setup_ssl.sh

#!/bin/bash

# Create SSL directory if it doesn't exist
sudo mkdir -p /etc/nginx/ssl

# Function to generate self-signed certificate
generate_self_signed() {
    echo "Generating self-signed SSL certificate..."
    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
        -keyout /etc/nginx/ssl/key.pem \
        -out /etc/nginx/ssl/cert.pem \
        -subj "/C=US/ST=State/L=City/O=Organization/CN=localhost"
    echo "Self-signed certificate generated successfully"
}

# Function to copy existing certificates
copy_certificates() {
    if [ -f "cert.pem" ] && [ -f "key.pem" ]; then
        echo "Copying existing SSL certificates..."
        sudo cp cert.pem /etc/nginx/ssl/
        sudo cp key.pem /etc/nginx/ssl/
        sudo chmod 600 /etc/nginx/ssl/key.pem
        echo "Certificates copied successfully"
    else
        echo "Certificate files not found. Generating self-signed certificate..."
        generate_self_signed
    fi
}

# Function to check SSL configuration
check_ssl_config() {
    echo "Checking SSL configuration..."
    sudo nginx -t
    if [ $? -eq 0 ]; then
        echo "SSL configuration is valid"
    else
        echo "SSL configuration check failed"
        exit 1
    fi
}

# Main script
echo "Setting up SSL for Nginx..."

# Copy or generate certificates
copy_certificates

# Check SSL configuration
check_ssl_config

# Restart Nginx to apply changes
echo "Restarting Nginx to apply SSL configuration..."
sudo systemctl restart nginx

echo "SSL setup completed. Nginx is now configured for HTTPS on port 443"
echo "You can access your application at https://localhost"