-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path2-create-domain
executable file
·62 lines (49 loc) · 2.15 KB
/
2-create-domain
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#!/bin/bash
# set -x
init(){
SCRIPT=$(realpath $0)
SCRIPTPATH=$(dirname $SCRIPT)
GREEN='\033[0;32m'
RED='\033[0;31m'
CYAN='\033[0;36m'
NC='\033[0m' # No Color
tools_path=$SCRIPTPATH
. config.ini
}
clearmsg(){
msg=$1
printf "${CYAN}${msg}${NC}\n"
}
main(){
init
echo "Domain name to create"
read domain_name
echo -e "\n\n"
docker ps --format '{{.Names}}\n{{.Ports}}\n'
echo -e "\nContainer name to redirect to"
read container_name
echo -e "\nContainer port to redirect to"
read container_port
# A basic NGINX HTTP (port 80) config is installed in the Reverse Proxy directory
cp $tools_path/sources/nginx-beforecert.conf $reverse_proxy_defpath/${domain_name}.conf || echo "Fail to copy nginx-beforecert.conf to $reverse_proxy_defpath"
sed -i -e "s/{{domain-name}}/$domain_name/g" -e "s/{{container-name}}/$container_name/g" -e "s/{{container-port}}/$container_port/g" $reverse_proxy_defpath/${domain_name}.conf
# Restart Reverse Proxy with a basic HTTP (port 80) config for the new domain
# See the challenge can be seen by Let's Encrypt
docker exec $reverse_proxy pkill -HUP nginx
# Certbot sets the challenge in subdirectories of the HTTP website
# then download certs and adjust config to include HTTPS (443)
docker exec -it $reverse_proxy certbot --agree-tos -n -d ${domain_name} --nginx -m ${email}
# Install some obscure TLS parameters
if [ ! -f "$reverse_proxy_certpath/options-ssl-nginx.conf" ] || [ ! -e "$reverse_proxy_certpath/ssl-dhparams.pem" ]; then
mkdir -p "$reverse_proxy_certpath"
curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf > "$reverse_proxy_certpath/options-ssl-nginx.conf"
curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem > "$reverse_proxy_certpath/ssl-dhparams.pem"
fi
if ! docker exec $reverse_proxy nginx -t; then
echo -e "nginx configuration is corrupted! Reverse Proxy probably won't restart"
exit 1
fi
# Now we reload Reverse Proxy to take into account the final config (HTTP/HTTPS)
docker exec $reverse_proxy pkill -HUP nginx
}
main $@