From cc9c738de284c9f8d759ab5a1b30988e6a7e557b Mon Sep 17 00:00:00 2001 From: Fr4nzD13trich Date: Fri, 10 Oct 2025 15:12:52 +0200 Subject: [PATCH] Script & Deps updated --- assets/config/deps/dependencies | 2 +- assets/config/nginx/nginx.conf | 33 -------------- .../nginx/nginx_SSL.conf} | 4 +- assets/test/hostname | 1 - assets/test/hostname.backup | 1 - assets/test/hosts | 7 --- assets/test/hosts.backup | 7 --- dev_env_setup.sh | 44 +++++++++++++------ 8 files changed, 33 insertions(+), 66 deletions(-) delete mode 100644 assets/config/nginx/nginx.conf rename assets/{test/nginx.conf => config/nginx/nginx_SSL.conf} (91%) delete mode 100644 assets/test/hostname delete mode 100644 assets/test/hostname.backup delete mode 100644 assets/test/hosts delete mode 100644 assets/test/hosts.backup diff --git a/assets/config/deps/dependencies b/assets/config/deps/dependencies index 3fa8b66..489bc50 100644 --- a/assets/config/deps/dependencies +++ b/assets/config/deps/dependencies @@ -1 +1 @@ -pkgs="openssl nginx" \ No newline at end of file +pkgs="openssl nginx python3-meshtastic python3-flask python3-requests" \ No newline at end of file diff --git a/assets/config/nginx/nginx.conf b/assets/config/nginx/nginx.conf deleted file mode 100644 index b8d2141..0000000 --- a/assets/config/nginx/nginx.conf +++ /dev/null @@ -1,33 +0,0 @@ -########################################################### -### ### -### MESHPI NGINX CONFIG ### -### ### -########################################################### - -server { - listen 80; - server_name DOMAIN IPADDR; - return 301 https://$host$request_uri; -} - -server { - listen 443 ssl; - server_name DOMAIN IPADDR; - - ssl_certificate /etc/nginx/ssl/CERTNAME.crt; - ssl_certificate_key /etc/nginx/ssl/CERTNAME.key; - - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - location / { - try_files $uri $uri/ =404; - root /var/www/html; - index index.html; - } -} diff --git a/assets/test/nginx.conf b/assets/config/nginx/nginx_SSL.conf similarity index 91% rename from assets/test/nginx.conf rename to assets/config/nginx/nginx_SSL.conf index 139be12..2e55cc1 100644 --- a/assets/test/nginx.conf +++ b/assets/config/nginx/nginx_SSL.conf @@ -14,8 +14,8 @@ server { listen 443 ssl; server_name DOMAIN IPADDR; - ssl_certificate CERTPATH; - ssl_certificate_key CERTPATH; + ssl_certificate CERTPATH.crt; + ssl_certificate_key KEYPATH.key; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; diff --git a/assets/test/hostname b/assets/test/hostname deleted file mode 100644 index a7f8d9e..0000000 --- a/assets/test/hostname +++ /dev/null @@ -1 +0,0 @@ -bla diff --git a/assets/test/hostname.backup b/assets/test/hostname.backup deleted file mode 100644 index a7f8d9e..0000000 --- a/assets/test/hostname.backup +++ /dev/null @@ -1 +0,0 @@ -bla diff --git a/assets/test/hosts b/assets/test/hosts deleted file mode 100644 index 06ea628..0000000 --- a/assets/test/hosts +++ /dev/null @@ -1,7 +0,0 @@ -127.0.0.1 localhost -127.0.1.1 bla.lan bla - -# The following lines are desirable for IPv6 capable hosts -::1 localhost ip6-localhost ip6-loopback -ff02::1 ip6-allnodes -ff02::2 ip6-allrouters diff --git a/assets/test/hosts.backup b/assets/test/hosts.backup deleted file mode 100644 index 06ea628..0000000 --- a/assets/test/hosts.backup +++ /dev/null @@ -1,7 +0,0 @@ -127.0.0.1 localhost -127.0.1.1 bla.lan bla - -# The following lines are desirable for IPv6 capable hosts -::1 localhost ip6-localhost ip6-loopback -ff02::1 ip6-allnodes -ff02::2 ip6-allrouters diff --git a/dev_env_setup.sh b/dev_env_setup.sh index b25bafd..8b8bf03 100755 --- a/dev_env_setup.sh +++ b/dev_env_setup.sh @@ -9,7 +9,7 @@ echo -e "\n ${LCY}Dependency and Privilege Check running...${CRS}\n" ### PRIVILEGES -if (( $(id -u) == 0 )); then +if (( $(id -u) == 0 )); then ### AM I ROOT? echo -e " ${GRN}Privilege check passed...${CRS}\n" else @@ -30,7 +30,7 @@ else read -p " (Y/n) --> " install echo "" if [[ "$install" = "" || "$install" = "y" || "$install" = "Y" ]]; then - sudo apt update && sudo apt install --install-suggests -y $pkgs --simulate ## DEV + sudo apt update && sudo apt install --install-suggests -y $pkgs echo -e "\n ${GRN}Dependencies installed. Proceeding...${CRS}\n" break @@ -48,7 +48,7 @@ fi ###### HOST -onif=$(/sbin/ip route get 162.249.72.1 | awk '{print $5}' | cut -d/ -f1) ### GET ACTIVE NETWORK INTERFACE +onif=$(/sbin/ip route get 162.249.72.1 | awk '{print $5}' | cut -d/ -f1) ### GET ACTIVE NETWORK INTERFACE while true; do echo -e " ${YEL}What network interface will nginx be using?${CRS}" @@ -63,7 +63,7 @@ while true; do fi done -ip4=$(/sbin/ip -o -4 addr list "$nif" | awk '{print $4}' | cut -d/ -f1) ### GET IP FOR CHOSEN INTERFACE +ip4=$(/sbin/ip -o -4 addr list "$nif" | awk '{print $4}' | cut -d/ -f1) ### GET IP FOR CHOSEN INTERFACE echo -e "\n ${YEL}Current hostname : ${LCY}$HOSTNAME${CRS}" echo -e " ${YEL}Current ip address : ${LCY}$ip4 ${YEL}@ ${LCY}$nif${CRS}" echo -e "\n ${YEL}This information will be used to configure ${LCY}nginx.conf ${YEL}during the next steps.${CRS}" @@ -75,8 +75,8 @@ while true; do break elif [[ "$conf_hostname" = "y" || "$conf_hostname" = "Y" ]]; then read -p " Enter new hostname --> " new_hostname - sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" assets/test/hosts #/etc/hosts - sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" assets/test/hostname #/etc/hostname + sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" /etc/hosts + sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" /etc/hostname echo -e "\n ${GRN}Host name changed to ${LCY}$new_hostname${CRS}" break else @@ -84,7 +84,7 @@ while true; do fi done -###### CERTIFICATION +###### CERTIFICATION & CONFIGURATION while true; do echo -e "\n ${YEL}Configure SSL and create a self signed cetrificate?${CRS}" @@ -108,9 +108,16 @@ while true; do : fi echo "" - #sudo mkdir -p "$cert_path" - #sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout "$cert_path"/"$cert_name".key -out "$cert_path"/"$cert_name".crt + sudo mkdir -p "$cert_path" + sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout "$cert_path"/"$cert_name".key -out "$cert_path"/"$cert_name".crt echo -e "\n ${GRN}SSL certificate files ${LCY}$cert_name.crt ${GRN}and ${LCY}$cert_name.key ${GRN}created and stored in ${LCY}$cert_path${CRS}\n" + sudo chmod 644 "$cert_path"/"$cert_name".crt + sudo chmod 600 "$cert_path"/"$cert_name".key + sudo cp assets/config/nginx/nginx_SSL.conf /etc/nginx/sites-enabled/$HOSTNAME.conf + sudo sed -i.backup "s/DOMAIN/$HOSTNAME.local/g" /etc/nginx/sites-enabled/$HOSTNAME.conf + sudo sed -i "s/IPADDR/$ip4/g" /etc/nginx/sites-enabled/$HOSTNAME.conf + sudo sed -i "s|CERTPATH|$cert_path/$cert_name|" /etc/nginx/sites-enabled/$HOSTNAME.conf + sudo sed -i "s|KEYPATH|$cert_path/$cert_name|" /etc/nginx/sites-enabled/$HOSTNAME.conf break elif [[ "$installSSL" == "n" || "$installSSL" = "N" ]]; then echo -e "\n ${RED}Encryption disabled${CRS}\n" @@ -121,16 +128,25 @@ while true; do done -###### NGINX CONFIG +###### MAINTENANCE + +sudo nginx -t +sudo systemctl restart NetworkManager +sudo nginx -s reload + +###### STATUS + + ### DEV STATUS -#sudo cp -R assets/config/nginx/nginx.conf /etc/nginx/sites-enabled/ -## JEFF -# utilise sed to edit config +###### JEFF ###### +# # test nginx config # restart nginx -## JEFF END +# +###### JEFF END ###### + echo -e "\n ${LGN}Script ran through...${CRS}"