lhp
/
scripts
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity

Resolves merge request 6

This commit is contained in:
Lutchy Horace 2021-02-17 11:24:46 -05:00
parent c0a0c8c1ff
commit cb97128fb0
2 changed files with 98 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
bootstrap.sh
View File

@ -1,7 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# #
# Collection of reusable functions and variables # Collection of reusable functions and variables
# #
TODAY=`date` TODAY=`date`
HOSTNAME=`hostname` HOSTNAME=`hostname`
@ -19,6 +19,37 @@ function err
exit 1 exit 1
} }
function warn
{
echo -e "WARNING: $1"
}
function validate_host
{
echo "$1" | grep -P '^(http|https):\/\/(([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.)*([a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])(:[0-9]+)?$'
if [ $? -eq 0 ]; then
curl $1 > /dev/null 2>&1
fi
return $?
}
function validate_ip
{
local ip=$1
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
OIFS=$IFS
IFS='.'
ip=($ip)
IFS=$OIFS
[[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \
&& ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
stat=$?
fi
return $stat
}
function send_notification function send_notification
{ {
opt="" opt=""
@ -26,7 +57,7 @@ function send_notification
local mailcmd=$(readlink -f `which mail`) local mailcmd=$(readlink -f `which mail`)
if [ "${mailcmd}" = "/usr/bin/bsd-mailx" ]; then if [ "${mailcmd}" = "/usr/bin/bsd-mailx" ]; then
opt="-a 'From: ${FROM}'" opt="-a 'From: ${FROM}'"
else else
opt="-r $FROM" opt="-r $FROM"
fi fi
fi fi
@ -37,20 +68,20 @@ function send_notification
function check_values function check_values
{ {
a_name=$1[@] a_name=$1[@]
a_array=("${!a_name}") a_array=("${!a_name}")
if [ -z ${!a_name+x} ]; then if [ -z ${!a_name+x} ]; then
return return
fi fi
if [ ${a_array[$2]} == true ]; then if [ ${a_array[$2]} == true ]; then
if [ "x${4}" = 'x' ]; then if [ "x${4}" = 'x' ]; then
echo $3 echo $3
exit 1 exit 1
fi fi
fi fi
} }
function run_cmd { function run_cmd {
@ -67,7 +98,7 @@ function run_cmd {
## Check if debug is set and send command output to shell ## Check if debug is set and send command output to shell
## Some commands send animated text that can corrupt the log ## Some commands send animated text that can corrupt the log
if test -n "${DEBUG}"; then if test -n "${DEBUG}"; then
debug "DEBUG variable set, redirecting command output to console" debug "DEBUG variable set, redirecting command output to console"
$1 $2 $1 $2
if [ $? -gt 0 ]; then if [ $? -gt 0 ]; then
err "Failed running command '$1 $2'" err "Failed running command '$1 $2'"
@ -85,5 +116,5 @@ function run_cmd {
fi fi
fi fi
} }

91
createVhosts.sh
View File

@ -6,13 +6,15 @@ DEBUG=0
set -e set -e
function usage function usage
{ {
echo "Usage: ${0}" echo "Usage: ${0}"
echo " --domain domain.tld" echo " --domain domain.tld"
echo " Domain to use when creating vhost" echo " Domain to use when creating vhost"
echo " --proxypass x.x.x.x" echo " --root /var/www/html"
echo " IP of the backend server to pass traffic to" echo " Root directory of this vhost"
echo " --backend http://127.0.0.1:80"
echo " Hostname of the backend server to pass traffic to"
echo " --listenip x.x.x.x" echo " --listenip x.x.x.x"
echo " IP to bind to when listening" echo " IP to bind to when listening"
echo " --desc x.x.x.x" echo " --desc x.x.x.x"
@ -42,14 +44,14 @@ _cwd="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
_bootstrap=${_cwd}/bootstrap.sh _bootstrap=${_cwd}/bootstrap.sh
# Init script # Init script
if test -f $_bootstrap; then if test -f $_bootstrap; then
source $_bootstrap 2> /dev/null source $_bootstrap 2> /dev/null
else else
echo "Unable to parse BOOTSTRAP: $_bootstrap" echo "Unable to parse BOOTSTRAP: $_bootstrap"
exit 1 exit 1
fi fi
OPTS=$(getopt -o h -l domain:,proxypass:,listenip:,desc: -n 'createVhosts' -- "$@") OPTS=$(getopt -o h -l domain:,root:,backend:,listenip:,desc: -n 'createVhosts' -- "$@")
if [ "$?" -gt '0' ]; then if [ "$?" -gt '0' ]; then
echo 'Failed to set command line arguments' echo 'Failed to set command line arguments'
exit 1; exit 1;
@ -58,15 +60,19 @@ fi
eval set -- "$OPTS" eval set -- "$OPTS"
_domain=false _domain=false
_proxyip=false _root=""
_listenip=false _backend=""
_listenip=""
while true; do while true; do
case "$1" in case "$1" in
--domain ) --domain )
_domain=$2 _domain=$2
shift ;; shift ;;
--proxypass ) --root )
_proxyip=$2 _root=$2
shift ;;
--backend )
_backend=$2
shift ;; shift ;;
--listenip ) --listenip )
_listenip=$2 _listenip=$2
@ -84,15 +90,38 @@ if [[ $_domain = false ]]; then
err "You must set domain" err "You must set domain"
fi fi
if [[ $_proxyip = false ]]; then if test -n "$_root"; then
err "You must set the proxy pass IP" if ! test -d $_root; then
err "Path doesn't exists! $_root"
fi
_rootpath="root $_root;"
fi fi
if [[ $_listenip = false ]]; then if test -n "$_backend"; then
err "You must set listen ip" if ! validate_host $_backend; then
err "Invalid hostname: $_backend. Not resolvable!"
fi
_locationblock=$(cat <<- EOF
proxy_pass $_backend;
include proxy_params;
EOF
)
fi fi
echo "Creating Nginx Vhosts..." if test -n "$_listenip"; then
if ! validate_ip $_listenip; then
err "Invalid IP: $_listenip"
fi
_listenip="$_listenip:"
else
warn "No listen ip specified, listing on all interfaces."
fi
if test -z "$_root" -a -z "$_backend"; then
err "You must specify either --root or --backend!"
fi
echo "Creating Nginx configuration..."
_vhost_conf_file=/etc/nginx/conf.d/${_domain}.conf _vhost_conf_file=/etc/nginx/conf.d/${_domain}.conf
cat << EOF > $_vhost_conf_file cat << EOF > $_vhost_conf_file
@ -101,43 +130,43 @@ cat << EOF > $_vhost_conf_file
## VHost: $_domain ## VHost: $_domain
## $_desc ## $_desc
server { server {
listen ${_listenip}:80; listen ${_listenip}80;
server_name $_domain; server_name $_domain;
location /.well-known { location /.well-known {
autoindex on; autoindex on;
} }
location / { location / {
return 302 https://${_domain}\$request_uri; return 302 https://${_domain}\$request_uri;
} }
} }
server { server {
listen ${_listenip}:443 http2 ssl; listen ${_listenip}443 http2 ssl;
server_name $_domain; server_name $_domain;
$_rootpath
error_log /var/log/nginx/${_domain}.error.log; error_log /var/log/nginx/${_domain}.error.log;
access_log /var/log/nginx/${_domain}.access.log main; access_log /var/log/nginx/${_domain}.access.log main;
ssl_certificate ssl/${_domain}-fullchain.crt; ssl_certificate ssl/${_domain}-fullchain.crt;
ssl_certificate_key ssl/${_domain}.key; ssl_certificate_key ssl/${_domain}.key;
location / { location / {
proxy_pass https://${_proxyip}:443; ${_locationblock}
include proxy_params;
} }
} }
EOF EOF
echo "Setting permissions on conf file..." echo "Setting permissions on conf file..."
setfacl -m user:sysadmin:rw $_vhost_conf_file #setfacl -m user:sysadmin:rw $_vhost_conf_file
echo "Stopping Nginx..." echo "Stopping Nginx..."
stop_nginx #stop_nginx
echo "Retrieving Let's Encrypt Certificate..." echo "Retrieving Let's Encrypt Certificate..."
get_cert #get_cert
echo "Starting Nginx..." echo "Starting Nginx..."
start_nginx #start_nginx