scripts/setup_ssl.sh

#!/bin/bash
# Setup SSL for quickbooksposhelp.access.ly

set -e

DOMAIN="quickbooksposhelp.access.ly"
NGINX_CONF="/home/pts/Documents/QBPOS_Help_Web/qbpos-help-ssl.conf"

echo "=========================================="
echo "SSL Setup for $DOMAIN"
echo "=========================================="
echo ""

# Check if domain is accessible
echo "Step 1: Verifying DNS..."
echo "Please ensure $DOMAIN points to this server's IP address"
echo "Current server IP addresses:"
ip addr show | grep "inet " | grep -v "127.0.0.1" | awk '{print "  - " $2}'
echo ""
read -p "Press Enter when DNS is configured and propagated..."

# Install certbot if not already installed
echo ""
echo "Step 2: Installing Certbot..."
if ! command -v certbot &> /dev/null; then
    sudo apt update
    sudo apt install -y certbot python3-certbot-nginx
else
    echo "Certbot already installed"
fi

# Stop the Python server on port 8888
echo ""
echo "Step 3: Stopping Python development server..."
pkill -f "python3.*server.py" || echo "No server to stop"

# Copy nginx configuration
echo ""
echo "Step 4: Configuring Nginx..."
sudo cp "$NGINX_CONF" /etc/nginx/sites-available/qbpos-help
sudo ln -sf /etc/nginx/sites-available/qbpos-help /etc/nginx/sites-enabled/qbpos-help

# Remove default nginx site if it exists
sudo rm -f /etc/nginx/sites-enabled/default

# Test nginx configuration
echo ""
echo "Step 5: Testing Nginx configuration..."
sudo nginx -t

# Ensure firewall allows HTTP and HTTPS
echo ""
echo "Step 6: Configuring firewall..."
sudo ufw allow 80/tcp comment "HTTP for SSL verification"
sudo ufw allow 443/tcp comment "HTTPS"
sudo ufw status

# Start nginx
echo ""
echo "Step 7: Starting Nginx..."
sudo systemctl enable nginx
sudo systemctl restart nginx

# Get SSL certificate
echo ""
echo "Step 8: Obtaining SSL certificate from Let's Encrypt..."
sudo certbot --nginx -d "$DOMAIN" --non-interactive --agree-tos --email admin@prompttech.com --redirect

# Setup auto-renewal
echo ""
echo "Step 9: Setting up automatic certificate renewal..."
sudo systemctl enable certbot.timer
sudo systemctl start certbot.timer

echo ""
echo "=========================================="
echo "SSL Setup Complete!"
echo "=========================================="
echo ""
echo "Your site is now available at:"
echo "  https://$DOMAIN"
echo ""
echo "HTTP traffic will automatically redirect to HTTPS"
echo ""
echo "Certificate will auto-renew before expiration"
echo ""
echo "To check certificate status:"
echo "  sudo certbot certificates"
echo ""
echo "To test renewal:"
echo "  sudo certbot renew --dry-run"
echo ""
Initial commit - QBPOS Help 2026-01-27 18:07:54 -06:00			`#!/bin/bash`
			`# Setup SSL for quickbooksposhelp.access.ly`

			`set -e`

			`DOMAIN="quickbooksposhelp.access.ly"`
			`NGINX_CONF="/home/pts/Documents/QBPOS_Help_Web/qbpos-help-ssl.conf"`

			`echo "=========================================="`
			`echo "SSL Setup for $DOMAIN"`
			`echo "=========================================="`
			`echo ""`

			`# Check if domain is accessible`
			`echo "Step 1: Verifying DNS..."`
			`echo "Please ensure $DOMAIN points to this server's IP address"`
			`echo "Current server IP addresses:"`
			`ip addr show \| grep "inet " \| grep -v "127.0.0.1" \| awk '{print " - " $2}'`
			`echo ""`
			`read -p "Press Enter when DNS is configured and propagated..."`

			`# Install certbot if not already installed`
			`echo ""`
			`echo "Step 2: Installing Certbot..."`
			`if ! command -v certbot &> /dev/null; then`
			`sudo apt update`
			`sudo apt install -y certbot python3-certbot-nginx`
			`else`
			`echo "Certbot already installed"`
			`fi`

			`# Stop the Python server on port 8888`
			`echo ""`
			`echo "Step 3: Stopping Python development server..."`
			`pkill -f "python3.*server.py" \|\| echo "No server to stop"`

			`# Copy nginx configuration`
			`echo ""`
			`echo "Step 4: Configuring Nginx..."`
			`sudo cp "$NGINX_CONF" /etc/nginx/sites-available/qbpos-help`
			`sudo ln -sf /etc/nginx/sites-available/qbpos-help /etc/nginx/sites-enabled/qbpos-help`

			`# Remove default nginx site if it exists`
			`sudo rm -f /etc/nginx/sites-enabled/default`

			`# Test nginx configuration`
			`echo ""`
			`echo "Step 5: Testing Nginx configuration..."`
			`sudo nginx -t`

			`# Ensure firewall allows HTTP and HTTPS`
			`echo ""`
			`echo "Step 6: Configuring firewall..."`
			`sudo ufw allow 80/tcp comment "HTTP for SSL verification"`
			`sudo ufw allow 443/tcp comment "HTTPS"`
			`sudo ufw status`

			`# Start nginx`
			`echo ""`
			`echo "Step 7: Starting Nginx..."`
			`sudo systemctl enable nginx`
			`sudo systemctl restart nginx`

			`# Get SSL certificate`
			`echo ""`
			`echo "Step 8: Obtaining SSL certificate from Let's Encrypt..."`
			`sudo certbot --nginx -d "$DOMAIN" --non-interactive --agree-tos --email admin@prompttech.com --redirect`

			`# Setup auto-renewal`
			`echo ""`
			`echo "Step 9: Setting up automatic certificate renewal..."`
			`sudo systemctl enable certbot.timer`
			`sudo systemctl start certbot.timer`

			`echo ""`
			`echo "=========================================="`
			`echo "SSL Setup Complete!"`
			`echo "=========================================="`
			`echo ""`
			`echo "Your site is now available at:"`
			`echo " https://$DOMAIN"`
			`echo ""`
			`echo "HTTP traffic will automatically redirect to HTTPS"`
			`echo ""`
			`echo "Certificate will auto-renew before expiration"`
			`echo ""`
			`echo "To check certificate status:"`
			`echo " sudo certbot certificates"`
			`echo ""`
			`echo "To test renewal:"`
			`echo " sudo certbot renew --dry-run"`
			`echo ""`