Class: ApartmentAcmeClient::NginxConfiguration::Real

Inherits:
Object
  • Object
show all
Defined in:
lib/apartment_acme_client/nginx_configuration/real.rb

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(options = {}) ⇒ Real

Returns a new instance of Real.



27
28
29
 
# File 'lib/apartment_acme_client/nginx_configuration/real.rb', line 27

def initialize(options = {})
  @options = default_options.merge(options)
end

Class Method Details

.update_nginx(cert_exists:, base_domain:) ⇒ Object

do we have a certificate on this server? We cannot start nginx when it is pointing at a non-existing certificate, so we need to check



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/apartment_acme_client/nginx_configuration/real.rb', line 9

def self.update_nginx(cert_exists:, base_domain:)
  template = new(include_ssl: cert_exists, base_domain: base_domain).filled_template

  tempfile = Tempfile.new('nginx_config')
  raise "Path Error" unless template

  begin
    tempfile.write(template)
    tempfile.flush

    ApartmentAcmeClient::FileManipulation::Proxy.singleton.copy_file(tempfile.path.to_s, ApartmentAcmeClient.nginx_config_path)
    ApartmentAcmeClient::FileManipulation::Proxy.singleton.restart_service("nginx")
  ensure
    tempfile.close
    tempfile.unlink
  end
end

Instance Method Details

#check_configurationObject 



47
48
49
50
51
52
53
54
 
# File 'lib/apartment_acme_client/nginx_configuration/real.rb', line 47

def check_configuration
  unless File.exist?(@options[:public_folder])
    puts "Webroot path #{@options[:public_folder]} Not found"
    return false
  end

  true
end

#default_optionsObject 



37
38
39
40
41
42
43
44
45
 
# File 'lib/apartment_acme_client/nginx_configuration/real.rb', line 37

def default_options
  result = {}
  result[:public_folder] = ApartmentAcmeClient.public_folder
  result[:socket_path] = ApartmentAcmeClient.socket_path
  result[:include_ssl] = false
  result[:cert_prefix] = ApartmentAcmeClient::CertificateStorage::TEST_PREFIX if ApartmentAcmeClient.lets_encrypt_test_server_enabled
  result[:certificate_storage_folder] = ApartmentAcmeClient.certificate_storage_folder
  result
end

#default_templateObject 



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
# File 'lib/apartment_acme_client/nginx_configuration/real.rb', line 60

def default_template
  <<~THE_END
    #
    # A virtual host using mix of IP-, name-, and port-based configuration
    #

    upstream app {
        # Path to Unicorn SOCK file, as defined previously
        server unix:<%= options[:socket_path] %> fail_timeout=0;
    }

    server {

        # FOR HTTP
        listen 80;

        gzip on;

        # Application root, as defined previously
        root <%= options[:public_folder] %>;
        server_name  <%= options[:base_domain] %> *.<%= options[:base_domain] %>;

        try_files $uri/index.html $uri @app;

        location @app {
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-FORWARDED-PROTO $scheme;
            proxy_set_header Host $http_host;
            proxy_redirect off;
            proxy_pass http://app;
        }

        error_page 500 502 503 504 /500.html;
        client_max_body_size 4G;
        keepalive_timeout 10;

        # BELOW THIS LINE FOR HTTPS
        <% if options[:include_ssl] %>
        listen 443 default_server ssl;

        # The following should be enabled once everything is SSL
        # ssl on;

        ssl_certificate <%= options[:certificate_storage_folder] %>/<%= options[:cert_prefix] %>cert.pem;
        ssl_certificate_key <%= options[:certificate_storage_folder] %>/<%= options[:cert_prefix] %>privkey.pem;

        ssl_stapling on;
        ssl_stapling_verify on;

        ssl_session_timeout 5m;
        <% end %>
    }
  THE_END
end

#fill_template(template, options) ⇒ Object 



115
116
117
118
119
120
121
122
123
124
 
# File 'lib/apartment_acme_client/nginx_configuration/real.rb', line 115

def fill_template(template, options)
  # scope defined for use in binding to ERB
  def opts(options)
    options
    binding
  end
  # binds to current class
  # uses 'options' in the template
  ERB.new(template).result(opts(options))
end

#filled_templateObject 



31
32
33
34
35
 
# File 'lib/apartment_acme_client/nginx_configuration/real.rb', line 31

def filled_template
  return nil unless check_configuration

  fill_template(read_template, @options)
end

#opts(options) ⇒ Object

scope defined for use in binding to ERB



117
118
119
120
 
# File 'lib/apartment_acme_client/nginx_configuration/real.rb', line 117

def opts(options)
  options
  binding
end

#read_templateObject 



56
57
58
 
# File 'lib/apartment_acme_client/nginx_configuration/real.rb', line 56

def read_template
  default_template
end