(website *model.Website, websiteSSL model.WebsiteSSL, req request.WebsiteHTTPSOp)
| 817 | } |
| 818 | |
| 819 | func applySSL(website *model.Website, websiteSSL model.WebsiteSSL, req request.WebsiteHTTPSOp) error { |
| 820 | nginxFull, err := getNginxFull(website) |
| 821 | if err != nil { |
| 822 | return nil |
| 823 | } |
| 824 | domains, err := websiteDomainRepo.GetBy(websiteDomainRepo.WithWebsiteId(website.ID)) |
| 825 | if err != nil { |
| 826 | return nil |
| 827 | } |
| 828 | httpPorts := make(map[int]struct{}) |
| 829 | httpsPorts := make(map[int]struct{}) |
| 830 | sslPort := 0 |
| 831 | |
| 832 | hasDefaultPort := false |
| 833 | for _, domain := range domains { |
| 834 | if domain.Port == nginxFull.Install.HttpPort { |
| 835 | hasDefaultPort = true |
| 836 | } |
| 837 | if domain.SSL { |
| 838 | httpsPorts[domain.Port] = struct{}{} |
| 839 | } else { |
| 840 | httpPorts[domain.Port] = struct{}{} |
| 841 | } |
| 842 | } |
| 843 | if hasDefaultPort { |
| 844 | httpsPorts[nginxFull.Install.HttpsPort] = struct{}{} |
| 845 | } |
| 846 | if len(httpsPorts) == 0 { |
| 847 | for port := range httpPorts { |
| 848 | httpsPorts[port] = struct{}{} |
| 849 | } |
| 850 | } |
| 851 | config := nginxFull.SiteConfig.Config |
| 852 | server := config.FindServers()[0] |
| 853 | |
| 854 | defaultHttpPort := strconv.Itoa(nginxFull.Install.HttpPort) |
| 855 | defaultHttpPortIPV6 := "[::]:" + defaultHttpPort |
| 856 | |
| 857 | for port := range httpsPorts { |
| 858 | sslPort = port |
| 859 | portStr := strconv.Itoa(port) |
| 860 | server.RemoveListenByBind(portStr) |
| 861 | server.RemoveListenByBind("[::]:" + portStr) |
| 862 | setListen(server, portStr, website.IPV6, req.Http3, website.DefaultServer, true) |
| 863 | } |
| 864 | |
| 865 | server.UpdateDirective("http2", []string{"on"}) |
| 866 | |
| 867 | switch req.HttpConfig { |
| 868 | case constant.HTTPSOnly: |
| 869 | server.RemoveListenByBind(defaultHttpPort) |
| 870 | server.RemoveListenByBind(defaultHttpPortIPV6) |
| 871 | server.RemoveDirective("if", []string{"($scheme"}) |
| 872 | case constant.HTTPToHTTPS: |
| 873 | if hasDefaultPort { |
| 874 | server.UpdateListen(defaultHttpPort, website.DefaultServer) |
| 875 | if website.IPV6 { |
| 876 | server.UpdateListen(defaultHttpPortIPV6, website.DefaultServer) |
no test coverage detected