auto_create_virtual_host/auto_host.sh at master · rpf16rj/auto_create_virtual_host · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
#!/bin/bash
# Versão 1.1.
# Autor: rpf16rj

echo ''
echo '=========================================='
echo ' Script de criação automática '
echo ' de host virtual com SSL, Nginx e Docker. '
echo '=========================================='
echo ''
echo 'Informe o domínio que será apontado para o serviço. Ex: meuservico.com.br:'
read dominio
echo ''
echo '...'
echo 'Informe a porta em que o serviço/container está publicado neste host. Ex: 9090: '
read port
echo ''
echo 'Aguarde, o script irá criar tudo para você! '
echo ''
echo 'Instalando o Nginx...'
echo '...'
sudo apt install nginx -y
echo ''
echo 'Instalando o certbot...'
echo '...'
sudo apt install certbot -y
echo ''
echo ''
echo "##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
    server_name $dominio;

    location / {
        proxy_pass http://localhost:$port/;
        proxy_set_header Host $dominio;
        proxy_set_header X-Forwarded-Proto \$scheme;
    }
}

server {
    listen 80;
    listen [::]:80;
}
" >> "/etc/nginx/sites-available/$dominio"

ln -s /etc/nginx/sites-available/$dominio /etc/nginx/sites-enabled/$dominio
echo ''
echo 'Recarregando configuração do NGINX...'
echo ''
sudo service nginx reload
echo ''

echo 'Deseja habilitar seu domínio para usar HTTPS? É necessário que seu domínio já esteja com o DNS apontando para o IP do servidor, caso contrário causará erro.'
echo 'Digite s ou n'
echo ''
read resp

if [[ "$resp" = "s" ]] ; then

echo 'Criando SSL com Lets Encrypt...'

sudo service nginx stop

sudo certbot certonly --standalone --preferred-challenges http -d $dominio

sudo rm /etc/nginx/sites-available/$dominio /etc/nginx//sites-enabled/$dominio

echo "##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
    server_name $dominio;

    location / {
        proxy_pass http://localhost:$port/;
        proxy_set_header Host $dominio;
        proxy_set_header X-Forwarded-Proto \$scheme;
    }

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/$dominio/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/$dominio/privkey.pem; # managed by Certbot
}

server {
    if (\$host = $dominio) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    listen [::]:80;

    server_name $dominio;
    return 444; # managed by Certbot
}
" >> "/etc/nginx/sites-available/$dominio"

echo "
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
	listen 80 default_server;
	listen [::]:80 default_server;

    server_name _;

    return 301 https://$host$request_uri;

	# SSL configuration
	#
	# listen 443 ssl default_server;
	# listen [::]:443 ssl default_server;
	#
	# Note: You should disable gzip for SSL traffic.
	# See: https://bugs.debian.org/773332
	#
	# Read up on ssl_ciphers to ensure a secure configuration.
	# See: https://bugs.debian.org/765782
	#
	# Self signed certs generated by the ssl-cert package
	# Don't use them in a production server!
	#
	# include snippets/snakeoil.conf;

	root /var/www/html;

	# Add index.php to the list if you are using PHP
	index index.html index.htm index.nginx-debian.html;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ =404;
	}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	#
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#
	#	# With php7.0-cgi alone:
	#	fastcgi_pass 127.0.0.1:9000;
	#	# With php7.0-fpm:
	#	fastcgi_pass unix:/run/php/php7.0-fpm.sock;
	#}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	#location ~ /\.ht {
	#	deny all;
	#}
}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#	listen 80;
#	listen [::]:80;
#
#	server_name example.com;
#
#	root /var/www/example.com;
#	index index.html;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}

" >> "/etc/nginx/sites-available/default"

ln -s /etc/nginx/sites-available/$dominio /etc/nginx/sites-enabled/$dominio

sudo service nginx start

echo ''

fi

echo "Sucesso! O domínio $dominio já está apontando para o serviço publicado na porta $port."

exit