Add redirect to https feature.

This commit is contained in:
BoHung Chiu 2021-04-19 20:35:16 +08:00
parent 951aef1b72
commit c18df6dd78
7 changed files with 50 additions and 11 deletions

View File

@ -25,6 +25,7 @@ class Admin::SitePanelController < OrbitAdminController
end end
def get_certs_for_site def get_certs_for_site
site_construct = SiteConstruct.find(params[:id]) rescue nil site_construct = SiteConstruct.find(params[:id]) rescue nil
@site_construct = site_construct
domain_name = site_construct.domain_name rescue "" domain_name = site_construct.domain_name rescue ""
domain_names = domain_name.split(" ").select{|s| s.present?} domain_names = domain_name.split(" ").select{|s| s.present?}
domain_names_count = domain_names.count domain_names_count = domain_names.count
@ -101,7 +102,7 @@ class Admin::SitePanelController < OrbitAdminController
elsif params[:type] == 'detect_sites' elsif params[:type] == 'detect_sites'
extra_text = "" extra_text = ""
if params[:key].present? if params[:key].present?
extra_text = "[#{params[:key]}]" extra_text = "[#{params[:key].gsub(/[\(\)\[\]]/){|ff| "\\"+ff }}]"
end end
Thread.new do Thread.new do
system("bundle exec rake create_site:detect_sites#{extra_text}") system("bundle exec rake create_site:detect_sites#{extra_text}")
@ -218,6 +219,7 @@ class Admin::SitePanelController < OrbitAdminController
redirect_to :back and return redirect_to :back and return
elsif params[:type] == 'select_cert' elsif params[:type] == 'select_cert'
@site_construct = SiteConstruct.find(params[:id]) @site_construct = SiteConstruct.find(params[:id])
@site_construct.update(:redirect_to_https=>params[:redirect_to_https])
@site_construct.update(:site_cert_id=>BSON::ObjectId(params[:site_cert_id])) @site_construct.update(:site_cert_id=>BSON::ObjectId(params[:site_cert_id]))
Thread.new do Thread.new do
system("bundle exec rake create_site:change_site_cert[#{params[:id]}]") system("bundle exec rake create_site:change_site_cert[#{params[:id]}]")

View File

@ -22,6 +22,7 @@ class SiteConstruct
field :hidden, type: Boolean, :default => false field :hidden, type: Boolean, :default => false
field :copy_id field :copy_id
field :only_copy_installed_module, type: Boolean, :default => false field :only_copy_installed_module, type: Boolean, :default => false
field :redirect_to_https, type: Boolean, :default => false
field :cert_ver_added_text field :cert_ver_added_text
field :cert_ver_file_content field :cert_ver_file_content
field :cert_ver_location_path field :cert_ver_location_path
@ -79,12 +80,16 @@ class SiteConstruct
end end
}.join('\n') }.join('\n')
end end
def parse_nginx_text_to_server_blocks(nginx_text,get_all_blocks=false) def match_exact_index(text,match_character,level=1)
text.enum_for(:scan,/(?:[^#{match_character}])#{match_character}{#{level}}(?!#{match_character})/m).map { offset_index=Regexp.last_match.to_s.index(match_character);Regexp.last_match.offset(0).first + offset_index}
end
def parse_nginx_text_to_server_blocks(nginx_text,get_all_blocks=false,level=1)
num = 1 num = 1
nginx_text_tmp = nginx_text.gsub(/({|})/m){|ff| res = ff;((ff == '{') ? (res = ff * num;num = num + 1) : (num = num - 1;res = ff * num;)); res} nginx_text_tmp = nginx_text.gsub(/({|})/m){|ff| res = ff;((ff == '{') ? (res = ff * num;num = num + 1) : (num = num - 1;res = ff * num;)); res}
end_indices = nginx_text_tmp.enum_for(:scan,/^(?:}+\s?)+/m).map { Regexp.last_match.offset(0).first + 1 } end_indices = match_exact_index(nginx_text_tmp,'}',level)
start_index = 0 start_indices = match_exact_index(nginx_text_tmp,'{',level)
all_blocks = end_indices.map{|i| res = nginx_text_tmp[start_index..i];start_index = i + 1;res} start_indices = start_indices.map{|i| (i - nginx_text_tmp[0...i].reverse.index(/(}|;)/m)) rescue 0}
all_blocks = (0...end_indices.count).map{|i| nginx_text_tmp[start_indices[i]..end_indices[i]]}
all_blocks = all_blocks.map{|s| s.gsub(/[{}]+/){|ff| ff[0]}.strip} all_blocks = all_blocks.map{|s| s.gsub(/[{}]+/){|ff| ff[0]}.strip}
server_blocks = all_blocks.select{|s| s.match(/\A[\s\r\n]*server\s*{/)} server_blocks = all_blocks.select{|s| s.match(/\A[\s\r\n]*server\s*{/)}
if get_all_blocks if get_all_blocks
@ -112,13 +117,29 @@ class SiteConstruct
new_server_block = new_server_block.gsub(/(server_name\s+)[^;]+/m){|ff| "#{$1}#{domain_name}"} new_server_block = new_server_block.gsub(/(server_name\s+)[^;]+/m){|ff| "#{$1}#{domain_name}"}
new_server_block = new_server_block.gsub(/\s*ssl_certificate[^;]+;/,'') new_server_block = new_server_block.gsub(/\s*ssl_certificate[^;]+;/,'')
if port == "443" if port == "443"
new_server_block = new_server_block.gsub(/(listen\s+)[^;]+;/){|ff| ff + "\n\n ssl_certificate #{self.cert_file_remote_store_path};\\n\\n ssl_certificate_key #{self.private_key_remote_store_path};\\n\\n"} new_server_block = new_server_block.gsub(/(listen\s+)[^;]+;/){|ff| ff + "\n\n ssl_certificate #{self.cert_file_remote_store_path};\n\n ssl_certificate_key #{self.private_key_remote_store_path};\n\n"}
else
get_redirect_block = parse_nginx_text_to_server_blocks(old_server_block,true,2).select{|t| t.match(/\s*return\s+30[12]\s+https:\/\/\$host\$request_uri\s*;/)}
if get_redirect_block.count > 0
get_redirect_block.each do |redirect_block|
new_server_block = new_server_block.gsub(redirect_block,'')
end end
new_server_block = new_server_block.gsub(/\n{3,}/,'\n\n') end
if self.redirect_to_https && !self.site_cert.nil?
new_server_block = new_server_block.sub(/(listen\s+)[^;]+;[\s\r\n]*/){|ff| ff + " if ($host ~ (#{self.site_cert.domain_names.map{|s| '^'+s.gsub('.','\.').gsub('*','[^.]*').gsub(',','')}.join('|')}) ) {\n"+
" return 301 https://$host$request_uri;\n"+
" }\n"}
end
end
new_server_block = new_server_block.gsub(/[ \t\s]+\n/,"\n\n").gsub(/\n{3,}/,'\n\n')
else else
'server {\n'+ 'server {\n'+
' listen '+port_text+';\n\n'+ ' listen '+port_text+';\n\n'+
(port == "443" ? " ssl_certificate #{self.cert_file_remote_store_path};\\n\\n ssl_certificate_key #{self.private_key_remote_store_path};\\n\\n" : '')+ (port == "443" ? " ssl_certificate #{self.cert_file_remote_store_path};\n\n"+
" ssl_certificate_key #{self.private_key_remote_store_path};\n\n"+
((self.redirect_to_https && !self.site_cert.nil?) ? " if ($host ~ (#{self.site_cert.domain_names.map{|s| '^'+s.gsub('.','\.').gsub('*','[^.]*').gsub(',','')}.join('|')}) ) {\n"+
" return 301 https://$host$request_uri;\n"+
"}\n" : '') : '')+
' root '+self.full_site_path+'/public;\n\n'+ ' root '+self.full_site_path+'/public;\n\n'+
' server_name '+self.domain_name+';\n\n'+ ' server_name '+self.domain_name+';\n\n'+
' client_max_body_size 500m;\n\n'+ ' client_max_body_size 500m;\n\n'+

View File

@ -117,7 +117,9 @@
new_params_text = new_params_text.substr(0,new_params_text.length - 1) new_params_text = new_params_text.substr(0,new_params_text.length - 1)
if(params["id"] == id || window.refresh_flag){ if(params["id"] == id || window.refresh_flag){
close_info = true; close_info = true;
window.location.href = window.location.href.replace(window.location.search,new_params_text); console.log(new_params_text);
console.log(window.location.href)
window.location.search = new_params_text;
} }
}else if(status == "changing"){ }else if(status == "changing"){
window.refresh_flag = true window.refresh_flag = true
@ -255,10 +257,11 @@
close: function(){$( this ).dialog( "close" );}, close: function(){$( this ).dialog( "close" );},
buttons: { buttons: {
"<%= t(:submit) %>": function(){ "<%= t(:submit) %>": function(){
var site_cert_id = $('#https_setting_area input:checked').eq(0).val(); var redirect_to_https = ($('#https_setting_area [name="redirect_to_https"]:checked').length != 0);
var site_cert_id = $('#https_setting_area [name="site_cert"]:checked').eq(0).val();
if(site_cert_id != undefined){ if(site_cert_id != undefined){
console.log(site_cert_id); console.log(site_cert_id);
$.post("<%=admin_site_panel_edit_site_path%>",{'id': id,'type':'select_cert','site_cert_id': site_cert_id}).done(function(response){ $.post("<%=admin_site_panel_edit_site_path%>",{'id': id,'type':'select_cert','site_cert_id': site_cert_id,'redirect_to_https': redirect_to_https}).done(function(response){
console.log(response); console.log(response);
show_infos_dialog(item); show_infos_dialog(item);
}); });

View File

@ -1,6 +1,12 @@
<% if @site_certs.count == 0 %> <% if @site_certs.count == 0 %>
<%= link_to t('client_management.upload_cert'),upload_cert_admin_site_panel_index_path, :target=>"_blank" %> <%= link_to t('client_management.upload_cert'),upload_cert_admin_site_panel_index_path, :target=>"_blank" %>
<% else %> <% else %>
<div class="control-group">
<label style=" font-size: 1.2em; font-weight: bold; ">
<%= check_box_tag("redirect_to_https",1,(@site_construct.redirect_to_https rescue false)) %>
<%=t("client_management.redirect_to_https")%>
</label>
</div>
<table class="table table-bordered main-list default"> <table class="table table-bordered main-list default">
<thead> <thead>
<th></th> <th></th>

View File

@ -7,6 +7,7 @@ en:
upload_cert: Upload Cert upload_cert: Upload Cert
cert_management: Cert Management cert_management: Cert Management
client_management: client_management:
redirect_to_https: Redirect to https
start_date: Start Date start_date: Start Date
end_date: End Date end_date: End Date
change_setting: Change Setting change_setting: Change Setting

View File

@ -7,6 +7,7 @@ zh_tw:
upload_cert: 上傳憑證 upload_cert: 上傳憑證
cert_management: 憑證管理 cert_management: 憑證管理
client_management: client_management:
redirect_to_https: 跳轉到https
start_date: 開始日期 start_date: 開始日期
end_date: 結束日期 end_date: 結束日期
change_setting: 變更設定 change_setting: 變更設定

View File

@ -131,6 +131,11 @@ namespace :create_site do
site_cert.save site_cert.save
site_construct.update(:site_cert=>site_cert) site_construct.update(:site_cert=>site_cert)
end end
if nginx_file_content.match(/\s*return\s+30[12]\s+https:\/\/\$host\$request_uri\s*;/)
site_construct.update(:redirect_to_https => true)
else
site_construct.update(:redirect_to_https => false)
end
end end
end end
end end