beenull/webinoly
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

ssl site improved

Browse source 
Check if letsencrypt is installed.
ssl-off now can run unattended
This commit is contained in:
Cristhian Martínez Ochoa 2018-04-03 13:02:39 -05:00
parent c83ba09ddd
commit 231eb61541
2 changed files with 24 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
lib/site-ssl
View file

@ -17,6 +17,12 @@ site_ssl_on() {
echo "${red}Please, enter a valid root path domain!${end}" echo "${red}Please, enter a valid root path domain!${end}"
exit 1 exit 1
fi fi
# Check if Letsencrypt is installed
if [[ $(conf_read nginx-tool) != "true" || ! -a /usr/bin/letsencrypt ]]; then
echo "${red}[ERROR] Seems like Let's Encrypt tool is not installed!${end}"
exit 1
fi
echo "${gre}" echo "${gre}"
echo "*************************************************************************************************" echo "*************************************************************************************************"
@ -27,7 +33,7 @@ site_ssl_on() {
echo "** read about the Let's Encrypt rate limit - https://letsencrypt.org/docs/rate-limits/ **" echo "** read about the Let's Encrypt rate limit - https://letsencrypt.org/docs/rate-limits/ **"
echo "** **" echo "** **"
echo "** Please, be sure your domain and www subdomain are currently pointing (DNS) to this server **" echo "** Please, be sure your domain and www subdomain are currently pointing (DNS) to this server **"
echo "*************************************************************************************************" echo "*************************************************************************************************${end}"
# We need an email to notify each renew intent (cron) # We need an email to notify each renew intent (cron)
while [[ -z $cermail ]] while [[ -z $cermail ]]
@ -73,13 +79,8 @@ site_ssl_on() {
cronmail=$( sudo grep -F "MAILTO=" /var/spool/cron/crontabs/root ) cronmail=$( sudo grep -F "MAILTO=" /var/spool/cron/crontabs/root )
cronrene=$( sudo grep -F "letsencrypt renew" /var/spool/cron/crontabs/root ) cronrene=$( sudo grep -F "letsencrypt renew" /var/spool/cron/crontabs/root )
if [[ -z $cronmail && -n $cermail && -z $cronrene ]]; then [[ -z $cronmail && -n $cermail && -z $cronrene ]] && echo "MAILTO=${cermail}" | sudo tee -a /var/spool/cron/crontabs/root
echo "MAILTO=${cermail}" | sudo tee -a /var/spool/cron/crontabs/root [[ -z $cronrene ]] && echo "15 3 * * 7 letsencrypt renew" | sudo tee -a /var/spool/cron/crontabs/root
fi
if [[ -z $cronrene ]]; then
echo "15 3 * * 7 letsencrypt renew" | sudo tee -a /var/spool/cron/crontabs/root
fi
echo "${gre}SSL have been successfully enabled for site $domain!${end}" echo "${gre}SSL have been successfully enabled for site $domain!${end}"
else else
echo "${red}" echo "${red}"
@ -96,15 +97,17 @@ site_ssl_off() {
sudo sed -i '/WebinolySSLstart/,/WebinolySSLend/{/.*/d}' /etc/nginx/sites-available/$domain sudo sed -i '/WebinolySSLstart/,/WebinolySSLend/{/.*/d}' /etc/nginx/sites-available/$domain
sudo sed -i '/WebinolySSLredirectStart/,/WebinolySSLredirectEnd/{/.*/d}' /etc/nginx/sites-available/$domain sudo sed -i '/WebinolySSLredirectStart/,/WebinolySSLredirectEnd/{/.*/d}' /etc/nginx/sites-available/$domain
echo "${blu}" if [[ -n $value && $value == "force" ]]; then
echo " Do you want to completely delete your certificate [y/N]? " answer=="N"
while read -r -n 1 -s answer; do else
answer=${answer:-n} echo "${blu}"
if [[ $answer = [YyNn] ]]; then echo " Do you want to delete your certificate files [y/N]? "
break while read -r -n 1 -s answer; do
fi answer=${answer:-n}
done [[ $answer = [YyNn] ]] && break
echo "${end}" done
echo "${end}"
fi
if [[ $answer == [Yy] ]]; then if [[ $answer == [Yy] ]]; then
#sudo letsencrypt delete --cert-name $domain #sudo letsencrypt delete --cert-name $domain
rm -rf /etc/letsencrypt/live/${domain} rm -rf /etc/letsencrypt/live/${domain}
@ -114,5 +117,5 @@ site_ssl_off() {
echo " Certificate for your site $domain has been completely removed!" echo " Certificate for your site $domain has been completely removed!"
echo "${end}" echo "${end}"
fi fi
echo "${gre}SSL have been successfully disabled for site $domain!${end}"
} }

15
plugins/site
View file

@ -31,7 +31,7 @@ fi
# Extract value if exist # Extract value if exist
if [[ $type == "-parked="* || $type == "-proxy="* || $type == "-wp="* || $type == "-wpsubdir="* || $type == "-wpsubdom="* ]]; then if [[ $type == "-parked="* || $type == "-proxy="* || $type == "-wp="* || $type == "-wpsubdir="* || $type == "-wpsubdom="* || $type == "-ssl-off="* ]]; then
value=$(echo "${type}" | cut -d'=' -f 2 -s) value=$(echo "${type}" | cut -d'=' -f 2 -s)
type=$(echo "${type}" | cut -d'=' -f 1 -s) type=$(echo "${type}" | cut -d'=' -f 1 -s)
fi fi
@ -274,22 +274,13 @@ elif [[ "$type" == "-delete" && -a /etc/nginx/sites-available/$domain ]]; then
# SSL enabled (Letsencrypt) # SSL enabled (Letsencrypt)
elif [[ "$type" == "-ssl-on" && -a /etc/nginx/sites-available/$domain ]]; then elif [[ "$type" == "-ssl-on" && -a /etc/nginx/sites-available/$domain ]]; then
isssl=$( grep -F "ssl on;" /etc/nginx/sites-available/$domain ) isssl=$( grep -F "ssl on;" /etc/nginx/sites-available/$domain )
if [[ -z $isssl ]]; then [[ -z $isssl ]] && site_ssl_on || echo "${red}SSL is already enabled for site $domain!${end}"
site_ssl_on
else
echo "${red}SSL is already enabled for site $domain!${end}"
fi
# SSL disabled (Letsencrypt) # SSL disabled (Letsencrypt)
elif [[ "$type" == "-ssl-off" && -a /etc/nginx/sites-available/$domain ]]; then elif [[ "$type" == "-ssl-off" && -a /etc/nginx/sites-available/$domain ]]; then
isssl=$( grep -F "ssl on;" /etc/nginx/sites-available/$domain ) isssl=$( grep -F "ssl on;" /etc/nginx/sites-available/$domain )
if [[ -n $isssl ]]; then [[ -n $isssl ]] && site_ssl_off || echo "${red}SSL is already disabled for site $domain!${end}"
site_ssl_off
echo "${gre}SSL have been successfully disabled for site $domain!${end}"
else
echo "${red}SSL is already disabled for site $domain!${end}"
fi
# FastCGI Cache disabled # FastCGI Cache disabled