voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

Update nodemgmt-scripts.sh

Browse Source
This commit is contained in:
David Schroeder
2019-02-05 23:16:43 -06:00
parent 07fa150006
commit 06cd9e105d
1 changed files with 109 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

201
nodemgmt-scripts.sh
View File

@@ -306,103 +306,119 @@ DELSITES(){
fi fi
} }
NEW_SITE(){
echo -e "${idsCL[Red]}Select a site to delete...${idsCL[Default]}"
DIVIDER true
}
NEWSITE(){ NEWSITE(){
while [ $# -gt 0 ]; do while [ $# -gt 0 ]; do
case "$1" in case "$1" in
-site) NEW_SITE=${2};; -site) NEW_SITE=${2};;
-type) SITE_TYPE=${2};; -type) SITE_TYPE=${2};;
-ssl) CREATE_SSL=${2};; -ssl) CREATE_SSL=${2};;
-proxy_scheme) PROXYSCHEME=${2};; -proxy_scheme) PROXYSCHEME=${2};;
-proxy_host) PROXYHOST=${2};; -proxy_host) PROXYHOST=${2};;
-proxy_port) PROXYPORT=${2};; -proxy_port) PROXYPORT=${2};;
-*) esac
echo "Invalid option: '${1}' requires an argument" 1>&2 shift
echo "" done
echo -e "Usage: ${idsCL[Yellow]}nodemgmt newcert${idsCL[Default]} {"
width=33
printf "%-${width}s- %s\n" " -site {FQDN address}" "(*required)"
printf "%-${width}s- %s\n" " -ssl {[true] or false}" ""
printf "%-${width}s- %s\n" " -type {[local] or proxy}" ""
printf "%-${width}s- %s\n" " -scheme {http or https}" "(required if type set to proxy)"
printf "%-${width}s- %s\n" " -host {IP or FQDN}" "(required if type set to proxy)"
printf "%-${width}s- %s\n" " -port {host port}" "(required if type set to proxy)"
echo "}"
exit 1;;
esac
shift
done
if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi #if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi #if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
if [ -z ${NEW_SITE+x} ]; then
echo -e -n "${idsCL[LightCyan]}New site domain name: ${idsCL[Default]}"
read NEW_SITE
fi
if [ -z ${CREATE_SSL+x} ]; then
echo -e -n "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}"
read CREATE_SSL
if [[ $CREATE_SSL =~ ^[Yy]$ ]]; then
CREATE_SSL=yes
else
CREATE_SSL=no
fi
fi
if [ -z ${SITE_TYPE+x} ]; then
echo -e -n "${idsCL[LightCyan]}Site type ([local]/proxy): ${idsCL[Default]}"
read SITE_TYPE
if [ "${SITE_TYPE}" != "proxy" ]; then
SITE_TYPE=local
fi
fi
if [ "${SITE_TYPE}" = "proxy" ]; then
if [ -z ${PROXYHOST+x} ]; then
echo -e -n "${idsCL[LightCyan]}What is the proxy backend address (IP or FQDN): ${idsCL[Default]}"
read PROXYHOST
fi
if [ -z ${PROXYSCHEME+x} ]; then
echo -e -n "${idsCL[LightCyan]}What is the proxy backend scheme (http/https): ${idsCL[Default]}"
read PROXYSCHEME
fi
if [ -z ${PROXYPORT+x} ]; then
echo -e -n "${idsCL[LightCyan]}What is the proxy backend port (tcp port): ${idsCL[Default]}"
read PROXYPORT
fi
fi
if [ "${NEW_SITE}" != "" ]; then if [ "${NEW_SITE}" != "" ]; then
if [[ ${NEW_SITE} == *","* ]]; then if [[ ${NEW_SITE} == *","* ]]; then
IFS=, IFS=','; NEW_SITES=(${NEW_SITE}); unset IFS
NEW_SITES=(${NEW_SITE}) MAIN_SITE=${NEW_SITES[0]}
unset IFS NGINX_SERVERNAME=${NEW_SITE//[,]/ }
MAIN_SITE=${NEW_SITES[0]} else
NGINX_SERVERNAME=${NEW_SITE//[,]/ } MAIN_SITE=${NEW_SITE}
else NGINX_SERVERNAME=${NEW_SITE}
MAIN_SITE=${NEW_SITE}
NGINX_SERVERNAME=${NEW_SITE}
fi fi
if [ "${SITE_TYPE}" = "proxy" ]; then if [ "${SITE_TYPE}" = "proxy" ]; then
if [ ! -z ${PROXYSCHEME+x} ] && [ ! -z ${PROXYHOST+x} ] && [ ! -z ${PROXYPORT+x} ]; then GO=true; fi if [ ! -z ${PROXYSCHEME+x} ] && [ ! -z ${PROXYHOST+x} ] && [ ! -z ${PROXYPORT+x} ]; then GO=true; fi
else GO=true; fi else GO=true
if [ "${GO}" = "true" ]; then fi
echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}" if [ "${GO}" = "true" ]; then
echo "" echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}"
if [ "${SITE_TYPE}" = "local" ]; then echo ""
echo -e "server { if [ "${SITE_TYPE}" = "local" ]; then
listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE} echo -e "server {
if [ "${CREATE_SSL}" = "true" ]; then listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "yes" ]; then
echo -e " listen 8443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE} echo -e " listen 8443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi fi
echo -e " echo -e "
server_name ${NGINX_SERVERNAME}; server_name ${NGINX_SERVERNAME};
set \$base /var/www/${MAIN_SITE}; set \$base /var/www/${MAIN_SITE};
root \$base/public_html; root \$base/public_html;
access_log /var/log/nginx/${MAIN_SITE}-access.log; access_log /var/log/nginx/${MAIN_SITE}-access.log;
error_log /var/log/nginx/${MAIN_SITE}-error.log warn;" >> /etc/nginx/sites-available/${MAIN_SITE} error_log /var/log/nginx/${MAIN_SITE}-error.log warn;" >> /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "true" ]; then if [ "${CREATE_SSL}" = "yes" ]; then
echo -e " echo -e "
ssl_certificate /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem;
include conf.d/include/ssl-ciphers.conf;" >> /etc/nginx/sites-available/${MAIN_SITE} include conf.d/include/ssl-ciphers.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi fi
echo -e " echo -e "
index index.php; index index.php;
location / { location / {
try_files \$uri \$uri/ /index.php?\$query_string;" >> /etc/nginx/sites-available/${MAIN_SITE} try_files \$uri \$uri/ /index.php?\$query_string;" >> /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "true" ]; then if [ "${CREATE_SSL}" = "yes" ]; then
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE} echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi fi
echo -e " } echo -e " }
location ~ \.php\$ { location ~ \.php\$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
include conf.d/include/php_fastcgi.conf; include conf.d/include/php_fastcgi.conf;
} }
include conf.d/include/general.conf;" >> /etc/nginx/sites-available/${MAIN_SITE} include conf.d/include/general.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "true" ]; then if [ "${CREATE_SSL}" = "yes" ]; then
echo -e " include conf.d/include/letsencrypt-acme-challenge.conf;" >> /etc/nginx/sites-available/${MAIN_SITE} echo -e " include conf.d/include/letsencrypt-acme-challenge.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi fi
echo -e "}" >> /etc/nginx/sites-available/${MAIN_SITE} echo -e "}" >> /etc/nginx/sites-available/${MAIN_SITE}
for nip in "${NODE_HOSTS[@]}" for nip in "${NODE_HOSTS[@]}"; do
do
if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD='' if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
else NCMD="ssh root@${nip}" else NCMD="ssh root@${nip}"
fi fi
${NCMD} mkdir -p /var/www/${MAIN_SITE}/{public_html,nginx_logs} ${NCMD} mkdir -p /var/www/${MAIN_SITE}/{public_html,nginx_logs}
done done
@@ -411,37 +427,37 @@ NEWSITE(){
else else
echo -e "server { echo -e "server {
set \$forward_scheme ${PROXYSCHEME}; set \$forward_scheme ${PROXYSCHEME};
set \$server \"${PROXYHOST}\"; set \$server \"${PROXYHOST}\";
set \$port ${PROXYPORT}; set \$port ${PROXYPORT};
listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE} listen 8080;" > /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "true" ]; then if [ "${CREATE_SSL}" = "yes" ]; then
echo -e " listen 8443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE} echo -e " listen 8443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi fi
echo -e " echo -e "
server_name ${NGINX_SERVERNAME};" >> /etc/nginx/sites-available/${MAIN_SITE} server_name ${NGINX_SERVERNAME};" >> /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "true" ]; then if [ "${CREATE_SSL}" = "yes" ]; then
echo -e " echo -e "
include conf.d/include/letsencrypt-acme-challenge.conf; include conf.d/include/letsencrypt-acme-challenge.conf;
include conf.d/include/ssl-ciphers.conf; include conf.d/include/ssl-ciphers.conf;
ssl_certificate /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem;" >> /etc/nginx/sites-available/${MAIN_SITE} ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi fi
echo -e " echo -e "
access_log /var/log/nginx/proxy-${MAIN_SITE}.log proxy; access_log /var/log/nginx/proxy-${MAIN_SITE}.log proxy;
location / {" >> /etc/nginx/sites-available/${MAIN_SITE} location / {" >> /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "true" ]; then if [ "${CREATE_SSL}" = "yes" ]; then
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE} echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi fi
echo -e " include conf.d/include/proxy.conf; echo -e " include conf.d/include/proxy.conf;
}
} }
} " >> /etc/nginx/sites-available/${MAIN_SITE}
" >> /etc/nginx/sites-available/${MAIN_SITE}
fi fi
ln -s /etc/nginx/sites-available/${MAIN_SITE} /etc/nginx/sites-enabled/${MAIN_SITE} ln -s /etc/nginx/sites-available/${MAIN_SITE} /etc/nginx/sites-enabled/${MAIN_SITE}
if [ "${CREATE_SSL}" = "true" ]; then if [ "${CREATE_SSL}" = "yes" ]; then
NEWCERT ${NEW_SITE} NEWCERT ${NEW_SITE}
else else
SERVICE nginx reload SERVICE nginx reload
@@ -451,8 +467,9 @@ NEWSITE(){
echo "" echo ""
else else
echo "Missing proxy arguments" echo "Missing proxy arguments"
exit 1 Exit 1
fi fi
else else
echo "Missing arguments" echo "Missing arguments"
echo "" echo ""