Add redirect to https feature.
This commit is contained in:
parent
951aef1b72
commit
c18df6dd78
|
@ -25,6 +25,7 @@ class Admin::SitePanelController < OrbitAdminController
|
||||||
end
|
end
|
||||||
def get_certs_for_site
|
def get_certs_for_site
|
||||||
site_construct = SiteConstruct.find(params[:id]) rescue nil
|
site_construct = SiteConstruct.find(params[:id]) rescue nil
|
||||||
|
@site_construct = site_construct
|
||||||
domain_name = site_construct.domain_name rescue ""
|
domain_name = site_construct.domain_name rescue ""
|
||||||
domain_names = domain_name.split(" ").select{|s| s.present?}
|
domain_names = domain_name.split(" ").select{|s| s.present?}
|
||||||
domain_names_count = domain_names.count
|
domain_names_count = domain_names.count
|
||||||
|
@ -101,7 +102,7 @@ class Admin::SitePanelController < OrbitAdminController
|
||||||
elsif params[:type] == 'detect_sites'
|
elsif params[:type] == 'detect_sites'
|
||||||
extra_text = ""
|
extra_text = ""
|
||||||
if params[:key].present?
|
if params[:key].present?
|
||||||
extra_text = "[#{params[:key]}]"
|
extra_text = "[#{params[:key].gsub(/[\(\)\[\]]/){|ff| "\\"+ff }}]"
|
||||||
end
|
end
|
||||||
Thread.new do
|
Thread.new do
|
||||||
system("bundle exec rake create_site:detect_sites#{extra_text}")
|
system("bundle exec rake create_site:detect_sites#{extra_text}")
|
||||||
|
@ -218,6 +219,7 @@ class Admin::SitePanelController < OrbitAdminController
|
||||||
redirect_to :back and return
|
redirect_to :back and return
|
||||||
elsif params[:type] == 'select_cert'
|
elsif params[:type] == 'select_cert'
|
||||||
@site_construct = SiteConstruct.find(params[:id])
|
@site_construct = SiteConstruct.find(params[:id])
|
||||||
|
@site_construct.update(:redirect_to_https=>params[:redirect_to_https])
|
||||||
@site_construct.update(:site_cert_id=>BSON::ObjectId(params[:site_cert_id]))
|
@site_construct.update(:site_cert_id=>BSON::ObjectId(params[:site_cert_id]))
|
||||||
Thread.new do
|
Thread.new do
|
||||||
system("bundle exec rake create_site:change_site_cert[#{params[:id]}]")
|
system("bundle exec rake create_site:change_site_cert[#{params[:id]}]")
|
||||||
|
|
|
@ -22,6 +22,7 @@ class SiteConstruct
|
||||||
field :hidden, type: Boolean, :default => false
|
field :hidden, type: Boolean, :default => false
|
||||||
field :copy_id
|
field :copy_id
|
||||||
field :only_copy_installed_module, type: Boolean, :default => false
|
field :only_copy_installed_module, type: Boolean, :default => false
|
||||||
|
field :redirect_to_https, type: Boolean, :default => false
|
||||||
field :cert_ver_added_text
|
field :cert_ver_added_text
|
||||||
field :cert_ver_file_content
|
field :cert_ver_file_content
|
||||||
field :cert_ver_location_path
|
field :cert_ver_location_path
|
||||||
|
@ -79,12 +80,16 @@ class SiteConstruct
|
||||||
end
|
end
|
||||||
}.join('\n')
|
}.join('\n')
|
||||||
end
|
end
|
||||||
def parse_nginx_text_to_server_blocks(nginx_text,get_all_blocks=false)
|
def match_exact_index(text,match_character,level=1)
|
||||||
|
text.enum_for(:scan,/(?:[^#{match_character}])#{match_character}{#{level}}(?!#{match_character})/m).map { offset_index=Regexp.last_match.to_s.index(match_character);Regexp.last_match.offset(0).first + offset_index}
|
||||||
|
end
|
||||||
|
def parse_nginx_text_to_server_blocks(nginx_text,get_all_blocks=false,level=1)
|
||||||
num = 1
|
num = 1
|
||||||
nginx_text_tmp = nginx_text.gsub(/({|})/m){|ff| res = ff;((ff == '{') ? (res = ff * num;num = num + 1) : (num = num - 1;res = ff * num;)); res}
|
nginx_text_tmp = nginx_text.gsub(/({|})/m){|ff| res = ff;((ff == '{') ? (res = ff * num;num = num + 1) : (num = num - 1;res = ff * num;)); res}
|
||||||
end_indices = nginx_text_tmp.enum_for(:scan,/^(?:}+\s?)+/m).map { Regexp.last_match.offset(0).first + 1 }
|
end_indices = match_exact_index(nginx_text_tmp,'}',level)
|
||||||
start_index = 0
|
start_indices = match_exact_index(nginx_text_tmp,'{',level)
|
||||||
all_blocks = end_indices.map{|i| res = nginx_text_tmp[start_index..i];start_index = i + 1;res}
|
start_indices = start_indices.map{|i| (i - nginx_text_tmp[0...i].reverse.index(/(}|;)/m)) rescue 0}
|
||||||
|
all_blocks = (0...end_indices.count).map{|i| nginx_text_tmp[start_indices[i]..end_indices[i]]}
|
||||||
all_blocks = all_blocks.map{|s| s.gsub(/[{}]+/){|ff| ff[0]}.strip}
|
all_blocks = all_blocks.map{|s| s.gsub(/[{}]+/){|ff| ff[0]}.strip}
|
||||||
server_blocks = all_blocks.select{|s| s.match(/\A[\s\r\n]*server\s*{/)}
|
server_blocks = all_blocks.select{|s| s.match(/\A[\s\r\n]*server\s*{/)}
|
||||||
if get_all_blocks
|
if get_all_blocks
|
||||||
|
@ -112,13 +117,29 @@ class SiteConstruct
|
||||||
new_server_block = new_server_block.gsub(/(server_name\s+)[^;]+/m){|ff| "#{$1}#{domain_name}"}
|
new_server_block = new_server_block.gsub(/(server_name\s+)[^;]+/m){|ff| "#{$1}#{domain_name}"}
|
||||||
new_server_block = new_server_block.gsub(/\s*ssl_certificate[^;]+;/,'')
|
new_server_block = new_server_block.gsub(/\s*ssl_certificate[^;]+;/,'')
|
||||||
if port == "443"
|
if port == "443"
|
||||||
new_server_block = new_server_block.gsub(/(listen\s+)[^;]+;/){|ff| ff + "\n\n ssl_certificate #{self.cert_file_remote_store_path};\\n\\n ssl_certificate_key #{self.private_key_remote_store_path};\\n\\n"}
|
new_server_block = new_server_block.gsub(/(listen\s+)[^;]+;/){|ff| ff + "\n\n ssl_certificate #{self.cert_file_remote_store_path};\n\n ssl_certificate_key #{self.private_key_remote_store_path};\n\n"}
|
||||||
|
else
|
||||||
|
get_redirect_block = parse_nginx_text_to_server_blocks(old_server_block,true,2).select{|t| t.match(/\s*return\s+30[12]\s+https:\/\/\$host\$request_uri\s*;/)}
|
||||||
|
if get_redirect_block.count > 0
|
||||||
|
get_redirect_block.each do |redirect_block|
|
||||||
|
new_server_block = new_server_block.gsub(redirect_block,'')
|
||||||
end
|
end
|
||||||
new_server_block = new_server_block.gsub(/\n{3,}/,'\n\n')
|
end
|
||||||
|
if self.redirect_to_https && !self.site_cert.nil?
|
||||||
|
new_server_block = new_server_block.sub(/(listen\s+)[^;]+;[\s\r\n]*/){|ff| ff + " if ($host ~ (#{self.site_cert.domain_names.map{|s| '^'+s.gsub('.','\.').gsub('*','[^.]*').gsub(',','')}.join('|')}) ) {\n"+
|
||||||
|
" return 301 https://$host$request_uri;\n"+
|
||||||
|
" }\n"}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
new_server_block = new_server_block.gsub(/[ \t\s]+\n/,"\n\n").gsub(/\n{3,}/,'\n\n')
|
||||||
else
|
else
|
||||||
'server {\n'+
|
'server {\n'+
|
||||||
' listen '+port_text+';\n\n'+
|
' listen '+port_text+';\n\n'+
|
||||||
(port == "443" ? " ssl_certificate #{self.cert_file_remote_store_path};\\n\\n ssl_certificate_key #{self.private_key_remote_store_path};\\n\\n" : '')+
|
(port == "443" ? " ssl_certificate #{self.cert_file_remote_store_path};\n\n"+
|
||||||
|
" ssl_certificate_key #{self.private_key_remote_store_path};\n\n"+
|
||||||
|
((self.redirect_to_https && !self.site_cert.nil?) ? " if ($host ~ (#{self.site_cert.domain_names.map{|s| '^'+s.gsub('.','\.').gsub('*','[^.]*').gsub(',','')}.join('|')}) ) {\n"+
|
||||||
|
" return 301 https://$host$request_uri;\n"+
|
||||||
|
"}\n" : '') : '')+
|
||||||
' root '+self.full_site_path+'/public;\n\n'+
|
' root '+self.full_site_path+'/public;\n\n'+
|
||||||
' server_name '+self.domain_name+';\n\n'+
|
' server_name '+self.domain_name+';\n\n'+
|
||||||
' client_max_body_size 500m;\n\n'+
|
' client_max_body_size 500m;\n\n'+
|
||||||
|
|
|
@ -117,7 +117,9 @@
|
||||||
new_params_text = new_params_text.substr(0,new_params_text.length - 1)
|
new_params_text = new_params_text.substr(0,new_params_text.length - 1)
|
||||||
if(params["id"] == id || window.refresh_flag){
|
if(params["id"] == id || window.refresh_flag){
|
||||||
close_info = true;
|
close_info = true;
|
||||||
window.location.href = window.location.href.replace(window.location.search,new_params_text);
|
console.log(new_params_text);
|
||||||
|
console.log(window.location.href)
|
||||||
|
window.location.search = new_params_text;
|
||||||
}
|
}
|
||||||
}else if(status == "changing"){
|
}else if(status == "changing"){
|
||||||
window.refresh_flag = true
|
window.refresh_flag = true
|
||||||
|
@ -255,10 +257,11 @@
|
||||||
close: function(){$( this ).dialog( "close" );},
|
close: function(){$( this ).dialog( "close" );},
|
||||||
buttons: {
|
buttons: {
|
||||||
"<%= t(:submit) %>": function(){
|
"<%= t(:submit) %>": function(){
|
||||||
var site_cert_id = $('#https_setting_area input:checked').eq(0).val();
|
var redirect_to_https = ($('#https_setting_area [name="redirect_to_https"]:checked').length != 0);
|
||||||
|
var site_cert_id = $('#https_setting_area [name="site_cert"]:checked').eq(0).val();
|
||||||
if(site_cert_id != undefined){
|
if(site_cert_id != undefined){
|
||||||
console.log(site_cert_id);
|
console.log(site_cert_id);
|
||||||
$.post("<%=admin_site_panel_edit_site_path%>",{'id': id,'type':'select_cert','site_cert_id': site_cert_id}).done(function(response){
|
$.post("<%=admin_site_panel_edit_site_path%>",{'id': id,'type':'select_cert','site_cert_id': site_cert_id,'redirect_to_https': redirect_to_https}).done(function(response){
|
||||||
console.log(response);
|
console.log(response);
|
||||||
show_infos_dialog(item);
|
show_infos_dialog(item);
|
||||||
});
|
});
|
||||||
|
|
|
@ -1,6 +1,12 @@
|
||||||
<% if @site_certs.count == 0 %>
|
<% if @site_certs.count == 0 %>
|
||||||
<%= link_to t('client_management.upload_cert'),upload_cert_admin_site_panel_index_path, :target=>"_blank" %>
|
<%= link_to t('client_management.upload_cert'),upload_cert_admin_site_panel_index_path, :target=>"_blank" %>
|
||||||
<% else %>
|
<% else %>
|
||||||
|
<div class="control-group">
|
||||||
|
<label style=" font-size: 1.2em; font-weight: bold; ">
|
||||||
|
<%= check_box_tag("redirect_to_https",1,(@site_construct.redirect_to_https rescue false)) %>
|
||||||
|
<%=t("client_management.redirect_to_https")%>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
<table class="table table-bordered main-list default">
|
<table class="table table-bordered main-list default">
|
||||||
<thead>
|
<thead>
|
||||||
<th></th>
|
<th></th>
|
||||||
|
|
|
@ -7,6 +7,7 @@ en:
|
||||||
upload_cert: Upload Cert
|
upload_cert: Upload Cert
|
||||||
cert_management: Cert Management
|
cert_management: Cert Management
|
||||||
client_management:
|
client_management:
|
||||||
|
redirect_to_https: Redirect to https
|
||||||
start_date: Start Date
|
start_date: Start Date
|
||||||
end_date: End Date
|
end_date: End Date
|
||||||
change_setting: Change Setting
|
change_setting: Change Setting
|
||||||
|
|
|
@ -7,6 +7,7 @@ zh_tw:
|
||||||
upload_cert: 上傳憑證
|
upload_cert: 上傳憑證
|
||||||
cert_management: 憑證管理
|
cert_management: 憑證管理
|
||||||
client_management:
|
client_management:
|
||||||
|
redirect_to_https: 跳轉到https
|
||||||
start_date: 開始日期
|
start_date: 開始日期
|
||||||
end_date: 結束日期
|
end_date: 結束日期
|
||||||
change_setting: 變更設定
|
change_setting: 變更設定
|
||||||
|
|
|
@ -131,6 +131,11 @@ namespace :create_site do
|
||||||
site_cert.save
|
site_cert.save
|
||||||
site_construct.update(:site_cert=>site_cert)
|
site_construct.update(:site_cert=>site_cert)
|
||||||
end
|
end
|
||||||
|
if nginx_file_content.match(/\s*return\s+30[12]\s+https:\/\/\$host\$request_uri\s*;/)
|
||||||
|
site_construct.update(:redirect_to_https => true)
|
||||||
|
else
|
||||||
|
site_construct.update(:redirect_to_https => false)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue