Created
March 20, 2022 11:02
-
-
Save kvlknctk/27871bc3e6b00bb02003fb9c62ea76d0 to your computer and use it in GitHub Desktop.
nginxManuel.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| if [ -z "$1" ]; then | |
| echo "Enter domain:" | |
| read server_name | |
| else | |
| server_name=$1 | |
| fi | |
| echo $server_name | |
| read -p "Create a conf file for Nginx?" | |
| touch /etc/nginx/sites-available/$server_name.conf | |
| cat << EOF > /etc/nginx/sites-available/$server_name.conf | |
| server { | |
| listen 80; | |
| listen [::]:80; | |
| server_name $server_name; | |
| location ^~ /.well-known/acme-challenge/ { | |
| default_type "text/plain"; | |
| root /home; | |
| } | |
| location = /.well-known/acme-challenge/ { | |
| return 404; | |
| } | |
| } | |
| EOF | |
| sudo systemctl restart nginx | |
| sudo service nginx reload | |
| ln -s /etc/nginx/sites-available/$server_name.conf /etc/nginx/sites-enabled/$server_name.conf | |
| certbot certonly --cert-name $server_name --force-renewal --nginx -d $server_name | |
| sudo systemctl restart nginx | |
| sudo service nginx reload | |
| read -p "Go to cloudflare, disable ssl, challenge certificate." | |
| cat << EOF >> /etc/nginx/sites-available/$server_name.conf | |
| server { | |
| listen 443; | |
| listen [::]:443; | |
| server_name $server_name; | |
| EOF | |
| cat << 'EOF' >> /etc/nginx/sites-available/$server_name.conf | |
| # ensure all static content can always be found first | |
| location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$ | |
| { | |
| add_header 'Access-Control-Allow-Origin' '*'; | |
| # cache all versioned files | |
| if ($arg_v) { | |
| expires 1y; | |
| } | |
| } | |
| location ~ ^/([^/?&:'"]+)$ { | |
| try_files $uri @root_path; | |
| } | |
| EOF | |
| echo "Enter Project Port on Server:" | |
| read docker_port | |
| cat << EOF >> /etc/nginx/sites-available/$server_name.conf | |
| # Docker | |
| location / { | |
| proxy_pass http://127.0.0.1:$docker_port; | |
| EOF | |
| cat << 'EOF' >> /etc/nginx/sites-available/$server_name.conf | |
| proxy_set_header X-Forwarded-For $remote_addr; | |
| proxy_set_header Host $http_host; | |
| } | |
| EOF | |
| cat << EOF >> /etc/nginx/sites-available/$server_name.conf | |
| ssl_certificate /etc/letsencrypt/live/$server_name/fullchain.pem; | |
| ssl_certificate_key /etc/letsencrypt/live/$server_name/privkey.pem; | |
| } | |
| EOF | |
| sudo systemctl restart nginx | |
| sudo service nginx reload |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment