prepare /www directory, fix log socket path and whitelist acme challenges path

confs/global/nginx.conf

@@ -49,8 +49,8 @@ http {
 
 	# write logs to local syslog
 	log_format logf '%LOG_FORMAT%';
-	access_log syslog:server=unix:/dev/log,nohostname,facility=local0,severity=notice logf;
-	error_log syslog:server=unix:/dev/log,nohostname,facility=local0 warn;
+	access_log syslog:server=unix:/tmp/log,nohostname,facility=local0,severity=notice logf;
+	error_log syslog:server=unix:/tmp/log,nohostname,facility=local0 warn;
 
 	# temp paths
 	proxy_temp_path /tmp/proxy_temp;

confs/site/main-lua.conf

@@ -3,6 +3,7 @@ set $session_check_addr on;
 
 access_by_lua_block {
 
+local use_lets_encrypt		= %USE_LETS_ENCRYPT%
 local use_whitelist_ip		= %USE_WHITELIST_IP%
 local use_whitelist_reverse	= %USE_WHITELIST_REVERSE%
 local use_user_agent		= %USE_USER_AGENT%
@@ -31,6 +32,11 @@ local recaptcha		= require "recaptcha"
 local antibot_uri		= "%ANTIBOT_URI%"
 local whitelist_useragent_list	= {%WHITELIST_USERAGENT_LIST%}
 
+-- check if it's let's encrypt bot
+if use_lets_encrypt and string.match(ngx.var.request_uri, "^/.well-known/acme-challenge/") then
+	ngx.exit(ngx.OK)
+end
+
 -- check if already in whitelist cache
 if use_whitelist_ip and whitelist.ip_cached_ok() then
 	ngx.exit(ngx.OK)