57 lines
1.4 KiB
Bash
Executable file
57 lines
1.4 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
|
|
if [[ $UID -ne 0 ]]; then
|
|
echo "This script must be run as root."
|
|
exit 1
|
|
fi
|
|
|
|
# Chemin relatif pour les cas où
|
|
# le script n'est pas exécuté depuis
|
|
# le répertoire où il se trouve.
|
|
rel_path="$(dirname "$0")"
|
|
|
|
# Fichiers requis pour le script
|
|
files=('dhparam.txt' 'nginx.conf' 'reverse-proxy.conf' 'service.conf')
|
|
for file in "${files[@]}"; do
|
|
if ! [[ -f "$rel_path/$file" ]]; then
|
|
echo "Required file $file is missing, exiting."
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
|
|
if [[ ! -x /usr/sbin/nginx ]]; then
|
|
apt install -y nginx
|
|
fi
|
|
|
|
|
|
mkdir /etc/systemd/system/nginx.service.d 2> /dev/null
|
|
|
|
|
|
if ! diff "$rel_path/service.conf" /etc/systemd/system/nginx.service.d/service.conf &> /dev/null; then
|
|
cp "$rel_path/service.conf" "/etc/systemd/system/nginx.service.d/service.conf"
|
|
systemctl daemon-reload
|
|
systemctl restart nginx
|
|
fi
|
|
|
|
|
|
cp "$rel_path/nginx.conf" /etc/nginx/
|
|
cp "$rel_path/reverse-proxy.conf" /etc/nginx/sites-available/
|
|
cp "$rel_path/dhparam.txt" /etc/nginx/
|
|
|
|
|
|
rm /etc/nginx/sites-enabled/*
|
|
ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf
|
|
|
|
|
|
chown root:www-data /etc/letsencrypt/archive/ /etc/letsencrypt/live/
|
|
chmod 750 /etc/letsencrypt/archive/ /etc/letsencrypt/live/
|
|
|
|
|
|
chown -L root:www-data /etc/letsencrypt/live/viyurz.fr/privkey.pem
|
|
chmod 640 /etc/letsencrypt/live/viyurz.fr/privkey.pem
|
|
|
|
|
|
systemctl start nginx
|
|
systemctl reload nginx
|