okseby/sebys-hosting-scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix ssl config update

Browse source
This commit is contained in:
Sebastian Cabrera 2026-02-26 16:52:18 -05:00
parent 487c32ba16
commit cd3fba634e
Signed by: okseby
GPG key ID: 37783FE2501AE402
1 changed files with 53 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

99
install-wings.sh
View file

@ -2,7 +2,7 @@
set -euo pipefail set -euo pipefail
# Seby's Calagopus Wings Installer # Seby's Calagopus Wings Installer
# Designed for curl | bash usage # Safe for curl | bash usage
######################################## ########################################
# helpers # helpers
@ -56,11 +56,11 @@ apt_install() {
} }
######################################## ########################################
# SSL config updater # SSL config updater (runs AFTER config exists)
######################################## ########################################
update_wings_ssl_config() { update_ssl_config() {
local domain="$1" local domain="$1"
local cfg="/etc/calagopus/config.yml" local cfg="/etc/pterodactyl/config.yml"
local cert="/etc/letsencrypt/live/${domain}/fullchain.pem" local cert="/etc/letsencrypt/live/${domain}/fullchain.pem"
local key="/etc/letsencrypt/live/${domain}/privkey.pem" local key="/etc/letsencrypt/live/${domain}/privkey.pem"
@ -69,14 +69,21 @@ update_wings_ssl_config() {
return return
fi fi
if [[ ! -f "$cert" || ! -f "$key" ]]; then
warn "Cert files not found ($cert / $key) — skipping SSL update."
return
fi
say "Updating SSL section in $cfg" say "Updating SSL section in $cfg"
$SUDO cp -a "$cfg" "${cfg}.bak" $SUDO cp -a "$cfg" "${cfg}.bak"
# Rewrites only the ssl: block keys (expects standard indentation)
$SUDO awk -v cert="$cert" -v key="$key" ' $SUDO awk -v cert="$cert" -v key="$key" '
BEGIN { inssl=0 } BEGIN { inssl=0 }
{ {
if ($0 ~ /^ ssl:[[:space:]]*$/) { inssl=1; print; next } if ($0 ~ /^ ssl:[[:space:]]*$/) { inssl=1; print; next }
if (inssl==1) { if (inssl==1) {
# leave ssl block when we hit the next top-level section (two spaces + non-space)
if ($0 ~ /^ [^[:space:]]/ && $0 !~ /^ ssl:/) { inssl=0 } if ($0 ~ /^ [^[:space:]]/ && $0 !~ /^ ssl:/) { inssl=0 }
else if ($0 ~ /^ enabled:/) { print " enabled: true"; next } else if ($0 ~ /^ enabled:/) { print " enabled: true"; next }
else if ($0 ~ /^ cert:/) { print " cert: " cert; next } else if ($0 ~ /^ cert:/) { print " cert: " cert; next }
@ -85,6 +92,8 @@ update_wings_ssl_config() {
print print
} }
' "$cfg" | $SUDO tee "$cfg" >/dev/null ' "$cfg" | $SUDO tee "$cfg" >/dev/null
say "SSL config updated. Backup saved to ${cfg}.bak"
} }
######################################## ########################################
@ -94,7 +103,7 @@ need_tty
require_root_or_sudo require_root_or_sudo
if ! have apt-get; then if ! have apt-get; then
err "Only Debian/Ubuntu systems supported." err "Only Debian/Ubuntu supported."
exit 1 exit 1
fi fi
@ -110,47 +119,13 @@ else
if confirm_default_no "Install Docker?"; then if confirm_default_no "Install Docker?"; then
apt_install ca-certificates curl apt_install ca-certificates curl
curl -fsSL https://get.docker.com/ | CHANNEL=stable $SUDO bash curl -fsSL https://get.docker.com/ | CHANNEL=stable $SUDO bash
say "Docker installed: $(docker --version || true)"
else else
err "Docker required. Exiting." err "Docker required. Exiting."
exit 1 exit 1
fi fi
fi fi
########################################
# SSL (Certbot standalone)
########################################
DO_SSL=false
DOMAIN=""
EMAIL=""
if confirm_default_no "Set up SSL with certbot (standalone)?"; then
DOMAIN="$(prompt "Enter domain (e.g. node.example.com): ")"
EMAIL="$(prompt "Enter email for Let's Encrypt notices: ")"
if [[ -n "$DOMAIN" && -n "$EMAIL" ]]; then
DO_SSL=true
else
err "Domain and email required for SSL. Skipping."
fi
fi
if $DO_SSL; then
say "Installing certbot..."
apt_install certbot
warn "Ports 80/443 must be open and unused."
$SUDO certbot certonly \
--standalone \
-d "$DOMAIN" \
--non-interactive \
--agree-tos \
--email "$EMAIL" \
--no-eff-email
update_wings_ssl_config "$DOMAIN"
fi
######################################## ########################################
# Download Wings # Download Wings
######################################## ########################################
@ -176,13 +151,47 @@ say "Wings installed to $WINGS_BIN"
"$WINGS_BIN" version || true "$WINGS_BIN" version || true
######################################## ########################################
# Configure # Configure (creates /etc/pterodactyl/config.yml)
######################################## ########################################
if confirm_default_no "Run wings configure --join-data now?"; then CONFIG_CREATED=false
if confirm_default_no "Run wings configure --join-data now? (recommended)"; then
JOIN_DATA="$(prompt "Paste join-data string: ")" JOIN_DATA="$(prompt "Paste join-data string: ")"
if [[ -n "$JOIN_DATA" ]]; then if [[ -n "$JOIN_DATA" ]]; then
$SUDO mkdir -p /etc/calagopus $SUDO mkdir -p /etc/pterodactyl
$SUDO "$WINGS_BIN" configure --join-data "$JOIN_DATA" $SUDO "$WINGS_BIN" configure --join-data "$JOIN_DATA"
CONFIG_CREATED=true
else
warn "No join-data provided; skipping configure."
fi
else
warn "Skipping configure. SSL setup will be skipped because config.yml will not exist yet."
fi
########################################
# SSL (after config exists)
########################################
if $CONFIG_CREATED && confirm_default_no "Set up SSL with certbot now?"; then
DOMAIN="$(prompt "Enter domain (e.g. node.example.com): ")"
EMAIL="$(prompt "Enter email for Let's Encrypt renewal notices: ")"
if [[ -n "$DOMAIN" && -n "$EMAIL" ]]; then
say "Installing certbot..."
apt_install certbot
warn "Ports 80/443 must be open and not in use for standalone mode."
$SUDO certbot certonly \
--standalone \
-d "$DOMAIN" \
--non-interactive \
--agree-tos \
--email "$EMAIL" \
--no-eff-email
update_ssl_config "$DOMAIN"
else
warn "Domain/email missing. Skipping SSL."
fi fi
fi fi
@ -191,10 +200,8 @@ fi
######################################## ########################################
if confirm_default_no "Install as systemd service? (wings service-install)"; then if confirm_default_no "Install as systemd service? (wings service-install)"; then
$SUDO "$WINGS_BIN" service-install $SUDO "$WINGS_BIN" service-install
say "Service status:"
$SUDO systemctl --no-pager status wings || true $SUDO systemctl --no-pager status wings || true
fi fi
########################################
# Done
########################################
say "Installation complete." say "Installation complete."