@powerhousedao/ph-cli 2.5.0-dev.5 → 2.5.0-dev.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/package.json +1 -1
  2. package/dist/scripts/setup-environment +51 -89
  3. package/dist/src/version.d.ts +1 -1
  4. package/dist/src/version.js +1 -1
  5. package/dist/tsconfig.lib.tsbuildinfo +1 -1
  6. package/package.json +9 -9
package/dist/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@powerhousedao/ph-cli",
3
- "version": "2.5.0-dev.5",
3
+ "version": "2.5.0-dev.7",
4
4
  "description": "",
5
5
  "license": "AGPL-3.0-only",
6
6
  "type": "module",
package/dist/scripts/setup-environment CHANGED
@@ -130,94 +130,47 @@ EOF
130
130
  echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
131
131
  read -p "Enter Connect domain (e.g. connect.google.com): " connect_domain
132
132
  read -p "Enter Switchboard domain (e.g. switchboard.google.com): " switchboard_domain
133
+ read -p "Enter admin email for Let's Encrypt notifications: " admin_email
133
134
 
134
135
  echo "Using domains:"
135
136
  echo "Connect: $connect_domain"
136
137
  echo "Switchboard: $switchboard_domain"
137
138
 
138
- # Generate temporary SSL certificates
139
- echo "Generating temporary SSL certificates..."
140
- sudo mkdir -p /etc/nginx/ssl
141
- sudo openssl req -x509 -nodes -days 1 -newkey rsa:2048 \
142
- -keyout /etc/nginx/ssl/temp.key \
143
- -out /etc/nginx/ssl/temp.crt \
144
- -subj "/CN=$connect_domain" \
145
- -addext "subjectAltName = DNS:$connect_domain,DNS:$switchboard_domain"
146
-
147
- # Check if Nginx configuration already exists
148
- if [ -f "/etc/nginx/sites-available/$PROJECT_NAME" ]; then
149
- echo "Nginx configuration for $PROJECT_NAME already exists"
150
- read -p "Do you want to overwrite it? (y/n): " overwrite_nginx
151
- if [ "$overwrite_nginx" != "y" ]; then
152
- echo "Keeping existing Nginx configuration"
153
- else
154
- # Create Nginx configuration for domains
155
- echo "Creating Nginx configuration..."
156
- sudo tee /etc/nginx/sites-available/$PROJECT_NAME > /dev/null << EOF
139
+ # Create initial Nginx configuration for certbot
140
+ echo "Creating initial Nginx configuration..."
141
+ sudo tee /etc/nginx/sites-available/$PROJECT_NAME > /dev/null << EOF
157
142
  server {
158
143
  listen 80;
159
144
  server_name $connect_domain $switchboard_domain;
160
- return 301 https://\$host\$request_uri;
161
- }
162
-
163
- server {
164
- listen 443 ssl;
165
- http2 on;
166
- server_name $connect_domain;
167
-
168
- ssl_certificate /etc/nginx/ssl/temp.crt;
169
- ssl_certificate_key /etc/nginx/ssl/temp.key;
170
-
171
- # SSL configuration
172
- ssl_protocols TLSv1.2 TLSv1.3;
173
- ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
174
- ssl_prefer_server_ciphers off;
175
- ssl_session_timeout 1d;
176
- ssl_session_cache shared:SSL:50m;
177
- ssl_session_tickets off;
178
- ssl_stapling on;
179
- ssl_stapling_verify on;
180
-
181
- if (\$http_x_forwarded_proto = "http") {
182
- return 301 https://\$server_name\$request_uri;
183
- }
184
145
 
185
146
  location / {
186
147
  root /var/www/html/$PROJECT_NAME;
187
148
  try_files \$uri \$uri/ /index.html;
188
- add_header Cache-Control "no-cache";
189
- add_header X-Forwarded-Proto \$scheme;
190
- add_header X-Forwarded-Host \$host;
191
- add_header X-Forwarded-Port \$server_port;
192
149
  }
193
- }
194
150
 
195
- server {
196
- listen 443 ssl;
197
- http2 on;
198
- server_name $switchboard_domain;
199
-
200
- ssl_certificate /etc/nginx/ssl/temp.crt;
201
- ssl_certificate_key /etc/nginx/ssl/temp.key;
202
-
203
- location / {
204
- proxy_pass http://localhost:4001;
205
- proxy_http_version 1.1;
206
- proxy_set_header Upgrade \$http_upgrade;
207
- proxy_set_header Connection 'upgrade';
208
- proxy_set_header Host \$host;
209
- proxy_cache_bypass \$http_upgrade;
210
- proxy_set_header X-Real-IP \$remote_addr;
211
- proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
212
- proxy_set_header X-Forwarded-Proto \$scheme;
151
+ location /.well-known/acme-challenge/ {
152
+ root /var/www/html;
213
153
  }
214
154
  }
215
155
  EOF
216
- fi
217
- else
218
- # Create Nginx configuration for domains
219
- echo "Creating Nginx configuration..."
220
- sudo tee /etc/nginx/sites-available/$PROJECT_NAME > /dev/null << EOF
156
+
157
+ # Enable the site
158
+ sudo ln -sf /etc/nginx/sites-available/$PROJECT_NAME /etc/nginx/sites-enabled/
159
+ sudo rm -f /etc/nginx/sites-enabled/default
160
+
161
+ # Test Nginx configuration
162
+ sudo nginx -t
163
+
164
+ # Restart Nginx to apply changes
165
+ sudo systemctl restart nginx
166
+
167
+ # Obtain SSL certificates
168
+ echo "Obtaining SSL certificates..."
169
+ sudo certbot --nginx -d $connect_domain -d $switchboard_domain --non-interactive --agree-tos --email $admin_email --redirect
170
+
171
+ # Update Nginx configuration with proper SSL settings
172
+ echo "Updating Nginx configuration with SSL settings..."
173
+ sudo tee /etc/nginx/sites-available/$PROJECT_NAME > /dev/null << EOF
221
174
  server {
222
175
  listen 80;
223
176
  server_name $connect_domain $switchboard_domain;
@@ -229,9 +182,6 @@ server {
229
182
  http2 on;
230
183
  server_name $connect_domain;
231
184
 
232
- ssl_certificate /etc/nginx/ssl/temp.crt;
233
- ssl_certificate_key /etc/nginx/ssl/temp.key;
234
-
235
185
  # SSL configuration
236
186
  ssl_protocols TLSv1.2 TLSv1.3;
237
187
  ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
@@ -241,6 +191,8 @@ server {
241
191
  ssl_session_tickets off;
242
192
  ssl_stapling on;
243
193
  ssl_stapling_verify on;
194
+ resolver 8.8.8.8 8.8.4.4 valid=300s;
195
+ resolver_timeout 5s;
244
196
 
245
197
  if (\$http_x_forwarded_proto = "http") {
246
198
  return 301 https://\$server_name\$request_uri;
@@ -254,6 +206,10 @@ server {
254
206
  add_header X-Forwarded-Host \$host;
255
207
  add_header X-Forwarded-Port \$server_port;
256
208
  }
209
+
210
+ location /.well-known/acme-challenge/ {
211
+ root /var/www/html;
212
+ }
257
213
  }
258
214
 
259
215
  server {
@@ -261,8 +217,17 @@ server {
261
217
  http2 on;
262
218
  server_name $switchboard_domain;
263
219
 
264
- ssl_certificate /etc/nginx/ssl/temp.crt;
265
- ssl_certificate_key /etc/nginx/ssl/temp.key;
220
+ # SSL configuration
221
+ ssl_protocols TLSv1.2 TLSv1.3;
222
+ ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
223
+ ssl_prefer_server_ciphers off;
224
+ ssl_session_timeout 1d;
225
+ ssl_session_cache shared:SSL:50m;
226
+ ssl_session_tickets off;
227
+ ssl_stapling on;
228
+ ssl_stapling_verify on;
229
+ resolver 8.8.8.8 8.8.4.4 valid=300s;
230
+ resolver_timeout 5s;
266
231
 
267
232
  location / {
268
233
  proxy_pass http://localhost:4001;
@@ -275,23 +240,20 @@ server {
275
240
  proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
276
241
  proxy_set_header X-Forwarded-Proto \$scheme;
277
242
  }
243
+
244
+ location /.well-known/acme-challenge/ {
245
+ root /var/www/html;
246
+ }
278
247
  }
279
248
  EOF
280
- fi
281
-
282
- # Enable the site
283
- sudo ln -sf /etc/nginx/sites-available/$PROJECT_NAME /etc/nginx/sites-enabled/
284
- sudo rm -f /etc/nginx/sites-enabled/default
285
249
 
286
- # Test Nginx configuration
287
- sudo nginx -t
288
-
289
- # Obtain SSL certificates
290
- echo "Obtaining SSL certificates..."
291
- sudo certbot --nginx -d $connect_domain -d $switchboard_domain --non-interactive --agree-tos --email admin@$connect_domain
250
+ # Test and reload Nginx configuration
251
+ sudo nginx -t && sudo systemctl reload nginx
292
252
 
293
- # Remove temporary certificates
294
- sudo rm -f /etc/nginx/ssl/temp.*
253
+ # Set up automatic renewal
254
+ echo "Setting up automatic certificate renewal..."
255
+ sudo systemctl enable certbot.timer
256
+ sudo systemctl start certbot.timer
295
257
 
296
258
  else
297
259
  # Get machine hostname
package/dist/src/version.d.ts CHANGED
@@ -1,2 +1,2 @@
1
- export declare const version = "2.5.0-dev.5";
1
+ export declare const version = "2.5.0-dev.7";
2
2
  //# sourceMappingURL=version.d.ts.map
package/dist/src/version.js CHANGED
@@ -1,3 +1,3 @@
1
1
  // This file is auto-generated. DO NOT EDIT.
2
- export const version = "2.5.0-dev.5";
2
+ export const version = "2.5.0-dev.7";
3
3
  //# sourceMappingURL=version.js.map