home · contact · privacy
de594ab7e9f88dff708fbad18d424fc7ed12d973
[config] / bookworm / setup_scripts / setup_static_website.sh
1 #!/bin/sh
2 set -e
3 . ./misc.sh
4
5 expect_setup_finished_file setup_web_has_been_run setup_web.sh
6
7 expect_n_args 1 "(website template, i.e. status.plomlompom.com, tube.plomlompom.com …)" "$@"
8 website_template="$1"
9 shift 1
10
11 mirror_ip=""
12 mirror_state="not mirroring automatically"
13 domain="${website_template}"
14 mail="plom+webmaster@plomlompom.com"
15 if [ "$#" -gt 0 ]; then
16     domain="$1"
17     if [ "$#" -gt 1 ]; then
18         mail="plom+testing@plomlompom.com"
19         if [ "$#" -gt 2 ]; then
20             mirror_ip="$3"
21             mirror_state="mirroring automatically from ${mirror_ip}"
22         fi
23     fi
24 fi
25 echo "Assuming domain ${domain} and letsencrypt support mail address ${mail} and ${mirror_state}, abort and provide as arguments in this order if other desired! (Otherwise just hit Return.)"
26 read _
27
28 if [ ! -z "${mirror_ip}" ]; then
29     # Set up connection to old server.
30     cp "${setup_scripts_dir}/misc.sh" /home/plom/
31     cp "${setup_scripts_dir}/prepare_to_meet_server.sh" /home/plom/
32     chown plom:plom /home/plom/prepare_to_meet_server.sh
33     su -lc "./prepare_to_meet_server.sh ${mirror_ip}" plom
34     read -p 'Hit Enter when you are done.' ignore
35     rm /home/plom/prepare_to_meet_server.sh
36
37     # Mirror dirs.
38     cp "${setup_scripts_dir}/mirror_dir.sh" /home/plom/
39     su -lc "./mirror_dir.sh ${mirror_ip} /var/www/${website_template}" plom
40     rm /home/plom/mirror_dir.sh
41     rm /home/plom/misc.sh
42 fi
43
44 # Install configs, set up firewall.
45 ./install_for_target.sh "${website_template}" 
46 ./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" "${website_template}" 
47 nft -f /etc/nftables.conf
48
49 # Set up letsencrypt certificate. TODO: Is it auto-renewed?
50 ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
51 certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
52 rm /etc/nginx/sites-enabled/default
53
54 # Prepare NGINX.
55 sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" "/etc/nginx/sites-available/${website_template}.nginx"
56 ln -s "/etc/nginx/sites-available/${website_template}.nginx" "/etc/nginx/sites-enabled/${website_template}.nginx"
57
58 service nginx restart
59