potluck-nginx 0.0.4 → 0.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f489f7ab1e64d5447a26b87a96bfb1ceb50174cce9a25d9131e64ee1a06a7f66
-  data.tar.gz: 7f7518e1835ef8d454b2925bded018cc189fde565dedae2f8b8274f105531040
+  metadata.gz: b5dc3bb7d62e4244f719abe5110cdb80a972b10f56f13d35844918a3eaa875df
+  data.tar.gz: b971afa507788f9bf2261df078e7df83df963928dba62dcca2e1cbf80a10cd6a
 SHA512:
-  metadata.gz: c8cd92c4fdbd976b2330a433ff6cacac50ee143c2b90dd91776af91350b4540b304fc89f3ad0456acb108ad4f29affe37e58699c8ba122a3652eca86306f495c
-  data.tar.gz: 0f366d7c77baef42dae840b4e410c596623297bede06a7daa2c15c52d079b789118e89c8f7319d91012a74766e9baa033b416b8f56603a61ddd7200ff4de6d8e
+  metadata.gz: d6b3f68bf12bce2e2035689d9c07bd76af04d0f5c8ad596c1dfafb2c5faca4551e9a9d8c64e51fd6fb614f2b7e5dc4746a8f36137b5f416ecd78dffab961c6db
+  data.tar.gz: 3885228d15374b68b7af5d86050aea5bab688e4de24fa4cb18a54599bdece7baa0e6495487b707547be70646eefe4099184b69c60128370151b069153f5b2136

data/lib/potluck/nginx/ssl.rb

@@ -49,7 +49,8 @@ module Potluck
         @auto_generated = !crt_file && !key_file && !dhparam_file
 
         if !@auto_generated && (!crt_file || !key_file || !dhparam_file)
-          raise('Must supply values for all three or none: crt_file, key_file, dhparam_file')
+          raise(ArgumentError.new('Must supply values for all three or none: crt_file, key_file, '\
+            'dhparam_file'))
         end
 
         @csr_file = File.join(@dir, "#{@host}.csr").freeze
@@ -57,13 +58,13 @@ module Potluck
         @key_file = key_file || File.join(@dir, "#{@host}.key").freeze
         @dhparam_file = dhparam_file || File.join(@dir, 'dhparam.pem').freeze
 
-        @config = {
+        @config = Util.deep_merge({
           'ssl_certificate' => @crt_file,
           'ssl_certificate_key' => @key_file,
           'ssl_dhparam' => @dhparam_file,
           'ssl_stapling' => ('on' unless @auto_generated),
           'ssl_stapling_verify' => ('on' unless @auto_generated),
-        }.merge!(DEFAULT_CONFIG).merge!(config)
+        }, DEFAULT_CONFIG, config)
       end
 
       ##

data/lib/potluck/nginx/util.rb

@@ -1,16 +1,16 @@
 # frozen_string_literal: true
 
 module Potluck
-  class Nginx
+  class Nginx < Service
     ##
     # Utility methods for Nginx class.
     #
     class Util
       ##
-      # Merges one or more other hashes into a hash by merging nested hashes rather than overwriting them as
-      # is the case with <tt>Hash#merge!</tt>.
+      # Merges N hashes by merging nested hashes rather than overwriting them as is the case with
+      # <tt>Hash#merge</tt>.
       #
-      # * +hashes+ - Hashes to deep merge. The first one will be modified with the result of the merge.
+      # * +hashes+ - Hashes to deep merge.
       # * +arrays+ - True if arrays should be merged rather than overwritten (optional, default: false).
       #
       # Example:
@@ -18,28 +18,28 @@ module Potluck
       #   h1 = {hello: {item1: 'world'}}
       #   h2 = {hello: {item2: 'friend'}}
       #
-      #   Util.deep_merge!(h1, h2)
+      #   Util.deep_merge(h1, h2)
       #   # => {hello: {item1: 'world', item2: 'friend'}}
       #
-      # By default, only hashes are merged and arrays are still overwritten as they are with
-      # <tt>Hash#merge!</tt>. But passing <tt>arrays: true</tt> will result in arrays being merged similarly
-      # to hashes. Example:
+      # By default only hashes are merged and arrays are still overwritten as they are with
+      # <tt>Hash#merge</tt>. Passing <tt>arrays: true</tt> will result in arrays being merged similarly to
+      # hashes. Example:
       #
       #   h1 = {hello: {item1: ['world']}}
       #   h2 = {hello: {item1: ['friend']}}
       #
-      #   Util.deep_merge!(h1, h2, arrays: true)
+      #   Util.deep_merge(h1, h2, arrays: true)
       #   # => {hello: {item1: ['world', 'friend']}}
       #
-      def self.deep_merge!(*hashes, arrays: false)
-        hash = hashes[0]
+      def self.deep_merge(*hashes, arrays: false)
+        hash = hashes[0].dup
 
         hashes[1..-1].each do |other_hash|
           other_hash.each do |key, other_value|
             this_value = hash[key]
 
             if this_value.kind_of?(Hash) && other_value.kind_of?(Hash)
-              deep_merge!(this_value, other_value, arrays: arrays)
+              hash[key] = deep_merge(this_value, other_value, arrays: arrays)
             elsif arrays && this_value.kind_of?(Array)
               hash[key] |= Array(other_value)
             else

data/lib/potluck/nginx.rb

@@ -143,7 +143,7 @@ module Potluck
     ##
     # Returns a hash representation of the Nginx configuration file content. Any configuration passed to
     # Nginx.new is deep-merged into a base configuration hash, meaning nested hashes are merged rather than
-    # overwritten (see Util.deep_merge!).
+    # overwritten (see Util.deep_merge).
     #
     def config
       host_subdomains_regex = ([@host] + @subdomains).join('|')
@@ -154,97 +154,103 @@ module Potluck
           'server' => "127.0.0.1:#{@port}",
         },
 
-        'server' => Util.deep_merge!({
-          'charset' => 'UTF-8',
-          'access_log' => File.join(@dir, 'nginx-access.log'),
-          'error_log' => File.join(@dir, 'nginx-error.log'),
-
-          'listen' => {
-            repeat: true,
-            '8080' => true,
-            '[::]:8080' => true,
-            '4433 ssl http2' => @ssl ? true : nil,
-            '[::]:4433 ssl http2' => @ssl ? true : nil,
-          },
-          'server_name' => (@hosts + @subdomains).join(' '),
-
-          'gzip' => 'on',
-          'gzip_types' => 'application/javascript application/json application/xml text/css '\
-            'text/javascript text/plain',
-
-          'add_header' => {
-            repeat: true,
-            'Referrer-Policy' => '\'same-origin\' always',
-            'X-Frame-Options' => '\'DENY\' always',
-            'X-XSS-Protection' => '\'1; mode=block\' always',
-            'X-Content-Type-Options' => '\'nosniff\' always',
-          },
-        }, @ssl ? @ssl.config : {}).merge!(
-          'location /' => {
-            raw: """
-              if ($host !~ ^#{hosts_subdomains_regex}$) { return 404; }
-
-              set $r 0;
-              set $s $scheme;
-              set $h $host;
-              set $port #{@ssl ? '443' : '80'};
-              set $p '';
-              set $u '';
-              set $q '';
-
-              #{if @www.nil? && @one_host == false
-                nil
-              elsif @www.nil? && @one_host == true
-                "if ($host !~ ^(www.)?#{host_subdomains_regex}$) { set $h $1#{@host}; set $r 1; }"
-              elsif @www == false && @one_host == false
-                "if ($host ~ ^www.(.+)$) { set $h $1; set $r 1; }"
-              elsif @www == false && @one_host == true
-                "if ($host !~ ^#{host_subdomains_regex}$) { set $h #{@host}; set $r 1; }"
-              elsif @www == true && @one_host == false
-                "if ($host !~ ^www.(.+)$) { set $h $1; set $r 1; }"
-              elsif @www == true && @one_host == true
-                "if ($host !~ ^www.#{host_subdomains_regex}$) { set $h www.#{@host}; set $r 1; }"
-              end}
-
-              if ($scheme = #{@other_scheme}) { set $s #{@scheme}; set $r 1; }
-              if ($http_host ~ :([0-9]+)$) { set $p :$1; set $port $1; }
-              if ($request_uri ~ ^([^\\?]+)(\\?+.*)?$) { set $u $1; set $q $2; }
-
-              #{'if ($u ~ //) { set $u $uri; set $r 1; }' if @multiple_slashes == false}
-              #{'if ($q ~ ^\?\?+(.*)$) { set $q ?$1; set $r 1; }' if @multiple_question_marks == false}
-
-              #{if @trailing_question_mark == false
-                'if ($q ~ \?+$) { set $q \'\'; set $r 1; }'
-              elsif @trailing_question_mark == true
-                'if ($q !~ .) { set $q ?; set $r 1; }'
-              end}
-              #{if @trailing_slash == false
-                'if ($u ~ (.+?)/+$) { set $u $1; set $r 1; }'
-              elsif @trailing_slash == true
-                'if ($u ~ [^/]$) { set $u $u/; set $r 1; }'
-              end}
-
-              set $mr $request_method$r;
-
-              if ($mr ~ ^(GET|HEAD)1$) { return 301 $s://$h$p$u$q; }
-              if ($mr ~ 1$) { return 308 $s://$h$p$u$q; }
-            """.strip.gsub(/^ +/, '').gsub(/\n{3,}/, "\n\n"),
-
-            'proxy_pass' => "http://#{@host}",
-            'proxy_redirect' => 'off',
-            'proxy_set_header' => {
+        'server' => Util.deep_merge(
+          {
+            'charset' => 'UTF-8',
+            'access_log' => File.join(@dir, 'nginx-access.log'),
+            'error_log' => File.join(@dir, 'nginx-error.log'),
+
+            'listen' => {
+              repeat: true,
+              '8080' => true,
+              '[::]:8080' => true,
+              '4433 ssl http2' => @ssl ? true : nil,
+              '[::]:4433 ssl http2' => @ssl ? true : nil,
+            },
+            'server_name' => (@hosts + @subdomains).join(' '),
+
+            'gzip' => 'on',
+            'gzip_types' => 'application/javascript application/json application/xml text/css '\
+              'text/javascript text/plain',
+
+            'add_header' => {
               repeat: true,
-              'Host' => '$http_host',
-              'X-Real-IP' => '$remote_addr',
-              'X-Forwarded-For' => '$proxy_add_x_forwarded_for',
-              'X-Forwarded-Proto' => @ssl ? 'https' : 'http',
-              'X-Forwarded-Port' => '$port',
+              'Referrer-Policy' => '\'same-origin\' always',
+              'X-Frame-Options' => '\'DENY\' always',
+              'X-XSS-Protection' => '\'1; mode=block\' always',
+              'X-Content-Type-Options' => '\'nosniff\' always',
+            },
+          },
+
+          @ssl ? @ssl.config : {},
+
+          {
+            'location /' => {
+              raw: """
+                if ($host !~ ^#{hosts_subdomains_regex}$) { return 404; }
+
+                set $r 0;
+                set $s $scheme;
+                set $h $host;
+                set $port #{@ssl ? '443' : '80'};
+                set $p '';
+                set $u '';
+                set $q '';
+
+                #{if @www.nil? && @one_host == false
+                  nil
+                elsif @www.nil? && @one_host == true
+                  "if ($host !~ ^(www.)?#{host_subdomains_regex}$) { set $h $1#{@host}; set $r 1; }"
+                elsif @www == false && @one_host == false
+                  "if ($host ~ ^www.(.+)$) { set $h $1; set $r 1; }"
+                elsif @www == false && @one_host == true
+                  "if ($host !~ ^#{host_subdomains_regex}$) { set $h #{@host}; set $r 1; }"
+                elsif @www == true && @one_host == false
+                  "if ($host !~ ^www.(.+)$) { set $h $1; set $r 1; }"
+                elsif @www == true && @one_host == true
+                  "if ($host !~ ^www.#{host_subdomains_regex}$) { set $h www.#{@host}; set $r 1; }"
+                end}
+
+                if ($scheme = #{@other_scheme}) { set $s #{@scheme}; set $r 1; }
+                if ($http_host ~ :([0-9]+)$) { set $p :$1; set $port $1; }
+                if ($request_uri ~ ^([^\\?]+)(\\?+.*)?$) { set $u $1; set $q $2; }
+
+                #{'if ($u ~ //) { set $u $uri; set $r 1; }' if @multiple_slashes == false}
+                #{'if ($q ~ ^\?\?+(.*)$) { set $q ?$1; set $r 1; }' if @multiple_question_marks == false}
+
+                #{if @trailing_question_mark == false
+                  'if ($q ~ \?+$) { set $q \'\'; set $r 1; }'
+                elsif @trailing_question_mark == true
+                  'if ($q !~ .) { set $q ?; set $r 1; }'
+                end}
+                #{if @trailing_slash == false
+                  'if ($u ~ (.+?)/+$) { set $u $1; set $r 1; }'
+                elsif @trailing_slash == true
+                  'if ($u ~ [^/]$) { set $u $u/; set $r 1; }'
+                end}
+
+                set $mr $request_method$r;
+
+                if ($mr ~ ^(GET|HEAD)1$) { return 301 $s://$h$p$u$q; }
+                if ($mr ~ 1$) { return 308 $s://$h$p$u$q; }
+              """.strip.gsub(/^ +/, '').gsub(/\n{3,}/, "\n\n"),
+
+              'proxy_pass' => "http://#{@host}",
+              'proxy_redirect' => 'off',
+              'proxy_set_header' => {
+                repeat: true,
+                'Host' => '$http_host',
+                'X-Real-IP' => '$remote_addr',
+                'X-Forwarded-For' => '$proxy_add_x_forwarded_for',
+                'X-Forwarded-Proto' => @ssl ? 'https' : 'http',
+                'X-Forwarded-Port' => '$port',
+              },
             },
           },
-        ),
-      }
 
-      Util.deep_merge!(config['server'], @additional_config)
+          @additional_config,
+        )
+      }
 
       config
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: potluck-nginx
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.0.5
 platform: ruby
 authors:
 - Nate Pickens
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-12-28 00:00:00.000000000 Z
+date: 2021-12-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: potluck
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.0.4
+        version: 0.0.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.0.4
+        version: 0.0.5
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement