Parcourir la source

Kill ports before restarting nginx

Bob Mottram il y a 6 ans
Parent
révision
85edbd8393

+ 2
- 0
src/freedombone-addcert Voir le fichier

@@ -186,6 +186,8 @@ function remove_cert_letsencrypt {
186 186
     rm "/etc/letsencrypt/renewal/${LETSENCRYPT_HOSTNAME}.conf"
187 187
 
188 188
     # restart the web server
189
+    fuser -k 80/tcp
190
+    fuser -k 443/tcp
189 191
     systemctl restart nginx
190 192
 }
191 193
 

+ 8
- 8
src/freedombone-controlpanel Voir le fichier

@@ -1877,6 +1877,8 @@ function add_clacks {
1877 1877
                     fi
1878 1878
                 done
1879 1879
 
1880
+                fuser -k 80/tcp
1881
+                fuser -k 443/tcp
1880 1882
                 systemctl restart nginx
1881 1883
 
1882 1884
                 dialog --title $"Add Clacks Overhead" \
@@ -1999,16 +2001,14 @@ function menu_top_level {
1999 2001
             2) menu_backup_restore;;
2000 2002
             3) menu_app_settings;;
2001 2003
             4) if ! /usr/local/bin/addremove; then
2002
-                   if [ -d /etc/matrix ]; then
2003
-                       systemctl restart matrix
2004
-                       systemctl restart nginx
2005
-                   fi
2004
+                   fuser -k 80/tcp
2005
+                   fuser -k 443/tcp
2006
+                   systemctl restart nginx
2006 2007
                    any_key
2007 2008
                else
2008
-                   if [ -d /etc/matrix ]; then
2009
-                       systemctl restart matrix
2010
-                       systemctl restart nginx
2011
-                   fi
2009
+                   fuser -k 80/tcp
2010
+                   fuser -k 443/tcp
2011
+                   systemctl restart nginx
2012 2012
                fi
2013 2013
                ;;
2014 2014
             5) logging_on_off;;

+ 2
- 0
src/freedombone-renew-cert Voir le fichier

@@ -132,6 +132,8 @@ function renew_startssl {
132 132
         sed -i "s|$HOSTNAME.crt|$HOSTNAME.bundle.crt|g" /etc/nginx/sites-available/$HOSTNAME
133 133
 
134 134
         echo $'Certificate installed'
135
+        fuser -k 80/tcp
136
+        fuser -k 443/tcp
135 137
         systemctl restart nginx
136 138
         return
137 139
     fi

+ 7
- 6
src/freedombone-sec Voir le fichier

@@ -183,12 +183,9 @@ function reset_tripwire {
183 183
                 ' | reset-tripwire
184 184
     echo ''
185 185
 
186
-    # Sometimes nginx fails to restart if matrix is installed
187
-    # Restart matrix first
188
-    if [ -d /etc/matrix ]; then
189
-        systemctl restart matrix
190
-        systemctl restart nginx
191
-    fi
186
+    fuser -k 80/tcp
187
+    fuser -k 443/tcp
188
+    systemctl restart nginx
192 189
 
193 190
     if [ -f "/var/lib/tripwire/${HOSTNAME}.twd" ]; then
194 191
         show_tripwire_verification_code
@@ -401,6 +398,8 @@ function change_website_settings {
401 398
             sed -i "s|ssl_ciphers .*|ssl_ciphers '$SSL_CIPHERS_MOBILE';|g" "$WEBSITES_DIRECTORY/$file"
402 399
         fi
403 400
     done
401
+    fuser -k 80/tcp
402
+    fuser -k 443/tcp
404 403
     systemctl restart nginx
405 404
     echo $'Web security settings changed'
406 405
 }
@@ -857,6 +856,8 @@ function update_ciphersuite {
857 856
             sed -i "s|ssl_ciphers .*|ssl_ciphers '$SSL_CIPHERS_MOBILE';|g" "$WEBSITES_DIRECTORY/$file"
858 857
         fi
859 858
     done
859
+    fuser -k 80/tcp
860
+    fuser -k 443/tcp
860 861
     systemctl restart nginx
861 862
     write_config_param "SSL_PROTOCOLS" "$RECOMMENDED_SSL_PROTOCOLS"
862 863
     write_config_param "SSL_CIPHERS" "$RECOMMENDED_SSL_CIPHERS"

+ 2
- 0
src/freedombone-utils-android Voir le fichier

@@ -38,6 +38,8 @@ function android_update_apps {
38 38
     # The FreedomBox app assumes a self-signed cert
39 39
     if [ ! -f "/etc/ssl/certs/${local_hostname}.crt" ]; then
40 40
         install_web_local_user_interface
41
+        fuser -k 80/tcp
42
+        fuser -k 443/tcp
41 43
         systemctl restart nginx
42 44
     fi
43 45
 

+ 6
- 0
src/freedombone-utils-gnusocialtools Voir le fichier

@@ -779,6 +779,8 @@ function gnusocial_use_classic {
779 779
     fi
780 780
     chown -R www-data:www-data "/var/www/${domain_name}/htdocs"
781 781
 
782
+    fuser -k 80/tcp
783
+    fuser -k 443/tcp
782 784
     systemctl restart nginx
783 785
 }
784 786
 
@@ -808,6 +810,8 @@ function gnusocial_use_qvitter {
808 810
     fi
809 811
     chown -R www-data:www-data "/var/www/${domain_name}/htdocs"
810 812
 
813
+    fuser -k 80/tcp
814
+    fuser -k 443/tcp
811 815
     systemctl restart nginx
812 816
     systemctl restart php7.0-fpm
813 817
 }
@@ -848,6 +852,8 @@ function gnusocial_use_pleroma {
848 852
     chmod +x static
849 853
     chown -R www-data:www-data "/var/www/${domain_name}/htdocs"
850 854
 
855
+    fuser -k 80/tcp
856
+    fuser -k 443/tcp
851 857
     systemctl restart nginx
852 858
 }
853 859
 

+ 4
- 0
src/freedombone-utils-mesh Voir le fichier

@@ -156,6 +156,8 @@ function mesh_create_app_downloads_page {
156 156
             systemctl stop cryptpad
157 157
             systemctl disable cryptpad
158 158
         fi
159
+        fuser -k 80/tcp
160
+        fuser -k 443/tcp
159 161
         systemctl restart nginx
160 162
     fi
161 163
     # Don't show the cryptpad icon on the desktop
@@ -451,6 +453,8 @@ function enable_mesh_seconary_wifi {
451 453
 
452 454
             if [ ! -L /etc/nginx/sites-enabled/cryptpad ]; then
453 455
                 ln -s /etc/nginx/sites-available/cryptpad /etc/nginx/sites-enabled/cryptpad
456
+                fuser -k 80/tcp
457
+                fuser -k 443/tcp
454 458
                 systemctl restart nginx
455 459
             fi
456 460
         fi

+ 2
- 0
src/freedombone-utils-web Voir le fichier

@@ -264,6 +264,8 @@ function create_letsencrypt_cert {
264 264
             echo $"Lets Encrypt failed for $SITE_DOMAIN_NAME"
265 265
             if [ -f "/etc/nginx/sites-available/$SITE_DOMAIN_NAME" ]; then
266 266
                 nginx_dissite "$SITE_DOMAIN_NAME"
267
+                fuser -k 80/tcp
268
+                fuser -k 443/tcp
267 269
                 systemctl restart nginx
268 270
             fi
269 271
             exit 682529