allow custom ports from params file

2019-10-17 21:43:28 -06:00 · 2019-10-17 21:43:28 -06:00 · 9fee0fdebf
parent 39fa12eab6
commit 9fee0fdebf
3 changed files with 15 additions and 7 deletions
--- a/ab-nginx.sh
+++ b/ab-nginx.sh
@ -15,6 +15,8 @@ yellow=$(tput setaf 3)
 ### parameter defaults
 container_name="ab-nginx"
 shell=false
+HTTP_PORT=80
+HTTPS_PORT=443
 unset CONFIG_DIR
 unset WEBROOT_DIR
 unset vmount
@ -159,7 +161,7 @@ if [ -z "$SSL_CERT" ]; then
        docker run --rm -it --name ${container_name} \
            --env-file ab-nginx.params \
            $vmount \
-            -p 80:80 \
+            -p ${HTTP_PORT}:80 \
            ab-nginx:testing /bin/sh
    else
        # exec normally
@ -167,7 +169,7 @@ if [ -z "$SSL_CERT" ]; then
        docker run --rm -d --name ${container_name} \
        --env-file ab-nginx.params \
        $vmount \
-        -p 80:80 \
+        -p ${HTTP_PORT}:80 \
        ab-nginx:testing
    fi
 # run with TLS1.2
@ -182,7 +184,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = FALSE ]; then
            -v "$SSL_KEY":/certs/privkey.pem:ro \
            -v "$SSL_CHAIN":/certs/chain.pem:ro \
            -v "$DH":/certs/dhparam.pem:ro \
-            -p 80:80 -p 443:443 \
+            -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
            ab-nginx:testing /bin/sh
    else
        # exec normally
@ -194,7 +196,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = FALSE ]; then
            -v "$SSL_KEY":/certs/privkey.pem:ro \
            -v "$SSL_CHAIN":/certs/chain.pem:ro \
            -v "$DH":/certs/dhparam.pem:ro \
-            -p 80:80 -p 443:443 \
+            -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
            ab-nginx:testing
    fi
 # run with TLS1.3
@ -208,7 +210,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = TRUE ]; then
            -v "$SSL_CERT":/certs/fullchain.pem:ro \
            -v "$SSL_KEY":/certs/privkey.pem:ro \
            -v "$SSL_CHAIN":/certs/chain.pem:ro \
-            -p 80:80 -p 443:443 \
+            -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
            ab-nginx:testing /bin/sh
    else
        # exec normally
@ -219,7 +221,7 @@ elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = TRUE ]; then
            -v "$SSL_CERT":/certs/fullchain.pem:ro \
            -v "$SSL_KEY":/certs/privkey.pem:ro \
            -v "$SSL_CHAIN":/certs/chain.pem:ro \
-            -p 80:80 -p 443:443 \
+            -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
            ab-nginx:testing
    fi
 fi
--- a/build/entrypoint.sh
+++ b/build/entrypoint.sh
@ -10,6 +10,12 @@ printf "\nUpdating server name list... "
 sed -i -e "s%<SERVER_NAMES>%${SERVER_NAMES}%" /etc/nginx/server_names.conf
 printf "done\n"

+# update HTTPS redirect port if SSL server test block exists
+if [ -f "/etc/nginx/sites/note" ]; then
+    printf "\nUpdating port redirects...\n"
+    sed -i -e "s%<HTTPS_PORT>%${HTTPS_PORT}%" /etc/nginx/sites/05-test_secured.conf.disabled
+fi
+
 # activate HSTS
 if [ "$HSTS" = TRUE ]; then
    printf "Activating HSTS configuration... "
--- a/build/sites/05-test_secured.conf.disabled
+++ b/build/sites/05-test_secured.conf.disabled
@ -6,7 +6,7 @@ server {

    # default redirect to properly formed HTTPS location
    location / {
-        return 301 https://$host$request_uri;
+        return 301 https://$host:<HTTPS_PORT>$request_uri;
    }
    
    # process Let's Encrypt challenges