From 6fb9b1a72439dc762a6b6058ffe79abe4bccd602 Mon Sep 17 00:00:00 2001 From: J the Code Monkey Date: Mon, 18 Nov 2024 15:59:32 -0500 Subject: [PATCH] chore: move nginx root directive to server block and replace allow all in location block with expected certbot default type #27 --- pkg/relays/khatru29/nginx_http.go | 9 ++++++--- pkg/relays/khatru29/nginx_https.go | 13 ++++++++----- pkg/relays/khatru_pyramid/nginx_http.go | 9 ++++++--- pkg/relays/khatru_pyramid/nginx_https.go | 13 ++++++++----- pkg/relays/nostr_rs_relay/nginx_http.go | 9 ++++++--- pkg/relays/nostr_rs_relay/nginx_https.go | 13 ++++++++----- pkg/relays/strfry/nginx_http.go | 9 ++++++--- pkg/relays/strfry/nginx_https.go | 13 ++++++++----- pkg/relays/strfry29/nginx_http.go | 9 ++++++--- pkg/relays/strfry29/nginx_https.go | 13 ++++++++----- pkg/relays/wot_relay/nginx_http.go | 9 ++++++--- pkg/relays/wot_relay/nginx_https.go | 13 ++++++++----- 12 files changed, 84 insertions(+), 48 deletions(-) diff --git a/pkg/relays/khatru29/nginx_http.go b/pkg/relays/khatru29/nginx_http.go index deb3684..67d3c98 100644 --- a/pkg/relays/khatru29/nginx_http.go +++ b/pkg/relays/khatru29/nginx_http.go @@ -34,9 +34,10 @@ server { listen [::]:80; server_name %s; + root %s/%s; + location /%s/ { - root %s/%s; - allow all; + default_type "text/plain"; } location / { @@ -80,11 +81,13 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + location / { return 301 http://%s$request_uri; } } -`, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/khatru29/nginx_https.go b/pkg/relays/khatru29/nginx_https.go index eb2e6fb..60c7f6e 100644 --- a/pkg/relays/khatru29/nginx_https.go +++ b/pkg/relays/khatru29/nginx_https.go @@ -29,6 +29,12 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + + location /%s/ { + default_type "text/plain"; + } + location / { proxy_pass http://khatru29_websocket; proxy_http_version 1.1; @@ -111,16 +117,13 @@ server { listen [::]:80; server_name %s; - location /%s/ { - root %s/%s; - allow all; - } + root %s/%s; location / { return 301 https://%s$request_uri; } } -`, domainName, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/khatru_pyramid/nginx_http.go b/pkg/relays/khatru_pyramid/nginx_http.go index b761d35..a684774 100644 --- a/pkg/relays/khatru_pyramid/nginx_http.go +++ b/pkg/relays/khatru_pyramid/nginx_http.go @@ -34,9 +34,10 @@ server { listen [::]:80; server_name %s; + root %s/%s; + location /%s/ { - root %s/%s; - allow all; + default_type "text/plain"; } location / { @@ -80,11 +81,13 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + location / { return 301 http://%s$request_uri; } } -`, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/khatru_pyramid/nginx_https.go b/pkg/relays/khatru_pyramid/nginx_https.go index 2ace2a8..14a0277 100644 --- a/pkg/relays/khatru_pyramid/nginx_https.go +++ b/pkg/relays/khatru_pyramid/nginx_https.go @@ -29,6 +29,12 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + + location /%s/ { + default_type "text/plain"; + } + location / { proxy_pass http://khatru_pyramid_websocket; proxy_http_version 1.1; @@ -111,16 +117,13 @@ server { listen [::]:80; server_name %s; - location /%s/ { - root %s/%s; - allow all; - } + root %s/%s; location / { return 301 https://%s$request_uri; } } -`, domainName, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/nostr_rs_relay/nginx_http.go b/pkg/relays/nostr_rs_relay/nginx_http.go index afd148d..18f073a 100644 --- a/pkg/relays/nostr_rs_relay/nginx_http.go +++ b/pkg/relays/nostr_rs_relay/nginx_http.go @@ -34,9 +34,10 @@ server { listen [::]:80; server_name %s; + root %s/%s; + location /%s/ { - root %s/%s; - allow all; + default_type "text/plain"; } location / { @@ -80,11 +81,13 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + location / { return 301 http://%s$request_uri; } } -`, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/nostr_rs_relay/nginx_https.go b/pkg/relays/nostr_rs_relay/nginx_https.go index 03445cc..e5b2889 100644 --- a/pkg/relays/nostr_rs_relay/nginx_https.go +++ b/pkg/relays/nostr_rs_relay/nginx_https.go @@ -29,6 +29,12 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + + location /%s/ { + default_type "text/plain"; + } + location / { proxy_pass http://nostr_rs_relay_websocket; proxy_http_version 1.1; @@ -111,16 +117,13 @@ server { listen [::]:80; server_name %s; - location /%s/ { - root %s/%s; - allow all; - } + root %s/%s; location / { return 301 https://%s$request_uri; } } -`, domainName, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/strfry/nginx_http.go b/pkg/relays/strfry/nginx_http.go index 821e8ad..bf69f36 100644 --- a/pkg/relays/strfry/nginx_http.go +++ b/pkg/relays/strfry/nginx_http.go @@ -34,9 +34,10 @@ server { listen [::]:80; server_name %s; + root %s/%s; + location /%s/ { - root %s/%s; - allow all; + default_type "text/plain"; } location / { @@ -80,11 +81,13 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + location / { return 301 http://%s$request_uri; } } -`, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/strfry/nginx_https.go b/pkg/relays/strfry/nginx_https.go index 186347d..91b0cc4 100644 --- a/pkg/relays/strfry/nginx_https.go +++ b/pkg/relays/strfry/nginx_https.go @@ -29,6 +29,12 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + + location /%s/ { + default_type "text/plain"; + } + location / { proxy_pass http://strfry_websocket; proxy_http_version 1.1; @@ -111,16 +117,13 @@ server { listen [::]:80; server_name %s; - location /%s/ { - root %s/%s; - allow all; - } + root %s/%s; location / { return 301 https://%s$request_uri; } } -`, domainName, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/strfry29/nginx_http.go b/pkg/relays/strfry29/nginx_http.go index e8c6b14..5088961 100644 --- a/pkg/relays/strfry29/nginx_http.go +++ b/pkg/relays/strfry29/nginx_http.go @@ -34,9 +34,10 @@ server { listen [::]:80; server_name %s; + root %s/%s; + location /%s/ { - root %s/%s; - allow all; + default_type "text/plain"; } location / { @@ -80,11 +81,13 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + location / { return 301 http://%s$request_uri; } } -`, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/strfry29/nginx_https.go b/pkg/relays/strfry29/nginx_https.go index 63383e1..054aace 100644 --- a/pkg/relays/strfry29/nginx_https.go +++ b/pkg/relays/strfry29/nginx_https.go @@ -29,6 +29,12 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + + location /%s/ { + default_type "text/plain"; + } + location / { proxy_pass http://strfry29_websocket; proxy_http_version 1.1; @@ -111,16 +117,13 @@ server { listen [::]:80; server_name %s; - location /%s/ { - root %s/%s; - allow all; - } + root %s/%s; location / { return 301 https://%s$request_uri; } } -`, domainName, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/wot_relay/nginx_http.go b/pkg/relays/wot_relay/nginx_http.go index 29557d5..bbb7d25 100644 --- a/pkg/relays/wot_relay/nginx_http.go +++ b/pkg/relays/wot_relay/nginx_http.go @@ -34,9 +34,10 @@ server { listen [::]:80; server_name %s; + root %s/%s; + location /%s/ { - root %s/%s; - allow all; + default_type "text/plain"; } location / { @@ -80,11 +81,13 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + location / { return 301 http://%s$request_uri; } } -`, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath) diff --git a/pkg/relays/wot_relay/nginx_https.go b/pkg/relays/wot_relay/nginx_https.go index 31b6568..f284606 100644 --- a/pkg/relays/wot_relay/nginx_https.go +++ b/pkg/relays/wot_relay/nginx_https.go @@ -29,6 +29,12 @@ server { listen [::]:443 ssl http2; server_name %s; + root %s/%s; + + location /%s/ { + default_type "text/plain"; + } + location / { proxy_pass http://wot_relay_websocket; proxy_http_version 1.1; @@ -111,16 +117,13 @@ server { listen [::]:80; server_name %s; - location /%s/ { - root %s/%s; - allow all; - } + root %s/%s; location / { return 301 https://%s$request_uri; } } -`, domainName, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName) +`, domainName, network.WWWDirPath, domainName, network.AcmeChallengeDirPath, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.WWWDirPath, domainName, domainName) files.WriteFile(NginxConfigFilePath, configContent, 0644) files.SetOwnerAndGroup(relays.NginxUser, relays.NginxUser, NginxConfigFilePath)