scripts/nginx_config_maker/model.wordpress.mjs

98 lines
3.1 KiB
JavaScript
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/**
* turns a domain config to two config files for nginx web sever on proxmox and its container
* @param domainConfig
* @returns {{homeNginxConf: string, containerNginxConf: string}}
*/
export function makeHostFileForWordpress (domainConfig) {
/**
* example:
* # redirect to https+www without www from https
* server {
listen 443 http2;
listen [::]:443 http2;
server_name ${domainConfig.name};
return 301 https://${domainConfig.name}$request_uri;
}
* @type {{homeNginxConf: string, containerNginxConf: string}}
*/
const model = {
noContainerNginxConf: ``,
homeNginxConf: `
# ============ ${domainConfig.name} ===============
# ---------- un site utilisant Wordpress ----------
server {
# redirect to https from http
server_name ${domainConfig.domain};
listen 80;
return 301 https://${domainConfig.domain}$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${domainConfig.domain};
ssl_certificate /etc/letsencrypt/live/${domainConfig.domain}-0001/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${domainConfig.domain}-0001/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
# Container tksites
proxy_pass ${domainConfig.LXCcontainerProtocol}://${domainConfig.LXCcontainerLocalIP};
}
add_header Permissions-Policy "interest-cohort=()";
}
`,
containerNginxConf: `
# ============ ${domainConfig.name} | côté conteneur LXC ===============
server {
if ($host = ${domainConfig.domain}) {
return 301 https://$host$request_uri;
}
listen 80 ;
listen [::]:80 ;
server_name ${domainConfig.domain};
# Path to the root of your installation
root /home/www/tykayn/${domainConfig.domain}/;
index index.php;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
location ~ \\.php$ {
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi.conf;
fastcgi_intercept_errors on;
fastcgi_pass php-handler;
}
location ~* \\.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
add_header Permissions-Policy "interest-cohort=()";
# ========================== ${domainConfig.name} | fin ================ #
`
}
return model
}