From de9eef25748154c4b5242aae307b8fa0ff674b60 Mon Sep 17 00:00:00 2001 From: Victor LABORIE Date: Thu, 17 Nov 2016 18:12:59 +0100 Subject: [PATCH] Auto-ssl Test --- scripts/vhost | 10 +++++++--- scripts/web-add.sh | 10 ++++++++++ 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/scripts/vhost b/scripts/vhost index c211550..e3c4bad 100644 --- a/scripts/vhost +++ b/scripts/vhost @@ -1,9 +1,13 @@ - + # FQDN principal ServerName SERVERNAME #ServerAlias SERVERNAME + SSLEngine On + SSLCertificateFile /etc/letsencrypt/XXX-fullchain.pem + SSLCertificateKeyFile /etc/ssl/private/XXX.key + # Repertoire principal DocumentRoot HOME_DIR/XXX/www/ @@ -49,7 +53,7 @@ UseCanonicalName On RewriteEngine On RewriteCond %{HTTP_HOST} !^SERVERNAME$ - RewriteRule ^/(.*) http://%{SERVER_NAME}/$1 [L,R] + RewriteRule ^/(.*) %{REQUEST_SCHEME}://%{SERVER_NAME}/$1 [L,R] # PHP #php_admin_flag engine off @@ -65,4 +69,4 @@ php_admin_value error_log "HOME_DIR/XXX/log/php.log" php_admin_value open_basedir "/usr/share/php:HOME_DIR/XXX:/tmp" - \ No newline at end of file + diff --git a/scripts/web-add.sh b/scripts/web-add.sh index 58e949d..563b710 100755 --- a/scripts/web-add.sh +++ b/scripts/web-add.sh @@ -251,6 +251,15 @@ create_www_account() { random=$RANDOM vhostfile="/etc/apache2/sites-available/${in_login}.conf" + keyfile="/etc/ssl/private/${in_login}.key" + csrfile="/etc/ssl/requests/${in_login}.csr" + crtfile="/etc/letsencrypt/${in_login}-fullchain.pem" + + openssl genrsa -out $keyfile 2048 + + openssl req -new -sha256 -key $keyfile -subj "/CN=${in_wwwdomain}" -out $csrfile + + openssl x509 -req -sha256 -days 365 -in $csrfile -signkey $keyfile -out $crtfile cat $TPL_VHOST | \ sed -e "s/XXX/$in_login/g ; s/SERVERNAME/$in_wwwdomain/ ; s/RANDOM/$random/ ; s#HOME_DIR#$HOME_DIR#" >$vhostfile @@ -370,6 +379,7 @@ op_del() { sed -i.bak "/-config=$login /d" /etc/cron.d/awstats apache2ctl configtest set +x + rm /etc/letsencrypt/${login}* if [ -n "$dbname" ]; then echo "Deleting mysql DATABASE $dbname and mysql user $login. Continue ?"