Home Explore Help
Sign In
joker
/
oneinstack
mirror of https://github.com/oneinstack/oneinstack/
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Update vhost.sh

lj2007331@gmail.com 6 years ago
parent
f343f6a34a
commit
c9fde8c04f
3 changed files with 8 additions and 5 deletions
Split View Show Diff Stats
  1. 1 1
      init.d/redis-server.service
  2. 1 1
      versions.txt
  3. 6 3
      vhost.sh

+ 1 - 1
init.d/redis-server.service
View File 

@@ -13,7 +13,7 @@ PermissionsStartOnly=true
 
 ExecStartPre=/bin/mkdir -p ${statedir}
 
 ExecStartPre=/bin/chown -R redis:redis ${statedir}
 
 ExecStart=/usr/local/redis/bin/redis-server /usr/local/redis/etc/redis.conf
 
-ExecStop=/usr/local/redis/bin/redis-cli shutdown
 
+ExecStop=/bin/kill -s TERM $MAINPID
 
 Restart=always
 
 LimitNOFILE=1000000
 
 LimitNPROC=1000000

+ 1 - 1
versions.txt
View File 

@@ -97,7 +97,7 @@ pecl_mongodb_ver=1.5.3
 
 pecl_mongo_ver=1.6.16
 
 
 # phpMyadmin
 
-phpmyadmin_ver=4.8.3
 
+phpmyadmin_ver=4.8.4
 
 phpmyadmin_oldver=4.4.15.10
 
 
 # jemalloc

+ 6 - 3
vhost.sh
View File 

@@ -158,6 +158,7 @@ If you enter '.', the field will be left blank.
 
     echo
 
     read -e -p "Country Name (2 letter code) [CN]: " SELFSIGNEDSSL_C
 
     SELFSIGNEDSSL_C=${SELFSIGNEDSSL_C:-CN}
 
+    [ ${#SELFSIGNEDSSL_C} != 2 ] && { echo "${CWARNING}input error, You must input 2 letter code country name${CEND}"; continue; }
 
     echo
 
     read -e -p "State or Province Name (full name) [Shanghai]: " SELFSIGNEDSSL_ST
 
     SELFSIGNEDSSL_ST=${SELFSIGNEDSSL_ST:-Shanghai}
 
@@ -401,7 +402,7 @@ What Are You Doing?
 
       LISTENOPT="443 ssl spdy"
 
     fi
 
     Create_SSL
 
-    Nginx_conf=$(echo -e "listen 80;\n  listen ${LISTENOPT};\n  ssl_certificate ${PATH_SSL}/${domain}.crt;\n  ssl_certificate_key ${PATH_SSL}/${domain}.key;\n  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n  ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;\n  ssl_prefer_server_ciphers on;\n  ssl_session_timeout 10m;\n  ssl_session_cache builtin:1000 shared:SSL:10m;\n  ssl_buffer_size 1400;\n  add_header Strict-Transport-Security max-age=15768000;\n  ssl_stapling on;\n  ssl_stapling_verify on;\n")
 
+    Nginx_conf=$(echo -e "listen 80;\n  listen ${LISTENOPT};\n  ssl_certificate ${PATH_SSL}/${domain}.crt;\n  ssl_certificate_key ${PATH_SSL}/${domain}.key;\n  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;\n  ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;\n  ssl_prefer_server_ciphers on;\n  ssl_session_timeout 10m;\n  ssl_session_cache builtin:1000 shared:SSL:10m;\n  ssl_buffer_size 1400;\n  add_header Strict-Transport-Security max-age=15768000;\n  ssl_stapling on;\n  ssl_stapling_verify on;\n")
 
     Apache_SSL=$(echo -e "SSLEngine on\n  SSLCertificateFile \"${PATH_SSL}/${domain}.crt\"\n  SSLCertificateKeyFile \"${PATH_SSL}/${domain}.key\"")
 
   elif [ "$apache_ssl_flag" == 'y' ]; then
 
     Create_SSL
 
@@ -643,8 +644,8 @@ EOF
 
       sed -i "s@^  server_name.*;@&\n  ssl_session_cache builtin:1000 shared:SSL:10m;@" ${web_install_dir}/conf/vhost/${domain}.conf
 
       sed -i "s@^  server_name.*;@&\n  ssl_session_timeout 10m;@" ${web_install_dir}/conf/vhost/${domain}.conf
 
       sed -i "s@^  server_name.*;@&\n  ssl_prefer_server_ciphers on;@" ${web_install_dir}/conf/vhost/${domain}.conf
 
-      sed -i "s@^  server_name.*;@&\n  ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:\!MD5;@" ${web_install_dir}/conf/vhost/${domain}.conf
 
-      sed -i "s@^  server_name.*;@&\n  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;@" ${web_install_dir}/conf/vhost/${domain}.conf
 
+      sed -i "s@^  server_name.*;@&\n  ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:\!MD5;@" ${web_install_dir}/conf/vhost/${domain}.conf
 
+      sed -i "s@^  server_name.*;@&\n  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;@" ${web_install_dir}/conf/vhost/${domain}.conf
 
       sed -i "s@^  server_name.*;@&\n  ssl_certificate_key ${PATH_SSL}/${domain}.key;@" ${web_install_dir}/conf/vhost/${domain}.conf
 
       sed -i "s@^  server_name.*;@&\n  ssl_certificate ${PATH_SSL}/${domain}.crt;@" ${web_install_dir}/conf/vhost/${domain}.conf
 
     fi
 
@@ -925,6 +926,7 @@ Del_NGX_Vhost() {
 
             if [ -e "${web_install_dir}/conf/vhost/${domain}.conf" ]; then
 
               Directory=$(grep '^  root' ${web_install_dir}/conf/vhost/${domain}.conf | head -1 | awk -F'[ ;]' '{print $(NF-1)}')
 
               rm -f ${web_install_dir}/conf/vhost/${domain}.conf
 
+              [ -e "${web_install_dir}/conf/ssl/${domain}.crt" ] && rm -f ${web_install_dir}/conf/ssl/${domain}.{crt,key}
 
               ${web_install_dir}/sbin/nginx -s reload
 
               while :; do echo
 
                 read -e -p "Do you want to delete Virtul Host directory? [y/n]: " Del_Vhost_wwwroot_flag
 
@@ -973,6 +975,7 @@ Del_Apache_Vhost() {
 
             if [ -e "${apache_install_dir}/conf/vhost/${domain}.conf" ]; then
 
               Directory=$(grep '^<Directory ' ${apache_install_dir}/conf/vhost/${domain}.conf | head -1 | awk -F'"' '{print $2}')
 
               rm -f ${apache_install_dir}/conf/vhost/${domain}.conf
 
+              [ -e "${apache_install_dir}/conf/ssl/${domain}.crt" ] && rm -f ${apache_install_dir}/conf/ssl/${domain}.{crt,key}
 
               ${apache_install_dir}/bin/apachectl -k graceful
 
               while :; do echo
 
                 read -e -p "Do you want to delete Virtul Host directory? [y/n]: " Del_Vhost_wwwroot_flag