npm - @aaricchen1991/n2-cli - Versions diffs - 1.0.0 - Mend

@aaricchen1991/n2-cli 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (92) hide show

package/README.md +92 -0
package/assets/deploy/deploy.sh +172 -0
package/assets/deploy/domains.yaml +18 -0
package/assets/deploy/lib/common.sh +62 -0
package/assets/deploy/nginx/n2.conf +162 -0
package/assets/deploy/server-setup.sh +285 -0
package/assets/deploy/ssl/README.md +320 -0
package/assets/deploy/ssl/check-and-setup-ssl.sh +222 -0
package/assets/deploy/ssl/domains.txt +3 -0
package/assets/deploy/ssl/renew-ssl.sh +236 -0
package/assets/deploy/ssl/setup-ssl.sh +474 -0
package/dist/cli.d.ts +7 -0
package/dist/cli.d.ts.map +1 -0
package/dist/cli.js +186 -0
package/dist/cli.js.map +1 -0
package/dist/commands/config.d.ts +29 -0
package/dist/commands/config.d.ts.map +1 -0
package/dist/commands/config.js +134 -0
package/dist/commands/config.js.map +1 -0
package/dist/commands/config.test.d.ts +2 -0
package/dist/commands/config.test.d.ts.map +1 -0
package/dist/commands/config.test.js +215 -0
package/dist/commands/config.test.js.map +1 -0
package/dist/commands/init.d.ts +10 -0
package/dist/commands/init.d.ts.map +1 -0
package/dist/commands/init.js +106 -0
package/dist/commands/init.js.map +1 -0
package/dist/commands/init.test.d.ts +2 -0
package/dist/commands/init.test.d.ts.map +1 -0
package/dist/commands/init.test.js +70 -0
package/dist/commands/init.test.js.map +1 -0
package/dist/commands/nginx.d.ts +10 -0
package/dist/commands/nginx.d.ts.map +1 -0
package/dist/commands/nginx.js +72 -0
package/dist/commands/nginx.js.map +1 -0
package/dist/commands/nginx.test.d.ts +2 -0
package/dist/commands/nginx.test.d.ts.map +1 -0
package/dist/commands/nginx.test.js +75 -0
package/dist/commands/nginx.test.js.map +1 -0
package/dist/commands/ssl-logs.d.ts +17 -0
package/dist/commands/ssl-logs.d.ts.map +1 -0
package/dist/commands/ssl-logs.js +55 -0
package/dist/commands/ssl-logs.js.map +1 -0
package/dist/commands/ssl-logs.test.d.ts +2 -0
package/dist/commands/ssl-logs.test.d.ts.map +1 -0
package/dist/commands/ssl-logs.test.js +54 -0
package/dist/commands/ssl-logs.test.js.map +1 -0
package/dist/commands/ssl.d.ts +16 -0
package/dist/commands/ssl.d.ts.map +1 -0
package/dist/commands/ssl.js +105 -0
package/dist/commands/ssl.js.map +1 -0
package/dist/commands/ssl.test.d.ts +2 -0
package/dist/commands/ssl.test.d.ts.map +1 -0
package/dist/commands/ssl.test.js +95 -0
package/dist/commands/ssl.test.js.map +1 -0
package/dist/lib/config-store.d.ts +14 -0
package/dist/lib/config-store.d.ts.map +1 -0
package/dist/lib/config-store.js +111 -0
package/dist/lib/config-store.js.map +1 -0
package/dist/lib/config-store.test.d.ts +2 -0
package/dist/lib/config-store.test.d.ts.map +1 -0
package/dist/lib/config-store.test.js +173 -0
package/dist/lib/config-store.test.js.map +1 -0
package/dist/lib/domains.d.ts +37 -0
package/dist/lib/domains.d.ts.map +1 -0
package/dist/lib/domains.js +134 -0
package/dist/lib/domains.js.map +1 -0
package/dist/lib/domains.test.d.ts +2 -0
package/dist/lib/domains.test.d.ts.map +1 -0
package/dist/lib/domains.test.js +141 -0
package/dist/lib/domains.test.js.map +1 -0
package/dist/lib/logger.d.ts +19 -0
package/dist/lib/logger.d.ts.map +1 -0
package/dist/lib/logger.js +58 -0
package/dist/lib/logger.js.map +1 -0
package/dist/lib/nginx.d.ts +7 -0
package/dist/lib/nginx.d.ts.map +1 -0
package/dist/lib/nginx.js +86 -0
package/dist/lib/nginx.js.map +1 -0
package/dist/lib/nginx.test.d.ts +2 -0
package/dist/lib/nginx.test.d.ts.map +1 -0
package/dist/lib/nginx.test.js +46 -0
package/dist/lib/nginx.test.js.map +1 -0
package/dist/lib/paths.d.ts +13 -0
package/dist/lib/paths.d.ts.map +1 -0
package/dist/lib/paths.js +36 -0
package/dist/lib/paths.js.map +1 -0
package/dist/lib/paths.test.d.ts +2 -0
package/dist/lib/paths.test.d.ts.map +1 -0
package/dist/lib/paths.test.js +52 -0
package/dist/lib/paths.test.js.map +1 -0
package/package.json +34 -0

package/README.md ADDED Viewed

@@ -0,0 +1,92 @@
+# @n2-devops/cli
+服务器部署与运维 CLI（命令 `n2`）：服务器初始化、Nginx 配置生成、SSL 证书申请/续期及日志查看。设计为在**部署服务器上**执行（或从本机指定配置生成文件）。
+本包位于 monorepo 的 `packages/cli`，根目录说明见 [README](../../README.md)。
+## 功能概览
+| 命令 / 子命令 | 说明                                                                                 |
+| ------------- | ------------------------------------------------------------------------------------ |
+| `config`      | 配置管理：初始化、查看、设置、删除配置项（见下方「配置管理」）。                     |
+| `init`        | 服务器初始化（幂等）：安装 Nginx、创建目录、安装 `deploy.sh`、占位证书。可重复执行。 |
+| `nginx`       | 根据域名配置文件生成 Nginx 配置；可选安装到系统并 reload。                           |
+| `ssl`         | 为配置中的全部域名申请/续期 SSL 证书（acme.sh + 阿里云 DNS），并写入统一日志。       |
+| `ssl-logs`    | 查看 SSL 操作日志（创建、续期、成功、失败），支持行数、跟随、按动作/结果过滤。       |
+## 安装与使用
+### 在 monorepo 内
+```bash
+# 根目录
+pnpm install
+pnpm run build
+pnpm run dev:cli -- <command> [options]
+```
+或进入本包：
+```bash
+cd packages/cli
+pnpm install
+pnpm run build
+pnpm run cli -- <command> [options]
+```
+默认从 **~/.deploy/config.yaml** 读取配置，也可通过 `-c, --config` 指定路径。
+### 发布为 npm 包后
+```bash
+npx @n2-devops/cli --help
+npm install -g @n2-devops/cli
+n2 --help
+```
+发布步骤见 [docs/publishing.md](../../docs/publishing.md)。
+## 配置文件
+默认 **~/.deploy/config.yaml**，格式与包内 `assets/deploy/domains.yaml` 兼容。
+**示例：**
+```yaml
+aliyun_access_key_id: "your_key"
+aliyun_access_key_secret: "your_secret"
+api:
+  backend_port: 3000
+admin:
+  domains:
+    - n2-admin.example.com
+tenant:
+  domains:
+    - n2-tenant.example.com
+client:
+  domains:
+    - n2-client.example.com
+```
+### 配置管理（config）
+| 子命令 | 说明 |
+| ------ | ---- |
+| `config init` | 初始化配置文件，`-f` 覆盖已存在 |
+| `config list` | 列出所有配置项 |
+| `config get [key]` | 查看配置项 |
+| `config set <key> [values...]` | 设置配置项 |
+| `config delete <key>` | 删除/清空配置项 |
+## 命令速览
+- **init**：`n2 init [-c config] [--scripts-dir path]` — 服务器初始化
+- **nginx**：`n2 nginx [-c config] [-o output] [-i install]` — 生成/安装 Nginx 配置
+- **ssl**：`n2 ssl [-c config] [--ali-key] [--ali-secret] [--log-file] [--scripts-dir]` — SSL 申请/续期
+- **ssl-logs**：`n2 ssl-logs [--log-file] [-n lines] [-f follow] [--action] [--result]` — 查看 SSL 日志
+环境变量：`N2_DEPLOY_SCRIPTS_DIR`、`ALIYUN_ACCESS_KEY_ID`、`ALIYUN_ACCESS_KEY_SECRET` 等见根目录 [README](../../README.md) 与 [docs/development-testing.md](../../docs/development-testing.md)。

package/assets/deploy/deploy.sh ADDED Viewed

@@ -0,0 +1,172 @@
+#!/bin/bash
+# 通用部署脚本
+# 使用方法: deploy.sh <app_name> [version]
+# 示例: deploy.sh tools fcba3e21
+#       deploy.sh website 20240101
+set -e
+APP_NAME=${1}
+VERSION=${2:-$(date +%Y%m%d%H%M%S)}
+if [ -z "$APP_NAME" ]; then
+    echo "错误: 请指定应用名称 (admin, tenant, client, tools, website)" >&2
+    echo "使用方法: $0 <app_name> [version]" >&2
+    exit 1
+fi
+DEPLOY_DIR="/var/www/${APP_NAME}"
+BACKUP_DIR="/var/www/backups/${APP_NAME}"
+TEMP_DIR="/tmp/deploy-${APP_NAME}"
+ARCHIVE_FILE="${TEMP_DIR}/${APP_NAME}-dist.tar.gz"
+NEW_DEPLOY_DIR="${DEPLOY_DIR}-new"
+OLD_DEPLOY_DIR="${DEPLOY_DIR}-old"
+# 颜色输出
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+log() {
+    echo -e "${GREEN}[$(date +'%Y-%m-%d %H:%M:%S')]${NC} $1"
+}
+error() {
+    echo -e "${RED}[ERROR]${NC} $1" >&2
+}
+warning() {
+    echo -e "${YELLOW}[WARNING]${NC} $1"
+}
+# 检测 Nginx 用户组
+detect_nginx_user() {
+    # 优先检测 nginx 用户（Alibaba Cloud Linux 3 / CentOS/RHEL）
+    if id nginx >/dev/null 2>&1; then
+        NGINX_USER="nginx"
+        NGINX_GROUP="nginx"
+    # 其次检测 www-data 用户（Ubuntu/Debian）
+    elif id www-data >/dev/null 2>&1; then
+        NGINX_USER="www-data"
+        NGINX_GROUP="www-data"
+    else
+        # 默认使用 nginx（Alibaba Cloud Linux 3 兼容）
+        warning "无法检测 Nginx 用户，使用默认值: nginx"
+        NGINX_USER="nginx"
+        NGINX_GROUP="nginx"
+    fi
+}
+# 检测 Nginx 用户组
+detect_nginx_user
+# 检查归档文件是否存在
+if [ ! -f "$ARCHIVE_FILE" ]; then
+    error "归档文件不存在: $ARCHIVE_FILE"
+    exit 1
+fi
+log "开始部署 ${APP_NAME} (版本: ${VERSION})"
+# 创建必要的目录
+mkdir -p "$DEPLOY_DIR" "$BACKUP_DIR" "$TEMP_DIR"
+# 解压到临时目录
+log "解压部署包..."
+rm -rf "$NEW_DEPLOY_DIR"
+mkdir -p "$NEW_DEPLOY_DIR"
+tar -xzf "$ARCHIVE_FILE" -C "$NEW_DEPLOY_DIR"
+# 验证部署文件
+if [ ! -f "$NEW_DEPLOY_DIR/index.html" ]; then
+    error "部署文件验证失败: index.html 不存在"
+    rm -rf "$NEW_DEPLOY_DIR"
+    exit 1
+fi
+# 备份当前版本（如果存在）
+if [ -d "$DEPLOY_DIR" ] && [ "$(ls -A $DEPLOY_DIR)" ]; then
+    log "备份当前版本..."
+    BACKUP_FILE="${BACKUP_DIR}/backup-${VERSION}-$(date +%Y%m%d%H%M%S).tar.gz"
+    tar -czf "$BACKUP_FILE" -C "$DEPLOY_DIR" .
+    log "备份完成: $BACKUP_FILE"
+    # 保留最近 5 个备份
+    ls -t "$BACKUP_DIR"/*.tar.gz 2>/dev/null | tail -n +6 | xargs rm -f 2>/dev/null || true
+fi
+# 原子性切换：先移动到 old，再移动 new 到正式目录
+log "执行原子性切换..."
+if [ -d "$DEPLOY_DIR" ]; then
+    rm -rf "$OLD_DEPLOY_DIR"
+    mv "$DEPLOY_DIR" "$OLD_DEPLOY_DIR"
+fi
+mv "$NEW_DEPLOY_DIR" "$DEPLOY_DIR"
+# 设置正确的权限
+log "设置文件权限 (用户组: ${NGINX_USER}:${NGINX_GROUP})..."
+chown -R ${NGINX_USER}:${NGINX_GROUP} "$DEPLOY_DIR"
+chmod -R 755 "$DEPLOY_DIR"
+# 清理旧版本
+if [ -d "$OLD_DEPLOY_DIR" ]; then
+    log "清理旧版本..."
+    rm -rf "$OLD_DEPLOY_DIR"
+fi
+# 清理临时文件
+rm -f "$ARCHIVE_FILE"
+# 重新加载 Nginx（不重启，避免影响其他服务）
+log "重新加载 Nginx 配置..."
+# 优先使用 systemctl（更稳健，处理 PID 文件问题）
+if command -v systemctl >/dev/null 2>&1 && systemctl is-active --quiet nginx 2>/dev/null; then
+    # Nginx 正在运行，使用 systemctl reload
+    if systemctl reload nginx >/dev/null 2>&1; then
+        log "Nginx 重新加载成功"
+    else
+        warning "Nginx 重新加载失败，但部署已完成"
+    fi
+elif command -v systemctl >/dev/null 2>&1; then
+    # Nginx 未运行，尝试启动
+    if systemctl start nginx >/dev/null 2>&1; then
+        log "Nginx 启动成功"
+    else
+        warning "Nginx 启动失败，但部署已完成"
+    fi
+else
+    # 回退到直接使用 nginx 命令
+    NGINX_CMD=$(command -v nginx || echo "/usr/sbin/nginx")
+    if [ -x "$NGINX_CMD" ]; then
+        # 先测试配置
+        if $NGINX_CMD -t >/dev/null 2>&1; then
+            # 检查 nginx 是否在运行
+            if pgrep -x nginx >/dev/null 2>&1; then
+                # 如果运行，尝试重载
+                if $NGINX_CMD -s reload >/dev/null 2>&1; then
+                    log "Nginx 重新加载成功"
+                else
+                    warning "Nginx 重新加载失败，但部署已完成"
+                fi
+            else
+                # 如果未运行，尝试启动
+                if $NGINX_CMD >/dev/null 2>&1; then
+                    log "Nginx 启动成功"
+                else
+                    warning "Nginx 启动失败，但部署已完成"
+                fi
+            fi
+        else
+            error "Nginx 配置测试失败"
+            exit 1
+        fi
+    else
+        warning "无法找到 nginx 命令，跳过 Nginx 重载"
+    fi
+fi
+log "部署完成: ${APP_NAME} (版本: ${VERSION})"
+log "部署目录: $DEPLOY_DIR"

package/assets/deploy/domains.yaml ADDED Viewed

@@ -0,0 +1,18 @@
+# N2 端口与域名映射（唯一数据源）
+# 用于生成 nginx n2.conf 与 SSL 域名列表（domains.txt）
+# 后端与前端同域：各应用域名下 /api 代理到后端，不再为 API 单独配置域名与 SSL
+api:
+  backend_port: 3000
+admin:
+  domains:
+    - n2-admin.cdqxtech.com
+tenant:
+  domains:
+    - n2-tenant.cdqxtech.com
+client:
+  domains:
+    - n2-client.cdqxtech.com

package/assets/deploy/lib/common.sh ADDED Viewed

@@ -0,0 +1,62 @@
+# 部署脚本公共函数与变量
+# 被 server-setup / ssl 脚本通过 source 引入
+# 使用前需设置 SCRIPT_DIR 或通过 get_domains_file 查找 domains.txt
+# 颜色输出
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m'
+log() {
+    echo -e "${GREEN}[$(date +'%Y-%m-%d %H:%M:%S')]${NC} $1"
+}
+error() {
+    echo -e "${RED}[ERROR]${NC} $1" >&2
+}
+warning() {
+    echo -e "${YELLOW}[WARNING]${NC} $1"
+}
+# 解析域名列表文件路径（domains.txt，与 domains.yaml 生成结果一致）
+# 优先使用环境变量 DOMAINS_FILE，否则按部署位置查找
+get_domains_file() {
+    if [ -n "$DOMAINS_FILE" ] && [ -f "$DOMAINS_FILE" ]; then
+        echo "$DOMAINS_FILE"
+        return 0
+    fi
+    if [ -f "/opt/ssl/domains.txt" ]; then
+        echo "/opt/ssl/domains.txt"
+        return 0
+    fi
+    if [ -f "/tmp/server-init/ssl/domains.txt" ]; then
+        echo "/tmp/server-init/ssl/domains.txt"
+        return 0
+    fi
+    local script_dir
+    # 当前执行的脚本（可能是 check-and-setup-ssl.sh 或 renew-ssl.sh）所在目录
+    script_dir="$(cd "$(dirname "${BASH_SOURCE[0]:-$0}")" 2>/dev/null && pwd)"
+    if [ -n "$script_dir" ] && [ -f "${script_dir}/domains.txt" ]; then
+        echo "${script_dir}/domains.txt"
+        return 0
+    fi
+    if [ -n "$script_dir" ] && [ -f "${script_dir}/../ssl/domains.txt" ]; then
+        echo "${script_dir}/../ssl/domains.txt"
+        return 0
+    fi
+    return 1
+}
+# 输出域名列表（每行一个），跳过空行与注释
+read_domains_list() {
+    local f
+    f=$(get_domains_file) || return 1
+    while IFS= read -r line || [ -n "$line" ]; do
+        line=$(echo "$line" | tr -d '\r')
+        [ -z "$line" ] && continue
+        echo "$line" | grep -q '^#' && continue
+        echo "$line"
+    done < "$f"
+}

package/assets/deploy/nginx/n2.conf ADDED Viewed

@@ -0,0 +1,162 @@
+# HTTPS - admin (n2-admin.cdqxtech.com)，/api 代理到后端
+server {
+    listen 443 ssl http2;
+    server_name n2-admin.cdqxtech.com;
+    root /var/www/admin;
+    index index.html;
+    ssl_certificate /etc/nginx/ssl/n2-admin.cdqxtech.com.crt;
+    ssl_certificate_key /etc/nginx/ssl/n2-admin.cdqxtech.com.key;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+    access_log /var/log/nginx/admin-access.log;
+    error_log /var/log/nginx/admin-error.log;
+    # 后端接口：优先匹配 /api，与前端同域
+    location /api {
+        proxy_pass http://127.0.0.1:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+    gzip on;
+    gzip_vary on;
+    gzip_min_length 1024;
+    gzip_types text/plain text/css text/xml text/javascript application/javascript application/xml+rss application/json;
+    location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot|mp3)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+        access_log off;
+    }
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+}
+# HTTPS - tenant (n2-tenant.cdqxtech.com)，/api 代理到后端
+server {
+    listen 443 ssl http2;
+    server_name n2-tenant.cdqxtech.com;
+    root /var/www/tenant;
+    index index.html;
+    ssl_certificate /etc/nginx/ssl/n2-tenant.cdqxtech.com.crt;
+    ssl_certificate_key /etc/nginx/ssl/n2-tenant.cdqxtech.com.key;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+    access_log /var/log/nginx/tenant-access.log;
+    error_log /var/log/nginx/tenant-error.log;
+    # 后端接口：优先匹配 /api，与前端同域
+    location /api {
+        proxy_pass http://127.0.0.1:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+    gzip on;
+    gzip_vary on;
+    gzip_min_length 1024;
+    gzip_types text/plain text/css text/xml text/javascript application/javascript application/xml+rss application/json;
+    location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot|mp3)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+        access_log off;
+    }
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+}
+# HTTPS - client (n2-client.cdqxtech.com)，/api 代理到后端
+server {
+    listen 443 ssl http2;
+    server_name n2-client.cdqxtech.com;
+    root /var/www/client;
+    index index.html;
+    ssl_certificate /etc/nginx/ssl/n2-client.cdqxtech.com.crt;
+    ssl_certificate_key /etc/nginx/ssl/n2-client.cdqxtech.com.key;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+    access_log /var/log/nginx/client-access.log;
+    error_log /var/log/nginx/client-error.log;
+    # 后端接口：优先匹配 /api，与前端同域
+    location /api {
+        proxy_pass http://127.0.0.1:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+    gzip on;
+    gzip_vary on;
+    gzip_min_length 1024;
+    gzip_types text/plain text/css text/xml text/javascript application/javascript application/xml+rss application/json;
+    location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot|mp3)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+        access_log off;
+    }
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+}
+# HTTP to HTTPS redirect
+server {
+    listen 80;
+    server_name n2-admin.cdqxtech.com n2-tenant.cdqxtech.com n2-client.cdqxtech.com;
+    return 301 https://$host$request_uri;
+}