Work_Archive/VPS-scripts_Web-V2
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases 11 Wiki Activity

set certbot to certonly and fixed TLSv1.3

Browse Source
This commit is contained in:
Bram Prieshof
2020-08-12 14:31:04 +02:00
parent 6e2dc8faf7
commit 7282836297
6 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
AppendCMS.sh
View File

@@ -212,9 +212,9 @@ if [ $sslenable = 1 ]; then
msg " Setting up SSL"
site_ext=ssl
if [ $domainwww = 1 ]; then
certbot --"$webserv" -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
certbot --"$webserv" certonly -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
elif [ $domainwww = 0 ]; then
certbot --"$webserv" -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
certbot --"$webserv" certonly -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
fi
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/ssl-handler.sh; then
source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/ssl-handler.sh)

1
CoreModules/nginx/config/nginx/nginx-default.conf
View File

@@ -39,6 +39,7 @@ http {
gzip_disable "msie6";
gzip_buffers 16 8k;
include /etc/nginx/snippets/ngx-ssl.conf;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

4
CoreModules/nginx/config/nginx/site_ssl-unconfigured
View File

@@ -10,8 +10,8 @@ server {
}
server {
listen 443 ssl;
listen [::]:443 ssl;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name DOMAINname;
ssl_certificate /etc/letsencrypt/live/DOMAINname/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/DOMAINname/privkey.pem;

4
CoreModules/nginx/config/nginx/site_ssl-wwwredir
View File

@@ -8,8 +8,8 @@ server {
server {
#SSL www.domain > domain redirect
listen 443 ssl;
listen [::]:443 ssl;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.DOMAINname;
ssl_certificate /etc/letsencrypt/live/DOMAINname/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/DOMAINname/privkey.pem;

4
Scripts/EnableSSL.sh
View File

@@ -18,9 +18,9 @@ systemctl reload $webservice
#Enabling SSL
if [ $domainwww = 1 ]; then
certbot --"$webserv" -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
certbot --"$webserv" certonly -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
elif [ $domainwww = 0 ]; then
certbot --"$webserv" -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
certbot --"$webserv" certonly -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
fi
#Restoring config

4
installer.sh
View File

@@ -538,9 +538,9 @@ if [ $sslenable = 1 ]; then
msg " Setting up SSL" 8 78
site_ext=ssl
if [ $domainwww = 1 ]; then
certbot --"$webserv" -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
certbot --"$webserv" certonly -n -d "$domain" -d "www.$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
elif [ $domainwww = 0 ]; then
certbot --"$webserv" -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
certbot --"$webserv" certonly -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
fi
certbot --"$webserv" -n -d "$hostname" -m "$email" --hsts --redirect --no-eff-email --agree-tos
if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/branch/"$branch"/CoreModules/"$webserv"/ssl-handler.sh; then