From 88d66f415c6ef5f77d2526dcbc9130ce9b3d4dcb Mon Sep 17 00:00:00 2001
From: MattIPv4 <me@mattcowley.co.uk>
Date: Wed, 20 May 2020 18:59:33 +0100
Subject: [PATCH] Start showing more config files!

---
 .../generators/conf/security.conf.js          | 12 +++----
 src/nginxconfig/generators/index.js           | 35 +++++++++++++++----
 src/nginxconfig/generators/to_conf.js         |  7 +++-
 3 files changed, 41 insertions(+), 13 deletions(-)

diff --git a/src/nginxconfig/generators/conf/security.conf.js b/src/nginxconfig/generators/conf/security.conf.js
index 47b57ec..b08795a 100644
--- a/src/nginxconfig/generators/conf/security.conf.js
+++ b/src/nginxconfig/generators/conf/security.conf.js
@@ -4,19 +4,19 @@ export default (domains, global) => {
     const config = [];
 
     config.push(['# security headers', '']);
-    config.push(['add_header', 'X-Frame-Options "SAMEORIGIN" always']);
-    config.push(['add_header', 'X-XSS-Protection "1; mode=block" always']);
-    config.push(['add_header', 'X-Content-Type-Options "nosniff" always']);
-    config.push(['add_header', `Referrer-Policy "${global.security.referrerPolicy.computed}" always`]);
+    config.push(['add_header X-Frame-Options', '"SAMEORIGIN" always']);
+    config.push(['add_header X-XSS-Protection', '"1; mode=block" always']);
+    config.push(['add_header X-Content-Type-Options', '"nosniff" always']);
+    config.push(['add_header Referrer-Policy', `"${global.security.referrerPolicy.computed}" always`]);
 
     if (global.security.contentSecurityPolicy.computed)
-        config.push(['add_header', `Content-Security-Policy "${global.security.contentSecurityPolicy.computed}" always`]);
+        config.push(['add_header Content-Security-Policy', `"${global.security.contentSecurityPolicy.computed}" always`]);
 
     // Every domain has HSTS enabled, and they all have same hstsSubdomains/hstsPreload settings
     if (commonHsts(domains)) {
         const commonHSTSSubdomains = domains.length && domains[0].https.hstsSubdomains.computed;
         const commonHSTSPreload = domains.length && domains[0].https.hstsPreload.computed;
-        config.push(['add_header', `Strict-Transport-Security "max-age=31536000${commonHSTSSubdomains ? '; includeSubDomains' : ''}${commonHSTSPreload ? '; preload' : ''}" always`]);
+        config.push(['add_header Strict-Transport-Security', `"max-age=31536000${commonHSTSSubdomains ? '; includeSubDomains' : ''}${commonHSTSPreload ? '; preload' : ''}" always`]);
     }
 
     config.push(['# . files', '']);
diff --git a/src/nginxconfig/generators/index.js b/src/nginxconfig/generators/index.js
index 548eed4..876ef42 100644
--- a/src/nginxconfig/generators/index.js
+++ b/src/nginxconfig/generators/index.js
@@ -1,13 +1,36 @@
 import toConf from './to_conf';
 import nginxConf from './conf/nginx.conf';
-
-// Convert the data to nginx conf and do some magic to comments
-const toConfig = entriesOrObject => toConf(entriesOrObject)
-    .replace(/^([^\S\r\n]*[^#\s].*[^\n])\n([^\S\r\n]*)#/gm, '$1\n\n$2#') // Double linebreak before comment
-    .replace(/^([^\S\r\n]*#.*\n[^\S\r\n]*#.*\n)([^\S\r\n]*[^#\s])/gm, '$1\n$2'); // Double linebreak after double comment
+import websiteConf from './conf/website.conf';
+import letsEncryptConf from './conf/letsencrypt.conf';
+import securityConf from './conf/security.conf';
+import generalConf from './conf/general.conf';
 
 export default (domains, global) => {
     const files = [];
-    files.push(['nginx.conf', toConfig(nginxConf(domains, global))]);
+
+    // Base nginx config
+    files.push(['nginx.conf', toConf(nginxConf(domains, global))]);
+
+    // Modularised configs
+    if (global.tools.modularizedStructure.computed) {
+        // Domain config
+        for (const domain of domains) {
+            files.push([
+                `sites-${global.tools.symlinkVhost.computed ? 'available' : 'enabled'}/${domain.server.domain.computed}.conf`,
+                toConf(websiteConf(domain, domains, global)),
+            ]);
+        }
+
+        // Let's encrypt
+        if (domains.some(d => d.https.certType.computed === 'letsEncrypt'))
+            files.push(['nginxconfig.io/letsencrypt.conf', toConf(letsEncryptConf(global))]);
+
+        // Security
+        files.push(['nginxconfig.io/security.conf', toConf(securityConf(domains, global))]);
+
+        // General
+        files.push(['nginxconfig.io/general.conf', toConf(generalConf(domains, global))]);
+    }
+
     return files;
 };
diff --git a/src/nginxconfig/generators/to_conf.js b/src/nginxconfig/generators/to_conf.js
index 4a9dec6..bdb3493 100644
--- a/src/nginxconfig/generators/to_conf.js
+++ b/src/nginxconfig/generators/to_conf.js
@@ -75,7 +75,12 @@ const recurse = (entriesOrObject, depth) => {
         });
     }
 
-    return retVal.replace(/\n\n\n/g, '\n\n');
+    return retVal
+        .replace(/\n\n\n/g, '\n\n') // Cleanup triple linebreaks
+        .replace(/^([^\S\r\n]*})(?:\n[^\S\r\n]*)+\n([^\S\r\n]*})/gm, '$1\n$2') // Cleanup extra linebreaks between multiple close blocks
+        .replace(/^([^\S\r\n]*[^#\s].*[^\n])\n([^\S\r\n]*)#/gm, '$1\n\n$2#') // Double linebreak before comment
+        .replace(/^([^\S\r\n]*#.*)(?:\n[^\S\r\n]*)+\n([^\S\r\n]*.*{)/gm, '$1\n$2') // Single linebreak between comment and block
+        .replace(/^([^\S\r\n]*#.*\n[^\S\r\n]*#.*\n)([^\S\r\n]*[^#\s])/gm, '$1\n$2'); // Double linebreak after double comment
 };
 
 export default entriesOrObject => recurse(entriesOrObject, 0);