Last active
September 18, 2018 20:32
-
-
Save ericktucto/149f4740504c83613d473df1f512f8aa to your computer and use it in GitHub Desktop.
Script to create ssl on Homestead. Save file on ~/.homestead/after.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# Post: https://laracasts.com/discuss/channels/tips/tip-how-to-enable-ssl-in-homestead-20 | |
# Populate this array with each of your dev site hostnames. | |
sites_hosts=( app.local ) # array, e.g., www.example.dev | |
# Config for SSL. | |
SSL_DIR="/etc/nginx/ssl" | |
PASSPHRASE="secret" | |
SUBJ=" | |
C=BE | |
ST=SomeState | |
O=SomeCompany | |
localityName=SomeCity | |
commonName=*.$DOMAIN | |
organizationalUnitName=HQ | |
emailAddress=some@email.com | |
" | |
echo "--- Making SSL Directory ---" | |
sudo mkdir -p "$SSL_DIR" | |
for i in "${sites_hosts[@]}" | |
do | |
echo "--- Copying $i SSL crt and key ---" | |
DOMAIN=$i | |
sudo openssl genrsa -out "$SSL_DIR/$DOMAIN.key" 1024 >/dev/null 2>&1 | |
sudo openssl req -new -subj "$(echo -n "$SUBJ" | tr "\n" "/")" -key "$SSL_DIR/$DOMAIN.key" -out "$SSL_DIR/$DOMAIN.csr" -passin pass:$PASSPHRASE >/dev/null 2>&1 | |
sudo openssl x509 -req -days 365 -in "$SSL_DIR/$DOMAIN.csr" -signkey "$SSL_DIR/$DOMAIN.key" -out "$SSL_DIR/$DOMAIN.crt" >/dev/null 2>&1 | |
# Comment out this line if you prefer ssl on a per | |
# server basis, rather for all sites on the vm. | |
# If commented out you can access hosts on http | |
# port 8000, and https port 44300. If uncommented, | |
# you can ONLY access hosts via https on port 44300. | |
#echo "--- Turning SSL on in nginx.conf. ---" | |
#sed -i "/sendfile on;/a \\ ssl on;" /etc/nginx/nginx.conf | |
echo "--- Inserting SSL directives into site's server file. ---" | |
sed -i "/listen 80;/a \\\n listen 443 ssl;\n ssl_certificate /etc/nginx/ssl/$i.crt;\n ssl_certificate_key /etc/nginx/ssl/$i.key;\n\n" /etc/nginx/sites-available/$i | |
done | |
echo "--- Restarting Serivces ---" | |
service nginx restart | |
service php5-fpm restart |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment