From 06cd9e105d5f601dad227f833d4ab303416fbced Mon Sep 17 00:00:00 2001
From: David Schroeder <david@schroedercity.com>
Date: Tue, 5 Feb 2019 23:16:43 -0600
Subject: [PATCH] Update nodemgmt-scripts.sh

---
 nodemgmt-scripts.sh | 201 ++++++++++++++++++++++++--------------------
 1 file changed, 109 insertions(+), 92 deletions(-)

diff --git a/nodemgmt-scripts.sh b/nodemgmt-scripts.sh
index c5e23445..61600478 100755
--- a/nodemgmt-scripts.sh
+++ b/nodemgmt-scripts.sh
@@ -306,103 +306,119 @@ DELSITES(){
 	fi
 }
 
-NEW_SITE(){
-	echo -e "${idsCL[Red]}Select a site to delete...${idsCL[Default]}"
-	DIVIDER true
-}
 NEWSITE(){
-		while [ $# -gt 0 ]; do
-		    case "$1" in
-		        -site) NEW_SITE=${2};;
-		        -type) SITE_TYPE=${2};;
-		        -ssl) CREATE_SSL=${2};;
-				-proxy_scheme) PROXYSCHEME=${2};;
-				-proxy_host) PROXYHOST=${2};;
-				-proxy_port) PROXYPORT=${2};;
-		   	 	-*)
-					echo "Invalid option: '${1}' requires an argument" 1>&2
-					echo ""
-					echo -e "Usage: ${idsCL[Yellow]}nodemgmt newcert${idsCL[Default]} {"
-					width=33
-					printf "%-${width}s- %s\n" "    -site {FQDN address}" "(*required)"
-					printf "%-${width}s- %s\n" "    -ssl {[true] or false}" ""
-					printf "%-${width}s- %s\n" "    -type {[local] or proxy}" ""
-					printf "%-${width}s- %s\n" "    -scheme {http or https}" "(required if type set to proxy)"
-					printf "%-${width}s- %s\n" "    -host {IP or FQDN}" "(required if type set to proxy)"
-					printf "%-${width}s- %s\n" "    -port {host port}" "(required if type set to proxy)"
-					echo "}"
-					exit 1;;
-		    esac
-			shift
-		done
+	while [ $# -gt 0 ]; do
+		case "$1" in
+			-site) NEW_SITE=${2};;
+			-type) SITE_TYPE=${2};;
+			-ssl) CREATE_SSL=${2};;
+			-proxy_scheme) PROXYSCHEME=${2};;
+			-proxy_host) PROXYHOST=${2};;
+			-proxy_port) PROXYPORT=${2};;
+		esac
+		shift
+	done
 		
-		if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
-		if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
+	#if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
+	#if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
+	if [ -z ${NEW_SITE+x} ]; then
+		echo -e -n "${idsCL[LightCyan]}New site domain name: ${idsCL[Default]}"
+		read NEW_SITE
+	fi
+	if [ -z ${CREATE_SSL+x} ]; then
+		echo -e -n "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}"
+		read CREATE_SSL
+		if [[ $CREATE_SSL =~ ^[Yy]$ ]]; then
+			CREATE_SSL=yes
+		else
+			CREATE_SSL=no
+		fi
+	fi
+	if [ -z ${SITE_TYPE+x} ]; then
+		echo -e -n "${idsCL[LightCyan]}Site type ([local]/proxy): ${idsCL[Default]}"
+		read SITE_TYPE
+		if [ "${SITE_TYPE}" != "proxy" ]; then
+			SITE_TYPE=local
+		fi
+	fi
+	if [ "${SITE_TYPE}" = "proxy" ]; then
+		if [ -z ${PROXYHOST+x} ]; then
+			echo -e -n "${idsCL[LightCyan]}What is the proxy backend address (IP or FQDN): ${idsCL[Default]}"
+			read PROXYHOST
+		fi
+		if [ -z ${PROXYSCHEME+x} ]; then
+			echo -e -n "${idsCL[LightCyan]}What is the proxy backend scheme (http/https): ${idsCL[Default]}"
+			read PROXYSCHEME
+		fi
+		if [ -z ${PROXYPORT+x} ]; then
+			echo -e -n "${idsCL[LightCyan]}What is the proxy backend port (tcp port): ${idsCL[Default]}"
+			read PROXYPORT
+		fi
+	fi
+
 			
-		if [ "${NEW_SITE}" != "" ]; then
-			if [[ ${NEW_SITE} == *","* ]]; then
-				IFS=,
-				NEW_SITES=(${NEW_SITE})
-				unset IFS
-				MAIN_SITE=${NEW_SITES[0]}
-				NGINX_SERVERNAME=${NEW_SITE//[,]/ }
-			else
-				MAIN_SITE=${NEW_SITE}
-				NGINX_SERVERNAME=${NEW_SITE}
+	if [ "${NEW_SITE}" != "" ]; then
+		if [[ ${NEW_SITE} == *","* ]]; then
+			IFS=','; NEW_SITES=(${NEW_SITE}); unset IFS
+			MAIN_SITE=${NEW_SITES[0]}
+			NGINX_SERVERNAME=${NEW_SITE//[,]/ }
+		else
+			MAIN_SITE=${NEW_SITE}
+			NGINX_SERVERNAME=${NEW_SITE}
 				
-			fi
-			if [ "${SITE_TYPE}" = "proxy" ]; then
-				if [ ! -z ${PROXYSCHEME+x} ] && [ ! -z ${PROXYHOST+x} ] && [ ! -z ${PROXYPORT+x} ]; then GO=true; fi
-				else GO=true; fi
-			if [ "${GO}" = "true" ]; then
-				echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}"
-				echo ""
-				if [ "${SITE_TYPE}" = "local" ]; then
-					echo -e "server {
-	listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE}
-				if [ "${CREATE_SSL}" = "true" ]; then
+		fi
+		if [ "${SITE_TYPE}" = "proxy" ]; then
+			if [ ! -z ${PROXYSCHEME+x} ] && [ ! -z ${PROXYHOST+x} ] && [ ! -z ${PROXYPORT+x} ]; then GO=true; fi
+			else GO=true
+		fi
+		if [ "${GO}" = "true" ]; then
+			echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}"
+			echo ""
+			if [ "${SITE_TYPE}" = "local" ]; then
+				echo -e "server {
+		listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE}
+				if [ "${CREATE_SSL}" = "yes" ]; then
 					echo -e "	listen 8443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE}
 				fi
 				echo -e "
-	server_name ${NGINX_SERVERNAME};
+		server_name ${NGINX_SERVERNAME};
 	
-	set \$base /var/www/${MAIN_SITE};
-	root \$base/public_html;
+		set \$base /var/www/${MAIN_SITE};
+		root \$base/public_html;
 
-	access_log  /var/log/nginx/${MAIN_SITE}-access.log;
-	error_log  /var/log/nginx/${MAIN_SITE}-error.log warn;" >> /etc/nginx/sites-available/${MAIN_SITE}
+		access_log  /var/log/nginx/${MAIN_SITE}-access.log;
+		error_log  /var/log/nginx/${MAIN_SITE}-error.log warn;" >> /etc/nginx/sites-available/${MAIN_SITE}
 
-				if [ "${CREATE_SSL}" = "true" ]; then
+				if [ "${CREATE_SSL}" = "yes" ]; then
 					echo -e "
-	ssl_certificate /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem;
-	ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem;
-	include conf.d/include/ssl-ciphers.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
+		ssl_certificate /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem;
+		ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem;
+		include conf.d/include/ssl-ciphers.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
 				fi
 				echo -e "
-	index index.php;
+		index index.php;
 
-	location / {
-		try_files \$uri \$uri/ /index.php?\$query_string;" >> /etc/nginx/sites-available/${MAIN_SITE}
-				if [ "${CREATE_SSL}" = "true" ]; then
+		location / {
+			try_files \$uri \$uri/ /index.php?\$query_string;" >> /etc/nginx/sites-available/${MAIN_SITE}
+				if [ "${CREATE_SSL}" = "yes" ]; then
 					echo -e "		include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
 				fi
 				echo -e "	}
 
-	location ~ \.php\$ {
-		fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
-		include conf.d/include/php_fastcgi.conf;
-	}
+		location ~ \.php\$ {
+			fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
+			include conf.d/include/php_fastcgi.conf;
+		}
 
-	include conf.d/include/general.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
-				if [ "${CREATE_SSL}" = "true" ]; then
+		include conf.d/include/general.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
+				if [ "${CREATE_SSL}" = "yes" ]; then
 					echo -e "	include conf.d/include/letsencrypt-acme-challenge.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
 				fi
 				echo -e "}" >> /etc/nginx/sites-available/${MAIN_SITE}
 				
-				for nip in "${NODE_HOSTS[@]}"
-				do
+				for nip in "${NODE_HOSTS[@]}"; do
 					if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
-						else NCMD="ssh root@${nip}"
+					else NCMD="ssh root@${nip}"
 					fi
 					${NCMD} mkdir -p /var/www/${MAIN_SITE}/{public_html,nginx_logs}
 				done
@@ -411,37 +427,37 @@ NEWSITE(){
 			else
 				
 				echo -e "server {
-	set \$forward_scheme ${PROXYSCHEME};
-	set \$server         \"${PROXYHOST}\";
-	set \$port           ${PROXYPORT};
+		set \$forward_scheme ${PROXYSCHEME};
+		set \$server         \"${PROXYHOST}\";
+		set \$port           ${PROXYPORT};
 
-	listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE}
-				if [ "${CREATE_SSL}" = "true" ]; then
+		listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE}
+				if [ "${CREATE_SSL}" = "yes" ]; then
 					echo -e "	listen 8443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE}
 				fi
 				echo -e "
-	server_name ${NGINX_SERVERNAME};" >> /etc/nginx/sites-available/${MAIN_SITE}
-				if [ "${CREATE_SSL}" = "true" ]; then
+		server_name ${NGINX_SERVERNAME};" >> /etc/nginx/sites-available/${MAIN_SITE}
+				if [ "${CREATE_SSL}" = "yes" ]; then
 					echo -e "
-	include conf.d/include/letsencrypt-acme-challenge.conf;
-	include conf.d/include/ssl-ciphers.conf;
-	ssl_certificate /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem;
-	ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem;" >> /etc/nginx/sites-available/${MAIN_SITE}
+		include conf.d/include/letsencrypt-acme-challenge.conf;
+		include conf.d/include/ssl-ciphers.conf;
+		ssl_certificate /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem;
+		ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem;" >> /etc/nginx/sites-available/${MAIN_SITE}
 				fi
 				echo -e "
-	access_log /var/log/nginx/proxy-${MAIN_SITE}.log proxy;
+		access_log /var/log/nginx/proxy-${MAIN_SITE}.log proxy;
 
-	location / {" >> /etc/nginx/sites-available/${MAIN_SITE}
-				if [ "${CREATE_SSL}" = "true" ]; then
+		location / {" >> /etc/nginx/sites-available/${MAIN_SITE}
+				if [ "${CREATE_SSL}" = "yes" ]; then
 					echo -e "		include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
 				fi
-	echo -e "		include conf.d/include/proxy.conf;
+				echo -e "		include conf.d/include/proxy.conf;
+		}
 	}
-}
-" >> /etc/nginx/sites-available/${MAIN_SITE}
+	" >> /etc/nginx/sites-available/${MAIN_SITE}
 			fi
 			ln -s /etc/nginx/sites-available/${MAIN_SITE} /etc/nginx/sites-enabled/${MAIN_SITE}
-			if [ "${CREATE_SSL}" = "true" ]; then
+			if [ "${CREATE_SSL}" = "yes" ]; then
 				NEWCERT ${NEW_SITE}
 			else
 				SERVICE nginx reload
@@ -451,8 +467,9 @@ NEWSITE(){
 			echo ""
 		else
 			echo "Missing proxy arguments"
-			exit 1
+			Exit 1
 		fi
+
 	else
 		echo "Missing arguments"
 		echo ""