lhp
/
scripts
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity
scripts/enable_site.sh

177 lines
4.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# README
# This script is specifically designed to work on Alpine Linux but
# may work with other distributions by including a $HOME/.enable_sites.conf.
#
# See example .enable_sites.conf.example in this repo.
#
# This script will create a vhost under Nginx
DEBUG=0
set -e
[ $DEBUG -gt 1 ] && set -x
function usage {
echo -e "$0 domain.tld [disable-php|false] [enable-le]"
}
function cleanup {
test -n "$DRY_RUN" && rm $VHOST_CONF_FILE
}
function reload_nginx {
echo "${_DRY_RUN}Reloading Nginx"
if [ -z "$DRY_RUN" ]; then
nginx -t
$NGINX_SVC_RESTART
else
echo "Skipping..."
fi
}
# Init variables
_conf=$HOME/.enable_site.conf
_cwd="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
_bootstrap=${_cwd}/bootstrap.sh
# Init script
if test -f $_boostrap; then
source $_bootstrap 2> /dev/null
else
echo "Unable to parse BOOTSTRAP: $_bootstrap"
exit 1
fi
test -f $_conf && source $_conf || debug "Unable to parse configuration: $_conf, using defaults"
NGINX_USER=${NGINX_USER:-nginx}
NGINX_DIR=${NGINX_DIR:-/etc/nginx}
NGINX_CONF_D=$NGINX_DIR/conf.d
NGINX_SVC_RESTART=${NGINX_SVC_RESTART:-rc-service nginx reload}
NGINX_SSL_DIR=$NGINX_DIR/ssl
VHOSTS_DIR=${VHOSTS_DIR:-/srv/vhosts}
SSL_CRT=/etc/nginx/webserver.crt
SSL_KEY=/etc/nginx/webserver.key
if test -z "$1"; then
usage
exit 0
fi
# VHOST dir
_vhost_dir=$VHOSTS_DIR/$1/htdocs
if [ -z "$DRY_RUN" ]; then
# Check domain is a valid domain
host $1 &> /dev/null || err "Invalid domain: $1"
echo "Creating $_vhost_dir"
mkdir -p $_vhost_dir
else
echo "DRY_RUN detected"
_DRY_RUN="DRY_RUN: "
echo "${_DRY_RUN}Creating $_vhost_dir"
fi
# Check if we should enable php
[ "$2" != "true" ] && [ "$2" != "disable-php" ] && _enable_php='include php.conf;'
echo "${_DRY_RUN}Creating NGINX configuration for $1"
VHOST_CONF_FILE=$NGINX_CONF_D/$1.conf
if [ -n "$DRY_RUN" ]; then
VHOST_CONF_FILE=/tmp/$1.conf
debug "${_DRY_RUN}Redirecting to $VHOST_CONF_FILE"
fi
# Set listen ip if provided
test -n "$NGINX_LISTEN_IP" && _v_listen_ip="$NGINX_LISTEN_IP:"
# set default listening port to 80
_v_listen=${_v_listen_ip}80
# Redirect plain-text to SSL
if [ "$3" = "enable-le" ]; then
# Change default listening port to 443
_v_listen="${_v_listen_ip}443 ssl"
# set ssl configuration
_v_ssl=$(cat << EOF
ssl_certificate ssl/$1.pem;
ssl_certificate_key ssl/$1.key;
EOF
)
# write the plain-text virtual host so
# we authenticate with Let's encrypt and
# redirect plain-text to SSL
cat << EOF > $VHOST_CONF_FILE
server {
listen ${_v_listen_ip}80;
server_name $1;
root $_vhost_dir;
location /.well-known {
autoindex on;
}
location / {
return 302 https://$1\$request_uri;
}
}
EOF
reload_nginx
echo "${_DRY_RUN}Requesting a Let's Encrypt certificate"
if [ -z "$DRY_RUN" ]; then
certbot certonly --webroot --webroot-path=$_vhost_dir -d $1
fi
_le_path=/etc/letsencrypt/live
_le_crt="$_le_path/$1/fullchain.pem $NGINX_SSL_DIR/$1.pem"
_le_key="$_le_path/$1/privkey.pem $NGINX_SSL_DIR/$1.key"
echo "${_DRY_RUN}Creating symlink $_le_crt"
[ -z "$DRY_RUN" ] && ln -s $_le_crt
echo "${_DRY_RUN}Creating symlink $_le_key"
[ -z "$DRY_RUN" ] && ln -s $_le_key
fi
cat << EOF >> $VHOST_CONF_FILE
$rd
server {
listen $_v_listen;
server_name $1;
root $_vhost_dir;
index index.php index.html index.html;
error_log /var/log/nginx/$1.error.log;
access_log /var/log/nginx/$1.access.log main;
$_v_ssl
location / {
}
$_enable_php
}
EOF
if [ -n "$DRY_RUN" ]; then
echo -e "${_DRY_RUN}I would have wrote this: \n"
cat $VHOST_CONF_FILE
fi
reload_nginx
echo "Success!"
cleanup
Reference in New Issue View Git Blame Copy Permalink