From e43398f85da85cfce5b3fc0ec10d209b34795bbc Mon Sep 17 00:00:00 2001
From: David Schroeder <david@schroedercity.com>
Date: Sat, 11 Nov 2023 21:03:22 -0600
Subject: [PATCH] update

---
 defaults.inc  |  2 +-
 inc/sites.inc | 51 +++++++++++++++++++++++++++------------------------
 2 files changed, 28 insertions(+), 25 deletions(-)

diff --git a/defaults.inc b/defaults.inc
index d9bc7555..510cd081 100755
--- a/defaults.inc
+++ b/defaults.inc
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-VERS='4.12.140-11112023'
+VERS='4.13.1-11112023'
 
 noheader=' service status-check nightlyrephp7.3-fpm,new backup report check checkcerts gitea update-nodes copynpmcerts singleservercheck update-dyndns backup-offsitepfsense gui nightlyreview update '
 CERT_DAEMON='/snap/bin/certbot'
diff --git a/inc/sites.inc b/inc/sites.inc
index a2219a70..9c301373 100755
--- a/inc/sites.inc
+++ b/inc/sites.inc
@@ -349,9 +349,9 @@ NEWSITE(){
 			echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}"
 			echo 
 			
-			[ "${WEBSOCKET}" == "yes" ] && WEBSOCKET="include conf.d\/include\/websocket-support.conf;" || WEBSOCKET=""
-			[ "${HSTS}" == "yes" ] && HSTS="include conf.d\/include\/hsts-support.conf;" || HSTS=""
-			[ "${EXPLOITS}" == "yes" ] && EXPLOITS="include conf.d\/include\/block-exploits.conf;" || EXPLOITS=""
+			# [ "${WEBSOCKET}" == "yes" ] && WEBSOCKET="include conf.d\/include\/websocket-support.conf;" || WEBSOCKET=""
+			# [ "${HSTS}" == "yes" ] && HSTS="include conf.d\/include\/hsts-support.conf;" || HSTS=""
+			# [ "${EXPLOITS}" == "yes" ] && EXPLOITS="include conf.d\/include\/block-exploits.conf;" || EXPLOITS=""
 			if [[ "${SECURE}" = *"FA"* ]] && [ "${NM_DOCKER_COMPOSE_LOC['authelia']}" != "" ]; then
 				echo -e "${idsCL[LightGreen]}Configuring Authelia SSO for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}"
 
@@ -363,9 +363,8 @@ NEWSITE(){
 				ssh root@${NM_AUTHELIA_IP} "sed -i \"s/~~~/   /g\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml"
 				ssh root@${NM_AUTHELIA_IP} "/usr/bin/docker restart authelia >/dev/null 2>&1"
 				
-				SECURE="include conf.d\/include\/secure-access.conf;"
-			else
-				SECURE=""
+			# else
+			# 	SECURE=""
 				
 			fi
 			
@@ -414,20 +413,22 @@ NEWSITE(){
 				
 				sudo -u www-data mkdir -p /var/www/${MAIN_SITE}/{public_html,nginx_logs}
 				
+				
 			######################################### PROXY
 			else
 				
-				cp ${NM_FOLDER}/templates/nginx.proxy.site ${nginxconfig}
-				sed -i "s/<<SERVER_NAME>>/${NGINX_SERVERNAME}/g" ${nginxconfig}
-				sed -i "s/<<MAIN_SITE>>/${MAIN_SITE}/g" ${nginxconfig}
-				sed -i "s/<<PROXY_IP>>/${PROXYHOST}/g" ${nginxconfig}
-				sed -i "s/<<PROXY_PORT>>/${PROXYPORT}/g" ${nginxconfig}
-				sed -i "s/<<PROXY_SCHEME>>/${PROXYSCHEME}/g" ${nginxconfig}
-				sed -i "s/<<WEBSOCKET>>/${WEBSOCKET}/g" ${nginxconfig}
-				sed -i "s/<<HSTS>>/${HSTS}/g" ${nginxconfig}
-				sed -i "s/<<EXPLOITS>>/${EXPLOITS}/g" ${nginxconfig}
-				sed -i "s/<<SECURE>>/${SECURE}/g" ${nginxconfig}
-				sed -i "s%<<NM_CERTPATH>>%${NM_CERTPATH}%g" ${nginxconfig}
+				NEWPROXYSITE_CREATE ${MAIN_SITE} ${NGINX_SERVERNAME} ${PROXYHOST} ${PROXYPORT} ${PROXYSCHEME} ${WEBSOCKET} ${HSTS} ${EXPLOITS} ${SECURE} ${CREATE_SSL}
+				# cp ${NM_FOLDER}/templates/nginx.proxy.site ${nginxconfig}
+				# sed -i "s/<<SERVER_NAME>>/${NGINX_SERVERNAME}/g" ${nginxconfig}
+				# sed -i "s/<<MAIN_SITE>>/${MAIN_SITE}/g" ${nginxconfig}
+				# sed -i "s/<<PROXY_IP>>/${PROXYHOST}/g" ${nginxconfig}
+				# sed -i "s/<<PROXY_PORT>>/${PROXYPORT}/g" ${nginxconfig}
+				# sed -i "s/<<PROXY_SCHEME>>/${PROXYSCHEME}/g" ${nginxconfig}
+				# sed -i "s/<<WEBSOCKET>>/${WEBSOCKET}/g" ${nginxconfig}
+				# sed -i "s/<<HSTS>>/${HSTS}/g" ${nginxconfig}
+				# sed -i "s/<<EXPLOITS>>/${EXPLOITS}/g" ${nginxconfig}
+				# sed -i "s/<<SECURE>>/${SECURE}/g" ${nginxconfig}
+				# sed -i "s%<<NM_CERTPATH>>%${NM_CERTPATH}%g" ${nginxconfig}
 			fi
 			
 			if [ "${CREATE_SSL}" = "yes" ]; then
@@ -512,13 +513,13 @@ NEWPROXYSITE_CREATE(){
 				DEL-SSL ${SITENAME} >/dev/null 2>&1
 				echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}\n"
 				echo -en "\n${idsCL[LightCyan]}Requesting new SSL Cert ... "
-				# NEWCERT ${NGINX_SERVERNAME} >/dev/null 2>&1
+				NEWCERT ${NGINX_SERVERNAME} >/dev/null 2>&1
 				echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}\n"
 				sed -i "s/live\/${SITENAME}\//live\/${MAIN_SITE}\//g" ${nginxconfig}
 				
 			elif [ "${oldservernames}" != "${NGINX_SERVERNAME}" ]; then
 				echo -e "\n${idsCL[LightCyan]}Updating SSL Cert for hostname changes, select 'E'xpand when prompted:"
-				# NEWCERT ${NGINX_SERVERNAME}
+				NEWCERT ${NGINX_SERVERNAME}
 				echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}\n"
 			else
 				echo "WHAT ELSE"
@@ -530,31 +531,33 @@ NEWPROXYSITE_CREATE(){
 		fi
 		
 		
-		if [ "${SSL}" == "Yes" ]; then
+		if [ "${SSL^^}" == "YES" ]; then
 			sed -i "s/#ssl_certificate/ssl_certificate/g" ${nginxconfig}
+			sed -i "s/#listen 443/listen 443/g" ${nginxconfig}
 			sed -i "s/#include conf.d\/include\/ssl-ciphers.conf/include conf.d\/include\/ssl-ciphers.conf/g" ${nginxconfig}
 			sed -i "s/#include conf.d\/include\/force-ssl.conf/include conf.d\/include\/force-ssl.conf/g" ${nginxconfig}
 		else
 			sed -i "s/ssl_certificate/#ssl_certificate/g" ${nginxconfig}
+			sed -i "s/listen 443/#listen 443/g" ${nginxconfig}
 			sed -i "s/include conf.d\/include\/ssl-ciphers.conf/#include conf.d\/include\/ssl-ciphers.conf/g" ${nginxconfig}
 			sed -i "s/include conf.d\/include\/force-ssl.conf/#include conf.d\/include\/force-ssl.conf/g" ${nginxconfig}
 		fi
-		if [ "${SECURE}" == "Yes" ]; then
+		if [ "${SECURE^^}" == "YES" ] || [[ "${SECURE}" = *"FA"* ]]; then
 			sed -i "s/#include conf.d\/include\/secure-access.conf/include conf.d\/include\/secure-access.conf/g" ${nginxconfig}
 		else
 			sed -i "s/include conf.d\/include\/secure-access.conf/#include conf.d\/include\/secure-access.conf/g" ${nginxconfig}
 		fi
-		if [ "${WEBSOCKET}" == "Yes" ]; then
+		if [ "${WEBSOCKET^^}" == "YES" ]; then
 			sed -i "s/#include conf.d\/include\/websocket-support.conf/include conf.d\/include\/websocket-support.conf/g" ${nginxconfig}
 		else
 			sed -i "s/include conf.d\/include\/websocket-support.conf/#include conf.d\/include\/websocket-support.conf/g" ${nginxconfig}
 		fi
-		if [ "${HSTS}" == "Yes" ]; then
+		if [ "${HSTS^^}" == "YES" ]; then
 			sed -i "s/#include conf.d\/include\/hsts-support.conf/include conf.d\/include\/hsts-support.conf/g" ${nginxconfig}
 		else
 			sed -i "s/include conf.d\/include\/hsts-support.conf/#include conf.d\/include\/hsts-support.conf/g" ${nginxconfig}
 		fi
-		if [ "${EXPLOITS}" == "Yes" ]; then
+		if [ "${EXPLOITS^^}" == "YES" ]; then
 			sed -i "s/#include conf.d\/include\/block-exploits.conf/include conf.d\/include\/block-exploits.conf/g" ${nginxconfig}
 		else
 			sed -i "s/include conf.d\/include\/block-exploits.conf/#include conf.d\/include\/block-exploits.conf/g" ${nginxconfig}