You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

46 lines
1.3 KiB

#!/bin/sh
if [ -f "/etc/nginx/luci_nginx_ssl.conf" ] && [ -f "/etc/nginx/nginx.conf" ]; then
if [ ! "$(cat '/etc/nginx/nginx.conf' | grep -q 'return 301 https://$host$request_uri;')" ]; then
if [ -f "/etc/nginx/nginx.conf_old" ]; then
rm /etc/nginx/nginx.conf
else
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf_old
fi
mv /etc/nginx/luci_nginx_ssl.conf /etc/nginx/nginx.conf
core_number=$(grep -c ^processor /proc/cpuinfo)
sed -i "3s/.*/worker_processes "$core_number";/" /etc/nginx/nginx.conf
if [ -n "$(pgrep nginx)" ]; then
/etc/init.d/nginx restart
else
/etc/init.d/nginx start
fi
fi
fi
if [ ! -f "/etc/nginx/nginx.key" ]; then
NGINX_KEY=/etc/nginx/nginx.key
NGINX_CER=/etc/nginx/nginx.cer
OPENSSL_BIN=/usr/bin/openssl
PX5G_BIN=/usr/sbin/px5g
# Prefer px5g for certificate generation (existence evaluated last)
GENKEY_CMD=""
UNIQUEID=$(dd if=/dev/urandom bs=1 count=4 | hexdump -e '1/1 "%02x"')
[ -x "$OPENSSL_BIN" ] && GENKEY_CMD="$OPENSSL_BIN req -x509 -nodes"
[ -x "$PX5G_BIN" ] && GENKEY_CMD="$PX5G_BIN selfsigned"
[ -n "$GENKEY_CMD" ] && {
$GENKEY_CMD \
-days 730 -newkey rsa:2048 -keyout "${NGINX_KEY}.new" -out "${NGINX_CER}.new" \
-subj /C="ZZ"/ST="Somewhere"/L="Unknown"/O="OpenWrt""$UNIQUEID"/CN="OpenWrt"
sync
mv "${NGINX_KEY}.new" "${NGINX_KEY}"
mv "${NGINX_CER}.new" "${NGINX_CER}"
}
fi
exit 0