lofig to fill nginx.conf correctly

2025-12-19 04:54:18 +01:00 · 2019-03-30 13:07:04 +00:00
parent 5d332ab2c8
commit 6baab9d6dc
1 changed files with 40 additions and 11 deletions
--- a/nginx/bonus.SSL_for_RTL.sh
+++ b/nginx/bonus.SSL_for_RTL.sh
@@ -64,7 +64,7 @@ WantedBy=timers.target

 echo "
 [Unit]
-Description=Electrs
+Description=certbot-auto renew timer
 After=bitcoind.service

 [Service]
@@ -88,12 +88,19 @@ echo "Please type the domain/ddns you have generated the certificate for followe
 read YOUR_DOMAIN

 echo "Setting up nginx.conf"
+echo "***"
 echo ""
-echo "If there is other an stream service is installed with Nginx already, you will need to edit the nginx.conf manually to remove the duplicate stream entry by running \`sudo nano /etc/nginx/nginx.conf\`."
-echo "please press a key to continue"
-read key

-echo "
+isRTL=$(sudo cat /etc/nginx/nginx.conf 2>/dev/null | grep -c 'upstream RTL')
+if [ ${isRTL} -gt 0 ]; then
+        echo "RTL is already configured with Nginx. To edit manually run \`sudo nano /etc/nginx/nginx.conf\`"
+
+elif [ ${isRTL} -eq 0 ]; then
+
+        isStream=$(sudo cat /etc/nginx/nginx.conf 2>/dev/null | grep -c 'stream {')
+        if [ ${isStream} -eq 0 ]; then
+
+        echo "
 stream {
        upstream RTL {
                server 127.0.0.1:3000;
@@ -108,8 +115,33 @@ stream {
                ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
                ssl_prefer_server_ciphers on;
        }
-}
-" | sudo tee -a /etc/nginx/nginx.conf
+}" | sudo tee -a /etc/nginx/nginx.conf
+
+        elif [ ${isStream} -eq 1 ]; then
+                sudo truncate -s-2 /etc/nginx/nginx.conf
+                echo "
+
+        upstream RTL {
+                server 127.0.0.1:3000;
+        }
+        server {
+                listen 3002 ssl;
+                proxy_pass RTL;
+                ssl_certificate /etc/letsencrypt/live/$YOUR_DOMAIN/fullchain.pem;
+                ssl_certificate_key /etc/letsencrypt/live/$YOUR_DOMAIN/privkey.pem;
+                ssl_session_cache shared:SSL:1m;
+                ssl_session_timeout 4h;
+                ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+                ssl_prefer_server_ciphers on;
+        }
+}" | sudo tee -a /etc/nginx/nginx.conf
+
+        elif [ ${isStream} -gt 1 ]; then
+
+                echo " Too many \`stream\` commands in nginx.conf. Please edit manually: \`sudo nano /etc/nginx/nginx.conf\` and retry"
+                exit 1
+        fi
+fi

 echo "allow port 3002 on ufw"
 sudo ufw allow 3002
@@ -117,8 +149,5 @@ sudo ufw allow 3002
 sudo systemctl enable nginx
 sudo systemctl restart nginx

-echo "If there is an error starting Nginx there is a stream service installed with Nginx already.  
-You will need to edit the nginx.conf manually to remove the duplicate stream entry by running \`sudo nano /etc/nginx/nginx.conf\` \
-and restart nginx with \`sudo systemctl restart nginx\`."
 echo ""
-echo "If successful connect to RTL through https on the port 3002"
+echo "Connect to RTL through https on the port 3002 and forward the port on your router to acces outside of the LAN"