From c18df6dd78c2cc6d7ef253106a2cd3eeb2bcb0bc Mon Sep 17 00:00:00 2001 From: Bohung Date: Mon, 19 Apr 2021 20:35:16 +0800 Subject: [PATCH] Add redirect to https feature. --- .../admin/site_panel_controller.rb | 4 ++- app/models/site_construct.rb | 35 +++++++++++++++---- .../site_panel/_sites_list_table.html.erb | 9 +++-- .../site_panel/get_certs_for_site.html.erb | 6 ++++ config/locales/en.yml | 1 + config/locales/zh_tw.yml | 1 + lib/tasks/detect_sites.rake | 5 +++ 7 files changed, 50 insertions(+), 11 deletions(-) diff --git a/app/controllers/admin/site_panel_controller.rb b/app/controllers/admin/site_panel_controller.rb index 75ff142..aef9d12 100644 --- a/app/controllers/admin/site_panel_controller.rb +++ b/app/controllers/admin/site_panel_controller.rb @@ -25,6 +25,7 @@ class Admin::SitePanelController < OrbitAdminController end def get_certs_for_site site_construct = SiteConstruct.find(params[:id]) rescue nil + @site_construct = site_construct domain_name = site_construct.domain_name rescue "" domain_names = domain_name.split(" ").select{|s| s.present?} domain_names_count = domain_names.count @@ -101,7 +102,7 @@ class Admin::SitePanelController < OrbitAdminController elsif params[:type] == 'detect_sites' extra_text = "" if params[:key].present? - extra_text = "[#{params[:key]}]" + extra_text = "[#{params[:key].gsub(/[\(\)\[\]]/){|ff| "\\"+ff }}]" end Thread.new do system("bundle exec rake create_site:detect_sites#{extra_text}") @@ -218,6 +219,7 @@ class Admin::SitePanelController < OrbitAdminController redirect_to :back and return elsif params[:type] == 'select_cert' @site_construct = SiteConstruct.find(params[:id]) + @site_construct.update(:redirect_to_https=>params[:redirect_to_https]) @site_construct.update(:site_cert_id=>BSON::ObjectId(params[:site_cert_id])) Thread.new do system("bundle exec rake create_site:change_site_cert[#{params[:id]}]") diff --git a/app/models/site_construct.rb b/app/models/site_construct.rb index cc2eee7..96461d0 100644 --- a/app/models/site_construct.rb +++ b/app/models/site_construct.rb @@ -22,6 +22,7 @@ class SiteConstruct field :hidden, type: Boolean, :default => false field :copy_id field :only_copy_installed_module, type: Boolean, :default => false + field :redirect_to_https, type: Boolean, :default => false field :cert_ver_added_text field :cert_ver_file_content field :cert_ver_location_path @@ -79,12 +80,16 @@ class SiteConstruct end }.join('\n') end - def parse_nginx_text_to_server_blocks(nginx_text,get_all_blocks=false) + def match_exact_index(text,match_character,level=1) + text.enum_for(:scan,/(?:[^#{match_character}])#{match_character}{#{level}}(?!#{match_character})/m).map { offset_index=Regexp.last_match.to_s.index(match_character);Regexp.last_match.offset(0).first + offset_index} + end + def parse_nginx_text_to_server_blocks(nginx_text,get_all_blocks=false,level=1) num = 1 nginx_text_tmp = nginx_text.gsub(/({|})/m){|ff| res = ff;((ff == '{') ? (res = ff * num;num = num + 1) : (num = num - 1;res = ff * num;)); res} - end_indices = nginx_text_tmp.enum_for(:scan,/^(?:}+\s?)+/m).map { Regexp.last_match.offset(0).first + 1 } - start_index = 0 - all_blocks = end_indices.map{|i| res = nginx_text_tmp[start_index..i];start_index = i + 1;res} + end_indices = match_exact_index(nginx_text_tmp,'}',level) + start_indices = match_exact_index(nginx_text_tmp,'{',level) + start_indices = start_indices.map{|i| (i - nginx_text_tmp[0...i].reverse.index(/(}|;)/m)) rescue 0} + all_blocks = (0...end_indices.count).map{|i| nginx_text_tmp[start_indices[i]..end_indices[i]]} all_blocks = all_blocks.map{|s| s.gsub(/[{}]+/){|ff| ff[0]}.strip} server_blocks = all_blocks.select{|s| s.match(/\A[\s\r\n]*server\s*{/)} if get_all_blocks @@ -112,13 +117,29 @@ class SiteConstruct new_server_block = new_server_block.gsub(/(server_name\s+)[^;]+/m){|ff| "#{$1}#{domain_name}"} new_server_block = new_server_block.gsub(/\s*ssl_certificate[^;]+;/,'') if port == "443" - new_server_block = new_server_block.gsub(/(listen\s+)[^;]+;/){|ff| ff + "\n\n ssl_certificate #{self.cert_file_remote_store_path};\\n\\n ssl_certificate_key #{self.private_key_remote_store_path};\\n\\n"} + new_server_block = new_server_block.gsub(/(listen\s+)[^;]+;/){|ff| ff + "\n\n ssl_certificate #{self.cert_file_remote_store_path};\n\n ssl_certificate_key #{self.private_key_remote_store_path};\n\n"} + else + get_redirect_block = parse_nginx_text_to_server_blocks(old_server_block,true,2).select{|t| t.match(/\s*return\s+30[12]\s+https:\/\/\$host\$request_uri\s*;/)} + if get_redirect_block.count > 0 + get_redirect_block.each do |redirect_block| + new_server_block = new_server_block.gsub(redirect_block,'') + end + end + if self.redirect_to_https && !self.site_cert.nil? + new_server_block = new_server_block.sub(/(listen\s+)[^;]+;[\s\r\n]*/){|ff| ff + " if ($host ~ (#{self.site_cert.domain_names.map{|s| '^'+s.gsub('.','\.').gsub('*','[^.]*').gsub(',','')}.join('|')}) ) {\n"+ + " return 301 https://$host$request_uri;\n"+ + " }\n"} + end end - new_server_block = new_server_block.gsub(/\n{3,}/,'\n\n') + new_server_block = new_server_block.gsub(/[ \t\s]+\n/,"\n\n").gsub(/\n{3,}/,'\n\n') else 'server {\n'+ ' listen '+port_text+';\n\n'+ - (port == "443" ? " ssl_certificate #{self.cert_file_remote_store_path};\\n\\n ssl_certificate_key #{self.private_key_remote_store_path};\\n\\n" : '')+ + (port == "443" ? " ssl_certificate #{self.cert_file_remote_store_path};\n\n"+ + " ssl_certificate_key #{self.private_key_remote_store_path};\n\n"+ + ((self.redirect_to_https && !self.site_cert.nil?) ? " if ($host ~ (#{self.site_cert.domain_names.map{|s| '^'+s.gsub('.','\.').gsub('*','[^.]*').gsub(',','')}.join('|')}) ) {\n"+ + " return 301 https://$host$request_uri;\n"+ + "}\n" : '') : '')+ ' root '+self.full_site_path+'/public;\n\n'+ ' server_name '+self.domain_name+';\n\n'+ ' client_max_body_size 500m;\n\n'+ diff --git a/app/views/admin/site_panel/_sites_list_table.html.erb b/app/views/admin/site_panel/_sites_list_table.html.erb index 1ea5c42..3f2c253 100644 --- a/app/views/admin/site_panel/_sites_list_table.html.erb +++ b/app/views/admin/site_panel/_sites_list_table.html.erb @@ -117,7 +117,9 @@ new_params_text = new_params_text.substr(0,new_params_text.length - 1) if(params["id"] == id || window.refresh_flag){ close_info = true; - window.location.href = window.location.href.replace(window.location.search,new_params_text); + console.log(new_params_text); + console.log(window.location.href) + window.location.search = new_params_text; } }else if(status == "changing"){ window.refresh_flag = true @@ -255,10 +257,11 @@ close: function(){$( this ).dialog( "close" );}, buttons: { "<%= t(:submit) %>": function(){ - var site_cert_id = $('#https_setting_area input:checked').eq(0).val(); + var redirect_to_https = ($('#https_setting_area [name="redirect_to_https"]:checked').length != 0); + var site_cert_id = $('#https_setting_area [name="site_cert"]:checked').eq(0).val(); if(site_cert_id != undefined){ console.log(site_cert_id); - $.post("<%=admin_site_panel_edit_site_path%>",{'id': id,'type':'select_cert','site_cert_id': site_cert_id}).done(function(response){ + $.post("<%=admin_site_panel_edit_site_path%>",{'id': id,'type':'select_cert','site_cert_id': site_cert_id,'redirect_to_https': redirect_to_https}).done(function(response){ console.log(response); show_infos_dialog(item); }); diff --git a/app/views/admin/site_panel/get_certs_for_site.html.erb b/app/views/admin/site_panel/get_certs_for_site.html.erb index f0e91a9..d84ef4d 100644 --- a/app/views/admin/site_panel/get_certs_for_site.html.erb +++ b/app/views/admin/site_panel/get_certs_for_site.html.erb @@ -1,6 +1,12 @@ <% if @site_certs.count == 0 %> <%= link_to t('client_management.upload_cert'),upload_cert_admin_site_panel_index_path, :target=>"_blank" %> <% else %> +
+ +
diff --git a/config/locales/en.yml b/config/locales/en.yml index dc7f2b0..4ab5413 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -7,6 +7,7 @@ en: upload_cert: Upload Cert cert_management: Cert Management client_management: + redirect_to_https: Redirect to https start_date: Start Date end_date: End Date change_setting: Change Setting diff --git a/config/locales/zh_tw.yml b/config/locales/zh_tw.yml index cbce610..a741027 100644 --- a/config/locales/zh_tw.yml +++ b/config/locales/zh_tw.yml @@ -7,6 +7,7 @@ zh_tw: upload_cert: 上傳憑證 cert_management: 憑證管理 client_management: + redirect_to_https: 跳轉到https start_date: 開始日期 end_date: 結束日期 change_setting: 變更設定 diff --git a/lib/tasks/detect_sites.rake b/lib/tasks/detect_sites.rake index d62bc25..3173520 100644 --- a/lib/tasks/detect_sites.rake +++ b/lib/tasks/detect_sites.rake @@ -131,6 +131,11 @@ namespace :create_site do site_cert.save site_construct.update(:site_cert=>site_cert) end + if nginx_file_content.match(/\s*return\s+30[12]\s+https:\/\/\$host\$request_uri\s*;/) + site_construct.update(:redirect_to_https => true) + else + site_construct.update(:redirect_to_https => false) + end end end end