Begin work on HTTPS

nginx/includes/tenancy

@@ -0,0 +1,4 @@
+include includes/tenancy_base;
+
+listen 443 ssl http2;
+listen [::]:443 ssl http2;

nginx/includes/tenancy_base

@@ -0,0 +1,31 @@
+include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+add_header Strict-Transport-Security "max-age=31536000" always; # managed by Certbot
+
+access_log      /var/log/nginx/tenancy/access.log;
+error_log       /var/log/nginx/tenancy/error.log;
+rewrite_log     on;
+
+root            /var/www/laravel/tenancy/public;
+index           index.php;
+
+location / {
+    try_files   $uri $uri/ /index.php?$query_string;
+}
+
+# Remove trailing slash to please the routing system.
+if (!-d $request_filename) {
+    rewrite     ^/(.+)/$ /$1 permanent;
+}
+
+location ~* \.php$ {
+    fastcgi_pass                    unix:/var/run/php/php7.2-fpm.sock;
+    fastcgi_index                   index.php;
+    fastcgi_split_path_info         ^(.+\.php)(.*)$;
+    include                         /etc/nginx/fastcgi_params;
+    fastcgi_param                   SCRIPT_FILENAME $document_root$fastcgi_script_name;
+}
+
+location ~ /\.ht {
+    deny all;
+}

nginx/sites-available/example.conf

@@ -0,0 +1,29 @@
+# certbot -n --staging --nginx -d tenancytest1.ml --preferred-challenges http --must-staple --agree-tos --email samuel.stancl@gmail.com
+
+# Catch-all HTTP (:80) server
+server {
+	listen 80 default_server;
+	listen [::]:80 default_server;
+	return 301 https://$server_name$request_uri;  # Be careful with 301.
+}
+
+# A block like this will be added for each tenant.
+# server {
+# 	include includes/tenancy;
+# 	server_name dev.localhost;
+# }
+
+# If you have some exempt domains, you should create blocks like these
+# for each domain. If you're okay with using a single certificate
+# for these domains, you can create just one block like this:
+#    server {
+#        include includes/tenancy_base;
+# 
+#        listen 443 ssl http2 default_sever;
+#        listen [::]:443 ssl http2 default_sever;
+# 
+#        ssl_certificate ...;
+#        ssl_certificate_key ...;
+#    }
+# Otherwise, use multiple server blocks with
+# server_name instead of default_server

src/DatabaseManager.php

@@ -44,6 +44,11 @@ class DatabaseManager
         return DB::statement("CREATE DATABASE `$name` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci");
     }
 
+    public function delete()
+    {
+        // todo: delete database. similar to create()
+    }
+
     public function getDriver(): ?string
     {
         return config("database.connections.tenant.driver");

src/Interfaces/ServerConfigManager.php

@@ -0,0 +1,7 @@
+<?php
+
+namespace Stancl\Tenancy\Interfaces;
+
+interface ServerConfigManager
+{
+}

src/ServerConfigManagers/NginxConfigManager.php

@@ -0,0 +1,9 @@
+<?php
+
+namespace Stancl\Tenancy\ServerConfigManagers;
+
+use Stancl\Tenancy\Interfaces\ServerConfigManager;
+
+class NginxConfigManager implements ServerConfigManager
+{
+}

src/ServerManager.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace Stancl\Tenancy;
+
+use Stancl\Tenancy\Interfaces\ServerConfigManager;
+
+class ServerManager
+{
+    public function __construct(ServerConfigManager $serverConfigManager, TenantManager $tenantManager)
+    {
+        $this->serverConfigManager = $serverConfigManager;
+        $this->tenantManager = $tenantManager;
+    }
+
+    public function getConfigFilePath()
+    {
+        if (config('tenancy.server.file.single')) {
+            return config('tenancy.server.file.path');
+        }
+
+        return config('tenancy.server.file.path.prefix') . $this->tenantManager('uuid') . config('tenancy.server.file.path.suffix');
+    }
+
+    public function create()
+    {
+    }
+
+    public function delete()
+    {
+        // todo
+    }
+}

src/TenancyServiceProvider.php

@@ -54,6 +54,7 @@ class TenancyServiceProvider extends ServiceProvider
         $this->mergeConfigFrom(__DIR__ . '/config/tenancy.php', 'tenancy');
 
         $this->app->bind(StorageDriver::class, $this->app['config']['tenancy.storage_driver']);
+        $this->app->bind(ServerConfigManager::class, $this->app['config']['tenancy.server.manager']);
         $this->app->singleton(DatabaseManager::class);
         $this->app->singleton(TenantManager::class, function ($app) {
             return new TenantManager($app, $app[StorageDriver::class], $app[DatabaseManager::class]);

src/TenantManager.php

@@ -264,4 +264,19 @@ class TenantManager
 
         return $this->put($this->put($key, $value));
     }
+
+    /**
+     * Return the identified tenant's attribute(s).
+     *
+     * @param string $attribute
+     * @return mixed
+     */
+    public function __invoke($attribute)
+    {
+        if (is_null($attribute)) {
+            return $this->tenant;
+        }
+        
+        return $this->tenant[(string) $attribute];
+    }
 }

src/config/tenancy.php

@@ -30,4 +30,19 @@ return [
             // 's3',
         ],
     ],
+    'server' => [
+        'manager' => 'Stancl\Tenancy\ServerConfigManagers\NginxConfigManager',
+        'file' => [
+            'single' => true, // single file for all tenant vhosts
+            'path' => '/etc/nginx/sites-available/tenants.conf',
+            /*
+            'single' => false,
+            'path' => [
+                'prefix' => '/etc/nginx/sites-available/tenants/tenant',
+                'suffix' => '.conf',
+                // results in: '/etc/nginx/sites-available/tenants/tenant' . $uuid . '.conf'
+            ]
+            */
+        ]
+    ]
 ];