Script to run when creating new static deploy environment for new static project
-
Ensure Domain $NAME.508.dev A record is created on our domain manager.
-
Create new user account of name $NAME
sudo adduser --disabled-password --gecos "" $NAME- Create SSH keys // need to update this because you need to generate the key somewhere and then get it in the authorized_keys file somehow
sudo mkdir /home/$NAME/.ssh
sudo ssh-keygen -t ed25519 -C "$NAME@508.dev" -f /home/$NAME/.ssh/id_ed -N ""
sudo cp /home/$NAME/.ssh/id_ed authorized_keys
sudo chown -R $NAME:$NAME /home/$NAME/.ssh/- Create src and etc directories if necessary
sudo mkdir /home/$NAME/src/
sudo chown $NAME:$NAME /home/$NAME/src/- Add user to group
www-data
sudo usermod -a -G www-data $NAME
sudo usermod -a -G ssh $NAME
sudo usermod -g www-data $NAME- Create directory for html, css, js output in
/home/www-data/
sudo mkdir /home/www-data/$NAME
sudo chown $NAME:www-data /home/www-data/$NAME- Create file of
/etc/nginx/sites-available/$NAME.508.dev
server {
listen 80;
listen [::]:80;
server_name $NAME.508.dev www.$NAME.508.dev;
return 301 https://$server_name$request_uri;
}
server {
server_name $NAME.508.dev;
gzip on;
location / {
autoindex on;
root /home/www-data/$NAME/;
error_page 404 = /index.html;
}
listen 443 ssl;
listen [::]:443;
ssl_certificate /etc/letsencrypt/live/$NAME.508.dev/fullchain.pem; # CHANGE ME
ssl_certificate_key /etc/letsencrypt/live/$NAME.508.dev/privkey.pem; # CHANGE ME
include /etc/letsencrypt/options-ssl-nginx.conf;
}
EOF- Softlink into
/etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/$NAME.508.dev /etc/nginx/sites-enabled/- Temporarily take down nginx
sudo service nginx stop- Create https certificate
sudo certbot certonly --standalone -d $NAME.508.dev- Bring up nginx again
sudo service nginx start