From 9dab35ccb85b9cbe01104d33a6c3d57105851eaa Mon Sep 17 00:00:00 2001
From: myve <forge@myve.lan>
Date: Mon, 2 Dec 2024 08:41:11 +0000
Subject: [PATCH] Update nginx.sh

---
 nginx.sh | 90 +++++++++++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 73 insertions(+), 17 deletions(-)

diff --git a/nginx.sh b/nginx.sh
index 5d356fb..89cc6e9 100644
--- a/nginx.sh
+++ b/nginx.sh
@@ -1,43 +1,99 @@
 #!/usr/bin/env bash
+unset backup_port addurl adddomains
+clear
 
 # Fill in the following variables
-appname=
-url=
-domain=
-port=
 eff_email_address=
 
-# .conf installation
-{
+appname=
 
-# Exit if variables are null
-if [ -z ${appname} ] || [ -z ${url} ] || [ -z ${domain} ] || [ -z ${port} ] || [ -z ${eff_email_address} ]
+subdomain=
+domain=
+adddomains=()
+
+host=
+port=
+backup_port=
+
+
+if [ ${subdomain} ]
 then
-    exit 1
+    url=${subdomain}.${domain}
+else
+    url=${domain}
 fi
 
-sudo tee /etc/nginx/sites-available/${appname}.conf >/dev/null <<conf
+for i in ${adddomains[@]}
+do
+    addurl+=(${subdomain}.${i})
+done
+
+sudo rm -f /etc/nginx/conf.d/${appname}.conf
+
+if [ ${backup_port} ]
+then
+    sudo tee /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf
+upstream ${appname} {
+    server ${host}:${port};
+
+    server 127.0.0.1:${backup_port} backup;
+}
+
+conf
+else
+    sudo tee /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf
+upstream ${appname} {
+    server ${host}:${port};
+}
+
+conf
+fi
+
+sudo tee -a /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf
 server {
     server_name ${url};
     include local/http_upgrade;
 
     location / {
-        proxy_pass http://${domain}:${port};
+        proxy_pass http://${appname};
         include local/proxy_params;
 
         error_log  /var/log/nginx/${appname}_error.log;
         access_log /var/log/nginx/${appname}_access.log;
     }
 }
+
 conf
 
-sudo ln -s -f /etc/nginx/sites-available/${appname}.conf /etc/nginx/sites-enabled/
+sudo certbot --nginx --non-interactive --agree-tos --no-eff-email -m ${eff_email_address} -d ${url} \
+    --staple-ocsp --hsts --no-redirect
+    
+for url in ${addurl[@]}
+do
+    sudo tee -a /etc/nginx/conf.d/${appname}.conf >/dev/null <<- conf
+server {
+    server_name ${url};
+    include local/http_upgrade;
+
+    location / {
+        proxy_pass http://${appname};
+        include local/proxy_params;
+
+        error_log  /var/log/nginx/${appname}_error.log;
+        access_log /var/log/nginx/${appname}_access.log;
+    }
+}
+
+conf
 
-if sudo nginx -t
-then
-    sudo systemctl reload nginx.service
     sudo certbot --nginx --non-interactive --agree-tos --no-eff-email -m ${eff_email_address} -d ${url} \
         --staple-ocsp --hsts --no-redirect
-fi
+done
 
-}
+sudo sed -e '/listen 80/d' \
+    -e '/listen 443/a\
+    listen 443 quic;\
+    listen [::]:443 ssl;\
+    listen [::]:443 quic;\
+' -i /etc/nginx/conf.d/${appname}.conf 
+sudo systemctl reload nginx.service