#!/bin/bash HOSTNAME=$1 # Make the directories mkdir -p /web/$HOSTNAME/{public,logs} # Move over the nginx config, replace some variables cp nginx.tpl /etc/nginx/sites-available/$HOSTNAME sed -i "s/#HOSTNAME#/$HOSTNAME/g" /etc/nginx/sites-available/$HOSTNAME # Enable it pushd /etc/nginx/sites-enabled ln -s ../sites-available/$HOSTNAME . popd # Reload nginx before we get a SSL cert systemctl reload nginx # Grab a SSL cert certbot-auto certonly --webroot -w /web/$HOSTNAME/public -d $HOSTNAME # Add SSL config, replace some variables cat nginx_ssl.tpl >> /etc/nginx/sites-available/$HOSTNAME sed -i 's/#\treturn/\treturn/g' /etc/nginx/sites-available/$HOSTNAME sed -i '/#temp/d' /etc/nginx/sites-available/$HOSTNAME sed -i "s/#HOSTNAME#/$HOSTNAME/g" /etc/nginx/sites-available/$HOSTNAME # Permissions chown www-data:web-admins -R /web/$HOSTNAME/public # We're done systemctl reload nginx