add conf scripts

This commit is contained in:
Tykayn 2023-06-27 13:46:47 +02:00 committed by tykayn
parent 1d08b01501
commit ee37e2a9da
6 changed files with 131 additions and 18 deletions

View File

@ -1 +1,3 @@
output/*.conf
output/*.sh
output/hosts

View File

@ -234,7 +234,7 @@ export const domainsConfig = [{
name: 'rtfm',
domain: 'www.free-software-academy.com',
framework: 'static',
disableSSL: true,
},
{
LXCcontainerLocalIP,

View File

@ -50,6 +50,10 @@ for (let configDomain of domainsSorted) {
createFoldersScript += 'touch /home/www/' + configDomain.domain + '/index.html \n'
createFoldersScript += 'echo "coucou ' + configDomain.domain + '" > /home/www/' + configDomain.domain + '/index.html \n'
createFoldersScript += ' \n'
createFoldersScript += 'touch /etc/nginx/sites-available/' + configDomain.domain + '" \n'
createFoldersScript += 'rm /etc/nginx/sites-available/' + configDomain.domain + '" /etc/nginx/sites-enabled/' + configDomain.domain + '" \n'
createFoldersScript += 'ln -s /etc/nginx/sites-available/' + configDomain.domain + '" /etc/nginx/sites-enabled/ \n'
createFoldersScript += ' \n'
writeFile(configDomain.domain + '_direct.conf', hostFile.noContainerNginxConf)
}else{
@ -71,9 +75,17 @@ for (let configDomain of domainsSorted) {
let hostfileDomains = domainsForHostFile.sort((a, b) => {
return a - b
}).map(domain => ' 127.0.0.1\t' + domain + ' \n')
console.log('hostfileDomains', hostfileDomains.join('').replace(',', ''))
writeFile('certbot_renew.sh', '!#/bin/bash\n' + renewCertbotScript.join('').replace(',', ''))
console.log('hostfileDomains', hostfileDomains.join('')
.replace(',', ''))
writeFile('certbot_renew.sh', '!#/bin/bash\n' + renewCertbotScript.join('').replace(',', '')+ '\n149.202.77.27 riseup\n' +
'::1 localhost ip6-localhost ip6-loopback\n' +
'# coussinet chatons\n' +
'ff02::1 ip6-allnodes\n' +
'ff02::2 ip6-allrouters\n' +
'# ici c\'est 149.202.77.27\n')
writeFile('folders_create.sh', createFoldersScript.replace(',', ''))
writeFile('hosts', hostfileDomains.join('')

View File

@ -50,7 +50,7 @@ ${certbotChallengeAcmeRedirect}
\t\t# return 301 https://${domainWithoutWWW}$request_uri;
\t}
`;
if(redirectToWWW && redirectToHTTPS){
if(redirectToWWW && redirectToHTTPS && !domainConfig.disableSSL){
redirectToWWWConf += `\tserver {
\t\t\t\t# redirect from www to HTTPS too
server_name ${domainConfig.domain};
@ -59,6 +59,11 @@ ${certbotChallengeAcmeRedirect}
}`
}
let phpHandler = `
upstream php-handler {
server 127.0.0.1:9001;
}
`;
let hostingFileAccess = `
# ----------- hosting file config ----------------
@ -97,6 +102,24 @@ ${certbotChallengeAcmeRedirect}
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
`;
let secureAccess = `listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${domainConfig.domain};
ssl_certificate /etc/letsencrypt/live/${domainConfig.domain}-0001/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${domainConfig.domain}-0001/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";`
;
if(domainConfig.disableSSL){
secureAccess = `
# ---------- SSL is disabled -----------------
listen 443 http2;
listen [::]:443 http2;
server_name ${domainConfig.domain};
`
;
}
/**
*
@ -107,24 +130,17 @@ ${certbotChallengeAcmeRedirect}
noContainerNginxConf: `
# ============ ${domainConfig.name} ===============
${phpHandler}
${redirectToNoWWW ? redirectToNoWWWConf : '' }
${redirectToWWW ? redirectToWWWConf : '' }
${redirectToHTTPS ? redirectToHTTPSConf : '' }
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${domainConfig.domain};
ssl_certificate /etc/letsencrypt/live/${domainConfig.domain}-0001/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${domainConfig.domain}-0001/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
${secureAccess}
${hostingFileAccess}
${certbotChallengeAcmeRedirect}
}
`,
homeNginxConf: `

View File

@ -32,3 +32,10 @@
certbot certonly -a webroot --webroot-path=/tmp/letsencrypt-auto -d source.coussinet.org
certbot certonly -a webroot --webroot-path=/tmp/letsencrypt-auto -d www.joinfediverse.org -d joinfediverse.org
certbot certonly -a webroot --webroot-path=/tmp/letsencrypt-auto -d cloud.tykayn.fr
149.202.77.27 riseup
::1 localhost ip6-localhost ip6-loopback
# coussinet chatons
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
# ici c'est 149.202.77.27

View File

@ -3,93 +3,169 @@ mkdir -p /home/www/meltingpot.cipherbliss.com
touch /home/www/meltingpot.cipherbliss.com/index.html
echo "coucou meltingpot.cipherbliss.com" > /home/www/meltingpot.cipherbliss.com/index.html
touch /etc/nginx/sites-available/meltingpot.cipherbliss.com"
rm /etc/nginx/sites-available/meltingpot.cipherbliss.com" /etc/nginx/sites-enabled/meltingpot.cipherbliss.com"
ln -s /etc/nginx/sites-available/meltingpot.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/bitwarden.cipherbliss.com
touch /home/www/bitwarden.cipherbliss.com/index.html
echo "coucou bitwarden.cipherbliss.com" > /home/www/bitwarden.cipherbliss.com/index.html
touch /etc/nginx/sites-available/bitwarden.cipherbliss.com"
rm /etc/nginx/sites-available/bitwarden.cipherbliss.com" /etc/nginx/sites-enabled/bitwarden.cipherbliss.com"
ln -s /etc/nginx/sites-available/bitwarden.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/c.cipherbliss.com
touch /home/www/c.cipherbliss.com/index.html
echo "coucou c.cipherbliss.com" > /home/www/c.cipherbliss.com/index.html
touch /etc/nginx/sites-available/c.cipherbliss.com"
rm /etc/nginx/sites-available/c.cipherbliss.com" /etc/nginx/sites-enabled/c.cipherbliss.com"
ln -s /etc/nginx/sites-available/c.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/bridge.cipherbliss.com
touch /home/www/bridge.cipherbliss.com/index.html
echo "coucou bridge.cipherbliss.com" > /home/www/bridge.cipherbliss.com/index.html
touch /etc/nginx/sites-available/bridge.cipherbliss.com"
rm /etc/nginx/sites-available/bridge.cipherbliss.com" /etc/nginx/sites-enabled/bridge.cipherbliss.com"
ln -s /etc/nginx/sites-available/bridge.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/calc.cipherbliss.com
touch /home/www/calc.cipherbliss.com/index.html
echo "coucou calc.cipherbliss.com" > /home/www/calc.cipherbliss.com/index.html
touch /etc/nginx/sites-available/calc.cipherbliss.com"
rm /etc/nginx/sites-available/calc.cipherbliss.com" /etc/nginx/sites-enabled/calc.cipherbliss.com"
ln -s /etc/nginx/sites-available/calc.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/events.cipherbliss.com
touch /home/www/events.cipherbliss.com/index.html
echo "coucou events.cipherbliss.com" > /home/www/events.cipherbliss.com/index.html
touch /etc/nginx/sites-available/events.cipherbliss.com"
rm /etc/nginx/sites-available/events.cipherbliss.com" /etc/nginx/sites-enabled/events.cipherbliss.com"
ln -s /etc/nginx/sites-available/events.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/icinga.cipherbliss.com
touch /home/www/icinga.cipherbliss.com/index.html
echo "coucou icinga.cipherbliss.com" > /home/www/icinga.cipherbliss.com/index.html
touch /etc/nginx/sites-available/icinga.cipherbliss.com"
rm /etc/nginx/sites-available/icinga.cipherbliss.com" /etc/nginx/sites-enabled/icinga.cipherbliss.com"
ln -s /etc/nginx/sites-available/icinga.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/monit.cipherbliss.com
touch /home/www/monit.cipherbliss.com/index.html
echo "coucou monit.cipherbliss.com" > /home/www/monit.cipherbliss.com/index.html
touch /etc/nginx/sites-available/monit.cipherbliss.com"
rm /etc/nginx/sites-available/monit.cipherbliss.com" /etc/nginx/sites-enabled/monit.cipherbliss.com"
ln -s /etc/nginx/sites-available/monit.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/music.cipherbliss.com
touch /home/www/music.cipherbliss.com/index.html
echo "coucou music.cipherbliss.com" > /home/www/music.cipherbliss.com/index.html
touch /etc/nginx/sites-available/music.cipherbliss.com"
rm /etc/nginx/sites-available/music.cipherbliss.com" /etc/nginx/sites-enabled/music.cipherbliss.com"
ln -s /etc/nginx/sites-available/music.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/nas.cipherbliss.com
touch /home/www/nas.cipherbliss.com/index.html
echo "coucou nas.cipherbliss.com" > /home/www/nas.cipherbliss.com/index.html
touch /etc/nginx/sites-available/nas.cipherbliss.com"
rm /etc/nginx/sites-available/nas.cipherbliss.com" /etc/nginx/sites-enabled/nas.cipherbliss.com"
ln -s /etc/nginx/sites-available/nas.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/pass.cipherbliss.com
touch /home/www/pass.cipherbliss.com/index.html
echo "coucou pass.cipherbliss.com" > /home/www/pass.cipherbliss.com/index.html
touch /etc/nginx/sites-available/pass.cipherbliss.com"
rm /etc/nginx/sites-available/pass.cipherbliss.com" /etc/nginx/sites-enabled/pass.cipherbliss.com"
ln -s /etc/nginx/sites-available/pass.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/demo.cipherbliss.com
touch /home/www/demo.cipherbliss.com/index.html
echo "coucou demo.cipherbliss.com" > /home/www/demo.cipherbliss.com/index.html
touch /etc/nginx/sites-available/demo.cipherbliss.com"
rm /etc/nginx/sites-available/demo.cipherbliss.com" /etc/nginx/sites-enabled/demo.cipherbliss.com"
ln -s /etc/nginx/sites-available/demo.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/log.cipherbliss.com
touch /home/www/log.cipherbliss.com/index.html
echo "coucou log.cipherbliss.com" > /home/www/log.cipherbliss.com/index.html
touch /etc/nginx/sites-available/log.cipherbliss.com"
rm /etc/nginx/sites-available/log.cipherbliss.com" /etc/nginx/sites-enabled/log.cipherbliss.com"
ln -s /etc/nginx/sites-available/log.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/participalibre.cipherbliss.com
touch /home/www/participalibre.cipherbliss.com/index.html
echo "coucou participalibre.cipherbliss.com" > /home/www/participalibre.cipherbliss.com/index.html
touch /etc/nginx/sites-available/participalibre.cipherbliss.com"
rm /etc/nginx/sites-available/participalibre.cipherbliss.com" /etc/nginx/sites-enabled/participalibre.cipherbliss.com"
ln -s /etc/nginx/sites-available/participalibre.cipherbliss.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/www.free-software-academy.com
touch /home/www/www.free-software-academy.com/index.html
echo "coucou www.free-software-academy.com" > /home/www/www.free-software-academy.com/index.html
touch /etc/nginx/sites-available/www.free-software-academy.com"
rm /etc/nginx/sites-available/www.free-software-academy.com" /etc/nginx/sites-enabled/www.free-software-academy.com"
ln -s /etc/nginx/sites-available/www.free-software-academy.com" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/www.coussinet.org
touch /home/www/www.coussinet.org/index.html
echo "coucou www.coussinet.org" > /home/www/www.coussinet.org/index.html
touch /etc/nginx/sites-available/www.coussinet.org"
rm /etc/nginx/sites-available/www.coussinet.org" /etc/nginx/sites-enabled/www.coussinet.org"
ln -s /etc/nginx/sites-available/www.coussinet.org" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/panel.coussinet.org
touch /home/www/panel.coussinet.org/index.html
echo "coucou panel.coussinet.org" > /home/www/panel.coussinet.org/index.html
touch /etc/nginx/sites-available/panel.coussinet.org"
rm /etc/nginx/sites-available/panel.coussinet.org" /etc/nginx/sites-enabled/panel.coussinet.org"
ln -s /etc/nginx/sites-available/panel.coussinet.org" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/source.coussinet.org
touch /home/www/source.coussinet.org/index.html
echo "coucou source.coussinet.org" > /home/www/source.coussinet.org/index.html
touch /etc/nginx/sites-available/source.coussinet.org"
rm /etc/nginx/sites-available/source.coussinet.org" /etc/nginx/sites-enabled/source.coussinet.org"
ln -s /etc/nginx/sites-available/source.coussinet.org" /etc/nginx/sites-enabled/
# ---------
mkdir -p /home/www/www.joinfediverse.org
touch /home/www/www.joinfediverse.org/index.html
echo "coucou www.joinfediverse.org" > /home/www/www.joinfediverse.org/index.html
touch /etc/nginx/sites-available/www.joinfediverse.org"
rm /etc/nginx/sites-available/www.joinfediverse.org" /etc/nginx/sites-enabled/www.joinfediverse.org"
ln -s /etc/nginx/sites-available/www.joinfediverse.org" /etc/nginx/sites-enabled/