7x31
/
nginxconfig.io
mirror of https://github.com/digitalocean/nginxconfig.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add acme.sh and rename en certbot to ssl_cert

This commit is contained in:
fish-dango 2021-07-01 01:04:48 -07:00
parent 3e99dc25aa
commit 2a192d902c
4 changed files with 85 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/nginxconfig/i18n/en/templates/setup_sections/index.js
View File

@ -24,9 +24,9 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/
import certbot from './certbot';
import ssl_cert from './ssl_cert';
import download from './download';
import goLive from './go_live';
import ssl from './ssl';
export default { certbot, download, goLive, ssl };
export default { ssl_cert, download, goLive, ssl };

10
src/nginxconfig/i18n/en/templates/setup_sections/certbot.js → src/nginxconfig/i18n/en/templates/setup_sections/ssl_cert.js
View File

@ -26,14 +26,14 @@ THE SOFTWARE.
import common from '../../common';
const certbot = 'Certbot';
const sslCert = 'SSL cert';
export default {
commentOutSslDirectivesInConfiguration: `Comment out ${common.ssl} related directives in the configuration:`,
reloadYourNginxServer: `Reload your ${common.nginx} server:`,
obtainSslCertificatesFromLetsEncrypt: `Obtain ${common.ssl} certificates from ${common.letsEncrypt} using ${certbot}:`,
obtainSslCertificatesFromLetsEncrypt: `Obtain ${common.ssl} certificates from ${common.letsEncrypt} using ${sslCert} method perferred: CertBot or Acme.sh:`,
uncommentSslDirectivesInConfiguration: `Uncomment ${common.ssl} related directives in the configuration:`,
configureCertbotToReloadNginxOnCertificateRenewal: `Configure ${certbot} to reload ${common.nginx} when it successfully renews certificates:`,
certbotDoesNotNeedToBeSetupForYourConfiguration: `${certbot} does not need to be set up for your ${common.nginx} configuration.`,
certbot,
configureSslCertToReloadNginxOnCertificateRenewal: `Configure ${sslCert} method to reload ${common.nginx} when it successfully renews certificates:`,
sslCertDoesNotNeedToBeSetupForYourConfiguration: `${sslCert} method does not need to be set up for your ${common.nginx} configuration.`,
sslCert,
};

4
src/nginxconfig/templates/setup_sections/index.js
View File

@ -26,7 +26,7 @@ THE SOFTWARE.
import Download from './download';
import SSL from './ssl';
import Certbot from './certbot';
import SLLCert from './ssl_cert';
import GoLive from './go_live';
export default [ Download, SSL, Certbot, GoLive ];
export default [ Download, SSL, SLLCert, GoLive ];

87
src/nginxconfig/templates/setup_sections/certbot.vue → src/nginxconfig/templates/setup_sections/ssl_cert.vue
View File

@ -29,7 +29,7 @@ THE SOFTWARE.
<ol v-if="letsEncryptActive">
<li>
<p>
{{ $t('templates.setupSections.certbot.commentOutSslDirectivesInConfiguration') }}
{{ $t('templates.setupSections.ssl_cert.commentOutSslDirectivesInConfiguration') }}
<br />
</p>
<BashPrism :key="sitesAvailable"
@ -40,7 +40,7 @@ THE SOFTWARE.
<li>
<p>
{{ $t('templates.setupSections.certbot.reloadYourNginxServer') }}
{{ $t('templates.setupSections.ssl_cert.reloadYourNginxServer') }}
<br />
</p>
<BashPrism cmd="sudo nginx -t && sudo systemctl reload nginx"
@ -50,18 +50,28 @@ THE SOFTWARE.
<li>
<p>
{{ $t('templates.setupSections.certbot.obtainSslCertificatesFromLetsEncrypt') }}
{{ $t('templates.setupSections.ssl_cert.obtainSslCertificatesFromLetsEncrypt') }}
<br />
</p>
<p>
Certbot:
</p>
<BashPrism :key="certbotCmds"
:cmd="certbotCmds"
@copied="codeCopiedEvent('Obtain certificates using certbot')"
></BashPrism>
<p>
Acme.sh:
</p>
<BashPrism :key="acmeShCmds"
:cmd="acmeShCmds"
@copied="codeCopiedEvent('Obtain certificates using acme.sh')"
></BashPrism>
</li>
<li>
<p>
{{ $t('templates.setupSections.certbot.uncommentSslDirectivesInConfiguration') }}
{{ $t('templates.setupSections.ssl_cert.uncommentSslDirectivesInConfiguration') }}
<br />
</p>
<BashPrism :key="sitesAvailable"
@ -72,7 +82,7 @@ THE SOFTWARE.
<li>
<p>
{{ $t('templates.setupSections.certbot.reloadYourNginxServer') }}
{{ $t('templates.setupSections.ssl_cert.reloadYourNginxServer') }}
<br />
</p>
<BashPrism cmd="sudo nginx -t && sudo systemctl reload nginx"
@ -82,15 +92,29 @@ THE SOFTWARE.
<li>
<p>
{{ $t('templates.setupSections.certbot.configureCertbotToReloadNginxOnCertificateRenewal') }}
{{ $t('templates.setupSections.ssl_cert.configureSslCertToReloadNginxOnCertificateRenewal') }}
<br />
</p>
<p>
Certbot:
</p>
<BashPrism cmd="echo -e '#!/bin/bash\nnginx -t && systemctl reload nginx' | sudo tee /etc/letsencrypt/renewal-hooks/post/nginx-reload.sh"
@copied="codeCopiedEvent('Create nginx auto-restart on renewal')"
></BashPrism>
<BashPrism cmd="sudo chmod a+x /etc/letsencrypt/renewal-hooks/post/nginx-reload.sh"
@copied="codeCopiedEvent('Enable execution of auto-restart')"
></BashPrism>
<p>
Acme.sh:
</p>
<BashPrism :key="acmeCopy"
:cmd="acmeCopy"
@copied="codeCopiedEvent('Move SSL certificates to Let`s Encrypt directory')"
></BashPrism>
<BashPrism :key="acmeReload"
:cmd="acmeReload"
@copied="codeCopiedEvent('Enable execution of auto-restart')"
></BashPrism>
</li>
</ol>
@ -99,7 +123,7 @@ THE SOFTWARE.
<div class="field">
<div class="control">
<label class="text">
{{ $t('templates.setupSections.certbot.certbotDoesNotNeedToBeSetupForYourConfiguration') }}
{{ $t('templates.setupSections.ssl_cert.sslCertDoesNotNeedToBeSetupForYourConfiguration') }}
</label>
</div>
</div>
@ -113,9 +137,9 @@ THE SOFTWARE.
import analytics from '../../util/analytics';
export default {
name: 'SetupCertbot',
display: 'templates.setupSections.certbot.certbot', // i18n key
key: 'certbot',
name: 'SetupCert',
display: 'templates.setupSections.ssl_cert.sslCert', // i18n key
key: 'ssl_cert',
components: {
BashPrism,
},
@ -159,13 +183,54 @@ THE SOFTWARE.
].filter(x => x !== null).join(' ')
)).join('\n');
},
acmeShCmds() {
return this.$props.data.domains
.filter(domain => domain.https.certType.computed === 'letsEncrypt')
.map(domain => (
[
'acme.sh --issue',
`-d ${domain.server.domain.computed}`,
domain.server.wwwSubdomain.computed ? `-d www.${domain.server.domain.computed}` : null,
domain.server.cdnSubdomain.computed ? `-d cdn.${domain.server.domain.computed}` : null,
`-w ${domain.server.path.computed}${domain.server.documentRoot.computed}`,
].filter(x => x !== null).join(' ')
)).join('\n');
},
acmeCopy() {
return this.$props.data.domains
.filter(domain => domain.https.certType.computed === 'letsEncrypt')
.map(domain => (
[
`cp -R /root/.acme.sh/${domain.server.domain.computed}`,
domain.server.wwwSubdomain.computed ? `-d www.${domain.server.domain.computed}` : null,
domain.server.cdnSubdomain.computed ? `-d cdn.${domain.server.domain.computed}` : null,
this.$props.data.global.https.letsEncryptCertRoot.computed.replace(/\/+$/, '') + '/' + domain.server.domain.computed,
].filter(x => x !== null).join(' ')
)).join('\n');
},
acmeReload() {
const letEncryptPath = this.$props.data.global.https.letsEncryptCertRoot.computed.replace(/\/+$/, '') + '/';
return this.$props.data.domains
.filter(domain => domain.https.certType.computed === 'letsEncrypt')
.map(domain => (
[
'acme.sh --install cert',
`-d ${domain.server.domain.computed}`,
domain.server.wwwSubdomain.computed ? `-d www.${domain.server.domain.computed}` : null,
domain.server.cdnSubdomain.computed ? `-d cdn.${domain.server.domain.computed}` : null,
'--keyfile ' + letEncryptPath + domain.server.domain.computed + '/' + domain.server.domain.computed +'.key',
'--fullchain-file ' + letEncryptPath + domain.server.domain.computed + '/' + 'fullchain.cer',
'--reload cmd \'systemctl restart nginx.service\'',
].filter(x => x !== null).join(' ')
)).join('\n');
},
},
methods: {
codeCopiedEvent(step) {
analytics({
category: 'Setup',
action: 'Code snippet copied',
label: `certbot: ${step}`,
label: `ssl_cert: ${step}`,
});
},
},