Audit Log items, backend stuff, help pages

src/backend/templates/dead_host.conf

@@ -0,0 +1,19 @@
+# <%- hostname %>
+server {
+  listen 80;
+  <%- typeof ssl !== 'undefined' && ssl ? 'listen 443 ssl;' : '' %>
+
+  server_name <%- hostname %>;
+
+  access_log /config/logs/<%- hostname %>.log proxy;
+
+<% if (typeof ssl !== 'undefined' && ssl) { -%>
+  include conf.d/include/ssl-ciphers.conf;
+  ssl_certificate /etc/letsencrypt/live/<%- hostname %>/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/<%- hostname %>/privkey.pem;
+<% } -%>
+
+  <%- typeof advanced !== 'undefined' && advanced ? advanced : '' %>
+
+  return 404;
+}

src/backend/templates/letsencrypt.conf

@@ -0,0 +1,11 @@
+# Letsencrypt Verification Temporary Host: <%- hostname %>
+server {
+  listen 80;
+  server_name <%- hostname %>;
+
+  access_log /config/logs/letsencrypt.log proxy;
+
+  location / {
+    root /config/letsencrypt-acme-challenge;
+  }
+}

src/backend/templates/proxy_host.conf

@@ -0,0 +1,33 @@
+# <%- hostname %>
+server {
+  listen 80;
+  <%- typeof ssl !== 'undefined' && ssl ? 'listen 443 ssl;' : '' %>
+
+  server_name <%- hostname %>;
+
+  access_log /config/logs/<%- hostname %>.log proxy;
+
+  set $server <%- forward_server %>;
+  set $port   <%- forward_port %>;
+
+  <%- typeof asset_caching !== 'undefined' && asset_caching ? 'include conf.d/include/assets.conf;' : '' %>
+  <%- typeof block_exploits !== 'undefined' && block_exploits ? 'include conf.d/include/block-exploits.conf;' : '' %>
+
+<% if (typeof ssl !== 'undefined' && ssl) { -%>
+  include conf.d/include/letsencrypt-acme-challenge.conf;
+  include conf.d/include/ssl-ciphers.conf;
+  ssl_certificate /etc/letsencrypt/live/<%- hostname %>/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/<%- hostname %>/privkey.pem;
+<% } -%>
+
+<%- typeof advanced !== 'undefined' && advanced ? advanced : '' %>
+
+  location / {
+    <% if (typeof access_list_id !== 'undefined' && access_list_id) { -%>
+    auth_basic            "Authorization required";
+    auth_basic_user_file  /config/access/<%- access_list_id %>;
+    <% } -%>
+    <%- typeof force_ssl !== 'undefined' && force_ssl ? 'include conf.d/include/force-ssl.conf;' : '' %>
+    include conf.d/include/proxy.conf;
+  }
+}

src/backend/templates/redirection_host.conf

@@ -0,0 +1,22 @@
+# <%- hostname %>
+server {
+  listen 80;
+  <%- typeof ssl !== 'undefined' && ssl ? 'listen 443 ssl;' : '' %>
+
+  server_name <%- hostname %>;
+
+  access_log /config/logs/<%- hostname %>.log proxy;
+
+  <%- typeof asset_caching !== 'undefined' && asset_caching ? 'include conf.d/include/assets.conf;' : '' %>
+  <%- typeof block_exploits !== 'undefined' && block_exploits ? 'include conf.d/include/block-exploits.conf;' : '' %>
+
+<% if (typeof ssl !== 'undefined' && ssl) { -%>
+  include conf.d/include/ssl-ciphers.conf;
+  ssl_certificate /etc/letsencrypt/live/<%- hostname %>/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/<%- hostname %>/privkey.pem;
+<% } -%>
+
+  <%- typeof advanced !== 'undefined' && advanced ? advanced : '' %>
+
+  return 301 $scheme://<%- forward_host %>$request_uri;
+}

src/backend/templates/stream.conf

@@ -0,0 +1,11 @@
+# <%- incoming_port %> - <%- protocols.join(',').toUpperCase() %>
+<%
+protocols.forEach(function (protocol) {
+%>
+server {
+    listen <%- incoming_port %> <%- protocol === 'tcp' ? '' : protocol %>;
+    proxy_pass <%- forward_server %>:<%- forward_port %>;
+}
+<%
+});
+%>