config_nginx.sh (1653B)
1 #!/bin/bash 2 3 source functions.sh 4 source config/user.conf 5 source config/internal.conf 6 7 export PROTO 8 export DOMAIN_NAME 9 export BANK_PORT 10 11 envsubst <nginx-conf/backend.taler-nginx.conf >"/etc/nginx/sites-available/backend.${DOMAIN_NAME}" 12 envsubst <nginx-conf/bank.taler-nginx.conf >"/etc/nginx/sites-available/bank.${DOMAIN_NAME}" 13 envsubst <nginx-conf/exchange.taler-nginx.conf >"/etc/nginx/sites-available/exchange.${DOMAIN_NAME}" 14 15 # Create nginx symlinks 16 17 ln -sf /etc/nginx/sites-available/backend."${DOMAIN_NAME}" /etc/nginx/sites-enabled/backend."${DOMAIN_NAME}" 18 ln -sf /etc/nginx/sites-available/bank."${DOMAIN_NAME}" /etc/nginx/sites-enabled/bank."${DOMAIN_NAME}" 19 ln -sf /etc/nginx/sites-available/exchange."${DOMAIN_NAME}" /etc/nginx/sites-enabled/exchange."${DOMAIN_NAME}" 20 21 if test "${ENABLE_TLS}" == "y"; then 22 23 # Replace http with https in the demobank-ui configuration 24 25 sed -i "s/http:\/\/bank./https:\/\/bank./g" /etc/libeufin/settings.json 26 27 # Certbot 28 29 say "Obtaining TLS certificates using Let's Encrypt" 30 31 certbot --nginx -n --agree-tos -m ${TLS_EMAIL} \ 32 -d backend."${DOMAIN_NAME}" \ 33 -d bank."${DOMAIN_NAME}" \ 34 -d exchange."${DOMAIN_NAME}" &>> setup.log 35 36 # Replace 301 to 308 until https://github.com/certbot/certbot/issues/7407 is fixed 37 sed -i "s/return 301/return 308/g" \ 38 /etc/nginx/sites-available/backend."${DOMAIN_NAME}" \ 39 /etc/nginx/sites-available/bank."${DOMAIN_NAME}" \ 40 /etc/nginx/sites-available/exchange."${DOMAIN_NAME}" 41 else 42 sed -i "s/https:\/\/bank./http:\/\/bank./g" /etc/libeufin/settings.json 43 fi 44 45 say "Restarting Nginx with new configuration" 46 systemctl reload nginx &>> setup.log