nodetec · jchiarulli · Oct 4, 2024 · Oct 4, 2024 · Oct 4, 2024
diff --git a/cmd/install.go b/cmd/install.go
@@ -25,7 +25,7 @@ var installCmd = &cobra.Command{
 		pterm.Println()
 
 		// Supported relay options
-		options := []string{"Khatru Pyramid", "strfry", "Khatru29", "strfry29", "WoT Relay"}
+		options := []string{khatru_pyramid.RelayName, strfry.RelayName, khatru29.RelayName, strfry29.RelayName, wot_relay.RelayName}
 
 		// Use PTerm's interactive select feature to present the options to the user and capture their selection
 		// The Show() method displays the options and waits for the user's input
@@ -36,23 +36,23 @@ var installCmd = &cobra.Command{
 
 		var privKey string
 		var pubKey string
-		if selectedRelayOption == "Khatru Pyramid" || selectedRelayOption == "WoT Relay" {
+		if selectedRelayOption == khatru_pyramid.RelayName || selectedRelayOption == wot_relay.RelayName {
 			pterm.Println()
 			pubKey, _ = pterm.DefaultInteractiveTextInput.Show("Public key (hex not npub)")
-		} else if selectedRelayOption == "Khatru29" || selectedRelayOption == "strfry29" {
+		} else if selectedRelayOption == khatru29.RelayName || selectedRelayOption == strfry29.RelayName {
 			pterm.Println()
 			privKeyInput := pterm.DefaultInteractiveTextInput.WithMask("*")
 			privKey, _ = privKeyInput.Show("Private key (hex not nsec)")
 		}
 
 		var relayContact string
-		if selectedRelayOption == "Khatru Pyramid" || selectedRelayOption == "Khatru29" {
+		if selectedRelayOption == khatru_pyramid.RelayName || selectedRelayOption == khatru29.RelayName {
 			pterm.Println()
 			pterm.Println(pterm.Yellow("Leave email empty if you don't want to provide relay contact information."))
 
 			pterm.Println()
 			relayContact, _ = pterm.DefaultInteractiveTextInput.Show("Email address")
-		} else if selectedRelayOption == "WoT Relay" {
+		} else if selectedRelayOption == wot_relay.RelayName {
 			pterm.Println()
 			pterm.Println(pterm.Yellow("If you leave the relay contact information empty, then the relay's public key will be used."))
 
@@ -70,7 +70,7 @@ var installCmd = &cobra.Command{
 		// Step 2: Configure the firewall
 		network.ConfigureFirewall()
 
-		if selectedRelayOption == "Khatru Pyramid" {
+		if selectedRelayOption == khatru_pyramid.RelayName {
 			// Step 3: Configure Nginx for HTTP
 			khatru_pyramid.ConfigureNginxHttp(relayDomain)
 
@@ -89,7 +89,7 @@ var installCmd = &cobra.Command{
 
 			// Step 8: Show success messages
 			khatru_pyramid.SuccessMessages(relayDomain, httpsEnabled)
-		} else if selectedRelayOption == "strfry" {
+		} else if selectedRelayOption == strfry.RelayName {
 			// Step 3: Configure Nginx for HTTP
 			strfry.ConfigureNginxHttp(relayDomain)
 
@@ -108,7 +108,7 @@ var installCmd = &cobra.Command{
 
 			// Step 8: Show success messages
 			strfry.SuccessMessages(relayDomain, httpsEnabled)
-		} else if selectedRelayOption == "Khatru29" {
+		} else if selectedRelayOption == khatru29.RelayName {
 			// Step 3: Configure Nginx for HTTP
 			khatru29.ConfigureNginxHttp(relayDomain)
 
@@ -127,7 +127,7 @@ var installCmd = &cobra.Command{
 
 			// Step 8: Show success messages
 			khatru29.SuccessMessages(relayDomain, httpsEnabled)
-		} else if selectedRelayOption == "strfry29" {
+		} else if selectedRelayOption == strfry29.RelayName {
 			// Step 3: Configure Nginx for HTTP
 			strfry29.ConfigureNginxHttp(relayDomain)
 
@@ -146,7 +146,7 @@ var installCmd = &cobra.Command{
 
 			// Step 8: Show success messages
 			strfry29.SuccessMessages(relayDomain, httpsEnabled)
-		} else if selectedRelayOption == "WoT Relay" {
+		} else if selectedRelayOption == wot_relay.RelayName {
 			// Step 3: Configure Nginx for HTTP
 			wot_relay.ConfigureNginxHttp(relayDomain)
 

diff --git a/cmd/root.go b/cmd/root.go
@@ -11,7 +11,7 @@ var rootCmd = &cobra.Command{
 	Use:   "rwz",
 	Short: "A wizard for Nostr relay runners",
 	Long: `rwz is a CLI tool for Nostr relay operators that 
-helps install and configure your specified relay.`,
+helps install and configure your relays.`,
 }
 
 // Execute adds all child commands to the root command and sets flags appropriately.

diff --git a/pkg/network/certbot.go b/pkg/network/certbot.go
@@ -43,26 +43,24 @@ func GetCertificates(domainName string) bool {
 
 	spinner, _ := pterm.DefaultSpinner.Start("Checking SSL/TLS certificates...")
 
-	certificatePath := fmt.Sprintf("/etc/letsencrypt/live/%s", domainName)
-
 	// Check if certificates already exist
-	if files.FileExists(fmt.Sprintf("%s/fullchain.pem", certificatePath)) &&
-		files.FileExists(fmt.Sprintf("%s/privkey.pem", certificatePath)) &&
-		files.FileExists(fmt.Sprintf("%s/chain.pem", certificatePath)) {
+	if files.FileExists(fmt.Sprintf("%s/%s/%s", CertificateDirPath, domainName, FullchainFile)) &&
+		files.FileExists(fmt.Sprintf("%s/%s/%s", CertificateDirPath, domainName, PrivkeyFile)) &&
+		files.FileExists(fmt.Sprintf("%s/%s/%s", CertificateDirPath, domainName, ChainFile)) {
 		spinner.Info("SSL/TLS certificates already exist.")
 		return true
 	}
 
 	spinner.UpdateText("Obtaining SSL/TLS certificates...")
 	if email == "" {
-		cmd := exec.Command("certbot", "certonly", "--webroot", "-w", fmt.Sprintf("/var/www/%s", domainName), "-d", domainName, "--agree-tos", "--no-eff-email", "-q", "--register-unsafely-without-email")
+		cmd := exec.Command("certbot", "certonly", "--webroot", "-w", fmt.Sprintf("%s/%s", WWWDirPath, domainName), "-d", domainName, "--agree-tos", "--no-eff-email", "-q", "--register-unsafely-without-email")
 		err := cmd.Run()
 		if err != nil {
 			pterm.Error.Println(fmt.Sprintf("Certbot failed to obtain the certificate for %s: %v", domainName, err))
 			os.Exit(1)
 		}
 	} else {
-		cmd := exec.Command("certbot", "certonly", "--webroot", "-w", fmt.Sprintf("/var/www/%s", domainName), "-d", domainName, "--email", email, "--agree-tos", "--no-eff-email", "-q")
+		cmd := exec.Command("certbot", "certonly", "--webroot", "-w", fmt.Sprintf("%s/%s", WWWDirPath, domainName), "-d", domainName, "--email", email, "--agree-tos", "--no-eff-email", "-q")
 		err := cmd.Run()
 		if err != nil {
 			pterm.Error.Println(fmt.Sprintf("Certbot failed to obtain the certificate for %s: %v", domainName, err))

diff --git a/pkg/network/constants.go b/pkg/network/constants.go
@@ -0,0 +1,8 @@
+package network
+
+const CertificateDirPath = "/etc/letsencrypt/live"
+const FullchainFile = "fullchain.pem"
+const PrivkeyFile = "privkey.pem"
+const ChainFile = "chain.pem"
+const WWWDirPath = "/var/www"
+const AcmeChallengeDirPath = ".well-known/acme-challenge"
diff --git a/pkg/relays/constants.go b/pkg/relays/constants.go
@@ -1,3 +1,4 @@
 package relays
 
 const BinaryDestDir = "/usr/local/bin"
+const TmpDirPath = "/tmp"
diff --git a/pkg/relays/khatru29/install.go b/pkg/relays/khatru29/install.go
@@ -16,7 +16,7 @@ func InstallRelayBinary() {
 	tmpFileName := filepath.Base(DownloadURL)
 
 	// Temporary file path
-	tmpFilePath := fmt.Sprintf("/tmp/%s", tmpFileName)
+	tmpFilePath := fmt.Sprintf("%s/%s", relays.TmpDirPath, tmpFileName)
 
 	// Check if the temporary file exists and remove it if it does
 	files.RemoveFile(tmpFilePath)

diff --git a/pkg/relays/khatru29/nginx_http.go b/pkg/relays/khatru29/nginx_http.go
@@ -2,6 +2,7 @@ package khatru29
 
 import (
 	"fmt"
+	"github.com/nodetec/rwz/pkg/network"
 	"github.com/nodetec/rwz/pkg/utils/directories"
 	"github.com/nodetec/rwz/pkg/utils/files"
 	"github.com/nodetec/rwz/pkg/utils/systemd"
@@ -14,7 +15,7 @@ func ConfigureNginxHttp(domainName string) {
 
 	files.RemoveFile(NginxConfigFilePath)
 
-	directories.CreateDirectory(fmt.Sprintf("/var/www/%s/.well-known/acme-challenge/", domainName), 0755)
+	directories.CreateDirectory(fmt.Sprintf("%s/%s/%s/", network.WWWDirPath, domainName, network.AcmeChallengeDirPath), 0755)
 
 	configContent := fmt.Sprintf(`map $http_upgrade $connection_upgrade {
     default upgrade;
@@ -25,14 +26,13 @@ upstream websocket_khatru29 {
     server 0.0.0.0:5577;
 }
 
-# %s
 server {
     listen 80;
     listen [::]:80;
     server_name %s;
 
-    location /.well-known/acme-challenge/ {
-        root /var/www/%s;
+    location /%s/ {
+        root %s/%s;
         allow all;
     }
 
@@ -79,7 +79,7 @@ server {
         return 301 http://%s$request_uri;
     }
 }
-`, domainName, domainName, domainName, domainName, domainName)
+`, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName, domainName)
 
 	files.WriteFile(NginxConfigFilePath, configContent, 0644)
 

diff --git a/pkg/relays/khatru29/nginx_https.go b/pkg/relays/khatru29/nginx_https.go
@@ -2,6 +2,7 @@ package khatru29
 
 import (
 	"fmt"
+	"github.com/nodetec/rwz/pkg/network"
 	"github.com/nodetec/rwz/pkg/utils/files"
 	"github.com/nodetec/rwz/pkg/utils/systemd"
 	"github.com/pterm/pterm"
@@ -27,7 +28,7 @@ server {
     listen [::]:443 ssl http2;
     server_name %s;
 
-    root /var/www/%s;
+    root %s/%s;
 
     location / {
         # First attempt to serve request as file, then
@@ -48,10 +49,10 @@ server {
     # Test configuration:
     # https://www.ssllabs.com/ssltest/analyze.html
     # https://cryptcheck.fr/
-    ssl_certificate /etc/letsencrypt/live/%s/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/%s/privkey.pem;
+    ssl_certificate %s/%s/%s;
+    ssl_certificate_key %s/%s/%s;
     # Verify chain of trust of OCSP response using Root CA and Intermediate certs
-    ssl_trusted_certificate /etc/letsencrypt/live/%s/chain.pem;
+    ssl_trusted_certificate %s/%s/%s;
 
     # TODO
     # Add support to generate the file in the script
@@ -109,16 +110,16 @@ server {
     listen [::]:80;
     server_name %s;
 
-    location /.well-known/acme-challenge/ {
-        root /var/www/%s;
+    location /%s/ {
+        root %s/%s;
         allow all;
     }
 
     location / {
         return 301 https://%s$request_uri;
     }
 }
-`, domainName, domainName, domainName, domainName, domainName, domainName, domainName, domainName)
+`, domainName, network.WWWDirPath, domainName, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName)
 
 	files.WriteFile(NginxConfigFilePath, configContent, 0644)
 

diff --git a/pkg/relays/khatru_pyramid/install.go b/pkg/relays/khatru_pyramid/install.go
@@ -16,7 +16,7 @@ func InstallRelayBinary() {
 	tmpFileName := filepath.Base(DownloadURL)
 
 	// Temporary file path
-	tmpFilePath := fmt.Sprintf("/tmp/%s", tmpFileName)
+	tmpFilePath := fmt.Sprintf("%s/%s", relays.TmpDirPath, tmpFileName)
 
 	// Check if the temporary file exists and remove it if it does
 	files.RemoveFile(tmpFilePath)

diff --git a/pkg/relays/khatru_pyramid/nginx_http.go b/pkg/relays/khatru_pyramid/nginx_http.go
@@ -2,6 +2,7 @@ package khatru_pyramid
 
 import (
 	"fmt"
+	"github.com/nodetec/rwz/pkg/network"
 	"github.com/nodetec/rwz/pkg/utils/directories"
 	"github.com/nodetec/rwz/pkg/utils/files"
 	"github.com/nodetec/rwz/pkg/utils/systemd"
@@ -14,7 +15,7 @@ func ConfigureNginxHttp(domainName string) {
 
 	files.RemoveFile(NginxConfigFilePath)
 
-	directories.CreateDirectory(fmt.Sprintf("/var/www/%s/.well-known/acme-challenge/", domainName), 0755)
+	directories.CreateDirectory(fmt.Sprintf("%s/%s/%s/", network.WWWDirPath, domainName, network.AcmeChallengeDirPath), 0755)
 
 	configContent := fmt.Sprintf(`map $http_upgrade $connection_upgrade {
     default upgrade;
@@ -25,14 +26,13 @@ upstream websocket_khatru_pyramid {
     server 0.0.0.0:3335;
 }
 
-# %s
 server {
     listen 80;
     listen [::]:80;
     server_name %s;
 
-    location /.well-known/acme-challenge/ {
-        root /var/www/%s;
+    location /%s/ {
+        root %s/%s;
         allow all;
     }
 
@@ -79,7 +79,7 @@ server {
         return 301 http://%s$request_uri;
     }
 }
-`, domainName, domainName, domainName, domainName, domainName)
+`, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName, domainName)
 
 	files.WriteFile(NginxConfigFilePath, configContent, 0644)
 

diff --git a/pkg/relays/khatru_pyramid/nginx_https.go b/pkg/relays/khatru_pyramid/nginx_https.go
@@ -2,6 +2,7 @@ package khatru_pyramid
 
 import (
 	"fmt"
+	"github.com/nodetec/rwz/pkg/network"
 	"github.com/nodetec/rwz/pkg/utils/files"
 	"github.com/nodetec/rwz/pkg/utils/systemd"
 	"github.com/pterm/pterm"
@@ -27,7 +28,7 @@ server {
     listen [::]:443 ssl http2;
     server_name %s;
 
-    root /var/www/%s;
+    root %s/%s;
 
     location / {
         # First attempt to serve request as file, then
@@ -48,10 +49,10 @@ server {
     # Test configuration:
     # https://www.ssllabs.com/ssltest/analyze.html
     # https://cryptcheck.fr/
-    ssl_certificate /etc/letsencrypt/live/%s/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/%s/privkey.pem;
+    ssl_certificate %s/%s/%s;
+    ssl_certificate_key %s/%s/%s;
     # Verify chain of trust of OCSP response using Root CA and Intermediate certs
-    ssl_trusted_certificate /etc/letsencrypt/live/%s/chain.pem;
+    ssl_trusted_certificate %s/%s/%s;
 
     # TODO
     # Add support to generate the file in the script
@@ -109,16 +110,16 @@ server {
     listen [::]:80;
     server_name %s;
 
-    location /.well-known/acme-challenge/ {
-        root /var/www/%s;
+    location /%s/ {
+        root %s/%s;
         allow all;
     }
 
     location / {
         return 301 https://%s$request_uri;
     }
 }
-`, domainName, domainName, domainName, domainName, domainName, domainName, domainName, domainName)
+`, domainName, network.WWWDirPath, domainName, network.CertificateDirPath, domainName, network.FullchainFile, network.CertificateDirPath, domainName, network.PrivkeyFile, network.CertificateDirPath, domainName, network.ChainFile, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName)
 
 	files.WriteFile(NginxConfigFilePath, configContent, 0644)
 

diff --git a/pkg/relays/strfry/install.go b/pkg/relays/strfry/install.go
@@ -25,7 +25,7 @@ func InstallRelayBinary() {
 	tmpFileName := filepath.Base(DownloadURL)
 
 	// Temporary file path
-	tmpFilePath := fmt.Sprintf("/tmp/%s", tmpFileName)
+	tmpFilePath := fmt.Sprintf("%s/%s", relays.TmpDirPath, tmpFileName)
 
 	// Check if the temporary file exists and remove it if it does
 	files.RemoveFile(tmpFilePath)

diff --git a/pkg/relays/strfry/nginx_http.go b/pkg/relays/strfry/nginx_http.go
@@ -2,6 +2,7 @@ package strfry
 
 import (
 	"fmt"
+	"github.com/nodetec/rwz/pkg/network"
 	"github.com/nodetec/rwz/pkg/utils/directories"
 	"github.com/nodetec/rwz/pkg/utils/files"
 	"github.com/nodetec/rwz/pkg/utils/systemd"
@@ -14,16 +15,15 @@ func ConfigureNginxHttp(domainName string) {
 
 	files.RemoveFile(NginxConfigFilePath)
 
-	directories.CreateDirectory(fmt.Sprintf("/var/www/%s/.well-known/acme-challenge/", domainName), 0755)
+	directories.CreateDirectory(fmt.Sprintf("%s/%s/%s/", network.WWWDirPath, domainName, network.AcmeChallengeDirPath), 0755)
 
-	configContent := fmt.Sprintf(`# %s
-server {
+	configContent := fmt.Sprintf(`server {
     listen 80;
     listen [::]:80;
     server_name %s;
 
-    location /.well-known/acme-challenge/ {
-        root /var/www/%s;
+    location /%s/ {
+        root %s/%s;
         allow all;
     }
 
@@ -70,7 +70,7 @@ server {
         return 301 http://%s$request_uri;
     }
 }
-`, domainName, domainName, domainName, domainName, domainName)
+`, domainName, network.AcmeChallengeDirPath, network.WWWDirPath, domainName, domainName, domainName)
 
 	files.WriteFile(NginxConfigFilePath, configContent, 0644)