lhp/scripts
1
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity

Merge branch '9-add-donotredirect-to-createvhosts-sh' into 'master'

Browse source 
Resolve "Add --donotredirect to createVhosts.sh"

Closes #9

See merge request lhprojects-information-network/scripts!7
This commit is contained in:
Lutchy Horace 2021-03-24 16:52:31 -04:00
commit 3095c10873
2 changed files with 64 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

11
bootstrap.sh
View file

@ -26,13 +26,18 @@ function warn
function validate_host function validate_host
{ {
local _ret=0
echo "$1" | grep -P '^(http|https):\/\/(([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.)*([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])(:[0-9]+)?$' > /dev/null 2>&1 echo "$1" | grep -P '^(http|https):\/\/(([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.)*([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])(:[0-9]+)?$' > /dev/null 2>&1
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
debug "Checking host is resolvable: $1" debug "Checking host is resolvable: $1"
# The remote servers may sometimes have self-signed certs # Add --insecure becase remote servers may sometimes have self-signed certs
curl --insecure $1 > /dev/null 2>&1 if ! curl --insecure --max-time 5 $1 > /dev/null 2>&1; then
_ret=1
debug "Host '$1' is not resolvable!"
fi
fi fi
return $? return $_ret
} }
function validate_ip function validate_ip

67
createVhosts.sh
View file

@ -12,8 +12,9 @@ function usage
echo " Domain to use when creating vhost" echo " Domain to use when creating vhost"
echo " --root /var/www/html" echo " --root /var/www/html"
echo " Root directory of this vhost" echo " Root directory of this vhost"
echo " --backend http://127.0.0.1:80" echo " --backend http://127.0.0.1"
echo " Hostname of the backend server to pass traffic to" echo " Hostname of the backend server to pass traffic to"
echo " Note: Do not specify a port"
echo " --listenip x.x.x.x" echo " --listenip x.x.x.x"
echo " IP to bind to when listening" echo " IP to bind to when listening"
echo " --desc x.x.x.x" echo " --desc x.x.x.x"
@ -96,7 +97,7 @@ fi
# gain priviledges # gain priviledges
become "$@" become "$@"
OPTS=$(getopt -o h -l domain:,root:,backend:,listenip:,desc: -n 'createVhosts' -- "$@") OPTS=$(getopt -o h -l domain:,root:,backend:,listenip:,desc:,donotredirect -n 'createVhosts' -- "$@")
if [ "$?" -gt '0' ]; then if [ "$?" -gt '0' ]; then
echo 'Failed to set command line arguments' echo 'Failed to set command line arguments'
exit 1; exit 1;
@ -105,6 +106,7 @@ fi
eval set -- "$OPTS" eval set -- "$OPTS"
_domain=false _domain=false
_donotredirect=false
_root="" _root=""
_backend="" _backend=""
_listenip="" _listenip=""
@ -125,6 +127,9 @@ while true; do
--desc ) --desc )
_desc=$2 _desc=$2
shift ;; shift ;;
--donotredirect )
_donotredirect=true
shift ;;
-h | --help ) usage; shift ;; -h | --help ) usage; shift ;;
-- ) shift; break ;; -- ) shift; break ;;
* ) shift;; * ) shift;;
@ -135,8 +140,8 @@ if [[ $_domain = false ]]; then
err "You must set domain" err "You must set domain"
fi fi
echo -n "Checking if $_root exists?"
if test -n "$_root"; then if test -n "$_root"; then
echo -n "Checking if $_root exists?"
if ! test -d $_root; then if ! test -d $_root; then
echo " Creating..." echo " Creating..."
mkdir -p $_root mkdir -p $_root
@ -146,16 +151,48 @@ if test -n "$_root"; then
_rootpath="root $_root;" _rootpath="root $_root;"
fi fi
_check_host=success
_locationblock_http=""
_locationblock_https=""
if test -n "$_backend"; then if test -n "$_backend"; then
echo "Verifying backend..." echo "Verifying backend(s)..."
if ! validate_host $_backend; then _https_backend=$(echo $_backend | sed 's/http/https/')
err "Invalid hostname: $_backend. Not resolvable!" if validate_host $_https_backend:443; then
fi
_locationblock=$(cat <<- EOF #<<<<<<HEREDOC
proxy_pass $_backend; _locationblock_https=$(cat <<- EOF
proxy_pass $_https_backend:443;
include proxy_params; include proxy_params;
EOF EOF
) )
#<<<<<<HEREDOC
else
_check_host=failed
fi
# Include backend for HTTP traffic if donotredirect is enabled
#
if [ "$_donotredirect" = "true" ]; then
_http_backend=$(echo $_backend | sed 's/https/http/')
if validate_host $_http_backend:80; then
#<<<<<<HEREDOC
_locationblock_http=$(cat <<- EOF
proxy_pass $_http_backend:80;
include proxy_params;
EOF
)
#<<<<<<HEREDOC
else
_check_host=failed
fi
fi
if [ "$_check_host" = "failed" ]; then
err "Invalid hostname: $_backend. Not resolvable!"
fi
fi fi
if test -n "$_listenip"; then if test -n "$_listenip"; then
@ -179,6 +216,14 @@ else
echo " Yes!" echo " Yes!"
fi fi
echo -n "Checking if we should redirect?"
if [ "$_donotredirect" = "false" ]; then
echo " Yes, enabling redirect!"
_locationblock_http=" return 302 https://${_domain}\$request_uri;"
else
echo " No!"
fi
_vhost_conf_file=/etc/nginx/conf.d/${_domain}.conf _vhost_conf_file=/etc/nginx/conf.d/${_domain}.conf
echo -n "Checking if $_vhost_conf_file exists? " echo -n "Checking if $_vhost_conf_file exists? "
@ -208,7 +253,7 @@ server {
} }
location / { location / {
return 302 https://${_domain}\$request_uri; $_locationblock_http
} }
} }
EOF EOF
@ -242,7 +287,7 @@ server {
ssl_certificate_key ssl/${_domain}.key; ssl_certificate_key ssl/${_domain}.key;
location / { location / {
${_locationblock} ${_locationblock_https}
} }
} }
EOF EOF