Prefix outlets with a priority

nbianca · nbianca · commit ed762bd3d890 · 2025-05-06T23:27:15.000+03:00
diff --git a/templates/offline-page.template.yml b/templates/offline-page.template.yml
@@ -8,7 +8,7 @@ params:
 
 run:
   - file:
-     path: "/etc/nginx/conf.d/outlets/server/offline-page.conf"
+     path: "/etc/nginx/conf.d/outlets/server/30-offline-page.conf"
      contents: |
         error_page 502 /error_page.html;
         location /error_page.html {
diff --git a/templates/web.letsencrypt.ssl.template.yml b/templates/web.letsencrypt.ssl.template.yml
@@ -113,14 +113,14 @@ hooks:
          ACCOUNT_EMAIL=$$ENV_LETSENCRYPT_ACCOUNT_EMAIL
 
     - replace:
-       filename: "/etc/nginx/conf.d/outlets/server/https.conf"
+       filename: "/etc/nginx/conf.d/outlets/server/20-https.conf"
        from: /ssl_certificate.+/
        to: |
          ssl_certificate /shared/ssl/$$ENV_DISCOURSE_HOSTNAME.cer;
          ssl_certificate /shared/ssl/$$ENV_DISCOURSE_HOSTNAME_ecc.cer;
 
     - replace:
-       filename: "/etc/nginx/conf.d/outlets/server/https.conf"
+       filename: "/etc/nginx/conf.d/outlets/server/20-https.conf"
        from: /ssl_certificate_key.+/
        to: |
          ssl_certificate_key /shared/ssl/$$ENV_DISCOURSE_HOSTNAME.key;
diff --git a/templates/web.ratelimited.template.yml b/templates/web.ratelimited.template.yml
@@ -7,7 +7,7 @@ params:
 
 run:
   - file:
-     path: "/etc/nginx/conf.d/outlets/before-server/ratelimited.conf"
+     path: "/etc/nginx/conf.d/outlets/before-server/30-ratelimited.conf"
      contents: |
        limit_req_zone $binary_remote_addr zone=flood:10m rate=$reqs_per_secondr/s;
        limit_req_zone $binary_remote_addr zone=bot:10m rate=$reqs_per_minuter/m;
@@ -16,7 +16,7 @@ run:
        limit_conn_status 429;
 
   - file:
-     path: "/etc/nginx/conf.d/outlets/discourse/ratelimited.conf"
+     path: "/etc/nginx/conf.d/outlets/discourse/30-ratelimited.conf"
      contents: |
          limit_conn connperip $conn_per_ip;
          limit_req zone=flood burst=$burst_per_second nodelay;
diff --git a/templates/web.socketed.template.yml b/templates/web.socketed.template.yml
@@ -12,13 +12,13 @@ run:
         #!/bin/bash
         rm -rf /shared/nginx.http*.sock
   - replace:
-     filename: "/etc/nginx/conf.d/outlets/server/http.conf"
+     filename: "/etc/nginx/conf.d/outlets/server/10-http.conf"
      from: /listen 80;(\nlisten \[::\]:80;)?/
      to: |
        listen unix:/shared/nginx.http.sock;
        set_real_ip_from unix:;
   - replace:
-     filename: "/etc/nginx/conf.d/outlets/server/https.conf"
+     filename: "/etc/nginx/conf.d/outlets/server/20-https.conf"
      from: /listen 443 ssl;(\nlisten \[::\]:443 ssl;)?/
      to: |
        listen unix:/shared/nginx.https.sock ssl;
diff --git a/templates/web.ssl.template.yml b/templates/web.ssl.template.yml
@@ -3,16 +3,16 @@ run:
       cmd:
         - "mkdir -p /shared/ssl/"
   - file:
-      path: "/etc/nginx/conf.d/outlets/before-server/redirect-http-to-https.conf"
+      path: "/etc/nginx/conf.d/outlets/before-server/10-redirect-http-to-https.conf"
       contents: |
         server {
           listen 80;
           return 301 https://$$ENV_DISCOURSE_HOSTNAME$request_uri;
         }
-  - exec: rm /etc/nginx/conf.d/outlets/server/http.conf
+  - exec: rm /etc/nginx/conf.d/outlets/server/10-http.conf
   - file:
       hook: ssl
-      path: "/etc/nginx/conf.d/outlets/server/https.conf"
+      path: "/etc/nginx/conf.d/outlets/server/20-https.conf"
       contents: |
         listen 443 ssl;
         http2 on;
@@ -34,13 +34,13 @@ run:
           rewrite (.*) https://$$ENV_DISCOURSE_HOSTNAME$1 permanent;
         }
   - file:
-      path: "/etc/nginx/conf.d/outlets/discourse/https.conf"
+      path: "/etc/nginx/conf.d/outlets/discourse/20-https.conf"
       contents: |
         add_header Strict-Transport-Security 'max-age=31536000';
   - exec:
       cmd:
         - |-
           if [ -f "/proc/net/if_inet6" ] ; then
-            sed -i 's/listen 80;/listen 80;\nlisten [::]:80;/g' /etc/nginx/conf.d/outlets/before-server/redirect-http-to-https.conf
-            sed -i 's/listen 443 ssl;/listen 443 ssl;\nlisten [::]:443 ssl;/g' /etc/nginx/conf.d/outlets/server/https.conf
+            sed -i 's/listen 80;/listen 80;\nlisten [::]:80;/g' /etc/nginx/conf.d/outlets/before-server/10-redirect-http-to-https.conf
+            sed -i 's/listen 443 ssl;/listen 443 ssl;\nlisten [::]:443 ssl;/g' /etc/nginx/conf.d/outlets/server/20-https.conf
           fi
diff --git a/templates/web.template.yml b/templates/web.template.yml
@@ -165,9 +165,9 @@ run:
         - sed -i 's#listen 80;##g' /etc/nginx/conf.d/discourse.conf
         - |-
           if [ -f "/proc/net/if_inet6" ]; then
-            echo "listen 80;\nlisten [::]:80;" > /etc/nginx/conf.d/outlets/server/http.conf
+            echo "listen 80;\nlisten [::]:80;" > /etc/nginx/conf.d/outlets/server/10-http.conf
           else
-            echo "listen 80;" > /etc/nginx/conf.d/outlets/server/http.conf
+            echo "listen 80;" > /etc/nginx/conf.d/outlets/server/10-http.conf
           fi
 
   - exec:
