Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision Last revision Both sides next revision | ||
guides:ubnetdef_new_domain [2017/03/20 21:43] sysop created |
guides:ubnetdef_new_domain [2017/03/21 04:33] jamesdro |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== UBNetDef New Domain ====== | ====== UBNetDef New Domain ====== | ||
- | How do we setup `mycoolsubdomain.ubnetdef.org`? Let's learn! | + | How do we setup `mycoolsubdomain.ubnetdef.org`? First, you'll need to grab SSH access to `ubnetdef.org`. Once you have that, `sudo` up to root, and run this handy-dandy script [James](/user/jamesdro) wrote for you! |
+ | |||
+ | ``` | ||
+ | cd /root/create_website | ||
+ | ./create.sh <domain> | ||
+ | ``` | ||
+ | |||
+ | After that, you should be done! Dump the files into `/web/DOMAIN_NAME/public`. | ||
+ | |||
+ | ===== James, what are these dank scripts you wrote? ===== | ||
+ | Why thank you for asking! Here is the latest version of the create scripts | ||
+ | |||
+ | <file bash create.sh> | ||
+ | #!/bin/bash | ||
+ | |||
+ | HOSTNAME=$1 | ||
+ | |||
+ | # Make the directories | ||
+ | mkdir -p /web/$HOSTNAME/{public,logs} | ||
+ | |||
+ | # Move over the nginx config, replace some variables | ||
+ | cp nginx.tpl /etc/nginx/sites-available/$HOSTNAME | ||
+ | sed -i "s/#HOSTNAME#/$HOSTNAME/g" /etc/nginx/sites-available/$HOSTNAME | ||
+ | |||
+ | # Enable it | ||
+ | pushd /etc/nginx/sites-enabled | ||
+ | ln -s ../sites-available/$HOSTNAME . | ||
+ | popd | ||
+ | |||
+ | # Reload nginx before we get a SSL cert | ||
+ | systemctl reload nginx | ||
+ | |||
+ | # Grab a SSL cert | ||
+ | certbot certonly --webroot -w /web/$HOSTNAME/public -d $HOSTNAME | ||
+ | |||
+ | # Add SSL config, replace some variables | ||
+ | cat nginx_ssl.tpl >> /etc/nginx/sites-available/$HOSTNAME | ||
+ | sed -i 's/#\treturn/\treturn/g' /etc/nginx/sites-available/$HOSTNAME | ||
+ | sed -i '/#temp/d' /etc/nginx/sites-available/$HOSTNAME | ||
+ | sed -i "s/#HOSTNAME#/$HOSTNAME/g" /etc/nginx/sites-available/$HOSTNAME | ||
+ | |||
+ | # Permissions | ||
+ | chown www-data:web-admins -R /web/$HOSTNAME/public | ||
+ | |||
+ | # We're done | ||
+ | systemctl reload nginx | ||
+ | </file> | ||
+ | |||
+ | <file conf nginx.tpl> | ||
+ | server { | ||
+ | listen 80; | ||
+ | |||
+ | server_name #HOSTNAME#; | ||
+ | |||
+ | # Redirect | ||
+ | # return 301 https://$host$request_uri; | ||
+ | root /web/#HOSTNAME#/public; #temp | ||
+ | } | ||
+ | </file> | ||
+ | |||
+ | <file conf nginx_ssl.tpl> | ||
+ | server { | ||
+ | listen 443 ssl http2; | ||
+ | server_name #HOSTNAME#; | ||
+ | root /web/#HOSTNAME#/public; | ||
+ | |||
+ | # Logs | ||
+ | access_log /web/#HOSTNAME#/logs/access.log; | ||
+ | error_log /web/#HOSTNAME#/logs/error.log; | ||
+ | |||
+ | index index.php index.html index.htm; | ||
+ | error_page 404 /404.html; | ||
+ | |||
+ | include snippets/ssl.conf; | ||
+ | ssl_certificate /etc/letsencrypt/live/#HOSTNAME#/fullchain.pem; | ||
+ | ssl_certificate_key /etc/letsencrypt/live/#HOSTNAME#/privkey.pem; | ||
+ | |||
+ | include snippets/php.conf; | ||
+ | include snippets/allow_wellknown.conf; | ||
+ | include snippets/deny_dotfiles.conf; | ||
+ | include snippets/favicon_robots.conf; | ||
+ | |||
+ | location / { | ||
+ | try_files $uri $uri/ /index.php?$args; | ||
+ | } | ||
+ | } | ||
+ | </file> |