Skip to main content

nginx_add.sh

nginx_add.sh

Sets up a new NGINX reverse proxy configuration for a project subdomain.

Location: Webserver VM (10.0.0.1, SSH port 22100)

Usage:

sudo ./nginx_add.sh <project_name> <port>

Example:

sudo ./nginx_add.sh s2s 3008

This will:

  1. Create /etc/nginx/sites-available/s2s.abair.ie
  2. Symlink to /etc/nginx/sites-enabled/
  3. Test and reload NGINX

The project will be accessible at https://s2s.abair.ie proxying to http://10.0.0.2:3008 (services VM).

Note: You must also create a DNS A record in Cloudflare for the subdomain. See Setting up Cloudflare DNS.

#!/bin/bash

# Setup a new nginx reverse proxy config for [project_name].abair.ie -> 10.0.0.2:[port]
# Usage: sudo ./nginx_add.sh <project_name> <port>

set -e

if [ "$#" -ne 2 ]; then
    echo "Usage: $0 <project_name> <port>"
    echo "Example: $0 s2s 3008"
    exit 1
fi

PROJECT_NAME="$1"
PORT="$2"
DOMAIN="${PROJECT_NAME}.abair.ie"
CONF_FILE="/etc/nginx/sites-available/${DOMAIN}"
ENABLED_LINK="/etc/nginx/sites-enabled/${DOMAIN}"

# Check running as root
if [ "$EUID" -ne 0 ]; then
    echo "Please run as root (sudo)"
    exit 1
fi

# Check if config already exists
if [ -f "$CONF_FILE" ]; then
    echo "Error: Config file $CONF_FILE already exists."
    exit 1
fi

# Create the nginx config
cat > "$CONF_FILE" <<EOF
server {
    listen 80;
    server_name ${DOMAIN};
    return 301 https://\$server_name\$request_uri;
}
server {
        listen 443 ssl;
        listen [::]:443 ssl;
        server_name ${DOMAIN};

        ssl_certificate /etc/letsencrypt/live/abair.ie/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/abair.ie/privkey.pem; # managed by Certbot
    access_log /etc/nginx/log/access_${PROJECT_NAME}.abair.ie;
    error_log /etc/nginx/log/error_${PROJECT_NAME}.abair.ie;
        location / {
            proxy_set_header   X-Real-IP \$remote_addr;
            proxy_set_header   X-Forwarded-For \$proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Proto \$scheme;
            proxy_set_header   X-Forwarded-Host \$host;
            proxy_set_header   Host \$host;
            proxy_pass         http://10.0.0.2:${PORT};
        }
}
EOF

echo "Created config: $CONF_FILE"

# Enable the site
if [ -d "/etc/nginx/sites-enabled" ]; then
    ln -s "$CONF_FILE" "$ENABLED_LINK"
    echo "Enabled site: $ENABLED_LINK"
fi

# Test nginx config
echo "Testing nginx configuration..."
nginx -t

# Reload nginx
echo "Reloading nginx..."
systemctl reload nginx

echo ""
echo "Done! ${DOMAIN} is now proxying to http://10.0.0.2:${PORT}"
echo "Make sure your DNS has an A/CNAME record for ${DOMAIN} pointing to this server."