diff options
Diffstat (limited to 'playbooks.d/webserver/playbook.bash')
-rw-r--r-- | playbooks.d/webserver/playbook.bash | 39 |
1 files changed, 28 insertions, 11 deletions
diff --git a/playbooks.d/webserver/playbook.bash b/playbooks.d/webserver/playbook.bash index 5c422f6..85c38be 100644 --- a/playbooks.d/webserver/playbook.bash +++ b/playbooks.d/webserver/playbook.bash @@ -3,7 +3,7 @@ playbook_add() { info "webserver/add" "Installing packages" - pkg install nginx + pkg install certbot nginx info "webserver/add" "Create www user" groupadd www @@ -18,11 +18,19 @@ playbook_add() rm -frv -- "$(config "fs.etcdir")/nginx" info "webserver/add" "Creating desired directory structure" - mkdir -pv -- "$(config "fs.etcdir")/nginx" - mkdir -pv -- "$(config "fs.etcdir")/nginx/sites-available.d" - mkdir -pv -- "$(config "fs.etcdir")/nginx/sites-enabled.d" - mkdir -pv -- "$(config "fs.etcdir")/nginx/snippets.d" - mkdir -pv -- /var/www + mkdir -pv -- \ + "$(config "fs.etcdir")/nginx" \ + "$(config "fs.etcdir")/nginx/sites-available.d" \ + "$(config "fs.etcdir")/nginx/sites-available.d/http" \ + "$(config "fs.etcdir")/nginx/sites-available.d/https" \ + "$(config "fs.etcdir")/nginx/sites-enabled.d" \ + "$(config "fs.etcdir")/nginx/sites-enabled.d/http" \ + "$(config "fs.etcdir")/nginx/sites-enabled.d/https" \ + "$(config "fs.etcdir")/nginx/snippets.d" \ + /var/www + + info "webserver/add" "Generating dhparam.pem" + openssl dhparam -out "$(config "fs.etcdir")/nginx/dhparam.pem" 4096 info "webserver/add" "Running sync to get all configuration going" playbook_sync @@ -60,17 +68,26 @@ playbook_sync() > "$(config "fs.etcdir")/nginx/snippets.d/$snippet" done - for path in "$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/sites.d"/* + for path_dir in "$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/sites.d"/* do - site="$(basename "$path")" + dir="$(basename "$path_dir")" - notice "webserver/sync" "Updating site $site" - file_template "sites.d/$site" \ - > "$(config "fs.etcdir")/nginx/sites-available.d/$site" + for path_site in "$path_dir"/* + do + site="$(basename "$path_site")" + + notice "webserver/sync" "Updating site $dir/$site" + file_template "sites.d/$dir/$site" \ + > "$(config "fs.etcdir")/nginx/sites-available.d/$dir/$site" + done done + notice "webserver/sync" "Set nginx permissions to www user" chown -R www:www "$(config "fs.etcdir")/nginx" + notice "webserver/sync" "Renewing Let's Encrypt certificates" + certbot renew --no-random-sleep-on-renew + [[ "$BASHTARD_COMMAND" == "add" ]] && return svc reload nginx |