iankelling.org
/
git
/
basic-https-conf
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
8d1ae39
)
fix edge case apache conf parsing
author
Ian Kelling
<ian@iankelling.org>
Thu, 13 Apr 2017 10:03:38 +0000
(
03:03
-0700)
committer
Ian Kelling
<ian@iankelling.org>
Thu, 13 Apr 2017 10:03:38 +0000
(
03:03
-0700)
apache-site
patch
|
blob
|
history
nginx-site
patch
|
blob
|
history
diff --git
a/apache-site
b/apache-site
index 2405713b8f6257a374ce3b2c6975a9bbf1f42671..8d26f99fc52818c9c0980ce2b2355931772f5ed2 100755
(executable)
--- a/
apache-site
+++ b/
apache-site
@@
-18,6
+18,8
@@
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+shopt -s nullglob # used in apache config file expansion
+
usage() {
cat <<EOF
Usage: ${0##*/} [OPTIONS] [EXTRA_SETTINGS_FILE] DOMAIN
usage() {
cat <<EOF
Usage: ${0##*/} [OPTIONS] [EXTRA_SETTINGS_FILE] DOMAIN
@@
-30,8
+32,8
@@
EXTRA_SETTINGS_FILE can be - for stdin
$HOME/webservercerts, if the other options aren't set.
-f [ADDR:]PORT Enable proxy to [ADDR:]PORT. ADDR default is 127.0.0.1
-i Insecure, no ssl
$HOME/webservercerts, if the other options aren't set.
-f [ADDR:]PORT Enable proxy to [ADDR:]PORT. ADDR default is 127.0.0.1
-i Insecure, no ssl
--p PORT Main port to listen on, default 443
--r
DocumentRoot
+-p PORT Main port to listen on, default 443
. 80 implies -i.
+-r
DIR
DocumentRoot
-h|--help Print help and exit
Note: Uses GNU getopt options parsing style
-h|--help Print help and exit
Note: Uses GNU getopt options parsing style
@@
-110,9
+112,17
@@
listen_80=false
listen_port=false
cd /etc/apache2
conf_files=(apache2.conf)
listen_port=false
cd /etc/apache2
conf_files=(apache2.conf)
+
+
+if [[ $port == 80 ]]; then
+ ssl=false
+ # remove any thats hanging around
+ rm -f $redir_file
+fi
+
for (( i=0; i < ${#conf_files[@]}; i++ )); do
f="${conf_files[i]}"
for (( i=0; i < ${#conf_files[@]}; i++ )); do
f="${conf_files[i]}"
- # note: globs are expanded here
:
+ # note: globs are expanded here
.
conf_files+=( $(sed -rn "s,^\s*Include(Optional)?\s+(\S+).*,\2,p" "$f") )
case $(readlink -f "$f") in
$vhost_file|$redir_file) continue ;;
conf_files+=( $(sed -rn "s,^\s*Include(Optional)?\s+(\S+).*,\2,p" "$f") )
case $(readlink -f "$f") in
$vhost_file|$redir_file) continue ;;
@@
-161,6
+171,8
@@
if [[ $proxy ]]; then
EOF
fi
EOF
fi
+
+
if $ssl; then
certbot_ssl_conf=/etc/letsencrypt/options-ssl-apache.conf
cat >>$vhost_file <<EOF
if $ssl; then
certbot_ssl_conf=/etc/letsencrypt/options-ssl-apache.conf
cat >>$vhost_file <<EOF
@@
-241,7
+253,8
@@
Update this script to take care this warning!!!!!
EOF
sleep 1
fi
EOF
sleep 1
fi
-fi
+fi # end if $ssl
+
cat >>$vhost_file <<EOF
ErrorLog \${APACHE_LOG_DIR}/error.log
CustomLog \${APACHE_LOG_DIR}/access.log vhost_time_combined
cat >>$vhost_file <<EOF
ErrorLog \${APACHE_LOG_DIR}/error.log
CustomLog \${APACHE_LOG_DIR}/access.log vhost_time_combined
diff --git
a/nginx-site
b/nginx-site
index 2869e44a87e2980a1ecfcc4f2a4ffa259b238c78..addd1d4a277740f60e683f1d5be529844ab72be9 100755
(executable)
--- a/
nginx-site
+++ b/
nginx-site
@@
-33,7
+33,7
@@
EXTRA_SETTINGS_FILE can be - for stdin
$HOME/webservercerts, if the other options aren't set.
-f [ADDR:]PORT Enable proxy to [ADDR:]PORT. ADDR default is 127.0.0.1
-p PORT Port to listen on, default 443
$HOME/webservercerts, if the other options aren't set.
-f [ADDR:]PORT Enable proxy to [ADDR:]PORT. ADDR default is 127.0.0.1
-p PORT Port to listen on, default 443
--r
DocumentRoot
+-r
DIR
DocumentRoot
-h|--help Print help and exit
TODO: add https redir site.
-h|--help Print help and exit
TODO: add https redir site.