Old configurations removed - config_ngix.sh replaced

10 files changed, 20 insertions, 248 deletions

diff --git a/netzbon/config_nginx.sh b/netzbon/config_nginx.sh
index 1d355fd..bf85f96 100755
--- a/netzbon/config_nginx.sh
+++ b/netzbon/config_nginx.sh
@@ -1,59 +1,33 @@
 #!/bin/bash
-# This file is in the public domain.
-
-set -eu
-
-# Inputs: DOMAIN_NAME & ENABLE_TLS
 
 source functions.sh
 source config/user.conf
-source config/internal.conf
-
-if test -z ${DOMAIN_NAME:-}
-then
-    say "Error: config/user.conf does not specify DOMAIN_NAME"
-    exit 1
-fi
-if test -z ${ENABLE_TLS:-}
-then
-    say "Error: config/user.conf does not specify ENABLE_TLS"
-    exit 1
-fi
-
-say "Configuring Nginx"
+export DOMAIN_NAME=${DOMAIN_NAME}
 
-SITES_AVAILABLE_DIR=/etc/nginx/sites-available
-SITES_ENABLED_DIR=/etc/nginx/sites-enabled
+envsubst <nginx-conf/backend.taler-nginx.conf > /etc/nginx/sites-available/backend.${DOMAIN_NAME}
+envsubst <nginx-conf/bank.taler-nginx.conf > /etc/nginx/sites-available/bank.${DOMAIN_NAME}
+envsubst <nginx-conf/exchange.taler-nginx.conf > /etc/nginx/sites-available/exchange.${DOMAIN_NAME}
 
-cat ${SITES_AVAILABLE_DIR}/taler-exchange \
-  | sed -e "s/localhost/exchange.${DOMAIN_NAME}/g" \
-  | sed -e "s/location \/taler-exchange\//location \//g" \
-  > ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME}
+if test ${ENABLE_TLS} == "y"
+then
 
-cat ${SITES_AVAILABLE_DIR}/taler-merchant \
-    | sed -e "s/localhost/backend.${DOMAIN_NAME}/g" \
-    | sed -e "s/location \/taler-merchant\//location \//g" \
-    > ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME}
+# patch to: Replace http to https, to avoid error of mixed content
 
-cat ${SITES_AVAILABLE_DIR}/libeufin-sandbox \
-    | sed -e "s/localhost/bank.${DOMAIN_NAME}/g" \
-    > ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME}
+sed -i "s/http:\/\/bank./https:\/\/bank./g" /etc/libeufin/demobank-ui-settings.js
 
-say "Restarting Nginx with new configuration"
-systemctl restart nginx
+# Certbot
 
-if test ${ENABLE_TLS} == "y"
-then
     say "Obtaining TLS certificates"
 
-    certbot --nginx \
-                -d backend.${DOMAIN_NAME} \
-                -d bank.${DOMAIN_NAME} \
-                -d exchange.${DOMAIN_NAME}
+    certbot -d ${DOMAIN_NAME} \
+            -d backend.${DOMAIN_NAME} \
+            -d bank.${DOMAIN_NAME} \
+            -d exchange.${DOMAIN_NAME}
 fi
+
+ln -s /etc/nginx/sites-available/backend.${DOMAIN_NAME} /etc/nginx/sites-enabled/backend.${DOMAIN_NAME}
+ln -s /etc/nginx/sites-available/bank.${DOMAIN_NAME} /etc/nginx/sites-enabled/bank.${DOMAIN_NAME}
+ln -s /etc/nginx/sites-available/exchange.${DOMAIN_NAME} /etc/nginx/sites-enabled/exchange.${DOMAIN_NAME}
+
+say "Restarting Nginx with new configuration"
+systemctl reload nginx
diff --git a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/backend.taler-nginx.conf b/netzbon/nginx-conf/backend.taler-nginx.conf
index 6cf9961..6cf9961 100644
--- a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/backend.taler-nginx.conf
+++ b/netzbon/nginx-conf/backend.taler-nginx.conf
diff --git a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/bank.taler-nginx.conf b/netzbon/nginx-conf/bank.taler-nginx.conf
index a9f8059..a9f8059 100644
--- a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/bank.taler-nginx.conf
+++ b/netzbon/nginx-conf/bank.taler-nginx.conf
diff --git a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/exchange.taler-nginx.conf b/netzbon/nginx-conf/exchange.taler-nginx.conf
index 0f470a1..0f470a1 100644
--- a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/exchange.taler-nginx.conf
+++ b/netzbon/nginx-conf/exchange.taler-nginx.conf
diff --git a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/config_nginx.sh b/netzbon/nginx_configurations/new_nginx_listen_80_certbot/config_nginx.sh
deleted file mode 100755
index 6d03f77..0000000
--- a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/config_nginx.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/bash
-
-source functions.sh
-source config/user.conf
-export DOMAIN_NAME=${DOMAIN_NAME}
-
-envsubst <backend.taler-nginx.conf > /etc/nginx/sites-available/backend.${DOMAIN_NAME}
-envsubst <bank.taler-nginx.conf > /etc/nginx/sites-available/bank.${DOMAIN_NAME}
-envsubst <exchange.taler-nginx.conf > /etc/nginx/sites-available/exchange.${DOMAIN_NAME}
-
-if test ${ENABLE_TLS} == "y"
-then
-
-# patch to: Replace http to https, to avoid error of mixed content
-
-sed -i "s/http:\/\/bank./https:\/\/bank./g" /etc/libeufin/demobank-ui-settings.js
-
-# Certbot
-
-    say "Obtaining TLS certificates"
-
-    certbot -d ${DOMAIN_NAME} \
-            -d backend.${DOMAIN_NAME} \
-            -d bank.${DOMAIN_NAME} \
-            -d exchange.${DOMAIN_NAME}
-fi
-
-ln -s /etc/nginx/sites-available/backend.${DOMAIN_NAME} /etc/nginx/sites-enabled/backend.${DOMAIN_NAME}
-ln -s /etc/nginx/sites-available/bank.${DOMAIN_NAME} /etc/nginx/sites-enabled/bank.${DOMAIN_NAME}
-ln -s /etc/nginx/sites-available/exchange.${DOMAIN_NAME} /etc/nginx/sites-enabled/exchange.${DOMAIN_NAME}
-
-say "Restarting Nginx with new configuration"
-systemctl reload nginx
diff --git a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/backend.conf b/netzbon/nginx_configurations/old_nginx_listen_443_certbot/backend.conf
deleted file mode 100644
index e95f387..0000000
--- a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/backend.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-server {
-  listen 80;
-  listen [::]:80;
-
-  server_name backend.${DOMAIN_NAME};
-  rewrite ^(.*) https://$server_name$1 permanent;
-}
-
-server {
-  listen 443 ssl;
-  listen [::]:443 ssl;
-
-  server_name backend.${DOMAIN_NAME};
-
-  ssl_certificate     /etc/letsencrypt/live/${DOMAIN_NAME}/cert.pem;
-  ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-
-  access_log /var/log/nginx/merchant.log;
-  error_log /var/log/nginx/merchant.err;
-  
-  location /taler-merchant/ {
-    proxy_pass http://unix:/var/run/taler/merchant-httpd/merchant-http.sock;
-  }
-}
diff --git a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/bank.conf b/netzbon/nginx_configurations/old_nginx_listen_443_certbot/bank.conf
deleted file mode 100644
index c9e44d1..0000000
--- a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/bank.conf
+++ /dev/null
@@ -1,33 +0,0 @@
-server {
-  listen 80;
-  listen [::]:80;
-
-  server_name bank.${DOMAIN_NAME};
-  rewrite ^(.*) https://$server_name$1 permanent;
-}
-
-server {
-  listen 443 ssl;
-  listen [::]:443 ssl;
-
-  server_name bank.${DOMAIN_NAME};
-  
-  ssl_certificate     /etc/letsencrypt/live/${DOMAIN_NAME}/cert.pem;
-  ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-
-  access_log /var/log/nginx/libeufin-sandbox.log;
-  error_log /var/log/nginx/libeufin-sandbox.err;
-
-  location /demobanks/default {
-    proxy_pass http://localhost:5016;
-  }
-  
-  location / {
-    index index.html;
-    alias /usr/share/libeufin/demobank-ui/;
-  }
-
-  location = /demobank-ui-settings.js {
-    alias /etc/libeufin/demobank-ui-settings.js;
-  }
-}
diff --git a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh b/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh
deleted file mode 100755
index 0180d5a..0000000
--- a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-
-source functions.sh
-source config/user.conf
-export DOMAIN_NAME=${DOMAIN_NAME}
-
-envsubst <backend.conf > /etc/nginx/sites-available/backend.${DOMAIN_NAME}
-envsubst <bank.conf > /etc/nginx/sites-available/bank.${DOMAIN_NAME}
-envsubst <exchange.conf > /etc/nginx/sites-available/exchange.${DOMAIN_NAME}
-
-if test ${ENABLE_TLS} == "y"
-then
-    say "Obtaining TLS certificates"
-
-    certbot -d ${DOMAIN_NAME} \
-            -d backend.${DOMAIN_NAME} \
-            -d bank.${DOMAIN_NAME} \
-            -d exchange.${DOMAIN_NAME}
-fi
-
-ln -s /etc/nginx/sites-available/backend.${DOMAIN_NAME} /etc/nginx/sites-enabled/backend.${DOMAIN_NAME}
-ln -s /etc/nginx/sites-available/bank.${DOMAIN_NAME} /etc/nginx/sites-enabled/bank.${DOMAIN_NAME}
-ln -s /etc/nginx/sites-available/exchange.${DOMAIN_NAME} /etc/nginx/sites-enabled/exchange.${DOMAIN_NAME}
-
-say "Restarting Nginx with new configuration"
-systemctl reload nginx
diff --git a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh.old b/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh.old
deleted file mode 100755
index 2940e55..0000000
--- a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh.old
+++ /dev/null
@@ -1,62 +0,0 @@
-#!/bin/bash
-# This file is in the public domain.
-
-set -eu
-
-# Inputs: DOMAIN_NAME & ENABLE_TLS
-
-source functions.sh
-source config/user.conf
-source config/internal.conf
-
-if test -z ${DOMAIN_NAME:-}
-then
-    say "Error: config/user.conf does not specify DOMAIN_NAME"
-    exit 1
-fi
-if test -z ${ENABLE_TLS:-}
-then
-    say "Error: config/user.conf does not specify ENABLE_TLS"
-    exit 1
-fi
-
-say "Configuring Nginx"
-
-SITES_AVAILABLE_DIR=/etc/nginx/sites-available
-SITES_ENABLED_DIR=/etc/nginx/sites-enabled
-
-cat ${SITES_AVAILABLE_DIR}/taler-exchange \
-  | sed -e "s/localhost/exchange.${DOMAIN_NAME}/g" \
-  | sed -e "s/location \/taler-exchange\//location \//g" \
-  | sed -e "s/# proxy_set_header/proxy_set_header/g" \
-  > ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME}
-
-cat ${SITES_AVAILABLE_DIR}/taler-merchant \
-    | sed -e "s/localhost/backend.${DOMAIN_NAME}/g" \
-    | sed -e "s/location \/taler-merchant\//location \//g" \
-    | sed -e "s/# proxy_set_header/proxy_set_header/g" \
-    > ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME}
-
-cat ${SITES_AVAILABLE_DIR}/libeufin-sandbox \
-    | sed -e "s/localhost/bank.${DOMAIN_NAME}/g" \
-    | sed -e "s/\$scheme/https/g" \
-    > ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME}
-
-say "Restarting Nginx with new configuration"
-systemctl restart nginx
-
-if test ${ENABLE_TLS} == "y"
-then
-    say "Obtaining TLS certificates"
-
-    certbot --nginx \
-                -d backend.${DOMAIN_NAME} \
-                -d bank.${DOMAIN_NAME} \
-                -d exchange.${DOMAIN_NAME}
-fi
diff --git a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/exchange.conf b/netzbon/nginx_configurations/old_nginx_listen_443_certbot/exchange.conf
deleted file mode 100644
index 55a1aa0..0000000
--- a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/exchange.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-server {
-  listen 80;
-  listen [::]:80;
-
-  server_name exchange.${DOMAIN_NAME};
-  rewrite ^(.*) https://$server_name$1 permanent;
-}
-
-server {
-  listen 443 ssl;
-  listen [::]:443 ssl;
-
-  server_name exchange.${DOMAIN_NAME};
-
-  ssl_certificate     /etc/letsencrypt/live/${DOMAIN_NAME}/cert.pem;
-  ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-
-  access_log /var/log/nginx/exchange.log;
-  error_log /var/log/nginx/exchange.err;
-
-  location /taler-exchange/ {
-     proxy_pass http://unix:/var/run/taler/exchange-httpd/exchange-http.sock;
-  }
-}