maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

do not redirect when requesting let's encrypt certificates in nginx (same as we do in apache)

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2016-10-11 07:49:52 +02:00
parent e4c12b2c77
commit 91c2d4efbe
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scripts/jobs/cron_tasks.inc.http.30.nginx.php
View File

@@ -217,7 +217,9 @@ class nginx extends HttpConfigBase
} else { } else {
$_sslport = $this->checkAlternativeSslPort(); $_sslport = $this->checkAlternativeSslPort();
$mypath = 'https://' . Settings::Get('system.hostname') . $_sslport . '/'; $mypath = 'https://' . Settings::Get('system.hostname') . $_sslport . '/';
$this->nginx_data[$vhost_filename] .= "\t" . 'return 301 ' . $mypath . '$request_uri;' . "\n"; $this->nginx_data[$vhost_filename] .= "\t" . 'if ($request_uri !~ "^/\.well-known/acme-challenge/\w+$") {' . "\n";
$this->nginx_data[$vhost_filename] .= "\t\t" . 'return 301 ' . $mypath . '$request_uri;' . "\n";
$this->nginx_data[$vhost_filename] .= "\t" . '}' . "\n";
} }
} }
@@ -458,7 +460,9 @@ class nginx extends HttpConfigBase
if (substr($uri, - 1) == '/') { if (substr($uri, - 1) == '/') {
$uri = substr($uri, 0, - 1); $uri = substr($uri, 0, - 1);
} }
$vhost_content .= "\t" . 'return 301 ' . $uri . '$request_uri;' . "\n"; $vhost_content .= "\t" . 'if ($request_uri !~ "^/\.well-known/acme-challenge/\w+$") {' . "\n";
$vhost_content .= "\t\t" . 'return 301 ' . $uri . '$request_uri;' . "\n";
$vhost_content .= "\t" . '}' . "\n";
} else { } else {
mkDirWithCorrectOwnership($domain['customerroot'], $domain['documentroot'], $domain['guid'], $domain['guid'], true); mkDirWithCorrectOwnership($domain['customerroot'], $domain['documentroot'], $domain['guid'], $domain['guid'], true);