From 80d9a9e5f5bf2ac2b5ffd9e3e9982d1e90105522 Mon Sep 17 00:00:00 2001 From: borekon Date: Mon, 14 Mar 2022 14:03:16 +0100 Subject: [PATCH] Update setup.sh --- setup.sh | 82 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 41 insertions(+), 41 deletions(-) diff --git a/setup.sh b/setup.sh index a1383c4..82bcb08 100644 --- a/setup.sh +++ b/setup.sh @@ -46,7 +46,7 @@ case ${answer:0:1} in wget https://download.webmin.com/jcameron-key.asc ${SUDO} sudo gpg --dearmor jcameron-key.asc ${SUDO} sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys d97a3ae911f63c51 - rm jcameron-key.asc + ${SUDO} rm jcameron-key.asc ${SUDO} apt update && ${SUDO} apt install webmin && WEBMIN=1 read -p "Press enter to continue" ;; @@ -68,46 +68,46 @@ case ${answer:0:1} in ;; esac if [ $WEBMIN != 0 ] - then - echo -e "${ITALICGREEN}Stopping Webmin${ENDCOLOR}" - ${SUDO} systemctl stop webmin - ${SUDO} certbot certonly --standalone - ${SUDO} cat /etc/letsencrypt/live/$HOSTNAME/privkey.pem /etc/letsencrypt/live/$HOSTNAME/cert.pem | ${SUDO} tee /etc/letsencrypt/live/$HOSTNAME/combined.pem - rm /etc/webmin/miniserv.pem - ${SUDO} ln -s /etc/letsencrypt/live/$HOSTNAME/combined.pem /etc/webmin/miniserv.pem - ${SUDO} systemctl start webmin - else - #echo No +then + echo -e "${ITALICGREEN}Stopping Webmin${ENDCOLOR}" + ${SUDO} systemctl stop webmin + ${SUDO} certbot certonly --standalone + ${SUDO} cat /etc/letsencrypt/live/$HOSTNAME/privkey.pem /etc/letsencrypt/live/$HOSTNAME/cert.pem | ${SUDO} tee /etc/letsencrypt/live/$HOSTNAME/combined.pem + rm /etc/webmin/miniserv.pem + ${SUDO} ln -s /etc/letsencrypt/live/$HOSTNAME/combined.pem /etc/webmin/miniserv.pem + ${SUDO} systemctl start webmin +else + #echo No fi if [ -d "/etc/lighttpd" ] - then - read -p "Request let's encrypt certificate for lighttpd(y/n)" answer - case ${answer:0:1} in - y|Y ) - echo -e "${ITALICGREEN}Stopping lighttpd${ENDCOLOR}" - ${SUDO} systemctl stop lighttpd - ${SUDO} echo '# /usr/share/doc/lighttpd/ssl.txt' > /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo '$SERVER["socket"] == "0.0.0.0:443" {' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo ' ssl.engine = "enable"' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo " ssl.pemfile = \"/etc/letsencrypt/live/$HOSTNAME/combined.pem\"" >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo " ssl.ca-file = \"/etc/letsencrypt/live/$HOSTNAME/fullchain.pem\"" >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo ' ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo ' ssl.honor-cipher-order = "enable"' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo ' ssl.use-sslv2 = "disable"' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo ' ssl.use-sslv3 = "disable"' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo '}' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo '$HTTP["scheme"] == "http" {' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo ' $HTTP["host"] =~ ".*" {' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo ' url.redirect = ("^/admin/.*" => "https://%0$0")' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo ' }' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} echo '}' >> /etc/lighttpd/conf-available/10-ssl.conf - ${SUDO} ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/ - ${SUDO} systemctl start lighttpd - ;; - * ) - echo -e SSL certificate was "${BOLDRED}NOT${ENDCOLOR}" installed - ;; - esac - else - #echo No +then + read -p "Request let's encrypt certificate for lighttpd(y/n)" answer + case ${answer:0:1} in + y|Y ) + echo -e "${ITALICGREEN}Stopping lighttpd${ENDCOLOR}" + ${SUDO} systemctl stop lighttpd + ${SUDO} echo '# /usr/share/doc/lighttpd/ssl.txt' > /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo '$SERVER["socket"] == "0.0.0.0:443" {' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' ssl.engine = "enable"' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo " ssl.pemfile = \"/etc/letsencrypt/live/$HOSTNAME/combined.pem\"" >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo " ssl.ca-file = \"/etc/letsencrypt/live/$HOSTNAME/fullchain.pem\"" >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' ssl.honor-cipher-order = "enable"' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' ssl.use-sslv2 = "disable"' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' ssl.use-sslv3 = "disable"' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo '}' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo '$HTTP["scheme"] == "http" {' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' $HTTP["host"] =~ ".*" {' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' url.redirect = ("^/admin/.*" => "https://%0$0")' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo ' }' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} echo '}' >> /etc/lighttpd/conf-available/10-ssl.conf + ${SUDO} ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/ + ${SUDO} systemctl start lighttpd + ;; + * ) + echo -e SSL certificate was "${BOLDRED}NOT${ENDCOLOR}" installed + ;; + esac +else + #echo No fi \ No newline at end of file