fix link error and add acme.sh script

This commit is contained in:
VirtuBox 2018-04-13 18:08:19 +02:00
parent 679e9931c7
commit bba302d253
5 changed files with 99 additions and 48 deletions

View File

@ -122,7 +122,7 @@ wget -O /etc/php/7.0/fpm/php.ini https://raw.githubusercontent.com/VirtuBox/ubun
service php7.0-fpm restart
# PHP 7.1
wget -O /etc/php/7.1/fpm/php.ini https://github.com/VirtuBox/ubuntu-nginx-web-server/blob/master/etc/php/7.1/fpm/php.ini
wget -O /etc/php/7.1/fpm/php.ini https://raw.githubusercontent.com/VirtuBox/ubuntu-nginx-web-server/master/etc/php/7.1/fpm/php.ini
service php7.1-fpm restart
# PHP 7.2

View File

@ -122,7 +122,7 @@ wget -O /etc/php/7.0/fpm/php.ini https://raw.githubusercontent.com/VirtuBox/ubun
service php7.0-fpm restart
# PHP 7.1
wget -O /etc/php/7.1/fpm/php.ini https://github.com/VirtuBox/ubuntu-nginx-web-server/blob/master/etc/php/7.1/fpm/php.ini
wget -O /etc/php/7.1/fpm/php.ini https://raw.githubusercontent.com/VirtuBox/ubuntu-nginx-web-server/master/etc/php/7.1/fpm/php.ini
service php7.1-fpm restart
# PHP 7.2

View File

@ -1,46 +0,0 @@
# bashrc functions to install your ssl certificate with easyengine
domain-acme-install ()
{
read -p "Enter your domain name: " domain_name
cat <<EOF >/var/www/$domain_name/conf/nginx/ssl.conf
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl on;
ssl_certificate /etc/nginx/acme.sh/$domain_name/fullchain.pem;
ssl_certificate_key /etc/nginx/acme.sh/$domain_name/privkey.pem;
EOF
cat <<EOF >/etc/nginx/conf.d/$domain_name-forcessl.conf
server {
listen 80;
listen [::]:80;
server_name $domain_name www.$domain_name;
return 301 https://$domain_name$request_uri;
}
EOF
nginx -t
service nginx reload
}
subdomain-acme-install ()
{
read -p "Enter your sub-domain name: " domain_name
cat <<EOF >/var/www/$domain_name/conf/nginx/ssl.conf
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl on;
ssl_certificate /etc/nginx/acme.sh/$domain_name/fullchain.pem;
ssl_certificate_key /etc/nginx/acme.sh/$domain_name/privkey.pem;
EOF
cat <<EOF >/etc/nginx/conf.d/$domain_name-forcessl.conf
server {
listen 80;
listen [::]:80;
server_name $domain_name;
return 301 https://$domain_name$request_uri;
}
EOF
nginx -t
service nginx reload
}

97
scripts/ee-acme-cf Normal file
View File

@ -0,0 +1,97 @@
# .bashrc functions to automate ssl certificate installation with acme.sh
#
ee-ssl-www ()
{
read -p "Enter your domain name: " domain_name
if [ ! -f ~/.acme.sh/acme.sh ]; then
wget -O - https://get.acme.sh | sh
fi
~/.acme.sh/acme.sh --issue -d $domain_name -d www.$domain_name --keylength ec-384 --dns dns_cf --dnssleep 60
if [ ! -f /var/www/$domain_name/conf/nginx/ssl.conf ]; then
# add certificate to the nginx vhost configuration
cat <<EOF >/var/www/$domain_name/conf/nginx/ssl.conf
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl on;
ssl_certificate /etc/nginx/acme.sh/$domain_name/fullchain.pem;
ssl_certificate_key /etc/nginx/acme.sh/$domain_name/key.pem;
ssl_trusted_certificate /etc/nginx/acme.sh/$domain_name/cert.pem;
EOF
fi
# create folder to store certificate
mkdir -p /etc/nginx/acme.sh/$domain_name
if [ ! -f /etc/nginx/conf.d/$domain_name-forcessl.conf ]; then
# add the redirection from http to https
cat <<EOF >/etc/nginx/conf.d/$domain_name-forcessl.conf
server {
listen 80;
listen [::]:80;
server_name $domain_name www.$domain_name;
return 301 https://$domain_name$request_uri;
}
EOF
fi
# install the cert and reload nginx
acme.sh --install-cert -d $domain_name --ecc \
--cert-file /etc/nginx/acme.sh/$domain_name/cert.pem \
--key-file /etc/nginx/acme.sh/$domain_name/key.pem \
--fullchain-file /etc/nginx/acme.sh/$domain_name/fullchain.pem \
--reloadcmd "systemctl reload nginx.service"
}
ee-ssl-subdomain ()
{
read -p "Enter your sub-domain name: " domain_name
if [ ! -f ~/.acme.sh/acme.sh ]; then
wget -O - https://get.acme.sh | sh
fi
# issue cert
~/.acme.sh/acme.sh --issue -d $domain_name --keylength ec-384 --dns dns_cf --dnssleep 60
# create folder to store certificate
mkdir -p /etc/nginx/acme.sh/$domain_name
if [ ! -f /var/www/$domain_name/conf/nginx/ssl.conf ]; then
# add certificate to the nginx vhost configuration
cat <<EOF >/var/www/$domain_name/conf/nginx/ssl.conf
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl on;
ssl_certificate /etc/nginx/acme.sh/$domain_name/fullchain.pem;
ssl_certificate_key /etc/nginx/acme.sh/$domain_name/key.pem;
ssl_trusted_certificate /etc/nginx/acme.sh/$domain_name/cert.pem;
EOF
fi
if [ ! -f /etc/nginx/conf.d/$domain_name-forcessl.conf ]; then
# add the redirection from http to https
cat <<EOF >/etc/nginx/conf.d/$domain_name-forcessl.conf
server {
listen 80;
listen [::]:80;
server_name $domain_name;
return 301 https://$domain_name$request_uri;
}
EOF
fi
# install the cert and reload nginx
/root/.acme.sh/acme.sh --install-cert -d $domain_name --ecc \
--cert-file /etc/nginx/acme.sh/$domain_name/cert.pem \
--key-file /etc/nginx/acme.sh/$domain_name/key.pem \
--fullchain-file /etc/nginx/acme.sh/$domain_name/fullchain.pem \
--reloadcmd "systemctl reload nginx.service"
}