From 6baab9d6dcac12d83b4cf515a54e9ef997ae3dcb Mon Sep 17 00:00:00 2001
From: openoms <openoms@riseup.net>
Date: Sat, 30 Mar 2019 13:07:04 +0000
Subject: [PATCH] lofig to fill nginx.conf correctly

---
 nginx/bonus.SSL_for_RTL.sh | 51 ++++++++++++++++++++++++++++++--------
 1 file changed, 40 insertions(+), 11 deletions(-)

diff --git a/nginx/bonus.SSL_for_RTL.sh b/nginx/bonus.SSL_for_RTL.sh
index 09c5d00..cdfb3fd 100644
--- a/nginx/bonus.SSL_for_RTL.sh
+++ b/nginx/bonus.SSL_for_RTL.sh
@@ -64,7 +64,7 @@ WantedBy=timers.target
 
 echo "
 [Unit]
-Description=Electrs
+Description=certbot-auto renew timer
 After=bitcoind.service
 
 [Service]
@@ -88,12 +88,19 @@ echo "Please type the domain/ddns you have generated the certificate for followe
 read YOUR_DOMAIN
 
 echo "Setting up nginx.conf"
+echo "***"
 echo ""
-echo "If there is other an stream service is installed with Nginx already, you will need to edit the nginx.conf manually to remove the duplicate stream entry by running \`sudo nano /etc/nginx/nginx.conf\`."
-echo "please press a key to continue"
-read key
 
-echo "
+isRTL=$(sudo cat /etc/nginx/nginx.conf 2>/dev/null | grep -c 'upstream RTL')
+if [ ${isRTL} -gt 0 ]; then
+        echo "RTL is already configured with Nginx. To edit manually run \`sudo nano /etc/nginx/nginx.conf\`"
+
+elif [ ${isRTL} -eq 0 ]; then
+
+        isStream=$(sudo cat /etc/nginx/nginx.conf 2>/dev/null | grep -c 'stream {')
+        if [ ${isStream} -eq 0 ]; then
+
+        echo "
 stream {
         upstream RTL {
                 server 127.0.0.1:3000;
@@ -108,8 +115,33 @@ stream {
                 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
                 ssl_prefer_server_ciphers on;
         }
-}
-" | sudo tee -a /etc/nginx/nginx.conf
+}" | sudo tee -a /etc/nginx/nginx.conf
+
+        elif [ ${isStream} -eq 1 ]; then
+                sudo truncate -s-2 /etc/nginx/nginx.conf
+                echo "
+
+        upstream RTL {
+                server 127.0.0.1:3000;
+        }
+        server {
+                listen 3002 ssl;
+                proxy_pass RTL;
+                ssl_certificate /etc/letsencrypt/live/$YOUR_DOMAIN/fullchain.pem;
+                ssl_certificate_key /etc/letsencrypt/live/$YOUR_DOMAIN/privkey.pem;
+                ssl_session_cache shared:SSL:1m;
+                ssl_session_timeout 4h;
+                ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+                ssl_prefer_server_ciphers on;
+        }
+}" | sudo tee -a /etc/nginx/nginx.conf
+
+        elif [ ${isStream} -gt 1 ]; then
+
+                echo " Too many \`stream\` commands in nginx.conf. Please edit manually: \`sudo nano /etc/nginx/nginx.conf\` and retry"
+                exit 1
+        fi
+fi
 
 echo "allow port 3002 on ufw"
 sudo ufw allow 3002
@@ -117,8 +149,5 @@ sudo ufw allow 3002
 sudo systemctl enable nginx
 sudo systemctl restart nginx
 
-echo "If there is an error starting Nginx there is a stream service installed with Nginx already.  
-You will need to edit the nginx.conf manually to remove the duplicate stream entry by running \`sudo nano /etc/nginx/nginx.conf\` \
-and restart nginx with \`sudo systemctl restart nginx\`."
 echo ""
-echo "If successful connect to RTL through https on the port 3002"
\ No newline at end of file
+echo "Connect to RTL through https on the port 3002 and forward the port on your router to acces outside of the LAN"
\ No newline at end of file