linux - edit path for default errors, ignore comments in variables.env, install/prepare certbot
This commit is contained in:
parent
b2cceb608c
commit
bebe89afb0
|
@ -18,7 +18,7 @@ location = {{ page }} {
|
|||
error_page {{ default_error }} /errors/{{ default_error }}.html;
|
||||
|
||||
location = /errors/{{ default_error }}.html {
|
||||
root /defaults;
|
||||
root /opt/bunkerized-nginx/defaults;
|
||||
modsecurity off;
|
||||
internal;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
# Basic website with PHP
|
||||
|
||||
This is a basic example for a typical PHP website/app.
|
||||
|
||||
## Docker
|
||||
|
||||
```shell
|
||||
$ mkdir letsencrypt
|
||||
$ chown root:101 letsencrypt
|
||||
$ chmod 770 letsencrypt
|
||||
$ chmod 755 web-files
|
||||
$ chmod -R 744 web-files/*
|
||||
$ docker-compose up
|
||||
```
|
||||
|
||||
## Linux
|
||||
|
||||
```shell
|
||||
$ cp variables.env /opt/bunkerized-nginx/variables.env
|
||||
$ cp web-files/* /opt/bunkerized-nginx/www
|
||||
$ chown -R www-data:www-data /opt/bunkerized-nginx/www/*
|
||||
$ chmod -R 774 /opt/bunkerized-nginx/www/*
|
||||
$ bunkerized-nginx
|
||||
```
|
|
@ -0,0 +1,10 @@
|
|||
HTTP_PORT=80
|
||||
HTTPS_PORT=443
|
||||
SERVER_NAME=www.website.com
|
||||
AUTO_LETS_ENCRYPT=yes
|
||||
REDIRECT_HTTP_TO_HTTPS=yes
|
||||
DISABLE_DEFAULT_SERVER=yes
|
||||
USE_CLIENT_CACHE=yes
|
||||
USE_GZIP=yes
|
||||
REMOTE_PHP=myphp
|
||||
REMOTE_PHP_PATH=/app
|
|
@ -3,6 +3,8 @@ def load_variables(path) :
|
|||
with open(path) as f :
|
||||
lines = f.read().splitlines()
|
||||
for line in lines :
|
||||
if line.startswith("#") :
|
||||
continue
|
||||
var = line.split("=")[0]
|
||||
value = line[len(var)+1:]
|
||||
variables[var] = value
|
||||
|
|
|
@ -90,7 +90,9 @@ elif [ "$OS" = "centos" ] ; then
|
|||
CENTOS_DEPS="git crontabs curl python3 python3-pip procps"
|
||||
do_and_check_cmd yum install -y $CENTOS_DEPS
|
||||
fi
|
||||
do_and_check_cmd pip3 install jinja2
|
||||
do_and_check_cmd pip3 install --upgrade pip
|
||||
do_and_check_cmd pip3 install jinja2 certbot
|
||||
do_and_check_cmd pip3 install cryptography --upgrade
|
||||
|
||||
# Clone the repo
|
||||
echo "[*] Clone bunkerity/bunkerized-nginx"
|
||||
|
@ -231,6 +233,24 @@ do_and_check_cmd chmod 770 /var/log/access.log
|
|||
do_and_check_cmd chmod 770 /var/log/error.log
|
||||
do_and_check_cmd chmod -R 770 /var/log/nginx
|
||||
|
||||
# Prepare Let's Encrypt files and folders
|
||||
echo "[*] Prepare Let's Encrypt files and folders"
|
||||
if [ ! -e "/var/log/letsencrypt" ] ; then
|
||||
do_and_check_cmd mkdir /var/log/letsencrypt
|
||||
fi
|
||||
do_and_check_cmd chown root:nginx /var/log/letsencrypt
|
||||
do_and_check_cmd chmod 770 /var/log/letsencrypt
|
||||
if [ ! -e "/etc/letsencrypt" ] ; then
|
||||
do_and_check_cmd mkdir /etc/letsencrypt
|
||||
fi
|
||||
do_and_check_cmd chown root:nginx /etc/letsencrypt
|
||||
do_and_check_cmd chmod 770 /etc/letsencrypt
|
||||
if [ ! -e "/var/lib/letsencrypt" ] ; then
|
||||
do_and_check_cmd mkdir /var/lib/letsencrypt
|
||||
fi
|
||||
do_and_check_cmd chown root:nginx /var/lib/letsencrypt
|
||||
do_and_check_cmd chmod 770 /var/lib/letsencrypt
|
||||
|
||||
# Install cron
|
||||
echo "[*] Add jobs to crontab"
|
||||
if [ "$OS" = "debian" ] || [ "$OS" = "ubuntu" ] ; then
|
||||
|
|
Loading…
Reference in New Issue