reverseProxy: refactor filename logic
This commit is contained in:
Girish Ramakrishnan
@@ -463,6 +463,24 @@ async function writeDashboardConfig(domainObject) {
|
||||
await writeDashboardNginxConfig(dashboardFqdn, bundle);
|
||||
}
|
||||
|
||||
function getNginxConfigFilename(app, fqdn, type) {
|
||||
assert.strictEqual(typeof app, 'object');
|
||||
assert.strictEqual(typeof fqdn, 'string');
|
||||
assert.strictEqual(typeof type, 'string');
|
||||
|
||||
let nginxConfigFilenameSuffix = '';
|
||||
|
||||
if (type === apps.SUBDOMAIN_TYPE_ALIAS) {
|
||||
nginxConfigFilenameSuffix = `-alias-${fqdn.replace('*', '_')}`;
|
||||
} else if (type === apps.SUBDOMAIN_TYPE_SECONDARY) {
|
||||
nginxConfigFilenameSuffix = `-secondary-${fqdn}`;
|
||||
} else if (type === apps.SUBDOMAIN_TYPE_REDIRECT) {
|
||||
nginxConfigFilenameSuffix = `-redirect-${fqdn}`;
|
||||
}
|
||||
|
||||
return path.join(paths.NGINX_APPCONFIG_DIR, `${app.id}${nginxConfigFilenameSuffix}.conf`);
|
||||
}
|
||||
|
||||
async function writeAppNginxConfig(app, fqdn, type, bundle) {
|
||||
assert.strictEqual(typeof app, 'object');
|
||||
assert.strictEqual(typeof fqdn, 'string');
|
||||
@@ -486,7 +504,6 @@ async function writeAppNginxConfig(app, fqdn, type, bundle) {
|
||||
ocsp: await isOcspEnabled(bundle.certFilePath)
|
||||
};
|
||||
|
||||
let nginxConfigFilenameSuffix = '';
|
||||
if (type === apps.SUBDOMAIN_TYPE_PRIMARY || type === apps.SUBDOMAIN_TYPE_ALIAS || type === apps.SUBDOMAIN_TYPE_SECONDARY) {
|
||||
data.endpoint = 'app';
|
||||
// maybe these should become per domain at some point
|
||||
@@ -498,7 +515,6 @@ async function writeAppNginxConfig(app, fqdn, type, bundle) {
|
||||
if (reverseProxyConfig.csp.includes('frame-ancestors ')) data.hideHeaders.push('X-Frame-Options');
|
||||
}
|
||||
if (type === apps.SUBDOMAIN_TYPE_PRIMARY) {
|
||||
nginxConfigFilenameSuffix = '';
|
||||
data.proxyAuth = {
|
||||
enabled: app.sso && app.manifest.addons && app.manifest.addons.proxyAuth,
|
||||
id: app.id,
|
||||
@@ -507,26 +523,20 @@ async function writeAppNginxConfig(app, fqdn, type, bundle) {
|
||||
data.ip = app.containerIp;
|
||||
data.port = app.manifest.httpPort;
|
||||
} else if (type === apps.SUBDOMAIN_TYPE_SECONDARY) {
|
||||
nginxConfigFilenameSuffix = `-secondary-${fqdn}`;
|
||||
data.ip = app.containerIp;
|
||||
const secondaryDomain = app.secondaryDomains.find(sd => sd.fqdn === fqdn);
|
||||
data.port = app.manifest.httpPorts[secondaryDomain.environmentVariable].containerPort;
|
||||
} else if (type === apps.SUBDOMAIN_TYPE_ALIAS) {
|
||||
nginxConfigFilenameSuffix = `-alias-${fqdn.replace('*', '_')}`;
|
||||
}
|
||||
} else if (type === apps.SUBDOMAIN_TYPE_REDIRECT) {
|
||||
data.proxyAuth = { enabled: false, id: app.id, location: nginxLocation('/') };
|
||||
data.endpoint = 'redirect';
|
||||
data.redirectTo = app.fqdn;
|
||||
nginxConfigFilenameSuffix = `-redirect-${fqdn}`;
|
||||
}
|
||||
|
||||
const nginxConf = ejs.render(NGINX_APPCONFIG_EJS, data);
|
||||
|
||||
const nginxConfigFilename = path.join(paths.NGINX_APPCONFIG_DIR, `${app.id}${nginxConfigFilenameSuffix}.conf`);
|
||||
debug(`writeAppNginxConfig: writing config for "${fqdn}" to ${nginxConfigFilename} with options ${JSON.stringify(data)}`);
|
||||
|
||||
if (!safe.fs.writeFileSync(nginxConfigFilename, nginxConf)) {
|
||||
const filename = getNginxConfigFilename(app, fqdn, type);
|
||||
debug(`writeAppNginxConfig: writing config for "${fqdn}" to ${filename} with options ${JSON.stringify(data)}`);
|
||||
if (!safe.fs.writeFileSync(filename, nginxConf)) {
|
||||
debug(`Error creating nginx config for "${app.fqdn}" : ${safe.error.message}`);
|
||||
throw new BoxError(BoxError.FS_ERROR, safe.error);
|
||||
}
|
||||
@@ -540,7 +550,7 @@ async function writeAppConfig(app) {
|
||||
const appDomains = [{ domain: app.domain, fqdn: app.fqdn, type: apps.SUBDOMAIN_TYPE_PRIMARY }]
|
||||
.concat(app.secondaryDomains.map(sd => { return { domain: sd.domain, fqdn: sd.fqdn, type: apps.SUBDOMAIN_TYPE_SECONDARY }; }))
|
||||
.concat(app.redirectDomains.map(rd => { return { domain: rd.domain, fqdn: rd.fqdn, type: apps.SUBDOMAIN_TYPE_REDIRECT }; }))
|
||||
.concat(app.aliasDomains.map(ad => { return { domain: ad.domain, fqdn: ad.fqdn, type: apps.SUBDOMAIN_TYPE_REDIRECT }; }));
|
||||
.concat(app.aliasDomains.map(ad => { return { domain: ad.domain, fqdn: ad.fqdn, type: apps.SUBDOMAIN_TYPE_ALIAS }; }));
|
||||
|
||||
for (const appDomain of appDomains) {
|
||||
const bundle = await getCertificatePath(appDomain.fqdn, appDomain.domain);
|
||||
@@ -598,22 +608,10 @@ async function renewCerts(options, auditSource, progressCallback) {
|
||||
for (const app of allApps) {
|
||||
if (app.runState === apps.RSTATE_STOPPED) continue; // do not renew certs of stopped apps
|
||||
|
||||
appDomains.push({ domain: app.domain, fqdn: app.fqdn, type: apps.SUBDOMAIN_TYPE_PRIMARY, app: app, nginxConfigFilename: path.join(paths.NGINX_APPCONFIG_DIR, app.id + '.conf') });
|
||||
|
||||
app.secondaryDomains.forEach(function (secondaryDomain) {
|
||||
const nginxConfigFilename = path.join(paths.NGINX_APPCONFIG_DIR, `${app.id}-secondary-${secondaryDomain.fqdn}.conf`);
|
||||
appDomains.push({ domain: secondaryDomain.domain, fqdn: secondaryDomain.fqdn, type: apps.SUBDOMAIN_TYPE_SECONDARY, app: app, nginxConfigFilename });
|
||||
});
|
||||
|
||||
app.redirectDomains.forEach(function (redirectDomain) {
|
||||
const nginxConfigFilename = path.join(paths.NGINX_APPCONFIG_DIR, `${app.id}-redirect-${redirectDomain.fqdn}.conf`);
|
||||
appDomains.push({ domain: redirectDomain.domain, fqdn: redirectDomain.fqdn, type: apps.SUBDOMAIN_TYPE_REDIRECT, app: app, nginxConfigFilename });
|
||||
});
|
||||
|
||||
app.aliasDomains.forEach(function (aliasDomain) {
|
||||
const nginxConfigFilename = path.join(paths.NGINX_APPCONFIG_DIR, `${app.id}-alias-${aliasDomain.fqdn.replace('*', '_')}.conf`);
|
||||
appDomains.push({ domain: aliasDomain.domain, fqdn: aliasDomain.fqdn, type: apps.SUBDOMAIN_TYPE_ALIAS, app: app, nginxConfigFilename });
|
||||
});
|
||||
appDomains = appDomains.concat([{ domain: app.domain, fqdn: app.fqdn, type: apps.SUBDOMAIN_TYPE_PRIMARY }])
|
||||
.concat(app.secondaryDomains.map(sd => { return { domain: sd.domain, fqdn: sd.fqdn, type: apps.SUBDOMAIN_TYPE_SECONDARY, nginxConfigFilename: getNginxConfigFilename(app, sd.fqdn, apps.SUBDOMAIN_TYPE_SECONDARY) }; }))
|
||||
.concat(app.redirectDomains.map(rd => { return { domain: rd.domain, fqdn: rd.fqdn, type: apps.SUBDOMAIN_TYPE_REDIRECT, nginxConfigFilename: getNginxConfigFilename(app, rd.fqdn, apps.SUBDOMAIN_TYPE_REDIRECT) }; }))
|
||||
.concat(app.aliasDomains.map(ad => { return { domain: ad.domain, fqdn: ad.fqdn, type: apps.SUBDOMAIN_TYPE_ALIAS, nginxConfigFilename: getNginxConfigFilename(app, ad.fqdn, apps.SUBDOMAIN_TYPE_ALIAS) }; }));
|
||||
}
|
||||
|
||||
if (options.domain) appDomains = appDomains.filter(function (appDomain) { return appDomain.domain === options.domain; });
|
||||
|
||||
Reference in New Issue
Block a user