diff --git a/bootstrap.sh b/bootstrap.sh index 32c4d87..4ef550d 100644 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash # # Collection of reusable functions and variables -# +# TODAY=`date` HOSTNAME=`hostname` @@ -19,6 +19,37 @@ function err exit 1 } +function warn +{ + echo -e "WARNING: $1" +} + +function validate_host +{ + echo "$1" | grep -P '^(http|https):\/\/(([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.)*([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])(:[0-9]+)?$' + if [ $? -eq 0 ]; then + curl $1 > /dev/null 2>&1 + fi + return $? +} + +function validate_ip +{ + local ip=$1 + local stat=1 + + if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then + OIFS=$IFS + IFS='.' + ip=($ip) + IFS=$OIFS + [[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \ + && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]] + stat=$? + fi + return $stat +} + function send_notification { opt="" @@ -26,7 +57,7 @@ function send_notification local mailcmd=$(readlink -f `which mail`) if [ "${mailcmd}" = "/usr/bin/bsd-mailx" ]; then opt="-a 'From: ${FROM}'" - else + else opt="-r $FROM" fi fi @@ -37,20 +68,20 @@ function send_notification function check_values { - + a_name=$1[@] a_array=("${!a_name}") if [ -z ${!a_name+x} ]; then return fi - + if [ ${a_array[$2]} == true ]; then if [ "x${4}" = 'x' ]; then echo $3 exit 1 fi fi - + } function run_cmd { @@ -67,7 +98,7 @@ function run_cmd { ## Check if debug is set and send command output to shell ## Some commands send animated text that can corrupt the log if test -n "${DEBUG}"; then - debug "DEBUG variable set, redirecting command output to console" + debug "DEBUG variable set, redirecting command output to console" $1 $2 if [ $? -gt 0 ]; then err "Failed running command '$1 $2'" @@ -85,5 +116,5 @@ function run_cmd { fi fi - + } diff --git a/createVhosts.sh b/createVhosts.sh index 31db09c..6add417 100755 --- a/createVhosts.sh +++ b/createVhosts.sh @@ -6,13 +6,15 @@ DEBUG=0 set -e -function usage -{ +function usage +{ echo "Usage: ${0}" echo " --domain domain.tld" echo " Domain to use when creating vhost" - echo " --proxypass x.x.x.x" - echo " IP of the backend server to pass traffic to" + echo " --root /var/www/html" + echo " Root directory of this vhost" + echo " --backend http://127.0.0.1:80" + echo " Hostname of the backend server to pass traffic to" echo " --listenip x.x.x.x" echo " IP to bind to when listening" echo " --desc x.x.x.x" @@ -42,14 +44,14 @@ _cwd="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" _bootstrap=${_cwd}/bootstrap.sh # Init script -if test -f $_bootstrap; then - source $_bootstrap 2> /dev/null -else - echo "Unable to parse BOOTSTRAP: $_bootstrap" - exit 1 +if test -f $_bootstrap; then + source $_bootstrap 2> /dev/null +else + echo "Unable to parse BOOTSTRAP: $_bootstrap" + exit 1 fi -OPTS=$(getopt -o h -l domain:,proxypass:,listenip:,desc: -n 'createVhosts' -- "$@") +OPTS=$(getopt -o h -l domain:,root:,backend:,listenip:,desc: -n 'createVhosts' -- "$@") if [ "$?" -gt '0' ]; then echo 'Failed to set command line arguments' exit 1; @@ -58,15 +60,19 @@ fi eval set -- "$OPTS" _domain=false -_proxyip=false -_listenip=false +_root="" +_backend="" +_listenip="" while true; do case "$1" in --domain ) _domain=$2 shift ;; - --proxypass ) - _proxyip=$2 + --root ) + _root=$2 + shift ;; + --backend ) + _backend=$2 shift ;; --listenip ) _listenip=$2 @@ -84,15 +90,38 @@ if [[ $_domain = false ]]; then err "You must set domain" fi -if [[ $_proxyip = false ]]; then - err "You must set the proxy pass IP" +if test -n "$_root"; then + if ! test -d $_root; then + err "Path doesn't exists! $_root" + fi + _rootpath="root $_root;" fi -if [[ $_listenip = false ]]; then - err "You must set listen ip" +if test -n "$_backend"; then + if ! validate_host $_backend; then + err "Invalid hostname: $_backend. Not resolvable!" + fi +_locationblock=$(cat <<- EOF + proxy_pass $_backend; + include proxy_params; +EOF +) fi -echo "Creating Nginx Vhosts..." +if test -n "$_listenip"; then + if ! validate_ip $_listenip; then + err "Invalid IP: $_listenip" + fi + _listenip="$_listenip:" +else + warn "No listen ip specified, listing on all interfaces." +fi + +if test -z "$_root" -a -z "$_backend"; then + err "You must specify either --root or --backend!" +fi + +echo "Creating Nginx configuration..." _vhost_conf_file=/etc/nginx/conf.d/${_domain}.conf cat << EOF > $_vhost_conf_file @@ -101,43 +130,43 @@ cat << EOF > $_vhost_conf_file ## VHost: $_domain ## $_desc server { - listen ${_listenip}:80; + listen ${_listenip}80; server_name $_domain; - + location /.well-known { autoindex on; } - + location / { return 302 https://${_domain}\$request_uri; } } server { - listen ${_listenip}:443 http2 ssl; + listen ${_listenip}443 http2 ssl; server_name $_domain; + $_rootpath error_log /var/log/nginx/${_domain}.error.log; access_log /var/log/nginx/${_domain}.access.log main; - + ssl_certificate ssl/${_domain}-fullchain.crt; ssl_certificate_key ssl/${_domain}.key; - + location / { - proxy_pass https://${_proxyip}:443; - include proxy_params; +${_locationblock} } } EOF echo "Setting permissions on conf file..." -setfacl -m user:sysadmin:rw $_vhost_conf_file +#setfacl -m user:sysadmin:rw $_vhost_conf_file echo "Stopping Nginx..." -stop_nginx +#stop_nginx echo "Retrieving Let's Encrypt Certificate..." -get_cert +#get_cert echo "Starting Nginx..." -start_nginx +#start_nginx