fix security headers and sockets

Signed-off-by: Zoey <zoey@z0ey.de>
2025-08-03 16:03:38 +00:00 · 2023-10-10 19:33:30 +02:00
parent dec9dc990f
commit efcca74d67
11 changed files with 16 additions and 100 deletions
--- a/backend/internal/nginx.js
+++ b/backend/internal/nginx.js
@@ -271,55 +271,6 @@ const internalNginx = {
 		});
 	},

-	/**
-	 * This generates a temporary nginx config listening on port 80 for the domain names listed
-	 * in the certificate setup. It allows the certbot acme challenge to be requested by certbot
-	 * when requesting a certificate without having a hostname set up already.
-	 *
-	 * @param   {Object}  certificate
-	 * @returns {Promise}
-	 */
-	generateLetsEncryptRequestConfig: (certificate) => {
-		if (config.debug()) {
-			logger.info('Generating certbot Request Config:', certificate);
-		}
-
-		const renderEngine = utils.getRenderEngine();
-
-		return new Promise((resolve, reject) => {
-			let template = null;
-			let filename = '/usr/local/nginx/conf/conf.d/certbot_' + certificate.id + '.conf';
-
-			try {
-				template = fs.readFileSync(__dirname + '/../templates/certbot-request.conf', {encoding: 'utf8'});
-			} catch (err) {
-				reject(new error.ConfigurationError(err.message));
-				return;
-			}
-
-			certificate.ipv6 = internalNginx.ipv6Enabled();
-
-			renderEngine
-				.parseAndRender(template, certificate)
-				.then((config_text) => {
-					fs.writeFileSync(filename, config_text, {encoding: 'utf8'});
-
-					if (config.debug()) {
-						logger.success('Wrote config:', filename, config_text);
-					}
-
-					resolve(true);
-				})
-				.catch((err) => {
-					if (config.debug()) {
-						logger.warn('Could not write ' + filename + ':', err.message);
-					}
-
-					reject(new error.ConfigurationError(err.message));
-				});
-		});
-	},
-
 	/**
 	 * A simple wrapper around unlinkSync that writes to the logger
 	 *
@@ -343,19 +294,6 @@ const internalNginx = {
 		return host_type.replace(new RegExp('-', 'g'), '_');
 	},

-	/**
-	 * This removes the temporary nginx config file generated by `generateLetsEncryptRequestConfig`
-	 *
-	 * @param   {Object}  certificate
-	 * @returns {Promise}
-	 */
-	deleteLetsEncryptRequestConfig: (certificate) => {
-		const config_file = '/usr/local/nginx/conf/conf.d/letsencrypt_' + certificate.id + '.conf';
-		return new Promise((resolve/*, reject*/) => {
-			internalNginx.deleteFile(config_file);
-			resolve();
-		});
-	},

 	/**
 	 * @param   {String}  host_type