jdormit-infra/prod/nginx/packer/scripts/nginx.sh

#!/usr/bin/env bash

set -xe

sudo mv /tmp/do.ini ~/do.ini
sudo certbot certonly \
     -n \
     --agree-tos \
     -m 'jeremy.dormitzer@gmail.com' \
     --dns-digitalocean \
     --dns-digitalocean-credentials ~/do.ini \
     --dns-digitalocean-propagation-seconds 30 \
     -d '*.jeremydormitzer.com' \
     -d 'jeremydormitzer.com'

sudo mv /tmp/nginx.conf /etc/nginx/nginx.conf
sudo mkdir -p /var/log/nginx
sudo systemctl enable nginx

sudo mv /tmp/certbot-renew.timer /etc/systemd/system/
sudo mv /tmp/certbot-renew.service /etc/systemd/system/
sudo systemctl enable certbot-renew.timer

sudo mv /tmp/nginx-restart.timer /etc/systemd/system/
sudo mv /tmp/nginx-restart.service /etc/systemd/system/
sudo systemctl enable nginx-restart.timer

sudo mv /tmp/sshd_config /etc/ssh/sshd_config
sudo systemctl restart sshd
Add nginx ssl termination server Squashed commit of the following: commit 8371367d54e5975d1ed3bd28ef56a4e8837fb3a5 Author: Jeremy Dormitzer <jeremy.dormitzer@gmail.com> Date: Tue Mar 8 11:56:39 2022 -0500 Ensure that nginx restarts after cert renewal commit f2ef1ba9f24abd795f176bc6790188616252a54b Author: Jeremy Dormitzer <jeremydormitzer@lola.com> Date: Tue Oct 5 21:16:44 2021 -0400 Put syncthing behind nginx commit 6c10b1bb97e386e24b9896b34a9a9ce8d8a3b42d Author: Jeremy Dormitzer <jeremydormitzer@lola.com> Date: Tue Oct 5 17:45:53 2021 -0400 Put wallabag behind nginx proxy commit dd29785d86eb1222fb79791b464f155acb643539 Author: Jeremy Dormitzer <jeremydormitzer@lola.com> Date: Mon Oct 4 17:30:46 2021 -0400 Put gitea behind the nginx proxy commit 2d82c0ad5400dd16d63b7219aa8294ee622ddcaf Author: Jeremy Dormitzer <jeremydormitzer@lola.com> Date: Mon Oct 4 13:36:37 2021 -0400 Add terraform outputs and spin up nginx droplet commit 322449a194f51b6866ff9f6b56ab122610a5e108 Author: Jeremy Dormitzer <jeremydormitzer@lola.com> Date: Mon Oct 4 13:29:59 2021 -0400 Finish packer build for nginx proxy commit aec886064a1bf78ff113e5564fefc716f5cf0ac1 Author: Jeremy Dormitzer <jeremydormitzer@lola.com> Date: Mon Oct 4 09:28:06 2021 -0400 [WIP] Add actual server values to nginx conf commit 2c645d94c6e58d62b35f7433a82d43cd5c23cb15 Author: Jeremy Dormitzer <jeremydormitzer@lola.com> Date: Mon Oct 4 09:06:02 2021 -0400 [WIP] Use terraform to generate nginx conf file commit 61ebc3d7af6da7093e5bd4fc85a89be64ecc3cf0 Author: Jeremy Dormitzer <jeremydormitzer@lola.com> Date: Mon Oct 4 09:04:56 2021 -0400 Ignore all tmp directories commit e3feb6d3f715849c47752471b3f6778581128442 Author: Jeremy Dormitzer <jeremydormitzer@lola.com> Date: Sun Oct 3 12:32:42 2021 -0400 [WIP] Begin adding packer config for centralized ssl termination 2022-03-08 16:57:29 +00:00			`#!/usr/bin/env bash`

			`set -xe`

			`sudo mv /tmp/do.ini ~/do.ini`
			`sudo certbot certonly \`
			`-n \`
			`--agree-tos \`
			`-m 'jeremy.dormitzer@gmail.com' \`
			`--dns-digitalocean \`
			`--dns-digitalocean-credentials ~/do.ini \`
			`--dns-digitalocean-propagation-seconds 30 \`
			`-d '*.jeremydormitzer.com' \`
			`-d 'jeremydormitzer.com'`

			`sudo mv /tmp/nginx.conf /etc/nginx/nginx.conf`
			`sudo mkdir -p /var/log/nginx`
			`sudo systemctl enable nginx`

			`sudo mv /tmp/certbot-renew.timer /etc/systemd/system/`
			`sudo mv /tmp/certbot-renew.service /etc/systemd/system/`
			`sudo systemctl enable certbot-renew.timer`

			`sudo mv /tmp/nginx-restart.timer /etc/systemd/system/`
			`sudo mv /tmp/nginx-restart.service /etc/systemd/system/`
			`sudo systemctl enable nginx-restart.timer`

			`sudo mv /tmp/sshd_config /etc/ssh/sshd_config`
			`sudo systemctl restart sshd`