From 60347a90e98cce31343fbaae9178b1f8aa5332ef Mon Sep 17 00:00:00 2001
From: vipergts450 <60085845+vipergts450@users.noreply.github.com>
Date: Thu, 6 May 2021 11:40:40 -0400
Subject: [PATCH 1/8] Update _location.conf

---
 backend/templates/_location.conf | 35 +++++++++++++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/backend/templates/_location.conf b/backend/templates/_location.conf
index 0b8894d..cbdd2d2 100644
--- a/backend/templates/_location.conf
+++ b/backend/templates/_location.conf
@@ -3,7 +3,40 @@
     proxy_set_header X-Forwarded-Scheme $scheme;
     proxy_set_header X-Forwarded-Proto  $scheme;
     proxy_set_header X-Forwarded-For    $remote_addr;
+    proxy_set_header X-Real-IP		$remote_addr;
     proxy_pass       {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
+
+    {% if access_list_id > 0 %}
+    {% if access_list.items.length > 0 %}
+    # Authorization
+    auth_basic            "Authorization required";
+    auth_basic_user_file  /data/access/{{ access_list_id }};
+
+    {{ access_list.passauth }}
+    {% endif %}
+
+    # Access Rules
+    {% for client in access_list.clients %}
+    {{- client.rule -}};
+    {% endfor %}deny all;
+
+    # Access checks must...
+    {% if access_list.satisfy %}
+    {{ access_list.satisfy }};
+    {% endif %}
+
+    {% endif %}
+
+
+    {% include "_forced_ssl.conf" %}
+    {% include "_hsts.conf" %}
+
+    {% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection $http_connection;
+    proxy_http_version 1.1;
+    {% endif %}
+
+
     {{ advanced_config }}
   }
-

From a3b896fa70b5d2d682421aca9b2e33d08ba952e0 Mon Sep 17 00:00:00 2001
From: vipergts450 <60085845+vipergts450@users.noreply.github.com>
Date: Thu, 6 May 2021 14:48:38 -0400
Subject: [PATCH 2/8] Update _location.conf

---
 backend/templates/_location.conf | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/backend/templates/_location.conf b/backend/templates/_location.conf
index cbdd2d2..060dfa8 100644
--- a/backend/templates/_location.conf
+++ b/backend/templates/_location.conf
@@ -1,3 +1,8 @@
+{% include "_assets.conf" %}
+{% include "_exploits.conf" %}
+{% include "_hsts.conf" %}
+
+
   location {{ path }} {
     proxy_set_header Host $host;
     proxy_set_header X-Forwarded-Scheme $scheme;
@@ -6,25 +11,26 @@
     proxy_set_header X-Real-IP		$remote_addr;
     proxy_pass       {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
 
+
     {% if access_list_id > 0 %}
     {% if access_list.items.length > 0 %}
     # Authorization
     auth_basic            "Authorization required";
     auth_basic_user_file  /data/access/{{ access_list_id }};
-
+ 
     {{ access_list.passauth }}
     {% endif %}
-
+ 
     # Access Rules
     {% for client in access_list.clients %}
     {{- client.rule -}};
     {% endfor %}deny all;
-
+ 
     # Access checks must...
     {% if access_list.satisfy %}
     {{ access_list.satisfy }};
     {% endif %}
-
+ 
     {% endif %}
 
 

From e4e94d5be067ebac41f76b2f4156d25c06770bc2 Mon Sep 17 00:00:00 2001
From: vipergts450 <60085845+vipergts450@users.noreply.github.com>
Date: Thu, 6 May 2021 14:50:09 -0400
Subject: [PATCH 3/8] Update nginx.js

Adds ability for custom location templates to handle includes
---
 backend/internal/nginx.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/backend/internal/nginx.js b/backend/internal/nginx.js
index 9972d41..336a462 100644
--- a/backend/internal/nginx.js
+++ b/backend/internal/nginx.js
@@ -101,7 +101,7 @@ const internalNginx = {
 			logger.info('Testing Nginx configuration');
 		}
 
-		return utils.exec('/usr/sbin/nginx -t -g "error_log off;"');
+		return utils.exec('/usr/sbin/nginx -t ');
 	},
 
 	/**
@@ -146,7 +146,9 @@ const internalNginx = {
 				return;
 			}
 
-			let renderer          = new Liquid();
+			let renderer          = new Liquid({
+                        	root: __dirname + '/../templates/'
+             		});
 			let renderedLocations = '';
 
 			const locationRendering = async () => {

From 6a46e88f8f828609c0e2423e77f9c82410145a13 Mon Sep 17 00:00:00 2001
From: vipergts450 <60085845+vipergts450@users.noreply.github.com>
Date: Thu, 6 May 2021 22:29:21 -0400
Subject: [PATCH 4/8] Fix renderLocations to accept more parameters from host

Amend renderLocations to pass more host parameters into the custom locations to match the requirements set for the default location. This will apply all parameters set in the UI to all custom locations.
---
 backend/internal/nginx.js | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/backend/internal/nginx.js b/backend/internal/nginx.js
index 336a462..39753e5 100644
--- a/backend/internal/nginx.js
+++ b/backend/internal/nginx.js
@@ -136,6 +136,8 @@ const internalNginx = {
 	 * @returns {Promise}
 	 */
 	renderLocations: (host) => {
+
+	//	logger.info('host = ' + JSON.stringify(host, null, 2));
 		return new Promise((resolve, reject) => {
 			let template;
 
@@ -153,8 +155,13 @@ const internalNginx = {
 
 			const locationRendering = async () => {
 				for (let i = 0; i < host.locations.length; i++) {
-					let locationCopy = Object.assign({}, host.locations[i]);
-
+					let locationCopy = Object.assign({}, {access_list_id : host.access_list_id}, {certificate_id : host.certificate_id}, 
+									{ssl_forced : host.ssl_forced}, {caching_enabled : host.caching_enabled}, 
+									{block_exploits : host.block_exploits}, {allow_websocket_upgrade : host.allow_websocket_upgrade}, 
+									{http2_support : host.http2_support}, {hsts_enabled : host.hsts_enabled}, 
+									{hsts_subdomains : host.hsts_subdomains}, {access_list : host.access_list},
+									{certificate : host.certificate}, host.locations[i]);
+			
 					if (locationCopy.forward_host.indexOf('/') > -1) {
 						const splitted = locationCopy.forward_host.split('/');
 
@@ -162,12 +169,16 @@ const internalNginx = {
 						locationCopy.forward_path = `/${splitted.join('/')}`;
 					}
 
+				//	logger.info('locationCopy = ' + JSON.stringify(locationCopy, null, 2));
+
 					// eslint-disable-next-line
 					renderedLocations += await renderer.parseAndRender(template, locationCopy);
 				}
+
 			};
 
 			locationRendering().then(() => resolve(renderedLocations));
+			
 		});
 	},
 
@@ -183,6 +194,8 @@ const internalNginx = {
 			logger.info('Generating ' + host_type + ' Config:', host);
 		}
 
+		// logger.info('host = ' + JSON.stringify(host, null, 2));
+
 		let renderEngine = new Liquid({
 			root: __dirname + '/../templates/'
 		});
@@ -210,6 +223,7 @@ const internalNginx = {
 			}
 
 			if (host.locations) {
+		//		logger.info ('host.locations = ' + JSON.stringify(host.locations, null, 2));
 				origLocations    = [].concat(host.locations);
 				locationsPromise = internalNginx.renderLocations(host).then((renderedLocations) => {
 					host.locations = renderedLocations;

From 4c76803f13176bc6a11f64bec4f90f6089068e51 Mon Sep 17 00:00:00 2001
From: vipergts450 <60085845+vipergts450@users.noreply.github.com>
Date: Thu, 6 May 2021 22:30:45 -0400
Subject: [PATCH 5/8] Rearrange _location.conf template

Allow more of the main host parameters into the custom location configuration and reorder to make more sense.
---
 backend/templates/_location.conf | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/backend/templates/_location.conf b/backend/templates/_location.conf
index 060dfa8..5a7a6ab 100644
--- a/backend/templates/_location.conf
+++ b/backend/templates/_location.conf
@@ -1,8 +1,3 @@
-{% include "_assets.conf" %}
-{% include "_exploits.conf" %}
-{% include "_hsts.conf" %}
-
-
   location {{ path }} {
     proxy_set_header Host $host;
     proxy_set_header X-Forwarded-Scheme $scheme;
@@ -11,7 +6,6 @@
     proxy_set_header X-Real-IP		$remote_addr;
     proxy_pass       {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
 
-
     {% if access_list_id > 0 %}
     {% if access_list.items.length > 0 %}
     # Authorization
@@ -33,6 +27,8 @@
  
     {% endif %}
 
+    {% include "_assets.conf" %}
+    {% include "_exploits.conf" %}
 
     {% include "_forced_ssl.conf" %}
     {% include "_hsts.conf" %}
@@ -46,3 +42,4 @@
 
     {{ advanced_config }}
   }
+

From f26df7d9bb9a6fb148f4cb2b2dc29c15de2d76fb Mon Sep 17 00:00:00 2001
From: vipergts450 <60085845+vipergts450@users.noreply.github.com>
Date: Fri, 7 May 2021 22:43:22 -0400
Subject: [PATCH 6/8] Update nginx.js

---
 backend/internal/nginx.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/internal/nginx.js b/backend/internal/nginx.js
index 39753e5..68dc470 100644
--- a/backend/internal/nginx.js
+++ b/backend/internal/nginx.js
@@ -101,7 +101,7 @@ const internalNginx = {
 			logger.info('Testing Nginx configuration');
 		}
 
-		return utils.exec('/usr/sbin/nginx -t ');
+		return utils.exec('/usr/sbin/nginx -t -g "error_log off;"');
 	},
 
 	/**

From ca1ea042b20a7faa81a276dba1599e5696d8158f Mon Sep 17 00:00:00 2001
From: vipergts450 <60085845+vipergts450@users.noreply.github.com>
Date: Fri, 7 May 2021 23:31:51 -0400
Subject: [PATCH 7/8] Update nginx.js

---
 backend/internal/nginx.js | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/backend/internal/nginx.js b/backend/internal/nginx.js
index 68dc470..72f69d0 100644
--- a/backend/internal/nginx.js
+++ b/backend/internal/nginx.js
@@ -137,7 +137,7 @@ const internalNginx = {
 	 */
 	renderLocations: (host) => {
 
-	//	logger.info('host = ' + JSON.stringify(host, null, 2));
+		//logger.info('host = ' + JSON.stringify(host, null, 2));
 		return new Promise((resolve, reject) => {
 			let template;
 
@@ -149,18 +149,18 @@ const internalNginx = {
 			}
 
 			let renderer          = new Liquid({
-                        	root: __dirname + '/../templates/'
-             		});
+				root: __dirname + '/../templates/'
+			});
 			let renderedLocations = '';
 
 			const locationRendering = async () => {
 				for (let i = 0; i < host.locations.length; i++) {
-					let locationCopy = Object.assign({}, {access_list_id : host.access_list_id}, {certificate_id : host.certificate_id}, 
-									{ssl_forced : host.ssl_forced}, {caching_enabled : host.caching_enabled}, 
-									{block_exploits : host.block_exploits}, {allow_websocket_upgrade : host.allow_websocket_upgrade}, 
-									{http2_support : host.http2_support}, {hsts_enabled : host.hsts_enabled}, 
-									{hsts_subdomains : host.hsts_subdomains}, {access_list : host.access_list},
-									{certificate : host.certificate}, host.locations[i]);
+					let locationCopy = Object.assign({}, {access_list_id: host.access_list_id}, {certificate_id: host.certificate_id}, 
+									{ssl_forced: host.ssl_forced}, {caching_enabled: host.caching_enabled}, 
+									{block_exploits: host.block_exploits}, {allow_websocket_upgrade: host.allow_websocket_upgrade}, 
+									{http2_support: host.http2_support}, {hsts_enabled: host.hsts_enabled}, 
+									{hsts_subdomains: host.hsts_subdomains}, {access_list: host.access_list},
+									{certificate: host.certificate}, host.locations[i]);
 			
 					if (locationCopy.forward_host.indexOf('/') > -1) {
 						const splitted = locationCopy.forward_host.split('/');
@@ -169,7 +169,7 @@ const internalNginx = {
 						locationCopy.forward_path = `/${splitted.join('/')}`;
 					}
 
-				//	logger.info('locationCopy = ' + JSON.stringify(locationCopy, null, 2));
+					//logger.info('locationCopy = ' + JSON.stringify(locationCopy, null, 2));
 
 					// eslint-disable-next-line
 					renderedLocations += await renderer.parseAndRender(template, locationCopy);
@@ -223,7 +223,7 @@ const internalNginx = {
 			}
 
 			if (host.locations) {
-		//		logger.info ('host.locations = ' + JSON.stringify(host.locations, null, 2));
+				//logger.info ('host.locations = ' + JSON.stringify(host.locations, null, 2));
 				origLocations    = [].concat(host.locations);
 				locationsPromise = internalNginx.renderLocations(host).then((renderedLocations) => {
 					host.locations = renderedLocations;

From 69ee6b1699f9674df3c27559b74286da9c0e0fa4 Mon Sep 17 00:00:00 2001
From: vipergts450 <60085845+vipergts450@users.noreply.github.com>
Date: Fri, 7 May 2021 23:38:32 -0400
Subject: [PATCH 8/8] Update nginx.js

---
 backend/internal/nginx.js | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/backend/internal/nginx.js b/backend/internal/nginx.js
index 72f69d0..52bdd66 100644
--- a/backend/internal/nginx.js
+++ b/backend/internal/nginx.js
@@ -156,11 +156,10 @@ const internalNginx = {
 			const locationRendering = async () => {
 				for (let i = 0; i < host.locations.length; i++) {
 					let locationCopy = Object.assign({}, {access_list_id: host.access_list_id}, {certificate_id: host.certificate_id}, 
-									{ssl_forced: host.ssl_forced}, {caching_enabled: host.caching_enabled}, 
-									{block_exploits: host.block_exploits}, {allow_websocket_upgrade: host.allow_websocket_upgrade}, 
-									{http2_support: host.http2_support}, {hsts_enabled: host.hsts_enabled}, 
-									{hsts_subdomains: host.hsts_subdomains}, {access_list: host.access_list},
-									{certificate: host.certificate}, host.locations[i]);
+						{ssl_forced: host.ssl_forced}, {caching_enabled: host.caching_enabled}, {block_exploits: host.block_exploits},
+						{allow_websocket_upgrade: host.allow_websocket_upgrade}, {http2_support: host.http2_support},
+						{hsts_enabled: host.hsts_enabled}, {hsts_subdomains: host.hsts_subdomains}, {access_list: host.access_list},
+						{certificate: host.certificate}, host.locations[i]);
 			
 					if (locationCopy.forward_host.indexOf('/') > -1) {
 						const splitted = locationCopy.forward_host.split('/');