summaryrefslogtreecommitdiff
path: root/playbooks.d/webserver/playbook.bash
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks.d/webserver/playbook.bash')
-rw-r--r--playbooks.d/webserver/playbook.bash39
1 files changed, 28 insertions, 11 deletions
diff --git a/playbooks.d/webserver/playbook.bash b/playbooks.d/webserver/playbook.bash
index 5c422f6..85c38be 100644
--- a/playbooks.d/webserver/playbook.bash
+++ b/playbooks.d/webserver/playbook.bash
@@ -3,7 +3,7 @@
playbook_add()
{
info "webserver/add" "Installing packages"
- pkg install nginx
+ pkg install certbot nginx
info "webserver/add" "Create www user"
groupadd www
@@ -18,11 +18,19 @@ playbook_add()
rm -frv -- "$(config "fs.etcdir")/nginx"
info "webserver/add" "Creating desired directory structure"
- mkdir -pv -- "$(config "fs.etcdir")/nginx"
- mkdir -pv -- "$(config "fs.etcdir")/nginx/sites-available.d"
- mkdir -pv -- "$(config "fs.etcdir")/nginx/sites-enabled.d"
- mkdir -pv -- "$(config "fs.etcdir")/nginx/snippets.d"
- mkdir -pv -- /var/www
+ mkdir -pv -- \
+ "$(config "fs.etcdir")/nginx" \
+ "$(config "fs.etcdir")/nginx/sites-available.d" \
+ "$(config "fs.etcdir")/nginx/sites-available.d/http" \
+ "$(config "fs.etcdir")/nginx/sites-available.d/https" \
+ "$(config "fs.etcdir")/nginx/sites-enabled.d" \
+ "$(config "fs.etcdir")/nginx/sites-enabled.d/http" \
+ "$(config "fs.etcdir")/nginx/sites-enabled.d/https" \
+ "$(config "fs.etcdir")/nginx/snippets.d" \
+ /var/www
+
+ info "webserver/add" "Generating dhparam.pem"
+ openssl dhparam -out "$(config "fs.etcdir")/nginx/dhparam.pem" 4096
info "webserver/add" "Running sync to get all configuration going"
playbook_sync
@@ -60,17 +68,26 @@ playbook_sync()
> "$(config "fs.etcdir")/nginx/snippets.d/$snippet"
done
- for path in "$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/sites.d"/*
+ for path_dir in "$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/sites.d"/*
do
- site="$(basename "$path")"
+ dir="$(basename "$path_dir")"
- notice "webserver/sync" "Updating site $site"
- file_template "sites.d/$site" \
- > "$(config "fs.etcdir")/nginx/sites-available.d/$site"
+ for path_site in "$path_dir"/*
+ do
+ site="$(basename "$path_site")"
+
+ notice "webserver/sync" "Updating site $dir/$site"
+ file_template "sites.d/$dir/$site" \
+ > "$(config "fs.etcdir")/nginx/sites-available.d/$dir/$site"
+ done
done
+ notice "webserver/sync" "Set nginx permissions to www user"
chown -R www:www "$(config "fs.etcdir")/nginx"
+ notice "webserver/sync" "Renewing Let's Encrypt certificates"
+ certbot renew --no-random-sleep-on-renew
+
[[ "$BASHTARD_COMMAND" == "add" ]] && return
svc reload nginx
generated by cgit v1.1 at 2024-06-27 07:29:08 +0000