From fd25523a4da9f816bb0c303c6539c1f7393e7453 Mon Sep 17 00:00:00 2001
From: Wonderfall <wonderfall@schrodinger.io>
Date: Mon, 30 May 2016 00:47:27 +0200
Subject: [PATCH] boring-nginx: add ngxproxy utility

---
 boring-nginx/ngxproxy         | 56 +++++++++++++++++++++++++++++++++++
 boring-nginx/vhost_http.conf  | 11 +++++++
 boring-nginx/vhost_https.conf | 23 ++++++++++++++
 3 files changed, 90 insertions(+)
 create mode 100644 boring-nginx/ngxproxy
 create mode 100644 boring-nginx/vhost_http.conf
 create mode 100644 boring-nginx/vhost_https.conf

diff --git a/boring-nginx/ngxproxy b/boring-nginx/ngxproxy
new file mode 100644
index 0000000..c20b05c
--- /dev/null
+++ b/boring-nginx/ngxproxy
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+echo ""
+echo "Welcome to ngxproxy utility."
+echo "We're about to create a new vhost."
+echo ""
+
+read -p "Name: " NAME
+read -p "Domain: " DOMAIN
+read -p "Container: " CONTAINER
+read -p "Port (blank means 80): " PORT
+
+while [[ "$HTTPS" !=  "y" && "$HTTPS" != "n" ]]; do
+    read -p "HTTPS [y/n]: " HTTPS
+done
+
+if [ "$HTTPS" == "y" ]; then
+    read -p "Certificate path: " CERTIFICATE_PATH
+    read -p "Certificate key path: " KEY_PATH
+    cp /etc/nginx/conf/vhost_https.conf /sites-enabled/${NAME}.conf
+    sed -i \
+        -e "s|<CERTIFICATE_PATH>|${CERTIFICATE_PATH}|g" \
+        -e "s|<KEY_PATH>|${KEY_PATH}|g" \
+        /sites-enabled/${NAME}.conf
+        
+    while [[ "$HEADERS" !=  "y" && "$HEADERS" != "n" ]]; do
+        read -p "Secure headers [y/n]: " HEADERS
+    done
+
+    if [ "$HEADERS" == "y" ]; then
+        sed -i 's|#include /etc/nginx/conf/headers_params|include /etc/nginx/conf/headers_params|g' \
+            /sites-enabled/${NAME}.conf
+    fi
+else
+    cp /etc/nginx/conf/vhost_http.conf /sites-enabled/${NAME}.conf
+fi
+
+
+read -p "Max body size (value in MB, or n): " MAX_BODY_SIZE
+
+if [ "$MAX_BODY_SIZE" != "n" ]; then
+    sed -i "s|#client_max_body_size <MAX_BODY_SIZE>|client_max_body_size ${MAX_BODY_SIZE}|g" \
+        /sites-enabled/${NAME}.conf
+fi
+
+sed -i \
+    -e "s|<DOMAIN>|${DOMAIN}|g" \
+    -e "s|<CONTAINER>|${CONTAINER}|g" \
+    -e "s|<PORT>|${PORT}|g" \
+    /sites-enabled/${NAME}.conf
+
+echo ""
+echo "It's done : ${NAME}.conf has been generated."
+echo "Restart boring-nginx to apply these modifications."
+echo ""
+exit 1
diff --git a/boring-nginx/vhost_http.conf b/boring-nginx/vhost_http.conf
new file mode 100644
index 0000000..22f7d29
--- /dev/null
+++ b/boring-nginx/vhost_http.conf
@@ -0,0 +1,11 @@
+server {
+  listen 8000;
+  server_name <DOMAIN>;
+
+  #client_max_body_size <MAX_BODY_SIZE>M;
+
+  location / {
+    proxy_pass http://<CONTAINER>:<PORT>;
+    include /etc/nginx/conf/proxy_params;
+  }
+}
diff --git a/boring-nginx/vhost_https.conf b/boring-nginx/vhost_https.conf
new file mode 100644
index 0000000..99d19bc
--- /dev/null
+++ b/boring-nginx/vhost_https.conf
@@ -0,0 +1,23 @@
+server {
+  listen 8000;
+  server_name <DOMAIN>;
+  return 301 https://$host$request_uri;
+}
+
+server {
+  listen 4430 ssl http2;
+  server_name <DOMAIN>;
+
+  ssl_certificate <CERTIFICATE_PATH>;
+  ssl_certificate_key <KEY_PATH>;
+
+  include /conf.d/ssl_params.conf;
+  #include /etc/nginx/conf/headers_params;
+
+  #client_max_body_size <MAX_BODY_SIZE>M;
+
+  location / {
+    proxy_pass http://<CONTAINER>:<PORT>;
+    include /etc/nginx/conf/proxy_params;
+  }
+}