iankelling.org
/
git
/
basic-https-conf
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
d8e7127
)
various fixes
author
Ian Kelling
<ian@iankelling.org>
Thu, 23 Jun 2016 06:19:25 +0000
(23:19 -0700)
committer
Ian Kelling
<ian@iankelling.org>
Fri, 12 Aug 2016 20:41:18 +0000
(13:41 -0700)
apache-site
patch
|
blob
|
history
nginx-site
patch
|
blob
|
history
diff --git
a/apache-site
b/apache-site
index 32c9f82cca78dbb3866218000d456bf145217e16..d99bf9698c48169bd8ccefb58df238a7104719db 100755
(executable)
--- a/
apache-site
+++ b/
apache-site
@@
-1,4
+1,4
@@
-#!/bin/bash
-l
+#!/bin/bash
# Copyright (C) 2016 Ian Kelling
# Licensed under the Apache License, Version 2.0 (the "License");
# Copyright (C) 2016 Ian Kelling
# Licensed under the Apache License, Version 2.0 (the "License");
@@
-25,10
+25,11
@@
location for storing certs.
EXTRA_SETTINGS_FILE can be - for stdin
-p PORT
EXTRA_SETTINGS_FILE can be - for stdin
-p PORT
--i Insecure, no ssl
--h|--help Print help and exit
--r DocumentRoot
--- Subsequent arguments are never treated as options
+-i Insecure, no ssl
+-c CERT_DIR Default is /p/c/machine_specific/\$HOSTNAME/webservercerts
+-h|--help Print help and exit
+-r DocumentRoot
+-- Subsequent arguments are never treated as options
Note: options and non-options can be in any order.
EOF
Note: options and non-options can be in any order.
EOF
@@
-37,6
+38,7
@@
EOF
##### begin command line parsing ########
##### begin command line parsing ########
+cert_dir=/p/c/machine_specific/$HOSTNAME/webservercerts
ssl=true
extra_settings=
args=()
ssl=true
extra_settings=
args=()
@@
-44,6
+46,7
@@
port="*:443"
while [[ $1 ]]; do
case $1 in
-i) ssl=false; shift ;; # i for insecure
while [[ $1 ]]; do
case $1 in
-i) ssl=false; shift ;; # i for insecure
+ -c) cert_dir="$2"; shift 2 ;;
-p) port="$2"; shift 2 ;;
-r) root="$2"; shift 2 ;;
--) shift; break ;;
-p) port="$2"; shift 2 ;;
-r) root="$2"; shift 2 ;;
--) shift; break ;;
@@
-68,8
+71,8
@@
if [[ ! $root ]]; then
root=/var/www/$h/html
fi
root=/var/www/$h/html
fi
+
##### end command line parsing ########
##### end command line parsing ########
-cdir=/p/c/machine_specific/$HOSTNAME/webservercerts
# taken from the let's encrypt generated site, using
# ./certbot-auto --apache (should use the test mode to check if there are updates)
# taken from the let's encrypt generated site, using
# ./certbot-auto --apache (should use the test mode to check if there are updates)
@@
-85,6
+88,7
@@
cdir=/p/c/machine_specific/$HOSTNAME/webservercerts
sudo rm -f /etc/apache2/sites-enabled/000-default.conf
sudo rm -f /etc/apache2/sites-enabled/000-default.conf
+sudo mkdir -p $root
sudo dd of=/etc/apache2/sites-enabled/$h.conf <<EOF
<VirtualHost $port>
ServerName $h
sudo dd of=/etc/apache2/sites-enabled/$h.conf <<EOF
<VirtualHost $port>
ServerName $h
@@
-93,13
+97,13
@@
sudo dd of=/etc/apache2/sites-enabled/$h.conf <<EOF
EOF
if [[ $extra_settings ]]; then
EOF
if [[ $extra_settings ]]; then
- cat $extra_settings | sudo tee -a /etc/apache2/sites-enabled/$h.conf
+ cat
--
$extra_settings | sudo tee -a /etc/apache2/sites-enabled/$h.conf
fi
if $ssl; then
sudo tee -a /etc/apache2/sites-enabled/$h.conf <<EOF
fi
if $ssl; then
sudo tee -a /etc/apache2/sites-enabled/$h.conf <<EOF
- SSLCertificateFile $cdir/$h-chained.pem
- SSLCertificateKeyFile $cdir/$h-domain.key
+ SSLCertificateFile $c
ert_
dir/$h-chained.pem
+ SSLCertificateKeyFile $c
ert_
dir/$h-domain.key
Include /etc/letsencrypt/options-ssl-apache.conf
EOF
Include /etc/letsencrypt/options-ssl-apache.conf
EOF
@@
-154,5
+158,5
@@
sudo tee -a /etc/apache2/sites-enabled/$h.conf <<EOF
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
EOF
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
EOF
-s a2enmod ssl rewrite # rewrite needed for httpredir
-s
er restart apache2
+s
udo
a2enmod ssl rewrite # rewrite needed for httpredir
+s
udo service apache2 restart
diff --git
a/nginx-site
b/nginx-site
index 43f1aa9d74b864493a7d7fcc296e3227c783265e..9ddb7766acb02f1b73f1abd37d9b5e56b5193b7b 100755
(executable)
--- a/
nginx-site
+++ b/
nginx-site
@@
-124,6
+124,6
@@
EOF
sudo tee -a /etc/nginx/sites-enabled/$h.conf <<EOF
}
EOF
sudo tee -a /etc/nginx/sites-enabled/$h.conf <<EOF
}
EOF
-s mkdir -p /var/www/$h/html
-s chown -R ian:ian /var/www/$h
-s
er restart nginx
+s
udo
mkdir -p /var/www/$h/html
+s
udo
chown -R ian:ian /var/www/$h
+s
udo service nginx restart