bsf.com',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Claire Lemoine portfolio',
|
||||
domain: 'www.clairelemoine.art',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
},
|
||||
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Blog Qzine',
|
||||
domain: 'qzine.fr',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Funky Framadate Démo',
|
||||
domain: 'framadate-api.cipherbliss.com',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Portfolio cipherbliss',
|
||||
domain: 'portfolio.cipherbliss.com',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Caisse Bliss',
|
||||
domain: 'caisse.cipherbliss.com',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Sondages Qzine',
|
||||
domain: 'sondages.qzine.fr',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Chaton coussinet',
|
||||
domain: 'www.coussinet.org',
|
||||
framework: 'static',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Join Fediverse',
|
||||
domain: 'www.joinfediverse.org',
|
||||
framework: 'static',
|
||||
disableSSL: false,
|
||||
},
|
||||
]
|
@ -7,126 +7,10 @@ import fs from 'node-fs'
|
||||
import { makeHostFileForWordpress } from './model.wordpress.mjs'
|
||||
import { makeHostFileForSymfony } from './model.symfony.mjs'
|
||||
import { makeHostFileForPhpPages } from './model.php-website.mjs'
|
||||
|
||||
const LXCcontainerLocalIP = '10.10.10.103'
|
||||
const LXCcontainerProtocol = 'https'
|
||||
import { domainsConfig } from './domains.mjs'
|
||||
|
||||
|
||||
const domainsConfig = [{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Blog cipherbliss',
|
||||
domain: 'www.cipherbliss.com',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
},{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Portfolio cipherbliss',
|
||||
domain: 'portfolio.cipherbliss.com',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Blog tykayn - le vortex à chats',
|
||||
domain: 'tykayn.fr',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Site de la compagnie la puce à l\'oreille',
|
||||
domain: 'www.pucealoreille.fr',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Site de Didier, un bec et des ailes',
|
||||
domain: 'www.unbecetdesailes.fr',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Site de Catherine Fonder, conteuse',
|
||||
domain: 'www.catherinefonder.fr',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Site de la Fromagerie BSF',
|
||||
domain: 'www.lafromagerie-bsf.com',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Claire Lemoine portfolio',
|
||||
domain: 'www.clairelemoine.art',
|
||||
framework: 'wordpress',
|
||||
disableSSL: false,
|
||||
},
|
||||
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Blog Qzine',
|
||||
domain: 'qzine.fr',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Funky Framadate Démo',
|
||||
domain: 'framadate-api.cipherbliss.com',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
}, {
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Portfolio cipherbliss',
|
||||
domain: 'portfolio.cipherbliss.com',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Caisse Bliss',
|
||||
domain: 'caisse.cipherbliss.com',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Sondages Qzine',
|
||||
domain: 'sondages.qzine.fr',
|
||||
framework: 'symfony',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Chaton coussinet',
|
||||
domain: 'www.coussinet.org',
|
||||
framework: 'static',
|
||||
disableSSL: false,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
LXCcontainerProtocol,
|
||||
name: 'Join Fediverse',
|
||||
domain: 'www.joinfediverse.org',
|
||||
framework: 'static',
|
||||
disableSSL: false,
|
||||
},
|
||||
]
|
||||
// autres frameworks:
|
||||
// nextcloud: cloud.tykayn.fr
|
||||
// vaultwarden: pass.cipherbliss.com
|
||||
@ -137,9 +21,17 @@ const domainsConfig = [{
|
||||
// meltingpot.cipherbliss.com
|
||||
// joinfediverse
|
||||
// coussinet
|
||||
let domainsForHostFile = [];
|
||||
|
||||
let domainsSorted = domainsConfig.sort((a,b)=>{
|
||||
return a.domain - b.domain;
|
||||
})
|
||||
|
||||
for (let configDomain of domainsSorted) {
|
||||
|
||||
for (let configDomain of domainsConfig) {
|
||||
console.log('domaine :', configDomain.name)
|
||||
domainsForHostFile.push(configDomain.domain)
|
||||
|
||||
let hostFile
|
||||
if (configDomain.framework === 'wordpress') {
|
||||
hostFile = makeHostFileForWordpress(configDomain)
|
||||
@ -152,6 +44,10 @@ for (let configDomain of domainsConfig) {
|
||||
}
|
||||
writeFile(configDomain.domain + '_host.conf', hostFile.homeNginxConf)
|
||||
writeFile(configDomain.domain + '_container.conf', hostFile.containerNginxConf)
|
||||
let hostfileDomains = domainsForHostFile.map(domain => ' 127.0.0.1 '+domain+' \n')
|
||||
console.log('hostfileDomains', hostfileDomains.join('').replace(',',''))
|
||||
|
||||
writeFile('hosts', hostfileDomains.join('').replace(',',''))
|
||||
}
|
||||
|
||||
function writeFile (fileName, fileContent) {
|
||||
|
@ -5,6 +5,41 @@
|
||||
*/
|
||||
export function makeHostFileForPhpPages (domainConfig) {
|
||||
|
||||
let domainWithoutWWW = domainConfig.domain;
|
||||
if(domainConfig.domain.includes('www.')){
|
||||
domainWithoutWWW = domainConfig.domain.replace('www.', '')
|
||||
}
|
||||
|
||||
let redirectToNoWWW = false;
|
||||
let redirectToNoWWWConf = `
|
||||
server {
|
||||
# redirect from www to non-www
|
||||
server_name ${domainConfig.domain};
|
||||
listen 80 http2;
|
||||
return 301 https://${domainWithoutWWW}$request_uri;
|
||||
}
|
||||
`;
|
||||
|
||||
let redirectToWWW = true;
|
||||
let redirectToWWWConf = `
|
||||
server {
|
||||
# redirect from non-www to www
|
||||
server_name ${domainWithoutWWW};
|
||||
listen 80 http2;
|
||||
return 301 https://${domainConfig.domain}$request_uri;
|
||||
}
|
||||
`;
|
||||
|
||||
let redirectToHTTPS = true;
|
||||
let redirectToHTTPSConf = `
|
||||
server {
|
||||
# redirect to https from http
|
||||
server_name ${domainConfig.domain};
|
||||
listen 80 http2;
|
||||
return 301 https://${domainConfig.domain}$request_uri;
|
||||
}
|
||||
`;
|
||||
|
||||
/**
|
||||
* @type {{homeNginxConf: string, containerNginxConf: string}}
|
||||
*/
|
||||
@ -12,12 +47,11 @@ export function makeHostFileForPhpPages (domainConfig) {
|
||||
homeNginxConf: `
|
||||
# ============ ${domainConfig.name} ===============
|
||||
|
||||
server {
|
||||
# redirect to https from http
|
||||
server_name ${domainConfig.domain};
|
||||
listen 80 http2;
|
||||
return 301 https://${domainConfig.domain}$request_uri;
|
||||
}
|
||||
${redirectToNoWWW ? redirectToNoWWWConf : '' }
|
||||
|
||||
${redirectToWWW ? redirectToWWWConf : '' }
|
||||
|
||||
${redirectToHTTPS ? redirectToHTTPSConf : '' }
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
@ -36,6 +70,7 @@ server {
|
||||
}
|
||||
|
||||
add_header Permissions-Policy "interest-cohort=()";
|
||||
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
|
||||
}
|
||||
`,
|
||||
containerNginxConf: `
|
||||
|
15
nginx_config_maker/output/hosts
Normal file
15
nginx_config_maker/output/hosts
Normal file
@ -0,0 +1,15 @@
|
||||
127.0.0.1 www.cipherbliss.com
|
||||
127.0.0.1 portfolio.cipherbliss.com
|
||||
127.0.0.1 tykayn.fr
|
||||
127.0.0.1 www.pucealoreille.fr
|
||||
127.0.0.1 www.unbecetdesailes.fr
|
||||
127.0.0.1 www.catherinefonder.fr
|
||||
127.0.0.1 www.lafromagerie-bsf.com
|
||||
127.0.0.1 www.clairelemoine.art
|
||||
127.0.0.1 qzine.fr
|
||||
127.0.0.1 framadate-api.cipherbliss.com
|
||||
127.0.0.1 portfolio.cipherbliss.com
|
||||
127.0.0.1 caisse.cipherbliss.com
|
||||
127.0.0.1 sondages.qzine.fr
|
||||
127.0.0.1 www.coussinet.org
|
||||
127.0.0.1 www.joinfediverse.org
|
@ -3,12 +3,10 @@ server {
|
||||
# enforce https
|
||||
return 301 https://www.unbecetdesailes.fr$request_uri;
|
||||
|
||||
listen [::]:443 ; # managed by Certbot
|
||||
listen 443 ; # managed by Certbot
|
||||
# ssl_certificate /etc/letsencrypt/live/unbecetdesailes.fr/fullchain.pem; # managed by Certbot
|
||||
# ssl_certificate_key /etc/letsencrypt/live/unbecetdesailes.fr/privkey.pem; # managed by Certbot
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||
listen [::]:443 ;
|
||||
listen 443 ;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
add_header Permissions-Policy "interest-cohort=()";
|
||||
}
|
||||
|
||||
@ -16,19 +14,8 @@ server {
|
||||
listen 443 http2;
|
||||
listen [::]:443 http2;
|
||||
server_name www.unbecetdesailes.fr;
|
||||
|
||||
# Use Mozilla's guidelines for SSL/TLS settings
|
||||
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
|
||||
# NOTE: some settings below might be redundant
|
||||
# ssl_certificate /etc/letsencrypt/live/unbecetdesailes.fr/fullchain.pem; # managed by Certbot
|
||||
# ssl_certificate_key /etc/letsencrypt/live/unbecetdesailes.fr/privkey.pem; # managed by Certbot
|
||||
|
||||
# Path to the root of your installation
|
||||
root /home/www/unbecetdesailes/wordpress;
|
||||
|
||||
## This should be in your http block and if it is, it's not needed here.
|
||||
index index.php;
|
||||
|
||||
location = /favicon.ico {
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
@ -41,8 +28,6 @@ server {
|
||||
}
|
||||
|
||||
location / {
|
||||
# This is cool because no php is touched for static content.
|
||||
# include the "?$args" part so non-default permalinks doesn't break when using query string
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
}
|
||||
|
||||
@ -59,6 +44,8 @@ server {
|
||||
}
|
||||
add_header Permissions-Policy "interest-cohort=()";
|
||||
}
|
||||
|
||||
|
||||
server {
|
||||
if ($host = pucealoreille.fr) {
|
||||
return 301 https://$host$request_uri;
|
||||
|
Loading…
Reference in New Issue
Block a user