Add redirect to https feature.

This commit is contained in:
BoHung Chiu 2021-04-19 20:35:16 +08:00
parent 951aef1b72
commit c18df6dd78
7 changed files with 50 additions and 11 deletions

View File

@ -25,6 +25,7 @@ class Admin::SitePanelController < OrbitAdminController
end
def get_certs_for_site
site_construct = SiteConstruct.find(params[:id]) rescue nil
@site_construct = site_construct
domain_name = site_construct.domain_name rescue ""
domain_names = domain_name.split(" ").select{|s| s.present?}
domain_names_count = domain_names.count
@ -101,7 +102,7 @@ class Admin::SitePanelController < OrbitAdminController
elsif params[:type] == 'detect_sites'
extra_text = ""
if params[:key].present?
extra_text = "[#{params[:key]}]"
extra_text = "[#{params[:key].gsub(/[\(\)\[\]]/){|ff| "\\"+ff }}]"
end
Thread.new do
system("bundle exec rake create_site:detect_sites#{extra_text}")
@ -218,6 +219,7 @@ class Admin::SitePanelController < OrbitAdminController
redirect_to :back and return
elsif params[:type] == 'select_cert'
@site_construct = SiteConstruct.find(params[:id])
@site_construct.update(:redirect_to_https=>params[:redirect_to_https])
@site_construct.update(:site_cert_id=>BSON::ObjectId(params[:site_cert_id]))
Thread.new do
system("bundle exec rake create_site:change_site_cert[#{params[:id]}]")

View File

@ -22,6 +22,7 @@ class SiteConstruct
field :hidden, type: Boolean, :default => false
field :copy_id
field :only_copy_installed_module, type: Boolean, :default => false
field :redirect_to_https, type: Boolean, :default => false
field :cert_ver_added_text
field :cert_ver_file_content
field :cert_ver_location_path
@ -79,12 +80,16 @@ class SiteConstruct
end
}.join('\n')
end
def parse_nginx_text_to_server_blocks(nginx_text,get_all_blocks=false)
def match_exact_index(text,match_character,level=1)
text.enum_for(:scan,/(?:[^#{match_character}])#{match_character}{#{level}}(?!#{match_character})/m).map { offset_index=Regexp.last_match.to_s.index(match_character);Regexp.last_match.offset(0).first + offset_index}
end
def parse_nginx_text_to_server_blocks(nginx_text,get_all_blocks=false,level=1)
num = 1
nginx_text_tmp = nginx_text.gsub(/({|})/m){|ff| res = ff;((ff == '{') ? (res = ff * num;num = num + 1) : (num = num - 1;res = ff * num;)); res}
end_indices = nginx_text_tmp.enum_for(:scan,/^(?:}+\s?)+/m).map { Regexp.last_match.offset(0).first + 1 }
start_index = 0
all_blocks = end_indices.map{|i| res = nginx_text_tmp[start_index..i];start_index = i + 1;res}
end_indices = match_exact_index(nginx_text_tmp,'}',level)
start_indices = match_exact_index(nginx_text_tmp,'{',level)
start_indices = start_indices.map{|i| (i - nginx_text_tmp[0...i].reverse.index(/(}|;)/m)) rescue 0}
all_blocks = (0...end_indices.count).map{|i| nginx_text_tmp[start_indices[i]..end_indices[i]]}
all_blocks = all_blocks.map{|s| s.gsub(/[{}]+/){|ff| ff[0]}.strip}
server_blocks = all_blocks.select{|s| s.match(/\A[\s\r\n]*server\s*{/)}
if get_all_blocks
@ -112,13 +117,29 @@ class SiteConstruct
new_server_block = new_server_block.gsub(/(server_name\s+)[^;]+/m){|ff| "#{$1}#{domain_name}"}
new_server_block = new_server_block.gsub(/\s*ssl_certificate[^;]+;/,'')
if port == "443"
new_server_block = new_server_block.gsub(/(listen\s+)[^;]+;/){|ff| ff + "\n\n ssl_certificate #{self.cert_file_remote_store_path};\\n\\n ssl_certificate_key #{self.private_key_remote_store_path};\\n\\n"}
new_server_block = new_server_block.gsub(/(listen\s+)[^;]+;/){|ff| ff + "\n\n ssl_certificate #{self.cert_file_remote_store_path};\n\n ssl_certificate_key #{self.private_key_remote_store_path};\n\n"}
else
get_redirect_block = parse_nginx_text_to_server_blocks(old_server_block,true,2).select{|t| t.match(/\s*return\s+30[12]\s+https:\/\/\$host\$request_uri\s*;/)}
if get_redirect_block.count > 0
get_redirect_block.each do |redirect_block|
new_server_block = new_server_block.gsub(redirect_block,'')
end
new_server_block = new_server_block.gsub(/\n{3,}/,'\n\n')
end
if self.redirect_to_https && !self.site_cert.nil?
new_server_block = new_server_block.sub(/(listen\s+)[^;]+;[\s\r\n]*/){|ff| ff + " if ($host ~ (#{self.site_cert.domain_names.map{|s| '^'+s.gsub('.','\.').gsub('*','[^.]*').gsub(',','')}.join('|')}) ) {\n"+
" return 301 https://$host$request_uri;\n"+
" }\n"}
end
end
new_server_block = new_server_block.gsub(/[ \t\s]+\n/,"\n\n").gsub(/\n{3,}/,'\n\n')
else
'server {\n'+
' listen '+port_text+';\n\n'+
(port == "443" ? " ssl_certificate #{self.cert_file_remote_store_path};\\n\\n ssl_certificate_key #{self.private_key_remote_store_path};\\n\\n" : '')+
(port == "443" ? " ssl_certificate #{self.cert_file_remote_store_path};\n\n"+
" ssl_certificate_key #{self.private_key_remote_store_path};\n\n"+
((self.redirect_to_https && !self.site_cert.nil?) ? " if ($host ~ (#{self.site_cert.domain_names.map{|s| '^'+s.gsub('.','\.').gsub('*','[^.]*').gsub(',','')}.join('|')}) ) {\n"+
" return 301 https://$host$request_uri;\n"+
"}\n" : '') : '')+
' root '+self.full_site_path+'/public;\n\n'+
' server_name '+self.domain_name+';\n\n'+
' client_max_body_size 500m;\n\n'+

View File

@ -117,7 +117,9 @@
new_params_text = new_params_text.substr(0,new_params_text.length - 1)
if(params["id"] == id || window.refresh_flag){
close_info = true;
window.location.href = window.location.href.replace(window.location.search,new_params_text);
console.log(new_params_text);
console.log(window.location.href)
window.location.search = new_params_text;
}
}else if(status == "changing"){
window.refresh_flag = true
@ -255,10 +257,11 @@
close: function(){$( this ).dialog( "close" );},
buttons: {
"<%= t(:submit) %>": function(){
var site_cert_id = $('#https_setting_area input:checked').eq(0).val();
var redirect_to_https = ($('#https_setting_area [name="redirect_to_https"]:checked').length != 0);
var site_cert_id = $('#https_setting_area [name="site_cert"]:checked').eq(0).val();
if(site_cert_id != undefined){
console.log(site_cert_id);
$.post("<%=admin_site_panel_edit_site_path%>",{'id': id,'type':'select_cert','site_cert_id': site_cert_id}).done(function(response){
$.post("<%=admin_site_panel_edit_site_path%>",{'id': id,'type':'select_cert','site_cert_id': site_cert_id,'redirect_to_https': redirect_to_https}).done(function(response){
console.log(response);
show_infos_dialog(item);
});

View File

@ -1,6 +1,12 @@
<% if @site_certs.count == 0 %>
<%= link_to t('client_management.upload_cert'),upload_cert_admin_site_panel_index_path, :target=>"_blank" %>
<% else %>
<div class="control-group">
<label style=" font-size: 1.2em; font-weight: bold; ">
<%= check_box_tag("redirect_to_https",1,(@site_construct.redirect_to_https rescue false)) %>
<%=t("client_management.redirect_to_https")%>
</label>
</div>
<table class="table table-bordered main-list default">
<thead>
<th></th>

View File

@ -7,6 +7,7 @@ en:
upload_cert: Upload Cert
cert_management: Cert Management
client_management:
redirect_to_https: Redirect to https
start_date: Start Date
end_date: End Date
change_setting: Change Setting

View File

@ -7,6 +7,7 @@ zh_tw:
upload_cert: 上傳憑證
cert_management: 憑證管理
client_management:
redirect_to_https: 跳轉到https
start_date: 開始日期
end_date: 結束日期
change_setting: 變更設定

View File

@ -131,6 +131,11 @@ namespace :create_site do
site_cert.save
site_construct.update(:site_cert=>site_cert)
end
if nginx_file_content.match(/\s*return\s+30[12]\s+https:\/\/\$host\$request_uri\s*;/)
site_construct.update(:redirect_to_https => true)
else
site_construct.update(:redirect_to_https => false)
end
end
end
end