diff --git a/bootstrap.sh b/bootstrap.sh index bb027e7..bb1db77 100644 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -15,7 +15,7 @@ function debug function err { - echo -e "FATAL ERROR: $1" + echo -e "FATAL ERROR: $@" exit 1 } @@ -68,6 +68,34 @@ function send_notification echo -e "$2" | mail $opt -s "$1" ${EMAIL} } +function become +{ + local _bbfile + + _bbfile=/tmp/bb_become.$_bb_myname + + if test -z "$_bb_myname" -o -z "$_bb_mypath"; then + err "\$_bb_myname and/or \$_bb_mypath must bet set to user become function!" + fi + + if test -f "$_bbfile"; then + if [ $(id -u) = 0 ]; then + # Check if it's a login shell + if shopt -q login_shell; then + return 0 + fi + fi + err "Unable to become: $_bbfile exists." \ + "\nThis may happen if the script was interrupted." \ + "\nIf this is the case, please remove '$_bbfile' and run this script '$_bb_mypath' again." + fi + + touch $_bbfile + sudo bash --login $_bb_mypath "$@" + rm $_bbfile + exit +} + function check_values { diff --git a/createVhosts.sh b/createVhosts.sh index 8a98cf3..8b725c4 100755 --- a/createVhosts.sh +++ b/createVhosts.sh @@ -1,10 +1,10 @@ -#!/usr/bin/env bash +#!/bin/bash # # Create Vhosts on VPS3 # DEBUG=0 -set -e +#set -e function usage { @@ -30,8 +30,15 @@ function get_cert /root/.acme.sh/acme.sh --issue --domain $_domain --webroot /srv/http-content-combined/ --cert-file /etc/nginx/ssl/${_domain}.crt --key-file /etc/nginx/ssl/${_domain}.key --fullchain-file /etc/nginx/ssl/${_domain}-fullchain.crt } +function reload_nginx +{ + systemctl reload nginx +} + _cwd="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" _bootstrap=${_cwd}/bootstrap.sh +_bb_myname=$(basename "$0") +_bb_mypath=$(realpath $BASH_SOURCE) # Init script if test -f $_bootstrap; then @@ -41,6 +48,9 @@ else exit 1 fi +# gain priviledges +become "$@" + OPTS=$(getopt -o h -l domain:,root:,backend:,listenip:,desc: -n 'createVhosts' -- "$@") if [ "$?" -gt '0' ]; then echo 'Failed to set command line arguments' @@ -80,9 +90,13 @@ if [[ $_domain = false ]]; then err "You must set domain" fi +echo -n "Checking if $_root exists?" if test -n "$_root"; then if ! test -d $_root; then - err "Path doesn't exists! $_root" + echo " Creating..." + mkdir -p $_root + else + echo " Yes!" fi _rootpath="root $_root;" fi @@ -105,17 +119,13 @@ if test -n "$_listenip"; then fi _listenip="$_listenip:" else - warn "No listen ip specified, listing on all interfaces." + warn "Listen ip not specified, listening on all interfaces." fi if test -z "$_root" -a -z "$_backend"; then err "You must specify either --root or --backend!" fi -echo "Creating Nginx configuration..." -_vhost_conf_file=/etc/nginx/conf.d/${_domain}.conf - - echo -n "Checking if /srv/http-content-combined/ exists?" if ! test -d /srv/http-content-combined; then echo " Creating..." @@ -124,6 +134,17 @@ else echo " Yes!" fi +_vhost_conf_file=/etc/nginx/conf.d/${_domain}.conf + +echo -n "Checking if $_vhost_conf_file exists? " +if test -f $_vhost_conf_file; then + echo "Removing!" + rm $_vhost_conf_file +else + echo "No!" +fi + +echo "Creating Nginx configuration..." cat << EOF > $_vhost_conf_file #### Description ## Type: HTTP @@ -142,6 +163,18 @@ server { return 302 https://${_domain}\$request_uri; } } +EOF + +echo "Setting permissions on conf file..." +setfacl -m user:sysadmin:rw $_vhost_conf_file + +echo "Reloading Nginx..." +reload_nginx + +echo "Retrieving Let's Encrypt Certificate..." +get_cert + +cat << EOF >> $_vhost_conf_file server { listen ${_listenip}443 http2 ssl; @@ -160,8 +193,5 @@ ${_locationblock} } EOF -echo "Setting permissions on conf file..." -#setfacl -m user:sysadmin:rw $_vhost_conf_file - -echo "Retrieving Let's Encrypt Certificate..." -get_cert +echo "Reloading Nginx..." +reload_nginx