[~] Refactor

2024-09-18 00:00:51 +03:00 · 2024-09-18 00:00:51 +03:00 · 16a075b19c
commit 16a075b19c
parent 92fe90b042
2 changed files with 41 additions and 28 deletions
--- a/d1/nginx_config.py
+++ b/d1/nginx_config.py
@ -199,6 +199,39 @@ def ssl(input_json, output_conf):

    servers = []

+    if 'stream_server' in ssl_nginx:
+        ssl_port = 444
+        stream_server = r'''
+stream {
+    upstream web {
+        server 127.0.0.1:444;
+    }
+
+    upstream ssh {
+        server {ssh};
+    }
+
+    map $ssl_preread_protocol $upstream {
+        default ssh;
+        "TLSv1.2" web;
+        "TLSv1.3" web;
+    }
+
+    # SSH and SSL on the same port
+    server {
+        listen 443;
+
+        proxy_pass $upstream;
+        ssl_preread on;
+    }
+}
+        '''.replace(
+            '{ssh}', str(ssl_nginx['stream_server'])[:256]
+        )
+    else:
+        stream_server = ''
+        ssl_port = 443
+
    if 'default_server' in ssl_nginx:
        server = ssl_nginx['default_server']

@ -211,7 +244,7 @@ server {
    set $t1 $http_x_forwarded_for;
  }

-  listen 443 ssl default_server;
+  listen {ssl_port} ssl default_server;
  server_name _;

  client_max_body_size {client_max_body_size};
@ -227,6 +260,8 @@ server {
                  '{client_max_body_size}', server['client_max_body_size'],
              ).replace(
                  '{domain_key}', server['domain_key'],
+              ).replace(
+                  '{ssl_port}', '%d' % ssl_port,
              )
        )

@ -264,7 +299,7 @@ server {
    set $t1 $http_x_forwarded_for;
  }

-  listen 443 ssl;
+  listen {ssl_port} ssl;
  server_name {server_names};

  client_max_body_size {client_max_body_size};
@ -291,35 +326,11 @@ server {
                  '{client_max_body_size}', server['client_max_body_size'],
              ).replace(
                  '{domain_key}', server['domain_key'],
+              ).replace(
+                  '{ssl_port}', '%d' % ssl_port,
              )
        )

-    if 'stream_server' in ssl_nginx:
-        stream_server = r'''
-stream {
-    upstream web {
-        server {web};
-    }
-
-    map $ssl_preread_protocol $upstream {
-        default ssh;
-        "TLSv1.2" web;
-        "TLSv1.3" web;
-    }
-
-    # SSH and SSL on the same port
-    server {
-        listen 443;
-
-        proxy_pass $upstream;
-        ssl_preread on;
-    }
-}
-        '''.replace(
-            '{web}', str(ssl_nginx['stream_server'])[:256]
-        )
-    else:
-        stream_server = ''

    with io.open(
        output_conf,
--- a/dotfiles/.local/bin/commands
+++ b/dotfiles/.local/bin/commands
@ -3365,6 +3365,8 @@ def media_keys(argv):
 def commands_cli():
    logging.getLogger().setLevel(logging.INFO)
    logger.setLevel(logging.INFO)
+    handler = logging.StreamHandler(sys.stderr)
+    logging.getLogger().addHandler(handler)

    msg = None