librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

templating - fix some site templates

This commit is contained in:
bunkerity 2021-05-24 20:52:17 +02:00
parent 633a07686f
commit bbc5bbc9e9
No known key found for this signature in database
GPG Key ID: 3D80806F12602A7C
4 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
confs2/site/https.conf
View File

@ -1,4 +1,4 @@
listen 0.0.0.0:{{ HTTPS_PORT }} ssl {% if HTTP2 == "yes" }}http2{% endif %};
listen 0.0.0.0:{{ HTTPS_PORT }} ssl {% if HTTP2 == "yes" %}http2{% endif %};
ssl_certificate {{ HTTPS_CERT }};
ssl_certificate_key {{ HTTPS_KEY }};
ssl_protocols {{ HTTPS_PROTOCOLS }};
@ -6,10 +6,10 @@ ssl_prefer_server_ciphers on;
ssl_session_tickets off;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
{% if STRICT_TRANSPORT_SECURITY != "" }}
{% if STRICT_TRANSPORT_SECURITY != "" %}
more_set_headers 'Strict-Transport-Security: {{ STRICT_TRANSPORT_SECURITY }}';
{% endif %}
{% if "TLSv1.2" in {{ HTTPS_PROTOCOLS }} %}
{% if "TLSv1.2" in HTTPS_PROTOCOLS %}
ssl_dhparam /etc/nginx/dhparam;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
{% endif %}

4
confs2/site/main-lua.conf
View File

@ -30,13 +30,13 @@ local dns_resolvers = {% raw %}{{% endraw %}{% set elements = DNS_RESOLVERS.spl
-- whitelist
local use_whitelist_ip = {% if USE_WHITELIST_IP == "yes" %}true{% else %}false{% endif %}
local use_whitelist_reverse = {% if USE_WHITELIST_REVERSE == "yes %}true{% else %}false{% endif %}
local use_whitelist_reverse = {% if USE_WHITELIST_REVERSE == "yes" %}true{% else %}false{% endif %}
local whitelist_ip_list = {% raw %}{{% endraw %}{% set elements = WHITELIST_IP_LIST.split(" ") %}{% for i in range(0, elements|length) %}"{{ elements[i] }}"{% if i < elements|length-1 %},{% endif %}{% endfor %}{% raw %}}{% endraw %}
local whitelist_reverse_list = {% raw %}{{% endraw %}{% set elements = WHITELIST_REVERSE_LIST.split(" ") %}{% for i in range(0, elements|length) %}"{{ elements[i] }}"{% if i < elements|length-1 %},{% endif %}{% endfor %}{% raw %}}{% endraw %}
-- blacklist
local use_blacklist_ip = {% if USE_BLACKLIST_IP == "yes" %}true{% else %}false{% endif %}
local use_blacklist_reverse = {% if USE_BLACKLIST_REVERSE == "yes %}true{% else %}false{% endif %}
local use_blacklist_reverse = {% if USE_BLACKLIST_REVERSE == "yes" %}true{% else %}false{% endif %}
local blacklist_ip_list = {% raw %}{{% endraw %}{% set elements = BLACKLIST_IP_LIST.split(" ") %}{% for i in range(0, elements|length) %}"{{ elements[i] }}"{% if i < elements|length-1 %},{% endif %}{% endfor %}{% raw %}}{% endraw %}
local blacklist_reverse_list = {% raw %}{{% endraw %}{% set elements = BLACKLIST_REVERSE_LIST.split(" ") %}{% for i in range(0, elements|length) %}"{{ elements[i] }}"{% if i < elements|length-1 %},{% endif %}{% endfor %}{% raw %}}{% endraw %}

4
confs2/site/server.conf
View File

@ -27,12 +27,12 @@ server {
include {{ NGINX_PREFIX }}log-lua.conf;
# ModSecurity
{% if USE_MODSECURITY == "yes" }}
{% if USE_MODSECURITY == "yes" %}
include {{ NGINX_PREFIX }}modsecurity.conf;
{% endif %}
# HTTP listen
{% if LISTEN_HTTP == "yes" }}
{% if LISTEN_HTTP == "yes" %}
listen 0.0.0.0:{{ HTTP_PORT }};
{% endif %}

2
gen/Configurator.py
View File

@ -40,6 +40,4 @@ class Configurator :
real_var = var
elif var[len(var.split("_")[0])+1:] in self.__settings :
real_var = var[len(var.split("_")[0])+1:]
print(real_var)
print(var[len(var.split("_")[0])+1:])
return real_var != "" and re.search(self.__settings[real_var]["regex"], value) and (not multisite_only or self.__settings[real_var]["context"] == "multisite")