class ApartmentAcmeClient::NginxConfiguration::Real

Public Class Methods

new(options = {}) click to toggle source
# File lib/apartment_acme_client/nginx_configuration/real.rb, line 27
def initialize(options = {})
  @options = default_options.merge(options)
end
update_nginx(cert_exists:, base_domain:) click to toggle source

do we have a certificate on this server? We cannot start nginx when it is pointing at a non-existing certificate, so we need to check

# File lib/apartment_acme_client/nginx_configuration/real.rb, line 9
def self.update_nginx(cert_exists:, base_domain:)
  template = new(include_ssl: cert_exists, base_domain: base_domain).filled_template

  tempfile = Tempfile.new('nginx_config')
  raise "Path Error" unless template

  begin
    tempfile.write(template)
    tempfile.flush

    ApartmentAcmeClient::FileManipulation::Proxy.singleton.copy_file(tempfile.path.to_s, ApartmentAcmeClient.nginx_config_path)
    ApartmentAcmeClient::FileManipulation::Proxy.singleton.restart_service("nginx")
  ensure
    tempfile.close
    tempfile.unlink
  end
end

Public Instance Methods

check_configuration() click to toggle source
# File lib/apartment_acme_client/nginx_configuration/real.rb, line 47
def check_configuration
  unless File.exist?(@options[:public_folder])
    puts "Webroot path #{@options[:public_folder]} Not found"
    return false
  end

  true
end
default_options() click to toggle source
# File lib/apartment_acme_client/nginx_configuration/real.rb, line 37
def default_options
  result = {}
  result[:public_folder] = ApartmentAcmeClient.public_folder
  result[:socket_path] = ApartmentAcmeClient.socket_path
  result[:include_ssl] = false
  result[:cert_prefix] = ApartmentAcmeClient::CertificateStorage::TEST_PREFIX if ApartmentAcmeClient.lets_encrypt_test_server_enabled
  result[:certificate_storage_folder] = ApartmentAcmeClient.certificate_storage_folder
  result
end
default_template() click to toggle source
# File lib/apartment_acme_client/nginx_configuration/real.rb, line 60
      def default_template
        <<~THE_END
          #
          # A virtual host using mix of IP-, name-, and port-based configuration
          #

          upstream app {
              # Path to Unicorn SOCK file, as defined previously
              server unix:<%= options[:socket_path] %> fail_timeout=0;
          }

          server {

              # FOR HTTP
              listen 80;

              gzip on;

              # Application root, as defined previously
              root <%= options[:public_folder] %>;
              server_name  <%= options[:base_domain] %> *.<%= options[:base_domain] %>;

              try_files $uri/index.html $uri @app;

              location @app {
                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                  proxy_set_header X-FORWARDED-PROTO $scheme;
                  proxy_set_header Host $http_host;
                  proxy_redirect off;
                  proxy_pass http://app;
              }

              error_page 500 502 503 504 /500.html;
              client_max_body_size 4G;
              keepalive_timeout 10;

              # BELOW THIS LINE FOR HTTPS
              <% if options[:include_ssl] %>
              listen 443 default_server ssl;

              # The following should be enabled once everything is SSL
              # ssl on;

              ssl_certificate <%= options[:certificate_storage_folder] %>/<%= options[:cert_prefix] %>cert.pem;
              ssl_certificate_key <%= options[:certificate_storage_folder] %>/<%= options[:cert_prefix] %>privkey.pem;

              ssl_stapling on;
              ssl_stapling_verify on;

              ssl_session_timeout 5m;
              <% end %>
          }
        THE_END
      end
fill_template(template, options) click to toggle source
# File lib/apartment_acme_client/nginx_configuration/real.rb, line 115
def fill_template(template, options)
  # scope defined for use in binding to ERB
  def opts(options)
    options
    binding
  end
  # binds to current class
  # uses 'options' in the template
  ERB.new(template).result(opts(options))
end
filled_template() click to toggle source
# File lib/apartment_acme_client/nginx_configuration/real.rb, line 31
def filled_template
  return nil unless check_configuration

  fill_template(read_template, @options)
end
opts(options) click to toggle source

scope defined for use in binding to ERB

# File lib/apartment_acme_client/nginx_configuration/real.rb, line 117
def opts(options)
  options
  binding
end
read_template() click to toggle source
# File lib/apartment_acme_client/nginx_configuration/real.rb, line 56
def read_template
  default_template
end