|
|
|
@ -63,7 +63,8 @@ def get_web_domains_with_root_overrides(env): |
|
|
|
|
root_overrides = { } |
|
|
|
|
nginx_conf_custom_fn = os.path.join(env["STORAGE_ROOT"], "www/custom.yaml") |
|
|
|
|
if os.path.exists(nginx_conf_custom_fn): |
|
|
|
|
custom_settings = rtyaml.load(open(nginx_conf_custom_fn)) |
|
|
|
|
with open(nginx_conf_custom_fn, 'r') as f: |
|
|
|
|
custom_settings = rtyaml.load(f) |
|
|
|
|
for domain, settings in custom_settings.items(): |
|
|
|
|
for type, value in [('redirect', settings.get('redirects', {}).get('/')), |
|
|
|
|
('proxy', settings.get('proxies', {}).get('/'))]: |
|
|
|
@ -75,13 +76,18 @@ def do_web_update(env): |
|
|
|
|
# Pre-load what SSL certificates we will use for each domain. |
|
|
|
|
ssl_certificates = get_ssl_certificates(env) |
|
|
|
|
|
|
|
|
|
# Helper for reading config files and templates |
|
|
|
|
def read_conf(conf_fn): |
|
|
|
|
with open(os.path.join(os.path.dirname(__file__), "../conf", conf_fn), "r") as f: |
|
|
|
|
return f.read() |
|
|
|
|
|
|
|
|
|
# Build an nginx configuration file. |
|
|
|
|
nginx_conf = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-top.conf")).read() |
|
|
|
|
nginx_conf = read_conf("nginx-top.conf") |
|
|
|
|
|
|
|
|
|
# Load the templates. |
|
|
|
|
template0 = open(os.path.join(os.path.dirname(__file__), "../conf/nginx.conf")).read() |
|
|
|
|
template1 = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-alldomains.conf")).read() |
|
|
|
|
template2 = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-primaryonly.conf")).read() |
|
|
|
|
template0 = read_conf("nginx.conf") |
|
|
|
|
template1 = read_conf("nginx-alldomains.conf") |
|
|
|
|
template2 = read_conf("nginx-primaryonly.conf") |
|
|
|
|
template3 = "\trewrite ^(.*) https://$REDIRECT_DOMAIN$1 permanent;\n" |
|
|
|
|
|
|
|
|
|
# Add the PRIMARY_HOST configuration first so it becomes nginx's default server. |
|
|
|
@ -141,11 +147,8 @@ def make_domain_config(domain, templates, ssl_certificates, env): |
|
|
|
|
def hashfile(filepath): |
|
|
|
|
import hashlib |
|
|
|
|
sha1 = hashlib.sha1() |
|
|
|
|
f = open(filepath, 'rb') |
|
|
|
|
try: |
|
|
|
|
with open(filepath, 'rb') as f: |
|
|
|
|
sha1.update(f.read()) |
|
|
|
|
finally: |
|
|
|
|
f.close() |
|
|
|
|
return sha1.hexdigest() |
|
|
|
|
nginx_conf_extra += "\t# ssl files sha1: %s / %s\n" % (hashfile(tls_cert["private-key"]), hashfile(tls_cert["certificate"])) |
|
|
|
|
|
|
|
|
@ -153,7 +156,8 @@ def make_domain_config(domain, templates, ssl_certificates, env): |
|
|
|
|
hsts = "yes" |
|
|
|
|
nginx_conf_custom_fn = os.path.join(env["STORAGE_ROOT"], "www/custom.yaml") |
|
|
|
|
if os.path.exists(nginx_conf_custom_fn): |
|
|
|
|
yaml = rtyaml.load(open(nginx_conf_custom_fn)) |
|
|
|
|
with open(nginx_conf_custom_fn, 'r') as f: |
|
|
|
|
yaml = rtyaml.load(f) |
|
|
|
|
if domain in yaml: |
|
|
|
|
yaml = yaml[domain] |
|
|
|
|
|
|
|
|
|