From ee1e2188652b2f17e0703b91e504cd95829d7e5a Mon Sep 17 00:00:00 2001
From: Marwolf <cleako@gmail.com>
Date: Sat, 25 Aug 2018 13:54:57 -0400
Subject: [PATCH] Automated HTTPS with certbot

---
 Certbot.sh         | 36 +++++++++++++++++++++++++++++++++---
 Linux_Installer.sh | 41 +++++++++++++++++++++++++++++++++++++++--
 Makefile           |  2 +-
 docker-compose.yml |  2 --
 4 files changed, 73 insertions(+), 8 deletions(-)

diff --git a/Certbot.sh b/Certbot.sh
index 9806500..dd1c3f3 100755
--- a/Certbot.sh
+++ b/Certbot.sh
@@ -1,8 +1,38 @@
+#!/bin/bash
+exec 0</dev/tty
+
+rm installer.log
+touch certbot.log && chmod 777 certbot.log | tee certbot.log &>/dev/null
+
+clear
+echo "Please enter your server's public domain name."
+read -s publicdomain
+
+clear
+echo "Please enter your server's private domain name if one exists or re-enter the public domain name again."
+read -s privatedomain
+
+clear
+echo "Please enter your email address for Lets Encrypt HTTPS registration."
+read -s email
+
+sudo docker stop nginx | tee -a certbot.log &>/dev/null
+sudo mv etc/nginx/default.conf etc/nginx/default.conf.BAK | tee -a certbot.log &>/dev/null
+sudo mv etc/nginx/HTTPS_default.conf.BAK etc/nginx/default.conf | tee -a certbot.log &>/dev/null
+sudo sed -i 's/live\/openrsc.com/live\/'"$publicdomain"'/g' etc/nginx/default.conf | tee -a certbot.log &>/dev/null
+
+clear
+echo "Enabling HTTPS"
+
 sudo certbot certonly \
 --standalone \
 --preferred-challenges http \
 --agree-tos -n \
 --config-dir ./etc/letsencrypt \
--d wolfkingdom.net \
--m cleako@gmail.com \
--q
+-d $publicdomain -d $privatedomain --expand \
+-m $email | tee -a certbot.log &>/dev/null
+
+sudo docker start nginx | tee -a certbot.log &>/dev/null
+
+clear
+echo "Done!"
diff --git a/Linux_Installer.sh b/Linux_Installer.sh
index bca924d..f6e470c 100755
--- a/Linux_Installer.sh
+++ b/Linux_Installer.sh
@@ -219,10 +219,47 @@ elif [ "$choice" == "2" ]; then
     read -s publicdomain
 
     clear
-    echo "Please enter your server's private domain name if one exists or re-enter"
-    echo "the public domain name again."
+    echo "Please enter your server's private domain name if one exists or re-enter the public domain name again."
     read -s privatedomain
 
+    clear
+    echo "Do you want a Lets Encrypt HTTPS certificate installed?
+
+    Choices:
+      ${RED}1${NC} - Yes
+      ${RED}2${NC} - No
+    "
+    echo ""
+    echo "Which of the above do you wish to do? Type the choice number and press enter."
+    read httpsask
+
+    if [ "$httpask" == "1" ]; then
+        clear
+        echo "Please enter your email address for Lets Encrypt HTTPS registration."
+        read -s email
+
+        sudo docker stop nginx
+        sudo mv etc/nginx/default.conf etc/nginx/default.conf.BAK
+        sudo mv etc/nginx/HTTPS_default.conf.BAK etc/nginx/default.conf
+        sudo sed -i 's/live\/openrsc.com/live\/'"$publicdomain"'/g' etc/nginx/default.conf | tee -a installer.log &>/dev/null
+
+        clear
+        echo "Enabling HTTPS"
+
+        sudo certbot certonly \
+        --standalone \
+        --preferred-challenges http \
+        --agree-tos -n \
+        --config-dir ./etc/letsencrypt \
+        -d $publicdomain -d $privatedomain --expand \
+        -m $email \
+        -q
+
+        sudo docker start nginx
+    elif [ "$httpask" == "2" ]; then
+        continue
+    fi
+
     clear
     echo "Please enter the name of your game."
     read -s gamename
diff --git a/Makefile b/Makefile
index 09f1a27..bb6d156 100755
--- a/Makefile
+++ b/Makefile
@@ -69,7 +69,7 @@ restore-windows:
 
 create-user:
 	@docker exec -i $(shell sudo docker-compose ps -q mysqldb) mysql -u"root" -p"root" -Bse "DROP USER IF EXISTS 'openrsc'@'%';FLUSH PRIVILEGES;" 2>/dev/null
-	@docker exec -i $(shell sudo docker-compose ps -q mysqldb) mysql -u"root" -p"root" -Bse "CREATE USER '$(MARIADB_ROOT_USER)'@'%' IDENTIFIED BY '$(MARIADB_ROOT_PASSWORD)';GRANT ALL PRIVILEGES ON * . * TO '$(MARIADB_ROOT_USER)'@'%';FLUSH PRIVILEGES;" 2>/dev/null
+	@docker exec -i $(shell sudo docker-compose ps -q mysqldb) mysql -u"root" -p"root" -Bse "CREATE USER '$(MARIADB_ROOT_USER)'@'%' IDENTIFIED BY '$(MARIADB_ROOT_PASSWORD)';GRANT ALL PRIVILEGES ON * . * TO '$(MARIADB_ROOT_USER)'@'%'; CREATE USER '$(MARIADB_ROOT_USER)'localhost'%' IDENTIFIED BY '$(MARIADB_ROOT_PASSWORD)';GRANT ALL PRIVILEGES ON * . * TO '$(MARIADB_ROOT_USER)'@'%'; FLUSH PRIVILEGES;" 2>/dev/null
 
 clean-users:
 	@docker exec -i $(shell sudo docker-compose ps -q mysqldb) mysql -u"$(MARIADB_ROOT_USER)" -p"$(MARIADB_ROOT_PASSWORD)" -Bse "DROP USER IF EXISTS 'root'@'localhost'; DROP USER IF EXISTS 'root'@'%'; DROP USER IF EXISTS 'user'@'%'; DROP USER IF EXISTS 'Any'@'%'; FLUSH PRIVILEGES;" 2>/dev/null
diff --git a/docker-compose.yml b/docker-compose.yml
index e3ab0da..65b850d 100755
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -42,8 +42,6 @@ services:
             - MYSQL_ROOT_USER=${MARIADB_ROOT_USER}
             - MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
             - MYSQL_ALLOW_EMPTY_PASSWORD=no
-            - MYSQL_USER=${MARIADB_USER}
-            - MYSQL_PASSWORD=${MARIADB_PASS}
         ports:
             - "127.0.0.1:3306:3306"
         volumes: