fr4nz/LoMeS
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity Actions

Script & Deps updated

Browse source
This commit is contained in:
Fr4nz D13trich 2025-10-10 15:12:52 +02:00
parent d3df81c908
commit cc9c738de2
8 changed files with 33 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

2
assets/config/deps/dependencies
View file

@ -1 +1 @@
pkgs="openssl nginx"
pkgs="openssl nginx python3-meshtastic python3-flask python3-requests"

33
assets/config/nginx/nginx.conf
View file

@ -1,33 +0,0 @@
###########################################################
### ###
### MESHPI NGINX CONFIG ###
### ###
###########################################################
server {
listen 80;
server_name DOMAIN IPADDR;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name DOMAIN IPADDR;
ssl_certificate /etc/nginx/ssl/CERTNAME.crt;
ssl_certificate_key /etc/nginx/ssl/CERTNAME.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location / {
try_files $uri $uri/ =404;
root /var/www/html;
index index.html;
}
}

4
assets/test/nginx.conf → assets/config/nginx/nginx_SSL.conf
View file

@ -14,8 +14,8 @@ server {
listen 443 ssl;
server_name DOMAIN IPADDR;
ssl_certificate CERTPATH;
ssl_certificate_key CERTPATH;
ssl_certificate CERTPATH.crt;
ssl_certificate_key KEYPATH.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;

1
assets/test/hostname
View file

@ -1 +0,0 @@
bla

1
assets/test/hostname.backup
View file

@ -1 +0,0 @@
bla

7
assets/test/hosts
View file

@ -1,7 +0,0 @@
127.0.0.1 localhost
127.0.1.1 bla.lan bla
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

7
assets/test/hosts.backup
View file

@ -1,7 +0,0 @@
127.0.0.1 localhost
127.0.1.1 bla.lan bla
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

44
dev_env_setup.sh
View file

@ -9,7 +9,7 @@ echo -e "\n ${LCY}Dependency and Privilege Check running...${CRS}\n"
### PRIVILEGES
if (( $(id -u) == 0 )); then
if (( $(id -u) == 0 )); then ### AM I ROOT?
echo -e " ${GRN}Privilege check passed...${CRS}\n"
else
@ -30,7 +30,7 @@ else
read -p " (Y/n) --> " install
echo ""
if [[ "$install" = "" || "$install" = "y" || "$install" = "Y" ]]; then
sudo apt update && sudo apt install --install-suggests -y $pkgs --simulate ## DEV
sudo apt update && sudo apt install --install-suggests -y $pkgs
echo -e "\n ${GRN}Dependencies installed. Proceeding...${CRS}\n"
break
@ -48,7 +48,7 @@ fi
###### HOST
onif=$(/sbin/ip route get 162.249.72.1 | awk '{print $5}' | cut -d/ -f1) ### GET ACTIVE NETWORK INTERFACE
onif=$(/sbin/ip route get 162.249.72.1 | awk '{print $5}' | cut -d/ -f1) ### GET ACTIVE NETWORK INTERFACE
while true; do
echo -e " ${YEL}What network interface will nginx be using?${CRS}"
@ -63,7 +63,7 @@ while true; do
fi
done
ip4=$(/sbin/ip -o -4 addr list "$nif" | awk '{print $4}' | cut -d/ -f1) ### GET IP FOR CHOSEN INTERFACE
ip4=$(/sbin/ip -o -4 addr list "$nif" | awk '{print $4}' | cut -d/ -f1) ### GET IP FOR CHOSEN INTERFACE
echo -e "\n ${YEL}Current hostname : ${LCY}$HOSTNAME${CRS}"
echo -e " ${YEL}Current ip address : ${LCY}$ip4 ${YEL}@ ${LCY}$nif${CRS}"
echo -e "\n ${YEL}This information will be used to configure ${LCY}nginx.conf ${YEL}during the next steps.${CRS}"
@ -75,8 +75,8 @@ while true; do
break
elif [[ "$conf_hostname" = "y" || "$conf_hostname" = "Y" ]]; then
read -p " Enter new hostname --> " new_hostname
sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" assets/test/hosts #/etc/hosts
sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" assets/test/hostname #/etc/hostname
sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" /etc/hosts
sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" /etc/hostname
echo -e "\n ${GRN}Host name changed to ${LCY}$new_hostname${CRS}"
break
else
@ -84,7 +84,7 @@ while true; do
fi
done
###### CERTIFICATION
###### CERTIFICATION & CONFIGURATION
while true; do
echo -e "\n ${YEL}Configure SSL and create a self signed cetrificate?${CRS}"
@ -108,9 +108,16 @@ while true; do
:
fi
echo ""
#sudo mkdir -p "$cert_path"
#sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout "$cert_path"/"$cert_name".key -out "$cert_path"/"$cert_name".crt
sudo mkdir -p "$cert_path"
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout "$cert_path"/"$cert_name".key -out "$cert_path"/"$cert_name".crt
echo -e "\n ${GRN}SSL certificate files ${LCY}$cert_name.crt ${GRN}and ${LCY}$cert_name.key ${GRN}created and stored in ${LCY}$cert_path${CRS}\n"
sudo chmod 644 "$cert_path"/"$cert_name".crt
sudo chmod 600 "$cert_path"/"$cert_name".key
sudo cp assets/config/nginx/nginx_SSL.conf /etc/nginx/sites-enabled/$HOSTNAME.conf
sudo sed -i.backup "s/DOMAIN/$HOSTNAME.local/g" /etc/nginx/sites-enabled/$HOSTNAME.conf
sudo sed -i "s/IPADDR/$ip4/g" /etc/nginx/sites-enabled/$HOSTNAME.conf
sudo sed -i "s|CERTPATH|$cert_path/$cert_name|" /etc/nginx/sites-enabled/$HOSTNAME.conf
sudo sed -i "s|KEYPATH|$cert_path/$cert_name|" /etc/nginx/sites-enabled/$HOSTNAME.conf
break
elif [[ "$installSSL" == "n" || "$installSSL" = "N" ]]; then
echo -e "\n ${RED}Encryption disabled${CRS}\n"
@ -121,16 +128,25 @@ while true; do
done
###### NGINX CONFIG
###### MAINTENANCE
sudo nginx -t
sudo systemctl restart NetworkManager
sudo nginx -s reload
###### STATUS
### DEV STATUS
#sudo cp -R assets/config/nginx/nginx.conf /etc/nginx/sites-enabled/
## JEFF
# utilise sed to edit config
###### JEFF ######
#
# test nginx config
# restart nginx
## JEFF END
#
###### JEFF END ######
echo -e "\n ${LGN}Script ran through...${CRS}"