@drumee/setup-infra 1.0.19 → 1.0.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/bin/install +2 -3
  2. package/index.js +14 -8
  3. package/package.json +2 -2
  4. package/templates/etc/drumee/infrastructure/routes/private.conf.tpl +2 -0
  5. package/templates/etc/drumee/infrastructure/routes/public.conf.tpl +2 -0
  6. package/templates/etc/nginx/sites-enabled/01-public.conf.tpl +3 -1
  7. package/templates/etc/nginx/sites-enabled/02-private.conf.tpl +3 -1
  8. package/templates/etc/nginx/sites-enabled/20-jitsi.private.conf.tpl +4 -2
  9. package/templates/etc/nginx/sites-enabled/20-jitsi.public.conf.tpl +4 -2
package/bin/install CHANGED
@@ -10,7 +10,7 @@ export base=$(dirname $script_dir)
10
10
  export PUBLIC_DOMAIN=$DRUMEE_DOMAIN_NAME
11
11
 
12
12
  if [ "$PUBLIC_DOMAIN" != "" ]; then
13
- $base/bin/init-mail $DRUMEE_DOMAIN_NAME$PUBLIC_DOMAIN
13
+ $base/bin/init-mail $PUBLIC_DOMAIN
14
14
  fi
15
15
 
16
16
  # Generate all the required settings
@@ -65,11 +65,10 @@ if [ "$PRIVATE_DOMAIN" != "" ]; then
65
65
  $base/bin/create-local-certs
66
66
  fi
67
67
 
68
- if [ "$PUBLIC_DOMAIN" != "" ]; then
68
+ if [ "$PUBLIC_DOMAIN" != "" -a "$OWN_CERTS_DIR" = "" ]; then
69
69
  $base/bin/init-acme
70
70
  fi
71
71
 
72
-
73
72
  setup_dirs
74
73
 
75
74
  setup_prosody
package/index.js CHANGED
@@ -31,6 +31,7 @@ let {
31
31
  MAIL_USER,
32
32
  MAX_BODY_SIZE,
33
33
  NSUPDATE_KEY,
34
+ OWN_CERTS_DIR,
34
35
  PRIVATE_DOMAIN,
35
36
  PRIVATE_IP4,
36
37
  PRIVATE_IP6,
@@ -48,6 +49,7 @@ if (PUBLIC_DOMAIN) {
48
49
  }
49
50
 
50
51
  PRIVATE_DOMAIN = PRIVATE_DOMAIN || 'local.drumee';
52
+ if (OWN_CERTS_DIR) PRIVATE_DOMAIN = null;
51
53
  DRUMEE_HTTPS_PORT = DRUMEE_HTTPS_PORT || 443;
52
54
  DRUMEE_LOCAL_PORT = DRUMEE_LOCAL_PORT || 8443;
53
55
  DRUMEE_HTTP_PORT = DRUMEE_HTTP_PORT || 80;
@@ -256,9 +258,6 @@ function makeData(opt) {
256
258
  }
257
259
  data.chroot = Template.chroot();
258
260
  data.ca_server = data.ca_server || data.acme_ssl;
259
- if (data.own_ssl && data.certs_dir) {
260
- data.own_certs_dir = data.certs_dir;
261
- }
262
261
  for (let row of opt) {
263
262
  let [key, value, fallback] = row;
264
263
  if (!value) value = data[key] || fallback;
@@ -340,13 +339,15 @@ function getSysConfigs() {
340
339
  exit(0)
341
340
  }
342
341
  const nsupdate_key = Template.chroot('etc/bind/keys/update.key')
342
+ if (OWN_CERTS_DIR && existsSync(OWN_CERTS_DIR)) CERTS_DIR = OWN_CERTS_DIR;
343
343
  const opt = [
344
344
  ["acme_dir", ACME_DIR],
345
345
  ["acme_email_account", ACME_EMAIL_ACCOUNT, ADMIN_EMAIL],
346
- ["acme_env_file", ACME_ENV_FILE],
346
+ ["acme_env_file", ACME_ENV_FILE, ""],
347
347
  ["admin_email", ADMIN_EMAIL],
348
348
  ["backup_storage", backup_storage, ""],
349
349
  ["certs_dir", CERTS_DIR],
350
+ ["own_certs_dir", OWN_CERTS_DIR],
350
351
  ["data_dir", DRUMEE_DATA_DIR, '/data'],
351
352
  ["db_dir", DRUMEE_DB_DIR, '/srv/db'],
352
353
  ["domain_desc", DRUMEE_DESCRIPTION, 'My Drumee Box'],
@@ -391,7 +392,7 @@ function getSysConfigs() {
391
392
  configs.main_domain = data.domain;
392
393
  configs.domain_name = data.domain;
393
394
  configs.log_dir = data.log_dir;
394
-
395
+
395
396
  configs.socketPath = getSocketPath();
396
397
  let filename = Template.chroot("etc/drumee/drumee.json");
397
398
  Template.makedir(dirname(filename));
@@ -475,7 +476,7 @@ function writeInfraConf(data) {
475
476
  const postfix = join(etc, 'postfix',);
476
477
  const mariadb = join(etc, 'mysql', 'mariadb.conf.d');
477
478
  const infra = join(drumee, 'infrastructure');
478
- let { certs_dir, public_domain, private_domain, jitsi_private_domain, jits_public_domain } = data;
479
+ let { certs_dir, own_certs_dir, public_domain, private_domain, jitsi_private_domain } = data;
479
480
  let targets = [
480
481
 
481
482
  // Nginx
@@ -494,7 +495,12 @@ function writeInfraConf(data) {
494
495
  `${mariadb}/50-client.cnf`,
495
496
  `${bind}/named.conf.local`,
496
497
  ];
497
-
498
+ if (own_certs_dir) {
499
+ certs_dir = own_certs_dir;
500
+ data.certs_dir = certs_dir;
501
+ private_domain = null;
502
+ jitsi_private_domain = null;
503
+ }
498
504
  if (data.public_ip4 && public_domain) {
499
505
  targets.push(
500
506
  `${infra}/internals/accel.public.conf`,
@@ -753,7 +759,7 @@ async function getAddresses(data) {
753
759
  for (let c of b) {
754
760
  if (c == '255') {
755
761
  br.push(a[i])
756
- }else{
762
+ } else {
757
763
  br.push('255')
758
764
  }
759
765
  i++;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@drumee/setup-infra",
3
- "version": "1.0.19",
3
+ "version": "1.0.21",
4
4
  "description": "Drumee Infrastructure Setup Utilities",
5
5
  "main": "index.js",
6
6
  "scripts": {
@@ -17,7 +17,7 @@
17
17
  "author": "Somanos Sar <somanos@drumee.com>",
18
18
  "license": "AGPL V3",
19
19
  "dependencies": {
20
- "@drumee/server-essentials": "^1.1.26",
20
+ "@drumee/server-essentials": "^1.1.37",
21
21
  "argparse": "^2.0.1",
22
22
  "crypto": "^1.0.1",
23
23
  "jsonfile": "^5.0.0",
package/templates/etc/drumee/infrastructure/routes/private.conf.tpl CHANGED
@@ -52,6 +52,7 @@ location <%= location %> {
52
52
  proxy_set_header Upgrade $http_upgrade;
53
53
  proxy_set_header Connection 'upgrade';
54
54
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
55
+ proxy_set_header X-Forwarded-Proto $scheme;
55
56
  proxy_set_header X-Real-IP $remote_addr;
56
57
  proxy_set_header X-Connecting-IP $remote_addr;
57
58
  proxy_set_header Host $host;
@@ -66,6 +67,7 @@ location <%= location %> {
66
67
  proxy_set_header Upgrade $http_upgrade;
67
68
  proxy_set_header Connection 'upgrade';
68
69
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
70
+ proxy_set_header X-Forwarded-Proto $scheme;
69
71
  proxy_set_header X-Real-IP $remote_addr;
70
72
  proxy_set_header X-Connecting-IP $remote_addr;
71
73
  proxy_set_header Host $host;
package/templates/etc/drumee/infrastructure/routes/public.conf.tpl CHANGED
@@ -52,6 +52,7 @@ location <%= location %> {
52
52
  proxy_set_header Upgrade $http_upgrade;
53
53
  proxy_set_header Connection 'upgrade';
54
54
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
55
+ proxy_set_header X-Forwarded-Proto $scheme;
55
56
  proxy_set_header X-Real-IP $remote_addr;
56
57
  proxy_set_header X-Connecting-IP $remote_addr;
57
58
  proxy_set_header Host $host;
@@ -66,6 +67,7 @@ location <%= location %> {
66
67
  proxy_set_header Upgrade $http_upgrade;
67
68
  proxy_set_header Connection 'upgrade';
68
69
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
70
+ proxy_set_header X-Forwarded-Proto $scheme;
69
71
  proxy_set_header X-Real-IP $remote_addr;
70
72
  proxy_set_header X-Connecting-IP $remote_addr;
71
73
  proxy_set_header Host $host;
package/templates/etc/nginx/sites-enabled/01-public.conf.tpl CHANGED
@@ -12,6 +12,7 @@ proxy_cache_path <%= cache_dir %>/<%= public_domain %> levels=1:2 keys_zone=<%=
12
12
  server {
13
13
  listen <%= public_http_port %>;
14
14
  listen [::]:<%= public_http_port %>;
15
+ http2 on;
15
16
  server_name <%= public_domain %>;
16
17
  location / {
17
18
  return 301 https://$host$request_uri;
@@ -19,7 +20,8 @@ server {
19
20
  }
20
21
  server {
21
22
  listen <%= public_https_port %> ssl;
22
- listen [::]:<%= public_https_port %> ssl;
23
+ listen [::]:<%= public_https_port %> ssl;
24
+ http2 on;
23
25
  #
24
26
  root <%= server_dir %>;
25
27
  server_name <%= public_domain %>;
package/templates/etc/nginx/sites-enabled/02-private.conf.tpl CHANGED
@@ -12,6 +12,7 @@ proxy_cache_path <%= cache_dir %>/<%= private_domain %> levels=1:2 keys_zone=<%=
12
12
  server {
13
13
  listen <%= public_http_port %>;
14
14
  listen [::]:<%= public_http_port %>;
15
+ http2 on;
15
16
  server_name <%= private_domain %>;
16
17
  location / {
17
18
  return 301 https://$host$request_uri;
@@ -19,7 +20,8 @@ server {
19
20
  }
20
21
  server {
21
22
  listen <%= public_https_port %> ssl;
22
- listen [::]:<%= public_https_port %> ssl;
23
+ listen [::]:<%= public_https_port %> ssl;
24
+ http2 on;
23
25
  #
24
26
  root <%= server_dir %>;
25
27
  server_name <%= private_domain %>;
package/templates/etc/nginx/sites-enabled/20-jitsi.private.conf.tpl CHANGED
@@ -14,13 +14,15 @@ map $http_upgrade $connection_upgrade {
14
14
  server {
15
15
  listen <%= public_http_port %> default_server;
16
16
  listen [::]:<%= public_http_port %> default_server;
17
+ http2 on;
17
18
  server_name *.<%= jitsi_private_domain %>;
18
19
  include /etc/jitsi/meet.private.conf;
19
20
  }
20
21
 
21
22
  server {
22
- listen <%= public_https_port %> ssl http2;
23
- listen [::]:<%= public_https_port %> ssl http2;
23
+ listen <%= public_https_port %> ssl;
24
+ listen [::]:<%= public_https_port %> ssl;
25
+ http2 on;
24
26
  server_name <%= jitsi_private_domain %>;
25
27
  include /etc/jitsi/ssl.private.conf;
26
28
  include /etc/jitsi/meet.private.conf;
package/templates/etc/nginx/sites-enabled/20-jitsi.public.conf.tpl CHANGED
@@ -14,13 +14,15 @@ map $http_upgrade $connection_upgrade {
14
14
  server {
15
15
  listen <%= public_http_port %> default_server;
16
16
  listen [::]:<%= public_http_port %> default_server;
17
+ http2 on;
17
18
  server_name *.<%= jitsi_public_domain %>;
18
19
  include /etc/jitsi/meet.public.conf;
19
20
  }
20
21
 
21
22
  server {
22
- listen <%= public_https_port %> ssl http2;
23
- listen [::]:<%= public_https_port %> ssl http2;
23
+ listen <%= public_https_port %> ssl ;
24
+ listen [::]:<%= public_https_port %> ssl;
25
+ http2 on;
24
26
  server_name <%= jitsi_public_domain %>;
25
27
  include /etc/jitsi/ssl.public.conf;
26
28
  include /etc/jitsi/meet.public.conf;