-
Notifications
You must be signed in to change notification settings - Fork 14
/
nginx-vhost-default.sh
40 lines (33 loc) · 796 Bytes
/
nginx-vhost-default.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/bash
# Variables
# Domain SSL
SSL_CERT="/etc/ssl/certs/ssl-cert-snakeoil.pem"
SSL_KEY="/etc/ssl/private/ssl-cert-snakeoil.key"
# Default vhosts catch-all
echo "
# Http close connection
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 444;
}
# Https close connection
server {
listen 443 default_server ssl;
listen [::]:443 default_server ssl;
server_name _;
ssl_certificate ${SSL_CERT};
ssl_certificate_key ${SSL_KEY};
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
return 444;
}
" > "/etc/nginx/sites-available/default"
# Certs
sudo apt install ssl-cert
# Chmods
sudo chown -R www-data:www-data /etc/nginx/sites-available
sudo chmod -R 2775 /etc/nginx/sites-available
# Restart
sudo service nginx restart