2019-01-04 22:04:29 -07:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
#######
|
|
|
|
### Update NGINX configuration '<tags>' with proper values and optionally copy
|
|
|
|
### to updated directory structure
|
|
|
|
#######
|
|
|
|
|
|
|
|
|
2019-01-04 22:42:18 -07:00
|
|
|
### text formatting ansi codes
|
2019-01-04 22:04:29 -07:00
|
|
|
err="\e[1;31m"
|
|
|
|
ok="\e[1;32m"
|
|
|
|
warn="\e[93m"
|
|
|
|
mag="\e[95m"
|
|
|
|
cyan="\e[96m"
|
|
|
|
norm="\e[0m"
|
|
|
|
|
|
|
|
|
2019-01-04 22:42:18 -07:00
|
|
|
### set variables
|
|
|
|
|
2019-01-05 01:10:48 -07:00
|
|
|
# clear variables
|
2019-01-04 22:42:18 -07:00
|
|
|
unset IP4
|
|
|
|
unset useCertbot
|
|
|
|
unset CertbotDomain
|
|
|
|
unset CertPath
|
2019-01-04 22:56:24 -07:00
|
|
|
unset KeyPath
|
2019-01-04 23:36:31 -07:00
|
|
|
unset CAChainPath
|
2019-01-04 23:21:44 -07:00
|
|
|
unset DHPath
|
2019-01-04 22:42:18 -07:00
|
|
|
|
2019-01-05 01:10:48 -07:00
|
|
|
# set variables
|
2019-01-05 02:11:49 -07:00
|
|
|
serverNames_working=()
|
|
|
|
serverNames=()
|
2019-01-04 22:04:29 -07:00
|
|
|
detectedIP=$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')
|
|
|
|
regexIP4="(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])"
|
2019-01-04 22:26:47 -07:00
|
|
|
regexHostname="(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])"
|
2019-01-05 01:10:48 -07:00
|
|
|
certbotFiles=(cert.pem chain.pem fullchain.pem privkey.pem)
|
2019-01-05 02:11:49 -07:00
|
|
|
hostname=$(hostname)
|
2019-01-05 01:10:48 -07:00
|
|
|
configPath="./etc.${hostname}"
|
|
|
|
|
|
|
|
# set tags to update
|
|
|
|
tag_sslcert="<path/to/your_ssl_certificate_fullchain>"
|
|
|
|
tag_sslkey="<path/to/your_certificate_private_key.key>"
|
|
|
|
tag_dhparam="<path/to/your_dhparam.pem>"
|
|
|
|
tag_cachain="<path/to/your_CA_bundle.crt>"
|
2019-01-04 22:04:29 -07:00
|
|
|
|
|
|
|
|
2019-01-04 22:42:18 -07:00
|
|
|
### quick intro for the user
|
2019-01-04 22:04:29 -07:00
|
|
|
echo -e "\n${mag}This script will customize the provided NGINX template files for your"
|
|
|
|
echo "environment. You will be prompted for all necessary information. After that,"
|
|
|
|
echo "default error pages will be copied to your webroot and your NGINX configuration"
|
|
|
|
echo -e "directory structure will be customized.${norm}\n"
|
|
|
|
echo -e "${warn}You may accept the default option (listed in brackets) by simply"
|
|
|
|
echo "pressing ENTER (i.e. no answer)."
|
|
|
|
echo -e "You may exit this script at any prompt by typing 'X'${norm}\n"
|
|
|
|
|
|
|
|
|
2019-01-04 22:06:05 -07:00
|
|
|
### get local IP address
|
2019-01-05 02:18:44 -07:00
|
|
|
echo -e "\n${mag}In cases where this server will be acting as a (reverse) proxy,NGINX"
|
|
|
|
echo "needs to know it's own local IP address so that the logs can properly reflect"
|
|
|
|
echo -e "the IP of the remote system(s) instead of this server.${norm}\n"
|
2019-01-04 22:06:05 -07:00
|
|
|
while true; do
|
|
|
|
read -p "What is this NGINX machine's primary local IP4 address? (${detectedIP}) " inputIP
|
|
|
|
case "${inputIP}" in
|
|
|
|
'')
|
|
|
|
IP4="${detectedIP}"
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Xx]*)
|
|
|
|
echo -e "\n${cyan}---exiting---\n${norm}"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
# check IP for validity
|
|
|
|
if [[ "${inputIP}" =~ ^${regexIP4}$ ]]; then
|
|
|
|
IP4="${inputIP}"
|
|
|
|
break
|
|
|
|
else
|
|
|
|
echo -e "\n${err}Invalid IP4 format (xxx.xxx.xxx.xxx)${norm}"
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
2019-01-04 22:04:29 -07:00
|
|
|
|
2019-01-04 22:26:47 -07:00
|
|
|
|
2019-01-05 02:11:49 -07:00
|
|
|
### get server names for this installation
|
|
|
|
echo -e "\n${mag}NIGNX needs to know what hostnames it should answer. You can pick as many"
|
|
|
|
echo "hostnames as you like. Please ensure you provide fully-qualified domain"
|
|
|
|
echo "names unless you are providing special names such as 'localhost' and fully"
|
|
|
|
echo "understand what that means in this context."
|
|
|
|
echo -e "\nIf you're setting up this system with SSL, then make sure your hostnames"
|
|
|
|
echo "match what appears on your certificates!"
|
|
|
|
echo -e "\n${warn}You will be prompted to enter one hostname at a time."
|
|
|
|
echo "Provide a blank-entry (hit enter) when you're done."
|
|
|
|
echo -e "'X' will exit the script, as always${norm}\n"
|
|
|
|
while true; do
|
2019-01-05 02:19:43 -07:00
|
|
|
read -p "Hostname for this server? " inputServerName
|
2019-01-05 02:11:49 -07:00
|
|
|
case "${inputServerName}" in
|
|
|
|
'')
|
2019-01-05 02:16:05 -07:00
|
|
|
# check that at least one name as been provided
|
|
|
|
if [ -z "${serverNames_working}" ]; then
|
|
|
|
echo -e "\n${err}You must provide at least one hostname${norm}"
|
|
|
|
else
|
|
|
|
break
|
|
|
|
fi
|
2019-01-05 02:11:49 -07:00
|
|
|
;;
|
|
|
|
[Xx]*)
|
|
|
|
echo -e "\n${cyan}---exiting---\n${norm}"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
# check hostname for validity
|
|
|
|
if [[ ! "${inputServerName}" =~ ^${regexHostname}$ ]]; then
|
|
|
|
echo -e "\n${err}Invalid hostname${norm}"
|
|
|
|
else
|
|
|
|
serverNames_working+=("${inputServerName}")
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
# create new array with unqiue values only
|
|
|
|
declare -A uniqueSN
|
|
|
|
for name in "${serverNames_working[@]}"; do
|
|
|
|
uniqueSN["${name}"]=""
|
|
|
|
done
|
|
|
|
for sn in "${!uniqueSN[@]}"; do
|
|
|
|
serverNames+=("${sn}")
|
|
|
|
done
|
|
|
|
|
|
|
|
|
2019-01-04 22:26:47 -07:00
|
|
|
### SSL related options
|
|
|
|
# using certbot?
|
2019-01-05 02:22:36 -07:00
|
|
|
echo -e "\n${mag}If you are using Certbot then you only need to provide the primary"
|
|
|
|
echo "domain name of your certificate and the script will auto-generate the paths"
|
|
|
|
echo -e "NGINX needs for find your certificate, CA-chain and private key.${norm}\n"
|
2019-01-04 22:26:47 -07:00
|
|
|
while true; do
|
2019-01-05 02:22:36 -07:00
|
|
|
read -p "Are you using Certbot to handle your SSL certificates? (default: No) " yn
|
2019-01-04 22:58:24 -07:00
|
|
|
case "${yn}" in
|
2019-01-04 22:26:47 -07:00
|
|
|
[Yy]*)
|
|
|
|
useCertbot=1
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Nn]|'')
|
|
|
|
useCertbot=0
|
|
|
|
unset CertbotDomain
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Xx]*)
|
|
|
|
echo -e "\n${cyan}---exiting---\n${norm}"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo -e "\n${err}Please answer (Y)es, (N)o, e(X)it or accept default${norm}"
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
|
|
|
|
# using Certbot: get primary domain name since that how Certbot determines paths
|
|
|
|
if [ "${useCertbot}" -eq 1 ]; then
|
|
|
|
while true; do
|
|
|
|
read -p "What is the primary domain for your Certbot Certificates? " inputCertbotDomain
|
2019-01-04 22:58:24 -07:00
|
|
|
case "${inputCertbotDomain}" in
|
2019-01-04 22:26:47 -07:00
|
|
|
'')
|
|
|
|
echo -e "\n${err}You cannot have an empty domain name${norm}"
|
|
|
|
;;
|
|
|
|
[Xx]*)
|
|
|
|
echo -e "\n${cyan}---exiting---\n${norm}"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
# check hostname for validity
|
2019-01-05 00:32:34 -07:00
|
|
|
if [[ ! "${inputCertbotDomain}" =~ ^${regexHostname}$ ]]; then
|
2019-01-04 22:26:47 -07:00
|
|
|
echo -e "\n${err}Invalid hostname${norm}"
|
2019-01-05 00:32:34 -07:00
|
|
|
else
|
|
|
|
# check if Certbot files exist in path implied from hostname
|
|
|
|
echo -e "\n${cyan}Verifying Certbot files..."
|
|
|
|
echo -e "(/etc/letsencrypt/live/${inputCertbotDomain}/...)${norm}"
|
|
|
|
certbotBadFile=()
|
|
|
|
for certbotFile in "${certbotFiles[@]}"; do
|
|
|
|
if [ -f "/etc/letsencrypt/live/${inputCertbotDomain}/$certbotFile" ]; then
|
|
|
|
echo -e "File: ${certbotFile} -- ${ok}OK${norm}"
|
|
|
|
else
|
|
|
|
echo -e "File: ${certbotFile} -- ${err}X${norm}"
|
|
|
|
certbotBadFile+=("${certbotFile}")
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
if [ -z "${certbotBadFile}" ]; then
|
2019-01-05 00:36:29 -07:00
|
|
|
echo -e "${cyan}Certbot files seem intact${norm}\n"
|
2019-01-05 00:32:34 -07:00
|
|
|
CertbotDomain="${inputCertbotDomain}"
|
|
|
|
break
|
|
|
|
else
|
|
|
|
echo -e "\n${err}The following files are missing from ${inputCertbotDomain}:"
|
|
|
|
echo -e "${warn}${certbotBadFile[@]}${norm}"
|
|
|
|
echo -e "${err}These files are all required for proper SSL operation of NGINX using Certbot.${norm}\n"
|
|
|
|
while true; do
|
|
|
|
read -p "Do you want to use these settings anyways? " yn
|
|
|
|
case "${yn}" in
|
|
|
|
[Yy]*)
|
|
|
|
CertbotDomain="${inputCertbotDomain}"
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Nn]*)
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
if [ -n "${CertbotDomain}" ]; then
|
|
|
|
break
|
|
|
|
fi
|
2019-01-04 22:26:47 -07:00
|
|
|
fi
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
|
2019-01-04 23:32:56 -07:00
|
|
|
# Generate paths from CertbotDomain
|
|
|
|
if [ "${useCertbot}" -eq 1 ]; then
|
|
|
|
CertPath="/etc/letsencrypt/live/${CertbotDomain}/fullchain.pem"
|
|
|
|
KeyPath="/etc/letsencrypt/live/${CertbotDomain}/privkey.pem"
|
2019-01-04 23:36:31 -07:00
|
|
|
CAChainPath="/etc/letsencrypt/live/${CertbotDomain}/chain.pem"
|
2019-01-04 23:32:56 -07:00
|
|
|
fi
|
|
|
|
|
2019-01-04 23:25:53 -07:00
|
|
|
# only process manual certificate paths if NOT using Certbot
|
|
|
|
if [ "${useCertbot}" -eq 0 ]; then
|
|
|
|
# not using Certbot: get location of certificate
|
|
|
|
while true; do
|
|
|
|
read -p "What is the path to your primary SSL certificate? " inputCertPath
|
|
|
|
case "${inputCertPath}" in
|
|
|
|
'')
|
|
|
|
echo -e "\n${err}You cannot have an empty path to your SSL certificate${norm}"
|
|
|
|
;;
|
|
|
|
[Xx]*)
|
|
|
|
echo -e "\n${cyan}---exiting---\n${norm}"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
# validate path
|
|
|
|
if [ -f "${inputCertPath}" ]; then
|
|
|
|
CertPath="${inputCertPath}"
|
2019-01-04 22:50:24 -07:00
|
|
|
break
|
2019-01-04 23:25:53 -07:00
|
|
|
else
|
|
|
|
echo -e "\n${warn}The file you specified doesn't exist${norm}"
|
|
|
|
while true; do
|
|
|
|
read -p "Do you want to use this path anyways? " yn
|
|
|
|
case $yn in
|
|
|
|
[Yy]*)
|
|
|
|
CertPath="${inputCertPath}"
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Nn]*)
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
if [ -n "${CertPath}" ]; then
|
|
|
|
break
|
|
|
|
fi
|
2019-01-04 22:50:24 -07:00
|
|
|
fi
|
2019-01-04 23:25:53 -07:00
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
2019-01-04 22:50:24 -07:00
|
|
|
|
2019-01-04 23:25:53 -07:00
|
|
|
# not using Certbot: get location of private key
|
|
|
|
while true; do
|
|
|
|
read -p "What is the path to your primary SSL private key? " inputKeyPath
|
|
|
|
case "${inputKeyPath}" in
|
|
|
|
'')
|
|
|
|
echo -e "\n${err}You cannot have an empty path to your SSL private key${norm}"
|
|
|
|
;;
|
|
|
|
[Xx]*)
|
|
|
|
echo -e "\n${cyan}---exiting---\n${norm}"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
# validate path
|
|
|
|
if [ -f "${inputKeyPath}" ]; then
|
|
|
|
KeyPath="${inputKeyPath}"
|
2019-01-04 22:56:24 -07:00
|
|
|
break
|
2019-01-04 23:25:53 -07:00
|
|
|
else
|
|
|
|
echo -e "\n${warn}The file you specified doesn't exist${norm}"
|
|
|
|
while true; do
|
|
|
|
read -p "Do you want to use this path anyways? " yn
|
|
|
|
case $yn in
|
|
|
|
[Yy]*)
|
|
|
|
KeyPath="${inputKeyPath}"
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Nn]*)
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
if [ -n "${KeyPath}" ]; then
|
|
|
|
break
|
|
|
|
fi
|
2019-01-04 22:56:24 -07:00
|
|
|
fi
|
2019-01-04 23:25:53 -07:00
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
2019-01-04 23:21:44 -07:00
|
|
|
|
2019-01-04 23:40:05 -07:00
|
|
|
# not using Certbot: get location of CA Certificate Chain
|
|
|
|
while true; do
|
|
|
|
read -p "What is the path to your primary SSL CA Chain certificate? " inputCAChainPath
|
|
|
|
case "${inputCAChainPath}" in
|
|
|
|
'')
|
|
|
|
echo -e "\n${err}You cannot have an empty path to your SSL CA Chain certificate${norm}"
|
|
|
|
;;
|
|
|
|
[Xx]*)
|
|
|
|
echo -e "\n${cyan}---exiting---\n${norm}"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
# validate path
|
|
|
|
if [ -f "${inputCAChainPath}" ]; then
|
|
|
|
CAChainPath="${inputCAChainPath}"
|
|
|
|
break
|
|
|
|
else
|
|
|
|
echo -e "\n${warn}The file you specified doesn't exist${norm}"
|
|
|
|
while true; do
|
|
|
|
read -p "Do you want to use this path anyways? " yn
|
|
|
|
case $yn in
|
|
|
|
[Yy]*)
|
|
|
|
CAChainPath="${inputCAChainPath}"
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Nn]*)
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
if [ -n "${CAChainPath}" ]; then
|
|
|
|
break
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
2019-01-05 00:34:38 -07:00
|
|
|
fi
|
2019-01-04 23:40:05 -07:00
|
|
|
|
2019-01-05 00:34:38 -07:00
|
|
|
# dhparam: get location of DH Parameters file
|
|
|
|
while true; do
|
|
|
|
read -p "What is the path to your DH Parameters file? (default: /etc/ssl/certs/dhparam.pem) " inputDHPath
|
|
|
|
case "${inputDHPath}" in
|
|
|
|
'')
|
|
|
|
# verify default path exists
|
|
|
|
inputDHPath="/etc/ssl/certs/dhparam.pem"
|
|
|
|
if [ -f "${inputDHPath}" ]; then
|
|
|
|
DHPath="${inputDHPath}"
|
|
|
|
break
|
|
|
|
else
|
|
|
|
echo -e "\n${warn}The file you specified doesn't exist${norm}"
|
|
|
|
while true; do
|
|
|
|
read -p "Do you want to use this path anyways? " yn
|
|
|
|
case $yn in
|
|
|
|
[Yy]*)
|
|
|
|
DHPath="${inputDHPath}"
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Nn]*)
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
if [ -n "${DHPath}" ]; then
|
2019-01-04 23:21:44 -07:00
|
|
|
break
|
|
|
|
fi
|
2019-01-05 00:34:38 -07:00
|
|
|
fi
|
|
|
|
;;
|
|
|
|
[Xx]*)
|
|
|
|
echo -e "\n${cyan}---exiting---\n${norm}"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
# validate path
|
|
|
|
if [ -f "${inputDHPath}" ]; then
|
|
|
|
DHPath="${inputDHPath}"
|
|
|
|
break
|
|
|
|
else
|
|
|
|
echo -e "\n${warn}The file you specified doesn't exist${norm}"
|
|
|
|
while true; do
|
|
|
|
read -p "Do you want to use this path anyways? " yn
|
|
|
|
case $yn in
|
|
|
|
[Yy]*)
|
|
|
|
DHPath="${inputDHPath}"
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Nn]*)
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
if [ -n "${DHPath}" ]; then
|
2019-01-04 23:21:44 -07:00
|
|
|
break
|
|
|
|
fi
|
2019-01-05 00:34:38 -07:00
|
|
|
fi
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
|
2019-01-04 22:26:47 -07:00
|
|
|
|
2019-01-05 00:42:35 -07:00
|
|
|
### PHP-FPM related options
|
|
|
|
# get PHP-FPM usage status
|
|
|
|
while true; do
|
|
|
|
read -p "Are you using PHP-FPM? (default: YES) " yn
|
|
|
|
case $yn in
|
|
|
|
[Yy]*|'')
|
|
|
|
usePHP=1
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Nn]*)
|
|
|
|
usePHP=0
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Xx]*)
|
|
|
|
echo -e "\n${cyan}---exiting---\n${norm}"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo -e "\n${err}Please answer (Y)es, (N)o, e(X)it or accept default${norm}"
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
|
|
|
|
# get PHP-FPM version
|
|
|
|
if [ "${usePHP}" -eq 1 ]; then
|
|
|
|
while true; do
|
|
|
|
read -p "What version of PHP-FPM are you using? (default: 7.2) " inputPHPVersion
|
|
|
|
case $inputPHPVersion in
|
|
|
|
[[:digit:]]*|+[[:digit:]]*.[[:digit:]]*)
|
|
|
|
phpVersion="$inputPHPVersion"
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
'')
|
|
|
|
phpVersion=7.2
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
[Xx]*)
|
|
|
|
echo -e "\n${cyan}---exiting---\n${norm}"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo -e "\n${err}That does not seem to be a valid version number${norm}"
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
|
2019-01-05 01:12:33 -07:00
|
|
|
: <<'COMMENTSECTION'
|
2019-01-05 01:10:48 -07:00
|
|
|
### Write configurations to template files
|
|
|
|
# let user know what's happening
|
|
|
|
echo -e "\n${mag}---------------------${norm}"
|
|
|
|
echo -e "${cyan}Updating template files now"
|
|
|
|
|
|
|
|
# copy template files to working versions
|
|
|
|
rm -rf "${configPath}"
|
|
|
|
cp -R ./etc "${configPath}"
|
|
|
|
|
|
|
|
# process SSL snippet
|
|
|
|
echo "updating SSL paths in snippet file"
|
|
|
|
sed -e "s%${tag_sslcert}%${CertPath}%" "${configPath}/nginx/snippets/ssl/ssl_certs.conf"
|
|
|
|
sed -e "s%${tag_sslkey}%${KeyPath}%" "${configPath}/nginx/snippets/ssl/ssl_certs.conf"
|
|
|
|
|
|
|
|
# process mozModern SSL configuration
|
|
|
|
echo "updating SSL configuration parameters file"
|
|
|
|
echo -e "s%${tag_dhparam}%${DHPath}%" "${configPath}/nginx/conf.d/mozModern_ssl.conf"
|
|
|
|
echo -e "s%${tag_cachain}%${CAChainPath}%" "${configPath}/nginx/conf.d/mozModern_ssl.conf"
|
|
|
|
|
2019-01-05 01:12:33 -07:00
|
|
|
COMMENTSECTION
|
2019-01-05 01:10:48 -07:00
|
|
|
|
2019-01-04 22:26:47 -07:00
|
|
|
# debug section
|
2019-01-05 00:36:29 -07:00
|
|
|
echo -e "\n${mag}---------------------${norm}"
|
2019-01-04 22:26:47 -07:00
|
|
|
echo "Local IP4: $IP4"
|
2019-01-05 00:42:23 -07:00
|
|
|
echo -e "${cyan}--------------------${norm}"
|
2019-01-04 22:26:47 -07:00
|
|
|
echo "Using Certbot: $useCertbot"
|
|
|
|
echo "CertbotDomain: $CertbotDomain"
|
2019-01-05 00:42:23 -07:00
|
|
|
echo -e "${cyan}--------------------${norm}"
|
2019-01-04 22:50:24 -07:00
|
|
|
echo "CertPath: $CertPath"
|
2019-01-04 22:56:24 -07:00
|
|
|
echo "KeyPath: $KeyPath"
|
2019-01-04 23:40:05 -07:00
|
|
|
echo "CA-Chain: $CAChainPath"
|
2019-01-04 23:21:44 -07:00
|
|
|
echo "DHPath: $DHPath"
|
2019-01-05 00:42:23 -07:00
|
|
|
echo -e "${cyan}--------------------${norm}"
|
|
|
|
echo "usePHP: $usePHP"
|
|
|
|
echo "PHP Version: $phpVersion"
|
2019-01-05 00:37:28 -07:00
|
|
|
echo -e "${mag}---------------------${norm}\n"
|
2019-01-05 00:42:23 -07:00
|
|
|
|
|
|
|
|
|
|
|
|
2019-01-04 22:04:29 -07:00
|
|
|
exit 0
|