Automated HTTPS with certbot
This commit is contained in:
Marwolf
36
Certbot.sh
36
Certbot.sh
@@ -1,8 +1,38 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
exec 0</dev/tty
|
||||||
|
|
||||||
|
rm installer.log
|
||||||
|
touch certbot.log && chmod 777 certbot.log | tee certbot.log &>/dev/null
|
||||||
|
|
||||||
|
clear
|
||||||
|
echo "Please enter your server's public domain name."
|
||||||
|
read -s publicdomain
|
||||||
|
|
||||||
|
clear
|
||||||
|
echo "Please enter your server's private domain name if one exists or re-enter the public domain name again."
|
||||||
|
read -s privatedomain
|
||||||
|
|
||||||
|
clear
|
||||||
|
echo "Please enter your email address for Lets Encrypt HTTPS registration."
|
||||||
|
read -s email
|
||||||
|
|
||||||
|
sudo docker stop nginx | tee -a certbot.log &>/dev/null
|
||||||
|
sudo mv etc/nginx/default.conf etc/nginx/default.conf.BAK | tee -a certbot.log &>/dev/null
|
||||||
|
sudo mv etc/nginx/HTTPS_default.conf.BAK etc/nginx/default.conf | tee -a certbot.log &>/dev/null
|
||||||
|
sudo sed -i 's/live\/openrsc.com/live\/'"$publicdomain"'/g' etc/nginx/default.conf | tee -a certbot.log &>/dev/null
|
||||||
|
|
||||||
|
clear
|
||||||
|
echo "Enabling HTTPS"
|
||||||
|
|
||||||
sudo certbot certonly \
|
sudo certbot certonly \
|
||||||
--standalone \
|
--standalone \
|
||||||
--preferred-challenges http \
|
--preferred-challenges http \
|
||||||
--agree-tos -n \
|
--agree-tos -n \
|
||||||
--config-dir ./etc/letsencrypt \
|
--config-dir ./etc/letsencrypt \
|
||||||
-d wolfkingdom.net \
|
-d $publicdomain -d $privatedomain --expand \
|
||||||
-m cleako@gmail.com \
|
-m $email | tee -a certbot.log &>/dev/null
|
||||||
-q
|
|
||||||
|
sudo docker start nginx | tee -a certbot.log &>/dev/null
|
||||||
|
|
||||||
|
clear
|
||||||
|
echo "Done!"
|
||||||
|
|||||||
@@ -219,10 +219,47 @@ elif [ "$choice" == "2" ]; then
|
|||||||
read -s publicdomain
|
read -s publicdomain
|
||||||
|
|
||||||
clear
|
clear
|
||||||
echo "Please enter your server's private domain name if one exists or re-enter"
|
echo "Please enter your server's private domain name if one exists or re-enter the public domain name again."
|
||||||
echo "the public domain name again."
|
|
||||||
read -s privatedomain
|
read -s privatedomain
|
||||||
|
|
||||||
|
clear
|
||||||
|
echo "Do you want a Lets Encrypt HTTPS certificate installed?
|
||||||
|
|
||||||
|
Choices:
|
||||||
|
${RED}1${NC} - Yes
|
||||||
|
${RED}2${NC} - No
|
||||||
|
"
|
||||||
|
echo ""
|
||||||
|
echo "Which of the above do you wish to do? Type the choice number and press enter."
|
||||||
|
read httpsask
|
||||||
|
|
||||||
|
if [ "$httpask" == "1" ]; then
|
||||||
|
clear
|
||||||
|
echo "Please enter your email address for Lets Encrypt HTTPS registration."
|
||||||
|
read -s email
|
||||||
|
|
||||||
|
sudo docker stop nginx
|
||||||
|
sudo mv etc/nginx/default.conf etc/nginx/default.conf.BAK
|
||||||
|
sudo mv etc/nginx/HTTPS_default.conf.BAK etc/nginx/default.conf
|
||||||
|
sudo sed -i 's/live\/openrsc.com/live\/'"$publicdomain"'/g' etc/nginx/default.conf | tee -a installer.log &>/dev/null
|
||||||
|
|
||||||
|
clear
|
||||||
|
echo "Enabling HTTPS"
|
||||||
|
|
||||||
|
sudo certbot certonly \
|
||||||
|
--standalone \
|
||||||
|
--preferred-challenges http \
|
||||||
|
--agree-tos -n \
|
||||||
|
--config-dir ./etc/letsencrypt \
|
||||||
|
-d $publicdomain -d $privatedomain --expand \
|
||||||
|
-m $email \
|
||||||
|
-q
|
||||||
|
|
||||||
|
sudo docker start nginx
|
||||||
|
elif [ "$httpask" == "2" ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
|
||||||
clear
|
clear
|
||||||
echo "Please enter the name of your game."
|
echo "Please enter the name of your game."
|
||||||
read -s gamename
|
read -s gamename
|
||||||
|
|||||||
2
Makefile
2
Makefile
@@ -69,7 +69,7 @@ restore-windows:
|
|||||||
|
|
||||||
create-user:
|
create-user:
|
||||||
@docker exec -i $(shell sudo docker-compose ps -q mysqldb) mysql -u"root" -p"root" -Bse "DROP USER IF EXISTS 'openrsc'@'%';FLUSH PRIVILEGES;" 2>/dev/null
|
@docker exec -i $(shell sudo docker-compose ps -q mysqldb) mysql -u"root" -p"root" -Bse "DROP USER IF EXISTS 'openrsc'@'%';FLUSH PRIVILEGES;" 2>/dev/null
|
||||||
@docker exec -i $(shell sudo docker-compose ps -q mysqldb) mysql -u"root" -p"root" -Bse "CREATE USER '$(MARIADB_ROOT_USER)'@'%' IDENTIFIED BY '$(MARIADB_ROOT_PASSWORD)';GRANT ALL PRIVILEGES ON * . * TO '$(MARIADB_ROOT_USER)'@'%';FLUSH PRIVILEGES;" 2>/dev/null
|
@docker exec -i $(shell sudo docker-compose ps -q mysqldb) mysql -u"root" -p"root" -Bse "CREATE USER '$(MARIADB_ROOT_USER)'@'%' IDENTIFIED BY '$(MARIADB_ROOT_PASSWORD)';GRANT ALL PRIVILEGES ON * . * TO '$(MARIADB_ROOT_USER)'@'%'; CREATE USER '$(MARIADB_ROOT_USER)'localhost'%' IDENTIFIED BY '$(MARIADB_ROOT_PASSWORD)';GRANT ALL PRIVILEGES ON * . * TO '$(MARIADB_ROOT_USER)'@'%'; FLUSH PRIVILEGES;" 2>/dev/null
|
||||||
|
|
||||||
clean-users:
|
clean-users:
|
||||||
@docker exec -i $(shell sudo docker-compose ps -q mysqldb) mysql -u"$(MARIADB_ROOT_USER)" -p"$(MARIADB_ROOT_PASSWORD)" -Bse "DROP USER IF EXISTS 'root'@'localhost'; DROP USER IF EXISTS 'root'@'%'; DROP USER IF EXISTS 'user'@'%'; DROP USER IF EXISTS 'Any'@'%'; FLUSH PRIVILEGES;" 2>/dev/null
|
@docker exec -i $(shell sudo docker-compose ps -q mysqldb) mysql -u"$(MARIADB_ROOT_USER)" -p"$(MARIADB_ROOT_PASSWORD)" -Bse "DROP USER IF EXISTS 'root'@'localhost'; DROP USER IF EXISTS 'root'@'%'; DROP USER IF EXISTS 'user'@'%'; DROP USER IF EXISTS 'Any'@'%'; FLUSH PRIVILEGES;" 2>/dev/null
|
||||||
|
|||||||
@@ -42,8 +42,6 @@ services:
|
|||||||
- MYSQL_ROOT_USER=${MARIADB_ROOT_USER}
|
- MYSQL_ROOT_USER=${MARIADB_ROOT_USER}
|
||||||
- MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
|
- MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
|
||||||
- MYSQL_ALLOW_EMPTY_PASSWORD=no
|
- MYSQL_ALLOW_EMPTY_PASSWORD=no
|
||||||
- MYSQL_USER=${MARIADB_USER}
|
|
||||||
- MYSQL_PASSWORD=${MARIADB_PASS}
|
|
||||||
ports:
|
ports:
|
||||||
- "127.0.0.1:3306:3306"
|
- "127.0.0.1:3306:3306"
|
||||||
volumes:
|
volumes:
|
||||||
|
|||||||
Reference in New Issue
Block a user