From 174acd1989d140882900b51dac88a54283e0333f Mon Sep 17 00:00:00 2001 From: Christian Heller Date: Mon, 11 Sep 2023 03:07:41 +0200 Subject: [PATCH] Add PlomTube mirror setup. --- .../status.plomlompom.com.nginx | 0 .../sites-available/tube.plomlompom.com.nginx | 12 +++++++++ .../setup_status.plomlompom.com.sh | 4 +-- .../setup_tube.plomlompom.com.sh | 27 +++++++++++++++++++ 4 files changed, 41 insertions(+), 2 deletions(-) rename bookworm/etc_files/{static_websites => status.plomlompom.com}/etc/nginx/sites-available/status.plomlompom.com.nginx (100%) create mode 100644 bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx create mode 100755 bookworm/setup_scripts/setup_tube.plomlompom.com.sh diff --git a/bookworm/etc_files/static_websites/etc/nginx/sites-available/status.plomlompom.com.nginx b/bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx similarity index 100% rename from bookworm/etc_files/static_websites/etc/nginx/sites-available/status.plomlompom.com.nginx rename to bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx diff --git a/bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx b/bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx new file mode 100644 index 0000000..57b084a --- /dev/null +++ b/bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx @@ -0,0 +1,12 @@ +server { + listen 443 ssl; + server_name REPLACE_fqdn_ECALPER; + ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem; + root /var/www/tube.plomlompom.com/; + + # re-direct to .html endings + location ~ ^/videos/watch/([^\.]*)/?$ { + rewrite ^/videos/watch/([^\./]*)/?$ /videos/watch/$1.html permanent; + } +} diff --git a/bookworm/setup_scripts/setup_status.plomlompom.com.sh b/bookworm/setup_scripts/setup_status.plomlompom.com.sh index d5e6d18..730df3e 100755 --- a/bookworm/setup_scripts/setup_status.plomlompom.com.sh +++ b/bookworm/setup_scripts/setup_status.plomlompom.com.sh @@ -10,8 +10,8 @@ else domain="$1" fi # Install configs, set up firewall. -./install_for_target.sh static_websites -./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" static_websites +./install_for_target.sh status.plomlompom.com +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" status.plomlompom.com nft -f /etc/nftables.conf # Set up letsencrypt certificate. TODO: Is it auto-renewed? diff --git a/bookworm/setup_scripts/setup_tube.plomlompom.com.sh b/bookworm/setup_scripts/setup_tube.plomlompom.com.sh new file mode 100755 index 0000000..efb0c06 --- /dev/null +++ b/bookworm/setup_scripts/setup_tube.plomlompom.com.sh @@ -0,0 +1,27 @@ +#!/bin/sh +set -e +. ./misc.sh + +expect_setup_finished_file setup_web_has_been_run setup_web.sh + +if [ -z "$1"]; then + domain="tube.plomlompom.com" +else + domain="$1" +fi +# Install configs, set up firewall. +./install_for_target.sh tube.plomlompom.com +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" tube.plomlompom.com +nft -f /etc/nftables.conf + +# Set up letsencrypt certificate. TODO: Is it auto-renewed? +ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default +certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}" +rm /etc/nginx/sites-enabled/default + +# Prepare NGINX for tube.plomlompom.com. +sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/tube.plomlompom.com.nginx +ln -s /etc/nginx/sites-available/tube.plomlompom.com.nginx /etc/nginx/sites-enabled/tube.plomlompom.com.nginx + +service nginx restart + -- 2.30.2