plomlompom.com Git - config/blob - bookworm/setup_scripts/setup_web.sh

   1 #!/bin/sh
   2 set -e
   3 . ./misc.sh
   4
   5 expect_n_args 1 "(domain name)" "$@"
   6 domain="$1"
   7
   8 if [ ! -f "$HOME/setup_server_has_been_run" ]; then
   9     echo "First need to run setup_server.sh."
  10     false
  11 fi
  12
  13 # Install configs, set up firewall.
  14 ./install_for_target.sh web static_websites
  15 ./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web static_websites
  16 nft -f /etc/nftables.conf
  17
  18 # Set up letsencrypt certificate. TODO: Is it auto-renewed?
  19 ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
  20 certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
  21 rm /etc/nginx/sites-enabled/default
  22
  23 # Prepare NGINX for status.plomlompom.com.
  24 sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx
  25 ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx
  26
  27 service nginx restart