7x31/nginxconfig.io
1
0
Fork 0
mirror of https://github.com/digitalocean/nginxconfig.io.git synced 2025-11-05 18:56:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

Conf diffing?!

Browse Source
This commit is contained in:
MattIPv4
2020-05-22 21:17:01 +01:00
parent c6880c1222
commit 17261e8bbd
9 changed files with 406 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/nginxconfig/generators/conf/nginx.conf.js
View File

@@ -1,4 +1,6 @@
import qs from 'qs';
import sslProfiles from '../../util/ssl_profiles';
import exportData from '../../util/export_data';
import websiteConf from './website.conf';
export default (domains, global) => {
@@ -6,7 +8,9 @@ export default (domains, global) => {
// Source
config['# Generated by nginxconfig.io'] = '';
config[`# ${window.location.protocol}//${window.location.host}${window.location.pathname}${window.location.search}`] = '';
const data = exportData(domains.map((domain, index) => [domain, index]).filter(d => d[0] !== null), global);
const query = qs.stringify(data, { allowDots: true });
config[`# ${window.location.protocol}//${window.location.host}${window.location.pathname}${query.length ? '?' : ''}${query}`] = '';
// Basic nginx conf
config.user = global.nginx.user.computed;
@@ -68,17 +72,20 @@ export default (domains, global) => {
config.http.push(['ssl_session_cache', 'shared:SSL:10m']);
config.http.push(['ssl_session_tickets', 'off']);
if (sslProfiles[global.https.sslProfile.computed].dh_param_size) {
config.http.push(['# Diffie-Hellman parameter for DHE ciphersuites', '']);
config.http.push(['ssl_dhparam', `${global.nginx.nginxConfigDirectory.computed.replace(/\/+$/, '')}/dhparam.pem`]);
}
const sslProfile = sslProfiles[global.https.sslProfile.computed];
if (sslProfile) {
if (sslProfile.dh_param_size) {
config.http.push(['# Diffie-Hellman parameter for DHE ciphersuites', '']);
config.http.push(['ssl_dhparam', `${global.nginx.nginxConfigDirectory.computed.replace(/\/+$/, '')}/dhparam.pem`]);
}
config.http.push([`# ${sslProfiles[global.https.sslProfile.computed].name} configuration`, '']);
config.http.push(['ssl_protocols', sslProfiles[global.https.sslProfile.computed].protocols.join(' ')]);
if (sslProfiles[global.https.sslProfile.computed].ciphers.length)
config.http.push(['ssl_ciphers', sslProfiles[global.https.sslProfile.computed].ciphers.join(':')]);
if (sslProfiles[global.https.sslProfile.computed].server_preferred_order)
config.http.push(['ssl_prefer_server_ciphers', 'on']);
config.http.push([`# ${sslProfile.name} configuration`, '']);
config.http.push(['ssl_protocols', sslProfile.protocols.join(' ')]);
if (sslProfile.ciphers.length)
config.http.push(['ssl_ciphers', sslProfile.ciphers.join(':')]);
if (sslProfile.server_preferred_order)
config.http.push(['ssl_prefer_server_ciphers', 'on']);
}
config.http.push(['# OCSP Stapling', '']);
config.http.push(['ssl_stapling', 'on']);