dhruv/local_dns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6eb1547e522a3fdaad297a313d7d1590ee93d4af
local_dns/append_more_with_hot_reload_at_runtime.sh
dhruv 6eb1547e52 first commit
2025-11-16 21:13:17 +05:30

84 lines
2.6 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -Eeuo pipefail
# --- config you can tweak ---
CONF="/etc/nginx/sites-available/lan-proxy.conf"
PROXY_IP="192.168.1.202" # Nginx box LAN IP
ID_BACKEND="192.168.1.202:21118" # id.generalinfinity.cloud target
RELAY_BACKEND="192.168.1.202:21119" # relay.generalinfinity.cloud target
# ----------------------------
STAMP="$(date +%F-%H%M%S)"
sudo install -d /etc/nginx/sites-available /etc/nginx/sites-enabled
sudo touch "$CONF"
# backup
sudo cp -a "$CONF" "${CONF}.bak-${STAMP}"
# append id.generalinfinity.cloud if missing
if ! sudo grep -q 'server_name id.generalinfinity.cloud' "$CONF"; then
sudo tee -a "$CONF" >/dev/null <<EOF
server {
listen 443 ssl;
server_name id.generalinfinity.cloud;
ssl_certificate /etc/nginx/local.crt;
ssl_certificate_key /etc/nginx/local.key;
location / {
proxy_pass http://$ID_BACKEND;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade";
}
}
EOF
fi
# append relay.generalinfinity.cloud if missing
if ! sudo grep -q 'server_name relay.generalinfinity.cloud' "$CONF"; then
sudo tee -a "$CONF" >/dev/null <<EOF
server {
listen 443 ssl;
server_name relay.generalinfinity.cloud;
ssl_certificate /etc/nginx/local.crt;
ssl_certificate_key /etc/nginx/local.key;
location / {
proxy_pass http://$RELAY_BACKEND;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade";
}
}
EOF
fi
# refresh self-signed cert to include ALL hostnames (SAN)
sudo openssl req -x509 -nodes -newkey rsa:2048 \
-keyout /etc/nginx/local.key -out /etc/nginx/local.crt -days 365 \
-subj "/CN=github.generalinfinity.cloud" \
-addext "subjectAltName=DNS:github.generalinfinity.cloud,DNS:call.generalinfinity.cloud,DNS:id.generalinfinity.cloud,DNS:relay.generalinfinity.cloud" \
>/dev/null 2>&1
# validate and hot-reload (zero downtime)
if sudo nginx -t; then
sudo systemctl reload nginx
else
echo "❌ nginx test failed; restoring backup"
sudo mv "${CONF}.bak-${STAMP}" "$CONF"
exit 1
fi
# ensure local name resolution to the proxy
grep -q 'id.generalinfinity.cloud' /etc/hosts || echo "$PROXY_IP id.generalinfinity.cloud" | sudo tee -a /etc/hosts
grep -q 'relay.generalinfinity.cloud' /etc/hosts || echo "$PROXY_IP relay.generalinfinity.cloud" | sudo tee -a /etc/hosts
# quick tests (ignore trust; use -k)
curl -kI https://id.generalinfinity.cloud || true
curl -kI https://relay.generalinfinity.cloud || true
echo "✅ Done. Nginx reloaded without interruption."
Reference in New Issue View Git Blame Copy Permalink