github
/
nginxconfig.io
mirror of https://github.com/digitalocean/nginxconfig.io
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/master' into hotfix/drupal.conf

pull/111/head
Alexandre Dias 2020-06-03 21:25:03 +01:00
parent 5db1fd7162 1d2362023c
commit 89db117a9e
9 changed files with 165 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/nginxconfig/generators/conf/nginx.conf.js
View File

@ -107,9 +107,6 @@ export default (domains, global) => {
config.http.push(['ssl_stapling', 'on']);
config.http.push(['ssl_stapling_verify', 'on']);
if (global.https.ocspCloudflare.computed
|| global.https.ocspGoogle.computed
|| global.https.ocspOpenDns.computed) {
const ips = [];
if (global.https.ocspCloudflare.computed) {
if (['ipv4', 'both'].includes(global.https.ocspCloudflareType.computed))
@ -129,7 +126,20 @@ export default (domains, global) => {
if (['ipv6', 'both'].includes(global.https.ocspOpenDnsType.computed))
ips.push('[2620:119:35::35]', '[2620:119:53::53]');
}
if (global.https.ocspQuad9.computed) {
if (['ipv4', 'both'].includes(global.https.ocspQuad9Type.computed))
ips.push('9.9.9.9', '149.112.112.112');
if (['ipv6', 'both'].includes(global.https.ocspQuad9Type.computed))
ips.push('[2620:fe::fe]', '[2620:fe::9]');
}
if (global.https.ocspVerisign.computed) {
if (['ipv4', 'both'].includes(global.https.ocspVerisignType.computed))
ips.push('64.6.64.6', '64.6.65.6');
if (['ipv6', 'both'].includes(global.https.ocspVerisignType.computed))
ips.push('[2620:74:1b::1:1]', '[2620:74:1c::2:2]');
}
if (ips.length) {
config.http.push(['resolver', `${ips.join(' ')} valid=60s`]);
config.http.push(['resolver_timeout', '2s']);
}

2
src/nginxconfig/i18n/en/templates/global_sections/https.js
View File

@ -27,6 +27,8 @@ export default {
cloudflareResolver: 'Cloudflare Resolver',
googlePublicDns: 'Google Public DNS',
openDns: 'OpenDNS',
quad9: 'Quad9',
verisign: 'Verisign',
letsEncryptWebroot: `${common.letsEncrypt} webroot`,
mozillaModern: `${mozilla} Modern`,
mozillaIntermediate: `${mozilla} Intermediate`,

17
src/nginxconfig/templates/app.vue
View File

@ -70,8 +70,8 @@ limitations under the License.
<div :class="`column ${splitColumn ? 'is-half' : 'is-full'} is-full-mobile is-full-tablet`">
<h2>{{ i18n.templates.app.configFiles }}</h2>
<div ref="files" class="columns is-multiline">
<NginxPrism v-for="conf in confFilesOutput"
:key="`${conf[0]}-${hash(conf[1])}`"
<NginxPrism v-for="(conf, i) in confFilesOutput"
:key="`${conf[0]}-${i}-${hash(conf[1])}`"
:name="`${nginxDir}/${conf[0]}`"
:conf="conf[1]"
:half="confFilesOutput.length > 1 && !splitColumn"
@ -169,7 +169,18 @@ limitations under the License.
return '';
},
add() {
this.$data.domains.push(clone(Domain.delegated));
const data = clone(Domain.delegated);
// Avoid dupe domains
let count = 1;
while (this.$data.domains.some(d => d && d.server.domain.computed === data.server.domain.computed)) {
count++;
data.server.domain.computed = data.server.domain.default.replace('.com', `${count}.com`);
}
data.server.domain.value = data.server.domain.computed;
// Store
this.$data.domains.push(data);
this.$data.active = this.$data.domains.length - 1;
},
remove(index) {

20
src/nginxconfig/templates/domain_sections/https.vue
View File

@ -138,7 +138,7 @@ limitations under the License.
<input v-model="letsEncryptEmail"
class="input"
type="text"
:placeholder="`info@${$parent.$props.data.server.domain.computed}`"
:placeholder="$props.data.letsEncryptEmail.computed"
/>
</div>
</div>
@ -223,6 +223,7 @@ limitations under the License.
},
letsEncryptEmail: {
default: '',
computed: 'info@example.com', // No default value, but a default computed
enabled: true,
},
sslCertificate: {
@ -346,6 +347,23 @@ limitations under the License.
},
deep: true,
},
// Ensure there is a default email for Let's Encrypt
'$props.data.letsEncryptEmail': {
handler(data) {
if (!data.computed.trim()) {
data.computed = `info@${this.$parent.$props.data.server.domain.computed}`;
}
},
deep: true,
},
'$parent.$props.data.server.domain': {
handler(data) {
if (!this.$props.data.letsEncryptEmail.value.trim()) {
this.$props.data.letsEncryptEmail.computed = `info@${data.computed}`;
}
},
deep: true,
},
},
};
</script>

5
src/nginxconfig/templates/domain_sections/server.vue
View File

@ -186,11 +186,10 @@ limitations under the License.
watch: {
'$props.data.domain': {
handler(data) {
// This might cause recursion, but seems not to
// Ignore www. if given
// Ignore www. if given, enable WWW subdomain
if (data.computed.startsWith('www.')) {
data.computed = data.computed.slice(4);
this.wwwSubdomain = true;
}
// Use default if empty

60
src/nginxconfig/templates/global_sections/https.vue
View File

@ -122,6 +122,48 @@ limitations under the License.
</div>
</div>
</div>
<div :class="`control${ocspQuad9Changed ? ' is-changed' : ''}`">
<div class="checkbox">
<PrettyCheck v-model="ocspQuad9" class="p-default p-curve p-fill p-icon">
<i slot="extra" class="icon fas fa-check"></i>
{{ i18n.templates.globalSections.https.quad9 }}
</PrettyCheck>
</div>
</div>
<div v-if="$props.data.ocspQuad9.computed" class="control field is-horizontal is-expanded">
<div v-for="(name, value) in $props.data.ocspQuad9Type.options"
:class="`control${ocspQuad9TypeChanged && value === ocspQuad9Type ? ' is-changed' : ''}`"
>
<div class="radio">
<PrettyRadio v-model="ocspQuad9Type" :value="value" class="p-default p-round p-fill p-icon">
<i slot="extra" class="icon fas fa-check"></i>
{{ name }}
</PrettyRadio>
</div>
</div>
</div>
<div :class="`control${ocspVerisignChanged ? ' is-changed' : ''}`">
<div class="checkbox">
<PrettyCheck v-model="ocspVerisign" class="p-default p-curve p-fill p-icon">
<i slot="extra" class="icon fas fa-check"></i>
{{ i18n.templates.globalSections.https.verisign }}
</PrettyCheck>
</div>
</div>
<div v-if="$props.data.ocspVerisign.computed" class="control field is-horizontal is-expanded">
<div v-for="(name, value) in $props.data.ocspVerisignType.options"
:class="`control${ocspVerisignTypeChanged && value === ocspVerisignType ? ' is-changed' : ''}`"
>
<div class="radio">
<PrettyRadio v-model="ocspVerisignType" :value="value" class="p-default p-round p-fill p-icon">
<i slot="extra" class="icon fas fa-check"></i>
{{ name }}
</PrettyRadio>
</div>
</div>
</div>
</div>
</div>
</div>
@ -195,6 +237,16 @@ limitations under the License.
enabled: true,
},
ocspOpenDnsType: clone(ipType),
ocspQuad9: {
default: false,
enabled: true,
},
ocspQuad9Type: clone(ipType),
ocspVerisign: {
default: false,
enabled: true,
},
ocspVerisignType: clone(ipType),
letsEncryptRoot: {
default: '/var/www/_letsencrypt/',
enabled: true,
@ -238,6 +290,14 @@ limitations under the License.
handler: validOptionCheck,
deep: true,
},
'$props.data.ocspQuad9Type': {
handler: validOptionCheck,
deep: true,
},
'$props.data.ocspVerisignType': {
handler: validOptionCheck,
deep: true,
},
'$parent.$parent.$data.domains': {
handler(data) {
let httpsEnabled = false, leEnabled = false;

2
src/nginxconfig/templates/global_sections/security.vue
View File

@ -151,7 +151,7 @@ limitations under the License.
computed: {
...computedFromDefaults(defaults, 'security'), // Getters & setters for the delegated data
hasWordPress() {
return this.$parent.$parent.$data.domains.some(d => d.php.wordPressRules.computed);
return this.$parent.$parent.$data.domains.some(d => d && d.php.wordPressRules.computed);
},
hasUnsafeEval() {
return this.$props.data.contentSecurityPolicy.computed.includes('\'unsafe-eval\'');

34
src/nginxconfig/util/backwards_compatibility.js
View File

@ -121,8 +121,8 @@ export default data => {
// If not a global setting and if this is an integer
// Then, this is probably an old domain, so we'll try to convert it as such
if (!isNaN(parseInt(key))) {
data.domains = data.domains || [];
data.domains.push(data[key]);
data.domains = isObject(data.domains) ? data.domains : {};
data.domains[key] = data[key];
}
}
@ -130,35 +130,35 @@ export default data => {
data.global = {...(data.global || {}), ...mappedGlobal};
// Handle converting domain settings
if ('domains' in data && (Array.isArray(data.domains) || isObject(data.domains))) {
// Ensure we're working with an array
const values = isObject(data.domains) ? Object.values(data.domains) : data.domains;
if ('domains' in data && isObject(data.domains)) {
for (const key in data.domains) {
// Don't include inherited props
if (!Object.prototype.hasOwnProperty.call(data.domains, key)) continue;
for (let i = 0; i < values.length; i++) {
// Check this is an object
if (!isObject(values[i])) continue;
if (!isObject(data.domains[key])) continue;
// Hold any mapped data
const mappedData = {};
// Handle converting old domain settings to new ones
for (const key in values[i]) {
if (!Object.prototype.hasOwnProperty.call(values[i], key)) continue;
if (isObject(values[i][key])) continue;
for (const key2 in data.domains[key]) {
// Don't include inherited props
if (!Object.prototype.hasOwnProperty.call(data.domains[key], key2)) continue;
// Don't convert objects
if (isObject(data.domains[key][key2])) continue;
// Map old settings to their new ones
if (key in domainMap) {
const map = domainMap[key];
if (key2 in domainMap) {
const map = domainMap[key2];
mappedData[map[0]] = mappedData[map[0]] || {};
mappedData[map[0]][map[1]] = map.length < 3 ? values[i][key] : map[2](values[i][key]);
mappedData[map[0]][map[1]] = map.length < 3 ? data.domains[key][key2] : map[2](data.domains[key][key2]);
}
}
// Overwrite mapped properties
values[i] = {...values[i], ...mappedData};
data.domains[key] = {...data.domains[key], ...mappedData};
}
// Store the updated domain data
data.domains = values;
}
};

23
src/nginxconfig/util/import_data.js
View File

@ -54,6 +54,7 @@ export default (query, domains, global, nextTick) => {
const data = qs.parse(query, {
ignoreQueryPrefix: true,
allowDots: true,
parseArrays: false,
decoder(value) {
value = decodeURIComponent(value);
@ -78,16 +79,15 @@ export default (query, domains, global, nextTick) => {
backwardsCompatibility(data);
// Handle domains
if ('domains' in data) {
// Check its an array or object
if (Array.isArray(data.domains) || isObject(data.domains)) {
// Ensure we're working with an array
const values = isObject(data.domains) ? Object.values(data.domains) : data.domains;
// Work through each potential domain
for (const domainData of values) {
// Check this is an object
if (!isObject(domainData)) continue;
if ('domains' in data && isObject(data.domains)) {
// Work through all valid integer keys in the object
const keys = Object.keys(data.domains).map(x => parseInt(x)).filter(x => !isNaN(x));
for (let i = 0; i < Math.max(...keys) + 1; i++) {
// If the key doesn't exist or this isn't a valid object, assume it was an untouched example domain
if (!keys.includes(i) || !isObject(data.domains[i])) {
domains.push(clone(Domain.delegated));
continue;
}
// Create a new domain (assume it has had custom user settings)
const domainImported = clone(Domain.delegated);
@ -95,8 +95,7 @@ export default (query, domains, global, nextTick) => {
domains.push(domainImported);
// Apply the initial values on the next Vue tick, once the watchers are ready
nextTick(() => applyCategories(domainData, domainImported));
}
nextTick(() => applyCategories(data.domains[i], domainImported));
}
} else {
// If no configured domains, add a single default