sheppy/athq-vm-management
1
0
Fork 0
mirror of https://github.com/FAUSheppy/athq-vm-management synced 2025-12-06 05:41:35 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: add http-passthrough for non-acme domains

Browse Source
This commit is contained in:
Johnathen Sheppard
2024-05-21 19:00:05 +00:00
parent ba86d5c482
commit fd61f28cd5
2 changed files with 22 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
templates/nginx_server_block.conf.j2
View File

@@ -1,3 +1,4 @@
{% if terminate_ssl %}
server{ server{
# {{ comment }} # {{ comment }}
@@ -49,8 +50,8 @@ server{
{% endif %} {% endif %}
} }
} }
{% endif %}
{% if acme %}
server{ server{
# {{ comment }} # {{ comment }}
@@ -58,11 +59,23 @@ server{
listen 80; listen 80;
listen [::]:80; listen [::]:80;
{% if include_subdomains %}
{% if servernames %}
server_name{% for s in servernames %} ~^.*{{ s.replace(".","\\.") }}{% endfor %};
{% endif %}
{% else %}
{% if servernames %}server_name{% for s in servernames %} {{ s }}{% endfor %};{% endif %} {% if servernames %}server_name{% for s in servernames %} {{ s }}{% endfor %};{% endif %}
{% endif %}
{% if acme %}
include acme-challenge.conf; include acme-challenge.conf;
return 301 https://$host$request_uri; return 301 https://$host$request_uri;
{% else %}
location / {
{{ proxy_pass_blob }}
proxy_pass http://{{ targetip }}:80;
}
{% endif %}
} }
{% endif %}

9
vm.py
View File

@@ -131,7 +131,6 @@ class VM:
if subdomain.get("no-terminate-ssl"): if subdomain.get("no-terminate-ssl"):
print("Not terminating TLS for: {}".format(subdomain)) print("Not terminating TLS for: {}".format(subdomain))
continue
if type(subdomain) != dict: if type(subdomain) != dict:
raise ValueError("Subdomain must be object containing 'name' ") raise ValueError("Subdomain must be object containing 'name' ")
@@ -150,11 +149,17 @@ class VM:
cert_non_optional = subdomain.get("cert-non-optional") or False cert_non_optional = subdomain.get("cert-non-optional") or False
if subdomain.get("include-subdomains") and not subdomain.get("no-terminate-ssl"):
raise ValueError("Wildcard Subdomain not supported with SSL Termination")
component = template.render(targetip=self.ip, targetport=targetport, component = template.render(targetip=self.ip, targetport=targetport,
servernames=[subdomain["name"]], comment=compositeName, servernames=[subdomain["name"]], comment=compositeName,
proxy_pass_blob=self.proxy_pass_blob, acme=not self.noTerminateACME, proxy_pass_blob=self.proxy_pass_blob,
acme=not self.noTerminateACME,
terminate_ssl=not subdomain.get("no-terminate-ssl"),
basicauth=subdomain.get("basicauth"), basicauth=subdomain.get("basicauth"),
extra_location=subdomain.get("extra-location"), extra_location=subdomain.get("extra-location"),
include_subdomains=subdomain.get("include-subdomains"),
cert_optional=cert_optional, cert_optional=cert_optional,
cert_non_optional=cert_non_optional, cert_non_optional=cert_non_optional,
cert_header_line=header_line) cert_header_line=header_line)