added skips for questions when not using SSL

This commit is contained in:
Asif Bacchus 2019-01-06 04:39:36 -07:00
parent a539c547da
commit 5e03527996
2 changed files with 47 additions and 20 deletions

View File

@ -5,14 +5,14 @@
"bookmarks": [
-1,
31,
44,
677,
45,
704,
-1,
-1,
-1,
-1,
-1,
354
179
]
}
]

View File

@ -33,6 +33,7 @@ unset noOSCP
regexIP4="(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])"
regexIP6="(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))"
regexHostname="(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])"
useSSL=1
serverNames_working=()
serverNames=()
detectedIP=$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')
@ -155,24 +156,16 @@ done
### SSL related options
# using certbot?
echo -e "\n${mag}If you are using Certbot, you only need to provide the primary domain name"
echo "of your certificate and the script will auto-generate the paths NGINX needs to"
echo "make everything work."
echo -e "\nIf you haven't run Certbot yet, you can enter the domain you intend to use"
echo "as your primary domain and the paths generated by this script will work after"
echo -e "you run Certbot. In that case, you will have to answer ${warn}'yes'${mag} when asked"
echo -e "${warn}'Do you want to use this domain setting anyways?'${norm}\n"
# enable SSL?
while true; do
read -p "Are you using Certbot to handle your SSL certificates? (default: No) " yn
read -p "Do you want to enable SSL on this server? (default: Yes)" yn
case "${yn}" in
[Yy]*)
useCertbot=1
[Yy]*|'')
usingSSL=1
break
;;
[Nn]|'')
useCertbot=0
unset CertbotDomain
[Nn]*)
usingSSL=0
break
;;
[Xx]*)
@ -185,6 +178,38 @@ while true; do
esac
done
# using certbot?
if [ "${usingSSL}" -eq 1 ]; then
echo -e "\n${mag}If you are using Certbot, you only need to provide the primary domain name"
echo "of your certificate and the script will auto-generate the paths NGINX needs to"
echo "make everything work."
echo -e "\nIf you haven't run Certbot yet, you can enter the domain you intend to use"
echo "as your primary domain and the paths generated by this script will work after"
echo -e "you run Certbot. In that case, you will have to answer ${warn}'yes'${mag} when asked"
echo -e "${warn}'Do you want to use this domain setting anyways?'${norm}\n"
while true; do
read -p "Are you using Certbot to handle your SSL certificates? (default: No) " yn
case "${yn}" in
[Yy]*)
useCertbot=1
break
;;
[Nn]|'')
useCertbot=0
unset CertbotDomain
break
;;
[Xx]*)
echo -e "\n${cyan}---exiting---\n${norm}"
exit 1
;;
*)
echo -e "\n${err}Please answer (Y)es, (N)o, e(X)it or accept default${norm}"
;;
esac
done
fi
# using Certbot: get primary domain name since that how Certbot determines paths
if [ "${useCertbot}" -eq 1 ]; then
while true; do
@ -253,8 +278,8 @@ if [ "${useCertbot}" -eq 1 ]; then
CAChainPath="/etc/letsencrypt/live/${CertbotDomain}/chain.pem"
fi
# only process manual certificate paths if NOT using Certbot
if [ "${useCertbot}" -eq 0 ]; then
# only process manual certificate paths if using SSL and NOT using Certbot
if [ "${useSSL}" -eq 1 ] && [ "${useCertbot}" -eq 0 ]; then
echo -e "\n${mag}NGINX requires the full paths to your PEM formatted certificates, private keys"
echo "and your CA-chain in order to serve pages securely and properly over SSL."
echo "If you haven't generated/copied your certificates yet, you can enter the"
@ -390,6 +415,7 @@ if [ "${useCertbot}" -eq 0 ]; then
fi
# dhparam: get location of DH Parameters file
if [ "${useSSL}" -eq 1 ]; then
echo -e "\n${mag}Having your own unique Diffie-Hellman Parameters file makes your SSL"
echo "communication more secure by helping to generate unique safe large prime"
echo "numbers. You shouldn't use any pre-installed dhparam.pem files. You should"
@ -462,6 +488,7 @@ while true; do
;;
esac
done
fi
### PHP-FPM related options