projects
/
fai-configs.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
a6084b7
)
more tweaks to gmg
author
Lisa Marie Maginnis
<lisam@fsf.org>
Mon, 29 Feb 2016 04:33:36 +0000
(23:33 -0500)
committer
Lisa Marie Maginnis
<lisam@fsf.org>
Mon, 29 Feb 2016 04:33:36 +0000
(23:33 -0500)
files/etc/init.d/request-letsencrypt/DEFAULT
patch
|
blob
|
blame
|
history
files/etc/nginx/sites-available/mediagoblin/DEFAULT
patch
|
blob
|
blame
|
history
scripts/GMG/15_install_gmg.sh
patch
|
blob
|
blame
|
history
diff --git
a/files/etc/init.d/request-letsencrypt/DEFAULT
b/files/etc/init.d/request-letsencrypt/DEFAULT
index e29039dcbf6e1fce6f521268159ffdb755c17b90..7e333606af81e95837053218830ae60ab24f264e 100755
(executable)
--- a/
files/etc/init.d/request-letsencrypt/DEFAULT
+++ b/
files/etc/init.d/request-letsencrypt/DEFAULT
@@
-1,7
+1,17
@@
#!/bin/bash
if [ ! -d /etc/letsencrypt/archive/HOSTNAME_TOKEN ]; then
#!/bin/bash
if [ ! -d /etc/letsencrypt/archive/HOSTNAME_TOKEN ]; then
+
+ # Nasty hack for getting port 443/80 if needed
+ /etc/init.d/nginx stop &> /dev/null
+ /etc/init.d/apache2 stop &> /dev/null
+
+ # Lets get us some SSL
cd /srv/letsencrypt
./letsencrypt-auto certonly --standalone --agree-tos --email LETSENCRYPT_EMAIL_TOKEN -d HOSTNAME_TOKEN -d SERVERNAME_TOKEN
cd /srv/letsencrypt
./letsencrypt-auto certonly --standalone --agree-tos --email LETSENCRYPT_EMAIL_TOKEN -d HOSTNAME_TOKEN -d SERVERNAME_TOKEN
+
+ # Nasty hack for putting thoes services back online, okay :)
+ /etc/init.d/nginx start &> /dev/null
+ /etc/init.d/apache2 start &> /dev/null
fi
fi
diff --git
a/files/etc/nginx/sites-available/mediagoblin/DEFAULT
b/files/etc/nginx/sites-available/mediagoblin/DEFAULT
index 0985e39b9c5dbfdf6c8d6a1de472cca55765cfce..15022cae5283004bc8ee7a88ec4b28a7b9a193c2 100644
(file)
--- a/
files/etc/nginx/sites-available/mediagoblin/DEFAULT
+++ b/
files/etc/nginx/sites-available/mediagoblin/DEFAULT
@@
-1,14
+1,14
@@
server {
listen 80;
server {
listen 80;
- server_name
GMG_FQDN
_TOKEN;
+ server_name
SERVERNAME
_TOKEN;
include /etc/nginx/mediagoblin-common.conf;
## redirect http to https ##
rewrite ^ https://$server_name$request_uri? permanent;
include /etc/nginx/mediagoblin-common.conf;
## redirect http to https ##
rewrite ^ https://$server_name$request_uri? permanent;
- access_log /var/log/nginx/
GMG_FQDN
_TOKEN-ssl.access.log;
- error_log /var/log/nginx/
GMG_FQDN
_TOKEN-ssl.error.log;
+ access_log /var/log/nginx/
SERVERNAME
_TOKEN-ssl.access.log;
+ error_log /var/log/nginx/
SERVERNAME
_TOKEN-ssl.error.log;
}
server {
}
server {
@@
-16,8
+16,8
@@
server {
include /etc/nginx/mediagoblin-common.conf;
include /etc/nginx/mediagoblin-common.conf;
- access_log /var/log/nginx/
GMG_FQDN
_TOKEN-ssl.access.log;
- error_log /var/log/nginx/
GMG_FQDN
_TOKEN-ssl.error.log;
+ access_log /var/log/nginx/
SERVERNAME
_TOKEN-ssl.access.log;
+ error_log /var/log/nginx/
SERVERNAME
_TOKEN-ssl.error.log;
ssl on;
ssl on;
@@
-25,8
+25,8
@@
server {
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
- ssl_certificate /etc/letsencrypt/live/
GMG_FQDN
_TOKEN/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/
GMG_FQDN
_TOKEN/privkey.pem;
+ ssl_certificate /etc/letsencrypt/live/
SERVERNAME
_TOKEN/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/
SERVERNAME
_TOKEN/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
diff --git
a/scripts/GMG/15_install_gmg.sh
b/scripts/GMG/15_install_gmg.sh
index 04e98c558e72b4f4489316c8768294e71f3f2e09..796601d2f731df81822c1e7d62adf4e7565bcf33 100755
(executable)
--- a/
scripts/GMG/15_install_gmg.sh
+++ b/
scripts/GMG/15_install_gmg.sh
@@
-24,6
+24,7
@@
sed 's^GMG_SENDER_TOKEN^'$GMG_SENDER'^g' -i $target/etc/mediagoblin-templates/me
sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/nginx/mediagoblin-common.conf
sed 's^GMG_FQDN_TOKEN^'$fqdn'^g' -i $target/etc/nginx/sites-available/mediagoblin
sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/nginx/mediagoblin-common.conf
sed 's^GMG_FQDN_TOKEN^'$fqdn'^g' -i $target/etc/nginx/sites-available/mediagoblin
+sed 's^SERVERNAME_TOKEN^'$fqdn'^g' -i $target/etc/nginx/sites-available/mediagoblin
# enable nginx config
$ROOTCMD ln -s /etc/nginx/sites-available/mediagoblin /etc/nginx/sites-enabled/mediagoblin
# enable nginx config
$ROOTCMD ln -s /etc/nginx/sites-available/mediagoblin /etc/nginx/sites-enabled/mediagoblin