warden/rlgallery-misc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add files related to SSL support.

Browse source
This commit is contained in:
John "Elwin" Edwards 2016-12-30 12:48:58 -05:00
parent 0f5f0bb67f
commit 9ba9d5c90e
4 changed files with 50 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

9
README.txt
View file

@ -4,8 +4,9 @@ dgl/ contains the Gallery's dgamelaunch.conf file, the dgamelaunch menus, and
a patch to the Git version of dgamelaunch. The patch makes it compatible with a patch to the Git version of dgamelaunch. The patch makes it compatible with
the RLGWebD player and adds properly salted passwords. the RLGWebD player and adds properly salted passwords.
lighttpd/ contains a configuration file for lighttpd which should be included lighttpd/ contains configuration files for lighttpd which should be included
from the main lighttpd.conf. from the main lighttpd.conf. It also includes a configuration file for
certbot, for obtaining an SSL certificate.
py/ contains various Python scripts. Python 3 is required. The dependencies py/ contains various Python scripts. Python 3 is required. The dependencies
needed are psycopg2 and pytz. needed are psycopg2 and pytz.
@ -22,6 +23,8 @@ in /lib/python<x.y>/site-packages or the equivalent location.
py/rlgnotes is a basic blog creator. It makes a blog (with RSS feed!) at py/rlgnotes is a basic blog creator. It makes a blog (with RSS feed!) at
the URL /notes using text files as the source. Currently experimental. the URL /notes using text files as the source. Currently experimental.
scripts/ contains shell scripts that are useful in the setup process.
web/ contains the static parts of the rlgallery.org website. Note that when web/ contains the static parts of the rlgallery.org website. Note that when
installed, scoring/ needs to be writable by whatever user is running the installed, web/scoring/ needs to be writable by whatever user is running the
recorder.py script. recorder.py script.

10
lighttpd/certbot-cli.ini Normal file
View file

@ -0,0 +1,10 @@
# rlgallery.org configuration file for certbot
# Install at /etc/letsencrypt/cli.ini
authenticator = webroot
webroot-path = /var/www/lighttpd
agree-tos = True
non-interactive = True
# email, domain, and post-hook need to be specified by options

8
lighttpd/rlgallery-ssl.conf Normal file
View file

@ -0,0 +1,8 @@
# Lighttpd SSL configuration for rlgallery.org
# Include in the main lighttpd configuration file
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/ssl/host.pem"
ssl.ca-file = "/etc/lighttpd/ssl/chain.pem"
}

26
scripts/create-combined-pemfile Executable file
View file

@ -0,0 +1,26 @@
#!/bin/sh
# Combines a private key and host cert into a single pemfile, for webservers
# that require it.
if [ $# -lt 1 ]
then
echo "No domains given."
exit 1
fi
for DOMAIN in "$@"
do
LINKDIR=/etc/letsencrypt/live/"$DOMAIN"
if [ ! -d "$LINKDIR" ]
then
echo "No certificates for $DOMAIN, skipping"
continue
fi
REALCERTFILE=`readlink -f "$LINKDIR"/cert.pem`
PEMFILE=`dirname "$REALCERTFILE"`/combined.pem
touch "$PEMFILE"
chown root:root "$PEMFILE"
chmod 400 "$PEMFILE"
cat "$LINKDIR"/privkey.pem "$LINKDIR"/cert.pem >"$PEMFILE"
ln -s -f -r "$PEMFILE" "$LINKDIR"/combined.pem
done