smaller fixes (#69)

techandme · Oct 25, 2020 · c5580bf · c5580bf
1 parent 746af46
commit c5580bf
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 14 deletions.
diff --git a/apps/adminer.sh b/apps/adminer.sh
@@ -56,8 +56,8 @@ fi
 
 cat << ADMINER_CREATE > "$ADMINER_CONF"
 server {
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
+    listen 444 ssl http2;
+    listen [::]:444 ssl http2;
 
     ## Your website name goes here.
     # server_name example.com;
@@ -136,7 +136,7 @@ The script will exit."
     exit 1
 else
 msg_box "Adminer was sucessfully installed and can be reached here:
-http://$ADDRESS:81
+https://$ADDRESS:444
 You can download more plugins and get more information here:
 https://www.adminer.org
 Your MariaDB connection information can be found in $WPATH/wp-config.php

diff --git a/lets-encrypt/activate-tls.sh b/lets-encrypt/activate-tls.sh
@@ -143,7 +143,7 @@ server {
     ssl_session_cache shared:SSL:50m;
     ssl_session_tickets off;
     # Diffie-Hellman parameter for DHE ciphersuites, recommended 4096 bits
-    ssl_dhparam $DHPARAMS;
+    ssl_dhparam $DHPARAMS_TLS;
     # intermediate configuration. tweak to your needs.
     ssl_protocols TLSv1.2 TLSv1.3;
     ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
@@ -186,12 +186,12 @@ server {
     location ~* \.php$ {
         location ~ \wp-login.php$ {
                     allow $GATEWAY/24;
-		    #allow $ADDRESS;
-		    #allow $WAN4IP;
+		    allow $ADDRESS;
+		    allow $WAN4IP;
                     deny all;
                     include fastcgi.conf;
                     fastcgi_intercept_errors on;
-                    fastcgi_pass unix:/var/run/php/php7.2-fpm-wordpress.sock; 
+                    fastcgi_pass unix:$PHP_FPM_SOCK;
         }
                 fastcgi_split_path_info ^(.+\.php)(/.+)$;
                 try_files \$uri =404;

diff --git a/static/change_db_pass.sh b/static/change_db_pass.sh
@@ -16,7 +16,7 @@ debug_mode
 # Change MARIADB Password
 if mysqladmin -u root password "$NEWMARIADBPASS" > /dev/null 2>&1
 then
-    msg_box "Your new MARIADB root password is: $NEWMARIADBPASS
+    msg_box "Your new MariaDB root password is: $NEWMARIADBPASS
 Please keep it somewhere safe.
 
 To login to MariaDB,, simply type 'mysql -u root' from your CLI.

diff --git a/static/welcome.txt b/static/welcome.txt
@@ -24,7 +24,7 @@
 <h6><a href="https://docs.hanssonit.se/s/W6fMouPiqQz3_Mog/virtual-machines-vm/d/W7jILePiqQz3_Msw/wordpress-vm?currentPageId=W7jILePiqQz3_Ms7" target="_blank" rel="noopener">Login details</a></h6>
 <p><strong>Note:</strong> Webmin is installed when you run the setup script. To access Webmin externally you have to open port 10000 in your router.</p>
 <hr />
-<h3><a href=":81">Access Adminer</a></h3>
+<h3><a href=":444">Access Adminer</a></h3>
 <p><strong>Note:</strong> Please accept the warning in the browser if you connect via HTTPS.<br /><strong>Note:</strong> You have to remove the ending slash (/) for the port number to work.</p>
 <h6><a href="https://docs.hanssonit.se/s/W6fMouPiqQz3_Mog/virtual-machines-vm/d/W7jILePiqQz3_Msw/wordpress-vm?currentPageId=W7jILePiqQz3_Ms8" target="_blank" rel="noopener">Login details</a></h6>
 <p><strong>Note:</strong> Your external IP is set as approved, all other access is forbidden.</p>
diff --git a/wordpress-startup-script.sh b/wordpress-startup-script.sh
@@ -96,7 +96,7 @@ fi
 true
 SCRIPT_NAME="Wordpress startup script"
 # shellcheck source=lib.sh
-source /var/scripts/fetch_lib.sh 
+source /var/scripts/fetch_lib.sh
 
 # Check for errors + debug code and abort if something isn't right
 # 1 = ON
@@ -152,8 +152,7 @@ msg_box"This script will do the final setup for you
 - Create a new WP user
 - Upgrade the system
 - Activate TLS (Let's Encrypt)
-- Install Adminer
-- Change system timezone
+- Install different apps of your liking
 - Set new password to the Linux system (user: wordpress)
 
 ############### T&M Hansson IT AB -  $(date +"%Y") ###############"
@@ -258,8 +257,14 @@ echo "WP PASS: $NEWWPADMINPASS"
 
 # Change servername in Nginx
 server_name=$(echo "$FQDN" | cut -d "/" -f3)
-sed -i "s|# server_name .*|server_name $server_name;|g" "$SITES_ENABLED"/"$HTTP_CONF"
-sed -i "s|# server_name .*|server_name $server_name;|g" "$SITES_ENABLED"/"$TLS_CONF"
+if [ -f "$SITES_ENABLED"/"$HTTP_CONF" ]
+then
+    sed -i "s|# server_name .*|server_name $server_name;|g" "$SITES_ENABLED"/"$HTTP_CONF"
+fi
+if [ -f "$SITES_ENABLED"/"$TLS_CONF" ]
+then
+    sed -i "s|# server_name .*|server_name $server_name;|g" "$SITES_ENABLED"/"$TLS_CONF"
+fi
 restart_webserver
 
 # Show current administrators
@@ -344,6 +349,10 @@ LOGIN:
 Login to Wordpress in your browser:
 - IP: $ADDRESS
 - Hostname: $(hostname -f)
+
+If you get access 'Forbidden' while accessing wp-login.php, please allow your IP in:
+$SITES_ENABLED/your_active.conf
+
 ### PLEASE HIT OK TO REBOOT ###"
 
 # Reboot