From 5cc07c3dd70780829c0e4e1ae921717595a0d2d5 Mon Sep 17 00:00:00 2001 From: "rieger::CLOUD" Date: Wed, 9 Jan 2019 14:54:43 +0100 Subject: [PATCH] Ready for PHP 7.3 --- ssl-certificate-debian.sh | 80 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 ssl-certificate-debian.sh diff --git a/ssl-certificate-debian.sh b/ssl-certificate-debian.sh new file mode 100644 index 0000000..be6a49c --- /dev/null +++ b/ssl-certificate-debian.sh @@ -0,0 +1,80 @@ +####################################################### +# Carsten Rieger IT-Services +# SSL-CERTIFICATE-DEBIAN.SH +# Version 2.1 +####################################################### +#!/bin/bash +###global function to update and cleanup the environment +function update_and_clean() { +apt update +apt upgrade -y +apt autoclean -y +apt autoremove -y +} +###global function to restart all cloud services +function restart_all_services() { +/usr/sbin/service nginx restart +/usr/sbin/service mysql restart +/usr/sbin/service redis-server restart +/usr/sbin/service php7.3-fpm restart +} +###global function to create backups of the effected files +function copy4SSL() { +cp /etc/nginx/conf.d/nextcloud.conf /etc/nginx/conf.d/nextcloud.conf.orig +cp /etc/nginx/ssl.conf /etc/nginx/ssl.conf.orig +cp /var/www/nextcloud/config/config.php /var/www/nextcloud/config/config.php.orig +} +###global function to show an error message if the certificate request would fail +function errorSSL() { +clear +echo "*** ERROR while requesting your certificate(s) ***" +echo "" +echo "Verify that both ports (80 + 443) are forwarded to this server!" +echo "And verify, your dyndns points to your IP properly!" +echo "Then retry..." +} +###add the letsencrypt repository to the server +add-apt-repository ppa:certbot/certbot -y +update_and_clean +###install letsencrypt +apt install letsencrypt -y +###ensure lower cases +declare -l DYNDNSNAME +declare -l YOURSERVERNAME +###read the current hostname +YOURSERVERNAME=$(hostname) +###ask the user what would be the domain name to request the certificate for +read -p "Your domain: " DYNDNSNAME +###request the certificate for the entered domain name +letsencrypt certonly -a webroot --webroot-path=/var/www/letsencrypt --rsa-key-size 4096 -d $DYNDNSNAME +###in case of any errors +if [ ! -d "/etc/letsencrypt/live" ]; then +errorSSL +###if no error appeared +else +copy4SSL +###remove the entry for the self signed certificates +sed -i '/ssl-cert-snakeoil/d' /etc/nginx/ssl.conf +###apply the new server/domain name to the NGINX vhost for Nextcloud +sed -i "s/server_name.*;/server_name $DYNDNSNAME;/" /etc/nginx/conf.d/nextcloud.conf +###change the placeholder values to the exact letsencrypt ones +sed -in 's/YOUR.DEDYN.IO/'$DYNDNSNAME'/' /etc/nginx/ssl.conf +###remove the '#' to enable these certificates/keys +sed -i s/\#\ssl/\ssl/g /etc/nginx/ssl.conf +###ensure that dhparam is commented as long it was not generated +sed -i s/ssl_dhparam/\#ssl_dhparam/g /etc/nginx/ssl.conf +###adjust Nextclous config.php to the new domain name +su - www-data -s /bin/bash -c 'php /var/www/nextcloud/occ config:system:set trusted_domains 1 --value=$DYNDNSNAME' +su - www-data -s /bin/bash -c 'php /var/www/nextcloud/occ config:system:set overwrite.cli.url --value=https://$DYNDNSNAME' +###restart the cloud environment +restart_all_services +clear +echo "++++++++++++++++++++++++++++++++++++++++++++++++++++" +echo "" +echo " Call: https://$DYNDNSNAME and enjoy your Nextcloud" +echo "" +echo "++++++++++++++++++++++++++++++++++++++++++++++++++++" +fi +### CleanUp ### +cat /dev/null > ~/.bash_history && history -c && history -w +exit 0