From: Christian Heller Date: Tue, 29 Aug 2023 22:22:18 +0000 (+0200) Subject: Improve web setup. X-Git-Url: https://plomlompom.com/repos/%7B%7B%20web_path%20%7D%7D/decks/%7B%7B%20deck_id%20%7D%7D/edit?a=commitdiff_plain;h=af7fbe96d9af13e1a5d2485351f5ca4ce2cf3ccd;p=config Improve web setup. --- diff --git a/bookworm/setup_scripts/misc.sh b/bookworm/setup_scripts/misc.sh index cc93c32..641d752 100644 --- a/bookworm/setup_scripts/misc.sh +++ b/bookworm/setup_scripts/misc.sh @@ -19,6 +19,15 @@ expect_n_args() { fi } +expect_setup_finished_file() { + filename="$1" + setup_script="$2" + if [ ! -f "${HOME}/${filename}" ]; then + echo "First need to run ${setup_script}." + false + fi +} + get_system_name_arg() { found=0 for system_name_i in $legal_system_names; do diff --git a/bookworm/setup_scripts/setup_status.plomlompom.com.sh b/bookworm/setup_scripts/setup_status.plomlompom.com.sh new file mode 100644 index 0000000..d5e6d18 --- /dev/null +++ b/bookworm/setup_scripts/setup_status.plomlompom.com.sh @@ -0,0 +1,27 @@ +#!/bin/sh +set -e +. ./misc.sh + +expect_setup_finished_file setup_web_has_been_run setup_web.sh + +if [ -z "$1"]; then + domain="status.plomlompom.com" +else + domain="$1" +fi +# Install configs, set up firewall. +./install_for_target.sh static_websites +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" static_websites +nft -f /etc/nftables.conf + +# Set up letsencrypt certificate. TODO: Is it auto-renewed? +ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default +certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}" +rm /etc/nginx/sites-enabled/default + +# Prepare NGINX for status.plomlompom.com. +sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx +ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx + +service nginx restart + diff --git a/bookworm/setup_scripts/setup_web.sh b/bookworm/setup_scripts/setup_web.sh index 4b1e93f..a2e672f 100755 --- a/bookworm/setup_scripts/setup_web.sh +++ b/bookworm/setup_scripts/setup_web.sh @@ -2,26 +2,25 @@ set -e . ./misc.sh +expect_setup_finished_file setup_server_has_been_run setup_server.sh + expect_n_args 1 "(domain name)" "$@" domain="$1" -if [ ! -f "$HOME/setup_server_has_been_run" ]; then - echo "First need to run setup_server.sh." - false -fi - # Install configs, set up firewall. -./install_for_target.sh web static_websites -./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web static_websites +./install_for_target.sh web +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web nft -f /etc/nftables.conf -# Set up letsencrypt certificate. TODO: Is it auto-renewed? -ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default -certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}" -rm /etc/nginx/sites-enabled/default +# # Set up letsencrypt certificate. TODO: Is it auto-renewed? +# ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default +# certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}" +# rm /etc/nginx/sites-enabled/default -# Prepare NGINX for status.plomlompom.com. -sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx -ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx +# # Prepare NGINX for status.plomlompom.com. +# sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx +# ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx +# +# service nginx restart -service nginx restart +touch "$HOME/setup_web_has_been_run"