nginx/nginx.sh

#!/usr/bin/env bash
unset backup_port addurl adddomains
clear

# Fill in the following variables
eff_email_address=

appname=

subdomain=
domain=
adddomains=()

host=
port=
backup_port=


if [ ${subdomain} ]
then
    url=${subdomain}.${domain}
else
    url=${domain}
fi

for i in ${adddomains[@]}
do
    addurl+=(${subdomain}.${i})
done

sudo rm -f /etc/nginx/conf.d/${appname}.conf

if [ ${backup_port} ]
then
    sudo tee /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf
upstream ${appname} {
    server ${host}:${port};

    server 127.0.0.1:${backup_port} backup;
}

conf
else
    sudo tee /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf
upstream ${appname} {
    server ${host}:${port};
}

conf
fi

sudo tee -a /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf
server {
    server_name ${url};
    include local/http_upgrade;

    location / {
        proxy_pass http://${appname};
        include local/proxy_params;

        error_log  /var/log/nginx/${appname}_error.log;
        access_log /var/log/nginx/${appname}_access.log;
    }
}

conf

sudo certbot --nginx --non-interactive --agree-tos --no-eff-email -m ${eff_email_address} -d ${url} \
    --staple-ocsp --hsts --no-redirect
    
for url in ${addurl[@]}
do
    sudo tee -a /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf
server {
    server_name ${url};
    include local/http_upgrade;

    location / {
        proxy_pass http://${appname};
        include local/proxy_params;

        error_log  /var/log/nginx/${appname}_error.log;
        access_log /var/log/nginx/${appname}_access.log;
    }
}

conf

    sudo certbot --nginx --non-interactive --agree-tos --no-eff-email -m ${eff_email_address} -d ${url} \
        --staple-ocsp --hsts --no-redirect
done

sudo sed -e '/listen 80/d' \
    -e '/listen 443/a\
    listen 443 quic;\
    listen [::]:443 ssl;\
    listen [::]:443 quic;\
' -i /etc/nginx/conf.d/${appname}.conf 
sudo systemctl reload nginx.service
First commit 2024-06-14 07:14:42 +00:00			`#!/usr/bin/env bash`
Update nginx.sh 2024-12-02 08:41:11 +00:00			`unset backup_port addurl adddomains`
			`clear`
First commit 2024-06-14 07:14:42 +00:00
			`# Fill in the following variables`
Update nginx.sh 2024-12-02 08:41:11 +00:00			`eff_email_address=`

First commit 2024-06-14 07:14:42 +00:00			`appname=`
Update nginx.sh 2024-12-02 08:41:11 +00:00
			`subdomain=`
First commit 2024-06-14 07:14:42 +00:00			`domain=`
Update nginx.sh 2024-12-02 08:41:11 +00:00			`adddomains=()`

			`host=`
First commit 2024-06-14 07:14:42 +00:00			`port=`
Update nginx.sh 2024-12-02 08:41:11 +00:00			`backup_port=`
First commit 2024-06-14 07:14:42 +00:00

Update nginx.sh 2024-12-02 08:41:11 +00:00			`if [ ${subdomain} ]`
First commit 2024-06-14 07:14:42 +00:00			`then`
Update nginx.sh 2024-12-02 08:41:11 +00:00			`url=${subdomain}.${domain}`
			`else`
			`url=${domain}`
			`fi`

			`for i in ${adddomains[@]}`
			`do`
			`addurl+=(${subdomain}.${i})`
			`done`

			`sudo rm -f /etc/nginx/conf.d/${appname}.conf`

			`if [ ${backup_port} ]`
			`then`
			`sudo tee /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf`
			`upstream ${appname} {`
			`server ${host}:${port};`

			`server 127.0.0.1:${backup_port} backup;`
			`}`

			`conf`
			`else`
			`sudo tee /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf`
			`upstream ${appname} {`
			`server ${host}:${port};`
			`}`

			`conf`
First commit 2024-06-14 07:14:42 +00:00			`fi`

Update nginx.sh 2024-12-02 08:41:11 +00:00			`sudo tee -a /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf`
First commit 2024-06-14 07:14:42 +00:00			`server {`
			`server_name ${url};`
			`include local/http_upgrade;`

			`location / {`
Update nginx.sh 2024-12-02 08:41:11 +00:00			`proxy_pass http://${appname};`
First commit 2024-06-14 07:14:42 +00:00			`include local/proxy_params;`

			`error_log /var/log/nginx/${appname}_error.log;`
			`access_log /var/log/nginx/${appname}_access.log;`
			`}`
			`}`
Update nginx.sh 2024-12-02 08:41:11 +00:00
First commit 2024-06-14 07:14:42 +00:00			`conf`

Update nginx.sh 2024-12-02 08:41:11 +00:00			`sudo certbot --nginx --non-interactive --agree-tos --no-eff-email -m ${eff_email_address} -d ${url} \`
			`--staple-ocsp --hsts --no-redirect`

			`for url in ${addurl[@]}`
			`do`
			`sudo tee -a /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf`
			`server {`
			`server_name ${url};`
			`include local/http_upgrade;`

			`location / {`
			`proxy_pass http://${appname};`
			`include local/proxy_params;`

			`error_log /var/log/nginx/${appname}_error.log;`
			`access_log /var/log/nginx/${appname}_access.log;`
			`}`
			`}`

			`conf`
First commit 2024-06-14 07:14:42 +00:00
			`sudo certbot --nginx --non-interactive --agree-tos --no-eff-email -m ${eff_email_address} -d ${url} \`
			`--staple-ocsp --hsts --no-redirect`
Update nginx.sh 2024-12-02 08:41:11 +00:00			`done`
First commit 2024-06-14 07:14:42 +00:00
Update nginx.sh 2024-12-02 08:41:11 +00:00			`sudo sed -e '/listen 80/d' \`
			`-e '/listen 443/a\`
			`listen 443 quic;\`
			`listen [::]:443 ssl;\`
			`listen [::]:443 quic;\`
			`' -i /etc/nginx/conf.d/${appname}.conf`
			`sudo systemctl reload nginx.service`