Start showing more config files!

2020-05-20 18:59:33 +01:00 · 2020-05-20 18:59:33 +01:00 · 88d66f415c
parent 7fa39d4bcc
commit 88d66f415c
3 changed files with 41 additions and 13 deletions
--- a/src/nginxconfig/generators/conf/security.conf.js
+++ b/src/nginxconfig/generators/conf/security.conf.js
@ -4,19 +4,19 @@ export default (domains, global) => {
    const config = [];

    config.push(['# security headers', '']);
-    config.push(['add_header', 'X-Frame-Options "SAMEORIGIN" always']);
-    config.push(['add_header', 'X-XSS-Protection "1; mode=block" always']);
-    config.push(['add_header', 'X-Content-Type-Options "nosniff" always']);
-    config.push(['add_header', `Referrer-Policy "${global.security.referrerPolicy.computed}" always`]);
+    config.push(['add_header X-Frame-Options', '"SAMEORIGIN" always']);
+    config.push(['add_header X-XSS-Protection', '"1; mode=block" always']);
+    config.push(['add_header X-Content-Type-Options', '"nosniff" always']);
+    config.push(['add_header Referrer-Policy', `"${global.security.referrerPolicy.computed}" always`]);

    if (global.security.contentSecurityPolicy.computed)
-        config.push(['add_header', `Content-Security-Policy "${global.security.contentSecurityPolicy.computed}" always`]);
+        config.push(['add_header Content-Security-Policy', `"${global.security.contentSecurityPolicy.computed}" always`]);

    // Every domain has HSTS enabled, and they all have same hstsSubdomains/hstsPreload settings
    if (commonHsts(domains)) {
        const commonHSTSSubdomains = domains.length && domains[0].https.hstsSubdomains.computed;
        const commonHSTSPreload = domains.length && domains[0].https.hstsPreload.computed;
-        config.push(['add_header', `Strict-Transport-Security "max-age=31536000${commonHSTSSubdomains ? '; includeSubDomains' : ''}${commonHSTSPreload ? '; preload' : ''}" always`]);
+        config.push(['add_header Strict-Transport-Security', `"max-age=31536000${commonHSTSSubdomains ? '; includeSubDomains' : ''}${commonHSTSPreload ? '; preload' : ''}" always`]);
    }

    config.push(['# . files', '']);
--- a/src/nginxconfig/generators/index.js
+++ b/src/nginxconfig/generators/index.js
@ -1,13 +1,36 @@
 import toConf from './to_conf';
 import nginxConf from './conf/nginx.conf';
-
-// Convert the data to nginx conf and do some magic to comments
-const toConfig = entriesOrObject => toConf(entriesOrObject)
-    .replace(/^([^\S\r\n]*[^#\s].*[^\n])\n([^\S\r\n]*)#/gm, '$1\n\n$2#') // Double linebreak before comment
-    .replace(/^([^\S\r\n]*#.*\n[^\S\r\n]*#.*\n)([^\S\r\n]*[^#\s])/gm, '$1\n$2'); // Double linebreak after double comment
+import websiteConf from './conf/website.conf';
+import letsEncryptConf from './conf/letsencrypt.conf';
+import securityConf from './conf/security.conf';
+import generalConf from './conf/general.conf';

 export default (domains, global) => {
    const files = [];
-    files.push(['nginx.conf', toConfig(nginxConf(domains, global))]);
+
+    // Base nginx config
+    files.push(['nginx.conf', toConf(nginxConf(domains, global))]);
+
+    // Modularised configs
+    if (global.tools.modularizedStructure.computed) {
+        // Domain config
+        for (const domain of domains) {
+            files.push([
+                `sites-${global.tools.symlinkVhost.computed ? 'available' : 'enabled'}/${domain.server.domain.computed}.conf`,
+                toConf(websiteConf(domain, domains, global)),
+            ]);
+        }
+
+        // Let's encrypt
+        if (domains.some(d => d.https.certType.computed === 'letsEncrypt'))
+            files.push(['nginxconfig.io/letsencrypt.conf', toConf(letsEncryptConf(global))]);
+
+        // Security
+        files.push(['nginxconfig.io/security.conf', toConf(securityConf(domains, global))]);
+
+        // General
+        files.push(['nginxconfig.io/general.conf', toConf(generalConf(domains, global))]);
+    }
+
    return files;
 };
--- a/src/nginxconfig/generators/to_conf.js
+++ b/src/nginxconfig/generators/to_conf.js
@ -75,7 +75,12 @@ const recurse = (entriesOrObject, depth) => {
        });
    }

-    return retVal.replace(/\n\n\n/g, '\n\n');
+    return retVal
+        .replace(/\n\n\n/g, '\n\n') // Cleanup triple linebreaks
+        .replace(/^([^\S\r\n]*})(?:\n[^\S\r\n]*)+\n([^\S\r\n]*})/gm, '$1\n$2') // Cleanup extra linebreaks between multiple close blocks
+        .replace(/^([^\S\r\n]*[^#\s].*[^\n])\n([^\S\r\n]*)#/gm, '$1\n\n$2#') // Double linebreak before comment
+        .replace(/^([^\S\r\n]*#.*)(?:\n[^\S\r\n]*)+\n([^\S\r\n]*.*{)/gm, '$1\n$2') // Single linebreak between comment and block
+        .replace(/^([^\S\r\n]*#.*\n[^\S\r\n]*#.*\n)([^\S\r\n]*[^#\s])/gm, '$1\n$2'); // Double linebreak after double comment
 };

 export default entriesOrObject => recurse(entriesOrObject, 0);