aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--templates/docker-compose.yaml.template3
-rw-r--r--templates/nginx/common/http-listen2
-rw-r--r--templates/nginx/common/https-listen3
-rw-r--r--templates/nginx/conf.d/2fa.conf.template (renamed from templates/nginx/2fa.conf.template)6
-rw-r--r--templates/nginx/conf.d/code.conf.template (renamed from templates/nginx/code.conf.template)6
-rw-r--r--templates/nginx/conf.d/forbid_unknown_domain.conf (renamed from templates/nginx/forbid_unknown_domain.conf)5
-rw-r--r--templates/nginx/conf.d/git.conf.template (renamed from templates/nginx/git.conf.template)6
-rw-r--r--templates/nginx/conf.d/mail.conf.template (renamed from templates/nginx/mail.conf.template)6
-rw-r--r--templates/nginx/conf.d/root.conf.template (renamed from templates/nginx/root.conf.template)6
-rw-r--r--templates/nginx/conf.d/ssl.conf.template (renamed from templates/nginx/ssl.conf.template)0
-rw-r--r--templates/nginx/conf.d/timeline.conf.template (renamed from templates/nginx/timeline.conf.template)3
-rw-r--r--templates/nginx/conf.d/websocket.conf (renamed from templates/nginx/websocket.conf)0
-rw-r--r--tools/cru-py/cru/service/_template.py4
-rw-r--r--tools/cru-py/cru/template.py5
14 files changed, 30 insertions, 25 deletions
diff --git a/templates/docker-compose.yaml.template b/templates/docker-compose.yaml.template
index 4ca1f1c..f2188e1 100644
--- a/templates/docker-compose.yaml.template
+++ b/templates/docker-compose.yaml.template
@@ -27,7 +27,8 @@ services:
- "443:443"
- "443:443/udp"
volumes:
- - "./generated/nginx:/etc/nginx/conf.d:ro"
+ - "./generated/nginx/conf.d:/etc/nginx/conf.d:ro"
+ - "./generated/nginx/common:/etc/nginx/common:ro"
- "./data/certbot/certs:/etc/letsencrypt:ro"
- "./data/certbot/webroot:/srv/acme:ro"
- "blog-public:/srv/www/blog:ro"
diff --git a/templates/nginx/common/http-listen b/templates/nginx/common/http-listen
new file mode 100644
index 0000000..76cb18d
--- /dev/null
+++ b/templates/nginx/common/http-listen
@@ -0,0 +1,2 @@
+listen 80;
+listen [::]:80;
diff --git a/templates/nginx/common/https-listen b/templates/nginx/common/https-listen
new file mode 100644
index 0000000..db2f68e
--- /dev/null
+++ b/templates/nginx/common/https-listen
@@ -0,0 +1,3 @@
+listen 443 ssl;
+listen [::]:443 ssl;
+http2 on;
diff --git a/templates/nginx/2fa.conf.template b/templates/nginx/conf.d/2fa.conf.template
index aad66c1..278e4a1 100644
--- a/templates/nginx/2fa.conf.template
+++ b/templates/nginx/conf.d/2fa.conf.template
@@ -1,7 +1,6 @@
server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
server_name 2fa.${CRUPEST_DOMAIN};
+ include common/https-listen;
location / {
include common/proxy-common;
@@ -10,9 +9,8 @@ server {
}
server {
- listen 80;
- listen [::]:80;
server_name 2fa.${CRUPEST_DOMAIN};
+ include common/http-listen;
include common/https-redirect;
include common/acme-challenge;
diff --git a/templates/nginx/code.conf.template b/templates/nginx/conf.d/code.conf.template
index a67500d..205c7ba 100644
--- a/templates/nginx/code.conf.template
+++ b/templates/nginx/conf.d/code.conf.template
@@ -1,7 +1,6 @@
server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
server_name code.${CRUPEST_DOMAIN};
+ include common/https-listen;
location / {
include common/proxy-common;
@@ -13,9 +12,8 @@ server {
server {
- listen 80;
- listen [::]:80;
server_name code.${CRUPEST_DOMAIN};
+ include common/http-listen;
include common/https-redirect;
include common/acme-challenge;
diff --git a/templates/nginx/forbid_unknown_domain.conf b/templates/nginx/conf.d/forbid_unknown_domain.conf
index ae96393..515942b 100644
--- a/templates/nginx/forbid_unknown_domain.conf
+++ b/templates/nginx/conf.d/forbid_unknown_domain.conf
@@ -1,8 +1,9 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
- listen 443 ssl http2 default_server;
- listen [::]:443 ssl http2 default_server;
+ listen 443 ssl default_server;
+ listen [::]:443 ssl default_server;
+ http2 on;
return 444;
}
diff --git a/templates/nginx/git.conf.template b/templates/nginx/conf.d/git.conf.template
index ea2a627..3a2948c 100644
--- a/templates/nginx/git.conf.template
+++ b/templates/nginx/conf.d/git.conf.template
@@ -1,7 +1,6 @@
server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
server_name git.${CRUPEST_DOMAIN};
+ include common/https-listen;
location / {
include common/proxy-common;
@@ -13,9 +12,8 @@ server {
server {
- listen 80;
- listen [::]:80;
server_name git.${CRUPEST_DOMAIN};
+ include common/http-listen;
include common/https-redirect;
include common/acme-challenge;
diff --git a/templates/nginx/mail.conf.template b/templates/nginx/conf.d/mail.conf.template
index ba2e44e..40adf28 100644
--- a/templates/nginx/mail.conf.template
+++ b/templates/nginx/conf.d/mail.conf.template
@@ -1,7 +1,6 @@
server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
server_name mail.${CRUPEST_DOMAIN};
+ include common/https-listen;
location / {
include common/proxy-common;
@@ -18,9 +17,8 @@ server {
server {
- listen 80;
- listen [::]:80;
server_name mail.${CRUPEST_DOMAIN};
+ include common/http-listen;
include common/https-redirect;
include common/acme-challenge;
diff --git a/templates/nginx/root.conf.template b/templates/nginx/conf.d/root.conf.template
index 3f20cf1..a0b08f8 100644
--- a/templates/nginx/root.conf.template
+++ b/templates/nginx/conf.d/root.conf.template
@@ -1,7 +1,6 @@
server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
server_name ${CRUPEST_DOMAIN};
+ include common/https-listen;
location / {
root /srv/www;
@@ -19,9 +18,8 @@ server {
}
server {
- listen 80;
- listen [::]:80;
server_name ${CRUPEST_DOMAIN};
+ include common/http-listen;
include common/https-redirect;
include common/acme-challenge;
diff --git a/templates/nginx/ssl.conf.template b/templates/nginx/conf.d/ssl.conf.template
index 54205f1..54205f1 100644
--- a/templates/nginx/ssl.conf.template
+++ b/templates/nginx/conf.d/ssl.conf.template
diff --git a/templates/nginx/timeline.conf.template b/templates/nginx/conf.d/timeline.conf.template
index db908e8..a467594 100644
--- a/templates/nginx/timeline.conf.template
+++ b/templates/nginx/conf.d/timeline.conf.template
@@ -1,7 +1,6 @@
server {
- listen 80;
- listen [::]:80;
server_name timeline.${CRUPEST_DOMAIN};
+ include common/http-listen;
include common/acme-challenge;
}
diff --git a/templates/nginx/websocket.conf b/templates/nginx/conf.d/websocket.conf
index 32af4c3..32af4c3 100644
--- a/templates/nginx/websocket.conf
+++ b/templates/nginx/conf.d/websocket.conf
diff --git a/tools/cru-py/cru/service/_template.py b/tools/cru-py/cru/service/_template.py
index ca2135f..b6affd1 100644
--- a/tools/cru-py/cru/service/_template.py
+++ b/tools/cru-py/cru/service/_template.py
@@ -1,4 +1,5 @@
from argparse import Namespace
+import shutil
from cru import CruIterator
from cru.template import TemplateTree
@@ -47,6 +48,8 @@ class TemplateManager(AppCommandFeatureProvider):
def _generate_files(self, dry_run: bool) -> None:
config_manager = self.app.get_feature(ConfigManager)
+ if not dry_run:
+ shutil.rmtree(self.generated_dir.full_path)
self.template_tree.generate_to(
self.generated_dir.full_path_str, config_manager.get_str_dict(), dry_run
)
@@ -78,3 +81,4 @@ class TemplateManager(AppCommandFeatureProvider):
self._generate_files(dry_run)
if dry_run:
print("Dry run successfully.")
+ print(f"Will delete dir {self.generated_dir.full_path_str}.")
diff --git a/tools/cru-py/cru/template.py b/tools/cru-py/cru/template.py
index 74a5c9a..9f0b560 100644
--- a/tools/cru-py/cru/template.py
+++ b/tools/cru-py/cru/template.py
@@ -142,6 +142,11 @@ class TemplateTree:
) -> None:
for file, template in self.templates:
des = CruPath(destination) / file
+ if self.template_file_suffix is not None and des.name.endswith(
+ self.template_file_suffix
+ ):
+ des = des.parent / (des.name[: -len(self.template_file_suffix)])
+
text = template.generate(variables)
if not dry_run:
des.parent.mkdir(parents=True, exist_ok=True)
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-12 08:10:48 +0000