diff --git a/install.sh b/install.sh index 5f1d532..ce22887 100644 --- a/install.sh +++ b/install.sh @@ -2,6 +2,8 @@ run_directory=$(dirname "$0") +# WARNING Unlike our usual install scripts, this one should NEVER be run unattended; +# Make sure to create .disabled file. if [ -f $run_directory/.disabled ]; then echo "Installation is disabled. Exiting..." exit 0 @@ -15,7 +17,7 @@ fi echo "Copying Systemd units and drop-ins to system directory..." $sudo cp $run_directory/etc-letsencrypt.mount /etc/systemd/system/ -if [ ! -d /etc/systemd/system/nginx.service.d ]; then # TODO +if [ ! -d /etc/systemd/system/nginx.service.d ]; then $sudo mkdir /etc/systemd/system/nginx.service.d fi $sudo cp $run_directory/start-lighttpd.conf /etc/systemd/system/nginx.service.d/ @@ -27,11 +29,10 @@ $sudo rm /etc/lighttpd/conf-enabled/* $sudo ln -s /etc/lighttpd/conf-available/10-proxy.conf /etc/lighttpd/conf-enabled/ $sudo ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/ $sudo ln -s /etc/lighttpd/conf-available/99-webssh.conf /etc/lighttpd/conf-enabled/ -if [ ! -f /etc/lighttpd/server.pem ]; then # TODO +if [ ! -f /etc/lighttpd/server.pem ]; then echo "Creating an SSL certificate for lighttpd:" $sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/lighttpd/server.pem -keyout \ - /etc/lighttpd/server.pem -subj "/C=/ST=/L=/O=/OU=/CN=" # is it the right way? - #$sudo chmod o+r /etc/lighttpd/server.pem # needed? + /etc/lighttpd/server.pem -subj "/C=/ST=/L=/O=/OU=/CN=" fi echo "Reloading Systemd..."