1 files changed, 20 insertions, 46 deletions
diff --git a/netzbon/config_nginx.sh b/netzbon/config_nginx.sh
index 1d355fd..bf85f96 100755
--- a/netzbon/config_nginx.sh
+++ b/netzbon/config_nginx.sh
@@ -1,59 +1,33 @@
 #!/bin/bash
-# This file is in the public domain.
-
-set -eu
-
-# Inputs: DOMAIN_NAME & ENABLE_TLS
 
 source functions.sh
 source config/user.conf
-source config/internal.conf
-
-if test -z ${DOMAIN_NAME:-}
-then
-    say "Error: config/user.conf does not specify DOMAIN_NAME"
-    exit 1
-fi
-if test -z ${ENABLE_TLS:-}
-then
-    say "Error: config/user.conf does not specify ENABLE_TLS"
-    exit 1
-fi
-
-say "Configuring Nginx"
+export DOMAIN_NAME=${DOMAIN_NAME}
 
-SITES_AVAILABLE_DIR=/etc/nginx/sites-available
-SITES_ENABLED_DIR=/etc/nginx/sites-enabled
+envsubst <nginx-conf/backend.taler-nginx.conf > /etc/nginx/sites-available/backend.${DOMAIN_NAME}
+envsubst <nginx-conf/bank.taler-nginx.conf > /etc/nginx/sites-available/bank.${DOMAIN_NAME}
+envsubst <nginx-conf/exchange.taler-nginx.conf > /etc/nginx/sites-available/exchange.${DOMAIN_NAME}
 
-cat ${SITES_AVAILABLE_DIR}/taler-exchange \
-  | sed -e "s/localhost/exchange.${DOMAIN_NAME}/g" \
-  | sed -e "s/location \/taler-exchange\//location \//g" \
-  > ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME}
+if test ${ENABLE_TLS} == "y"
+then
 
-cat ${SITES_AVAILABLE_DIR}/taler-merchant \
-    | sed -e "s/localhost/backend.${DOMAIN_NAME}/g" \
-    | sed -e "s/location \/taler-merchant\//location \//g" \
-    > ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME}
+# patch to: Replace http to https, to avoid error of mixed content
 
-cat ${SITES_AVAILABLE_DIR}/libeufin-sandbox \
-    | sed -e "s/localhost/bank.${DOMAIN_NAME}/g" \
-    > ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME}
+sed -i "s/http:\/\/bank./https:\/\/bank./g" /etc/libeufin/demobank-ui-settings.js
 
-say "Restarting Nginx with new configuration"
-systemctl restart nginx
+# Certbot
 
-if test ${ENABLE_TLS} == "y"
-then
     say "Obtaining TLS certificates"
 
-    certbot --nginx \
-                -d backend.${DOMAIN_NAME} \
-                -d bank.${DOMAIN_NAME} \
-                -d exchange.${DOMAIN_NAME}
+    certbot -d ${DOMAIN_NAME} \
+            -d backend.${DOMAIN_NAME} \
+            -d bank.${DOMAIN_NAME} \
+            -d exchange.${DOMAIN_NAME}
 fi
+
+ln -s /etc/nginx/sites-available/backend.${DOMAIN_NAME} /etc/nginx/sites-enabled/backend.${DOMAIN_NAME}
+ln -s /etc/nginx/sites-available/bank.${DOMAIN_NAME} /etc/nginx/sites-enabled/bank.${DOMAIN_NAME}
+ln -s /etc/nginx/sites-available/exchange.${DOMAIN_NAME} /etc/nginx/sites-enabled/exchange.${DOMAIN_NAME}
+
+say "Restarting Nginx with new configuration"
+systemctl reload nginx