diff --git a/createVhosts.sh b/createVhosts.sh index a5f3260..9e60a82 100755 --- a/createVhosts.sh +++ b/createVhosts.sh @@ -37,7 +37,44 @@ function get_cert function reload_nginx { - systemctl reload nginx + echo -n "Reloading Nginx..." + if systemctl reload nginx; then + echo "Success" + else + echo "Failed" + fi + + # Wait for nginx to reload + sleep 0.5 +} + +function verify_vhost +{ + local target=127.0.0.1 + local verify_path=/srv/http-content-combined/.well-known/ + local verify_file_name=verify.$_domain.html + local verify_full_path=$verify_path$verify_file_name + local http_resp + + if test -n "$_listenip"; then + target=$_listenip + fi + + mkdir -p $verify_path + touch $verify_full_path + http_resp=$(curl -I -H "Host: $_domain" http://$target/.well-known/$verify_file_name 2> /dev/null | grep 'HTTP/1.1 200 OK') + rm $verify_full_path + if test -z "$http_resp"; then + return 1 + else + return 0 + fi +} + +function rm_vhost_conf +{ + echo "Removing Nginx configuration" + rm $_vhost_conf_file } _cwd="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" @@ -176,12 +213,18 @@ EOF echo "Setting permissions on conf file..." setfacl -m user:sysadmin:rw $_vhost_conf_file -echo "Reloading Nginx..." reload_nginx +echo "Verifying vhost..." +if ! verify_vhost; then + rm_vhost_conf + reload_nginx + err "Failed to verify vhost" +fi + echo "Retrieving Let's Encrypt Certificate..." if ! get_cert; then - rm $_vhost_conf_file + rm_vhost_conf reload_nginx err "Failed to retrieve certificate!" fi @@ -205,5 +248,4 @@ ${_locationblock} } EOF -echo "Reloading Nginx..." reload_nginx