@laru@pleroma.laru.dsrv.x7q.eu @luna@fedi.mldchan.dev I can't imagine the evilness
@6 @luna its a pretty small script actually, it used to be a shellscript before but i rewrote it to js (ts) because thats less painful to maintain
#!/usr/bin/env -S deno -A
import { readdirSync, readFileSync } from "node:fs";
function getIp(host: string) {
const ip = {
phobos: '10.51.93.117',
tethys: '10.51.93.115',
triton: '10.51.93.113',
miranda: '10.51.93.107',
cupid: '10.51.93.105',
}[host];
if(!ip) throw new Error(`Unknown host '${host}'`);
return ip;
}
function mkEntry(domain: string, target: string) {
const certsAvailable = readdirSync('/etc/letsencrypt/live').sort((a, b) => b.length - a.length);
const certName = certsAvailable.find(cert => domain.endsWith(cert));
const upstreamId = domain.replaceAll('.', '_');
const targetIp = getIp(target.split(':')[0]);
const targetPort = target.split(':')[1] ?? 80;
if(!certName) throw new Error(`No cert found for '${domain}'`);
console.log(`upstream ${upstreamId} {`);
console.log(`\tserver ${targetIp}:${targetPort};`);
console.log("}");
console.log();
console.log("server {");
console.log(`\tserver_name ${domain};`);
console.log();
console.log("\tlisten 80;");
console.log("\tlisten [::]:80;");
console.log("\tlisten 443 ssl;");
console.log("\tlisten [::]:443 ssl;");
console.log(`\tssl_certificate /etc/letsencrypt/live/${certName}/fullchain.pem;`);
console.log(`\tssl_certificate_key /etc/letsencrypt/live/${certName}/privkey.pem;`);
console.log("\t");
console.log("\tlocation / {");
console.log("\t\tproxy_set_header Host \$host;");
console.log("\t\tproxy_set_header X-Forwarded-Host \$host;");
console.log("\t\tproxy_set_header X-Forwarded-Server \$host;");
console.log("\t\tproxy_set_header X-Forwarded-Proto \$scheme;");
console.log("\t\tproxy_set_header X-Real-IP \$remote_addr;");
console.log("\t\tproxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;");
console.log("\t\tproxy_set_header Upgrade \$http_upgrade;");
console.log("\t\tproxy_set_header Connection \$connection_upgrade;");
console.log("\t\tproxy_http_version 1.1;");
console.log("\t\tclient_max_body_size 1G;");
console.log(`\t\tproxy_pass http://${upstreamId};`);
console.log("\t}");
console.log("}");
console.log("\n");
}
for(const line of readFileSync('proxy.list').toString().trim().split('\n')) {
const [domain, target] = line.match(/[^ \t]+/g)!;
mkEntry(domain, target);
}
Replying to @laru@pleroma.laru.dsrv.x7q.eu
@laru@pleroma.laru.dsrv.x7q.eu @luna@fedi.mldchan.dev console.spam
but w ES6 template strings you can have literal newlines, and w normal strings you can just add together w + or ending every line w backslash (bleh)
would look so much cleaner to just do a single console.log for the whole big block, instead of 20, lol
Replying to @laru@pleroma.laru.dsrv.x7q.eu
@laru@pleroma.laru.dsrv.x7q.eu @luna@fedi.mldchan.dev I love shell scripts!
fun fact, shell scripts allow you to remove leading tabs (and only tabs) off a heredoc
so you could do tab-indent, space, tab-and-or-spaces for config indent >:3