Update setup.sh
This commit is contained in:
borekon
parent
05f4db10f2
commit
80d9a9e5f5
82
setup.sh
82
setup.sh
|
|
@ -46,7 +46,7 @@ case ${answer:0:1} in
|
|||
wget https://download.webmin.com/jcameron-key.asc
|
||||
${SUDO} sudo gpg --dearmor jcameron-key.asc
|
||||
${SUDO} sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys d97a3ae911f63c51
|
||||
rm jcameron-key.asc
|
||||
${SUDO} rm jcameron-key.asc
|
||||
${SUDO} apt update && ${SUDO} apt install webmin && WEBMIN=1
|
||||
read -p "Press enter to continue"
|
||||
;;
|
||||
|
|
@ -68,46 +68,46 @@ case ${answer:0:1} in
|
|||
;;
|
||||
esac
|
||||
if [ $WEBMIN != 0 ]
|
||||
then
|
||||
echo -e "${ITALICGREEN}Stopping Webmin${ENDCOLOR}"
|
||||
${SUDO} systemctl stop webmin
|
||||
${SUDO} certbot certonly --standalone
|
||||
${SUDO} cat /etc/letsencrypt/live/$HOSTNAME/privkey.pem /etc/letsencrypt/live/$HOSTNAME/cert.pem | ${SUDO} tee /etc/letsencrypt/live/$HOSTNAME/combined.pem
|
||||
rm /etc/webmin/miniserv.pem
|
||||
${SUDO} ln -s /etc/letsencrypt/live/$HOSTNAME/combined.pem /etc/webmin/miniserv.pem
|
||||
${SUDO} systemctl start webmin
|
||||
else
|
||||
#echo No
|
||||
then
|
||||
echo -e "${ITALICGREEN}Stopping Webmin${ENDCOLOR}"
|
||||
${SUDO} systemctl stop webmin
|
||||
${SUDO} certbot certonly --standalone
|
||||
${SUDO} cat /etc/letsencrypt/live/$HOSTNAME/privkey.pem /etc/letsencrypt/live/$HOSTNAME/cert.pem | ${SUDO} tee /etc/letsencrypt/live/$HOSTNAME/combined.pem
|
||||
rm /etc/webmin/miniserv.pem
|
||||
${SUDO} ln -s /etc/letsencrypt/live/$HOSTNAME/combined.pem /etc/webmin/miniserv.pem
|
||||
${SUDO} systemctl start webmin
|
||||
else
|
||||
#echo No
|
||||
fi
|
||||
if [ -d "/etc/lighttpd" ]
|
||||
then
|
||||
read -p "Request let's encrypt certificate for lighttpd(y/n)" answer
|
||||
case ${answer:0:1} in
|
||||
y|Y )
|
||||
echo -e "${ITALICGREEN}Stopping lighttpd${ENDCOLOR}"
|
||||
${SUDO} systemctl stop lighttpd
|
||||
${SUDO} echo '# /usr/share/doc/lighttpd/ssl.txt' > /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo '$SERVER["socket"] == "0.0.0.0:443" {' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' ssl.engine = "enable"' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo " ssl.pemfile = \"/etc/letsencrypt/live/$HOSTNAME/combined.pem\"" >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo " ssl.ca-file = \"/etc/letsencrypt/live/$HOSTNAME/fullchain.pem\"" >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' ssl.honor-cipher-order = "enable"' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' ssl.use-sslv2 = "disable"' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' ssl.use-sslv3 = "disable"' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo '}' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo '$HTTP["scheme"] == "http" {' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' $HTTP["host"] =~ ".*" {' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' url.redirect = ("^/admin/.*" => "https://%0$0")' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' }' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo '}' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/
|
||||
${SUDO} systemctl start lighttpd
|
||||
;;
|
||||
* )
|
||||
echo -e SSL certificate was "${BOLDRED}NOT${ENDCOLOR}" installed
|
||||
;;
|
||||
esac
|
||||
else
|
||||
#echo No
|
||||
then
|
||||
read -p "Request let's encrypt certificate for lighttpd(y/n)" answer
|
||||
case ${answer:0:1} in
|
||||
y|Y )
|
||||
echo -e "${ITALICGREEN}Stopping lighttpd${ENDCOLOR}"
|
||||
${SUDO} systemctl stop lighttpd
|
||||
${SUDO} echo '# /usr/share/doc/lighttpd/ssl.txt' > /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo '$SERVER["socket"] == "0.0.0.0:443" {' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' ssl.engine = "enable"' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo " ssl.pemfile = \"/etc/letsencrypt/live/$HOSTNAME/combined.pem\"" >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo " ssl.ca-file = \"/etc/letsencrypt/live/$HOSTNAME/fullchain.pem\"" >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' ssl.honor-cipher-order = "enable"' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' ssl.use-sslv2 = "disable"' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' ssl.use-sslv3 = "disable"' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo '}' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo '$HTTP["scheme"] == "http" {' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' $HTTP["host"] =~ ".*" {' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' url.redirect = ("^/admin/.*" => "https://%0$0")' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo ' }' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} echo '}' >> /etc/lighttpd/conf-available/10-ssl.conf
|
||||
${SUDO} ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/
|
||||
${SUDO} systemctl start lighttpd
|
||||
;;
|
||||
* )
|
||||
echo -e SSL certificate was "${BOLDRED}NOT${ENDCOLOR}" installed
|
||||
;;
|
||||
esac
|
||||
else
|
||||
#echo No
|
||||
fi
|
||||
Loading…
Reference in New Issue
Block a user