ssl site improved
Check if letsencrypt is installed. ssl-off now can run unattended
This commit is contained in:
parent
c83ba09ddd
commit
231eb61541
39
lib/site-ssl
39
lib/site-ssl
|
@ -17,6 +17,12 @@ site_ssl_on() {
|
||||||
echo "${red}Please, enter a valid root path domain!${end}"
|
echo "${red}Please, enter a valid root path domain!${end}"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Check if Letsencrypt is installed
|
||||||
|
if [[ $(conf_read nginx-tool) != "true" || ! -a /usr/bin/letsencrypt ]]; then
|
||||||
|
echo "${red}[ERROR] Seems like Let's Encrypt tool is not installed!${end}"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
echo "${gre}"
|
echo "${gre}"
|
||||||
echo "*************************************************************************************************"
|
echo "*************************************************************************************************"
|
||||||
|
@ -27,7 +33,7 @@ site_ssl_on() {
|
||||||
echo "** read about the Let's Encrypt rate limit - https://letsencrypt.org/docs/rate-limits/ **"
|
echo "** read about the Let's Encrypt rate limit - https://letsencrypt.org/docs/rate-limits/ **"
|
||||||
echo "** **"
|
echo "** **"
|
||||||
echo "** Please, be sure your domain and www subdomain are currently pointing (DNS) to this server **"
|
echo "** Please, be sure your domain and www subdomain are currently pointing (DNS) to this server **"
|
||||||
echo "*************************************************************************************************"
|
echo "*************************************************************************************************${end}"
|
||||||
|
|
||||||
# We need an email to notify each renew intent (cron)
|
# We need an email to notify each renew intent (cron)
|
||||||
while [[ -z $cermail ]]
|
while [[ -z $cermail ]]
|
||||||
|
@ -73,13 +79,8 @@ site_ssl_on() {
|
||||||
|
|
||||||
cronmail=$( sudo grep -F "MAILTO=" /var/spool/cron/crontabs/root )
|
cronmail=$( sudo grep -F "MAILTO=" /var/spool/cron/crontabs/root )
|
||||||
cronrene=$( sudo grep -F "letsencrypt renew" /var/spool/cron/crontabs/root )
|
cronrene=$( sudo grep -F "letsencrypt renew" /var/spool/cron/crontabs/root )
|
||||||
if [[ -z $cronmail && -n $cermail && -z $cronrene ]]; then
|
[[ -z $cronmail && -n $cermail && -z $cronrene ]] && echo "MAILTO=${cermail}" | sudo tee -a /var/spool/cron/crontabs/root
|
||||||
echo "MAILTO=${cermail}" | sudo tee -a /var/spool/cron/crontabs/root
|
[[ -z $cronrene ]] && echo "15 3 * * 7 letsencrypt renew" | sudo tee -a /var/spool/cron/crontabs/root
|
||||||
fi
|
|
||||||
if [[ -z $cronrene ]]; then
|
|
||||||
echo "15 3 * * 7 letsencrypt renew" | sudo tee -a /var/spool/cron/crontabs/root
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "${gre}SSL have been successfully enabled for site $domain!${end}"
|
echo "${gre}SSL have been successfully enabled for site $domain!${end}"
|
||||||
else
|
else
|
||||||
echo "${red}"
|
echo "${red}"
|
||||||
|
@ -96,15 +97,17 @@ site_ssl_off() {
|
||||||
sudo sed -i '/WebinolySSLstart/,/WebinolySSLend/{/.*/d}' /etc/nginx/sites-available/$domain
|
sudo sed -i '/WebinolySSLstart/,/WebinolySSLend/{/.*/d}' /etc/nginx/sites-available/$domain
|
||||||
sudo sed -i '/WebinolySSLredirectStart/,/WebinolySSLredirectEnd/{/.*/d}' /etc/nginx/sites-available/$domain
|
sudo sed -i '/WebinolySSLredirectStart/,/WebinolySSLredirectEnd/{/.*/d}' /etc/nginx/sites-available/$domain
|
||||||
|
|
||||||
echo "${blu}"
|
if [[ -n $value && $value == "force" ]]; then
|
||||||
echo " Do you want to completely delete your certificate [y/N]? "
|
answer=="N"
|
||||||
while read -r -n 1 -s answer; do
|
else
|
||||||
answer=${answer:-n}
|
echo "${blu}"
|
||||||
if [[ $answer = [YyNn] ]]; then
|
echo " Do you want to delete your certificate files [y/N]? "
|
||||||
break
|
while read -r -n 1 -s answer; do
|
||||||
fi
|
answer=${answer:-n}
|
||||||
done
|
[[ $answer = [YyNn] ]] && break
|
||||||
echo "${end}"
|
done
|
||||||
|
echo "${end}"
|
||||||
|
fi
|
||||||
if [[ $answer == [Yy] ]]; then
|
if [[ $answer == [Yy] ]]; then
|
||||||
#sudo letsencrypt delete --cert-name $domain
|
#sudo letsencrypt delete --cert-name $domain
|
||||||
rm -rf /etc/letsencrypt/live/${domain}
|
rm -rf /etc/letsencrypt/live/${domain}
|
||||||
|
@ -114,5 +117,5 @@ site_ssl_off() {
|
||||||
echo " Certificate for your site $domain has been completely removed!"
|
echo " Certificate for your site $domain has been completely removed!"
|
||||||
echo "${end}"
|
echo "${end}"
|
||||||
fi
|
fi
|
||||||
|
echo "${gre}SSL have been successfully disabled for site $domain!${end}"
|
||||||
}
|
}
|
||||||
|
|
15
plugins/site
15
plugins/site
|
@ -31,7 +31,7 @@ fi
|
||||||
|
|
||||||
|
|
||||||
# Extract value if exist
|
# Extract value if exist
|
||||||
if [[ $type == "-parked="* || $type == "-proxy="* || $type == "-wp="* || $type == "-wpsubdir="* || $type == "-wpsubdom="* ]]; then
|
if [[ $type == "-parked="* || $type == "-proxy="* || $type == "-wp="* || $type == "-wpsubdir="* || $type == "-wpsubdom="* || $type == "-ssl-off="* ]]; then
|
||||||
value=$(echo "${type}" | cut -d'=' -f 2 -s)
|
value=$(echo "${type}" | cut -d'=' -f 2 -s)
|
||||||
type=$(echo "${type}" | cut -d'=' -f 1 -s)
|
type=$(echo "${type}" | cut -d'=' -f 1 -s)
|
||||||
fi
|
fi
|
||||||
|
@ -274,22 +274,13 @@ elif [[ "$type" == "-delete" && -a /etc/nginx/sites-available/$domain ]]; then
|
||||||
# SSL enabled (Letsencrypt)
|
# SSL enabled (Letsencrypt)
|
||||||
elif [[ "$type" == "-ssl-on" && -a /etc/nginx/sites-available/$domain ]]; then
|
elif [[ "$type" == "-ssl-on" && -a /etc/nginx/sites-available/$domain ]]; then
|
||||||
isssl=$( grep -F "ssl on;" /etc/nginx/sites-available/$domain )
|
isssl=$( grep -F "ssl on;" /etc/nginx/sites-available/$domain )
|
||||||
if [[ -z $isssl ]]; then
|
[[ -z $isssl ]] && site_ssl_on || echo "${red}SSL is already enabled for site $domain!${end}"
|
||||||
site_ssl_on
|
|
||||||
else
|
|
||||||
echo "${red}SSL is already enabled for site $domain!${end}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
# SSL disabled (Letsencrypt)
|
# SSL disabled (Letsencrypt)
|
||||||
elif [[ "$type" == "-ssl-off" && -a /etc/nginx/sites-available/$domain ]]; then
|
elif [[ "$type" == "-ssl-off" && -a /etc/nginx/sites-available/$domain ]]; then
|
||||||
isssl=$( grep -F "ssl on;" /etc/nginx/sites-available/$domain )
|
isssl=$( grep -F "ssl on;" /etc/nginx/sites-available/$domain )
|
||||||
if [[ -n $isssl ]]; then
|
[[ -n $isssl ]] && site_ssl_off || echo "${red}SSL is already disabled for site $domain!${end}"
|
||||||
site_ssl_off
|
|
||||||
echo "${gre}SSL have been successfully disabled for site $domain!${end}"
|
|
||||||
else
|
|
||||||
echo "${red}SSL is already disabled for site $domain!${end}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
# FastCGI Cache disabled
|
# FastCGI Cache disabled
|
||||||
|
|
Loading…
Reference in a new issue