[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-deployment] 16/25: Old configurations removed - config_ngix.sh re
From: |
gnunet |
Subject: |
[taler-deployment] 16/25: Old configurations removed - config_ngix.sh replaced |
Date: |
Thu, 06 Apr 2023 14:11:40 +0200 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository deployment.
commit b9ed43c2e98677aadea54530a8163f6f7830f32a
Author: Javier Sepulveda <javier.sepulveda@uv.es>
AuthorDate: Wed Mar 29 11:55:07 2023 +0200
Old configurations removed - config_ngix.sh replaced
---
netzbon/config_nginx.sh | 66 +++++++---------------
.../backend.taler-nginx.conf | 0
.../bank.taler-nginx.conf | 0
.../exchange.taler-nginx.conf | 0
.../new_nginx_listen_80_certbot/config_nginx.sh | 33 -----------
.../old_nginx_listen_443_certbot/backend.conf | 24 --------
.../old_nginx_listen_443_certbot/bank.conf | 33 -----------
.../old_nginx_listen_443_certbot/config_nginx.sh | 26 ---------
.../config_nginx.sh.old | 62 --------------------
.../old_nginx_listen_443_certbot/exchange.conf | 24 --------
10 files changed, 20 insertions(+), 248 deletions(-)
diff --git a/netzbon/config_nginx.sh b/netzbon/config_nginx.sh
index 1d355fd..bf85f96 100755
--- a/netzbon/config_nginx.sh
+++ b/netzbon/config_nginx.sh
@@ -1,59 +1,33 @@
#!/bin/bash
-# This file is in the public domain.
-
-set -eu
-
-# Inputs: DOMAIN_NAME & ENABLE_TLS
source functions.sh
source config/user.conf
-source config/internal.conf
-
-if test -z ${DOMAIN_NAME:-}
-then
- say "Error: config/user.conf does not specify DOMAIN_NAME"
- exit 1
-fi
-if test -z ${ENABLE_TLS:-}
-then
- say "Error: config/user.conf does not specify ENABLE_TLS"
- exit 1
-fi
-
-say "Configuring Nginx"
+export DOMAIN_NAME=${DOMAIN_NAME}
-SITES_AVAILABLE_DIR=/etc/nginx/sites-available
-SITES_ENABLED_DIR=/etc/nginx/sites-enabled
+envsubst <nginx-conf/backend.taler-nginx.conf >
/etc/nginx/sites-available/backend.${DOMAIN_NAME}
+envsubst <nginx-conf/bank.taler-nginx.conf >
/etc/nginx/sites-available/bank.${DOMAIN_NAME}
+envsubst <nginx-conf/exchange.taler-nginx.conf >
/etc/nginx/sites-available/exchange.${DOMAIN_NAME}
-cat ${SITES_AVAILABLE_DIR}/taler-exchange \
- | sed -e "s/localhost/exchange.${DOMAIN_NAME}/g" \
- | sed -e "s/location \/taler-exchange\//location \//g" \
- > ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME}
${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME}
+if test ${ENABLE_TLS} == "y"
+then
-cat ${SITES_AVAILABLE_DIR}/taler-merchant \
- | sed -e "s/localhost/backend.${DOMAIN_NAME}/g" \
- | sed -e "s/location \/taler-merchant\//location \//g" \
- > ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME}
${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME}
+# patch to: Replace http to https, to avoid error of mixed content
-cat ${SITES_AVAILABLE_DIR}/libeufin-sandbox \
- | sed -e "s/localhost/bank.${DOMAIN_NAME}/g" \
- > ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME}
${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME}
+sed -i "s/http:\/\/bank./https:\/\/bank./g"
/etc/libeufin/demobank-ui-settings.js
-say "Restarting Nginx with new configuration"
-systemctl restart nginx
+# Certbot
-if test ${ENABLE_TLS} == "y"
-then
say "Obtaining TLS certificates"
- certbot --nginx \
- -d backend.${DOMAIN_NAME} \
- -d bank.${DOMAIN_NAME} \
- -d exchange.${DOMAIN_NAME}
+ certbot -d ${DOMAIN_NAME} \
+ -d backend.${DOMAIN_NAME} \
+ -d bank.${DOMAIN_NAME} \
+ -d exchange.${DOMAIN_NAME}
fi
+
+ln -s /etc/nginx/sites-available/backend.${DOMAIN_NAME}
/etc/nginx/sites-enabled/backend.${DOMAIN_NAME}
+ln -s /etc/nginx/sites-available/bank.${DOMAIN_NAME}
/etc/nginx/sites-enabled/bank.${DOMAIN_NAME}
+ln -s /etc/nginx/sites-available/exchange.${DOMAIN_NAME}
/etc/nginx/sites-enabled/exchange.${DOMAIN_NAME}
+
+say "Restarting Nginx with new configuration"
+systemctl reload nginx
diff --git
a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/backend.taler-nginx.conf
b/netzbon/nginx-conf/backend.taler-nginx.conf
similarity index 100%
rename from
netzbon/nginx_configurations/new_nginx_listen_80_certbot/backend.taler-nginx.conf
rename to netzbon/nginx-conf/backend.taler-nginx.conf
diff --git
a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/bank.taler-nginx.conf
b/netzbon/nginx-conf/bank.taler-nginx.conf
similarity index 100%
rename from
netzbon/nginx_configurations/new_nginx_listen_80_certbot/bank.taler-nginx.conf
rename to netzbon/nginx-conf/bank.taler-nginx.conf
diff --git
a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/exchange.taler-nginx.conf
b/netzbon/nginx-conf/exchange.taler-nginx.conf
similarity index 100%
rename from
netzbon/nginx_configurations/new_nginx_listen_80_certbot/exchange.taler-nginx.conf
rename to netzbon/nginx-conf/exchange.taler-nginx.conf
diff --git
a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/config_nginx.sh
b/netzbon/nginx_configurations/new_nginx_listen_80_certbot/config_nginx.sh
deleted file mode 100755
index 6d03f77..0000000
--- a/netzbon/nginx_configurations/new_nginx_listen_80_certbot/config_nginx.sh
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/bash
-
-source functions.sh
-source config/user.conf
-export DOMAIN_NAME=${DOMAIN_NAME}
-
-envsubst <backend.taler-nginx.conf >
/etc/nginx/sites-available/backend.${DOMAIN_NAME}
-envsubst <bank.taler-nginx.conf >
/etc/nginx/sites-available/bank.${DOMAIN_NAME}
-envsubst <exchange.taler-nginx.conf >
/etc/nginx/sites-available/exchange.${DOMAIN_NAME}
-
-if test ${ENABLE_TLS} == "y"
-then
-
-# patch to: Replace http to https, to avoid error of mixed content
-
-sed -i "s/http:\/\/bank./https:\/\/bank./g"
/etc/libeufin/demobank-ui-settings.js
-
-# Certbot
-
- say "Obtaining TLS certificates"
-
- certbot -d ${DOMAIN_NAME} \
- -d backend.${DOMAIN_NAME} \
- -d bank.${DOMAIN_NAME} \
- -d exchange.${DOMAIN_NAME}
-fi
-
-ln -s /etc/nginx/sites-available/backend.${DOMAIN_NAME}
/etc/nginx/sites-enabled/backend.${DOMAIN_NAME}
-ln -s /etc/nginx/sites-available/bank.${DOMAIN_NAME}
/etc/nginx/sites-enabled/bank.${DOMAIN_NAME}
-ln -s /etc/nginx/sites-available/exchange.${DOMAIN_NAME}
/etc/nginx/sites-enabled/exchange.${DOMAIN_NAME}
-
-say "Restarting Nginx with new configuration"
-systemctl reload nginx
diff --git
a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/backend.conf
b/netzbon/nginx_configurations/old_nginx_listen_443_certbot/backend.conf
deleted file mode 100644
index e95f387..0000000
--- a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/backend.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-server {
- listen 80;
- listen [::]:80;
-
- server_name backend.${DOMAIN_NAME};
- rewrite ^(.*) https://$server_name$1 permanent;
-}
-
-server {
- listen 443 ssl;
- listen [::]:443 ssl;
-
- server_name backend.${DOMAIN_NAME};
-
- ssl_certificate /etc/letsencrypt/live/${DOMAIN_NAME}/cert.pem;
- ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-
- access_log /var/log/nginx/merchant.log;
- error_log /var/log/nginx/merchant.err;
-
- location /taler-merchant/ {
- proxy_pass http://unix:/var/run/taler/merchant-httpd/merchant-http.sock;
- }
-}
diff --git
a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/bank.conf
b/netzbon/nginx_configurations/old_nginx_listen_443_certbot/bank.conf
deleted file mode 100644
index c9e44d1..0000000
--- a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/bank.conf
+++ /dev/null
@@ -1,33 +0,0 @@
-server {
- listen 80;
- listen [::]:80;
-
- server_name bank.${DOMAIN_NAME};
- rewrite ^(.*) https://$server_name$1 permanent;
-}
-
-server {
- listen 443 ssl;
- listen [::]:443 ssl;
-
- server_name bank.${DOMAIN_NAME};
-
- ssl_certificate /etc/letsencrypt/live/${DOMAIN_NAME}/cert.pem;
- ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-
- access_log /var/log/nginx/libeufin-sandbox.log;
- error_log /var/log/nginx/libeufin-sandbox.err;
-
- location /demobanks/default {
- proxy_pass http://localhost:5016;
- }
-
- location / {
- index index.html;
- alias /usr/share/libeufin/demobank-ui/;
- }
-
- location = /demobank-ui-settings.js {
- alias /etc/libeufin/demobank-ui-settings.js;
- }
-}
diff --git
a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh
b/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh
deleted file mode 100755
index 0180d5a..0000000
--- a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-
-source functions.sh
-source config/user.conf
-export DOMAIN_NAME=${DOMAIN_NAME}
-
-envsubst <backend.conf > /etc/nginx/sites-available/backend.${DOMAIN_NAME}
-envsubst <bank.conf > /etc/nginx/sites-available/bank.${DOMAIN_NAME}
-envsubst <exchange.conf > /etc/nginx/sites-available/exchange.${DOMAIN_NAME}
-
-if test ${ENABLE_TLS} == "y"
-then
- say "Obtaining TLS certificates"
-
- certbot -d ${DOMAIN_NAME} \
- -d backend.${DOMAIN_NAME} \
- -d bank.${DOMAIN_NAME} \
- -d exchange.${DOMAIN_NAME}
-fi
-
-ln -s /etc/nginx/sites-available/backend.${DOMAIN_NAME}
/etc/nginx/sites-enabled/backend.${DOMAIN_NAME}
-ln -s /etc/nginx/sites-available/bank.${DOMAIN_NAME}
/etc/nginx/sites-enabled/bank.${DOMAIN_NAME}
-ln -s /etc/nginx/sites-available/exchange.${DOMAIN_NAME}
/etc/nginx/sites-enabled/exchange.${DOMAIN_NAME}
-
-say "Restarting Nginx with new configuration"
-systemctl reload nginx
diff --git
a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh.old
b/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh.old
deleted file mode 100755
index 2940e55..0000000
---
a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/config_nginx.sh.old
+++ /dev/null
@@ -1,62 +0,0 @@
-#!/bin/bash
-# This file is in the public domain.
-
-set -eu
-
-# Inputs: DOMAIN_NAME & ENABLE_TLS
-
-source functions.sh
-source config/user.conf
-source config/internal.conf
-
-if test -z ${DOMAIN_NAME:-}
-then
- say "Error: config/user.conf does not specify DOMAIN_NAME"
- exit 1
-fi
-if test -z ${ENABLE_TLS:-}
-then
- say "Error: config/user.conf does not specify ENABLE_TLS"
- exit 1
-fi
-
-say "Configuring Nginx"
-
-SITES_AVAILABLE_DIR=/etc/nginx/sites-available
-SITES_ENABLED_DIR=/etc/nginx/sites-enabled
-
-cat ${SITES_AVAILABLE_DIR}/taler-exchange \
- | sed -e "s/localhost/exchange.${DOMAIN_NAME}/g" \
- | sed -e "s/location \/taler-exchange\//location \//g" \
- | sed -e "s/# proxy_set_header/proxy_set_header/g" \
- > ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/taler-exchange.${DOMAIN_NAME}
${SITES_ENABLED_DIR}/exchange.${DOMAIN_NAME}
-
-cat ${SITES_AVAILABLE_DIR}/taler-merchant \
- | sed -e "s/localhost/backend.${DOMAIN_NAME}/g" \
- | sed -e "s/location \/taler-merchant\//location \//g" \
- | sed -e "s/# proxy_set_header/proxy_set_header/g" \
- > ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/taler-merchant.${DOMAIN_NAME}
${SITES_ENABLED_DIR}/backend.${DOMAIN_NAME}
-
-cat ${SITES_AVAILABLE_DIR}/libeufin-sandbox \
- | sed -e "s/localhost/bank.${DOMAIN_NAME}/g" \
- | sed -e "s/\$scheme/https/g" \
- > ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME}
-rm -f ${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME}
-ln -s ${SITES_AVAILABLE_DIR}/libeufin-sandbox.${DOMAIN_NAME}
${SITES_ENABLED_DIR}/bank.${DOMAIN_NAME}
-
-say "Restarting Nginx with new configuration"
-systemctl restart nginx
-
-if test ${ENABLE_TLS} == "y"
-then
- say "Obtaining TLS certificates"
-
- certbot --nginx \
- -d backend.${DOMAIN_NAME} \
- -d bank.${DOMAIN_NAME} \
- -d exchange.${DOMAIN_NAME}
-fi
diff --git
a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/exchange.conf
b/netzbon/nginx_configurations/old_nginx_listen_443_certbot/exchange.conf
deleted file mode 100644
index 55a1aa0..0000000
--- a/netzbon/nginx_configurations/old_nginx_listen_443_certbot/exchange.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-server {
- listen 80;
- listen [::]:80;
-
- server_name exchange.${DOMAIN_NAME};
- rewrite ^(.*) https://$server_name$1 permanent;
-}
-
-server {
- listen 443 ssl;
- listen [::]:443 ssl;
-
- server_name exchange.${DOMAIN_NAME};
-
- ssl_certificate /etc/letsencrypt/live/${DOMAIN_NAME}/cert.pem;
- ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-
- access_log /var/log/nginx/exchange.log;
- error_log /var/log/nginx/exchange.err;
-
- location /taler-exchange/ {
- proxy_pass http://unix:/var/run/taler/exchange-httpd/exchange-http.sock;
- }
-}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-deployment] 03/25: Place sed replacement --only within TLS, (continued)
- [taler-deployment] 03/25: Place sed replacement --only within TLS, gnunet, 2023/04/06
- [taler-deployment] 02/25: Fix mixed content error, gnunet, 2023/04/06
- [taler-deployment] 08/25: Avoid file exist errors, gnunet, 2023/04/06
- [taler-deployment] 10/25: Respect nginx default site its a must, gnunet, 2023/04/06
- [taler-deployment] 07/25: Bash typo - Remove nginx sites-enabled default, gnunet, 2023/04/06
- [taler-deployment] 06/25: Fix: Increase TTL sandbox and Nexus + Remove certbot base domain, gnunet, 2023/04/06
- [taler-deployment] 05/25: Fixes error proxy_pass - withdraw http request, gnunet, 2023/04/06
- [taler-deployment] 25/25: Merge branch 'dev/javier-sepulveda/netzbon-tls' of ssh://git.taler.net/deployment into dev/javier-sepulveda/netzbon-tls, gnunet, 2023/04/06
- [taler-deployment] 24/25: Shellcheck - Some double quotes added, gnunet, 2023/04/06
- [taler-deployment] 17/25: Fixes error proxy_pass - withdraw http request, gnunet, 2023/04/06
- [taler-deployment] 16/25: Old configurations removed - config_ngix.sh replaced,
gnunet <=
- [taler-deployment] 21/25: Oh my, gnunet, 2023/04/06
- [taler-deployment] 14/25: Fix mixed content error, gnunet, 2023/04/06
- [taler-deployment] 15/25: Place sed replacement --only within TLS, gnunet, 2023/04/06
- [taler-deployment] 18/25: Fix: Increase TTL sandbox and Nexus + Remove certbot base domain, gnunet, 2023/04/06
- [taler-deployment] 19/25: Bash typo - Remove nginx sites-enabled default, gnunet, 2023/04/06
- [taler-deployment] 20/25: Avoid file exist errors, gnunet, 2023/04/06
- [taler-deployment] 13/25: New dev branch - new folder(works), gnunet, 2023/04/06
- [taler-deployment] 09/25: Oh my, gnunet, 2023/04/06
- [taler-deployment] 23/25: Add x-forwarded-host to backend nginx virtualhost, gnunet, 2023/04/06
- [taler-deployment] 04/25: Old configurations removed - config_ngix.sh replaced, gnunet, 2023/04/06