Mercurial Hosting > luan

changeset 2163:9abb0272665d default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge nginx_sites_addon
author Violet7
date Sun, 01 Feb 2026 15:30:31 -0800
parents 1e40503a1c3c (current diff) 2a68bc8e1529 (diff)
children
files
diffstat 11 files changed, 75 insertions(+), 28 deletions(-) [+]
line wrap: on
line diff
--- a/.hgignore	Fri Jan 23 20:58:21 2026 -0600
+++ b/.hgignore	Sun Feb 01 15:30:31 2026 -0800
@@ -11,6 +11,7 @@
 luan.tar
 .DS_Store
 host/sites/
+host/nginx_sites/
 host/logs/
 host/started.lock
 backup/logs/
--- a/delete_me.txt	Fri Jan 23 20:58:21 2026 -0600
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,1 +0,0 @@
-commit E
--- a/host/startup/nginx/nginx.conf.luan	Fri Jan 23 20:58:21 2026 -0600
+++ b/host/startup/nginx/nginx.conf.luan	Sun Feb 01 15:30:31 2026 -0800
@@ -15,6 +15,7 @@
 	sendfile on;
 	keepalive_timeout 65;
 
+	error_log <%=rootDir%>/logs/nginx_error.log;
 	proxy_cache_path <%=rootDir%>/local/nginx_cache levels=1:2 keys_zone=nginx_cache:60m max_size=10g inactive=60m use_temp_path=off;
 
 	upstream luan {
@@ -37,5 +38,7 @@
 	# glob pattern returns no results for site dirs that don't have 
 	# the ssl/ subdir, so this is ok
 	include <%=rootDir%>/sites/*/ssl/nginx.ssl.conf;
+	include <%=rootDir%>/nginx_sites/*/nginx.conf;
+
 }
 <%
--- a/host/startup/nginx/nginx.default.conf.luan	Fri Jan 23 20:58:21 2026 -0600
+++ b/host/startup/nginx/nginx.default.conf.luan	Sun Feb 01 15:30:31 2026 -0800
@@ -7,7 +7,6 @@
 	proxy_set_header Host $http_host;
 	proxy_set_header Connection '';
 
-	error_log <%=rootDir%>/logs/nginx_error.log;
 
 	proxy_set_header X-Forwarded-Proto $scheme;
 	proxy_set_header X-Real-IP $remote_addr;
--- a/host/test/test_https.luan	Fri Jan 23 20:58:21 2026 -0600
+++ b/host/test/test_https.luan	Sun Feb 01 15:30:31 2026 -0800
@@ -13,8 +13,9 @@
 local domain = "https.me.luan.software"
 local site_dir = uri("file:local")
 local luanhost_dir = uri("file:..")
+local nginx_default_conf = uri("file:../local/nginx.default.conf")
 local dry_run = true
 
 site_dir.mkdir()
 
-Https.do_set_https(is_https,domain,site_dir,luanhost_dir,dry_run)
+Https.do_set_https(is_https,domain,site_dir,luanhost_dir,nginx_default_conf,dry_run)
--- a/host/update2.sh	Fri Jan 23 20:58:21 2026 -0600
+++ b/host/update2.sh	Sun Feb 01 15:30:31 2026 -0800
@@ -5,6 +5,7 @@
 
 mkdir -p local
 mkdir -p logs
+mkdir -p nginx_sites
 rm -f logs/*
 hg identify >logs/changeset.txt
 
--- a/src/luan/host/Https.luan	Fri Jan 23 20:58:21 2026 -0600
+++ b/src/luan/host/Https.luan	Sun Feb 01 15:30:31 2026 -0800
@@ -71,7 +71,7 @@
 -- for testing
 Https.delete_junk = delete_junk
 
-local function nginx_ssl_conf(domain,files,luanhost_dir)
+local function nginx_ssl_conf(domain,files,nginx_default_conf)
 %>
 	server {
 		server_name <%=domain%>;
@@ -97,15 +97,15 @@
 			return 301 http://$http_host$request_uri;
 		}
 
-		ssl_certificate <%= files.local_cer_file.to_string() %>;
-		ssl_certificate_key <%= files.key_file.to_string() %>;
-		# path is relative to the dir of the conf this comment is found in.
-		include nginx.default.conf;
+		ssl_certificate <%= files.local_cer_file.canonical().to_string() %>;
+		ssl_certificate_key <%= files.key_file.canonical().to_string() %>;
+		include <%= nginx_default_conf.canonical().to_string() %>;
 	}
 <%
 end
 
-local function reload_nginx(luanhost_dir_str)
+local function reload_nginx(luanhost_dir)
+	local luanhost_dir_str = luanhost_dir.canonical().to_string()
 	local cmd = `%>
 sudo $(which nginx) -t -c "<%=luanhost_dir_str%>/local/nginx.conf" && \
 sudo $(which nginx) -s reload -c "<%=luanhost_dir_str%>/local/nginx.conf";
@@ -113,6 +113,7 @@
 	local s = uri("bash:"..cmd).read_text()
 	logger.info("reload_nginx "..s)
 end
+Https.reload_nginx = reload_nginx
 
 local function issue_cert(files, luanhost_dir, dry_run)
 	local luanhost_dir_str = luanhost_dir.canonical().to_string()
@@ -156,8 +157,6 @@
 		local s = uri("bash:"..cmd).read_text()
 		logger.info("move temp output to fullchain.cer\n"..s)
 	end
-
-	reload_nginx(luanhost_dir_str)
 end
 
 
@@ -165,6 +164,7 @@
 	files.csr_file.exists() or error "no CSR file, assuming local https cert"
 	if time_now() - files.local_cer_file.last_modified() > renewal_period then
 		issue_cert(files, luanhost_dir, dry_run)
+		reload_nginx(luanhost_dir)
 		return
 	end
 end
@@ -172,17 +172,18 @@
 
 local ssl_renewal_period = Time.period{days=30}
 
-function Https.update(domain,site_dir,luanhost_dir)
+function Https.update(domain,site_dir,nginx_default_conf)
 	local files = get_files(domain,site_dir)
 	if files.nginx_file.exists() then
 		-- sys_logger.info("update "..domain)
-		local nginx = ` nginx_ssl_conf(domain,files,luanhost_dir) `
+		local nginx = ` nginx_ssl_conf(domain,files,nginx_default_conf) `
 		files.nginx_file.write(nginx)
 	end
 	delete_junk(domain,site_dir)
 end
 
-local function do_set_https(is_https,domain,site_dir,luanhost_dir,dry_run)
+local function do_set_https(is_https,domain,site_dir,luanhost_dir,nginx_default_conf,dry_run)
+	local needs_reload_nginx = false
 	local files = get_files(domain,site_dir)
 
 	-- luan/host
@@ -239,7 +240,6 @@
 
 					issue_cert(files, luanhost_dir, dry_run)
 
-
 				catch e
 					logger.error("Error setting up ACME: "..e)
 				end_try
@@ -254,9 +254,9 @@
 				-- the nginx config only requires 2 files:
 				-- fullchain.cer and DOMAIN.key
 				logger.info("writing nginx conf to "..files.nginx_file.canonical().to_string())
-				local nginx = ` nginx_ssl_conf(domain,files,luanhost_dir) `
+				local nginx = ` nginx_ssl_conf(domain,files,nginx_default_conf) `
 				files.nginx_file.write(nginx)
-				reload_nginx(luanhost_dir_str)
+				needs_reload_nginx = true
 			end
 		else
 			if not is_local then
@@ -274,10 +274,10 @@
 			for _, file in pairs(files) do
 				file.delete()
 			end
-			reload_nginx(luanhost_dir_str)
+			needs_reload_nginx = true
 		end
 	end
-	--logger.info "done"
+	return needs_reload_nginx
 end
 Https.do_set_https = do_set_https -- for testing
 
@@ -289,13 +289,17 @@
 	local domain = Http.domain
 	local site_dir = uri("site:").parent()
 	local luanhost_dir = uri("file:.")
+	local nginx_default_conf = uri("file:local/nginx.default.conf")
 
 	-- use for testing, so as to not hit rate limits
 	-- on the real letsencrypt servers
 	local dry_run = false
 
 	if not try_synchronized( function()
-		do_set_https(is_https,domain,site_dir,luanhost_dir,dry_run)
+		local needs_reload_nginx = do_set_https(is_https,domain,site_dir,luanhost_dir,nginx_default_conf,dry_run)
+		if needs_reload_nginx then
+			reload_nginx(luanhost_dir)
+		end
 	end, domain..".lock", 0 )() then
 		logger.info("set_https already running for "..domain..", skipping")
 	end
--- a/src/luan/host/run.luan	Fri Jan 23 20:58:21 2026 -0600
+++ b/src/luan/host/run.luan	Sun Feb 01 15:30:31 2026 -0800
@@ -3,6 +3,8 @@
 local error = Luan.error
 local ipairs = Luan.ipairs or error()
 local do_file = Luan.do_file or error()
+local run_clean = Luan.run_clean or error()
+local Package = require "luan:Package.luan"
 local Number = require "luan:Number.luan"
 local long = Number.long or error()
 local Io = require "luan:Io.luan"
@@ -10,6 +12,7 @@
 local WebHandler = require "java:luan.host.WebHandler"
 local Logging = require "luan:logging/Logging.luan"
 
+
 local log_to_console = false
 for _, arg in ipairs{...} do
 	if arg == "console" then
@@ -67,9 +70,35 @@
 local server = Server.ForAddress.new("127.0.0.1",8080,handler)
 server.start()
 
+do
+	local sites_dir = Io.schemes.file(Hosted.sites_dir)
+	for _, site_dir in ipairs(sites_dir.children()) do
+		local name = site_dir.name()
+		WebHandler.loadHandler(name)
+	end
+end
 
-local sites_dir = Io.schemes.file(Hosted.sites_dir)
-for _, site_dir in ipairs(sites_dir.children()) do
-	local name = site_dir.name()
-	WebHandler.loadHandler(name)
+
+-- ngnx servers
+
+do
+	local sites_dir = Io.schemes.file("nginx_sites")
+	for _, site_dir in ipairs(sites_dir.children() or {}) do
+		local name = site_dir.name()
+		try
+			run_clean( function()
+				local Io = require "luan:Io.luan"
+				local Package = require "luan:Package.luan"
+	
+				function Io.schemes.site(path,loading)
+					local u =  Io.uri( "file:nginx_sites/"..name..path, loading )
+					u.uri_string = "site:"..path
+					return u
+				end
+				Package.load("file:nginx_sites/"..name.."/init.luan")
+			end )
+		catch e
+			logger.error(e)
+		end
+	end
 end
--- a/src/luan/host/update.luan	Fri Jan 23 20:58:21 2026 -0600
+++ b/src/luan/host/update.luan	Sun Feb 01 15:30:31 2026 -0800
@@ -5,12 +5,12 @@
 local Https = require "classpath:luan/host/Https.luan"
 
 
-local luanhost_dir = Io.schemes.file(".").canonical()
-local sites_dir = luanhost_dir.child("sites")
+local nginx_default_conf = Io.schemes.file("local/nginx.default.conf").canonical()
+local sites_dir = Io.schemes.file("sites")
 sites_dir.mkdir()
 
 local children = sites_dir.children()
 for _, site_dir in ipairs(children) do
 	local domain = site_dir.name()
-	Https.update(domain, site_dir, luanhost_dir)
+	Https.update(domain, site_dir, nginx_default_conf)
 end
--- a/src/luan/modules/BasicLuan.java	Fri Jan 23 20:58:21 2026 -0600
+++ b/src/luan/modules/BasicLuan.java	Sun Feb 01 15:30:31 2026 -0800
@@ -278,7 +278,16 @@
 	public static void exit(Luan luan,int status) throws LuanException {
 		Luan.checkSecurity(luan,"exit");
 		System.exit(status);
-	}
+	}
 
+	public static void run_clean(Luan luan,LuanFunction fn) throws LuanException {
+		Luan.Security security = luan.getSecurity();
+		luan = new Luan();
+		if( security != null )
+			Luan.setSecurity(luan,security);
+		LuanMutable.makeImmutable(fn);
+		fn.call(luan);
+	}
+
 	private void BasicLuan() {}  // never
 }
--- a/src/luan/modules/Luan.luan	Fri Jan 23 20:58:21 2026 -0600
+++ b/src/luan/modules/Luan.luan	Sun Feb 01 15:30:31 2026 -0800
@@ -23,6 +23,7 @@
 Luan.raw_get = BasicLuan.raw_get
 Luan.raw_len = BasicLuan.raw_len
 Luan.raw_set = BasicLuan.raw_set
+Luan.run_clean = BasicLuan.run_clean
 Luan.set_metatable = BasicLuan.set_metatable
 Luan.stringify = BasicLuan.stringify
 Luan.to_string = BasicLuan.to_string