added skips for questions when not using SSL
This commit is contained in:
Asif Bacchus
parent
a539c547da
commit
5e03527996
|
|
@ -5,14 +5,14 @@
|
|||
"bookmarks": [
|
||||
-1,
|
||||
31,
|
||||
44,
|
||||
677,
|
||||
45,
|
||||
704,
|
||||
-1,
|
||||
-1,
|
||||
-1,
|
||||
-1,
|
||||
-1,
|
||||
354
|
||||
179
|
||||
]
|
||||
}
|
||||
]
|
||||
|
|
|
|||
61
setup.sh
61
setup.sh
|
|
@ -33,6 +33,7 @@ unset noOSCP
|
|||
regexIP4="(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])"
|
||||
regexIP6="(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))"
|
||||
regexHostname="(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])"
|
||||
useSSL=1
|
||||
serverNames_working=()
|
||||
serverNames=()
|
||||
detectedIP=$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')
|
||||
|
|
@ -155,24 +156,16 @@ done
|
|||
|
||||
|
||||
### SSL related options
|
||||
# using certbot?
|
||||
echo -e "\n${mag}If you are using Certbot, you only need to provide the primary domain name"
|
||||
echo "of your certificate and the script will auto-generate the paths NGINX needs to"
|
||||
echo "make everything work."
|
||||
echo -e "\nIf you haven't run Certbot yet, you can enter the domain you intend to use"
|
||||
echo "as your primary domain and the paths generated by this script will work after"
|
||||
echo -e "you run Certbot. In that case, you will have to answer ${warn}'yes'${mag} when asked"
|
||||
echo -e "${warn}'Do you want to use this domain setting anyways?'${norm}\n"
|
||||
# enable SSL?
|
||||
while true; do
|
||||
read -p "Are you using Certbot to handle your SSL certificates? (default: No) " yn
|
||||
read -p "Do you want to enable SSL on this server? (default: Yes)" yn
|
||||
case "${yn}" in
|
||||
[Yy]*)
|
||||
useCertbot=1
|
||||
[Yy]*|'')
|
||||
usingSSL=1
|
||||
break
|
||||
;;
|
||||
[Nn]|'')
|
||||
useCertbot=0
|
||||
unset CertbotDomain
|
||||
[Nn]*)
|
||||
usingSSL=0
|
||||
break
|
||||
;;
|
||||
[Xx]*)
|
||||
|
|
@ -183,7 +176,39 @@ while true; do
|
|||
echo -e "\n${err}Please answer (Y)es, (N)o, e(X)it or accept default${norm}"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
done
|
||||
|
||||
# using certbot?
|
||||
if [ "${usingSSL}" -eq 1 ]; then
|
||||
echo -e "\n${mag}If you are using Certbot, you only need to provide the primary domain name"
|
||||
echo "of your certificate and the script will auto-generate the paths NGINX needs to"
|
||||
echo "make everything work."
|
||||
echo -e "\nIf you haven't run Certbot yet, you can enter the domain you intend to use"
|
||||
echo "as your primary domain and the paths generated by this script will work after"
|
||||
echo -e "you run Certbot. In that case, you will have to answer ${warn}'yes'${mag} when asked"
|
||||
echo -e "${warn}'Do you want to use this domain setting anyways?'${norm}\n"
|
||||
while true; do
|
||||
read -p "Are you using Certbot to handle your SSL certificates? (default: No) " yn
|
||||
case "${yn}" in
|
||||
[Yy]*)
|
||||
useCertbot=1
|
||||
break
|
||||
;;
|
||||
[Nn]|'')
|
||||
useCertbot=0
|
||||
unset CertbotDomain
|
||||
break
|
||||
;;
|
||||
[Xx]*)
|
||||
echo -e "\n${cyan}---exiting---\n${norm}"
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
echo -e "\n${err}Please answer (Y)es, (N)o, e(X)it or accept default${norm}"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
|
||||
# using Certbot: get primary domain name since that how Certbot determines paths
|
||||
if [ "${useCertbot}" -eq 1 ]; then
|
||||
|
|
@ -253,8 +278,8 @@ if [ "${useCertbot}" -eq 1 ]; then
|
|||
CAChainPath="/etc/letsencrypt/live/${CertbotDomain}/chain.pem"
|
||||
fi
|
||||
|
||||
# only process manual certificate paths if NOT using Certbot
|
||||
if [ "${useCertbot}" -eq 0 ]; then
|
||||
# only process manual certificate paths if using SSL and NOT using Certbot
|
||||
if [ "${useSSL}" -eq 1 ] && [ "${useCertbot}" -eq 0 ]; then
|
||||
echo -e "\n${mag}NGINX requires the full paths to your PEM formatted certificates, private keys"
|
||||
echo "and your CA-chain in order to serve pages securely and properly over SSL."
|
||||
echo "If you haven't generated/copied your certificates yet, you can enter the"
|
||||
|
|
@ -390,6 +415,7 @@ if [ "${useCertbot}" -eq 0 ]; then
|
|||
fi
|
||||
|
||||
# dhparam: get location of DH Parameters file
|
||||
if [ "${useSSL}" -eq 1 ]; then
|
||||
echo -e "\n${mag}Having your own unique Diffie-Hellman Parameters file makes your SSL"
|
||||
echo "communication more secure by helping to generate unique safe large prime"
|
||||
echo "numbers. You shouldn't use any pre-installed dhparam.pem files. You should"
|
||||
|
|
@ -462,6 +488,7 @@ while true; do
|
|||
;;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
|
||||
|
||||
### PHP-FPM related options
|
||||
|
|
|
|||
Loading…
Reference in New Issue