From e6a9ff791176b7478a74fe9bde90b05712081af6 Mon Sep 17 00:00:00 2001 From: Lisa Marie Maginnis Date: Sun, 28 Feb 2016 23:33:36 -0500 Subject: [PATCH] more tweaks to gmg --- files/etc/init.d/request-letsencrypt/DEFAULT | 10 ++++++++++ .../etc/nginx/sites-available/mediagoblin/DEFAULT | 14 +++++++------- scripts/GMG/15_install_gmg.sh | 1 + 3 files changed, 18 insertions(+), 7 deletions(-) diff --git a/files/etc/init.d/request-letsencrypt/DEFAULT b/files/etc/init.d/request-letsencrypt/DEFAULT index e29039d..7e33360 100755 --- a/files/etc/init.d/request-letsencrypt/DEFAULT +++ b/files/etc/init.d/request-letsencrypt/DEFAULT @@ -1,7 +1,17 @@ #!/bin/bash if [ ! -d /etc/letsencrypt/archive/HOSTNAME_TOKEN ]; then + + # Nasty hack for getting port 443/80 if needed + /etc/init.d/nginx stop &> /dev/null + /etc/init.d/apache2 stop &> /dev/null + + # Lets get us some SSL cd /srv/letsencrypt ./letsencrypt-auto certonly --standalone --agree-tos --email LETSENCRYPT_EMAIL_TOKEN -d HOSTNAME_TOKEN -d SERVERNAME_TOKEN + + # Nasty hack for putting thoes services back online, okay :) + /etc/init.d/nginx start &> /dev/null + /etc/init.d/apache2 start &> /dev/null fi diff --git a/files/etc/nginx/sites-available/mediagoblin/DEFAULT b/files/etc/nginx/sites-available/mediagoblin/DEFAULT index 0985e39..15022ca 100644 --- a/files/etc/nginx/sites-available/mediagoblin/DEFAULT +++ b/files/etc/nginx/sites-available/mediagoblin/DEFAULT @@ -1,14 +1,14 @@ server { listen 80; - server_name GMG_FQDN_TOKEN; + server_name SERVERNAME_TOKEN; include /etc/nginx/mediagoblin-common.conf; ## redirect http to https ## rewrite ^ https://$server_name$request_uri? permanent; - access_log /var/log/nginx/GMG_FQDN_TOKEN-ssl.access.log; - error_log /var/log/nginx/GMG_FQDN_TOKEN-ssl.error.log; + access_log /var/log/nginx/SERVERNAME_TOKEN-ssl.access.log; + error_log /var/log/nginx/SERVERNAME_TOKEN-ssl.error.log; } server { @@ -16,8 +16,8 @@ server { include /etc/nginx/mediagoblin-common.conf; - access_log /var/log/nginx/GMG_FQDN_TOKEN-ssl.access.log; - error_log /var/log/nginx/GMG_FQDN_TOKEN-ssl.error.log; + access_log /var/log/nginx/SERVERNAME_TOKEN-ssl.access.log; + error_log /var/log/nginx/SERVERNAME_TOKEN-ssl.error.log; ssl on; @@ -25,8 +25,8 @@ server { ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; - ssl_certificate /etc/letsencrypt/live/GMG_FQDN_TOKEN/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/GMG_FQDN_TOKEN/privkey.pem; + ssl_certificate /etc/letsencrypt/live/SERVERNAME_TOKEN/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/SERVERNAME_TOKEN/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; diff --git a/scripts/GMG/15_install_gmg.sh b/scripts/GMG/15_install_gmg.sh index 04e98c5..796601d 100755 --- a/scripts/GMG/15_install_gmg.sh +++ b/scripts/GMG/15_install_gmg.sh @@ -24,6 +24,7 @@ sed 's^GMG_SENDER_TOKEN^'$GMG_SENDER'^g' -i $target/etc/mediagoblin-templates/me sed 's^GMG_PATH_TOKEN^'$GMG_PATH'^g' -i $target/etc/nginx/mediagoblin-common.conf sed 's^GMG_FQDN_TOKEN^'$fqdn'^g' -i $target/etc/nginx/sites-available/mediagoblin +sed 's^SERVERNAME_TOKEN^'$fqdn'^g' -i $target/etc/nginx/sites-available/mediagoblin # enable nginx config $ROOTCMD ln -s /etc/nginx/sites-available/mediagoblin /etc/nginx/sites-enabled/mediagoblin -- 2.25.1