From 850b9c1f4db7d103f895715843bc968ca9d364ab Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 11 Nov 2016 17:36:30 +0000 Subject: [PATCH] Tidying --- src/freedombone-app-dokuwiki | 13 ++----------- src/freedombone-app-etherpad | 12 ++---------- src/freedombone-app-ghost | 12 ++---------- src/freedombone-app-gnusocial | 13 +++---------- src/freedombone-app-gogs | 12 ++---------- src/freedombone-app-htmly | 12 ++---------- src/freedombone-app-hubzilla | 14 ++------------ src/freedombone-app-lychee | 12 ++---------- src/freedombone-app-mailpile | 12 ++---------- src/freedombone-app-postactiv | 12 ++---------- src/freedombone-utils-web | 23 +++++++++++++++++++++++ 11 files changed, 44 insertions(+), 103 deletions(-) diff --git a/src/freedombone-app-dokuwiki b/src/freedombone-app-dokuwiki index 895117ae..a6c1d8c7 100755 --- a/src/freedombone-app-dokuwiki +++ b/src/freedombone-app-dokuwiki @@ -336,11 +336,7 @@ function install_dokuwiki { echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo ' allow all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME + nginx_keybase $DOKUWIKI_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME @@ -419,12 +415,7 @@ function install_dokuwiki { echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo ' allow all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo ' }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME - echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME + nginx_keybase $DOKUWIKI_DOMAIN_NAME echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME diff --git a/src/freedombone-app-etherpad b/src/freedombone-app-etherpad index 76b6e865..67042682 100755 --- a/src/freedombone-app-etherpad +++ b/src/freedombone-app-etherpad @@ -538,11 +538,7 @@ function install_etherpad { echo ' proxy_buffering off;' >> $etherpad_nginx_site echo ' }' >> $etherpad_nginx_site echo '' >> $etherpad_nginx_site - echo " # make sure webfinger and other well known services aren't blocked" >> $etherpad_nginx_site - echo ' # by denying dot files and rewrite request to the front controller' >> $etherpad_nginx_site - echo ' location ^~ /.well-known/ {' >> $etherpad_nginx_site - echo ' allow all;' >> $etherpad_nginx_site - echo ' }' >> $etherpad_nginx_site + nginx_keybase $ETHERPAD_DOMAIN_NAME echo '}' >> $etherpad_nginx_site else echo -n '' > $etherpad_nginx_site @@ -569,11 +565,7 @@ function install_etherpad { echo ' proxy_buffering off;' >> $etherpad_nginx_site echo ' }' >> $etherpad_nginx_site echo '' >> $etherpad_nginx_site - echo " # make sure webfinger and other well known services aren't blocked" >> $etherpad_nginx_site - echo ' # by denying dot files and rewrite request to the front controller' >> $etherpad_nginx_site - echo ' location ^~ /.well-known/ {' >> $etherpad_nginx_site - echo ' allow all;' >> $etherpad_nginx_site - echo ' }' >> $etherpad_nginx_site + nginx_keybase $ETHERPAD_DOMAIN_NAME echo '}' >> $etherpad_nginx_site function_check create_site_certificate diff --git a/src/freedombone-app-ghost b/src/freedombone-app-ghost index c73a5a08..ccb8705f 100755 --- a/src/freedombone-app-ghost +++ b/src/freedombone-app-ghost @@ -377,11 +377,7 @@ function install_ghost { echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} - echo ' allow all;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} - echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} + nginx_keybase $GHOST_DOMAIN_NAME echo '}' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} else @@ -415,11 +411,7 @@ function install_ghost { echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} - echo ' allow all;' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} - echo ' }' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} + nginx_keybase ${GHOST_DOMAIN_NAME} echo '}' >> /etc/nginx/sites-available/${GHOST_DOMAIN_NAME} function_check create_site_certificate diff --git a/src/freedombone-app-gnusocial b/src/freedombone-app-gnusocial index 32aec9d6..df4822ce 100755 --- a/src/freedombone-app-gnusocial +++ b/src/freedombone-app-gnusocial @@ -607,11 +607,7 @@ function install_gnusocial_main { echo ' deny all;' >> $gnusocial_nginx_site echo ' }' >> $gnusocial_nginx_site echo '' >> $gnusocial_nginx_site - echo " # make sure webfinger and other well known services aren't blocked" >> $gnusocial_nginx_site - echo ' # by denying dot files and rewrite request to the front controller' >> $gnusocial_nginx_site - echo ' location ^~ /.well-known/ {' >> $gnusocial_nginx_site - echo ' allow all;' >> $gnusocial_nginx_site - echo ' }' >> $gnusocial_nginx_site + nginx_keybase $GNUSOCIAL_DOMAIN_NAME echo '}' >> $gnusocial_nginx_site else echo -n '' > $gnusocial_nginx_site @@ -655,11 +651,8 @@ function install_gnusocial_main { echo ' location ~ /\.(ht|git) {' >> $gnusocial_nginx_site echo ' deny all;' >> $gnusocial_nginx_site echo ' }' >> $gnusocial_nginx_site - echo " # make sure webfinger and other well known services aren't blocked" >> $gnusocial_nginx_site - echo ' # by denying dot files and rewrite request to the front controller' >> $gnusocial_nginx_site - echo ' location ^~ /.well-known/ {' >> $gnusocial_nginx_site - echo ' allow all;' >> $gnusocial_nginx_site - echo ' }' >> $gnusocial_nginx_site + echo '' >> $gnusocial_nginx_site + nginx_keybase $GNUSOCIAL_DOMAIN_NAME echo '}' >> $gnusocial_nginx_site function_check configure_php diff --git a/src/freedombone-app-gogs b/src/freedombone-app-gogs index 750aedba..127eaa96 100755 --- a/src/freedombone-app-gogs +++ b/src/freedombone-app-gogs @@ -493,11 +493,7 @@ function install_gogs { echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} echo ' }' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} - echo ' allow all;' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} - echo ' }' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} + nginx_keybase ${GIT_DOMAIN_NAME} echo '}' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} else @@ -531,11 +527,7 @@ function install_gogs { echo ' access_log /dev/null;' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} echo ' }' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} - echo ' allow all;' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} - echo ' }' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} + nginx_keybase ${GIT_DOMAIN_NAME} echo '}' >> /etc/nginx/sites-available/${GIT_DOMAIN_NAME} function_check configure_php diff --git a/src/freedombone-app-htmly b/src/freedombone-app-htmly index 2730ef7c..af270837 100755 --- a/src/freedombone-app-htmly +++ b/src/freedombone-app-htmly @@ -453,11 +453,7 @@ function install_htmly_website { echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME - echo ' allow all;' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME - echo ' }' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME + nginx_keybase ${HTMLY_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME @@ -534,11 +530,7 @@ function install_htmly_website_onion { echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME - echo ' allow all;' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME - echo ' }' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME + nginx_keybase ${HTMLY_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HTMLY_DOMAIN_NAME diff --git a/src/freedombone-app-hubzilla b/src/freedombone-app-hubzilla index dfdbd34f..145703f3 100755 --- a/src/freedombone-app-hubzilla +++ b/src/freedombone-app-hubzilla @@ -388,12 +388,7 @@ function install_hubzilla { echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo ' allow all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME + nginx_keybase ${HUBZILLA_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME @@ -461,12 +456,7 @@ function install_hubzilla { echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo ' allow all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME - echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME + nginx_keybase ${HUBZILLA_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME diff --git a/src/freedombone-app-lychee b/src/freedombone-app-lychee index 629f7321..c22cb94b 100755 --- a/src/freedombone-app-lychee +++ b/src/freedombone-app-lychee @@ -258,11 +258,7 @@ function install_lychee_website { nginx_limits $LYCHEE_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME - echo ' allow all;' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME - echo ' }' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME + nginx_keybase ${LYCHEE_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME echo ' # or a unix socket' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME @@ -328,11 +324,7 @@ function install_lychee_website_onion { nginx_limits $LYCHEE_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME - echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME - echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME - echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME - echo ' allow all;' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME - echo ' }' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME + nginx_keybase ${LYCHEE_DOMAIN_NAME} echo '' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME echo ' # block these file types' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$LYCHEE_DOMAIN_NAME diff --git a/src/freedombone-app-mailpile b/src/freedombone-app-mailpile index 2c1c0c35..44951fc9 100755 --- a/src/freedombone-app-mailpile +++ b/src/freedombone-app-mailpile @@ -324,11 +324,7 @@ function install_mailpile { echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $mailpile_nginx_site echo ' }' >> $mailpile_nginx_site echo '' >> $mailpile_nginx_site - echo " # make sure webfinger and other well known services aren't blocked" >> $mailpile_nginx_site - echo ' # by denying dot files and rewrite request to the front controller' >> $mailpile_nginx_site - echo ' location ^~ /.well-known/ {' >> $mailpile_nginx_site - echo ' allow all;' >> $mailpile_nginx_site - echo ' }' >> $mailpile_nginx_site + nginx_keybase ${MAILPILE_DOMAIN_NAME} echo '}' >> $mailpile_nginx_site else echo -n '' > $mailpile_nginx_site @@ -356,11 +352,7 @@ function install_mailpile { echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $mailpile_nginx_site echo ' }' >> $mailpile_nginx_site echo '' >> $mailpile_nginx_site - echo " # make sure webfinger and other well known services aren't blocked" >> $mailpile_nginx_site - echo ' # by denying dot files and rewrite request to the front controller' >> $mailpile_nginx_site - echo ' location ^~ /.well-known/ {' >> $mailpile_nginx_site - echo ' allow all;' >> $mailpile_nginx_site - echo ' }' >> $mailpile_nginx_site + nginx_keybase ${MAILPILE_DOMAIN_NAME} echo '}' >> $mailpile_nginx_site function_check create_site_certificate diff --git a/src/freedombone-app-postactiv b/src/freedombone-app-postactiv index a641c6df..9da09fed 100755 --- a/src/freedombone-app-postactiv +++ b/src/freedombone-app-postactiv @@ -451,11 +451,7 @@ function install_postactiv_main { echo ' deny all;' >> $postactiv_nginx_site echo ' }' >> $postactiv_nginx_site echo '' >> $postactiv_nginx_site - echo " # make sure webfinger and other well known services aren't blocked" >> $postactiv_nginx_site - echo ' # by denying dot files and rewrite request to the front controller' >> $postactiv_nginx_site - echo ' location ^~ /.well-known/ {' >> $postactiv_nginx_site - echo ' allow all;' >> $postactiv_nginx_site - echo ' }' >> $postactiv_nginx_site + nginx_keybase ${POSTACTIV_DOMAIN_NAME} echo '}' >> $postactiv_nginx_site else echo -n '' > $postactiv_nginx_site @@ -500,11 +496,7 @@ function install_postactiv_main { echo ' deny all;' >> $postactiv_nginx_site echo ' }' >> $postactiv_nginx_site echo '' >> $postactiv_nginx_site - echo " # make sure webfinger and other well known services aren't blocked" >> $postactiv_nginx_site - echo ' # by denying dot files and rewrite request to the front controller' >> $postactiv_nginx_site - echo ' location ^~ /.well-known/ {' >> $postactiv_nginx_site - echo ' allow all;' >> $postactiv_nginx_site - echo ' }' >> $postactiv_nginx_site + nginx_keybase ${POSTACTIV_DOMAIN_NAME} echo '}' >> $postactiv_nginx_site function_check configure_php diff --git a/src/freedombone-utils-web b/src/freedombone-utils-web index b9f93b35..ce08c3dd 100755 --- a/src/freedombone-utils-web +++ b/src/freedombone-utils-web @@ -138,6 +138,29 @@ function nginx_ssl { #nginx_stapling $1 } +function nginx_keybase { + # creates files suitable for keybase.io verification + domain_name=$1 + filename=/etc/nginx/sites-available/$domain_name + + echo '' >> $domain_name + echo " # make sure webfinger and other well known services aren't blocked" >> $domain_name + echo ' # by denying dot files and rewrite request to the front controller' >> $domain_name + echo ' location ^~ /.well-known/ {' >> $domain_name + echo ' allow all;' >> $domain_name + echo ' }' >> $domain_name + + if [ ! -d /var/www/${domain_name}/htdocs/.well-known ]; then + mkdir -p /var/www/${domain_name}/htdocs/.well-known + fi + if [ ! -f /var/www/${domain_name}/htdocs/keybase.txt ]; then + touch /var/www/${domain_name}/htdocs/keybase.txt + fi + if [ ! -f /var/www/${domain_name}/htdocs/.well-known/keybase.txt ]; then + touch /var/www/${domain_name}/htdocs/.well-known/keybase.txt + fi +} + # check an individual domain name function test_domain_name { if [ $1 ]; then