Upd

2025-06-05 21:59:36 +02:00 · 2023-04-14 18:47:33 +02:00
parent d7c333ce04
commit dbdcde20eb
7 changed files with 150 additions and 30 deletions
--- a/Server/Root/etc/diycron
+++ b/Server/Root/etc/diycron
@@ -13,7 +13,7 @@ hm2s() { echo $((($1*60*60) + ($2*60))); }
 # Setting variables (that always have a "Job" prefix) for each job, to prevent multiple execution.
 ResetJobs() {
 	for Job in \
-		1 2
+		1 2 Certs
 	do eval "Job$Job=0"
 	done
 }
@@ -37,8 +37,11 @@ do
 		#If $(IsDayMin $(hm2s 4 30)) && test $(($(date +%s) / 86400 % 2)) = 0 && sleep 60 && reboot # System reboot every 2 days (every even day)
 		If $(IsDayMin $(hm2s 4 30)) && sleep 60 && reboot # System reboot every night

+	# Try to renew SSL certs every 5 days at 4 AM
+		Ifn $JobCerts && If $(IsDayMin $(hm2s 4 0)) && test $(($(date +%s) / 86400 % 9)) = 0 && JobCerts=1 && sleep 60 && /Server/Scripts/RenewCerts.sh
+
 	# Status of all jobs is reset at one time of the day, before or after all execute or have executed (in time).
 		If $(IsDayMin $(hm2s 0 0)) && ResetJobs
 	# Cooldown to wait at each cycle, to save on resources (Should always be less than 60 seconds!).
-	sleep 5
+		sleep 5
 done
--- a/Server/Root/etc/nginx/sites-available/SpaccCloud.conf
+++ b/Server/Root/etc/nginx/sites-available/SpaccCloud.conf
@@ -15,20 +15,22 @@
 #	}
 #}

-server {
-	listen 443 ssl;
-	server_name spacccloud-wfm.octt.eu.org;
-	ssl_certificate /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/fullchain.pem;
-	ssl_certificate_key /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/privkey.pem;
-	ssl_prefer_server_ciphers on;
-	location / {
-		proxy_http_version 1.1;
-		proxy_pass http://localhost:7580;
-		proxy_set_header Access-Control-Allow-Origin https://spacccloud.octt.eu.org http://192.168.1.25 http://192.168.1.25:8080;
-		proxy_set_header X-Real-IP $remote_addr;
-		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-		proxy_set_header X-Forwarded-Proto $scheme;
-		proxy_set_header Upgrade $http_upgrade;
-		proxy_set_header Connection "upgrade";
-	}
-}
+#server {
+#	listen 443 ssl;
+#	server_name spacccloud-wfm.octt.eu.org;
+#	ssl_certificate /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/fullchain.pem;
+#	ssl_certificate_key /etc/letsencrypt/live/spacccloud-wfm.octt.eu.org/privkey.pem;
+#	ssl_prefer_server_ciphers on;
+#	location / {
+#		proxy_http_version 1.1;
+#		proxy_pass http://localhost:7580;
+#		#add_header Access-Control-Allow-Origin "https://spacccloud.octt.eu.org http://192.168.1.25 http://192.168.1.25:8080";
+#		proxy_set_header X-Real-IP $remote_addr;
+#		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+#		proxy_set_header X-Forwarded-Proto $scheme;
+#		proxy_set_header Upgrade $http_upgrade;
+#		proxy_set_header Connection "upgrade";
+#		sub_filter '</body>' '<script src="//spacccloud.octt.eu.org/WfmInject.js"></script></body>';
+#		sub_filter_once on;
+#	}
+#}
--- a/Server/Root/etc/nginx/sites-available/fediii.conf
+++ b/Server/Root/etc/nginx/sites-available/fediii.conf
@@ -0,0 +1,25 @@
+server {
+	listen 443 ssl;
+	server_name fediii.octt.eu.org;
+	ssl_certificate /etc/letsencrypt/live/fediii.octt.eu.org/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/fediii.octt.eu.org/privkey.pem; 
+	ssl_prefer_server_ciphers on;
+	location / {
+		proxy_http_version 1.1;
+		proxy_pass http://localhost:8331;
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "upgrade";
+		sub_filter '</body>' '<link rel="stylesheet" href="/fediii-static/Kbin.css"/><script src="/fediii-static/Kbin.js"></script></body>';
+		sub_filter_once on;
+	}
+	location /fediii-static/ {
+		root /Server/www/;
+		add_header Access-Control-Allow-Origin *;
+		try_files $uri $uri.html $uri/index.html index.html;
+		autoindex off;
+	}
+}
--- a/Server/Root/etc/nginx/sites-available/fren.conf
+++ b/Server/Root/etc/nginx/sites-available/fren.conf
@@ -0,0 +1,25 @@
+server {
+	listen 443 ssl;
+	server_name fren.octt.eu.org;
+	ssl_certificate /etc/letsencrypt/live/fren.octt.eu.org/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/fren.octt.eu.org/privkey.pem; 
+	ssl_prefer_server_ciphers on;
+	location / {
+		proxy_http_version 1.1;
+		proxy_pass https://poliverso.org;
+		#proxy_pass http://localhost:8331;
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "upgrade";
+		proxy_set_header Accept-Encoding ''; # Needed for sub_filter
+		#sub_filter 'poliverso.org' 'fren.octt.eu.org';
+		sub_filter '>var baseurl = "https://poliverso.org";</script>' '>var baseurl = "https://fren.octt.eu.org";</script>';
+		sub_filter '="https://poliverso.org/' '="https://fren.octt.eu.org/';
+		sub_filter '<a href="#content"' '<p style="font-size: larger; background: #222222; color: #eeeeee;">NOTICE: Content autonomously proxied from <code>poliverso.org</code>. NOT FOR PUBLIC USE!</p><a href="#content"';
+		sub_filter '</body>' '<link id="fediiiCss" rel="stylesheet" href="//fediii.octt.eu.org/fediii-static/Friendica.css"/><script src="//fediii.octt.eu.org/fediii-static/Lib0.js"></script><script id="fediiiJs" src="//fediii.octt.eu.org/fediii-static/Friendica.js"></script></body>';
+		sub_filter_once off;
+	}
+}