7 months ago · f6e71b96ad
--- a/certbot.lin.sh
+++ b/certbot.lin.sh
@@ -0,0 +1,20 @@
 #!/bin/bash

 # Update package list
 echo "Updating package list..."
 sudo apt update -y

 # Install Certbot and the Nginx plugin
 echo "Installing Certbot and Nginx plugin..."
 sudo apt install -y certbot python3-certbot-nginx

 # Obtain SSL certificate for your domain
 echo "Obtaining SSL certificate..."
 sudo certbot --nginx -d ec2-13-201-225-130.ap-south-1.compute.amazonaws.com

 # Certbot automatic renewal (this is done by default)
 echo "Setting up automatic renewal for SSL certificate..."
 sudo systemctl enable certbot.timer

 # Final message
 echo "SSL setup complete. Your site should now be accessible over HTTPS."
--- a/gitea.lin.sh
+++ b/gitea.lin.sh
@@ -0,0 +1,102 @@
 #!/bin/bash

 # Check if Gitea is installed by checking for the systemd service or binary
 #if systemctl is-active --quiet gitea || [ -f /usr/local/bin/gitea ]; then
 #    echo "Gitea is already installed. Exiting installation."
 #    exit 0
 #fi

 # Check if Gitea is installed
 if systemctl is-active --quiet gitea || [ -f /usr/local/bin/gitea ]; then
    echo "Uninstalling existing Gitea installation..."

    # Stop the Gitea service
    sudo systemctl stop gitea

    # Disable the Gitea service from starting automatically
    sudo systemctl disable gitea

    # Remove the Gitea binary
    sudo rm -f /usr/local/bin/gitea

    # Remove Gitea systemd service file
    sudo rm -f /etc/systemd/system/gitea.service

    # Reload systemd daemon to apply changes
    sudo systemctl daemon-reload

    # Remove Gitea directories (Optional: You can keep data or backup)
    sudo rm -rf /var/lib/gitea
    echo "Gitea uninstalled successfully."
 else
    echo "Gitea is not installed."
 fi

 # Update system packages
 sudo apt update -y
 sudo apt upgrade -y

 # Install dependencies
 sudo apt install -y git wget curl lsb-release sqlite3

 # Set the Gitea version
 GITEA_VERSION="1.23.5"  # Replace with the latest version if needed

 # Download Gitea binary
 # wget -O /tmp/gitea https://dl.gitea.com/gitea/${GITEA_VERSION}/gitea-${GITEA_VERSION}-linux-amd64

 wget -O  /tmp/gitea https://github.com/go-gitea/gitea/releases/download/v1.23.5/gitea-1.23.5-linux-amd64

 chmod +x /tmp/gitea

 # Move Gitea binary to /usr/local/bin
 sudo mv /tmp/gitea /usr/local/bin/gitea

 # Create necessary directories
 #sudo mkdir -p /var/lib/gitea/{custom,data,log}

 # Create necessary directories for Gitea (custom, data, log)
 sudo mkdir -p /var/lib/gitea/custom /var/lib/gitea/data /var/lib/gitea/log

 sudo chown -R $USER:$USER /var/lib/gitea
 sudo chmod -R 755 /var/lib/gitea

 sudo mkdir /etc/gitea
 chown root:git /etc/gitea
 chmod 770 /etc/gitea

 # chmod 750 /etc/gitea
 # chmod 640 /etc/gitea/app.ini

 # Create a system user for Gitea
 sudo useradd --system --create-home --shell /bin/bash --comment 'Gitea' gitea

 # Setup systemd service for Gitea
 cat <<EOF | sudo tee /etc/systemd/system/gitea.service
 [Unit]
 Description=Gitea
 After=network.target

 [Service]
 ExecStart=/usr/local/bin/gitea web
 Restart=always
 User=gitea
 Group=gitea
 Environment=USER=gitea HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea/data

 [Install]
 WantedBy=multi-user.target
 EOF

 # Reload systemd to recognize the new service
 sudo systemctl daemon-reload

 # Enable and start Gitea service
 sudo systemctl enable gitea
 sudo systemctl start gitea

 # Output the status of Gitea service
 sudo systemctl status gitea

 # Display message for post-installation configuration
 echo "Gitea is installed and running. You can access it at http://<your_server_ip>:3000"
--- a/nginx.lin.sh
+++ b/nginx.lin.sh
@@ -0,0 +1,71 @@
 #!/bin/bash

 # Update package list and install required packages
 echo "Updating package list..."
 sudo apt update -y

 # Install Nginx
 echo "Installing Nginx..."
 sudo apt install -y nginx

 # Install OpenSSL to generate self-signed certificates
 echo "Installing OpenSSL..."
 sudo apt install -y openssl

 # Create directory to store SSL certificates
 echo "Creating SSL directories..."
 sudo mkdir -p /etc/ssl/certs
 sudo mkdir -p /etc/ssl/private

 # Generate the private key and self-signed certificate
 echo "Generating self-signed certificate..."
 sudo openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/private/selfsigned.key -out /etc/ssl/certs/selfsigned.crt -days 365 -nodes

 # Create Nginx configuration for Gitea with SSL
 echo "Creating Nginx configuration for Gitea with SSL..."
 cat <<EOF | sudo tee /etc/nginx/sites-available/gitea
 server {
    listen 80;
    server_name ec2-13-201-225-130.ap-south-1.compute.amazonaws.com;

    # Redirect HTTP to HTTPS
    return 301 https://\$host\$request_uri;
 }

 server {
    listen 443 ssl;
    server_name ec2-13-201-225-130.ap-south-1.compute.amazonaws.com;

    # Self-signed certificate
    ssl_certificate /etc/ssl/certs/selfsigned.crt;
    ssl_certificate_key /etc/ssl/private/selfsigned.key;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5';
    ssl_prefer_server_ciphers on;

    location /git/ {
        proxy_pass http://127.0.0.1:3000/;
        proxy_set_header Host \$host;
        proxy_set_header X-Real-IP \$remote_addr;
        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto \$scheme;
        proxy_redirect off;
    }
 }
 EOF

 # Enable the Nginx configuration
 echo "Enabling Nginx configuration..."
 sudo ln -s /etc/nginx/sites-available/gitea /etc/nginx/sites-enabled/

 # Test Nginx configuration
 echo "Testing Nginx configuration..."
 sudo nginx -t

 # Restart Nginx to apply changes
 echo "Restarting Nginx..."
 sudo systemctl restart nginx

 # Final message
 echo "Nginx with self-signed SSL is installed and configured. Your site should now be accessible over HTTPS at https://ec2-13-201-225-130.ap-south-1.compute.amazonaws.com/git"
--- a/sslss.lin.sh
+++ b/sslss.lin.sh
@@ -0,0 +1,6 @@
 # Create directory to store SSL certificates
 sudo mkdir -p /etc/ssl/certs
 sudo mkdir -p /etc/ssl/private

 # Generate the private key and certificate
 sudo openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/private/selfsigned.key -out /etc/ssl/certs/selfsigned.crt -days 365 -nodes