Managing another website brings in some issues, like the setup. Surely this can be automated! I’ve had the site maker script working for a few months, but I just got the site unmaker script working, and I thought I would share those here.
I’m using Ubuntu Server 16.04 LTS with Apache2 and Certbot. I’ve automated the setup of the virtual host config file for each subdomain, the acquisition of the SSL certificate from Certbot, and creating a landing page for the site. My site root is in /var/www/ with the domain following that. The subdomain is in the next level down using its FQDN. The folder to this blog is /var/www/lupecode.com/blog.lupecode.com/ following that schema.
I have make-site.sh and unmake-site.sh.
Here is make-site:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
#!/bin/bash echo "Enter the FQDN for the new site: " read fqdn echo "Enter the title line for the new site: " read title echo "Enter the subtitle line for the new site: " read subtitle fileext=".conf" file="/etc/apache2/sites-available/$fqdn$fileext" |
First we collect some settings from the user setting up the site.
|
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
echo "Which folder should the website folder be under?" declare -a dirs i=1 for d in /var/www/*/ do dirs[i++]="${d%/}" done for((i=1;i<=${#dirs[@]};i++)) do echo $i "${dirs[i]}" done echo -n "> " read i folder=${dirs[$i]} echo "Creating root folder $folder/$fqdn" mkdir "$folder/$fqdn" echo "Done." |
The next step is to create the site folder
|
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
echo "Creating index file at $folder/$fqdn/index.html" cat > "$folder/$fqdn/index.html" <<EOF <!doctype html> <html lang="en-us"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>$title</title> <link href="https://fonts.googleapis.com/css?family=Raleway:100,600" rel="stylesheet" type="text/css"> <style> html, body {background-color: #fff; color: #636b6f; font-family: 'Raleway', sans-serif; font-weight: 100; height: 100vh; margin: 0;} .full-height {height: 100vh;} .flex-center {align-items: center; display: flex; justify-content: center;} .position-ref {position: relative;} .top-right {position: absolute; right: 10px; top: 18px;} .content {text-align: center;} .title {font-size: 84px;} .links > a {color: #636b6f;padding: 0 25px;font-size: 12px;font-weight: 600;letter-spacing: .1rem;text-decoration: none;text-transform: uppercase;} .m-b-md {margin-bottom: 30px;} </style> </head> <body> <div class="flex-center position-ref full-height"> <div class="content"> <div class="title m-b-md">$title</div> <div class="m-b-md">$subtitle</div> </div> </div> </body> </html> EOF chown www-data:www-data "$folder/$fqdn" echo "Done." echo "Writing config file $file" cat > "$file" <<EOF <VirtualHost *:80> DocumentRoot "$folder/$fqdn" ServerName $fqdn <Directory "$folder/$fqdn"> AllowOverride All allow from all Options +Indexes </Directory> </VirtualHost> EOF echo "Done." |
The landing page and the configuration file are created next.
|
87 88 89 90 91 92 93 94 |
echo "Calling Apache2 to enable $fqdn" a2ensite "$fqdn.conf" echo "Done." echo "Calling CertBot to generate a SSL certificate for $fqdn" certbot --authenticator standalone --installer apache --domain "$fqdn" --redirect --hsts --pre-hook "service apache2 stop" --post-hook "service apache2 start" |
The site is enabled in Apache2, and then Certbot is called.
The CertBot call use to be better, but the Apache plugin was disabled as there is a security vulnerability in it.
CertBot restarts Apache2 for us, so our new site is online.
To unmake the site is much easier.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
#!/bin/bash echo "Enter the FQDN for the site: " read fqdn fileext=".conf" file="/etc/apache2/sites-available/$fqdn$fileext" sslfile="/etc/apache2/sites-available/$fqdn-le-ssl$fileext" echo "Which folder should the website folder be under?" declare -a dirs i=1 for d in /var/www/*/ do dirs[i++]="${d%/}" done for((i=1;i<=${#dirs[@]};i++)) do echo $i "${dirs[i]}" done echo -n "> " read i folder=${dirs[$i]} |
The first thing that is done is similar, the script needs the FQDN and the folder that it is in.
|
26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
echo "Calling Apache2 to disable $fqdn" a2dissite "$fqdn.conf" unlink "$file" a2dissite "$fqdn-le-ssl.conf" unlink "$sslfile" echo "Done." echo "Calling CertBot to delete SSL certificate for $fqdn" certbot delete --cert-name "$fqdn" echo "Deleting root folder $folder/$fqdn" rm -rf "$folder/$fqdn" echo "Done." echo "Restarting Apache2." service apache2 reload echo "Done." |
Apache2 is called to disable the HTTP and HTTPS site, and we delete the configuration file. The deletion of the SSL certificates is done by Certbot. The script removes the folder to the site, and lastly reloads Apache2’s configurations.
This is what is looks like to run the make-site script. I’ve highlighted the input lines.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
joshua@lamp:~$ cd /var/www joshua@lamp:/var/www$ sudo bash make-site.sh Enter the FQDN for the new site: make-site.lupecode.com Enter the title line for the new site: Make Site Script Enter the subtitle line for the new site: This site was created with an automated script Which folder should the website folder be under? 1 /var/www/[REMOVED] 2 /var/www/[REMOVED] 3 /var/www/lupecode.com 4 /var/www/[REMOVED] > 3 Creating root folder /var/www/lupecode.com/make-site.lupecode.com Done. Writing config file /etc/apache2/sites-available/make-site.lupecode.com.conf Done. Creating index file at /var/www/lupecode.com/make-site.lupecode.com/index.html Done. Calling Apache2 to enable make-site.lupecode.com Enabling site make-site.lupecode.com. To activate the new configuration, you need to run: service apache2 reload Done. Calling CertBot to generate a SSL certificate for make-site.lupecode.com Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer apache Running pre-hook command: service apache2 stop Obtaining a new certificate Performing the following challenges: http-01 challenge for make-site.lupecode.com Waiting for verification... Cleaning up challenges Running post-hook command: service apache2 start Created an SSL vhost at /etc/apache2/sites-available/make-site.lupecode.com-le-ssl.conf Deploying Certificate for make-site.lupecode.com to VirtualHost /etc/apache2/sites-available/make-site.lupecode.com-le-ssl.conf Enabling available site: /etc/apache2/sites-available/make-site.lupecode.com-le-ssl.conf Adding Strict-Transport-Security header to ssl vhost in /etc/apache2/sites-available/make-site.lupecode.com-le-ssl.conf Redirecting vhost in /etc/apache2/sites-enabled/make-site.lupecode.com.conf to ssl vhost in /etc/apache2/sites-available/make-site.lupecode.com-le-ssl.conf ------------------------------------------------------------------------------- Congratulations! You have successfully enabled https://make-site.lupecode.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=make-site.lupecode.com ------------------------------------------------------------------------------- IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/make-site.lupecode.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/make-site.lupecode.com/privkey.pem Your cert will expire on 2018-05-21. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le joshua@lamp:/var/www$ |
So check it out: https://make-site.lupecode.com/
The repository for this post can be found on GitLab here .
The repository for this post can be found on Lupe Code’s GitLab mirror here .