From 231b39dca02aef29a7195579b5de652d493cb8ed Mon Sep 17 00:00:00 2001
From: Daniel Hansson <daniel@techandme.se>
Date: Fri, 30 Dec 2016 21:50:17 +0100
Subject: [PATCH] set trusted domain and redirect to ssl

---
 lets-encrypt/activate-ssl.sh    |  5 +++++
 lets-encrypt/test-new-config.sh | 40 +++++++++++++++++----------------
 2 files changed, 26 insertions(+), 19 deletions(-)

diff --git a/lets-encrypt/activate-ssl.sh b/lets-encrypt/activate-ssl.sh
index 609e9e40..3d5e9d36 100644
--- a/lets-encrypt/activate-ssl.sh
+++ b/lets-encrypt/activate-ssl.sh
@@ -183,6 +183,11 @@ else
     echo "$ssl_conf was successfully created"
     sleep 3
     cat << SSL_CREATE > "$ssl_conf"
+<VirtualHost *:80>
+    ServerName $domain
+    Redirect / https://$domain
+</VirtualHost>
+
 <VirtualHost *:443>
 
     Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
diff --git a/lets-encrypt/test-new-config.sh b/lets-encrypt/test-new-config.sh
index 8c2a0bb4..631fda27 100644
--- a/lets-encrypt/test-new-config.sh
+++ b/lets-encrypt/test-new-config.sh
@@ -11,6 +11,7 @@ read -p "Press any key to continue... " -n1 -s
 echo -e "\e[0m"
 a2ensite $1
 a2dissite nextcloud_ssl_domain_self_signed.conf
+a2dissite nextcloud_http_domain_self_signed.conf
 service apache2 restart
 if [[ "$?" == "0" ]]
 then
@@ -48,6 +49,25 @@ CRONTAB
 # Makeletsencryptrenew.sh executable
 chmod +x $SCRIPTS/letsencryptrenew.sh
 
+# Cleanup
+rm $SCRIPTS/test-new-config.sh
+rm $SCRIPTS/activate-ssl.sh
+
+else
+# If it fails, revert changes back to normal
+    a2dissite $1
+    a2ensite nextcloud_ssl_domain_self_signed.conf
+    a2ensite nextcloud_http_domain_self_signed.conf
+    service apache2 restart
+    echo -e "\e[96m"
+    echo "Couldn't load new config, reverted to old settings. Self-signed SSL is OK!"
+    echo -e "\e[0m"
+    echo -e "\e[32m"
+    read -p "Press any key to continue... " -n1 -s
+    echo -e "\e[0m"
+    exit 1
+fi
+
 # Update Config
 if [ -f $SCRIPTS/update-config.php ]
 then
@@ -57,7 +77,7 @@ else
     wget -q $STATIC/update-config.php -P $SCRIPTS
 fi
 
-# Sets trusted domain in when nextcloud-startup-script.sh is finished
+# Sets trusted domain in config.php
 if [ -f $SCRIPTS/trusted.sh ]
 then
     rm $SCRIPTS/trusted.sh
@@ -70,22 +90,4 @@ bash $SCRIPTS/trusted.sh
 rm $SCRIPTS/trusted.sh
 rm $SCRIPTS/update-config.php
 
-# Cleanup
-rm $SCRIPTS/test-new-config.sh
-rm $SCRIPTS/activate-ssl.sh
-
-else
-# If it fails, revert changes back to normal
-    a2dissite $1
-    a2ensite nextcloud_ssl_domain_self_signed.conf
-    service apache2 restart
-    echo -e "\e[96m"
-    echo "Couldn't load new config, reverted to old settings. Self-signed SSL is OK!"
-    echo -e "\e[0m"
-    echo -e "\e[32m"
-    read -p "Press any key to continue... " -n1 -s
-    echo -e "\e[0m"
-    exit 1
-fi
-
 exit 0