From: Ian Kelling Date: Mon, 1 May 2023 02:29:01 +0000 (-0400) Subject: add option, fix nginx X-Git-Url: https://iankelling.org/git/?a=commitdiff_plain;h=644f1ecaaf9489c3f8a5288b74758b2e0aaf209f;p=basic-https-conf add option, fix nginx --- diff --git a/web-conf b/web-conf index 977c8cf..38dce52 100755 --- a/web-conf +++ b/web-conf @@ -43,6 +43,7 @@ distro-setup, and log-quiet. EXTRA_SETTINGS_FILE can be - for stdin -a IPv4_ADDR IP address to listen on. Default all addresses. ipv6 address support could be added to this script. +-c CERT_FOLDER No letsencrypt. use fullchain.pem and privkey.pem in this folder. -e EMAIL Contact address for let's encrypt. Default is root@\$(hostname --fqdn') which is root@$(hostname --fqdn) on this host. @@ -64,7 +65,7 @@ symlinkarg=- ssl=true extra_settings= port=443 -temp=$(getopt -l help a:e:if:p:r:sh "$@") || usage 1 +temp=$(getopt -l help a:c:e:if:p:r:sh "$@") || usage 1 vhostip='*' eval set -- "$temp" while true; do @@ -73,6 +74,7 @@ while true; do listenip="$2:" vhostip="$2" shift 2 ;; + -c) oob_cert_dir="$2"; shift 2 ;; -e) email="$2"; shift 2 ;; -f) proxy="$2"; shift 2 ;; -i) ssl=false; shift ;; @@ -118,7 +120,11 @@ fi ##### end command line parsing ######## se=/etc/$t/sites-enabled -cert_dir=/etc/letsencrypt/live/$h +if [[ $oob_cert_dir ]]; then + cert_dir="$oob_cert_dir" +else + cert_dir=/etc/letsencrypt/live/$h +fi mkdir -p $root case $port in @@ -138,7 +144,7 @@ if [[ $port == 80 ]]; then fi -if $ssl; then +if [[ ! $oob_cert_dir ]] && $ssl; then $this_dir/certbot-setup $t @@ -415,7 +421,7 @@ server { server_name $h www.$h; listen 80 $http2_arg; listen [::]:80 $http2_arg; - return 301 https://$server_name$request_uri; + return 301 https://\$server_name\$request_uri; } EOF fi