From 28009038044fc99882b7e4cdd858cb0bfda2bb6e Mon Sep 17 00:00:00 2001
From: tbergervoet <t.bergervoet@ictmaatwerk.com>
Date: Thu, 4 Oct 2018 12:34:07 +0200
Subject: [PATCH] Update 'Extra_Domains/RevProxyAdvanced_Domain.sh'

---
 Extra_Domains/RevProxyAdvanced_Domain.sh | 64 ++++++++++++++----------
 1 file changed, 38 insertions(+), 26 deletions(-)

diff --git a/Extra_Domains/RevProxyAdvanced_Domain.sh b/Extra_Domains/RevProxyAdvanced_Domain.sh
index 7765594..0703e8d 100644
--- a/Extra_Domains/RevProxyAdvanced_Domain.sh
+++ b/Extra_Domains/RevProxyAdvanced_Domain.sh
@@ -53,7 +53,7 @@ cat <<EOF > /etc/apache2/sites-available/"$domain.conf"
     </Directory>
 </VirtualHost>
 EOF
-a2ensite $domain
+a2ensite "$domain"
 fi
 
 ##===========##
@@ -74,13 +74,15 @@ server {
 
     server_name $domain www.$domain;
 
+    #netdata here
+
     location / {
         proxy_pass http://$server_ip:8080;
         proxy_set_header X-Real-IP  \$remote_addr;
         proxy_set_header X-Forwarded-For \$remote_addr;
         proxy_set_header Host \$host;
     }
-        
+
     location ~ \.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)(\\n|\?ver=[0-9.])\$ {
         return 200;
     }
@@ -88,13 +90,6 @@ server {
     location ~ /\.ht {
         deny all;
     }
-    
-    #listen 443 ssl;
-    #ssl_certificate /etc/letsencrypt/live/$domain/fullchain.pem;
-    #ssl_certificate_key /etc/letsencrypt/live/$domain/privkey.pem;
-    #include /etc/letsencrypt/options-ssl-nginx.conf;
-    #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
-
 }
 EOF
 fi
@@ -111,7 +106,10 @@ server {
     root /var/www/$domain/html;
     index index.php index.html index.htm;
 
-    server_name example.com www.example.com;
+    server_name $domain www.$domain;
+    
+    #netdata here
+    
     location / {
         try_files \$uri \$uri/ /index.php;
     }
@@ -137,32 +135,46 @@ ln -s /etc/nginx/sites-available/"$domain" /etc/nginx/sites-enabled/"$domain"
 # Redirect phpmyadmin -> database
 ln -s /usr/share/phpmyadmin /var/www/"$domain"/html/database
 
+##-------------##
+#    Netdata    #
+##-------------##
+
+if [ $netdata = 1 ]
+    then
+    apt install -y netdata
+    sed -i 's/SEND_EMAIL="YES"/SEND_EMAIL="NO"/g' /etc/netdata/health_alarm_notify.conf
+    ufw allow 19999/tcp
+    sed -i 's+#netdata here+location = /netdata {\n        return 301 /netdata/;\n    }\n\n    location ~ /netdata/(?<ndpath>.*) {\n        proxy_redirect off;\n        proxy_set_header Host \$host;\n        proxy_set_header X-Forwarded-Host \$host;\n        proxy_set_header X-Forwarded-Server \$host;\n        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;\n        proxy_http_version 1.1;\n        proxy_pass_request_headers on;\n        proxy_set_header Connection "keep-alive";\n        proxy_store off;\n        proxy_pass http://netdata/\$ndpath\$is_args\$args;\n    }+g' /etc/nginx/sites-available/"$domain"
+    # systemctl stop netdata
+    # systemctl disable netdata
+fi
+
 ##-------------##
 #    Certbot    #
 ##-------------##
 
-#certbot --nginx -d "$domain" -d "www.$domain"
-#sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
-#sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
-#sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"
+certbot --nginx -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
+sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
+sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
+sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"
 
 ##---------------##
 #    Wordpress    #
 ##---------------##
 
 if [ $wordpress = 1 ]; then
-db_suffix=$(ls -l /var/www | grep -c ^d)
-db_name="wp_$db_suffix"
-db_user="wp_$db_suffix"
-db_pass=$(date +%s|sha256sum|base64|head -c 32)
-mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
-mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
-mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
-wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
-tar xzvf /tmp/wp.tar.gz -C /tmp
-mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
-cp -a /tmp/wordpress/. /var/www/"$domain"/html
-WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
+    db_suffix=$(ls -l /var/www | grep -c ^d)
+    db_name="wp_$db_suffix"
+    db_user="wp_$db_suffix"
+    db_pass=$(date +%s|sha256sum|base64|head -c 32)
+    mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
+    mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
+    mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
+    wget https://wordpress.org/latest.tar.gz -O /tmp/wp.tar.gz
+    tar xzvf /tmp/wp.tar.gz -C /tmp
+    mv /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
+    cp -a /tmp/wordpress/. /var/www/"$domain"/html
+    WPSalts=$(wget https://api.wordpress.org/secret-key/1.1/salt/ -q -O -)
 cat <<EOF > /var/www/"$domain"/html/wp-config.php
 <?php
 define('DB_NAME', '$db_name');