fix(core): update

.gitignore

@@ -1,5 +1,22 @@
-node_modules/
-nginxconfig/
+.nogit/
+
+# artifacts
 coverage/
-docs/
-.nogit/
+public/
+pages/
+
+# installs
+node_modules/
+
+# caches
+.yarn/
+.cache/
+.rpt2_cache
+
+# builds
+dist/
+dist_web/
+dist_serve/
+dist_ts_web/
+
+# custom

.gitlab-ci.yml

@@ -1,30 +1,119 @@
-image: hosttoday/ht-docker-node:npmci
+# gitzone ci_default
+image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
+
+cache:
+  paths:
+  - .npmci_cache/
+  key: "$CI_BUILD_STAGE"
 
 stages:
+- security
 - test
 - release
+- metadata
 
-before_script:
-  - "apt-get update && apt-get install nginx -y"
-    
-testSTABLE:
+# ====================
+# security stage
+# ====================
+mirror:
+  stage: security
+  script:
+  - npmci git mirror
+  tags:
+  - docker
+  - notpriv
+
+snyk:
+  stage: security
+  script:
+    - npmci npm prepare
+    - npmci command npm install -g snyk
+    - npmci command npm install --ignore-scripts
+    - npmci command snyk test
+  tags:
+  - docker
+  - notpriv
+
+# ====================
+# test stage
+# ====================
+
+testLTS:
   stage: test
   script:
-    - npmci npm install
-    - npmci npm test stable
-  only:
-    - tags
+  - npmci npm prepare
+  - npmci node install lts
+  - npmci npm install
+  - npmci npm test
+  coverage: /\d+.?\d+?\%\s*coverage/
   tags:
-    - docker
-    - notpriv
+  - docker
+  - priv
+
+testBuild:
+  stage: test
+  script:
+  - npmci npm prepare
+  - npmci node install lts
+  - npmci npm install
+  - npmci command npm run build
+  coverage: /\d+.?\d+?\%\s*coverage/
+  tags:
+  - docker
+  - notpriv
 
 release:
   stage: release
-  environment: npmjs-com_registry
   script:
+  - npmci node install lts
+  - npmci npm publish
+  only:
+  - tags
+  tags:
+  - docker
+  - notpriv
+
+# ====================
+# metadata stage
+# ====================
+codequality:
+  stage: metadata
+  allow_failure: true
+  script:
+    - npmci command npm install -g tslint typescript
+    - npmci npm install
+    - npmci command "tslint -c tslint.json ./ts/**/*.ts"
+  tags:
+  - docker
+  - priv
+
+trigger:
+  stage: metadata
+  script:
+  - npmci trigger
+  only:
+  - tags
+  tags:
+  - docker
+  - notpriv
+
+pages:
+  image: hosttoday/ht-docker-dbase:npmci
+  services:
+   - docker:18-dind
+  stage: metadata
+  script:
+    - npmci command npm install -g @gitzone/tsdoc
     - npmci npm prepare
-    - npmci npm publish
+    - npmci npm install
+    - npmci command tsdoc
+  tags:
+    - docker
+    - notpriv
   only:
     - tags
-  tags:
-    - docker
+  artifacts:
+    expire_in: 1 week
+    paths:
+    - public
+  allow_failure: true

README.md

@@ -1,17 +1,20 @@
-# smartnginx
-
+# @pushrocks/smartnginx
 control nginx from node, TypeScript ready
 
-## Status
+## Availabililty and Links
+* [npmjs.org (npm package)](https://www.npmjs.com/package/@pushrocks/smartnginx)
+* [gitlab.com (source)](https://gitlab.com/pushrocks/smartnginx)
+* [github.com (source mirror)](https://github.com/pushrocks/smartnginx)
+* [docs (typedoc)](https://pushrocks.gitlab.io/smartnginx/)
 
+## Status for master
 [![build status](https://gitlab.com/pushrocks/smartnginx/badges/master/build.svg)](https://gitlab.com/pushrocks/smartnginx/commits/master)
-
-## Features
-
-- easy reverse configuration
-- automatic letsencrypt DNS01 challenge based ssl cert generation
-- automatic nginx process handling zero-downtime config reloading
-- works in Docker environements
+[![coverage report](https://gitlab.com/pushrocks/smartnginx/badges/master/coverage.svg)](https://gitlab.com/pushrocks/smartnginx/commits/master)
+[![npm downloads per month](https://img.shields.io/npm/dm/@pushrocks/smartnginx.svg)](https://www.npmjs.com/package/@pushrocks/smartnginx)
+[![Known Vulnerabilities](https://snyk.io/test/npm/@pushrocks/smartnginx/badge.svg)](https://snyk.io/test/npm/@pushrocks/smartnginx)
+[![TypeScript](https://img.shields.io/badge/TypeScript->=%203.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
+[![node](https://img.shields.io/badge/node->=%2010.x.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
+[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-prettier-ff69b4.svg)](https://prettier.io/)
 
 ## Usage
 
@@ -28,3 +31,10 @@ myNginxHost = new smartnginx.NginxHost({
 myNginxConfig.addZone(myNginxZone); // adds the zone to the config
 myNginxConfig.deploy(); // deploys the referenced NginxConfig and gracefully reloads it
 ```
+
+For further information read the linked docs at the top of this readme.
+
+> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh)
+| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy)
+
+[![repo-footer](https://lossless.gitlab.io/publicrelations/repofooter.svg)](https://maintainedby.lossless.com)

nginxconfig/default.private.pem

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQCHoQbEbAo/0ZDFU9AkubBRi8FeKdhCFrzK+wXZD9JnEJRa3q6o
+CI+6H3YLYleGGP8Vkwca8ykz5BX0MrKAlZWpoEpqgm2lVCBKh9mqCG1bN0aPdlwh
+E24/HZFbeVgyJBvH/7XZJDGlm638dSMoXMmPtwLfq1uTAmHwtHBEqdiLFwIDAQAB
+AoGAJWXibtD3toc7qx2kPCwzkRi/Ng7FwdtxLWswPp0dQCwTLEdQ06agswqvyw3P
+4nsMA0/qWqUIDHXtE8vS6p/Uh21aKTYNgHJA4VZdJvh5Zhogq77dtGFyME7T3914
+isamRo8hxemijJG9oml7y+jW/xnMFhe98dqKf9k0RNI9G1kCQQDHhInM8HEJWnRX
+ckkhGoel7HlfpTaLYIO7Ls4ErsNmBQjralRZVX1+g4+h4/QLCcOYqihNDgSUZMEt
+aEC82c4LAkEArgZXP/gaua0tylBwQETOyUip2apVOvArmH9xLL9qTkXueV39skZb
+36cO9RK7C+HTY4hGNcXDdihxs+Fa4sD6pQJAQc6FZQMpRVyAYxde53xIoYGNxu5H
+P1FmIacebIz4Bf5DIuK/T3fTHJdoGI2HQNzHluMIx+GHwSo6TS/FqoRsYQJAe/ia
+aUC20TU0nJ6nCLG72hqAnUZBh0YW2IFZP3ZxJaed1ioGE90Zj/8zoZShWTqb25j1
+41KqBt+S+ID+vPCa3QJABo8fEGIy/g7M5OB5euLHQLvCvYJDn9YWAryhRedR1B2e
+zEZOO0qxUJSjMdnYFYG6Na/poM3atnJ4W8pJzOtA4w==
+-----END RSA PRIVATE KEY-----

nginxconfig/default.public.pem

@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCHoQbEbAo/0ZDFU9AkubBRi8Fe
+KdhCFrzK+wXZD9JnEJRa3q6oCI+6H3YLYleGGP8Vkwca8ykz5BX0MrKAlZWpoEpq
+gm2lVCBKh9mqCG1bN0aPdlwhE24/HZFbeVgyJBvH/7XZJDGlm638dSMoXMmPtwLf
+q1uTAmHwtHBEqdiLFwIDAQAB
+-----END PUBLIC KEY-----

nginxconfig/hosts/default.private.pem

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCMGIi2uxtbfbDIiyL6SWwZb1RdSpjGFHwzlR+mipbwgW1JsYld
+Fs463PvxsMFgyQ6Nzndj3IE1mpYQgWYSS69mV8B3XxusrxnOGeO00IdA+qPGakzq
+Sm+/2ualnz6nDeVWTvQuM15Ki6WQsbvmcIKngs+5tsmYfTiAnpFUv3t6zQIDAQAB
+AoGAdb6VAMdnKdEMyLAv+J3G7eWkyTfOCQTkklHuJQHr9D1DRiGhqoxlThG26p49
+GQRCaCq0K0kDi7LeFwc6a3wS8LjRZ9DI+mkyA0KRM0bXEkQnBM7ZGqc32476mMp+
+4GI29Xl8U1pbjI0uYsyVoVeq7r3DTvHBD22FfvbPELIVzGECQQDM9WH55J70BjhH
+7h8vYD4agrVGk6AnWJaTyH4uqr3/o8tzyWMbSEDqsCo8dDufsUkrntg4DscSLVEl
+MZQq+8G1AkEArvv+N2Yjef9Xplo5/Zfx+bVzGrnrWuI9KVNHQeqZj50nmQbTVf+h
+qAJrJKUecJcvy5elwzMdFtw5CtU+aUXjuQJAKsHmNqOjJXVGuHrMtq11R0KNXrPd
+bVfl0d65tDKagIJDJ1yT+FUSdeNabFIzPhVWFmuE3+z1Sq15iDDXoD/1IQJBAJmW
+Pwz7Dnp/P7yYhzvqCQ6nT++ObmCoIQzLtsjJlJ10UBRF5GsgZBCmhsp0T6J9YQsv
+AOSzUX4GL98tSol2OakCQDpb11GrMuDVfYW+ltJs/WFOIE/Qexy+pKU6uWQnGjGP
+3OQVJ68vPebrMqQ6Lp3/r5hbN/UgLMufrUuevtHb7DA=
+-----END RSA PRIVATE KEY-----

nginxconfig/hosts/default.public.pem

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB/zCCAWigAwIBAgIJeD6pc7FCt9rnMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE3NlbGZzaWduZWQuZ2l0LnpvbmUwHhcNMTkwODIwMjAzMDI1WhcNMjAwODE5
+MjAzMDI1WjAeMRwwGgYDVQQDExNzZWxmc2lnbmVkLmdpdC56b25lMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCMGIi2uxtbfbDIiyL6SWwZb1RdSpjGFHwzlR+m
+ipbwgW1JsYldFs463PvxsMFgyQ6Nzndj3IE1mpYQgWYSS69mV8B3XxusrxnOGeO0
+0IdA+qPGakzqSm+/2ualnz6nDeVWTvQuM15Ki6WQsbvmcIKngs+5tsmYfTiAnpFU
+v3t6zQIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREE
+HzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQAD
+gYEARLQhxnvrKNGs758MzDTbf3lBuMd5jf42YFcUdEPI6jg9knKwqcgd5eNkZtNM
+DFPOFJf3HIJOLeOhXZ4bzQpcxVkkDAMUloKmQNypZlRWzkZt0jLgG0/ofKvvqX7c
+DpzwgTIoJwWlpbug788LEm3HcTVPu0LxQ1lOpgt0PWPnasc=
+-----END CERTIFICATE-----

nginxconfig/hosts/test100.bleu.de.conf

@@ -0,0 +1,31 @@
+upstream test100.bleu.de {
+	keepalive 100;
+	server 192.192.192.191:3000;
+}
+
+server {
+	# The keepalive parameter sets the maximum number of idle keepalive connections
+		# to upstream servers that are preserved in the cache of each worker process. When
+	# this number is exceeded, the least recently used connections are closed.
+	listen *:80 ;
+	server_name test100.bleu.de;
+	rewrite        ^ https://test100.bleu.de$request_uri? permanent;
+}
+
+server {
+	listen *:443 ssl;
+	server_name test100.bleu.de;
+	ssl_certificate /Users/philkunz/gitlab/pushrocks_meta/smartnginx/nginxconfig/hosts/test100.bleu.de.public.pem;
+	ssl_certificate_key /Users/philkunz/gitlab/pushrocks_meta/smartnginx/nginxconfig/hosts/test100.bleu.de.private.pem;
+	location / {
+		proxy_http_version      1.1;
+		proxy_buffering         off;
+		proxy_redirect					off;
+		proxy_set_header        X-Real-IP $remote_addr;
+		proxy_set_header        X-Forwarded-For $remote_addr;
+		proxy_set_header        X-Forwarded-Proto $scheme;
+		proxy_next_upstream error timeout http_404 http_429 http_500 http_502;
+		proxy_next_upstream_tries 5;
+		proxy_pass              http://test100.bleu.de;
+	}
+}

nginxconfig/hosts/test100.bleu.de.private.pem

@@ -0,0 +1 @@
+some private

nginxconfig/hosts/test100.bleu.de.public.pem

@@ -0,0 +1 @@
+some public

nginxconfig/hosts/test102.bleu.de.conf

@@ -0,0 +1,31 @@
+upstream test102.bleu.de {
+	keepalive 100;
+	server 192.192.192.192:3050;
+}
+
+server {
+	# The keepalive parameter sets the maximum number of idle keepalive connections
+		# to upstream servers that are preserved in the cache of each worker process. When
+	# this number is exceeded, the least recently used connections are closed.
+	listen *:80 ;
+	server_name test102.bleu.de;
+	rewrite        ^ https://test102.bleu.de$request_uri? permanent;
+}
+
+server {
+	listen *:443 ssl;
+	server_name test102.bleu.de;
+	ssl_certificate /Users/philkunz/gitlab/pushrocks_meta/smartnginx/nginxconfig/hosts/test102.bleu.de.public.pem;
+	ssl_certificate_key /Users/philkunz/gitlab/pushrocks_meta/smartnginx/nginxconfig/hosts/test102.bleu.de.private.pem;
+	location / {
+		proxy_http_version      1.1;
+		proxy_buffering         off;
+		proxy_redirect					off;
+		proxy_set_header        X-Real-IP $remote_addr;
+		proxy_set_header        X-Forwarded-For $remote_addr;
+		proxy_set_header        X-Forwarded-Proto $scheme;
+		proxy_next_upstream error timeout http_404 http_429 http_500 http_502;
+		proxy_next_upstream_tries 5;
+		proxy_pass              http://test102.bleu.de;
+	}
+}

nginxconfig/hosts/test102.bleu.de.private.pem

@@ -0,0 +1 @@
+some private

nginxconfig/hosts/test102.bleu.de.public.pem

@@ -0,0 +1 @@
+some public

nginxconfig/nginx.conf

@@ -0,0 +1,79 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx/nginx.pid;
+
+events {
+	worker_connections 768;
+	# multi_accept on;
+}
+
+http {
+	server_names_hash_bucket_size 128;
+
+	##
+	# Basic Settings
+	##
+
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+	keepalive_timeout 65;
+	types_hash_max_size 2048;
+	# server_tokens off;
+
+	# server_names_hash_bucket_size 64;
+	# server_name_in_redirect off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	##
+	# SSL Settings
+	##
+
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+	ssl_prefer_server_ciphers on;
+
+	##
+	# Logging Settings
+	##
+
+	access_log /var/log/nginx/access.log;
+	error_log /var/log/nginx/error.log;
+
+	##
+	# Gzip Settings
+	##
+
+	gzip on;
+	gzip_disable "msie6";
+
+	# gzip_vary on;
+	# gzip_proxied any;
+	# gzip_comp_level 6;
+	# gzip_buffers 16 8k;
+	# gzip_http_version 1.1;
+	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+	##
+	# Virtual Host Configs
+	##
+
+	server {
+		listen *:80 default_server;
+		server_name selfsigned.git.zone;
+		rewrite        ^ https://git.zone redirect;
+	}
+
+	server {
+		listen *:443 ssl default_server;
+		server_name selfsigned.git.zone;
+		ssl_certificate /Users/philkunz/gitlab/pushrocks_meta/smartnginx/nginxconfig/hosts/default.public.pem;
+		ssl_certificate_key /Users/philkunz/gitlab/pushrocks_meta/smartnginx/nginxconfig/hosts/default.private.pem;
+		rewrite        ^ https://git.zone redirect;
+	}
+
+	include /Users/philkunz/gitlab/pushrocks_meta/smartnginx/nginxconfig/hosts/*.conf;
+	include /etc/nginx/sites-enabled/*;
+}
+daemon off;

npmextra.json

@@ -2,7 +2,15 @@
   "npmci": {
     "npmAccessLevel": "public"
   },
-  "npmdocker": {
-    
+  "npmdocker": {},
+  "gitzone": {
+    "module": {
+      "githost": "gitlab.com",
+      "gitscope": "pushrocks",
+      "gitrepo": "smartnginx",
+      "shortDescription": "control nginx from node, TypeScript ready",
+      "npmPackagename": "@pushrocks/smartnginx",
+      "license": "MIT"
+    }
   }
 }

package.json

@@ -41,5 +41,16 @@
     "@pushrocks/tapbundle": "^3.0.7",
     "tslint": "^5.15.0",
     "tslint-config-prettier": "^1.18.0"
-  }
-}
+  },
+  "files": [
+    "ts/*",
+    "ts_web/*",
+    "dist/*",
+    "dist_web/*",
+    "dist_ts_web/*",
+    "assets/*",
+    "cli.js",
+    "npmextra.json",
+    "readme.md"
+  ]
+}

test/test.ts

@@ -11,7 +11,7 @@ let testNginxZone01: smartnginx.NginxHost;
 let testNginxZone02: smartnginx.NginxHost;
 
 tap.test('should create a valid instance of SmartNginx', async () => {
-  testSmartNginx = new smartnginx.SmartNginx({defaultProxyUrl: 'https://git.zone'});
+  testSmartNginx = new smartnginx.SmartNginx({ defaultProxyUrl: 'https://git.zone' });
   expect(testSmartNginx).to.be.instanceof(smartnginx.SmartNginx);
 });
 

ts/smartnginx.classes.nginxhost.ts

@@ -40,18 +40,23 @@ export class NginxHost implements IHostConfig {
    * @param certInstanceArg
    */
   public async deploy() {
-    const filePathConfig = plugins.path.join(paths.nginxHostDirPath,  `${this.hostName}.conf`);
-    const filePathPrivate = plugins.path.join(paths.nginxHostDirPath,  `${this.hostName}.private.pem`);
-    const filePathPublic = plugins.path.join(paths.nginxHostDirPath,  `${this.hostName}.public.pem`);
+    const filePathConfig = plugins.path.join(paths.nginxHostDirPath, `${this.hostName}.conf`);
+    const filePathPrivate = plugins.path.join(
+      paths.nginxHostDirPath,
+      `${this.hostName}.private.pem`
+    );
+    const filePathPublic = plugins.path.join(paths.nginxHostDirPath, `${this.hostName}.public.pem`);
 
-    
     // writeConfig
-    this.configString = snippets.getHostConfigString(this.hostName, this.destination, this.destinationPort);
+    this.configString = snippets.getHostConfigString(
+      this.hostName,
+      this.destination,
+      this.destinationPort
+    );
     plugins.smartfile.memory.toFsSync(this.configString, filePathConfig);
 
     // write ssl
     plugins.smartfile.memory.toFsSync(this.privateKey, filePathPrivate);
     plugins.smartfile.memory.toFsSync(this.publicKey, filePathPublic);
-
   }
 }

ts/smartnginx.classes.smartnginx.ts

@@ -115,15 +115,27 @@ export class SmartNginx {
 
       // write base config
       plugins.smartfile.fs.ensureDirSync(paths.nginxConfigDirPath);
-      plugins.smartfile.memory.toFsSync(snippets.getBaseConfigString(this.options.defaultProxyUrl), paths.nginxConfFile);
+      plugins.smartfile.memory.toFsSync(
+        snippets.getBaseConfigString(this.options.defaultProxyUrl),
+        paths.nginxConfFile
+      );
 
       // write standard self signed certificate
-      const selfsignedCert = plugins.selfsigned.generate([{ name: 'commonName', value: 'selfsigned.git.zone' }], { days: 365});
-      
+      const selfsignedCert = plugins.selfsigned.generate(
+        [{ name: 'commonName', value: 'selfsigned.git.zone' }],
+        { days: 365 }
+      );
+
       // deploy hosts
       plugins.smartfile.fs.ensureDirSync(paths.nginxHostDirPath);
-      plugins.smartfile.memory.toFsSync(selfsignedCert.private, plugins.path.join(paths.nginxHostDirPath, './default.private.pem'));
-      plugins.smartfile.memory.toFsSync(selfsignedCert.cert, plugins.path.join(paths.nginxHostDirPath, './default.public.pem'));
+      plugins.smartfile.memory.toFsSync(
+        selfsignedCert.private,
+        plugins.path.join(paths.nginxHostDirPath, './default.private.pem')
+      );
+      plugins.smartfile.memory.toFsSync(
+        selfsignedCert.cert,
+        plugins.path.join(paths.nginxHostDirPath, './default.public.pem')
+      );
       for (const host of this.deployedHosts.getArray()) {
         await host.deploy();
         this.logger.log('info', `Host ${host.hostName} deployed!`);

ts/smartnginx.paths.ts

@@ -6,4 +6,4 @@ export const nginxConfigDirPath = plugins.path.join(packageBase, 'nginxconfig');
 export const nginxHostDirPath = plugins.path.join(nginxConfigDirPath, 'hosts');
 
 // files
-export const nginxConfFile = plugins.path.join(nginxConfigDirPath, 'nginx.conf');
+export const nginxConfFile = plugins.path.join(nginxConfigDirPath, 'nginx.conf');

ts/smartnginx.plugins.ts

@@ -17,6 +17,4 @@ export { lik, smartlog, smartpromise, smartshell, smartfile, smartstring, smartu
 // thirdparty scope
 import * as selfsigned from 'selfsigned';
 
-export {
-  selfsigned
-};
+export { selfsigned };

ts/smartnginx.snippets.ts

@@ -85,8 +85,12 @@ export let getBaseConfigString = (defaultProxy: string) => {
   return baseConfig;
 };
 
-export let getHostConfigString = (hostNameArg: string, destinationIpArg: string, destinationPortArg = 80) => {
-	const hostConfig = plugins.smartstring.indent.normalize(`
+export let getHostConfigString = (
+  hostNameArg: string,
+  destinationIpArg: string,
+  destinationPortArg = 80
+) => {
+  const hostConfig = plugins.smartstring.indent.normalize(`
 		upstream ${hostNameArg} {
 			keepalive 100;
 			server ${destinationIpArg}:${destinationPortArg};