home · contact · privacy
566a6b544f7c4fa43b49349b4111d5941172989c
[config] / bookworm / setup_scripts / setup_tube.plomlompom.com.sh
1 #!/bin/sh
2 set -e
3 . ./misc.sh
4
5 expect_setup_finished_file setup_web_has_been_run setup_web.sh
6
7 if [ -z "$1" ]; then
8     domain="tube.plomlompom.com"
9     mail="plom+tube@plomlompom.com"
10 elif [ "$#" -lt 2 ]; then
11     domain="$1"
12     mail="plom+testing@plomlompom.com"
13 else
14     domain="$1"
15     mail="$2"
16 fi
17 echo "Assuming domain ${domain} and letsencrypt support mail address ${mail}, abort and provide as arguments in this order if other desired! (Otherwise just hit Return.)"
18 read _
19
20 # Install configs, set up firewall.
21 ./install_for_target.sh tube.plomlompom.com
22 ./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" tube.plomlompom.com
23 nft -f /etc/nftables.conf
24
25 # Set up letsencrypt certificate. TODO: Is it auto-renewed?
26 ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
27 certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
28 rm /etc/nginx/sites-enabled/default
29
30 # Prepare NGINX for tube.plomlompom.com.
31 sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/tube.plomlompom.com.nginx
32 ln -s /etc/nginx/sites-available/tube.plomlompom.com.nginx /etc/nginx/sites-enabled/tube.plomlompom.com.nginx
33
34 service nginx restart
35