librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

self-signed cert - fix bugs

This commit is contained in:
bunkerity 2021-06-11 11:39:36 +02:00
parent 95510e6e1d
commit 16101144c5
No known key found for this signature in database
GPG Key ID: 3D80806F12602A7C
3 changed files with 65 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
confs/site/https.conf
View File

@ -6,7 +6,7 @@ listen 0.0.0.0:{{ HTTPS_PORT }} ssl {% if HTTP2 == "yes" %}http2{% endif %};
{% elif USE_CUSTOM_HTTPS == "yes" %}
{% set x = paths.update({"cert": CUSTOM_HTTPS_CERT}) %}
{% set x = paths.update({"key": CUSTOM_HTTPS_KEY}) %}
{% elif GENERATE_SELF_SIGNED_HTTPS == "yes" %}
{% elif GENERATE_SELF_SIGNED_SSL == "yes" %}
{% if MULTISITE == "yes" %}
{% set x = paths.update({"cert": "/etc/nginx/" + FIRST_SERVER + "/self-cert.pem"}) %}
{% set x = paths.update({"key": "/etc/nginx/" + FIRST_SERVER + "/self-key.pem"}) %}

2
entrypoint/jobs.sh
View File

@ -19,7 +19,7 @@ if [ "$files" != " " ] ; then
SELF_SIGNED_SSL_ORG="$(sed -nE 's/^SELF_SIGNED_SSL_ORG=(.*)$/\1/p' $file)"
SELF_SIGNED_SSL_OU="$(sed -nE 's/^SELF_SIGNED_SSL_OU=(.*)$/\1/p' $file)"
SELF_SIGNED_SSL_CN="$(sed -nE 's/^SELF_SIGNED_SSL_CN=(.*)$/\1/p' $file)"
openssl_output=$(openssl req -nodes -x509 -newkey rsa:4096 -keyout ${dest}self-key.pem -out ${dest}self-cert.pem -days $SELF_SIGNED_SSL_EXPIRY -subj "/C=$SELF_SIGNED_SSL_COUNTRY/ST=$SELF_SIGNED_SSL_STATE/L=$SELF_SIGNED_SSL_CITY/O=$SELF_SIGNED_SSL_ORG/OU=$SELF_SIGNED_SSL_OU/CN=$SELF_SIGNED_SSL_CN" 2>&1)
openssl_output=$(openssl req -nodes -x509 -newkey rsa:4096 -keyout ${dest}self-key.pem -out ${dest}self-cert.pem -days "$SELF_SIGNED_SSL_EXPIRY" -subj "/C=$SELF_SIGNED_SSL_COUNTRY/ST=$SELF_SIGNED_SSL_STATE/L=$SELF_SIGNED_SSL_CITY/O=$SELF_SIGNED_SSL_ORG/OU=$SELF_SIGNED_SSL_OU/CN=$SELF_SIGNED_SSL_CN" 2>&1)
if [ $? -eq 0 ] ; then
echo "[*] Generated self-signed certificate ${dest}self-cert.pem with key ${dest}self-key.pem"
else

63
settings.json
View File

@ -599,6 +599,69 @@
"label": "Generate a self-signed TLS certificate",
"regex": "^(yes|no)$",
"type": "checkbox"
},
{
"context": "multisite",
"default": "365",
"env": "SELF_SIGNED_SSL_EXPIRY",
"id": "self-signed-ssl-expiry",
"label": "Expire date of the self-signed certificate",
"regex": "^[0-9]+$",
"type": "text"
},
{
"context": "multisite",
"default": "CH",
"env": "SELF_SIGNED_SSL_COUNTRY",
"id": "self-signed-ssl-country",
"label": "Country of the self-signed certificate",
"regex": "^[:print:]+$",
"type": "text"
},
{
"context": "multisite",
"default": "Switzerland",
"env": "SELF_SIGNED_SSL_STATE",
"id": "self-signed-ssl-state",
"label": "State of the self-signed certificate",
"regex": "^[:print:]+$",
"type": "text"
},
{
"context": "multisite",
"default": "Bern",
"env": "SELF_SIGNED_SSL_CITY",
"id": "self-signed-ssl-city",
"label": "City of the self-signed certificate",
"regex": "^[:print:]+$",
"type": "text"
},
{
"context": "multisite",
"default": "IT",
"env": "SELF_SIGNED_SSL_OU",
"id": "self-signed-ssl-ou",
"label": "Organizational Unit of the self-signed certificate",
"regex": "^[:print:]+$",
"type": "text"
},
{
"context": "multisite",
"default": "Acme Inc",
"env": "SELF_SIGNED_SSL_ORG",
"id": "self-signed-ssl-org",
"label": "Organization name of the self-signed certificate",
"regex": "^[:print:]+$",
"type": "text"
},
{
"context": "multisite",
"default": "bunkerized",
"env": "SELF_SIGNED_SSL_CN",
"id": "self-signed-ssl-cn",
"label": "Common Name of the self-signed certificate",
"regex": "^[:print:]+$",
"type": "text"
}
]
},