Start9/start-os
2
0
Fork 0
mirror of https://github.com/Start9Labs/start-os.git synced 2026-04-04 14:29:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

write nginx conf that uses ssl information, add main ui config to Ngi… (#591)

Browse Source 
* write nginx conf that uses ssl information, add main ui config to Nginx init method

* fix nginx config for main service

* add ssl to ipv6 config
This commit is contained in:
Keagan McClelland
2021-10-06 14:41:56 -06:00
committed by Aiden McClelland
parent 016fb0d3f1
commit f9e0fe8fc8
2 changed files with 29 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
appmgr/src/net/nginx.rs
View File

@@ -9,6 +9,7 @@ use tokio::sync::Mutex;
use super::interface::{InterfaceId, LanPortConfig}; use super::interface::{InterfaceId, LanPortConfig};
use super::ssl::SslManager; use super::ssl::SslManager;
use crate::hostname::get_hostname;
use crate::s9pk::manifest::PackageId; use crate::s9pk::manifest::PackageId;
use crate::util::{Invoke, Port}; use crate::util::{Invoke, Port};
use crate::{Error, ErrorKind, ResultExt}; use crate::{Error, ErrorKind, ResultExt};
@@ -40,11 +41,27 @@ pub struct NginxControllerInner {
} }
impl NginxControllerInner { impl NginxControllerInner {
async fn init(nginx_root: PathBuf, db: SqlitePool) -> Result<Self, Error> { async fn init(nginx_root: PathBuf, db: SqlitePool) -> Result<Self, Error> {
Ok(NginxControllerInner { let inner = NginxControllerInner {
nginx_root, nginx_root,
interfaces: BTreeMap::new(), interfaces: BTreeMap::new(),
ssl_manager: SslManager::init(db).await?, ssl_manager: SslManager::init(db).await?,
}) };
let (key, cert) = inner
.ssl_manager
.certificate_for(&get_hostname().await?)
.await?;
let ssl_path_key = inner.nginx_root.join(format!("ssl/embassy_main.key.pem"));
let ssl_path_cert = inner.nginx_root.join(format!("ssl/embassy_main.cert.pem"));
futures::try_join!(
tokio::fs::write(&ssl_path_key, key.private_key_to_pem_pkcs8()?),
tokio::fs::write(
&ssl_path_cert,
cert.into_iter()
.flat_map(|c| c.to_pem().unwrap())
.collect::<Vec<u8>>()
)
)?;
Ok(inner)
} }
async fn add<I: IntoIterator<Item = (InterfaceId, InterfaceMetadata)>>( async fn add<I: IntoIterator<Item = (InterfaceId, InterfaceMetadata)>>(
&mut self, &mut self,

12
appmgr/src/nginx/main-ui.conf
View File

@@ -1,6 +1,8 @@
server { server {
listen 80 default_server; listen 443 ssl default_server;
listen [::]:80 default_server; listen [::]:443 ssl default_server;
ssl_certificate /etc/nginx/ssl/embassy_main.cert.pem;
ssl_certificate_key /etc/nginx/ssl/embassy_main.key.pem;
root /var/www/html/main; root /var/www/html/main;
@@ -31,4 +33,10 @@ server {
location / { location / {
try_files $uri $uri/ =404; try_files $uri $uri/ =404;
} }
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
} }