From af7fbe96d9af13e1a5d2485351f5ca4ce2cf3ccd Mon Sep 17 00:00:00 2001
From: Christian Heller <c.heller@plomlompom.de>
Date: Wed, 30 Aug 2023 00:22:18 +0200
Subject: [PATCH] Improve web setup.

---
 bookworm/setup_scripts/misc.sh                |  9 ++++++
 .../setup_status.plomlompom.com.sh            | 27 +++++++++++++++++
 bookworm/setup_scripts/setup_web.sh           | 29 +++++++++----------
 3 files changed, 50 insertions(+), 15 deletions(-)
 create mode 100644 bookworm/setup_scripts/setup_status.plomlompom.com.sh

diff --git a/bookworm/setup_scripts/misc.sh b/bookworm/setup_scripts/misc.sh
index cc93c32..641d752 100644
--- a/bookworm/setup_scripts/misc.sh
+++ b/bookworm/setup_scripts/misc.sh
@@ -19,6 +19,15 @@ expect_n_args() {
     fi
 }
 
+expect_setup_finished_file() {
+    filename="$1"
+    setup_script="$2"
+    if [ ! -f "${HOME}/${filename}" ]; then
+        echo "First need to run ${setup_script}."
+        false
+    fi
+}
+
 get_system_name_arg() {
     found=0
     for system_name_i in $legal_system_names; do
diff --git a/bookworm/setup_scripts/setup_status.plomlompom.com.sh b/bookworm/setup_scripts/setup_status.plomlompom.com.sh
new file mode 100644
index 0000000..d5e6d18
--- /dev/null
+++ b/bookworm/setup_scripts/setup_status.plomlompom.com.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+
+expect_setup_finished_file setup_web_has_been_run setup_web.sh
+
+if [ -z "$1"]; then
+    domain="status.plomlompom.com"
+else
+    domain="$1"
+fi
+# Install configs, set up firewall.
+./install_for_target.sh static_websites
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" static_websites
+nft -f /etc/nftables.conf
+
+# Set up letsencrypt certificate. TODO: Is it auto-renewed?
+ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
+certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
+rm /etc/nginx/sites-enabled/default
+
+# Prepare NGINX for status.plomlompom.com.
+sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx
+ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx
+
+service nginx restart
+
diff --git a/bookworm/setup_scripts/setup_web.sh b/bookworm/setup_scripts/setup_web.sh
index 4b1e93f..a2e672f 100755
--- a/bookworm/setup_scripts/setup_web.sh
+++ b/bookworm/setup_scripts/setup_web.sh
@@ -2,26 +2,25 @@
 set -e
 . ./misc.sh
 
+expect_setup_finished_file setup_server_has_been_run setup_server.sh
+
 expect_n_args 1 "(domain name)" "$@"
 domain="$1"
 
-if [ ! -f "$HOME/setup_server_has_been_run" ]; then
-    echo "First need to run setup_server.sh."
-    false
-fi
-
 # Install configs, set up firewall.
-./install_for_target.sh web static_websites
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web static_websites
+./install_for_target.sh web
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web
 nft -f /etc/nftables.conf
 
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
+# # Set up letsencrypt certificate. TODO: Is it auto-renewed?
+# ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
+# certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
+# rm /etc/nginx/sites-enabled/default
 
-# Prepare NGINX for status.plomlompom.com.
-sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx
-ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx
+# # Prepare NGINX for status.plomlompom.com.
+# sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx
+# ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx
+# 
+# service nginx restart
 
-service nginx restart
+touch "$HOME/setup_web_has_been_run"
-- 
2.30.2