Update nodemgmt-scripts.sh
This commit is contained in:
@@ -306,10 +306,6 @@ DELSITES(){
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
NEW_SITE(){
|
|
||||||
echo -e "${idsCL[Red]}Select a site to delete...${idsCL[Default]}"
|
|
||||||
DIVIDER true
|
|
||||||
}
|
|
||||||
NEWSITE(){
|
NEWSITE(){
|
||||||
while [ $# -gt 0 ]; do
|
while [ $# -gt 0 ]; do
|
||||||
case "$1" in
|
case "$1" in
|
||||||
@@ -319,31 +315,51 @@ NEWSITE(){
|
|||||||
-proxy_scheme) PROXYSCHEME=${2};;
|
-proxy_scheme) PROXYSCHEME=${2};;
|
||||||
-proxy_host) PROXYHOST=${2};;
|
-proxy_host) PROXYHOST=${2};;
|
||||||
-proxy_port) PROXYPORT=${2};;
|
-proxy_port) PROXYPORT=${2};;
|
||||||
-*)
|
|
||||||
echo "Invalid option: '${1}' requires an argument" 1>&2
|
|
||||||
echo ""
|
|
||||||
echo -e "Usage: ${idsCL[Yellow]}nodemgmt newcert${idsCL[Default]} {"
|
|
||||||
width=33
|
|
||||||
printf "%-${width}s- %s\n" " -site {FQDN address}" "(*required)"
|
|
||||||
printf "%-${width}s- %s\n" " -ssl {[true] or false}" ""
|
|
||||||
printf "%-${width}s- %s\n" " -type {[local] or proxy}" ""
|
|
||||||
printf "%-${width}s- %s\n" " -scheme {http or https}" "(required if type set to proxy)"
|
|
||||||
printf "%-${width}s- %s\n" " -host {IP or FQDN}" "(required if type set to proxy)"
|
|
||||||
printf "%-${width}s- %s\n" " -port {host port}" "(required if type set to proxy)"
|
|
||||||
echo "}"
|
|
||||||
exit 1;;
|
|
||||||
esac
|
esac
|
||||||
shift
|
shift
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
|
#if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
|
||||||
if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
|
#if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
|
||||||
|
if [ -z ${NEW_SITE+x} ]; then
|
||||||
|
echo -e -n "${idsCL[LightCyan]}New site domain name: ${idsCL[Default]}"
|
||||||
|
read NEW_SITE
|
||||||
|
fi
|
||||||
|
if [ -z ${CREATE_SSL+x} ]; then
|
||||||
|
echo -e -n "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}"
|
||||||
|
read CREATE_SSL
|
||||||
|
if [[ $CREATE_SSL =~ ^[Yy]$ ]]; then
|
||||||
|
CREATE_SSL=yes
|
||||||
|
else
|
||||||
|
CREATE_SSL=no
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if [ -z ${SITE_TYPE+x} ]; then
|
||||||
|
echo -e -n "${idsCL[LightCyan]}Site type ([local]/proxy): ${idsCL[Default]}"
|
||||||
|
read SITE_TYPE
|
||||||
|
if [ "${SITE_TYPE}" != "proxy" ]; then
|
||||||
|
SITE_TYPE=local
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if [ "${SITE_TYPE}" = "proxy" ]; then
|
||||||
|
if [ -z ${PROXYHOST+x} ]; then
|
||||||
|
echo -e -n "${idsCL[LightCyan]}What is the proxy backend address (IP or FQDN): ${idsCL[Default]}"
|
||||||
|
read PROXYHOST
|
||||||
|
fi
|
||||||
|
if [ -z ${PROXYSCHEME+x} ]; then
|
||||||
|
echo -e -n "${idsCL[LightCyan]}What is the proxy backend scheme (http/https): ${idsCL[Default]}"
|
||||||
|
read PROXYSCHEME
|
||||||
|
fi
|
||||||
|
if [ -z ${PROXYPORT+x} ]; then
|
||||||
|
echo -e -n "${idsCL[LightCyan]}What is the proxy backend port (tcp port): ${idsCL[Default]}"
|
||||||
|
read PROXYPORT
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
if [ "${NEW_SITE}" != "" ]; then
|
if [ "${NEW_SITE}" != "" ]; then
|
||||||
if [[ ${NEW_SITE} == *","* ]]; then
|
if [[ ${NEW_SITE} == *","* ]]; then
|
||||||
IFS=,
|
IFS=','; NEW_SITES=(${NEW_SITE}); unset IFS
|
||||||
NEW_SITES=(${NEW_SITE})
|
|
||||||
unset IFS
|
|
||||||
MAIN_SITE=${NEW_SITES[0]}
|
MAIN_SITE=${NEW_SITES[0]}
|
||||||
NGINX_SERVERNAME=${NEW_SITE//[,]/ }
|
NGINX_SERVERNAME=${NEW_SITE//[,]/ }
|
||||||
else
|
else
|
||||||
@@ -353,14 +369,15 @@ NEWSITE(){
|
|||||||
fi
|
fi
|
||||||
if [ "${SITE_TYPE}" = "proxy" ]; then
|
if [ "${SITE_TYPE}" = "proxy" ]; then
|
||||||
if [ ! -z ${PROXYSCHEME+x} ] && [ ! -z ${PROXYHOST+x} ] && [ ! -z ${PROXYPORT+x} ]; then GO=true; fi
|
if [ ! -z ${PROXYSCHEME+x} ] && [ ! -z ${PROXYHOST+x} ] && [ ! -z ${PROXYPORT+x} ]; then GO=true; fi
|
||||||
else GO=true; fi
|
else GO=true
|
||||||
|
fi
|
||||||
if [ "${GO}" = "true" ]; then
|
if [ "${GO}" = "true" ]; then
|
||||||
echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}"
|
echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}"
|
||||||
echo ""
|
echo ""
|
||||||
if [ "${SITE_TYPE}" = "local" ]; then
|
if [ "${SITE_TYPE}" = "local" ]; then
|
||||||
echo -e "server {
|
echo -e "server {
|
||||||
listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE}
|
listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
if [ "${CREATE_SSL}" = "true" ]; then
|
if [ "${CREATE_SSL}" = "yes" ]; then
|
||||||
echo -e " listen 8443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
echo -e " listen 8443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
fi
|
fi
|
||||||
echo -e "
|
echo -e "
|
||||||
@@ -372,7 +389,7 @@ NEWSITE(){
|
|||||||
access_log /var/log/nginx/${MAIN_SITE}-access.log;
|
access_log /var/log/nginx/${MAIN_SITE}-access.log;
|
||||||
error_log /var/log/nginx/${MAIN_SITE}-error.log warn;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
error_log /var/log/nginx/${MAIN_SITE}-error.log warn;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
|
|
||||||
if [ "${CREATE_SSL}" = "true" ]; then
|
if [ "${CREATE_SSL}" = "yes" ]; then
|
||||||
echo -e "
|
echo -e "
|
||||||
ssl_certificate /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem;
|
ssl_certificate /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem;
|
||||||
ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem;
|
ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem;
|
||||||
@@ -383,7 +400,7 @@ NEWSITE(){
|
|||||||
|
|
||||||
location / {
|
location / {
|
||||||
try_files \$uri \$uri/ /index.php?\$query_string;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
try_files \$uri \$uri/ /index.php?\$query_string;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
if [ "${CREATE_SSL}" = "true" ]; then
|
if [ "${CREATE_SSL}" = "yes" ]; then
|
||||||
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
fi
|
fi
|
||||||
echo -e " }
|
echo -e " }
|
||||||
@@ -394,13 +411,12 @@ NEWSITE(){
|
|||||||
}
|
}
|
||||||
|
|
||||||
include conf.d/include/general.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
include conf.d/include/general.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
if [ "${CREATE_SSL}" = "true" ]; then
|
if [ "${CREATE_SSL}" = "yes" ]; then
|
||||||
echo -e " include conf.d/include/letsencrypt-acme-challenge.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
echo -e " include conf.d/include/letsencrypt-acme-challenge.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
fi
|
fi
|
||||||
echo -e "}" >> /etc/nginx/sites-available/${MAIN_SITE}
|
echo -e "}" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
|
|
||||||
for nip in "${NODE_HOSTS[@]}"
|
for nip in "${NODE_HOSTS[@]}"; do
|
||||||
do
|
|
||||||
if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
|
if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
|
||||||
else NCMD="ssh root@${nip}"
|
else NCMD="ssh root@${nip}"
|
||||||
fi
|
fi
|
||||||
@@ -416,12 +432,12 @@ NEWSITE(){
|
|||||||
set \$port ${PROXYPORT};
|
set \$port ${PROXYPORT};
|
||||||
|
|
||||||
listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE}
|
listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
if [ "${CREATE_SSL}" = "true" ]; then
|
if [ "${CREATE_SSL}" = "yes" ]; then
|
||||||
echo -e " listen 8443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
echo -e " listen 8443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
fi
|
fi
|
||||||
echo -e "
|
echo -e "
|
||||||
server_name ${NGINX_SERVERNAME};" >> /etc/nginx/sites-available/${MAIN_SITE}
|
server_name ${NGINX_SERVERNAME};" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
if [ "${CREATE_SSL}" = "true" ]; then
|
if [ "${CREATE_SSL}" = "yes" ]; then
|
||||||
echo -e "
|
echo -e "
|
||||||
include conf.d/include/letsencrypt-acme-challenge.conf;
|
include conf.d/include/letsencrypt-acme-challenge.conf;
|
||||||
include conf.d/include/ssl-ciphers.conf;
|
include conf.d/include/ssl-ciphers.conf;
|
||||||
@@ -432,7 +448,7 @@ NEWSITE(){
|
|||||||
access_log /var/log/nginx/proxy-${MAIN_SITE}.log proxy;
|
access_log /var/log/nginx/proxy-${MAIN_SITE}.log proxy;
|
||||||
|
|
||||||
location / {" >> /etc/nginx/sites-available/${MAIN_SITE}
|
location / {" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
if [ "${CREATE_SSL}" = "true" ]; then
|
if [ "${CREATE_SSL}" = "yes" ]; then
|
||||||
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
fi
|
fi
|
||||||
echo -e " include conf.d/include/proxy.conf;
|
echo -e " include conf.d/include/proxy.conf;
|
||||||
@@ -441,7 +457,7 @@ NEWSITE(){
|
|||||||
" >> /etc/nginx/sites-available/${MAIN_SITE}
|
" >> /etc/nginx/sites-available/${MAIN_SITE}
|
||||||
fi
|
fi
|
||||||
ln -s /etc/nginx/sites-available/${MAIN_SITE} /etc/nginx/sites-enabled/${MAIN_SITE}
|
ln -s /etc/nginx/sites-available/${MAIN_SITE} /etc/nginx/sites-enabled/${MAIN_SITE}
|
||||||
if [ "${CREATE_SSL}" = "true" ]; then
|
if [ "${CREATE_SSL}" = "yes" ]; then
|
||||||
NEWCERT ${NEW_SITE}
|
NEWCERT ${NEW_SITE}
|
||||||
else
|
else
|
||||||
SERVICE nginx reload
|
SERVICE nginx reload
|
||||||
@@ -451,8 +467,9 @@ NEWSITE(){
|
|||||||
echo ""
|
echo ""
|
||||||
else
|
else
|
||||||
echo "Missing proxy arguments"
|
echo "Missing proxy arguments"
|
||||||
exit 1
|
Exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
else
|
else
|
||||||
echo "Missing arguments"
|
echo "Missing arguments"
|
||||||
echo ""
|
echo ""
|
||||||
|
|||||||
Reference in New Issue
Block a user