free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Kill ports before restarting nginx

Bob Mottram 6 years ago
parent
f71f6d7c1e
commit
85edbd8393
8 changed files with 33 additions and 14 deletions
Unified View Show Diff Stats
  1. 2
    0
      src/freedombone-addcert
  2. 8
    8
      src/freedombone-controlpanel
  3. 2
    0
      src/freedombone-renew-cert
  4. 7
    6
      src/freedombone-sec
  5. 2
    0
      src/freedombone-utils-android
  6. 6
    0
      src/freedombone-utils-gnusocialtools
  7. 4
    0
      src/freedombone-utils-mesh
  8. 2
    0
      src/freedombone-utils-web

+ 2
- 0
src/freedombone-addcert View File

186 
     rm "/etc/letsencrypt/renewal/${LETSENCRYPT_HOSTNAME}.conf"
 186 
     rm "/etc/letsencrypt/renewal/${LETSENCRYPT_HOSTNAME}.conf"
187
187
188 
     # restart the web server
 188 
     # restart the web server
189 
+    fuser -k 80/tcp
190 
+    fuser -k 443/tcp
189 
     systemctl restart nginx
 191 
     systemctl restart nginx
190 
 }
 192 
 }
191
193

+ 8
- 8
src/freedombone-controlpanel View File

1877 
                     fi
 1877 
                     fi
1878 
                 done
 1878 
                 done
1879
1879
1880 
+                fuser -k 80/tcp
1881 
+                fuser -k 443/tcp
1880 
                 systemctl restart nginx
 1882 
                 systemctl restart nginx
1881
1883
1882 
                 dialog --title $"Add Clacks Overhead" \
 1884 
                 dialog --title $"Add Clacks Overhead" \
1999 
             2) menu_backup_restore;;
 2001 
             2) menu_backup_restore;;
2000 
             3) menu_app_settings;;
 2002 
             3) menu_app_settings;;
2001 
             4) if ! /usr/local/bin/addremove; then
 2003 
             4) if ! /usr/local/bin/addremove; then
2002 
-                   if [ -d /etc/matrix ]; then
2003 
-                       systemctl restart matrix
2004 
-                       systemctl restart nginx
2005 
-                   fi
2004 
+                   fuser -k 80/tcp
2005 
+                   fuser -k 443/tcp
2006 
+                   systemctl restart nginx
2006 
                    any_key
 2007 
                    any_key
2007 
                else
 2008 
                else
2008 
-                   if [ -d /etc/matrix ]; then
2009 
-                       systemctl restart matrix
2010 
-                       systemctl restart nginx
2011 
-                   fi
2009 
+                   fuser -k 80/tcp
2010 
+                   fuser -k 443/tcp
2011 
+                   systemctl restart nginx
2012 
                fi
 2012 
                fi
2013 
                ;;
 2013 
                ;;
2014 
             5) logging_on_off;;
 2014 
             5) logging_on_off;;

+ 2
- 0
src/freedombone-renew-cert View File

132 
         sed -i "s|$HOSTNAME.crt|$HOSTNAME.bundle.crt|g" /etc/nginx/sites-available/$HOSTNAME
 132 
         sed -i "s|$HOSTNAME.crt|$HOSTNAME.bundle.crt|g" /etc/nginx/sites-available/$HOSTNAME
133
133
134 
         echo $'Certificate installed'
 134 
         echo $'Certificate installed'
135 
+        fuser -k 80/tcp
136 
+        fuser -k 443/tcp
135 
         systemctl restart nginx
 137 
         systemctl restart nginx
136 
         return
 138 
         return
137 
     fi
 139 
     fi

+ 7
- 6
src/freedombone-sec View File

183 
                 ' | reset-tripwire
 183 
                 ' | reset-tripwire
184 
     echo ''
 184 
     echo ''
185
185
186 
-    # Sometimes nginx fails to restart if matrix is installed
187 
-    # Restart matrix first
188 
-    if [ -d /etc/matrix ]; then
189 
-        systemctl restart matrix
190 
-        systemctl restart nginx
191 
-    fi
186 
+    fuser -k 80/tcp
187 
+    fuser -k 443/tcp
188 
+    systemctl restart nginx
192
189
193 
     if [ -f "/var/lib/tripwire/${HOSTNAME}.twd" ]; then
 190 
     if [ -f "/var/lib/tripwire/${HOSTNAME}.twd" ]; then
194 
         show_tripwire_verification_code
 191 
         show_tripwire_verification_code
401 
             sed -i "s|ssl_ciphers .*|ssl_ciphers '$SSL_CIPHERS_MOBILE';|g" "$WEBSITES_DIRECTORY/$file"
 398 
             sed -i "s|ssl_ciphers .*|ssl_ciphers '$SSL_CIPHERS_MOBILE';|g" "$WEBSITES_DIRECTORY/$file"
402 
         fi
 399 
         fi
403 
     done
 400 
     done
401 
+    fuser -k 80/tcp
402 
+    fuser -k 443/tcp
404 
     systemctl restart nginx
 403 
     systemctl restart nginx
405 
     echo $'Web security settings changed'
 404 
     echo $'Web security settings changed'
406 
 }
 405 
 }
857 
             sed -i "s|ssl_ciphers .*|ssl_ciphers '$SSL_CIPHERS_MOBILE';|g" "$WEBSITES_DIRECTORY/$file"
 856 
             sed -i "s|ssl_ciphers .*|ssl_ciphers '$SSL_CIPHERS_MOBILE';|g" "$WEBSITES_DIRECTORY/$file"
858 
         fi
 857 
         fi
859 
     done
 858 
     done
859 
+    fuser -k 80/tcp
860 
+    fuser -k 443/tcp
860 
     systemctl restart nginx
 861 
     systemctl restart nginx
861 
     write_config_param "SSL_PROTOCOLS" "$RECOMMENDED_SSL_PROTOCOLS"
 862 
     write_config_param "SSL_PROTOCOLS" "$RECOMMENDED_SSL_PROTOCOLS"
862 
     write_config_param "SSL_CIPHERS" "$RECOMMENDED_SSL_CIPHERS"
 863 
     write_config_param "SSL_CIPHERS" "$RECOMMENDED_SSL_CIPHERS"

+ 2
- 0
src/freedombone-utils-android View File

38 
     # The FreedomBox app assumes a self-signed cert
 38 
     # The FreedomBox app assumes a self-signed cert
39 
     if [ ! -f "/etc/ssl/certs/${local_hostname}.crt" ]; then
 39 
     if [ ! -f "/etc/ssl/certs/${local_hostname}.crt" ]; then
40 
         install_web_local_user_interface
 40 
         install_web_local_user_interface
41 
+        fuser -k 80/tcp
42 
+        fuser -k 443/tcp
41 
         systemctl restart nginx
 43 
         systemctl restart nginx
42 
     fi
 44 
     fi
43
45

+ 6
- 0
src/freedombone-utils-gnusocialtools View File

779 
     fi
 779 
     fi
780 
     chown -R www-data:www-data "/var/www/${domain_name}/htdocs"
 780 
     chown -R www-data:www-data "/var/www/${domain_name}/htdocs"
781
781
782 
+    fuser -k 80/tcp
783 
+    fuser -k 443/tcp
782 
     systemctl restart nginx
 784 
     systemctl restart nginx
783 
 }
 785 
 }
784
786
808 
     fi
 810 
     fi
809 
     chown -R www-data:www-data "/var/www/${domain_name}/htdocs"
 811 
     chown -R www-data:www-data "/var/www/${domain_name}/htdocs"
810
812
813 
+    fuser -k 80/tcp
814 
+    fuser -k 443/tcp
811 
     systemctl restart nginx
 815 
     systemctl restart nginx
812 
     systemctl restart php7.0-fpm
 816 
     systemctl restart php7.0-fpm
813 
 }
 817 
 }
848 
     chmod +x static
 852 
     chmod +x static
849 
     chown -R www-data:www-data "/var/www/${domain_name}/htdocs"
 853 
     chown -R www-data:www-data "/var/www/${domain_name}/htdocs"
850
854
855 
+    fuser -k 80/tcp
856 
+    fuser -k 443/tcp
851 
     systemctl restart nginx
 857 
     systemctl restart nginx
852 
 }
 858 
 }
853
859

+ 4
- 0
src/freedombone-utils-mesh View File

156 
             systemctl stop cryptpad
 156 
             systemctl stop cryptpad
157 
             systemctl disable cryptpad
 157 
             systemctl disable cryptpad
158 
         fi
 158 
         fi
159 
+        fuser -k 80/tcp
160 
+        fuser -k 443/tcp
159 
         systemctl restart nginx
 161 
         systemctl restart nginx
160 
     fi
 162 
     fi
161 
     # Don't show the cryptpad icon on the desktop
 163 
     # Don't show the cryptpad icon on the desktop
451
453
452 
             if [ ! -L /etc/nginx/sites-enabled/cryptpad ]; then
 454 
             if [ ! -L /etc/nginx/sites-enabled/cryptpad ]; then
453 
                 ln -s /etc/nginx/sites-available/cryptpad /etc/nginx/sites-enabled/cryptpad
 455 
                 ln -s /etc/nginx/sites-available/cryptpad /etc/nginx/sites-enabled/cryptpad
456 
+                fuser -k 80/tcp
457 
+                fuser -k 443/tcp
454 
                 systemctl restart nginx
 458 
                 systemctl restart nginx
455 
             fi
 459 
             fi
456 
         fi
 460 
         fi

+ 2
- 0
src/freedombone-utils-web View File

264 
             echo $"Lets Encrypt failed for $SITE_DOMAIN_NAME"
 264 
             echo $"Lets Encrypt failed for $SITE_DOMAIN_NAME"
265 
             if [ -f "/etc/nginx/sites-available/$SITE_DOMAIN_NAME" ]; then
 265 
             if [ -f "/etc/nginx/sites-available/$SITE_DOMAIN_NAME" ]; then
266 
                 nginx_dissite "$SITE_DOMAIN_NAME"
 266 
                 nginx_dissite "$SITE_DOMAIN_NAME"
267 
+                fuser -k 80/tcp
268 
+                fuser -k 443/tcp
267 
                 systemctl restart nginx
 269 
                 systemctl restart nginx
268 
             fi
 270 
             fi
269 
             exit 682529
 271 
             exit 682529