-
-
Save cluppi/6792ca8b802d26919045 to your computer and use it in GitHub Desktop.
| #!/bin/sh | |
| # Config for SSL. | |
| echo "--- Making SSL Directory ---" | |
| mkdir /etc/nginx/ssl | |
| echo "--- Copying $i SSL crt and key ---" | |
| openssl req -nodes -new -x509 -keyout /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.crt -subj "/C=US/ST=NY/L=NYC/O=Dis/CN=www.example.com" | |
| echo "--- Turning SSL on in nginx.conf. ---" | |
| # Comment out this line if you prefer ssl on a per | |
| # server basis, rather for all sites on the vm. | |
| # If commented out you can access hosts on http | |
| # port 8000, and https port 44300. If uncommented, | |
| # you can ONLY access hosts via https on port 44300. | |
| sed -i "/sendfile on;/a \\ ssl on;" /etc/nginx/nginx.conf | |
| conf_files="/etc/nginx/sites-available/*" | |
| for file in $conf_files | |
| do | |
| echo "--- Inserting SSL directives into site's server file. ---" | |
| sed -i "/listen 80;/a \\\n listen 443 ssl;\n ssl_certificate /etc/nginx/ssl/server.crt;\n ssl_certificate_key /etc/nginx/ssl/server.key;\n\n" $file | |
| done | |
| echo "--- Restarting Serivces ---" | |
| service nginx restart | |
| service php5-fpm restart |
Can you please include a note about how to use this gist?
in the latest homestead 4.0.0 it fails:
...
==> homestead-7: --- Copying SSL crt and key ---
==> homestead-7: Generating a 2048 bit RSA private key
...
==> homestead-7: writing new private key to '/etc/nginx/ssl/server.key'
==> homestead-7: /etc/nginx/ssl/server.key: Permission denied
==> homestead-7: 140106523903640:error:0200100D:system library:fopen:Permission denied:bss_file.c:398:fopen('/etc/nginx/ssl/server.key','w')
==> homestead-7: 140106523903640:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
==> homestead-7: --- Turning SSL on in nginx.conf. ---
==> homestead-7: sed:
==> homestead-7: couldn't open temporary file /etc/nginx/sedUo2r1e: Permission denied
==> homestead-7: --- Inserting SSL directives into site's server file. ---
==> homestead-7: sed:
==> homestead-7: couldn't open temporary file /etc/nginx/sites-available/sedcX6Mqi: Permission denied
==> homestead-7: --- Inserting SSL directives into site's server file. ---
==> homestead-7: sed:
==> homestead-7: couldn't open temporary file /etc/nginx/sites-available/sednpXeli: Permission denied
==> homestead-7: --- Restarting Serivces ---
==> homestead-7: Failed to restart nginx.service: Interactive authentication required.
==> homestead-7: See system logs and 'systemctl status nginx.service' for details.
==> homestead-7: Failed to restart php5-fpm.service: Interactive authentication required.
==> homestead-7: See system logs and 'systemctl status php5-fpm.service' for details.
The SSH command responded with a non-zero exit status. Vagrant
assumes that this means the command failed. The output for this command
should be in the log above. Please read the output to determine what
went wrong.
Thanks for this!
@LinKassem: open your homestead folder (for me ~/.homestead/) and put it in after.sh in the root of that directory. There will probably already be an empty version of one there.
@FaustRayne, I'm getting the same error. Did you solve it?
I'm running Vagrant Homestead in a windows 10 machine
For the latest version of Vagrant Homestead. You no longer need this. You just have to get browsers to accept your self-signed certificates. Here's how I fixed mine for Chrome https://stackoverflow.com/questions/7580508/getting-chrome-to-accept-self-signed-localhost-certificate
Hi All,
Do we need to change www.example.com to our domain or site? Thanks
in the latest homestead 4.0.0 it fails:
...
==> homestead-7: --- Copying SSL crt and key ---
==> homestead-7: Generating a 2048 bit RSA private key
...
==> homestead-7: writing new private key to '/etc/nginx/ssl/server.key'
==> homestead-7: /etc/nginx/ssl/server.key: Permission denied
==> homestead-7: 140106523903640:error:0200100D:system library:fopen:Permission denied:bss_file.c:398:fopen('/etc/nginx/ssl/server.key','w')
==> homestead-7: 140106523903640:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
==> homestead-7: --- Turning SSL on in nginx.conf. ---
==> homestead-7: sed:
==> homestead-7: couldn't open temporary file /etc/nginx/sedUo2r1e: Permission denied
==> homestead-7: --- Inserting SSL directives into site's server file. ---
==> homestead-7: sed:
==> homestead-7: couldn't open temporary file /etc/nginx/sites-available/sedcX6Mqi: Permission denied
==> homestead-7: --- Inserting SSL directives into site's server file. ---
==> homestead-7: sed:
==> homestead-7: couldn't open temporary file /etc/nginx/sites-available/sednpXeli: Permission denied
==> homestead-7: --- Restarting Serivces ---
==> homestead-7: Failed to restart nginx.service: Interactive authentication required.
==> homestead-7: See system logs and 'systemctl status nginx.service' for details.
==> homestead-7: Failed to restart php5-fpm.service: Interactive authentication required.
==> homestead-7: See system logs and 'systemctl status php5-fpm.service' for details.
The SSH command responded with a non-zero exit status. Vagrant
assumes that this means the command failed. The output for this command
should be in the log above. Please read the output to determine what
went wrong.
Says in the exception that sed does not have enough permission to execute given command. You can fix that by prepending sudo to every sed command in the after.sh file.
This is excellent - thanks