Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

panel: Reorder, fixes, certbot with --nginx #100

Merged
merged 58 commits into from
Jan 14, 2021
Merged

panel: Reorder, fixes, certbot with --nginx #100

merged 58 commits into from
Jan 14, 2021

Conversation

Linux123123
Copy link
Member

@Linux123123 Linux123123 commented Oct 12, 2020
edited by vilhelmprytz

Big reorder, added more dividers, made code simpler to read, changed up the order a bit, remade perform_install, remade OS specific installs, removed redundant apt update, removed unused variables, added --nginx instead of --standalone, removed a lot of redundant checks for OS version (if it checks if OS is the correct and that it is supported against a hard coded list, we don't need to recheck that every time we run something).

No SSL ASSUME SSL SSL
Ubuntu 20.04
Ubuntu 18.04
Debian buster
Debian stretch
CentOS 7 *
CentOS 8 *

Fixes #88

@Linux123123
Reorder, fixes, certbot with --nginx
13e2e3a
@Linux123123
Fix placement of cersion check
becc8da
@Linux123123
Split enabled services function into 2 functions
23d580e
@Linux123123
Add back folder permissions
5c88db9
@Linux123123
Install python3-certbot-nginx instead of python
5f38426
@Linux123123
Fix letsencrypt being ran too early (typo)
9674397
@Linux123123
Maybe a fix for certbot with --nginx
83e185b
@Linux123123
Add back domain relacment.
8f13c09
@Linux123123
Fix typo
0a05656
@Linux123123
Change to nginx
33e6fdd
@Linux123123
Rearrange certbot
8c63736
@Linux123123
Remove certonly
db7b06d
@Linux123123
Remove --uir, because of errors
62a8495
@Linux123123
Remove "retarded" function as per request
0d996b7
@Linux123123
Remove unneeded variable
4bec6c0
@Linux123123
Fix firewall config
89a3ce3
@Linux123123
Centos change redis service name
cadf9d2
@Linux123123
Fix set_folder_permissions
33d4d41
@Linux123123
Remove unneeded comments
6235840
@Linux123123
Change python-certbot-nginx to version 3
3f569e1
@Linux123123
Change python3 to python
316313b
@Linux123123
Move back the dir check
45cab9a
@Linux123123
Merge branch 'master' of https://github.com/vilhelmprytz/pterodactyl-…
793e621 
…installer into pterodactyl-1.0
@Linux123123
Use case where it is possible.
3d731a4
@Linux123123
Copy link
Member Author

@vilhelmprytz A thing to say is that when using --nginx when it fails it doesn't edit any files, so if it fails it just makes the site with no ssl.
Also in this PR you can see that there are no nginx_ssl. This is because option --nginx automatically adds all the needed thing for ssl and converts a no ssl config to ssl config.
So basically there is no way to assume_ssl after using certbot with --nginx, because the files aren't edited if certificates fail. I don't see this as a flaw.

@vilhelmprytz
Copy link
Member

@vilhelmprytz A thing to say is that when using --nginx when it fails it doesn't edit any files, so if it fails it just makes the site with no ssl.
Also in this PR you can see that there are no nginx_ssl. This is because option --nginx automatically adds all the needed thing for ssl and converts a no ssl config to ssl config.
So basically there is no way to assume_ssl after using certbot with --nginx, because the files aren't edited if certificates fail. I don't see this as a flaw.

Yes, I see your point. I remember I mentioned I was going to implement certbot --nginx myself separately? This PR is way too big for me to do in one go, you've piled up too much work in one PR. Is it too late to ask if you can split it up in smaller separate PRs?

@Linux123123
Copy link
Member Author

@vilhelmprytz A thing to say is that when using --nginx when it fails it doesn't edit any files, so if it fails it just makes the site with no ssl.
Also in this PR you can see that there are no nginx_ssl. This is because option --nginx automatically adds all the needed thing for ssl and converts a no ssl config to ssl config.
So basically there is no way to assume_ssl after using certbot with --nginx, because the files aren't edited if certificates fail. I don't see this as a flaw.

Yes, I see your point. I remember I mentioned I was going to implement certbot --nginx myself separately? This PR is way too big for me to do in one go, you've piled up too much work in one PR. Is it too late to ask if you can split it up in smaller separate PRs?

A bit late I would say. I have a solution. We can do the review threw discord and quickly go threw all of the stuff that I have done. It would be really hard for me to split this PR.

vilhelmprytz
vilhelmprytz reviewed Jan 2, 2021
View reviewed changes
install-panel.sh Outdated Show resolved Hide resolved
install-panel.sh Outdated Show resolved Hide resolved
install-panel.sh Outdated Show resolved Hide resolved
install-panel.sh Outdated Show resolved Hide resolved
install-panel.sh Outdated Show resolved Hide resolved
install-panel.sh Outdated Show resolved Hide resolved
install-panel.sh Show resolved Hide resolved
install-panel.sh Show resolved Hide resolved
install-panel.sh Outdated Show resolved Hide resolved
install-panel.sh Outdated Show resolved Hide resolved
Linux123123 and others added 2 commits January 2, 2021 11:51
@Linux123123 @vilhelmprytz
SELinux can fail
449e946 
Co-authored-by: Vilhelm Prytz <vilhelm@prytznet.se>
@Linux123123 @vilhelmprytz
Opening 443 is not optional
f99ad10 
Co-authored-by: Vilhelm Prytz <vilhelm@prytznet.se>
@vilhelmprytz
Copy link
Member

vilhelmprytz commented Jan 2, 2021
edited

Also sorry for taking so long before properly reviewing your PR. When you move a lot of the functions around in conjunction with all the changes, it makes it harder for me to review in one go. 🙂

I think we're closing in on a merge now. I've got to test the script using Let's Encrypt before merge (after all review change requests are resolved).

@Linux123123
Copy link
Member Author

Linux123123 commented Jan 4, 2021
edited

Ok all OS are tested now.

@vilhelmprytz
panel: handle exit status 1 in ask_assume_ssl
2c9e366 
When executed, the exit status of a function is the exit status of the last command executed in the body. Since the expression would return exit 1, the function ask_assume_ssl would cause the script to exit if the user selected not to ASSUME_SSL (the expression is the last command of the function).
@vilhelmprytz
panel: fix shellcheck error from 2c9e366
fb2a957
@vilhelmprytz
panel: export /usr/local/bin to PATH on CentOS before composer cmd
54d5884 
vagrant centos images do not have /usr/local/bin in their path so we make sure it is always present
vilhelmprytz
vilhelmprytz approved these changes Jan 14, 2021
View reviewed changes
Copy link
Member

@vilhelmprytz vilhelmprytz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@vilhelmprytz vilhelmprytz merged commit 0961a9b into pterodactyl-installer:master Jan 14, 2021
vilhelmprytz added a commit that referenced this pull request Jan 14, 2021
@vilhelmprytz
Update CHANGELOG
8d33f64 
after #100 merge
@Linux123123 Linux123123 deleted the master-panel-PR branch April 6, 2021 13:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vilhelmprytz vilhelmprytz vilhelmprytz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Use Let's Encrypt --nginx over standalone webserver
2 participants
@Linux123123 @vilhelmprytz