Scripts hinzugefügt
This commit is contained in:
12
install.sh
12
install.sh
@@ -90,6 +90,13 @@ cd ..
|
|||||||
make
|
make
|
||||||
make install
|
make install
|
||||||
|
|
||||||
|
rm -rf /usr/local/nginx/nginx.conf
|
||||||
|
cp nginx.conf /usr/local/nginx/
|
||||||
|
mkdir -p /usr/local/nginx/snippets
|
||||||
|
cp ssl-params.conf /usr/local/nginx/snippets/
|
||||||
|
cp ngensite /usr/local/bin
|
||||||
|
chmod +x /usr/local/bin/ngensite
|
||||||
|
|
||||||
wget https://dl.clocxhd.de/scripts/nginx/nginx.service
|
wget https://dl.clocxhd.de/scripts/nginx/nginx.service
|
||||||
mv nginx.service /etc/systemd/system/
|
mv nginx.service /etc/systemd/system/
|
||||||
systemctl daemon-reload
|
systemctl daemon-reload
|
||||||
@@ -98,10 +105,13 @@ systemctl enable nginx
|
|||||||
git clone https://github.com/h5bp/server-configs-nginx.git /tmp/server-configs-nginx
|
git clone https://github.com/h5bp/server-configs-nginx.git /tmp/server-configs-nginx
|
||||||
mv /tmp/server-configs-nginx/h5bp /usr/local/nginx/
|
mv /tmp/server-configs-nginx/h5bp /usr/local/nginx/
|
||||||
rm -rf /tmp/server-configs-nginx
|
rm -rf /tmp/server-configs-nginx
|
||||||
|
openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
|
||||||
cd /usr/local/nginx
|
cd /usr/local/nginx
|
||||||
rm -rf nginx.conf
|
mkdir sites-available
|
||||||
|
mkdir sites-enabled
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo "----------------"
|
echo "----------------"
|
||||||
echo "Installation abgeschlossen!"
|
echo "Installation abgeschlossen!"
|
||||||
echo "Du kannst Nginx jetzt mit systemctl start nginx starten!"
|
echo "Du kannst Nginx jetzt mit systemctl start nginx starten!"
|
||||||
|
echo "Deine vHosts kannst du im Verzeichnis /usr/local/nginx/sites-available ablegen, und dann mit dem Befehl ngensite datei aktivieren!"
|
||||||
9
ngensite
Executable file
9
ngensite
Executable file
@@ -0,0 +1,9 @@
|
|||||||
|
clear
|
||||||
|
ln -s /usr/local/nginx/sites-available/$1 /usr/local/nginx/sites-enabled/
|
||||||
|
echo "Erfolgreich:"
|
||||||
|
echo ""
|
||||||
|
ls -lh /usr/local/nginx/sites-enabled/ | grep $1
|
||||||
|
echo ""
|
||||||
|
ls /usr/local/nginx/sites-available/
|
||||||
|
echo ""
|
||||||
|
systemctl reload nginx
|
||||||
18
ssl-params.conf
Normal file
18
ssl-params.conf
Normal file
@@ -0,0 +1,18 @@
|
|||||||
|
# from https://cipherli.st/
|
||||||
|
# and https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
|
||||||
|
|
||||||
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||||
|
ssl_prefer_server_ciphers on;
|
||||||
|
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
|
||||||
|
ssl_ecdh_curve secp384r1;
|
||||||
|
ssl_session_cache shared:SSL:10m;
|
||||||
|
ssl_session_tickets off;
|
||||||
|
ssl_stapling on;
|
||||||
|
ssl_stapling_verify on;
|
||||||
|
resolver 208.67.222.222 8.8.4.4 valid=300s;
|
||||||
|
resolver_timeout 5s;
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
|
||||||
|
add_header X-Frame-Options DENY;
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
|
||||||
|
ssl_dhparam /etc/ssl/certs/dhparam.pem;
|
||||||
57
test.sh
57
test.sh
@@ -1,57 +0,0 @@
|
|||||||
lowercase(){
|
|
||||||
echo "$1" | sed "y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/"
|
|
||||||
}
|
|
||||||
|
|
||||||
OS=`lowercase \`uname\``
|
|
||||||
KERNEL=`uname -r`
|
|
||||||
MACH=`uname -m`
|
|
||||||
|
|
||||||
if [ "{$OS}" == "windowsnt" ]; then
|
|
||||||
OS=windows
|
|
||||||
elif [ "{$OS}" == "darwin" ]; then
|
|
||||||
OS=mac
|
|
||||||
else
|
|
||||||
OS=`uname`
|
|
||||||
if [ "${OS}" = "SunOS" ] ; then
|
|
||||||
OS=Solaris
|
|
||||||
ARCH=`uname -p`
|
|
||||||
OSSTR="${OS} ${REV}(${ARCH} `uname -v`)"
|
|
||||||
elif [ "${OS}" = "AIX" ] ; then
|
|
||||||
OSSTR="${OS} `oslevel` (`oslevel -r`)"
|
|
||||||
elif [ "${OS}" = "Linux" ] ; then
|
|
||||||
if [ -f /etc/redhat-release ] ; then
|
|
||||||
DistroBasedOn='RedHat'
|
|
||||||
DIST=`cat /etc/redhat-release |sed s/\ release.*//`
|
|
||||||
PSUEDONAME=`cat /etc/redhat-release | sed s/.*\(// | sed s/\)//`
|
|
||||||
REV=`cat /etc/redhat-release | sed s/.*release\ // | sed s/\ .*//`
|
|
||||||
elif [ -f /etc/SuSE-release ] ; then
|
|
||||||
DistroBasedOn='SuSe'
|
|
||||||
PSUEDONAME=`cat /etc/SuSE-release | tr "\n" ' '| sed s/VERSION.*//`
|
|
||||||
REV=`cat /etc/SuSE-release | tr "\n" ' ' | sed s/.*=\ //`
|
|
||||||
elif [ -f /etc/mandrake-release ] ; then
|
|
||||||
DistroBasedOn='Mandrake'
|
|
||||||
PSUEDONAME=`cat /etc/mandrake-release | sed s/.*\(// | sed s/\)//`
|
|
||||||
REV=`cat /etc/mandrake-release | sed s/.*release\ // | sed s/\ .*//`
|
|
||||||
elif [ -f /etc/debian_version ] ; then
|
|
||||||
DistroBasedOn='Debian'
|
|
||||||
DIST=`cat /etc/lsb-release | grep '^DISTRIB_ID' | awk -F= '{ print $2 }'`
|
|
||||||
PSUEDONAME=`cat /etc/lsb-release | grep '^DISTRIB_CODENAME' | awk -F= '{ print $2 }'`
|
|
||||||
REV=`cat /etc/lsb-release | grep '^DISTRIB_RELEASE' | awk -F= '{ print $2 }'`
|
|
||||||
fi
|
|
||||||
if [ -f /etc/UnitedLinux-release ] ; then
|
|
||||||
DIST="${DIST}[`cat /etc/UnitedLinux-release | tr "\n" ' ' | sed s/VERSION.*//`]"
|
|
||||||
fi
|
|
||||||
OS=`lowercase $OS`
|
|
||||||
DistroBasedOn=`lowercase $DistroBasedOn`
|
|
||||||
readonly OS
|
|
||||||
readonly DIST
|
|
||||||
readonly DistroBasedOn
|
|
||||||
readonly PSUEDONAME
|
|
||||||
readonly REV
|
|
||||||
readonly KERNEL
|
|
||||||
readonly MACH
|
|
||||||
fi
|
|
||||||
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo ${DIST}
|
|
||||||
Reference in New Issue
Block a user