diff --git a/bin/cert.sh b/bin/cert.sh new file mode 100755 index 0000000..32ddc83 --- /dev/null +++ b/bin/cert.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash +docker-compose exec litespeed su -c "certbot certonly --agree-tos --register-unsafely-without-email --webroot -w /var/www/vhosts/${1}/html -d ${1} -d www.${1}" +echo OLS needs to be restarted to detect the certificates diff --git a/lsws/conf/httpd_config.conf b/lsws/conf/httpd_config.conf index d9174bf..817cc86 100644 --- a/lsws/conf/httpd_config.conf +++ b/lsws/conf/httpd_config.conf @@ -235,6 +235,7 @@ listener HTTPS { vhTemplate centralConfigLog { templateFile conf/templates/ccl.conf listeners Default, HTTP, HTTPS + member localhost { vhDomain localhost } diff --git a/lsws/conf/httpd_config.conf.bak b/lsws/conf/httpd_config.conf.bak index 949488c..a5fb686 100644 --- a/lsws/conf/httpd_config.conf.bak +++ b/lsws/conf/httpd_config.conf.bak @@ -225,19 +225,19 @@ listener HTTP { secure 0 } +listener HTTPS { + address *:443 + secure 1 + keyFile /usr/local/lsws/admin/conf/webadmin.key + certFile /usr/local/lsws/admin/conf/webadmin.crt +} + vhTemplate centralConfigLog { templateFile conf/templates/ccl.conf - listeners Default, HTTP - note test test - - member example2.com { - vhDomain example2.com + listeners Default, HTTP, HTTPS + member larshagen.net { + vhDomain larshagen.net } - - member example6.com { - vhDomain example6.com - } - member localhost { vhDomain localhost } diff --git a/lsws/conf/httpd_config.conf0 b/lsws/conf/httpd_config.conf0 index 5ed6fb6..a5fb686 100644 --- a/lsws/conf/httpd_config.conf0 +++ b/lsws/conf/httpd_config.conf0 @@ -225,25 +225,19 @@ listener HTTP { secure 0 } +listener HTTPS { + address *:443 + secure 1 + keyFile /usr/local/lsws/admin/conf/webadmin.key + certFile /usr/local/lsws/admin/conf/webadmin.crt +} + vhTemplate centralConfigLog { templateFile conf/templates/ccl.conf - listeners Default, HTTP - member example4.com { - vhDomain example4.com - } - member example3.com { - vhDomain example3.com - } - note test test - - member example2.com { - vhDomain example2.com - } - - member example6.com { - vhDomain example6.com + listeners Default, HTTP, HTTPS + member larshagen.net { + vhDomain larshagen.net } - member localhost { vhDomain localhost } diff --git a/lsws/conf/templates/ccl.conf b/lsws/conf/templates/ccl.conf index 3a32386..6c9db7e 100644 --- a/lsws/conf/templates/ccl.conf +++ b/lsws/conf/templates/ccl.conf @@ -53,5 +53,10 @@ RewriteFile .htaccess enable 0 logLevel 0 } + + vhssl { + keyFile /etc/letsencrypt/live/$VH_NAME/privkey.pem + certFile /etc/letsencrypt/live/$VH_NAME/fullchain.pem + } } diff --git a/lsws/conf/templates/ccl.conf.bak b/lsws/conf/templates/ccl.conf.bak index 07d13b5..3a32386 100644 --- a/lsws/conf/templates/ccl.conf.bak +++ b/lsws/conf/templates/ccl.conf.bak @@ -3,7 +3,7 @@ configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhconf.conf allowSymbolLink 1 enableScript 1 restrained 1 -setUIDMode 0 +setUIDMode 2 virtualHostConfig { docRoot $VH_ROOT/html/ diff --git a/lsws/conf/templates/ccl.conf0 b/lsws/conf/templates/ccl.conf0 index 07d13b5..6c9db7e 100755 --- a/lsws/conf/templates/ccl.conf0 +++ b/lsws/conf/templates/ccl.conf0 @@ -3,7 +3,7 @@ configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhconf.conf allowSymbolLink 1 enableScript 1 restrained 1 -setUIDMode 0 +setUIDMode 2 virtualHostConfig { docRoot $VH_ROOT/html/ @@ -53,5 +53,10 @@ RewriteFile .htaccess enable 0 logLevel 0 } + + vhssl { + keyFile /etc/letsencrypt/live/$VH_NAME/privkey.pem + certFile /etc/letsencrypt/live/$VH_NAME/fullchain.pem + } }