48 lines
1.4 KiB
Bash
48 lines
1.4 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
if [ ! -f .env ]; then
|
|
echo "Missing .env file. Copy .env.example to .env and edit DOMAIN_NAME, LETSENCRYPT_EMAIL and database password."
|
|
exit 1
|
|
fi
|
|
|
|
source .env
|
|
|
|
if [ -z "${DOMAIN_NAME:-}" ] || [ -z "${LETSENCRYPT_EMAIL:-}" ]; then
|
|
echo "DOMAIN_NAME and LETSENCRYPT_EMAIL must be set in .env"
|
|
exit 1
|
|
fi
|
|
|
|
if ! command -v docker >/dev/null 2>&1; then
|
|
echo "Docker is not installed. Install Docker Engine and Docker Compose plugin first."
|
|
exit 1
|
|
fi
|
|
|
|
if ! docker compose version >/dev/null 2>&1; then
|
|
echo "Docker Compose plugin is not available."
|
|
exit 1
|
|
fi
|
|
|
|
mkdir -p certbot/www certbot/conf backups
|
|
|
|
# Generate temporary HTTP-only Nginx config so Certbot can verify the domain.
|
|
sed "s/\${DOMAIN_NAME}/${DOMAIN_NAME}/g" nginx/http-only.conf.template > nginx/app.conf
|
|
|
|
# First start Nginx on HTTP so Certbot can verify the domain.
|
|
docker compose up -d --build frontend backend db adminer nginx
|
|
|
|
echo "Requesting HTTPS certificate for ${DOMAIN_NAME}..."
|
|
docker compose run --rm certbot certonly \
|
|
--webroot \
|
|
--webroot-path=/var/www/certbot \
|
|
--email "${LETSENCRYPT_EMAIL}" \
|
|
--agree-tos \
|
|
--no-eff-email \
|
|
-d "${DOMAIN_NAME}"
|
|
|
|
# Replace temporary config with final HTTPS config and restart Nginx.
|
|
sed "s/\${DOMAIN_NAME}/${DOMAIN_NAME}/g" nginx/app.conf.template > nginx/app.conf
|
|
docker compose restart nginx
|
|
|
|
echo "Application prepared successfully. Open: https://${DOMAIN_NAME}"
|