adrian
/
schematics
1
0
Fork 0
Code Issues Pull Requests Releases Activity
A library for writing host-specific, single-binary configuration management and deployment tools
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
91 Commits
1 Branch
0 Tags
810 KiB
Tree: 907a4962c5
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '907a4962c5'
${ noResults }
schematics/src/templates/nginx/server.rs

202 lines
4.9 KiB
Raw Normal View History

New architecture
4 years ago
  1. use std::fmt::Display;
  2. use std::path::Path;
  4. pub fn default_server<P: AsRef<Path>>(challenges_snippet_path: P) -> String {
  5. format!(
  6. "server {{
  7. listen 80 default_server;
  8. listen [::]:80 default_server;
  9. include \"{}\";
  10. }}",
  11. challenges_snippet_path.as_ref().to_str().unwrap()
  12. )
  13. }
  15. pub fn server_config<D: Display, C: AsRef<Path>, K: AsRef<Path>, T: Display, S: AsRef<Path>>(
  16. domain: D,
  17. cert_path: C,
  18. key_path: K,
  19. content: T,
  20. challenges_snippet_path: S,
  21. ) -> String {
  22. format!(
  23. "server {{
  24. listen 443 ssl http2;
  25. listen [::]:443 ssl http2;
  26. server_name {};
  27. include \"{}\";
  29. ssl_certificate {};
  30. ssl_certificate_key {};
  31. add_header Strict-Transport-Security \"max-age=31536000\";
  33. {}
  34. }}
  36. # Redirect all HTTP links to the matching HTTPS page
  37. server {{
  38. listen 80;
  39. listen [::]:80;
  40. server_name {0};
  41. include \"{1}\";
  43. location / {{
  44. return 301 https://$host$request_uri;
  45. }}
  46. }}
  47. ",
  48. domain,
  49. challenges_snippet_path.as_ref().to_str().unwrap(),
  50. cert_path.as_ref().to_str().unwrap(),
  51. key_path.as_ref().to_str().unwrap(),
  52. content
  53. )
  54. }
  56. pub fn php_snippet<SOCKET: AsRef<Path>, STATIC: AsRef<Path>>(
  57. index: &'static str,
  58. socket_path: SOCKET,
  59. static_path: STATIC,
  60. ) -> String {
  61. format!(
  62. "root {};
  63. index {};
  64. location ~ [^/]\\.php(/|$) {{
  65. fastcgi_pass unix:{};
  66. include \"snippets/fastcgi-php.conf\";
  67. }}",
  68. static_path.as_ref().to_str().unwrap(),
  69. index,
  70. socket_path.as_ref().to_str().unwrap()
  71. )
  72. }
  74. pub fn redir_snippet(target: &str) -> String {
  75. format!(
  76. "location / {{
  77. return 301 $scheme://{}$request_uri;
  78. }}",
  79. target
  80. )
  81. }
  83. pub trait SocketSpec {
  84. fn to_nginx(&self) -> String;
  85. }
  87. impl<T: AsRef<Path>> SocketSpec for T {
  88. fn to_nginx(&self) -> String {
  89. format!("unix:{}:", self.as_ref().to_str().unwrap())
  90. }
  91. }
  93. pub struct LocalTcpSocket(usize);
  95. impl LocalTcpSocket {
  96. pub const fn new(x: usize) -> Self {
  97. Self(x)
  98. }
  99. }
  101. impl SocketSpec for LocalTcpSocket {
  102. fn to_nginx(&self) -> String {
  103. format!("localhost:{}", self.0)
  104. }
  105. }
  107. pub fn proxy_snippet<S: SocketSpec, STATIC: AsRef<Path>>(
  108. socket_path: &S,
  109. static_path: STATIC,
  110. ) -> String {
  111. format!(
  112. "root {};
  113. location / {{
  114. try_files $uri @proxy;
  115. }}
  117. location @proxy {{
  118. include fastcgi_params;
  119. proxy_pass http://{};
  120. proxy_redirect off;
  121. }}",
  122. static_path.as_ref().to_str().unwrap(),
  123. socket_path.to_nginx()
  124. )
  125. }
  127. pub fn static_snippet<S: AsRef<Path>>(static_path: S) -> String {
  128. format!(
  129. "root {};
  130. try_files $uri $uri/ $uri.html =404;
  131. ",
  132. static_path.as_ref().to_str().unwrap()
  133. )
  134. }
  136. pub fn dokuwiki_snippet() -> String {
  137. "
  138. location ~ /(data/|conf/|bin/|inc/|install.php) { deny all; }
  140. location / { try_files $uri $uri/ @dokuwiki; }
  142. location @dokuwiki {
  143. # rewrites \"doku.php/\" out of the URLs if you set the userewrite setting to .htaccess in dokuwiki config page
  144. rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
  145. rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
  146. rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
  147. rewrite ^/(.*) /doku.php?id=$1&$args last;
  148. }".into()
  149. }
  151. pub fn nextcloud_snippet() -> String {
  152. "
  153. client_max_body_size 500M;
  155. # Disable gzip to avoid the removal of the ETag header
  156. gzip off;
  158. rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
  159. rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
  160. rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
  162. error_page 403 /core/templates/403.php;
  163. error_page 404 /core/templates/404.php;
  165. location = /robots.txt {
  166. allow all;
  167. log_not_found off;
  168. access_log off;
  169. }
  171. location ~ ^/(?:\\.htaccess|data|config|db_structure\\.xml|README) {
  172. deny all;
  173. }
  175. location / {
  176. # The following 2 rules are only needed with webfinger
  177. rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
  178. rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
  180. rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
  181. rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
  183. rewrite ^(/core/doc/[^\\/]+/)$ $1/index.html;
  185. try_files $uri $uri/ /index.php;
  186. }
  188. # Adding the cache control header for js and css files
  189. # Make sure it is BELOW the location ~ \\.php(?:$|/) { block
  190. location ~* \\.(?:css|js)$ {
  191. add_header Cache-Control \"public, max-age=7200\";
  192. # Optional: Don't log access to assets
  193. access_log off;
  194. }
  196. # Optional: Don't log access to other assets
  197. location ~* \\.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
  198. access_log off;
  199. }
  200. "
  201. .into()
  202. }