diff options
Diffstat (limited to 'netzbon/config_nginx.sh')
-rwxr-xr-x | netzbon/config_nginx.sh | 66 |
1 files changed, 20 insertions, 46 deletions
diff --git a/netzbon/config_nginx.sh b/netzbon/config_nginx.sh index 1d355fd..bf85f96 100755 --- a/netzbon/config_nginx.sh +++ b/netzbon/config_nginx.sh @@ -1,59 +1,33 @@ #!/bin/bash -# This file is in the public domain. - -set -eu - -# Inputs: DOMAIN_NAME & ENABLE_TLS source functions.sh source config/user.conf -source config/internal.conf - -if test -z ${DOMAIN_NAME:-} -then - say "Error: config/user.conf does not specify DOMAIN_NAME" - exit 1 -fi -if test -z ${ENABLE_TLS:-} -then - say "Error: config/user.conf does not specify ENABLE_TLS" - exit 1 -fi - -say "Configuring Nginx" +export DOMAIN_NAME=${DOMAIN_NAME} -SITES_AVAILABLE_DIR=/etc/nginx/sites-available -SITES_ENABLED_DIR=/etc/nginx/sites-enabled +envsubst <nginx-conf/backend.taler-nginx.conf > /etc/nginx/sites-available/backend.${DOMAIN_NAME} +envsubst <nginx-conf/bank.taler-nginx.conf > /etc/nginx/sites-available/bank.${DOMAIN_NAME} +envsubst <nginx-conf/exchange.taler-nginx.conf > /etc/nginx/sites-available/exchange.${DOMAIN_NAME} -cat ${SITES_AVAILABLE_DIR}/taler-exchange \ - | sed -e "s/localhost/exchange.${DOMAIN_NAME}/g" \ - | sed -e "s/location \/taler-exchange\//location \//g" \ - > ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME} -rm -f ${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME} -ln -s ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME} +if test ${ENABLE_TLS} == "y" +then -cat ${SITES_AVAILABLE_DIR}/taler-merchant \ - | sed -e "s/localhost/backend.${DOMAIN_NAME}/g" \ - | sed -e "s/location \/taler-merchant\//location \//g" \ - > ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME} -rm -f ${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME} -ln -s ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME} +# patch to: Replace http to https, to avoid error of mixed content -cat ${SITES_AVAILABLE_DIR}/libeufin-sandbox \ - | sed -e "s/localhost/bank.${DOMAIN_NAME}/g" \ - > ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME} -rm -f ${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME} -ln -s ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME} ${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME} +sed -i "s/http:\/\/bank./https:\/\/bank./g" /etc/libeufin/demobank-ui-settings.js -say "Restarting Nginx with new configuration" -systemctl restart nginx +# Certbot -if test ${ENABLE_TLS} == "y" -then say "Obtaining TLS certificates" - certbot --nginx \ - -d backend.${DOMAIN_NAME} \ - -d bank.${DOMAIN_NAME} \ - -d exchange.${DOMAIN_NAME} + certbot -d ${DOMAIN_NAME} \ + -d backend.${DOMAIN_NAME} \ + -d bank.${DOMAIN_NAME} \ + -d exchange.${DOMAIN_NAME} fi + +ln -s /etc/nginx/sites-available/backend.${DOMAIN_NAME} /etc/nginx/sites-enabled/backend.${DOMAIN_NAME} +ln -s /etc/nginx/sites-available/bank.${DOMAIN_NAME} /etc/nginx/sites-enabled/bank.${DOMAIN_NAME} +ln -s /etc/nginx/sites-available/exchange.${DOMAIN_NAME} /etc/nginx/sites-enabled/exchange.${DOMAIN_NAME} + +say "Restarting Nginx with new configuration" +systemctl reload nginx |