asif/nginx-basic
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

added substitution sections for all SSL tags

Browse Source
This commit is contained in:
Asif Bacchus 2019-01-05 01:10:48 -07:00
parent 2de7c9e4ae
commit 0f74e43c58
2 changed files with 34 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.vscode/numbered-bookmarks.json vendored
View File

@ -5,14 +5,14 @@
"bookmarks": [ "bookmarks": [
-1, -1,
17, 17,
36,
-1, -1,
-1, -1,
-1, -1,
-1, -1,
-1, -1,
-1, -1,
-1, 420
-1
] ]
} }
] ]

33
setup.sh
View File

@ -17,6 +17,7 @@ norm="\e[0m"
### set variables ### set variables
# clear variables
unset IP4 unset IP4
unset useCertbot unset useCertbot
unset CertbotDomain unset CertbotDomain
@ -25,10 +26,19 @@ unset KeyPath
unset CAChainPath unset CAChainPath
unset DHPath unset DHPath
certbotFiles=(cert.pem chain.pem fullchain.pem privkey.pem) # set variables
hostname=$(hostname)
detectedIP=$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p') detectedIP=$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')
regexIP4="(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])" regexIP4="(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])"
regexHostname="(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])" regexHostname="(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])"
certbotFiles=(cert.pem chain.pem fullchain.pem privkey.pem)
configPath="./etc.${hostname}"
# set tags to update
tag_sslcert="<path/to/your_ssl_certificate_fullchain>"
tag_sslkey="<path/to/your_certificate_private_key.key>"
tag_dhparam="<path/to/your_dhparam.pem>"
tag_cachain="<path/to/your_CA_bundle.crt>"
### quick intro for the user ### quick intro for the user
@ -394,6 +404,27 @@ if [ "${usePHP}" -eq 1 ]; then
fi fi
### Write configurations to template files
# let user know what's happening
echo -e "\n${mag}---------------------${norm}"
echo -e "${cyan}Updating template files now"
# copy template files to working versions
rm -rf "${configPath}"
cp -R ./etc "${configPath}"
# process SSL snippet
echo "updating SSL paths in snippet file"
sed -e "s%${tag_sslcert}%${CertPath}%" "${configPath}/nginx/snippets/ssl/ssl_certs.conf"
sed -e "s%${tag_sslkey}%${KeyPath}%" "${configPath}/nginx/snippets/ssl/ssl_certs.conf"
# process mozModern SSL configuration
echo "updating SSL configuration parameters file"
echo -e "s%${tag_dhparam}%${DHPath}%" "${configPath}/nginx/conf.d/mozModern_ssl.conf"
echo -e "s%${tag_cachain}%${CAChainPath}%" "${configPath}/nginx/conf.d/mozModern_ssl.conf"
# debug section # debug section
echo -e "\n${mag}---------------------${norm}" echo -e "\n${mag}---------------------${norm}"
echo "Local IP4: $IP4" echo "Local IP4: $IP4"