@powerhousedao/ph-cli 2.5.0-dev.8 → 2.5.0-staging.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@powerhousedao/ph-cli",
3
- "version": "2.5.0-dev.8",
3
+ "version": "2.5.0-staging.0",
4
4
  "description": "",
5
5
  "license": "AGPL-3.0-only",
6
6
  "type": "module",
@@ -113,6 +113,23 @@ EOF
113
113
  echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
114
114
  echo " SSL Configuration"
115
115
  echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
116
+
117
+ # Add compression settings to nginx.conf if not exists
118
+ if ! grep -q "brotli_comp_level" /etc/nginx/nginx.conf || ! grep -q "gzip_comp_level" /etc/nginx/nginx.conf; then
119
+ echo "Adding compression settings to nginx.conf..."
120
+ # Find the http block in nginx.conf
121
+ if ! grep -q "brotli_comp_level" /etc/nginx/nginx.conf; then
122
+ sudo sed -i '/http {/a \ # Brotli compression\n brotli on;\n brotli_comp_level 6;\n brotli_types text/plain text/css application/javascript application/json image/svg+xml application/xml+rss;\n brotli_static on;' /etc/nginx/nginx.conf
123
+ fi
124
+ if ! grep -q "gzip_comp_level" /etc/nginx/nginx.conf; then
125
+ sudo sed -i '/http {/a \ # Gzip compression\n gzip on;\n gzip_vary on;\n gzip_proxied any;\n gzip_comp_level 6;\n gzip_buffers 16 8k;\n gzip_http_version 1.1;\n gzip_types text/plain text/css application/javascript application/json image/svg+xml application/xml+rss;' /etc/nginx/nginx.conf
126
+ fi
127
+ else
128
+ echo "Compression settings already present in nginx.conf"
129
+ fi
130
+
131
+
132
+
116
133
  echo "Choose SSL configuration:"
117
134
  echo "1) Let's Encrypt certificates for domains"
118
135
  echo "2) Self-signed certificate for machine hostname"
@@ -166,13 +183,14 @@ EOF
166
183
 
167
184
  # Obtain SSL certificates
168
185
  echo "Obtaining SSL certificates..."
169
- sudo certbot --nginx -d $connect_domain -d $switchboard_domain --non-interactive --agree-tos --email $admin_email --redirect
186
+ sudo certbot --nginx -d $connect_domain --non-interactive --agree-tos --email $admin_email --redirect
187
+ sudo certbot --nginx -d $switchboard_domain --non-interactive --agree-tos --email $admin_email --redirect
170
188
 
171
189
  # Wait for certbot to finish and certificates to be installed
172
190
  sleep 5
173
191
 
174
192
  # Check if certificates were installed
175
- if [ ! -f "/etc/letsencrypt/live/$connect_domain/fullchain.pem" ]; then
193
+ if [ ! -f "/etc/letsencrypt/live/$connect_domain/fullchain.pem" ] || [ ! -f "/etc/letsencrypt/live/$switchboard_domain/fullchain.pem" ]; then
176
194
  echo "Error: SSL certificates were not installed properly"
177
195
  echo "Please check the certbot logs at /var/log/letsencrypt/letsencrypt.log"
178
196
  exit 1
@@ -207,6 +225,12 @@ server {
207
225
  resolver 8.8.8.8 8.8.4.4 valid=300s;
208
226
  resolver_timeout 5s;
209
227
 
228
+ # Security headers
229
+ add_header Strict-Transport-Security "max-age=63072000" always;
230
+ add_header X-Frame-Options DENY;
231
+ add_header X-Content-Type-Options nosniff;
232
+ add_header X-XSS-Protection "1; mode=block";
233
+
210
234
  if (\$http_x_forwarded_proto = "http") {
211
235
  return 301 https://\$server_name\$request_uri;
212
236
  }
@@ -230,8 +254,8 @@ server {
230
254
  http2 on;
231
255
  server_name $switchboard_domain;
232
256
 
233
- ssl_certificate /etc/letsencrypt/live/$connect_domain/fullchain.pem;
234
- ssl_certificate_key /etc/letsencrypt/live/$connect_domain/privkey.pem;
257
+ ssl_certificate /etc/letsencrypt/live/$switchboard_domain/fullchain.pem;
258
+ ssl_certificate_key /etc/letsencrypt/live/$switchboard_domain/privkey.pem;
235
259
 
236
260
  # SSL configuration
237
261
  ssl_protocols TLSv1.2 TLSv1.3;
@@ -244,6 +268,12 @@ server {
244
268
  ssl_stapling_verify on;
245
269
  resolver 8.8.8.8 8.8.4.4 valid=300s;
246
270
  resolver_timeout 5s;
271
+
272
+ # Security headers
273
+ add_header Strict-Transport-Security "max-age=63072000" always;
274
+ add_header X-Frame-Options DENY;
275
+ add_header X-Content-Type-Options nosniff;
276
+ add_header X-XSS-Protection "1; mode=block";
247
277
 
248
278
  location / {
249
279
  proxy_pass http://localhost:4001;
@@ -339,26 +369,6 @@ EOF
339
369
  # =============================================================================
340
370
  pnpm prisma db push --schema node_modules/document-drive/dist/prisma/schema.prisma
341
371
 
342
- # Check if security headers and compression settings are already present
343
- if ! grep -q "Strict-Transport-Security" /etc/nginx/nginx.conf; then
344
- # Add global security headers and compression settings to main nginx.conf
345
- sudo tee -a /etc/nginx/nginx.conf > /dev/null << EOF
346
-
347
- # Global security headers
348
- add_header Strict-Transport-Security "max-age=63072000" always;
349
- add_header X-Frame-Options DENY;
350
- add_header X-Content-Type-Options nosniff;
351
- add_header X-XSS-Protection "1; mode=block";
352
-
353
- # Global compression settings
354
- brotli_comp_level 6;
355
- brotli_types text/plain text/css application/javascript application/json image/svg+xml application/xml+rss;
356
- brotli_static on;
357
- EOF
358
- else
359
- echo "Security headers and compression settings already present in nginx.conf"
360
- fi
361
-
362
372
  echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
363
373
  echo " Environment setup complete!"
364
374
  echo " Use 'ph service start' to start services"
@@ -1,2 +1,2 @@
1
- export declare const version = "2.5.0-dev.8";
1
+ export declare const version = "2.5.0-staging.0";
2
2
  //# sourceMappingURL=version.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":"AACA,eAAO,MAAM,OAAO,gBAAgB,CAAC"}
1
+ {"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":"AACA,eAAO,MAAM,OAAO,oBAAoB,CAAC"}
@@ -1,3 +1,3 @@
1
1
  // This file is auto-generated. DO NOT EDIT.
2
- export const version = "2.5.0-dev.8";
2
+ export const version = "2.5.0-staging.0";
3
3
  //# sourceMappingURL=version.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":"AAAA,4CAA4C;AAC5C,MAAM,CAAC,MAAM,OAAO,GAAG,aAAa,CAAC"}
1
+ {"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":"AAAA,4CAA4C;AAC5C,MAAM,CAAC,MAAM,OAAO,GAAG,iBAAiB,CAAC"}