#!/bin/bash echo "Starting AVideo Live..." CONFIG_NGINX_FILE=/usr/local/nginx/conf/nginx.conf if [ "_${CREATE_TLS_CERTIFICATE}_" == "_yes_" ]; then echo "Generate Certificate..." echo "Certificate file: ${TLS_CERTIFICATE_FILE}" echo "Certificate key: ${TLS_CERTIFICATE_KEY}" mkdir -p `dirname ${TLS_CERTIFICATE_FILE}` mkdir -p `dirname ${TLS_CERTIFICATE_KEY}` subjectAltName="IP:127.0.0.1,DNS:${SERVER_NAME}" CONFIG="" CONFIG="${CONFIG}[dn]\n" CONFIG="${CONFIG}C=NN\n" CONFIG="${CONFIG}L=Earth\n" CONFIG="${CONFIG}O=AVideo\n" CONFIG="${CONFIG}OU=Development\n" CONFIG="${CONFIG}CN=localhost\n" CONFIG="${CONFIG}\n" CONFIG="${CONFIG}[req]\n" CONFIG="${CONFIG}distinguished_name=dn\n" CONFIG="${CONFIG}\n" CONFIG="${CONFIG}[EXT]\n" CONFIG="${CONFIG}subjectAltName=${subjectAltName}\n" CONFIG="${CONFIG}extendedKeyUsage=serverAuth\n" CONFIG="${CONFIG}\n" openssl req -x509 \ -out ${TLS_CERTIFICATE_FILE} -keyout ${TLS_CERTIFICATE_KEY} \ -newkey rsa:4096 \ -nodes \ -sha256 \ -days 3650 \ -subj '/C=NN/L=Earth/O=avideo/OU=DEV/CN=localhost' \ -extensions EXT -config <( \ printf "${CONFIG}") echo "New Certificate config..." openssl x509 -in ${TLS_CERTIFICATE_FILE} -noout -text || true fi sed -i 's#server_name localhost _#server_name localhost _ '${SERVER_NAME}'#' ${CONFIG_NGINX_FILE} echo "Configure Nginx..." sed -i 's#ssl_certificate /etc/apache2/ssl/localhost.crt#ssl_certificate '${TLS_CERTIFICATE_FILE}'#' ${CONFIG_NGINX_FILE} sed -i 's#ssl_certificate_key /etc/apache2/ssl/localhost.key#ssl_certificate_key '${TLS_CERTIFICATE_KEY}'#' ${CONFIG_NGINX_FILE} sed -i 's#listen 1935#listen '${NGINX_RTMP_PORT}'#' ${CONFIG_NGINX_FILE} sed -i 's#listen 8080#listen '${NGINX_HTTP_PORT}'#' ${CONFIG_NGINX_FILE} sed -i 's#listen 8443#listen '${NGINX_HTTPS_PORT}'#' ${CONFIG_NGINX_FILE} mkdir -p /etc/letsencrypt/live/localhost/ cp ${TLS_CERTIFICATE_FILE} /etc/letsencrypt/live/localhost/fullchain.pem cp ${TLS_CERTIFICATE_KEY} /etc/letsencrypt/live/localhost/privkey.pem /usr/local/nginx/sbin/nginx -s stop echo "lets encrypt nginx ${SERVER_NAME}" mv /usr/sbin/nginx /usr/sbin/nginx.old && cp /usr/local/nginx/sbin/nginx /usr/sbin/nginx mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.old && cp /usr/local/nginx/conf/nginx.conf /etc/nginx/nginx.conf certbot --nginx --non-interactive --agree-tos --nginx-server-root /usr/local/nginx/conf --no-redirect --register-unsafely-without-email --keep-until-expiring -d $SERVER_NAME sed -i 's/listen 443 ssl/listen 8443 ssl/g' /usr/local/nginx/conf/nginx.conf echo "crontab starting" cron bash source /etc/bash_completion #echo "nginx start" /usr/local/nginx/sbin/nginx -s stop /usr/local/nginx/sbin/nginx -g "daemon off;" #/usr/local/nginx/sbin/nginx -s stop && sleep 3 && /usr/local/nginx/sbin/nginx #eof