fatchan
/
jschan
mirror of https://gitgud.io/fatchan/jschan.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

reference #352 improve nginx script

Browse Source 
add letsencrypt
fix missing substitution for onion
update INSTALLATION.md
jschan
Thomas Lynch 3 years ago
parent e787c7892d
commit cc140f00a8
2 changed files with 15 additions and 7 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      INSTALLATION.md
  2. 17
      configs/nginx/nginx.sh

5
INSTALLATION.md
Unescape View File

@ -26,7 +26,7 @@
```bash
$ sudo apt-get update
$ sudo apt-get install nginx ffmpeg imagemagick graphicsmagick
$ sudo apt-get install nginx ffmpeg imagemagick graphicsmagick python-certbot-nginx
```
NOTE: If you plan to use animated .gif thumbnails, ffmpeg >=4.3.1 is recommended as there are known issues with older ffmpeg versions producing buggy thumbnails. You can [compile ffmpeg from source](https://trac.ffmpeg.org/wiki/CompilationGuide) to get a newer version.
@ -52,8 +52,7 @@ You may install Node.js yourself without nvm if you prefer.
**6. Configure nginx**
For standard installations, run configs/nginx/nginx.sh for easy installation. This will prompt you for installation directory, domains, onion/lokinet, whether
to enable geoip and more. Then, use [certbot](https://certbot.eff.org/) to get a free https certificate.
For standard installations, run `configs/nginx/nginx.sh` as root. This will prompt you for installation directory, domains, onion/lokinet, enable geoip, install a letsencrypt certificate with certbot and more.
For non-standard installations like using a CDN, see [configs/nginx/README.md](configs/nginx/README.md) and DIY.

17
configs/nginx/nginx.sh
Unescape View File

@ -13,7 +13,8 @@ read -p "Enter tor .onion address (blank=no .onion address): " ONION_DOMAIN
read -p "Enter lokinet .loki address (blank=no .loki address): " LOKI_DOMAIN
read -p "Allow google captcha in content-security policy? (y/n): " GOOGLE_CAPTCHA
read -p "Allow Hcaptcha in content-security policy? (y/n): " H_CAPTCHA
read -p "Try to download and setup geoip for post flags? (y/n): " GEOIP
read -p "Download and setup geoip for post flags? (y/n): " GEOIP
read -p "Use certbot to install letsencrypt certificate for https? (y/n): " LETSENCRYPT
#looks good?
read -p "Is this correct?
@ -40,6 +41,11 @@ JSCHAN_CONFIG="upstream chan {
if [ "$CLEARNET_DOMAIN" != "" ]; then
if [ "$LETSENCRYPT" == "y" ]; then
#run certbot for certificate
sudo certbot certonly --standalone -d $CLEARNET_DOMAIN -d www.$CLEARNET_DOMAIN
fi
#onion_location rediret header
ONION_LOCATION=""
if [ "$ONION_DOMAIN" != "" ]; then
@ -95,7 +101,7 @@ if [ "$ONION_DOMAIN" != "" ]; then
JSCHAN_CONFIG="${JSCHAN_CONFIG}
server {
server_name www.example.onion example.onion;
server_name www.$ONION_DOMAIN $ONION_DOMAIN;
client_max_body_size 0;
listen unix:/var/run/nginx-tor.sock;
@ -146,8 +152,8 @@ fi
#printf "$JSCHAN_CONFIG"
#write the config to file and syymlink to sites-available
echo $JSCHAN_CONFIG >> /etc/nginx/sites-available/$SITES_AVAILABLE_NAME.conf
sudo ln -s /etc/nginx/sites-available/$SITES_AVAILABLE_NAME.conf /etc/nginx/sites-enabled/$SITES_AVAILABLE_NAME.conf
printf "$JSCHAN_CONFIG" >> /etc/nginx/sites-available/$SITES_AVAILABLE_NAME
sudo ln -s /etc/nginx/sites-available/$SITES_AVAILABLE_NAME /etc/nginx/sites-enabled/$SITES_AVAILABLE_NAME
if [ "$GOOGLE_CAPTCHA" == "y" ]; then
#add google captcha CSP exceptions
@ -178,3 +184,6 @@ if [ "$GEOIP" == "y" ]; then
geoip_country /usr/share/GeoIP/GeoIP.dat;' /etc/nginx/nginx.conf
fi
#and restart nginx
sudo systemctl restart nginx

Write Preview
Loading…
Cancel
Save