added skips for questions when not using SSL

This commit is contained in:
Asif Bacchus 2019-01-06 04:39:36 -07:00
parent a539c547da
commit 5e03527996
2 changed files with 47 additions and 20 deletions

View File

@ -5,14 +5,14 @@
"bookmarks": [
-1,
31,
44,
677,
45,
704,
-1,
-1,
-1,
-1,
-1,
354
179
]
}
]

View File

@ -33,6 +33,7 @@ unset noOSCP
regexIP4="(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])"
regexIP6="(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))"
regexHostname="(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])"
useSSL=1
serverNames_working=()
serverNames=()
detectedIP=$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')
@ -155,7 +156,30 @@ done
### SSL related options
# enable SSL?
while true; do
read -p "Do you want to enable SSL on this server? (default: Yes)" yn
case "${yn}" in
[Yy]*|'')
usingSSL=1
break
;;
[Nn]*)
usingSSL=0
break
;;
[Xx]*)
echo -e "\n${cyan}---exiting---\n${norm}"
exit 1
;;
*)
echo -e "\n${err}Please answer (Y)es, (N)o, e(X)it or accept default${norm}"
;;
esac
done
# using certbot?
if [ "${usingSSL}" -eq 1 ]; then
echo -e "\n${mag}If you are using Certbot, you only need to provide the primary domain name"
echo "of your certificate and the script will auto-generate the paths NGINX needs to"
echo "make everything work."
@ -184,6 +208,7 @@ while true; do
;;
esac
done
fi
# using Certbot: get primary domain name since that how Certbot determines paths
if [ "${useCertbot}" -eq 1 ]; then
@ -253,8 +278,8 @@ if [ "${useCertbot}" -eq 1 ]; then
CAChainPath="/etc/letsencrypt/live/${CertbotDomain}/chain.pem"
fi
# only process manual certificate paths if NOT using Certbot
if [ "${useCertbot}" -eq 0 ]; then
# only process manual certificate paths if using SSL and NOT using Certbot
if [ "${useSSL}" -eq 1 ] && [ "${useCertbot}" -eq 0 ]; then
echo -e "\n${mag}NGINX requires the full paths to your PEM formatted certificates, private keys"
echo "and your CA-chain in order to serve pages securely and properly over SSL."
echo "If you haven't generated/copied your certificates yet, you can enter the"
@ -390,6 +415,7 @@ if [ "${useCertbot}" -eq 0 ]; then
fi
# dhparam: get location of DH Parameters file
if [ "${useSSL}" -eq 1 ]; then
echo -e "\n${mag}Having your own unique Diffie-Hellman Parameters file makes your SSL"
echo "communication more secure by helping to generate unique safe large prime"
echo "numbers. You shouldn't use any pre-installed dhparam.pem files. You should"
@ -462,6 +488,7 @@ while true; do
;;
esac
done
fi
### PHP-FPM related options