From b45b94cd5eeea2814e506396c0ba911f58decaf3 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sat, 26 May 2018 15:29:13 +0100
Subject: [PATCH] Create a self signed cert for the local domain
---
src/freedombone-utils-web | 31 ++++++++++++++++++++++++++++---
1 file changed, 28 insertions(+), 3 deletions(-)
diff --git a/src/freedombone-utils-web b/src/freedombone-utils-web
index ca7bcce77..c78dc0f89 100755
--- a/src/freedombone-utils-web
+++ b/src/freedombone-utils-web
@@ -1149,7 +1149,7 @@ function install_web_local_user_interface {
{ echo '<html>';
echo ' <body>';
- echo " This is a test on $local_hostname";
+ echo " This is a test on ${local_hostname}";
echo ' </body>';
echo '</html>'; } > "/var/www/${local_hostname}/htdocs/index.html"
@@ -1160,8 +1160,33 @@ function install_web_local_user_interface {
echo " server_name ${local_hostname};";
echo " root /var/www/${local_hostname}/htdocs;";
echo ' index index.html;';
- echo '}'; } > "$nginx_file"
- nginx_ensite "$local_hostname"
+ echo '';
+ echo ' access_log /dev/null;';
+ echo ' error_log /dev/null;';
+ echo '}';
+ echo '';
+ echo 'server {';
+ echo ' listen 443 ssl;';
+ echo ' #listen [::]:443 ssl;';
+ echo " server_name ${local_hostname};";
+ echo " root /var/www/${local_hostname}/htdocs;";
+ echo ' index index.html;';
+ echo '';
+ echo ' access_log /dev/null;';
+ echo ' error_log /dev/null;';
+ echo ''; } >> "$nginx_file"
+
+ nginx_ssl "${local_hostname}"
+ nginx_security_options "${local_hostname}"
+
+ { echo ' add_header Strict-Transport-Security max-age=0;';
+ echo '}'; } >> "$nginx_file"
+
+ if [ ! -f "/etc/ssl/certs/${local_hostname}.crt" ]; then
+ "${PROJECT_NAME}-addcert" -h "${local_hostname}" --dhkey "${DH_KEYLENGTH}"
+ fi
+
+ nginx_ensite "${local_hostname}"
# Compatibility with FreedomBox android app
# The installed apps get published to a json file called "1"
--
GitLab