diff --git a/scripts/check_certificates.sh b/scripts/check_certificates.sh index d7559b2..ea3288d 100755 --- a/scripts/check_certificates.sh +++ b/scripts/check_certificates.sh @@ -4,13 +4,20 @@ DOMAIN_DIR=$DOMAIN_DIR CERT_DIR=$CERT_DIR + DOMAIN=$1 -create_self_signed_certificate() { -# generate key -openssl req -x509 -newkey rsa:4096 -keyout $CERT_DIR/key.pem -out $CERT_DIR/cert.pem -days 365 -sha256 -nodes -subj '/CN=domain.tld' # generate dhparam file openssl dhparam -out $CERT_DIR/dhparam.pem 4096 + +create_self_signed_certificate() { +# generate key +openssl req -x509 -newkey rsa:4096 -keyout $CERT_DIR/key.pem -out $CERT_DIR/cert.pem -days 365 -sha256 -nodes -subj '/CN=$DOMAIN' + } +if [[ "$(ls -A $CERT_DIR)" == "" ]]; then + echo "$DOMAIN not contains certificates, creates new." + create_self_signed_certificate; +fi diff --git a/scripts/nginx_config_create.sh b/scripts/nginx_config_create.sh index 13eed3e..5abb826 100755 --- a/scripts/nginx_config_create.sh +++ b/scripts/nginx_config_create.sh @@ -2,10 +2,13 @@ JQ="jq -r" +cd /proxy_config + DOMAIN=$1 DEL=$2 if [[ "$DEL" != "" ]]; then echo "$DOMAIN DELETED"; + rm $DOMAIN.conf; exit; fi @@ -21,11 +24,15 @@ REDIRECT_HTTP=$(jq -r .REDIRECT_HTTP $DOMAIN_SOURCE) REDIRECT_HTTPS=$(jq -r .REDIRECT_HTTPS $DOMAIN_SOURCE) ERROR_PAGE=$(jq -r .ERROR_PAGE $DOMAIN_SOURCE) +# check whether certificates exist or not + +if [ $HTTPS_PORT != "" ]; then + ./check_certificates.sh "$DOMAIN"; +fi + echo $DOMAIN; exit; -cd /proxy_config - file="$DOMAIN.conf" cp -a nginx_template.conf $DOMAIN.conf @@ -79,7 +86,7 @@ listen $HTTPS_PORT ssl; server_name $DOMAIN_NAME; rewrite_log on proxy_ssl_server_name on; -ssl_dhparam /etc/ssl/keys/dhparams.pem; +ssl_dhparam /etc/ssl/keys/dhparam.pem; ssl_certificate /etc/ssl/keys/fullchain.pem; ssl_certificate_key /etc/ssl/keys/key.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; @@ -119,10 +126,3 @@ echo "location / { } >> "$file" -# check whether certificates exist or not - -if [ $HTTPS_PORT != "" ]; then - ./check_certificates.sh; -fi - -