diff --git a/build.bat b/build.bat new file mode 100644 index 0000000..bc164d1 --- /dev/null +++ b/build.bat @@ -0,0 +1,19 @@ +@echo off +set GOOS=linux +set GOARCH=amd64 + +echo VaultKeeper 리눅스 빌드를 시작합니다... + +go build -o vaultkeeper -ldflags "-s -w" main.go + +if %ERRORLEVEL% equ 0 ( + echo. + echo ----------------------------------- + echo 빌드 성공: vaultkeeper 파일이 생성되었습니다. + echo ----------------------------------- +) else ( + echo. + echo 빌드에 실패했습니다. 오류를 확인하세요. +) + +pause \ No newline at end of file diff --git a/gitea b/gitea new file mode 100644 index 0000000..5e4d177 --- /dev/null +++ b/gitea @@ -0,0 +1,125 @@ +o# [1] HTTP (80) -> HTTPS (443) 자동 리다이렉트 (통합 관리) +server { + if ($host = white-smith.duckdns.org) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + if ($host = git-white-smith.duckdns.org) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + if ($host = kui-white-smith.duckdns.org) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + if ($host = git.white-smith.shop) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + if ($host = white-smith.shop) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + # 서비스되는 모든 도메인을 한곳에 적습니다. + server_name white-smith.shop kui-white-smith.duckdns.org white-smith.duckdns.org + git.white-smith.shop git-white-smith.duckdns.org 34.19.79.94; + + # 모든 HTTP 접속을 각 호스트의 HTTPS 주소로 보냅니다. + location / { + return 301 https://$host$request_uri; + } + +} + +# [2] Quartz 블로그 설정 (HTTPS) +server { + listen 443 ssl; + server_name kui-white-smith.duckdns.org white-smith.shop white-smith.duckdns.org; + + # Certbot 인증서 경로 (가장 최근에 발급받은 대표 경로 확인 필요) + ssl_certificate /etc/letsencrypt/live/git-white-smith.duckdns.org/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/git-white-smith.duckdns.org/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; + + root /var/www/white-smith-blog/public; + index index.html; + + charset utf-8; + + auth_basic "Please Login New Account"; + auth_basic_user_file /etc/nginx/.htpasswd; + + # 인증 관련 정보가 캐시되지 않도록 강제 + add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0"; + add_header Pragma "no-cache"; + expires off; + + + location / { + # 정적 파일 서빙을 위한 최적화 설정 + # try_files $uri $uri.html $uri/ =404; + try_files $uri $uri/ $uri.html =404; + } + + # --- 추가된 부분 --- + # [A] VaultKeeper 프론트엔드 페이지 접속 경로 + location /auth/ { + # Nginx 인증 팝업을 띄우지 않음 + auth_basic off; + + # 뒤에 /를 붙이면 Go 서버의 "/" 경로로 전달됩니다. + proxy_pass http://127.0.0.1:8486/; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_redirect off; + } + + # [B] VaultKeeper API 통신 경로 + location /api/ { + # 이 부분이 누락되어 Nginx 인증창이 계속 떴던 것입니다. + auth_basic off; + + proxy_pass http://localhost:8486; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + # ------------------ + +} + +# [3] Gitea 설정 (HTTPS) +server { + listen 443 ssl; + server_name git.white-smith.shop git-white-smith.duckdns.org; + + client_max_body_size 50M; + + # Gitea 전용 인증서 경로 + ssl_certificate /etc/letsencrypt/live/git-white-smith.duckdns.org/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/git-white-smith.duckdns.org/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; + + location / { + proxy_pass http://127.0.0.1:3000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + +} + diff --git a/main.go b/main.go index 77945cf..0209b38 100644 --- a/main.go +++ b/main.go @@ -253,7 +253,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) { // htpasswd -v 명령어를 사용하여 비밀번호 확인 // exit code 0이면 성공, 0이 아니면 실패 - cmd := exec.Command("htpasswd", "-v", htpasswdPath, req.Username, req.Password) + cmd := exec.Command("htpasswd", "-vb", htpasswdPath, req.Username, req.Password) output, err := cmd.CombinedOutput() if err != nil { diff --git a/vaultkeeper b/vaultkeeper index f34de78..f8a2b17 100644 Binary files a/vaultkeeper and b/vaultkeeper differ