24 lines
779 B
Bash
24 lines
779 B
Bash
#!/bin/bash
|
|
# Generate a SSL certificate with certbot
|
|
|
|
read -p "Enter your sub-domain name: " domain_name
|
|
certbot certonly --pre-hook "service nginx stop" --standalone --cert-name $domain_name -d $domain_name --post-hook "service nginx start" -n --agree-tos -m contact@$domain_name --rsa-key-size 4096
|
|
|
|
cat <<EOF >/var/www/$domain_name/conf/nginx/ssl.conf
|
|
listen 443 ssl http2;
|
|
listen [::]:443 ssl http2;
|
|
ssl on;
|
|
ssl_certificate /etc/letsencrypt/live/$domain_name/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/$domain_name/privkey.pem;
|
|
EOF
|
|
cat <<EOF >/etc/nginx/conf.d/$domain_name-forcessl.conf
|
|
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
server_name $domain_name;
|
|
return 301 https://$domain_name$request_uri;
|
|
}
|
|
EOF
|
|
nginx -t
|
|
service nginx reload
|