summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--PKGBUILD5
-rw-r--r--configs/nginx/listen-http.conf2
-rw-r--r--configs/nginx/listen-https.conf2
-rw-r--r--configs/nginx/nginx.conf17
-rw-r--r--configs/nginx/redirect-to-https.conf1
-rw-r--r--kvmd.install3
6 files changed, 17 insertions, 13 deletions
diff --git a/PKGBUILD b/PKGBUILD
index e724aa59..6031b6a4 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -100,7 +100,7 @@ md5sums=(SKIP)
backup=(
etc/kvmd/{override,logging,auth,meta}.yaml
etc/kvmd/{ht,ipmi,vnc}passwd
- etc/kvmd/nginx/{kvmd.ctx-{http,server},loc-{login,nocache,proxy,websocket},mime-types,ssl,nginx}.conf
+ etc/kvmd/nginx/{kvmd.ctx-{http,server},listen-http{,s},loc-{login,nocache,proxy,websocket},mime-types,ssl,redirect-to-https,nginx}.conf
etc/kvmd/janus/janus{,.plugin.ustreamer,.transport.websockets}.jcfg
etc/kvmd/web.css
)
@@ -136,7 +136,6 @@ package_kvmd() {
cp -r configs/* "$_cfg_default"
find "$pkgdir" -name ".gitignore" -delete
- sed -i -e "s/^#PROD//g" "$_cfg_default/nginx/nginx.conf"
find "$_cfg_default" -type f -exec chmod 444 '{}' \;
chmod 400 "$_cfg_default/kvmd"/*passwd
chmod 750 "$_cfg_default/os/sudoers"
@@ -145,7 +144,7 @@ package_kvmd() {
mkdir -p "$pkgdir/etc/kvmd/"{nginx,vnc}"/ssl"
chmod 755 "$pkgdir/etc/kvmd/"{nginx,vnc}"/ssl"
install -Dm444 -t "$pkgdir/etc/kvmd/nginx" "$_cfg_default/nginx"/*.conf
- chmod 644 "$pkgdir/etc/kvmd/nginx/nginx.conf"
+ chmod 644 "$pkgdir/etc/kvmd/nginx/"{nginx,redirect-to-https,ssl,listen-http{,s}}.conf
mkdir -p "$pkgdir/etc/kvmd/janus"
chmod 755 "$pkgdir/etc/kvmd/janus"
diff --git a/configs/nginx/listen-http.conf b/configs/nginx/listen-http.conf
new file mode 100644
index 00000000..76cb18d2
--- /dev/null
+++ b/configs/nginx/listen-http.conf
@@ -0,0 +1,2 @@
+listen 80;
+listen [::]:80;
diff --git a/configs/nginx/listen-https.conf b/configs/nginx/listen-https.conf
new file mode 100644
index 00000000..f6091bbd
--- /dev/null
+++ b/configs/nginx/listen-https.conf
@@ -0,0 +1,2 @@
+listen 443 ssl http2;
+listen [::]:443 ssl http2;
diff --git a/configs/nginx/nginx.conf b/configs/nginx/nginx.conf
index 71775387..81b8265d 100644
--- a/configs/nginx/nginx.conf
+++ b/configs/nginx/nginx.conf
@@ -36,19 +36,16 @@ http {
include /etc/kvmd/nginx/kvmd.ctx-http.conf;
include /usr/share/kvmd/extras/*/nginx.ctx-http.conf;
-#PROD server {
-#PROD listen 80;
-#PROD listen [::]:80;
-#PROD server_name localhost;
-#PROD return 301 https://$host$request_uri;
-#PROD }
-
server {
-#PROD listen 443 ssl http2;
-#PROD listen [::]:443 ssl http2;
server_name localhost;
-#PROD include /etc/kvmd/nginx/ssl.conf;
+ include /etc/kvmd/nginx/listen-http.conf;
+ include /etc/kvmd/nginx/redirect-to-https.conf;
+ }
+ server {
+ server_name localhost;
+ include /etc/kvmd/nginx/listen-https.conf;
+ include /etc/kvmd/nginx/ssl.conf;
include /etc/kvmd/nginx/kvmd.ctx-server.conf;
include /usr/share/kvmd/extras/*/nginx.ctx-server.conf;
}
diff --git a/configs/nginx/redirect-to-https.conf b/configs/nginx/redirect-to-https.conf
new file mode 100644
index 00000000..7cf185dd
--- /dev/null
+++ b/configs/nginx/redirect-to-https.conf
@@ -0,0 +1 @@
+return 301 https://$host$request_uri;
diff --git a/kvmd.install b/kvmd.install
index 4a683804..e693e81a 100644
--- a/kvmd.install
+++ b/kvmd.install
@@ -15,6 +15,9 @@ post_upgrade() {
chown kvmd-ipmi:kvmd-ipmi /etc/kvmd/ipmipasswd
chown kvmd-vnc:kvmd-vnc /etc/kvmd/vncpasswd
chmod 600 /etc/kvmd/*passwd
+ for target in nginx redirect-to-https ssl listen-http listen-https; do
+ chmod 644 /etc/kvmd/nginx/$target.conf || true
+ done
chown kvmd /var/lib/kvmd/msd || true
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-23 03:55:06 +0000