122 lines
3.7 KiB
Bash
Executable File
122 lines
3.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# This script fixes the Nginx configuration
|
|
|
|
# Load environment variables
|
|
if [ -f .env ]; then
|
|
source .env
|
|
else
|
|
echo "Error: .env file not found. Please create it based on .env.example."
|
|
exit 1
|
|
fi
|
|
|
|
# Check if sshpass is installed
|
|
if ! command -v sshpass &> /dev/null; then
|
|
echo "Error: sshpass is not installed. Please run 'sudo apt-get install sshpass' first."
|
|
exit 1
|
|
fi
|
|
|
|
# Set SSH command with password
|
|
SSH_CMD="sshpass -p $SERVER_PASSWORD ssh -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP"
|
|
|
|
echo "Fixing Nginx configuration..."
|
|
|
|
# Create a temporary file with the complete configuration
|
|
cat > nginx-fix.conf << 'EOF'
|
|
server {
|
|
server_name boilerhaus.org;
|
|
|
|
root /var/www/boilerhaus.org;
|
|
index index.html;
|
|
|
|
location / {
|
|
try_files $uri $uri/ =404;
|
|
}
|
|
|
|
# Managed by Certbot
|
|
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
|
listen 443 ssl; # managed by Certbot
|
|
ssl_certificate /etc/letsencrypt/live/boilerhaus.org-0001/fullchain.pem; # managed by Certbot
|
|
ssl_certificate_key /etc/letsencrypt/live/boilerhaus.org-0001/privkey.pem; # managed by Certbot
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
}
|
|
|
|
# Nextcloud configuration
|
|
server {
|
|
server_name cloud.boilerhaus.org;
|
|
|
|
# Proxy to Nextcloud
|
|
location / {
|
|
proxy_pass http://localhost:8081;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Increase timeout for long-running operations
|
|
proxy_connect_timeout 600;
|
|
proxy_send_timeout 600;
|
|
proxy_read_timeout 600;
|
|
send_timeout 600;
|
|
|
|
# WebDAV support
|
|
client_max_body_size 512M;
|
|
|
|
# Enable WebSocket support
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
}
|
|
|
|
# Managed by Certbot
|
|
listen [::]:443 ssl; # managed by Certbot
|
|
listen 443 ssl; # managed by Certbot
|
|
ssl_certificate /etc/letsencrypt/live/boilerhaus.org-0001/fullchain.pem; # managed by Certbot
|
|
ssl_certificate_key /etc/letsencrypt/live/boilerhaus.org-0001/privkey.pem; # managed by Certbot
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
}
|
|
|
|
server {
|
|
if ($host = boilerhaus.org) {
|
|
return 301 https://$host$request_uri;
|
|
} # managed by Certbot
|
|
|
|
listen 80;
|
|
listen [::]:80;
|
|
server_name boilerhaus.org;
|
|
return 404; # managed by Certbot
|
|
}
|
|
|
|
server {
|
|
if ($host = cloud.boilerhaus.org) {
|
|
return 301 https://$host$request_uri;
|
|
} # managed by Certbot
|
|
|
|
listen 80;
|
|
listen [::]:80;
|
|
server_name cloud.boilerhaus.org;
|
|
return 404; # managed by Certbot
|
|
}
|
|
EOF
|
|
|
|
# Upload the temporary file to the server
|
|
sshpass -p "$SERVER_PASSWORD" scp -o StrictHostKeyChecking=no nginx-fix.conf $SERVER_USER@$SERVER_IP:/tmp/
|
|
|
|
# Backup the current configuration
|
|
$SSH_CMD "sudo cp /etc/nginx/sites-available/boilerhaus.org.conf /etc/nginx/sites-available/boilerhaus.org.conf.bak.$(date +%s)"
|
|
|
|
# Replace the configuration
|
|
$SSH_CMD "sudo cp /tmp/nginx-fix.conf /etc/nginx/sites-available/boilerhaus.org.conf"
|
|
|
|
# Test the Nginx configuration
|
|
$SSH_CMD "sudo nginx -t"
|
|
|
|
# Reload Nginx if the configuration is valid
|
|
$SSH_CMD "sudo systemctl reload nginx || sudo systemctl restart nginx"
|
|
|
|
# Clean up
|
|
rm nginx-fix.conf
|
|
|
|
echo "Nginx configuration fixed! cloud.boilerhaus.org should now point to your Nextcloud instance." |