Add tests for nginx.conf directives (#1)

Adds tests to make sure all the `nginx.conf` directives (the redirects and rewrites and such) are all correct. - Uses the `busted` framework - The tests are run in a Docker container by the bash script `test.sh` - Self-signed certs are generated in `Dockerfile` for all the domain names - Adds new `Makefile` commands: `test`, `image-build` and `image-rm` Reviewed-on: #1 Co-authored-by: Catalin Mititiuc <webdevcat@proton.me> Co-committed-by: Catalin Mititiuc <webdevcat@proton.me>
2025-06-14 21:54:21 +00:00
parent dec9e4b5ea
commit 85fba54152
8 changed files with 257 additions and 34 deletions
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -8,6 +8,10 @@ events {
 http {
    server {
        listen 80;
+        return 301 https://$host$request_uri;
+    }
+
+    server {
        listen 443 ssl;

        include mime.types;
@@ -30,7 +34,7 @@ http {

        # redirect requests ending in a forward slash
        location ~ ^/(.+)/$ {
-            return 302 /$1;
+            return 301 /$1;
        }

        location /css {
@@ -49,7 +53,7 @@ http {

        location / {
            client_max_body_size 1024M;
-            proxy_pass http://localhost:3000;
+            proxy_pass http://unix:/run/gitea/gitea.socket;
            proxy_set_header Connection $http_connection;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Host $host;
@@ -93,7 +97,7 @@ http {
            return 301 https://miti.sh$request_uri;
        }

-        location ~ ^/git/(.*)$ {
+        location ~ ^/git/?(.*)$ {
            return 301 https://git.miti.sh/ccm/$1;
        }

@@ -101,20 +105,32 @@ http {
            return 301 https://apps.miti.sh/$1;
        }
    }
+
    server {
        listen 443 ssl;
        server_name git.webdevcat.me;

-        location ^~ /.well-known/acme-challenge {
-            alias /var/www/dehydrated;
-        }
-    }
-    server {
-        listen 443 ssl;
-        server_name apps.webdevcat.me;
+        ssl_certificate /var/www/certs/webdevcat.me/fullchain.pem;
+        ssl_certificate_key /var/www/certs/webdevcat.me/privkey.pem;

        location ^~ /.well-known/acme-challenge {
            alias /var/www/dehydrated;
        }
+
+        return 301 https://git.miti.sh$request_uri;
+    }
+
+    server {
+        listen 443 ssl;
+        server_name apps.webdevcat.me;
+
+        ssl_certificate /var/www/certs/webdevcat.me/fullchain.pem;
+        ssl_certificate_key /var/www/certs/webdevcat.me/privkey.pem;
+
+        location ^~ /.well-known/acme-challenge {
+            alias /var/www/dehydrated;
+        }
+
+        return 301 https://apps.miti.sh$request_uri;
    }
 }