potluck-nginx 0.0.5 → 0.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/LICENSE +1 -1
- data/lib/potluck/nginx/ssl.rb +5 -6
- data/lib/potluck/nginx.rb +93 -93
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 27f10a23324844c7c0e3733f2ce1d7d48c0fd4fd61d0444e45f7db62a3a4d58a
|
|
4
|
+
data.tar.gz: '094a492be3e1efa5c5919f14111d03b86de1ab809e8482635b313671d658bb12'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9216e7234a2ccfcb0ae3589b517b76b2bc4ba7800cd73cd9fc5330b516511ab0ad41ae80b0daf3266dada155dd1e8005866cccbab1a28afabdd6a2473d41a62f
|
|
7
|
+
data.tar.gz: 5bce05141ee5156f2cf1b9d83d062bb9c4fbea5226a8b666ecce8dbb54e5d0bd273e027c014e847a9f24cf11c22ad77a4bc68c733b8e9f9f56908e279382a0fc
|
data/LICENSE
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
Copyright 2021 Nate Pickens
|
|
1
|
+
Copyright 2021-2022 Nate Pickens
|
|
2
2
|
|
|
3
3
|
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
|
|
4
4
|
documentation files (the "Software"), to deal in the Software without restriction, including without
|
data/lib/potluck/nginx/ssl.rb
CHANGED
|
@@ -49,8 +49,7 @@ module Potluck
|
|
|
49
49
|
@auto_generated = !crt_file && !key_file && !dhparam_file
|
|
50
50
|
|
|
51
51
|
if !@auto_generated && (!crt_file || !key_file || !dhparam_file)
|
|
52
|
-
raise(ArgumentError
|
|
53
|
-
'dhparam_file'))
|
|
52
|
+
raise(ArgumentError, 'Must supply values for all three or none: crt_file, key_file, dhparam_file')
|
|
54
53
|
end
|
|
55
54
|
|
|
56
55
|
@csr_file = File.join(@dir, "#{@host}.csr").freeze
|
|
@@ -85,13 +84,13 @@ module Potluck
|
|
|
85
84
|
|
|
86
85
|
@nginx.log('Generating SSL files...')
|
|
87
86
|
|
|
88
|
-
@nginx.run("openssl genrsa -out #{@key_file} 4096",
|
|
87
|
+
@nginx.run("openssl genrsa -out #{@key_file} 4096", capture_stderr: false)
|
|
89
88
|
@nginx.run("openssl req -out #{@csr_file} -key #{@key_file} -new -sha256 -config /dev/stdin <<< "\
|
|
90
|
-
"'#{openssl_config}'",
|
|
89
|
+
"'#{openssl_config}'", capture_stderr: false)
|
|
91
90
|
@nginx.run("openssl x509 -in #{@csr_file} -out #{@crt_file} -signkey #{@key_file} -days "\
|
|
92
91
|
"#{CERT_DAYS} -req -sha256 -extensions req_ext -extfile /dev/stdin <<< '#{openssl_config}'",
|
|
93
|
-
|
|
94
|
-
@nginx.run("openssl dhparam -out #{@dhparam_file} 2048",
|
|
92
|
+
capture_stderr: false)
|
|
93
|
+
@nginx.run("openssl dhparam -out #{@dhparam_file} 2048", capture_stderr: false)
|
|
95
94
|
|
|
96
95
|
if IS_MACOS
|
|
97
96
|
@nginx.log('Adding cert to keychain...')
|
data/lib/potluck/nginx.rb
CHANGED
|
@@ -56,7 +56,7 @@ module Potluck
|
|
|
56
56
|
def initialize(hosts, port, subdomains: nil, ssl: nil, one_host: false, www: nil, multiple_slashes: nil,
|
|
57
57
|
multiple_question_marks: nil, trailing_slash: nil, trailing_question_mark: nil, config: {},
|
|
58
58
|
ensure_host_entries: false, **args)
|
|
59
|
-
if args[:manage] && !args[:manage].kind_of?(Hash) && !launchctl?
|
|
59
|
+
if args[:manage] && !args[:manage].kind_of?(Hash) && !self.class.launchctl?
|
|
60
60
|
args[:manage] = NON_LAUNCHCTL_COMMANDS
|
|
61
61
|
end
|
|
62
62
|
|
|
@@ -138,6 +138,98 @@ module Potluck
|
|
|
138
138
|
self.class.to_nginx_config(config)
|
|
139
139
|
end
|
|
140
140
|
|
|
141
|
+
##
|
|
142
|
+
# Content of the launchctl plist file.
|
|
143
|
+
#
|
|
144
|
+
def self.plist
|
|
145
|
+
super(
|
|
146
|
+
<<~EOS
|
|
147
|
+
<key>ProgramArguments</key>
|
|
148
|
+
<array>
|
|
149
|
+
<string>/usr/local/opt/nginx/bin/nginx</string>
|
|
150
|
+
<string>-g</string>
|
|
151
|
+
<string>daemon off;</string>
|
|
152
|
+
</array>
|
|
153
|
+
<key>StandardOutPath</key>
|
|
154
|
+
<string>/usr/local/var/log/nginx/access.log</string>
|
|
155
|
+
<key>StandardErrorPath</key>
|
|
156
|
+
<string>/usr/local/var/log/nginx/error.log</string>
|
|
157
|
+
EOS
|
|
158
|
+
)
|
|
159
|
+
end
|
|
160
|
+
|
|
161
|
+
##
|
|
162
|
+
# Converts a hash to an Nginx configuration file content string. Keys should be strings and values
|
|
163
|
+
# either strings or hashes. A +nil+ value in a hash will result in that key-value pair being omitted.
|
|
164
|
+
#
|
|
165
|
+
# * +hash+ - Hash to convert to the string content of an Nginx configuration file.
|
|
166
|
+
# * +indent+ - Number of spaces to indent; used when the method is called recursively and should not be
|
|
167
|
+
# set explicitly (optional, default: 0).
|
|
168
|
+
# * +repeat+ - Value to prepend to each entry of the hash; used when the method is called recursively
|
|
169
|
+
# and should not be set explicitly (optional).
|
|
170
|
+
#
|
|
171
|
+
# Symbol keys in hashes are used as special directives. Including <tt>repeat: true</tt> will cause the
|
|
172
|
+
# parent hash's key for the child hash to be prefixed to each line of the output. Example:
|
|
173
|
+
#
|
|
174
|
+
# {
|
|
175
|
+
# # ...
|
|
176
|
+
#
|
|
177
|
+
# 'add_header' => {
|
|
178
|
+
# repeat: true,
|
|
179
|
+
# 'X-Frame-Options' => 'DENY',
|
|
180
|
+
# 'X-Content-Type-Options' => 'nosniff',
|
|
181
|
+
# }
|
|
182
|
+
# }
|
|
183
|
+
#
|
|
184
|
+
# Result:
|
|
185
|
+
#
|
|
186
|
+
# # ...
|
|
187
|
+
#
|
|
188
|
+
# add_header X-Frame-Options DENY;
|
|
189
|
+
# add_header X-Content-Type-Options nosniff;
|
|
190
|
+
#
|
|
191
|
+
# A hash containing <tt>raw: '...'</tt> can be used to include a raw chunk of text rather than key-value
|
|
192
|
+
# pairs. Example:
|
|
193
|
+
#
|
|
194
|
+
# {
|
|
195
|
+
# # ...
|
|
196
|
+
#
|
|
197
|
+
# 'location /' => {
|
|
198
|
+
# raw: """
|
|
199
|
+
# if ($scheme = https) { ... }
|
|
200
|
+
# if ($host ~ ^www.) { ... }
|
|
201
|
+
# """,
|
|
202
|
+
# }
|
|
203
|
+
# }
|
|
204
|
+
#
|
|
205
|
+
# Result:
|
|
206
|
+
#
|
|
207
|
+
# location / {
|
|
208
|
+
# if ($scheme = https) { ... }
|
|
209
|
+
# if ($host ~ ^www.) { ... }
|
|
210
|
+
# }
|
|
211
|
+
#
|
|
212
|
+
def self.to_nginx_config(hash, indent: 0, repeat: nil)
|
|
213
|
+
hash.each_with_object(+'') do |(k, v), config|
|
|
214
|
+
next if v.nil?
|
|
215
|
+
next if k == :repeat
|
|
216
|
+
|
|
217
|
+
config << (
|
|
218
|
+
if v.kind_of?(Hash)
|
|
219
|
+
if v[:repeat]
|
|
220
|
+
to_nginx_config(v, indent: indent, repeat: k)
|
|
221
|
+
else
|
|
222
|
+
"#{' ' * indent}#{k} {\n#{to_nginx_config(v, indent: indent + 2)}#{' ' * indent}}\n"
|
|
223
|
+
end
|
|
224
|
+
elsif k == :raw
|
|
225
|
+
"#{v.gsub(/^(?=.)/, ' ' * indent)}\n\n"
|
|
226
|
+
else
|
|
227
|
+
"#{' ' * indent}#{"#{repeat} " if repeat}#{k}#{" #{v}" unless v == true};\n"
|
|
228
|
+
end
|
|
229
|
+
)
|
|
230
|
+
end
|
|
231
|
+
end
|
|
232
|
+
|
|
141
233
|
private
|
|
142
234
|
|
|
143
235
|
##
|
|
@@ -315,97 +407,5 @@ module Potluck
|
|
|
315
407
|
"\\1\\2\\3include #{ACTIVE_CONFIG_PATTERN};\n\n\\3"))
|
|
316
408
|
end
|
|
317
409
|
end
|
|
318
|
-
|
|
319
|
-
##
|
|
320
|
-
# Converts a hash to an Nginx configuration file content string. Keys should be strings and values
|
|
321
|
-
# either strings or hashes. A +nil+ value in a hash will result in that key-value pair being omitted.
|
|
322
|
-
#
|
|
323
|
-
# * +hash+ - Hash to convert to the string content of an Nginx configuration file.
|
|
324
|
-
# * +indent+ - Number of spaces to indent; used when the method is called recursively and should not be
|
|
325
|
-
# set explicitly (optional, default: 0).
|
|
326
|
-
# * +repeat+ - Value to prepend to each entry of the hash; used when the method is called recursively
|
|
327
|
-
# and should not be set explicitly (optional).
|
|
328
|
-
#
|
|
329
|
-
# Symbol keys in hashes are used as special directives. Including <tt>repeat: true</tt> will cause the
|
|
330
|
-
# parent hash's key for the child hash to be prefixed to each line of the output. Example:
|
|
331
|
-
#
|
|
332
|
-
# {
|
|
333
|
-
# # ...
|
|
334
|
-
#
|
|
335
|
-
# 'add_header' => {
|
|
336
|
-
# repeat: true,
|
|
337
|
-
# 'X-Frame-Options' => 'DENY',
|
|
338
|
-
# 'X-Content-Type-Options' => 'nosniff',
|
|
339
|
-
# }
|
|
340
|
-
# }
|
|
341
|
-
#
|
|
342
|
-
# Result:
|
|
343
|
-
#
|
|
344
|
-
# # ...
|
|
345
|
-
#
|
|
346
|
-
# add_header X-Frame-Options DENY;
|
|
347
|
-
# add_header X-Content-Type-Options nosniff;
|
|
348
|
-
#
|
|
349
|
-
# A hash containing <tt>raw: '...'</tt> can be used to include a raw chunk of text rather than key-value
|
|
350
|
-
# pairs. Example:
|
|
351
|
-
#
|
|
352
|
-
# {
|
|
353
|
-
# # ...
|
|
354
|
-
#
|
|
355
|
-
# 'location /' => {
|
|
356
|
-
# raw: """
|
|
357
|
-
# if ($scheme = https) { ... }
|
|
358
|
-
# if ($host ~ ^www.) { ... }
|
|
359
|
-
# """,
|
|
360
|
-
# }
|
|
361
|
-
# }
|
|
362
|
-
#
|
|
363
|
-
# Result:
|
|
364
|
-
#
|
|
365
|
-
# location / {
|
|
366
|
-
# if ($scheme = https) { ... }
|
|
367
|
-
# if ($host ~ ^www.) { ... }
|
|
368
|
-
# }
|
|
369
|
-
#
|
|
370
|
-
def self.to_nginx_config(hash, indent: 0, repeat: nil)
|
|
371
|
-
hash.each_with_object(+'') do |(k, v), config|
|
|
372
|
-
next if v.nil?
|
|
373
|
-
next if k == :repeat
|
|
374
|
-
|
|
375
|
-
config << (
|
|
376
|
-
if v.kind_of?(Hash)
|
|
377
|
-
if v[:repeat]
|
|
378
|
-
to_nginx_config(v, indent: indent, repeat: k)
|
|
379
|
-
else
|
|
380
|
-
"#{' ' * indent}#{k} {\n#{to_nginx_config(v, indent: indent + 2)}#{' ' * indent}}\n"
|
|
381
|
-
end
|
|
382
|
-
elsif k == :raw
|
|
383
|
-
"#{v.gsub(/^(?=.)/, ' ' * indent)}\n\n"
|
|
384
|
-
else
|
|
385
|
-
"#{' ' * indent}#{"#{repeat} " if repeat}#{k}#{" #{v}" unless v == true};\n"
|
|
386
|
-
end
|
|
387
|
-
)
|
|
388
|
-
end
|
|
389
|
-
end
|
|
390
|
-
|
|
391
|
-
##
|
|
392
|
-
# Content of the launchctl plist file.
|
|
393
|
-
#
|
|
394
|
-
def self.plist
|
|
395
|
-
super(
|
|
396
|
-
<<~EOS
|
|
397
|
-
<key>ProgramArguments</key>
|
|
398
|
-
<array>
|
|
399
|
-
<string>/usr/local/opt/nginx/bin/nginx</string>
|
|
400
|
-
<string>-g</string>
|
|
401
|
-
<string>daemon off;</string>
|
|
402
|
-
</array>
|
|
403
|
-
<key>StandardOutPath</key>
|
|
404
|
-
<string>/usr/local/var/log/nginx/access.log</string>
|
|
405
|
-
<key>StandardErrorPath</key>
|
|
406
|
-
<string>/usr/local/var/log/nginx/error.log</string>
|
|
407
|
-
EOS
|
|
408
|
-
)
|
|
409
|
-
end
|
|
410
410
|
end
|
|
411
411
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: potluck-nginx
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nate Pickens
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-01-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: potluck
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.0.
|
|
19
|
+
version: 0.0.6
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.0.
|
|
26
|
+
version: 0.0.6
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: bundler
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|