diff --git a/backend/app/service/website.go b/backend/app/service/website.go index 71acf85d1..8e591eb7a 100644 --- a/backend/app/service/website.go +++ b/backend/app/service/website.go @@ -20,6 +20,7 @@ import ( "path" "reflect" "regexp" + "strconv" "strings" "time" @@ -452,7 +453,11 @@ func (w WebsiteService) DeleteWebsiteDomain(domainId uint) error { domains = append(domains, webSiteDomain.Domain) } if len(ports) > 0 || len(domains) > 0 { - if err := deleteListenAndServerName(website, ports, domains); err != nil { + stringBinds := make([]string, len(ports)) + for i := 0; i < len(ports); i++ { + stringBinds[i] = strconv.Itoa(ports[i]) + } + if err := deleteListenAndServerName(website, stringBinds, domains); err != nil { return err } } @@ -599,14 +604,29 @@ func (w WebsiteService) OpWebsiteHTTPS(ctx context.Context, req request.WebsiteH if !req.Enable { website.Protocol = constant.ProtocolHTTP website.WebsiteSSLID = 0 - if err := deleteListenAndServerName(website, []int{443}, []string{}); err != nil { + if err := deleteListenAndServerName(website, []string{"443", "[::]:443"}, []string{}); err != nil { return response.WebsiteHTTPS{}, err } nginxParams := getNginxParamsFromStaticFile(dto.SSL, nil) - nginxParams = append(nginxParams, dto.NginxParam{ - Name: "if", - Params: []string{"($scheme", "=", "http)"}, - }) + nginxParams = append(nginxParams, + dto.NginxParam{ + Name: "if", + Params: []string{"($scheme", "=", "http)"}, + }, + dto.NginxParam{ + Name: "ssl_certificate", + }, + dto.NginxParam{ + Name: "ssl_certificate_key", + }, + dto.NginxParam{ + Name: "ssl_protocols", + }, + dto.NginxParam{ + Name: "ssl_ciphers", + }, + ) + nginxParams = append(nginxParams) if err := deleteNginxConfig(constant.NginxScopeServer, nginxParams, &website); err != nil { return response.WebsiteHTTPS{}, err } diff --git a/backend/app/service/website_utils.go b/backend/app/service/website_utils.go index cce1fe97a..16b9ee03b 100644 --- a/backend/app/service/website_utils.go +++ b/backend/app/service/website_utils.go @@ -301,7 +301,7 @@ func addListenAndServerName(website model.Website, ports []int, domains []string return nginxCheckAndReload(nginxConfig.OldContent, nginxConfig.FilePath, nginxFull.Install.ContainerName) } -func deleteListenAndServerName(website model.Website, ports []int, domains []string) error { +func deleteListenAndServerName(website model.Website, binds []string, domains []string) error { nginxFull, err := getNginxFull(&website) if err != nil { return nil @@ -309,8 +309,8 @@ func deleteListenAndServerName(website model.Website, ports []int, domains []str nginxConfig := nginxFull.SiteConfig config := nginxFull.SiteConfig.Config server := config.FindServers()[0] - for _, port := range ports { - server.DeleteListen(strconv.Itoa(port)) + for _, bind := range binds { + server.DeleteListen(bind) } for _, domain := range domains { server.DeleteServerName(domain) @@ -372,16 +372,20 @@ func applySSL(website model.Website, websiteSSL model.WebsiteSSL, req request.We config := nginxFull.SiteConfig.Config server := config.FindServers()[0] server.UpdateListen("443", false, "ssl") + server.UpdateListen("[::]:443", false, "ssl") switch req.HttpConfig { case constant.HTTPSOnly: server.RemoveListenByBind("80") + server.RemoveListenByBind("[::]:80") server.RemoveDirective("if", []string{"($scheme"}) case constant.HTTPToHTTPS: server.UpdateListen("80", website.DefaultServer) + server.UpdateListen("[::]:80", false) server.AddHTTP2HTTPS() case constant.HTTPAlso: server.UpdateListen("80", website.DefaultServer) + server.UpdateListen("[::]:80", false) server.RemoveDirective("if", []string{"($scheme"}) } diff --git a/backend/utils/nginx/components/server.go b/backend/utils/nginx/components/server.go index 509c6bed9..9b162627e 100644 --- a/backend/utils/nginx/components/server.go +++ b/backend/utils/nginx/components/server.go @@ -324,5 +324,4 @@ func (s *Server) AddHTTP2HTTPS() { }) newDir.Block = block s.UpdateDirectiveBySecondKey("if", "($scheme", newDir) - } diff --git a/cmd/server/nginx_conf/website_default.conf b/cmd/server/nginx_conf/website_default.conf index d73b00817..78590efcb 100644 --- a/cmd/server/nginx_conf/website_default.conf +++ b/cmd/server/nginx_conf/website_default.conf @@ -1,5 +1,7 @@ server { listen 80; + listen [::]:80; + server_name ko.wp-1.com; index index.php index.html index.htm default.php default.htm default.html;