#!/bin/bash
# Prompt for the domain name
read -p "Enter the domain name (e.g., example.local): " DOMAIN
# Step 1: Create a Local CA (if it doesn't already exist)
CA_DIR="/etc/ssl/localCA"
DOMAIN_DIR="/etc/ssl/$DOMAIN"
APACHE_CONF_DIR="/etc/apache2/sites-available"
APACHE_CONF="$APACHE_CONF_DIR/$DOMAIN-ssl.conf"
sudo mkdir -p /var/www/$DOMAIN/public
sudo chown -R $USER:$USER /var/www/$DOMAIN/public
sudo chmod -R 755 /var/www
sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/$DOMAIN.conf
sudo bash -c "cat > /etc/apache2/sites-available/$DOMAIN.conf" << EOF
<VirtualHost *:80>
ServerAdmin webmaster@$DOMAIN
ServerName $DOMAIN
ServerAlias www.$DOMAIN
DocumentRoot /var/www/$DOMAIN/public
<Directory /var/www/$DOMAIN/public>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog \${APACHE_LOG_DIR}/$DOMAIN-error.log
CustomLog \${APACHE_LOG_DIR}/$DOMAIN-access.log combined
</VirtualHost>
EOF
sudo bash -c "cat > /var/www/$DOMAIN/public/index.html" << EOF
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/water.css@2/out/water.min.css">
<title>$DOMAIN</title>
</head>
<body>
<h1>Welcome to $DOMAIN</h1>
</body>
</html>
EOF
sudo a2ensite $DOMAIN.conf
sudo systemctl restart apache2
sudo mkdir -p $CA_DIR
# Generate the CA key (if it doesn't already exist)
if [ ! -f $CA_DIR/localCA.key ]; then
sudo openssl genrsa -out $CA_DIR/localCA.key 2048
fi
# Create the CA certificate (if it doesn't already exist)
if [ ! -f $CA_DIR/localCA.crt ]; then
sudo openssl req -x509 -new -nodes -key $CA_DIR/localCA.key -sha256 -days 3650 -out $CA_DIR/localCA.crt -subj "/C=US/ST=State/L=City/O=Local CA/OU=IT/CN=Local CA"
fi
# Step 2: Create a Certificate for Your Domain
sudo mkdir -p $DOMAIN_DIR
cd $DOMAIN_DIR
# Generate a key for your domain
sudo openssl genrsa -out $DOMAIN.key 2048
# Create a certificate signing request (CSR)
sudo openssl req -new -key $DOMAIN.key -out $DOMAIN.csr -subj "/C=US/ST=State/L=City/O=My Company/OU=IT/CN=$DOMAIN"
# Create a configuration file for the certificate
sudo bash -c "cat > $DOMAIN.ext" << EOL
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = $DOMAIN
DNS.2 = www.$DOMAIN
EOL
# Sign the CSR with your CA
sudo openssl x509 -req -in $DOMAIN.csr -CA $CA_DIR/localCA.crt -CAkey $CA_DIR/localCA.key -CAcreateserial -out $DOMAIN.crt -days 365 -sha256 -extfile $DOMAIN.ext
# Step 3: Configure Apache to Use the SSL Certificate
sudo bash -c "cat > $APACHE_CONF" << EOL
<VirtualHost *:443>
ServerAdmin webmaster@$DOMAIN
ServerName $DOMAIN
ServerAlias www.$DOMAIN
DocumentRoot /var/www/$DOMAIN/public
<Directory /var/www/$DOMAIN/public>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLEngine on
SSLCertificateFile $DOMAIN_DIR/$DOMAIN.crt
SSLCertificateKeyFile $DOMAIN_DIR/$DOMAIN.key
SSLCertificateChainFile $CA_DIR/localCA.crt
ErrorLog \${APACHE_LOG_DIR}/$DOMAIN-error.log
CustomLog \${APACHE_LOG_DIR}/$DOMAIN-access.log combined
</VirtualHost>
EOL
# Enable the SSL module and the new virtual host
sudo a2enmod ssl
sudo a2ensite $DOMAIN-ssl.conf
# Restart Apache
sudo systemctl restart apache2
# Step 4: Trust the Local CA Certificate
# Add the CA certificate to the system's trusted root certificates
sudo cp $CA_DIR/localCA.crt /usr/local/share/ca-certificates/localCA.crt
sudo update-ca-certificates
# Step 5: Update /etc/hosts
# Add the domain to /etc/hosts
echo "127.0.0.1 $DOMAIN" | sudo tee -a /etc/hosts
# Summary message
echo "SSL configuration for $DOMAIN is complete. You can access your site at https://$DOMAIN"
echo "Remember to add the local CA certificate to your browser's trusted root certificates."
#!/bin/bash
# Prompt for the domain name
read -p "Enter the domain name (e.g., example.local): " DOMAIN
sudo systemctl enable apache2
# Directories
CA_DIR="/etc/ssl/localCA"
DOMAIN_DIR="/etc/ssl/$DOMAIN"
APACHE_CONF_DIR="/etc/apache2/sites-available"
APACHE_CONF="$APACHE_CONF_DIR/$DOMAIN-ssl.conf"
# Create the document root and set permissions
sudo mkdir -p /var/www/$DOMAIN/public
sudo chown -R $USER:$USER /var/www/$DOMAIN/public
sudo chmod -R 755 /var/www
# Create the virtual host configuration for HTTP
sudo bash -c "cat > /etc/apache2/sites-available/$DOMAIN.conf" << EOF
<VirtualHost *:80>
ServerAdmin webmaster@$DOMAIN
ServerName $DOMAIN
ServerAlias www.$DOMAIN
DocumentRoot /var/www/$DOMAIN/public
<Directory /var/www/$DOMAIN/public>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog \${APACHE_LOG_DIR}/$DOMAIN-error.log
CustomLog \${APACHE_LOG_DIR}/$DOMAIN-access.log combined
</VirtualHost>
EOF
# Create a simple index.html
sudo bash -c "cat > /var/www/$DOMAIN/public/index.html" << EOF
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/water.css@2/out/water.min.css">
<title>$DOMAIN</title>
</head>
<body>
<h1>Welcome to $DOMAIN</h1>
</body>
</html>
EOF
# Enable the HTTP site
sudo a2ensite $DOMAIN.conf
sudo systemctl restart apache2
# Step 2: Create a Certificate for Your Domain
sudo mkdir -p $DOMAIN_DIR
cd $DOMAIN_DIR
# Generate a key for your domain
sudo openssl genrsa -out $DOMAIN.key 2048
# Create a certificate signing request (CSR)
sudo openssl req -new -key $DOMAIN.key -out $DOMAIN.csr -subj "/C=US/ST=State/L=City/O=My Company/OU=IT/CN=$DOMAIN"
# Create a configuration file for the certificate
sudo bash -c "cat > $DOMAIN.ext" << EOL
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = $DOMAIN
DNS.2 = www.$DOMAIN
EOL
# Sign the CSR with your existing CA
sudo openssl x509 -req -in $DOMAIN.csr -CA $CA_DIR/localCA.crt -CAkey $CA_DIR/localCA.key -CAcreateserial -out $DOMAIN.crt -days 365 -sha256 -extfile $DOMAIN.ext
# Step 3: Configure Apache to Use the SSL Certificate
sudo bash -c "cat > $APACHE_CONF" << EOL
<VirtualHost *:443>
ServerAdmin webmaster@$DOMAIN
ServerName $DOMAIN
ServerAlias www.$DOMAIN
DocumentRoot /var/www/$DOMAIN/public
<Directory /var/www/$DOMAIN/public>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLEngine on
SSLCertificateFile $DOMAIN_DIR/$DOMAIN.crt
SSLCertificateKeyFile $DOMAIN_DIR/$DOMAIN.key
SSLCertificateChainFile $CA_DIR/localCA.crt
ErrorLog \${APACHE_LOG_DIR}/$DOMAIN-error.log
CustomLog \${APACHE_LOG_DIR}/$DOMAIN-access.log combined
</VirtualHost>
EOL
# Enable the SSL site
sudo a2ensite $DOMAIN-ssl.conf
# Restart Apache
sudo systemctl restart apache2
# Step 5: Update /etc/hosts
# Add the domain to /etc/hosts
echo "127.0.0.1 $DOMAIN" | sudo tee -a /etc/hosts
# Summary message
echo "SSL configuration for $DOMAIN is complete. You can access your site at https://$DOMAIN"
echo "Remember to add the local CA certificate to your browser's trusted root certificates if you haven't done so already."
#!/bin/bash
# Generate random database name, user, and password
DB_NAME="db_$(openssl rand -hex 4)"
DB_USER="user_$(openssl rand -hex 4)"
DB_PASS="$(openssl rand -base64 12)"
# Create database
mysql -u root --password= -e "CREATE DATABASE ${DB_NAME};"
# Create user and grant privileges
mysql -u root --password= -e "CREATE USER '${DB_USER}'@'localhost' IDENTIFIED BY '${DB_PASS}';"
mysql -u root --password= -e "GRANT ALL PRIVILEGES ON ${DB_NAME}.* TO '${DB_USER}'@'localhost';"
mysql -u root --password= -e "FLUSH PRIVILEGES;"
# Print the generated database name, user, and password
echo "Database Name: ${DB_NAME}"
echo "Database User: ${DB_USER}"
echo "Database Password: ${DB_PASS}"