add conf scripts
This commit is contained in:
parent
1d08b01501
commit
ee37e2a9da
|
@ -1 +1,3 @@
|
|||
output/*.conf
|
||||
output/*.sh
|
||||
output/hosts
|
|
@ -234,7 +234,7 @@ export const domainsConfig = [{
|
|||
name: 'rtfm',
|
||||
domain: 'www.free-software-academy.com',
|
||||
framework: 'static',
|
||||
|
||||
disableSSL: true,
|
||||
},
|
||||
{
|
||||
LXCcontainerLocalIP,
|
||||
|
|
|
@ -50,6 +50,10 @@ for (let configDomain of domainsSorted) {
|
|||
createFoldersScript += 'touch /home/www/' + configDomain.domain + '/index.html \n'
|
||||
createFoldersScript += 'echo "coucou ' + configDomain.domain + '" > /home/www/' + configDomain.domain + '/index.html \n'
|
||||
createFoldersScript += ' \n'
|
||||
createFoldersScript += 'touch /etc/nginx/sites-available/' + configDomain.domain + '" \n'
|
||||
createFoldersScript += 'rm /etc/nginx/sites-available/' + configDomain.domain + '" /etc/nginx/sites-enabled/' + configDomain.domain + '" \n'
|
||||
createFoldersScript += 'ln -s /etc/nginx/sites-available/' + configDomain.domain + '" /etc/nginx/sites-enabled/ \n'
|
||||
createFoldersScript += ' \n'
|
||||
|
||||
writeFile(configDomain.domain + '_direct.conf', hostFile.noContainerNginxConf)
|
||||
}else{
|
||||
|
@ -71,9 +75,17 @@ for (let configDomain of domainsSorted) {
|
|||
let hostfileDomains = domainsForHostFile.sort((a, b) => {
|
||||
return a - b
|
||||
}).map(domain => ' 127.0.0.1\t' + domain + ' \n')
|
||||
console.log('hostfileDomains', hostfileDomains.join('').replace(',', ''))
|
||||
|
||||
writeFile('certbot_renew.sh', '!#/bin/bash\n' + renewCertbotScript.join('').replace(',', ''))
|
||||
console.log('hostfileDomains', hostfileDomains.join('')
|
||||
.replace(',', ''))
|
||||
|
||||
|
||||
writeFile('certbot_renew.sh', '!#/bin/bash\n' + renewCertbotScript.join('').replace(',', '')+ '\n149.202.77.27 riseup\n' +
|
||||
'::1 localhost ip6-localhost ip6-loopback\n' +
|
||||
'# coussinet chatons\n' +
|
||||
'ff02::1 ip6-allnodes\n' +
|
||||
'ff02::2 ip6-allrouters\n' +
|
||||
'# ici c\'est 149.202.77.27\n')
|
||||
|
||||
writeFile('folders_create.sh', createFoldersScript.replace(',', ''))
|
||||
writeFile('hosts', hostfileDomains.join('')
|
||||
|
|
|
@ -50,7 +50,7 @@ ${certbotChallengeAcmeRedirect}
|
|||
\t\t# return 301 https://${domainWithoutWWW}$request_uri;
|
||||
\t}
|
||||
`;
|
||||
if(redirectToWWW && redirectToHTTPS){
|
||||
if(redirectToWWW && redirectToHTTPS && !domainConfig.disableSSL){
|
||||
redirectToWWWConf += `\tserver {
|
||||
\t\t\t\t# redirect from www to HTTPS too
|
||||
server_name ${domainConfig.domain};
|
||||
|
@ -59,6 +59,11 @@ ${certbotChallengeAcmeRedirect}
|
|||
}`
|
||||
}
|
||||
|
||||
let phpHandler = `
|
||||
upstream php-handler {
|
||||
server 127.0.0.1:9001;
|
||||
}
|
||||
`;
|
||||
let hostingFileAccess = `
|
||||
# ----------- hosting file config ----------------
|
||||
|
||||
|
@ -97,6 +102,24 @@ ${certbotChallengeAcmeRedirect}
|
|||
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
|
||||
`;
|
||||
|
||||
let secureAccess = `listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
|
||||
server_name ${domainConfig.domain};
|
||||
ssl_certificate /etc/letsencrypt/live/${domainConfig.domain}-0001/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/${domainConfig.domain}-0001/privkey.pem;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";`
|
||||
;
|
||||
if(domainConfig.disableSSL){
|
||||
secureAccess = `
|
||||
# ---------- SSL is disabled -----------------
|
||||
listen 443 http2;
|
||||
listen [::]:443 http2;
|
||||
|
||||
server_name ${domainConfig.domain};
|
||||
`
|
||||
;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -105,26 +128,19 @@ ${certbotChallengeAcmeRedirect}
|
|||
const model = {
|
||||
|
||||
noContainerNginxConf: `
|
||||
# ============ ${domainConfig.name} ===============
|
||||
# ============ ${domainConfig.name} ===============
|
||||
|
||||
${phpHandler}
|
||||
|
||||
${redirectToNoWWW ? redirectToNoWWWConf : '' }
|
||||
|
||||
${redirectToWWW ? redirectToWWWConf : '' }
|
||||
|
||||
${redirectToHTTPS ? redirectToHTTPSConf : '' }
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
|
||||
server_name ${domainConfig.domain};
|
||||
ssl_certificate /etc/letsencrypt/live/${domainConfig.domain}-0001/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/${domainConfig.domain}-0001/privkey.pem;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
|
||||
|
||||
|
||||
${secureAccess}
|
||||
${hostingFileAccess}
|
||||
${certbotChallengeAcmeRedirect}
|
||||
|
||||
}
|
||||
`,
|
||||
homeNginxConf: `
|
||||
|
|
|
@ -32,3 +32,10 @@
|
|||
certbot certonly -a webroot --webroot-path=/tmp/letsencrypt-auto -d source.coussinet.org
|
||||
certbot certonly -a webroot --webroot-path=/tmp/letsencrypt-auto -d www.joinfediverse.org -d joinfediverse.org
|
||||
certbot certonly -a webroot --webroot-path=/tmp/letsencrypt-auto -d cloud.tykayn.fr
|
||||
|
||||
149.202.77.27 riseup
|
||||
::1 localhost ip6-localhost ip6-loopback
|
||||
# coussinet chatons
|
||||
ff02::1 ip6-allnodes
|
||||
ff02::2 ip6-allrouters
|
||||
# ici c'est 149.202.77.27
|
||||
|
|
|
@ -3,93 +3,169 @@ mkdir -p /home/www/meltingpot.cipherbliss.com
|
|||
touch /home/www/meltingpot.cipherbliss.com/index.html
|
||||
echo "coucou meltingpot.cipherbliss.com" > /home/www/meltingpot.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/meltingpot.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/meltingpot.cipherbliss.com" /etc/nginx/sites-enabled/meltingpot.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/meltingpot.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/bitwarden.cipherbliss.com
|
||||
touch /home/www/bitwarden.cipherbliss.com/index.html
|
||||
echo "coucou bitwarden.cipherbliss.com" > /home/www/bitwarden.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/bitwarden.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/bitwarden.cipherbliss.com" /etc/nginx/sites-enabled/bitwarden.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/bitwarden.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/c.cipherbliss.com
|
||||
touch /home/www/c.cipherbliss.com/index.html
|
||||
echo "coucou c.cipherbliss.com" > /home/www/c.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/c.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/c.cipherbliss.com" /etc/nginx/sites-enabled/c.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/c.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/bridge.cipherbliss.com
|
||||
touch /home/www/bridge.cipherbliss.com/index.html
|
||||
echo "coucou bridge.cipherbliss.com" > /home/www/bridge.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/bridge.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/bridge.cipherbliss.com" /etc/nginx/sites-enabled/bridge.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/bridge.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/calc.cipherbliss.com
|
||||
touch /home/www/calc.cipherbliss.com/index.html
|
||||
echo "coucou calc.cipherbliss.com" > /home/www/calc.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/calc.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/calc.cipherbliss.com" /etc/nginx/sites-enabled/calc.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/calc.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/events.cipherbliss.com
|
||||
touch /home/www/events.cipherbliss.com/index.html
|
||||
echo "coucou events.cipherbliss.com" > /home/www/events.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/events.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/events.cipherbliss.com" /etc/nginx/sites-enabled/events.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/events.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/icinga.cipherbliss.com
|
||||
touch /home/www/icinga.cipherbliss.com/index.html
|
||||
echo "coucou icinga.cipherbliss.com" > /home/www/icinga.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/icinga.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/icinga.cipherbliss.com" /etc/nginx/sites-enabled/icinga.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/icinga.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/monit.cipherbliss.com
|
||||
touch /home/www/monit.cipherbliss.com/index.html
|
||||
echo "coucou monit.cipherbliss.com" > /home/www/monit.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/monit.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/monit.cipherbliss.com" /etc/nginx/sites-enabled/monit.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/monit.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/music.cipherbliss.com
|
||||
touch /home/www/music.cipherbliss.com/index.html
|
||||
echo "coucou music.cipherbliss.com" > /home/www/music.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/music.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/music.cipherbliss.com" /etc/nginx/sites-enabled/music.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/music.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/nas.cipherbliss.com
|
||||
touch /home/www/nas.cipherbliss.com/index.html
|
||||
echo "coucou nas.cipherbliss.com" > /home/www/nas.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/nas.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/nas.cipherbliss.com" /etc/nginx/sites-enabled/nas.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/nas.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/pass.cipherbliss.com
|
||||
touch /home/www/pass.cipherbliss.com/index.html
|
||||
echo "coucou pass.cipherbliss.com" > /home/www/pass.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/pass.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/pass.cipherbliss.com" /etc/nginx/sites-enabled/pass.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/pass.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/demo.cipherbliss.com
|
||||
touch /home/www/demo.cipherbliss.com/index.html
|
||||
echo "coucou demo.cipherbliss.com" > /home/www/demo.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/demo.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/demo.cipherbliss.com" /etc/nginx/sites-enabled/demo.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/demo.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/log.cipherbliss.com
|
||||
touch /home/www/log.cipherbliss.com/index.html
|
||||
echo "coucou log.cipherbliss.com" > /home/www/log.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/log.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/log.cipherbliss.com" /etc/nginx/sites-enabled/log.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/log.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/participalibre.cipherbliss.com
|
||||
touch /home/www/participalibre.cipherbliss.com/index.html
|
||||
echo "coucou participalibre.cipherbliss.com" > /home/www/participalibre.cipherbliss.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/participalibre.cipherbliss.com"
|
||||
rm /etc/nginx/sites-available/participalibre.cipherbliss.com" /etc/nginx/sites-enabled/participalibre.cipherbliss.com"
|
||||
ln -s /etc/nginx/sites-available/participalibre.cipherbliss.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/www.free-software-academy.com
|
||||
touch /home/www/www.free-software-academy.com/index.html
|
||||
echo "coucou www.free-software-academy.com" > /home/www/www.free-software-academy.com/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/www.free-software-academy.com"
|
||||
rm /etc/nginx/sites-available/www.free-software-academy.com" /etc/nginx/sites-enabled/www.free-software-academy.com"
|
||||
ln -s /etc/nginx/sites-available/www.free-software-academy.com" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/www.coussinet.org
|
||||
touch /home/www/www.coussinet.org/index.html
|
||||
echo "coucou www.coussinet.org" > /home/www/www.coussinet.org/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/www.coussinet.org"
|
||||
rm /etc/nginx/sites-available/www.coussinet.org" /etc/nginx/sites-enabled/www.coussinet.org"
|
||||
ln -s /etc/nginx/sites-available/www.coussinet.org" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/panel.coussinet.org
|
||||
touch /home/www/panel.coussinet.org/index.html
|
||||
echo "coucou panel.coussinet.org" > /home/www/panel.coussinet.org/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/panel.coussinet.org"
|
||||
rm /etc/nginx/sites-available/panel.coussinet.org" /etc/nginx/sites-enabled/panel.coussinet.org"
|
||||
ln -s /etc/nginx/sites-available/panel.coussinet.org" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/source.coussinet.org
|
||||
touch /home/www/source.coussinet.org/index.html
|
||||
echo "coucou source.coussinet.org" > /home/www/source.coussinet.org/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/source.coussinet.org"
|
||||
rm /etc/nginx/sites-available/source.coussinet.org" /etc/nginx/sites-enabled/source.coussinet.org"
|
||||
ln -s /etc/nginx/sites-available/source.coussinet.org" /etc/nginx/sites-enabled/
|
||||
|
||||
# ---------
|
||||
mkdir -p /home/www/www.joinfediverse.org
|
||||
touch /home/www/www.joinfediverse.org/index.html
|
||||
echo "coucou www.joinfediverse.org" > /home/www/www.joinfediverse.org/index.html
|
||||
|
||||
touch /etc/nginx/sites-available/www.joinfediverse.org"
|
||||
rm /etc/nginx/sites-available/www.joinfediverse.org" /etc/nginx/sites-enabled/www.joinfediverse.org"
|
||||
ln -s /etc/nginx/sites-available/www.joinfediverse.org" /etc/nginx/sites-enabled/
|
||||
|
||||
|
|
Loading…
Reference in New Issue