Skip to content

Commit

Permalink
blackhole
Browse files Browse the repository at this point in the history 
Blackhole set after first site to enforce a better configuration by default.
Nginx key updated.
  • Loading branch information
@QROkes
QROkes committed Jun 12, 2024
1 parent a3fcc2b commit 21baefe
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 0 deletions.
3 changes: 3 additions & 0 deletions lib/sites
View file
Original file line number Diff line number Diff line change
Expand Up @@ -826,6 +826,9 @@ createsite() {
else
sudo log $domain -only-error=off > /dev/null 2>&1
fi

# Blackhole default-site should be enabled after the first site is created!
[[ -z $(conf_read default-site) && $domain != $ADMIN_TOOLS_SITE ]] && webinoly -default-site=blackhole

sudo chown -R www-data:www-data /var/www
[[ $(conf_read login-www-data) == "true" ]] && sudo chown root:root /var/www
Expand Down
8 changes: 8 additions & 0 deletions lib/update
View file
Original file line number Diff line number Diff line change
Expand Up @@ -347,6 +347,14 @@ oneight_to_onenine() {
done
fi

# Update Nginx key! https://blog.nginx.org/blog/updating-pgp-key-for-nginx-software
if [[ $(conf_read nginx) == "true" && $(lsb_release -c | cut -d':' -f 2 | xargs) =~ ^(bionic|focal)$ ]]; then
sudo apt-key adv --fetch-keys 'https://nginx.org/keys/nginx_signing.key'
elif [[ -f /usr/share/keyrings/nginx-archive-keyring.gpg ]]; then
rm -rf /usr/share/keyrings/nginx-archive-keyring.gpg
wget -nv -O- https://nginx.org/keys/nginx_signing.key | sudo gpg --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg
fi

# Loop All Sites - HTTP3 enable!
for site in "/etc/nginx/sites-available"/*
do
Expand Down

0 comments on commit 21baefe

Please sign in to comment.