diff --git a/bouncer/Dockerfile b/bouncer/Dockerfile
index 0339ccb..dbb6cdc 100644
--- a/bouncer/Dockerfile
+++ b/bouncer/Dockerfile
@@ -44,22 +44,21 @@ COPY bouncer.runit /etc/service/bouncer/run
COPY logs-nginx-access.runit /etc/service/logs-nginx-access/run
COPY logs-nginx-error.runit /etc/service/logs-nginx-error/run
RUN chmod +x /etc/service/*/run
-COPY NginxDefault /etc/nginx/sites-enabled/default
-COPY NginxSSL /etc/nginx/sites-enabled/default-ssl
+COPY NginxDefault /etc/nginx/sites-enabled/default.conf
COPY Nginx-tweak.conf /etc/nginx/conf.d/tweak.conf
COPY NginxTemplate.twig /app/
# Disable daemonising in nginx
-RUN sed -i '1s;^;daemon off\;\n;' /etc/nginx/nginx.conf
-RUN sed -i 's|include /etc/nginx/sites-enabled/*|include /etc/nginx/sites-enabled/*.conf|g' /etc/nginx/nginx.conf
+RUN sed -i '1s;^;daemon off\;\n;' /etc/nginx/nginx.conf && \
+ sed -i 's|include /etc/nginx/sites-enabled/*|include /etc/nginx/sites-enabled/*.conf|g' /etc/nginx/nginx.conf && \
+ rm /etc/nginx/sites-enabled/default && \
+ rm -R /etc/nginx/sites-available
COPY bouncer /app
COPY vendor /app/vendor
COPY composer.* /app/
COPY public /app/public
RUN composer install && \
chmod +x /app/bouncer && \
- mkdir -p /var/log/bouncer && \
- rm /etc/nginx/sites-enabled/default && \
- cp /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
+ mkdir -p /var/log/bouncer
FROM benzine/php:nginx-8.1 as test-app-a
COPY ./test/public-web-a /app/public
diff --git a/bouncer/NginxDefault b/bouncer/NginxDefault
index 20e28f6..7bbe9ab 100644
--- a/bouncer/NginxDefault
+++ b/bouncer/NginxDefault
@@ -1,19 +1,23 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
-
+ listen 443 default_server ssl;
+ listen [::]:443 default_server ssl;
client_max_body_size 1024M;
root /app/public;
- server_name _;
-
index index.html index.htm;
+ ssl_certificate /certs/example.crt;
+ ssl_certificate_key /certs/example.key;
+ # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ # ssl_ciphers HIGH:!aNULL:!MD5;
+
location / {
- # First attempt to serve request as file, then
- # as directory, then fall back to displaying a 404.
- #try_files $uri $uri/;
+ # First attempt to serve request as file, then
+ # as directory, then fall back to displaying a 404.
+ try_files $uri $uri/ =404;
}
# deny access to .htaccess files, if Apache's document root
diff --git a/bouncer/NginxSSL b/bouncer/NginxSSL
deleted file mode 100644
index 78ffa19..0000000
--- a/bouncer/NginxSSL
+++ /dev/null
@@ -1,30 +0,0 @@
-server {
- listen 443 ssl;
- listen [::]:443 ssl;
-
- client_max_body_size 1024M;
-
- root /app/public;
-
- server_name _;
-
- index index.html index.htm;
-
- ssl_certificate /certs/example.crt;
- ssl_certificate_key /certs/example.key;
- # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
- # ssl_ciphers HIGH:!aNULL:!MD5;
-
- location / {
- # First attempt to serve request as file, then
- # as directory, then fall back to displaying a 404.
- try_files $uri $uri/;
- }
-
- # deny access to .htaccess files, if Apache's document root
- # concurs with nginx's one
- #
- location ~ /\.ht {
- deny all;
- }
-}
diff --git a/bouncer/bouncer b/bouncer/bouncer
index 75292aa..a12a9d1 100755
--- a/bouncer/bouncer
+++ b/bouncer/bouncer
@@ -12,6 +12,7 @@ use GuzzleHttp\Exception\ServerException;
use League\Flysystem\AwsS3V3\AwsS3V3Adapter;
use League\Flysystem\FileAttributes;
use League\Flysystem\Filesystem;
+use League\Flysystem\FilesystemException;
use League\Flysystem\Local\LocalFilesystemAdapter;
use Monolog\Handler\StreamHandler;
use Monolog\Level;
@@ -307,7 +308,7 @@ class BouncerTarget
{
return sprintf(
'%s://%s%s',
- $this->isAllowNonSSL() ? 'http' : 'https',
+ 'https',
$this->getUsername() && $this->getPassword() ?
sprintf('%s:%s@', $this->getUsername(), $this->getPassword()) :
'',
@@ -690,6 +691,7 @@ class Bouncer
}, $envs));
sort($envs);
+
return $envs;
}
@@ -924,25 +926,32 @@ class Bouncer
}
/**
- * @var BouncerTarget[]
+ * @param $targets BouncerTarget[]
*/
- private function generateNginxConfigs(array $targets): self
+ private function generateNginxConfigs(array $targets): void
{
// get the length of the longest name...
- $longestName = max(array_map(fn (BouncerTarget $target) => strlen($target->getPresentationDomain()), $targets));
+ $longestPresentationDomain = max(array_map(fn (BouncerTarget $target) => strlen($target->getPresentationDomain()), $targets));
+ $longestFile = max(array_map(fn (BouncerTarget $target) => strlen($target->getFileName()), $targets));
foreach ($targets as $target) {
$this->generateNginxConfig($target);
if (count($targets) <= $this->getMaximumNginxConfigCreationNotices()) {
$this->logger->info(sprintf(
- '%s Created Nginx config for %s',
+ '%s Created Nginx config for %s <=> %s',
Emoji::pencil(),
+ str_pad(
+ $target->getFileName(),
+ $longestFile,
+ ' ',
+ STR_PAD_RIGHT
+ ),
str_pad(
$target->getPresentationDomain(),
- $longestName,
+ $longestPresentationDomain,
' ',
STR_PAD_LEFT
- )
+ ),
));
}
}
@@ -950,27 +959,23 @@ class Bouncer
$this->logger->info(sprintf('%s More than %d Nginx configs generated.. Too many to show them all!', Emoji::pencil(), $this->getMaximumNginxConfigCreationNotices()));
}
$this->logger->info(sprintf('%s Created %d Nginx configs..', Emoji::pencil(), count($targets)));
-
- return $this;
}
- private function generateNginxConfig(BouncerTarget $target): self
+ private function generateNginxConfig(BouncerTarget $target): void
{
$configData = $this->twig->render('NginxTemplate.twig', $target->__toArray());
$this->configFilesystem->write($target->getFileName(), $configData);
if ($target->hasAuth()) {
$this->configFilesystem->write($target->getAuthFileName(), $target->getAuthFileData());
}
-
- return $this;
}
/**
* @param BouncerTarget[] $targets
*
- * @return $this
+ * @throws FilesystemException
*/
- private function generateLetsEncryptCerts(array $targets): self
+ private function generateLetsEncryptCerts(array $targets): void
{
foreach ($targets as $target) {
if (!$target->isLetsEncrypt()) {
@@ -1048,8 +1053,6 @@ class Bouncer
}
$this->restartNginx();
-
- return $this;
}
private function restartNginx(): void
@@ -1066,12 +1069,10 @@ class Bouncer
$this->logger->debug('Purging existing config files ...');
foreach ($this->configFilesystem->listContents('') as $file) {
/** @var FileAttributes $file */
- if ($file->isFile() && $file->path() != 'default' && $file->path() != 'default-ssl') {
+ if ($file->isFile() && $file->path() != 'default.conf' && $file->path() != 'default-ssl.conf') {
$this->configFilesystem->delete($file->path());
- // $this->logger->debug(sprintf(' > %s', $file->path()));
}
}
- // $this->logger->debug('Purge complete!');
}
}
diff --git a/bouncer/public/index.html b/bouncer/public/index.html
index ddbae48..410e978 100644
--- a/bouncer/public/index.html
+++ b/bouncer/public/index.html
@@ -1 +1,7 @@
-Nothing here.
\ No newline at end of file
+
+👻 Nothing to see here!
+
+Oops!
+There's nothing here.
+
+