From 6552aad62a216e04adac6895b7f292d993d30a6c Mon Sep 17 00:00:00 2001
From: Daniel Tsvetkov <danieltcv@gmail.com>
Date: Sun, 21 Jun 2020 21:18:50 +0200
Subject: [PATCH] update nginx insecure install

---
 oshipka.sh             | 14 +++++++-------
 provision/prod_mgmt.py |  4 +++-
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/oshipka.sh b/oshipka.sh
index a8b77b7..a30e241 100755
--- a/oshipka.sh
+++ b/oshipka.sh
@@ -48,6 +48,7 @@ init_venv() {
 
 install_reqs() {
   source venv/bin/activate
+  pip3 install --upgrade pip --trusted-host pypi.org --trusted-host files.pythonhosted.org
   pip install -r requirements.txt
 }
 
@@ -119,8 +120,8 @@ run_in_prod() {
 }
 
 prod_install() {
-   set -e
    shift
+   sudo apt install nginx dnsutils
    source venv/bin/activate
    PROJECT_NAME=$(basename `pwd`)
    echo "1/6 Generating service and config files..."
@@ -150,22 +151,21 @@ prod_install() {
    echo "3/6 Installing '$DOMAIN' domain..."
    python "${OSHIPKA_PATH}/provision/auto_dns/set_domain_ipv4.py" "$DOMAIN"
 
-   sudo apt install nginx
    sudo systemctl start nginx
    echo "Enabling firewall rule for 192.168.1.1 -> 80/tcp..."
    sudo ufw allow proto tcp from 192.168.1.1 to any port 80
    echo "4/6 Installing '$PROJECT_NAME' insecure nginx config..."
-   if [ -f "/etc/nginx/sites-available/${DOMAIN}_insecure.conf" ]; then
+   if [ -f "/etc/nginx/sites-available/${DOMAIN}.insecure" ]; then
      echo "Insecure Nginx config for ${PROJECT_NAME} available."
-     if [ -f "/etc/nginx/sites-enabled/${DOMAIN}_insecure.conf" ]; then
+     if [ -f "/etc/nginx/sites-enabled/${DOMAIN}_insecure" ]; then
        echo "Nginx config for ${PROJECT_NAME} enabled."
      else
        echo "Nginx config for ${PROJECT_NAME} NOT enabled."
      fi
    else
        echo "Installing insecure nginx config for ${PROJECT_NAME} -> enabling + available."
-       sudo cp "${OSHIPKA_PATH}/provision/tmp/${DOMAIN}_insecure.conf" /etc/nginx/sites-available/
-       sudo ln -s "/etc/nginx/sites-available/${DOMAIN}_insecure.conf" "/etc/nginx/sites-enabled/${DOMAIN}_insecure.conf"
+       sudo cp "${OSHIPKA_PATH}/provision/tmp/${DOMAIN}.insecure" /etc/nginx/sites-available/
+       sudo ln -s "/etc/nginx/sites-available/${DOMAIN}.insecure" "/etc/nginx/sites-enabled/${DOMAIN}.insecure"
        sudo systemctl reload nginx
    fi
 
@@ -176,7 +176,7 @@ prod_install() {
    echo "Enabling firewall rule for 192.168.1.1 -> 443/tcp..."
    sudo ufw allow proto tcp from 192.168.1.1 to any port 443
    echo "Removing '$PROJECT_NAME' insecure nginx config..."
-   sudo rm "/etc/nginx/sites-available/${DOMAIN}_insecure.conf" "/etc/nginx/sites-enabled/${DOMAIN}_insecure.conf"
+   sudo rm "/etc/nginx/sites-available/${DOMAIN}_insecure.conf" "/etc/nginx/sites-enabled/${DOMAIN}.insecure"
    if [ -f "/etc/nginx/sites-available/${NGINX_CONFIG_FILE}" ]; then
      echo "Nginx config for ${PROJECT_NAME} available."
      if [ -f "/etc/nginx/sites-enabled/${NGINX_CONFIG_FILE}" ]; then
diff --git a/provision/prod_mgmt.py b/provision/prod_mgmt.py
index 3a5fb00..04d0e7c 100644
--- a/provision/prod_mgmt.py
+++ b/provision/prod_mgmt.py
@@ -1,4 +1,5 @@
 import os
+import shutil
 
 from jinja2 import FileSystemLoader, Environment
 
@@ -13,6 +14,7 @@ MAX_UPLOAD_SIZE = "10m"
 oshipka_path = os.environ.get('OSHIPKA_PATH')
 TEMPLATES_PATH = os.path.join(oshipka_path, "provision", "templates")
 TMP_PATH = os.path.join(oshipka_path, "provision", "tmp")
+shutil.rmtree(TMP_PATH)
 os.makedirs(TMP_PATH, exist_ok=True)
 env = Environment(
     loader=FileSystemLoader(searchpath=TEMPLATES_PATH),
@@ -41,7 +43,7 @@ def prod_install():
     tmpl_fname = [
         ('gunicorn.service', "{}.service".format(project_name)),
         ('worker.service', "{}_worker.service".format(project_name)),
-        ('nginx_insecure.conf', "{}_insecure.conf".format(project_domain)),
+        ('nginx_insecure.conf', "{}.insecure".format(project_domain)),
         ('nginx.conf', "{}.conf".format(project_domain)),
     ]