youztech/stalendeuren
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
stalendeuren/setup-ssl.sh
Ubuntu 32ed02c1f3 fix: TypeScript build errors and add production deployment 
- Fix handle color type safety
- Fix RoundedBox args tuple type
- Remove invalid ellipseGeometry
- Add PM2 ecosystem config
- Add SSL setup automation script

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-10 18:37:42 +00:00

125 lines
3.5 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
# Colors
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
RED='\033[0;31m'
NC='\033[0m'
DOMAIN="proinn.youztech.nl"
TARGET_IP="141.95.17.59"
echo -e "${YELLOW}Checking DNS for $DOMAIN...${NC}"
# Check current DNS
CURRENT_IP=$(host $DOMAIN | grep "has address" | awk '{print $4}')
if [ "$CURRENT_IP" != "$TARGET_IP" ]; then
echo -e "${RED}DNS not updated yet!${NC}"
echo "Current IP: $CURRENT_IP"
echo "Target IP: $TARGET_IP"
echo ""
echo "Please update DNS first, then run this script again."
exit 1
fi
echo -e "${GREEN}✓ DNS is correct!${NC}"
echo ""
echo -e "${YELLOW}Requesting SSL certificate...${NC}"
# Request SSL certificate
sudo certbot certonly --webroot -w /var/www/html -d $DOMAIN \
--non-interactive --agree-tos --email admin@youztech.nl
if [ $? -ne 0 ]; then
echo -e "${RED}SSL certificate request failed!${NC}"
exit 1
fi
echo -e "${GREEN}✓ SSL certificate obtained!${NC}"
echo ""
echo -e "${YELLOW}Updating nginx configuration for HTTPS...${NC}"
# Update nginx config with SSL
sudo tee /etc/nginx/sites-available/$DOMAIN > /dev/null <<'EOF'
server {
listen 80;
listen [::]:80;
server_name proinn.youztech.nl;
location /.well-known/acme-challenge/ {
root /var/www/html;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name proinn.youztech.nl;
ssl_certificate /etc/letsencrypt/live/proinn.youztech.nl/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/proinn.youztech.nl/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# Security headers
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
location / {
proxy_pass http://127.0.0.1:3002;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
proxy_read_timeout 300s;
proxy_connect_timeout 75s;
}
# Optimize for Next.js static assets
location /_next/static {
proxy_pass http://127.0.0.1:3002;
proxy_cache_valid 60m;
add_header Cache-Control "public, immutable, max-age=31536000";
}
# Optimize for images
location ~* \.(jpg|jpeg|png|gif|ico|svg|webp)$ {
proxy_pass http://127.0.0.1:3002;
expires 30d;
add_header Cache-Control "public, immutable";
}
}
EOF
# Test nginx config
sudo nginx -t
if [ $? -ne 0 ]; then
echo -e "${RED}Nginx configuration test failed!${NC}"
exit 1
fi
# Reload nginx
sudo systemctl reload nginx
echo -e "${GREEN}✓ Nginx reloaded with HTTPS!${NC}"
echo ""
echo -e "${GREEN}═══════════════════════════════════════════${NC}"
echo -e "${GREEN} 🎉 DEPLOYMENT COMPLETE! 🎉${NC}"
echo -e "${GREEN}═══════════════════════════════════════════${NC}"
echo ""
echo -e "Your site is now live at:"
echo -e "${GREEN}https://proinn.youztech.nl/offerte${NC}"
echo ""
echo "SSL certificate will auto-renew via certbot."
Reference in New Issue View Git Blame Copy Permalink