op405wm/zkt25
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
564c3ed8ea
zkt25/sk1/aws config/setup-nginx-certs.sh
oleh 564c3ed8ea add aws scripts
2025-04-13 13:54:16 +02:00

81 lines
2.0 KiB
Bash
Raw Blame History

#!/bin/bash
LOCAL_PEM_PATH="/c/Users/olezk/Desktop/mykey.pem"
USERNAME="ubuntu"
DOMAIN="healthai-tuke.com"
CERT_ARCHIVE_PATH="/c/Users/olezk/Desktop/healthai-certs.tar.gz"
SERVER_IP="52.51.10.99" # Elastic IP
echo "Removing old known_hosts entry..."
ssh-keygen -R "$SERVER_IP" 2>/dev/null
if [ ! -f "$CERT_ARCHIVE_PATH" ]; then
echo "Certificate archive not found: $CERT_ARCHIVE_PATH"
exit 1
fi
echo "Copying certificate archive to server $SERVER_IP..."
scp -i "$LOCAL_PEM_PATH" "$CERT_ARCHIVE_PATH" "$USERNAME@$SERVER_IP:~/"
echo "Configuring Nginx and SSL..."
ssh -i "$LOCAL_PEM_PATH" -o StrictHostKeyChecking=no "$USERNAME@$SERVER_IP" <<EOF
set -e
sudo apt update
sudo apt install -y nginx
# Unpack certificates
sudo tar xzvf ~/healthai-certs.tar.gz -C /
# Remove old config if exists
sudo rm -f /etc/nginx/sites-available/$DOMAIN
sudo rm -f /etc/nginx/sites-enabled/$DOMAIN
# Create new HTTPS config
# Create new HTTPS config
sudo tee /etc/nginx/sites-available/$DOMAIN > /dev/null <<'NGINX'
server {
listen 80;
server_name healthai-tuke.com www.healthai-tuke.com;
return 301 https://\$host\$request_uri;
}
server {
listen 443 ssl;
server_name healthai-tuke.com www.healthai-tuke.com;
ssl_certificate /etc/letsencrypt/live/healthai-tuke.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/healthai-tuke.com/privkey.pem;
location /api/ {
proxy_pass http://localhost:5000;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
}
location / {
proxy_pass http://localhost:5173;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
try_files \$uri \$uri/ /index.html;
}
}
NGINX
sudo ln -s /etc/nginx/sites-available/$DOMAIN /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl restart nginx
EOF
echo "Checking if https://$DOMAIN is available..."
curl -I --connect-timeout 5 https://$DOMAIN
echo "Server is ready with HTTPS at https://$DOMAIN"
Reference in New Issue View Git Blame Copy Permalink