From 7f8963f6ede34931e3c9a0a90fcfe6e9d40d53ef Mon Sep 17 00:00:00 2001
From: "Go Johansson (neku)" <neku@pomf.se>
Date: Sun, 1 Jan 2023 10:26:04 +0100
Subject: [PATCH] fix

---
 Makefile                    |  2 +-
 docker/Dockerfile           | 17 +++++----
 docker/docker-entrypoint.sh |  5 ++-
 docker/nginx/uguu.conf      | 76 +++++++++++++++++++++++++------------
 docker/ssl/fullchain.pem    |  0
 docker/ssl/privkey.pem      |  0
 docker/supervisord.conf     | 32 ----------------
 7 files changed, 66 insertions(+), 66 deletions(-)
 delete mode 100644 docker/ssl/fullchain.pem
 delete mode 100644 docker/ssl/privkey.pem
 delete mode 100644 docker/supervisord.conf

diff --git a/Makefile b/Makefile
index 20a5a86..688c091 100644
--- a/Makefile
+++ b/Makefile
@@ -95,7 +95,7 @@ build-container-no-cache:
 		docker build -f docker/Dockerfile --build-arg VERSION=$(PKG_VERSION) --no-cache -t uguu:$(PKG_VERSION) .
 
 build-container:
-		tar --exclude='./uguuForDocker.tar.gz' --exclude='./vendor' --exclude='./node_modules' --exclude='./build' --exclude='./dist' --exclude='./.git' -czf uguuForDocker.tar.gz .
+		tar --exclude='uguuForDocker.tar.gz' --exclude='vendor' --exclude='node_modules' --exclude='build' --exclude='dist' --exclude='.git' -czf uguuForDocker.tar.gz .
 		mv uguuForDocker.tar.gz docker/
 		docker build -f docker/Dockerfile --build-arg DOMAIN=$(SITEDOMAIN) --build-arg FILE_DOMAIN=$(FILESDOMAIN) --build-arg CONTACT_EMAIL=$(FILESDOMAIN) -t uguu:$(PKG_VERSION) .
 
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 0aa09d7..4ec2ea8 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -17,6 +17,14 @@ RUN apt-get install -y build-essential nginx-full php8.1-fpm php8.1 sqlite3 php8
                        php8.1-mcrypt php8.1-mysql php8.1-xdebug php8.1-zip \
                        php8.1-common php8.1-readline php8.1-bcmath php8.1-common php8.1-xml
 
+
+ARG DOMAIN
+ENV DOMAIN=$DOMAIN
+ARG FILE_DOMAIN
+ENV FILE_DOMAIN=$FILE_DOMAIN
+ARG CONTACT_EMAIL
+ENV CONTACT_EMAIL=$CONTACT_EMAIL
+
 # Set default workdir
 WORKDIR  /var/www/
 
@@ -49,7 +57,8 @@ RUN chmod a+x /var/www/uguu/src/static/scripts/checkdb.sh && \
 # Copy Nginx Server conf
 COPY docker/nginx/uguu.conf /etc/nginx/sites-enabled/uguu.conf
 
-#RUN sed -i 's#XXX#$()#g' /var/www/uguu/src/static/scripts/checkfiles.sh
+RUN sed -i "s#XMAINDOMAINX#${DOMAIN}#g" /etc/nginx/sites-enabled/uguu.conf
+RUN sed -i "s#XFILESDOMAINX#${FILE_DOMAIN}#g" /etc/nginx/sites-enabled/uguu.conf
 
 # Copy SSL certs
 #COPY docker/ssl /etc/ssl
@@ -69,12 +78,6 @@ EXPOSE 443
 
 #RUN cd /var/www/uguu && make && make install
 
-ARG DOMAIN
-ENV DOMAIN=$DOMAIN
-ARG FILE_DOMAIN
-ENV FILE_DOMAIN=$FILE_DOMAIN
-ARG CONTACT_EMAIL
-ENV CONTACT_EMAIL=$CONTACT_EMAIL
 RUN curl -o acmeinstall.sh https://get.acme.sh
 RUN chmod a+x acmeinstall.sh
 RUN ./acmeinstall.sh
diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh
index 2c8c003..9f3a26f 100644
--- a/docker/docker-entrypoint.sh
+++ b/docker/docker-entrypoint.sh
@@ -3,9 +3,10 @@ cd /var/www/uguu
 npm install
 make
 make install
+service nginx stop
+rm /etc/nginx/sites-enabled/default
 /root/.acme.sh/acme.sh --set-default-ca --server letsencrypt
-/root/.acme.sh/acme.sh --issue -d $DOMAIN -w /var/www/uguu/dist/public/
-/root/.acme.sh/acme.sh --issue -d $FILE_DOMAIN -w /var/www/files/
+/root/.acme.sh/acme.sh --issue --standalone -d $DOMAIN -d $FILE_DOMAIN
 service nginx start
 service php8.1-fpm start
 tail -f /var/log/nginx/access.log
\ No newline at end of file
diff --git a/docker/nginx/uguu.conf b/docker/nginx/uguu.conf
index af13672..45b3d35 100644
--- a/docker/nginx/uguu.conf
+++ b/docker/nginx/uguu.conf
@@ -1,36 +1,64 @@
-server{
+server {
+    listen            443 ssl http2;
+    server_name       XMAINDOMAINX;
 
-    listen          80;
-    server_name     XXX;
-    #ssl on;
-    #ssl_certificate /etc/nginx/ssl/fullchain.pem;
-    #ssl_certificate_key /etc/nginx/ssl/privkey.pem;
-    #ssl_protocols TLSv1.2 TLSv1.3;
-    #ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
-    #ssl_ecdh_curve secp384r1;
+    ssl on;
+    ssl_certificate   /root/.acme.sh/XMAINDOMAINX/fullchain.cer;
+    ssl_certificate_key /root/.acme.sh/XMAINDOMAINX/XMAINDOMAINX.key;
+    ssl_protocols     TLSv1.2 TLSv1.3;
+    ssl_ciphers       'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+    ssl_ecdh_curve    secp384r1;
 
-    root /var/www/uguu/dist/public/;
-    autoindex       on;
-    access_log      on;
-    index index.html;
+    root              /var/www/uguu/dist/public/;
+    autoindex         off;
+    access_log        off;
+    index             index.html;
 
     location ~* \.(css|js|jpg|jpeg|gif|png|ico|xml|eot|woff|woff2|ttf|svg|otf|x-icon|avif|webp|apng)$ {
-    expires 30d;
+      expires         30d;
     }
 
-    client_max_body_size 128M;
-    gzip on;
-    gzip_min_length 1000;
-    gzip_comp_level 6;
-    gzip_proxied any;
-    gzip_types text/css text/js text/javascript application/javascript application/x-javascript;
+    gzip              on;
+    gzip_min_length   1000;
+    gzip_comp_level   6;
+    gzip_proxied      any;
+    gzip_types        text/css text/js text/javascript application/javascript application/x-javascript;
 
     location ~* \.php$ {
-    fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
+    fastcgi_pass     unix:/var/run/php/php8.1-fpm.sock;
     fastcgi_intercept_errors on;
-    fastcgi_index index.php;
+    fastcgi_index    index.php;
     fastcgi_split_path_info ^(.+\.php)(.*)$;
-    include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+    include          fastcgi_params;
+    fastcgi_param    SCRIPT_FILENAME $document_root$fastcgi_script_name;
     }
 }
+
+server {
+    listen           443 ssl;
+    server_name      XFILESDOMAINX;
+
+    ssl              on;
+    ssl_certificate   /root/.acme.sh/XMAINDOMAINX/fullchain.cer;
+    ssl_certificate_key /root/.acme.sh/XMAINDOMAINX/XMAINDOMAINX.key;
+    ssl_protocols    TLSv1.2 TLSv1.3;
+    ssl_ciphers      'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+    ssl_ecdh_curve   secp384r1;
+
+    root             /var/www/files/;
+    autoindex        off;
+    access_log       off;
+    index            index.html;
+  }
+
+  server {
+      listen           80;
+      server_name      XMAINDOMAINX;
+      return 301       https://XMAINDOMAINX$request_uri;
+    }
+
+  server {
+      listen           80;
+      server_name      XFILESDOMAINX;
+      return 301       https://XFILESDOMAINX$request_uri;
+    }
diff --git a/docker/ssl/fullchain.pem b/docker/ssl/fullchain.pem
deleted file mode 100644
index e69de29..0000000
diff --git a/docker/ssl/privkey.pem b/docker/ssl/privkey.pem
deleted file mode 100644
index e69de29..0000000
diff --git a/docker/supervisord.conf b/docker/supervisord.conf
deleted file mode 100644
index 7a704d3..0000000
--- a/docker/supervisord.conf
+++ /dev/null
@@ -1,32 +0,0 @@
-[supervisord]
-nodaemon=true
-logfile=/dev/null
-logfile_maxbytes=0
-pidfile=/run/supervisord.pid
-
-[program:php-fpm]
-command=php-fpm8 -F
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
-autorestart=false
-startretries=0
-
-[program:nginx]
-command=nginx -g 'daemon off;'
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
-autorestart=false
-startretries=0
-
-[program:crond]
-command=crond -b
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
-autorestart=false
-startretries=0