chess
/
elxr
Watch 1
Star 1
Fork 11
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
450 Commits
2 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
elxr/nginx.lin.sh

nginx.lin.sh 2.2KB
Raw Permalink Blame History

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 
  1. #!/bin/bash

  2. 

  3. # Update package list and install required packages

  4. echo "Updating package list..."

  5. sudo apt update -y

  6. 

  7. # Install Nginx

  8. echo "Installing Nginx..."

  9. sudo apt install -y nginx

  10. 

  11. # Install OpenSSL to generate self-signed certificates

  12. echo "Installing OpenSSL..."

  13. sudo apt install -y openssl

  14. 

  15. # Create directory to store SSL certificates

  16. echo "Creating SSL directories..."

  17. sudo mkdir -p /etc/ssl/certs

  18. sudo mkdir -p /etc/ssl/private

  19. 

  20. # Generate the private key and self-signed certificate

  21. echo "Generating self-signed certificate..."

  22. sudo openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/private/selfsigned.key -out /etc/ssl/certs/selfsigned.crt -days 365 -nodes

  23. 

  24. # Create Nginx configuration for Gitea with SSL

  25. echo "Creating Nginx configuration for Gitea with SSL..."

  26. cat <<EOF | sudo tee /etc/nginx/sites-available/gitea

  27. server {

  28.     listen 80;

  29.     server_name ec2-13-201-225-130.ap-south-1.compute.amazonaws.com;

  30. 

  31.     # Redirect HTTP to HTTPS

  32.     return 301 https://\$host\$request_uri;

  33. }

  34. 

  35. server {

  36.     listen 443 ssl;

  37.     server_name ec2-13-201-225-130.ap-south-1.compute.amazonaws.com;

  38. 

  39.     # Self-signed certificate

  40.     ssl_certificate /etc/ssl/certs/selfsigned.crt;

  41.     ssl_certificate_key /etc/ssl/private/selfsigned.key;

  42. 

  43.     ssl_protocols TLSv1.2 TLSv1.3;

  44.     ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5';

  45.     ssl_prefer_server_ciphers on;

  46. 

  47.     location /git/ {

  48.         proxy_pass http://127.0.0.1:3000/;

  49.         proxy_set_header Host \$host;

  50.         proxy_set_header X-Real-IP \$remote_addr;

  51.         proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;

  52.         proxy_set_header X-Forwarded-Proto \$scheme;

  53.         proxy_redirect off;

  54.     }

  55. }

  56. EOF

  57. 

  58. # Enable the Nginx configuration

  59. echo "Enabling Nginx configuration..."

  60. sudo ln -s /etc/nginx/sites-available/gitea /etc/nginx/sites-enabled/

  61. 

  62. # Test Nginx configuration

  63. echo "Testing Nginx configuration..."

  64. sudo nginx -t

  65. 

  66. # Restart Nginx to apply changes

  67. echo "Restarting Nginx..."

  68. sudo systemctl restart nginx

  69. 

  70. # Final message

  71. echo "Nginx with self-signed SSL is installed and configured. Your site should now be accessible over HTTPS at https://ec2-13-201-225-130.ap-south-1.compute.amazonaws.com/git"