我正在尝试编写我的第一个脚本,并且一切正常,可以自动安装新服务器,我唯一的问题是使用sed更改ssl证书文件,我在此处的论坛中关注了所有答案。但我仍然无法覆盖它,我已经使用了另外两个sed命令,并且工作正常
我正在使用apache2和php7.0灯在ubuntu 16.04上运行脚本 该脚本已完成,但没有重写conf
这是我的脚本,以防万一发生冲突
#!/bin/bash
apt-get -y update
apt-get -y upgrade
apt-get -y install apache2
apt-get install -y php7.0 libapache2-mod-php7.0 php7.0-cli php7.0-common php7.0-mbstring php7.0-gd php7.0-intl php7.0-xml php7.0-mysql php7.0-mcrypt php7.0-zip
echo mysql-server-5.1 mysql-server/root_password password PASSWORD | debconf-set-selections
echo mysql-server-5.1 mysql-server/root_password_again password PASSWORD | debconf-set-selections
apt-get install -y mysql-server
/etc/init.d/mysql restart
a2enmod ssl
a2ensite default-ssl.conf
service apache2 restart
APP_PASS="PASSWORD"
ROOT_PASS="PASSWORD"
APP_DB_PASS="PASSWORD"
echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | debconf-set-selections
echo "phpmyadmin phpmyadmin/app-password-confirm password $APP_PASS" | debconf-set-selections
echo "phpmyadmin phpmyadmin/mysql/admin-pass password $ROOT_PASS" | debconf-set-selections
echo "phpmyadmin phpmyadmin/mysql/app-pass password $APP_DB_PASS" | debconf-set-selections
echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2" | debconf-set-selections
apt-get install -y phpmyadmin
sed -i 's/Port 22/Port 4747/g' /etc/ssh/sshd_config
sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
service sshd restart
apt-get install vsftpd -y
sed -i 's/root/#root/g' /etc/ftpusers
service vsftpd restart
apt-get install software-properties-common -y
add-apt-repository ppa:certbot/certbot -y
apt-get update -y
apt-get install python-certbot-apache -y
service apache2 stop
certbot certonly --standalone --non-interactive --agree-tos -m EMAIL@mymail.com -d domain.com
adduser --quiet --disabled-password --shell /bin/bash --home /home/USERNAME --gecos "User" USERNAME
echo "USERNAME:PASSWORD" | chpasswd
usermod -aG sudo USERNAME
iptables -I INPUT 1 -p udp -m udp --dport 1900 -j DROP
crontab -l > mycron
echo "@daily letsencrypt renew --quiet && systemctl reload apache2" >> mycron
crontab mycron
rm mycron (WORKS BUT GIVES ERROR no crontab for root)
#sed -i "s|SSLCertificateFile=/etc/ssl/certs/ssl-cert-snakeoil.pem|SSLCertificateFile=/letsencrypt/live/domain.com/fullchain.pem|g" /etc/apache2/sites-enabled/default-ssl.conf (NOT WORKING)
#SSL_DEFAULT_CERT_PATH="SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem"
#SSL_CERT_PATH="SSLCertificateFile /letsencrypt/live/domain.com/fullchain.pem"
#sed -i "s|.*\b$SSL_DEFAULT_CERT_PATH\b.*|$SSL_CERT_PATH|" /etc/apache2/sites-enabled/default-ssl.conf (NOT WORKING)
service apache2 restart
这是我尝试过的两个,但是没有运气
sed -i "s|SSLCertificateFile=/etc/ssl/certs/ssl-cert-snakeoil.pem|SSLCertificateFile=/letsencrypt/live/domain.com/fullchain.pem|g" /etc/apache2/sites-enabled/default-ssl.conf
不起作用
SSL_DEFAULT_CERT_PATH="SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem"
SSL_CERT_PATH="SSLCertificateFile /letsencrypt/live/domain.com/fullchain.pem"
sed -i "s|.*\b$SSL_DEFAULT_CERT_PATH\b.*|$SSL_CERT_PATH|" /etc/apache2/sites-enabled/default-ssl.conf
不起作用
原始文件SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem 不知道空格是否有所不同