From 644ec92cc9a5f7fbc1a8c8d929dcd282603972dc Mon Sep 17 00:00:00 2001 From: Azeem Fidahusein Date: Tue, 24 Jun 2025 21:03:49 +0100 Subject: [PATCH] logic update --- deploy.sh | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/deploy.sh b/deploy.sh index 9d4bfa5..d4fb222 100755 --- a/deploy.sh +++ b/deploy.sh @@ -1,16 +1,16 @@ #!/bin/bash # ============================================================================== -# NGINX CONFIG & SSL DEPLOYMENT SCRIPT (v5) +# NGINX CONFIG & SSL DEPLOYMENT SCRIPT (v6) # # This script securely copies NGINX configuration files, tests the config, -# reloads Nginx, and then automates running Certbot to issue SSL certificates -# for all domains found in the `sites-available` directory. +# reloads Nginx, and then automates running Certbot to issue/expand SSL +# certificates for all domains found in the `sites-available` directory. # # INSTRUCTIONS: # 1. Ensure Certbot is installed on the remote server. # (e.g., `sudo apt install certbot python3-certbot-nginx`) -# 2. Update the CERTBOT_EMAIL variable below. +# 2. !! IMPORTANT !! Update the CERTBOT_EMAIL variable below. # 3. Make the script executable: chmod +x .sh # 4. Run the script: ./.sh # ============================================================================== @@ -18,7 +18,7 @@ # --- Configuration --- REMOTE_USER="ubuntu" # The user you SSH in with (e.g., ubuntu, ec2-user) REMOTE_HOST="3.9.182.122" # The IP address or domain of your server -CERTBOT_EMAIL="your-email@example.com" # Email for Let's Encrypt account +CERTBOT_EMAIL="your-email@example.com" # !! IMPORTANT: CHANGE THIS !! Email for Let's Encrypt account # --- File & Path Definitions --- KEY_FILE="~/repos/azeem-macbookair.pem" @@ -41,6 +41,10 @@ echo "--------------------------------------------------------" EVAL_KEY_FILE=$(eval echo "$KEY_FILE") # --- Pre-flight Checks --- +if [ "$CERTBOT_EMAIL" == "your-email@example.com" ]; then + echo "❌ ERROR: Please update the CERTBOT_EMAIL variable in this script before running." + exit 1 +fi if [ ! -f "$EVAL_KEY_FILE" ]; then echo "❌ ERROR: SSH key not found at $EVAL_KEY_FILE" exit 1 @@ -58,7 +62,7 @@ fi echo "-> Scanning local 'sites-available' for unique domain names..." # This robust command finds all 'server_name' entries, handles multiple domains # per line, removes duplicates, and creates a clean, space-separated list. -ALL_DOMAINS=$(grep -r "server_name" "$SOURCE_SITES_DIR" | sed 's/.*server_name\s*//' | sed 's/;//' | xargs -n1 | sort -u | tr '\n' ' ' | sed 's/ *$//') +ALL_DOMAINS=$(grep -h -r "server_name" "$SOURCE_SITES_DIR" | sed 's/.*server_name\s*//' | sed 's/;//' | xargs -n1 | sort -u | tr '\n' ' ' | sed 's/ *$//') if [ -z "$ALL_DOMAINS" ]; then echo "⚠️ WARNING: No domains found in 'sites-available' config files. Skipping Certbot step later." @@ -132,9 +136,9 @@ if [ -n "$ALL_DOMAINS" ]; then # Format domains for the certbot command (-d domain1 -d domain2 etc.) CERTBOT_DOMAINS=$(echo "$ALL_DOMAINS" | sed 's/ / -d /g' | sed 's/^/-d /') - echo "- Running Certbot on the server. This may require interaction on the first run..." + echo "- Running Certbot on the server..." ssh -t -i "$EVAL_KEY_FILE" "${REMOTE_USER}@${REMOTE_HOST}" \ - "sudo certbot --nginx --non-interactive --agree-tos --email $CERTBOT_EMAIL --redirect $CERTBOT_DOMAINS" + "sudo certbot --nginx --non-interactive --agree-tos --email $CERTBOT_EMAIL --redirect --expand $CERTBOT_DOMAINS" if [ $? -eq 0 ]; then echo " ✅ Certbot process completed."