diff options
| author | neodarz <neodarz@neodarz.net> | 2017-08-02 01:13:11 +0200 |
|---|---|---|
| committer | neodarz <neodarz@neodarz.net> | 2017-08-02 01:13:11 +0200 |
| commit | b2653d82830b90512206d5ef7e2973af18e2400d (patch) | |
| tree | 29aac8318b6a2cd706c235abbf91126e4060c242 /create_apache_conf.sh | |
| download | kresus-gen-b2653d82830b90512206d5ef7e2973af18e2400d.tar.xz kresus-gen-b2653d82830b90512206d5ef7e2973af18e2400d.zip | |
initial commit
Diffstat (limited to 'create_apache_conf.sh')
| -rwxr-xr-x | create_apache_conf.sh | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/create_apache_conf.sh b/create_apache_conf.sh new file mode 100755 index 0000000..28c7769 --- /dev/null +++ b/create_apache_conf.sh @@ -0,0 +1,96 @@ + +usage () { + echo "You must set a $1 !" + echo "Usage:" + echo " create_apache_conf.sh <user>" + exit 0 +} + +if [ -z $1 ]; then + usage "USER" +fi + + +USER=$1 + +cat > /etc/apache2/sites-available/$USER.kresus.neodarz.net.conf << EOF +<VirtualHost *:80> + ServerName $USER.kresus.neodarz.net + ServerAdmin me@example.net + + #Alias /.well-known/acme-challenge /tmp/.well-known/acme-challenge + + <Directory /tmp/.well-known/acme-challenge> + Options None + AllowOverride None + + Require all granted + AddDefaultCharset off + + AuthType None + Satisfy any + </Directory> + + Redirect permanent / https://$USER.kresus.neodarz.net/ + + ErrorLog /home/website/kresus-gen/logs/error.log + CustomLog /home/website/kresus-gen/logs/access.log combined +</VirtualHost> +EOF + +cat > /etc/apache2/sites-available/$USER.kresus.neodarz.net-le-ssl.conf << EOF +<IfModule mod_ssl.c> + <VirtualHost *:443> + ServerName $USER.kresus.neodarz.net + ServerAdmin me@example.net + + ProxyPass "/" "http://127.0.0.1:9876/" + ProxyPassReverse "/" "http://127.0.0.1:9876/" + + Alias /.well-known/acme-challenge /tmp/.well-known/acme-challenge + + <Directory /tmp/.well-known/acme-challenge> + Options None + AllowOverride None + + Require all granted + AddDefaultCharset off + + AuthType None + Satisfy any + </Directory> + + <Location /> + AuthUserFile /home/website/kresus-gen/$USER.kresus.neodarz.net/.htpasswd + AuthName "Authentification" + AuthType Basic + Require valid-user + </Location> + + SSLEngine on + + SSLCertificateKeyFile /etc/letsencrypt/live/$USER.kresus.neodarz.net/privkey.pem + SSLCertificateFile /etc/letsencrypt/live/$USER.kresus.neodarz.net/fullchain.pem + + Header always set Strict-Transport-Security "max-age=15768000" + + <FilesMatch "\.(cgi|shtml|phtml|php)$"> + SSLOptions +StdEnvVars + </FilesMatch> + <Directory /usr/lib/cgi-bin> + SSLOptions +StdEnvVars + </Directory> + + ErrorLog /home/website/kresus-gen/logs/error.log + CustomLog /home/website/kresus-gen/logs/access.log combined + </VirtualHost> +</IfModule> + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet +EOF + +certbot --apache -d $USER.kresus.neodarz.net + +a2ensite $USER.kresus.neodarz.net +systemctl reload apache2 + |