45 lines
1.7 KiB
Plaintext
45 lines
1.7 KiB
Plaintext
container_commands:
|
|
10_setup_nginx:
|
|
command: |
|
|
sudo rm -f /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf
|
|
sudo rm -f /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf
|
|
|
|
sudo rm -f /tmp/deployment/config/#etc#nginx#nginx.conf
|
|
sudo rm -f /etc/nginx/nginx.conf
|
|
|
|
sudo mv /etc/nginx/nginx.pre /etc/nginx/nginx.conf
|
|
|
|
sudo service nginx stop
|
|
sudo service nginx start
|
|
20_install_certbot:
|
|
command: |
|
|
wget https://dl.eff.org/certbot-auto
|
|
mv certbot-auto /usr/local/bin/certbot-auto
|
|
chown root /usr/local/bin/certbot-auto
|
|
chmod 0755 /usr/local/bin/certbot-auto
|
|
30_create_webroot_path:
|
|
command: |
|
|
sudo rm -rf /var/www/letsencrypt/
|
|
sudo mkdir /var/www/letsencrypt/
|
|
40_configure_cert:
|
|
command: |
|
|
certbot_command="/usr/local/bin/certbot-auto certonly --webroot --webroot-path /var/www/letsencrypt --debug --non-interactive --email ${LETSENCRYPT_EMAIL} --agree-tos --expand --keep-until-expiring"
|
|
for domain in $(echo ${LETSENCRYPT_DOMAIN} | sed "s/,/ /g")
|
|
do
|
|
certbot_command="$certbot_command --domains $domain"
|
|
done
|
|
eval $certbot_command
|
|
50_link_cert:
|
|
command: |
|
|
domain="$( cut -d ',' -f 1 <<< "${LETSENCRYPT_DOMAIN}" )";
|
|
if [ -d /etc/letsencrypt/live ]; then
|
|
domain_folder_name="$(ls /etc/letsencrypt/live | sort -n | grep $domain | head -1)";
|
|
if [ -d /etc/letsencrypt/live/${domain_folder_name} ]; then
|
|
ln -sfn /etc/letsencrypt/live/${domain_folder_name} /etc/letsencrypt/live/ebcert
|
|
fi
|
|
fi
|
|
60_enable_https_config:
|
|
command: |
|
|
sudo mv /etc/nginx/conf.d/https_custom.pre /etc/nginx/conf.d/https_custom.conf
|
|
sudo service nginx stop
|
|
sudo service nginx start |