aljaz/bitcoin-tutorials
1
1
Fork 0
mirror of https://github.com/openoms/bitcoin-tutorials.git synced 2025-12-19 12:54:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

rename

Browse Source
This commit is contained in:
openoms
2019-03-30 09:43:02 +00:00
parent 98eb7409f6
commit 04cc910b58
1 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

114
nginx/bonus.SSL_for_RTL.sh Normal file
View File

@@ -0,0 +1,114 @@
# Script to install nginx and certbot to enable SSL connection for RTL
# For the certificate to be obtained successfully a dynamic DNS and port forwarding is needed
# Need to forward port 80 to the IP of your RaspiBlitz for certbot
# Forward port 3002 to be able to access RTL from outside of your LAN
# https://www.raspberrypi.org/documentation/remote-access/web-server/nginx.md
echo ""
echo "***"
echo "installing Nginx"
echo "***"
echo ""
sudo apt-get install -y nginx
sudo /etc/init.d/nginx start
echo ""
echo "***"
echo "Please confirm that the port 80 is forwarded to the IP of the RaspiBlitz by pressing [ENTER]"
read key
echo "allow port 80 on ufw"
sudo ufw allow 80
# https://certbot.eff.org/lets-encrypt/debianother-nginx
echo ""
echo "***"
echo "Installing certbot"
echo " you will be asked for and email address and your domain name - a dynamic DNS can be used"
echo " give a 4-11 character password and press [ENTER] to save default options for the certificate"
echo "***"
echo ""
wget https://dl.eff.org/certbot-auto
chmod +x certbot-auto
sudo ./certbot-auto --nginx
# Your certificate and chain have been saved at:
# /etc/letsencrypt/live/$YOUR_DOMAIN/fullchain.pem
# Your key file has been saved at:
# /etc/letsencrypt/live/$YOUR_DOMAIN/privkey.pem
echo ""
echo "***"
echo "Setting up certbot-auto renewal service"
echo "***"
echo ""
echo "
[Unit]
Description=Certbot-auto renewal service
[Timer]
OnBootSec=20min
OnCalendar=*-*-* 4:00:00
OnCalendar=*-*-* 16:00:00
[Install]
WantedBy=timers.target
" | sudo tee -a /etc/systemd/system/certbot.timer
echo "
[Unit]
Description=Electrs
After=bitcoind.service
[Service]
WorkingDirectory=/home/admin/
ExecStart=/home/admin/certbot-auto renew
User=admin
Group=admin
Type=simple
KillMode=process
TimeoutSec=60
Restart=always
RestartSec=60
" | sudo tee -a /etc/systemd/system/certbot.service
sudo systemctl enable certbot
sudo systemctl start certbot
echo ""
echo "***"
echo "Please type the domain/ddns you have generated the certificate for followed by [ENTER]"
read YOUR_DOMAIN
echo "Setting up nginx.conf"
echo ""
echo "If there is other an stream service is installed with Nginx already, you will need to edit the nginx.conf manually to remove the duplicate stream entry"
echo "by running \`sudo nano /etc/nginx/nginx.conf\`."
echo "please press a key to continue"
read key
echo "
stream {
upstream RTL {
server 127.0.0.1:3000;
}
server {
listen 3002 ssl;
proxy_pass RTL;
ssl_certificate /etc/letsencrypt/live/$YOUR_DOMAIN/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$YOUR_DOMAIN/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 4h;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
}
}
" | sudo tee -a /etc/nginx/nginx.conf
sudo systemctl enable nginx
sudo systemctl start nginx