azeem/nginx-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

logic update

Browse Source
This commit is contained in:
Azeem Fidahusein
2025-06-24 21:03:49 +01:00
parent 8e450a9f25
commit 644ec92cc9
1 changed files with 12 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
deploy.sh
View File

@@ -1,16 +1,16 @@
#!/bin/bash #!/bin/bash
# ============================================================================== # ==============================================================================
# NGINX CONFIG & SSL DEPLOYMENT SCRIPT (v5) # NGINX CONFIG & SSL DEPLOYMENT SCRIPT (v6)
# #
# This script securely copies NGINX configuration files, tests the config, # This script securely copies NGINX configuration files, tests the config,
# reloads Nginx, and then automates running Certbot to issue SSL certificates # reloads Nginx, and then automates running Certbot to issue/expand SSL
# for all domains found in the `sites-available` directory. # certificates for all domains found in the `sites-available` directory.
# #
# INSTRUCTIONS: # INSTRUCTIONS:
# 1. Ensure Certbot is installed on the remote server. # 1. Ensure Certbot is installed on the remote server.
# (e.g., `sudo apt install certbot python3-certbot-nginx`) # (e.g., `sudo apt install certbot python3-certbot-nginx`)
# 2. Update the CERTBOT_EMAIL variable below. # 2. !! IMPORTANT !! Update the CERTBOT_EMAIL variable below.
# 3. Make the script executable: chmod +x <script_name>.sh # 3. Make the script executable: chmod +x <script_name>.sh
# 4. Run the script: ./<script_name>.sh # 4. Run the script: ./<script_name>.sh
# ============================================================================== # ==============================================================================
@@ -18,7 +18,7 @@
# --- Configuration --- # --- Configuration ---
REMOTE_USER="ubuntu" # The user you SSH in with (e.g., ubuntu, ec2-user) REMOTE_USER="ubuntu" # The user you SSH in with (e.g., ubuntu, ec2-user)
REMOTE_HOST="3.9.182.122" # The IP address or domain of your server REMOTE_HOST="3.9.182.122" # The IP address or domain of your server
CERTBOT_EMAIL="your-email@example.com" # Email for Let's Encrypt account CERTBOT_EMAIL="your-email@example.com" # !! IMPORTANT: CHANGE THIS !! Email for Let's Encrypt account
# --- File & Path Definitions --- # --- File & Path Definitions ---
KEY_FILE="~/repos/azeem-macbookair.pem" KEY_FILE="~/repos/azeem-macbookair.pem"
@@ -41,6 +41,10 @@ echo "--------------------------------------------------------"
EVAL_KEY_FILE=$(eval echo "$KEY_FILE") EVAL_KEY_FILE=$(eval echo "$KEY_FILE")
# --- Pre-flight Checks --- # --- Pre-flight Checks ---
if [ "$CERTBOT_EMAIL" == "your-email@example.com" ]; then
echo "❌ ERROR: Please update the CERTBOT_EMAIL variable in this script before running."
exit 1
fi
if [ ! -f "$EVAL_KEY_FILE" ]; then if [ ! -f "$EVAL_KEY_FILE" ]; then
echo "❌ ERROR: SSH key not found at $EVAL_KEY_FILE" echo "❌ ERROR: SSH key not found at $EVAL_KEY_FILE"
exit 1 exit 1
@@ -58,7 +62,7 @@ fi
echo "-> Scanning local 'sites-available' for unique domain names..." echo "-> Scanning local 'sites-available' for unique domain names..."
# This robust command finds all 'server_name' entries, handles multiple domains # This robust command finds all 'server_name' entries, handles multiple domains
# per line, removes duplicates, and creates a clean, space-separated list. # per line, removes duplicates, and creates a clean, space-separated list.
ALL_DOMAINS=$(grep -r "server_name" "$SOURCE_SITES_DIR" | sed 's/.*server_name\s*//' | sed 's/;//' | xargs -n1 | sort -u | tr '\n' ' ' | sed 's/ *$//') ALL_DOMAINS=$(grep -h -r "server_name" "$SOURCE_SITES_DIR" | sed 's/.*server_name\s*//' | sed 's/;//' | xargs -n1 | sort -u | tr '\n' ' ' | sed 's/ *$//')
if [ -z "$ALL_DOMAINS" ]; then if [ -z "$ALL_DOMAINS" ]; then
echo "⚠️ WARNING: No domains found in 'sites-available' config files. Skipping Certbot step later." echo "⚠️ WARNING: No domains found in 'sites-available' config files. Skipping Certbot step later."
@@ -132,9 +136,9 @@ if [ -n "$ALL_DOMAINS" ]; then
# Format domains for the certbot command (-d domain1 -d domain2 etc.) # Format domains for the certbot command (-d domain1 -d domain2 etc.)
CERTBOT_DOMAINS=$(echo "$ALL_DOMAINS" | sed 's/ / -d /g' | sed 's/^/-d /') CERTBOT_DOMAINS=$(echo "$ALL_DOMAINS" | sed 's/ / -d /g' | sed 's/^/-d /')
echo "- Running Certbot on the server. This may require interaction on the first run..." echo "- Running Certbot on the server..."
ssh -t -i "$EVAL_KEY_FILE" "${REMOTE_USER}@${REMOTE_HOST}" \ ssh -t -i "$EVAL_KEY_FILE" "${REMOTE_USER}@${REMOTE_HOST}" \
"sudo certbot --nginx --non-interactive --agree-tos --email $CERTBOT_EMAIL --redirect $CERTBOT_DOMAINS" "sudo certbot --nginx --non-interactive --agree-tos --email $CERTBOT_EMAIL --redirect --expand $CERTBOT_DOMAINS"
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
echo " ✅ Certbot process completed." echo " ✅ Certbot process completed."