Fix HSTS and update changelog

2019-08-14 13:56:37 +02:00
parent 26806a292b
commit 937e61305a
8 changed files with 46 additions and 18 deletions
--- a/wo/cli/plugins/site_functions.py
+++ b/wo/cli/plugins/site_functions.py
@@ -1534,7 +1534,7 @@ def setupHsts(self, wo_domain_name):
    hstsconf.write("more_set_headers "
                   "\"Strict-Transport-Security: "
                   "max-age=31536000; "
-                   "'includeSubDomains; "
+                   "includeSubDomains; "
                   "preload\";")
    hstsconf.close()
    return 0
--- a/wo/cli/plugins/stack.py
+++ b/wo/cli/plugins/stack.py
@@ -397,12 +397,12 @@ class WOStackController(CementBaseController):
            Log.debug(self, "Calling pre_pref")
            pre_pref(self, apt_packages)
            if (apt_packages):
-                meminfo = (os.popen('/bin/cat /proc/meminfo '
-                                    '| grep MemTotal').read()).split(":")
-                memsplit = re.split(" kB", meminfo[1])
-                wo_mem = int(memsplit[0])
-                if (wo_mem < 4000000):
-                    WOSwap.add(self)
+                # meminfo = (os.popen('/bin/cat /proc/meminfo '
+                #                    '| grep MemTotal').read()).split(":")
+                # memsplit = re.split(" kB", meminfo[1])
+                # wo_mem = int(memsplit[0])
+                # if (wo_mem < 4000000):
+                #    WOSwap.add(self)
                Log.info(self, "Updating apt-cache, please wait...")
                WOAptGet.update(self)
                Log.info(self, "Installing packages, please wait...")
--- a/wo/cli/plugins/stack_pref.py
+++ b/wo/cli/plugins/stack_pref.py
@@ -198,10 +198,10 @@ def post_pref(self, apt_packages, packages):
                    (data), 'gzip.mustache', out=wo_nginx)
                wo_nginx.close()

-            if not os.path.isfile('/etc/nginx/conf.d/brotli.conf'):
+            if not os.path.isfile('/etc/nginx/conf.d/brotli.conf.disabled'):
                Log.debug(self, 'Writting the nginx configuration to '
-                          'file /etc/nginx/conf.d/brotli.conf')
-                wo_nginx = open('/etc/nginx/conf.d/brotli.conf',
+                          'file /etc/nginx/conf.d/brotli.conf.disabled')
+                wo_nginx = open('/etc/nginx/conf.d/brotli.conf.disabled',
                                encoding='utf-8', mode='w')
                self.app.render(
                    (data), 'brotli.mustache', out=wo_nginx)
--- a/wo/cli/templates/gzip.mustache
+++ b/wo/cli/templates/gzip.mustache
@@ -12,19 +12,40 @@
 	gzip_http_version 1.1;
 	gzip_types
 	application/atom+xml
+	application/geo+json
 	application/javascript
 	application/json
+	application/ld+json
+	application/manifest+json
+	application/rdf+xml
 	application/rss+xml
 	application/vnd.ms-fontobject
+	application/wasm
+	application/x-font-opentype
+	application/x-font-truetype
 	application/x-font-ttf
+	application/x-javascript
 	application/x-web-app-manifest+json
 	application/xhtml+xml
 	application/xml
+	application/xml+rss
+	font/eot
 	font/opentype
+	font/otf
+	image/bmp
 	image/svg+xml
+	image/vnd.microsoft.icon
 	image/x-icon
+	image/x-win-bitmap
+	text/cache-manifest
+	text/calendar
 	text/css
+	text/javascript
+	text/markdown
 	text/plain
+	text/vcard
+	text/vnd.rim.location.xloc
+	text/vtt
 	text/x-component
-	text/xml
-	text/javascript;
+	text/x-cross-domain-policy
+	text/xml;
--- a/wo/cli/templates/nginx-core.mustache
+++ b/wo/cli/templates/nginx-core.mustache
@@ -66,7 +66,7 @@ http {
 	ssl_session_cache shared:SSL:50m;
 	ssl_session_tickets off;
 	ssl_prefer_server_ciphers on;
-    {{#tls13}}ssl_ciphers 'TLS13+AESGCM+AES256:TLS13+AESGCM+AES128:TLS13+CHACHA20:EECDH+AESGCM:EECDH+CHACHA20';
+	{{#tls13}}ssl_ciphers 'TLS13+AESGCM+AES256:TLS13+AESGCM+AES128:TLS13+CHACHA20:EECDH+AESGCM:EECDH+CHACHA20';
 	ssl_protocols TLSv1.2 TLSv1.3;{{/tls13}}
 	ssl_ecdh_curve X25519:P-521:P-384:P-256;
 	# Previous TLS v1.2 configuration