From 10816075446ecb95059e403388da4f0473ab1184 Mon Sep 17 00:00:00 2001
From: David Schroeder <david@schroedercity.com>
Date: Wed, 6 Feb 2019 23:12:35 -0600
Subject: [PATCH] Update nodemgmt-scripts.sh

---
 nodemgmt-scripts.sh | 115 ++++++++++++++++++++++++++++++--------------
 1 file changed, 78 insertions(+), 37 deletions(-)

diff --git a/nodemgmt-scripts.sh b/nodemgmt-scripts.sh
index 36bc0836..88fb40f7 100755
--- a/nodemgmt-scripts.sh
+++ b/nodemgmt-scripts.sh
@@ -109,44 +109,50 @@ NEWCERT(){
 	else
 		NEW_CERT=${1}
 	fi
+	if [[ ${NEW_CERT} == *","* ]]; then
+		IFS=','; NEW_CERTS=(${NEW_CERT}); unset IFS
+		MAIN_CERT=${NEW_CERTS[0]}
+	else
+		MAIN_CERT=${NEW_CERT}
+	fi
 	if [ "${NEW_CERT}" != "" ]; then
 		echo -e "${idsCL[LightGreen]}Requesting Certificate for '${idsCL[Yellow]}${NEW_CERT}${idsCL[LightGreen]}'...${idsCL[Default]}"
 		echo ""
 		do_with_root $CERT_DAEMON certonly --webroot -w /var/www/html -d ${NEW_CERT}
-		if [ -f /etc/letsencrypt/live/${NEW_CERT}/cert.pem ]; then
+		if [ -f /etc/letsencrypt/live/${MAIN_CERT}/cert.pem ]; then
 			do_with_root chown -R root:letsencrypt /etc/letsencrypt
 			do_with_root chmod -R 6775 /etc/letsencrypt
-			rm -f  /opt/idssys/nodemgmt/cert-request.lastrun
-			daterun=`date +%Y-%m-%d-%H-%M`
-			echo -e "${NEW_CERT}\n${daterun}" > /opt/idssys/nodemgmt/cert-request.lastrun
-			yes | cp -rfH /opt/idssys/nodemgmt/cert-request.lastrun /etc/letsencrypt/cert-request.lastrun
-			DIVIDER true
-			echo -en "${idsCL[LightYellow]}Waiting for certifcate replication between the nodes... ${idsCL[Default]}"
-			checked=false
-			timeout=`date --date='2 minutes' +%s`
-			until [ "${checked}" = "" ]; do
-				tchecked=''
-				for nip in "${NODE_HOSTS[@]}"; do
-					if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
-						else NCMD="ssh root@${nip}"
-					fi
-					if [ "${NCMD}" != "" ]; then
-						tchecked+=`${NCMD} "cat /etc/letsencrypt/cert-request.lastrun" | diff - /etc/letsencrypt/cert-request.lastrun`
-					fi
-				done
-				checked=${tchecked}
-				if [ "`date +%s`" -gt "$timeout" ]; then
-					echo -e "${idsCL[Red]}Timeout${idsCL[Default]}"
-					timeout=true
-					echo "Timeout occured in waiting for replication between nodes." | mail -s "Cert-Request" ${STATUS_CHECK_EMAIL}
-					break
-				fi
-			done
-			if [ "${timeout}" != "true" ]; then
-				echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
-			fi
-			echo 
-			SERVICE nginx reload
+			# rm -f  /opt/idssys/nodemgmt/cert-request.lastrun
+			# daterun=`date +%Y-%m-%d-%H-%M`
+			# echo -e "${NEW_CERT}\n${daterun}" > /opt/idssys/nodemgmt/cert-request.lastrun
+			# yes | cp -rfH /opt/idssys/nodemgmt/cert-request.lastrun /etc/letsencrypt/cert-request.lastrun
+			# DIVIDER true
+			# echo -en "${idsCL[LightYellow]}Waiting for certificate replication between the nodes... ${idsCL[Default]}"
+			# checked=false
+			# timeout=`date --date='2 minutes' +%s`
+			# until [ "${checked}" = "" ]; do
+			# 	tchecked=''
+			# 	for nip in "${NODE_HOSTS[@]}"; do
+			# 		if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
+			# 			else NCMD="ssh root@${nip}"
+			# 		fi
+			# 		if [ "${NCMD}" != "" ]; then
+			# 			tchecked+=`${NCMD} "cat /etc/letsencrypt/cert-request.lastrun" | diff - /etc/letsencrypt/cert-request.lastrun`
+			# 		fi
+			# 	done
+			# 	checked=${tchecked}
+			# 	if [ "`date +%s`" -gt "$timeout" ]; then
+			# 		echo -e "${idsCL[Red]}Timeout${idsCL[Default]}"
+			# 		timeout=true
+			# 		echo "Timeout occured in waiting for replication between nodes. (${NEW_CERT})" | mail -s "Cert-Request" ${STATUS_CHECK_EMAIL}
+			# 		break
+			# 	fi
+			# done
+			# if [ "${timeout}" != "true" ]; then
+			# 	echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
+			# fi
+			# echo
+			# SERVICE nginx reload
 			echo -e "${idsCL[Green]}Certificate has been successfully created for '${idsCL[Yellow]}${NEW_CERT}${idsCL[Green]}'...${idsCL[Default]}"
 		else
 			echo ""
@@ -175,7 +181,7 @@ CERTRENEW(){
 	daterun=`date +%Y-%m-%d-%H-%M`
 	echo -e "${daterun}" >> /etc/letsencrypt/cert-renewal.lastrun
 	DIVIDER true
-	echo -en "${idsCL[LightYellow]}Waiting for certifcate replication between the nodes... ${idsCL[Default]}" 
+	echo -en "${idsCL[LightYellow]}Waiting for certificate replication between the nodes... ${idsCL[Default]}" 
 	checked=false
 	timeout=`date --date='2 minutes' +%s`
 	until [ "${checked}" = "" ]; do
@@ -465,7 +471,7 @@ NEWSITE(){
 				echo ""
 				echo -e "Usage: ${idsCL[Yellow]}nodemgmt newcert${idsCL[Default]} {"
 				width=33
-				printf "%-${width}s- %s\n" "    -site {FQDN address(,es)}" "(new site and aliases, comma seperated)"
+				printf "%-${width}s- %s\n" "    -site {FQDN address(,es)}" "(new site and aliases, comma separated)"
 				printf "%-${width}s- %s\n" "    -ssl {yes or no}" "(defaults to yes)"
 				printf "%-${width}s- %s\n" "    -type {'local' or 'proxy'}" "(defaults to local)"
 				printf "%-${width}s- %s\n" "    -port {host port}" "(proxy backend host)"
@@ -612,7 +618,7 @@ NEWSITE(){
 				fi
 				echo -e "
 		server_name ${NGINX_SERVERNAME};" >> /etc/nginx/sites-available/${MAIN_SITE}
-				if [ "${CREATE_SSL}" = "yes" ]; then
+				if [ "${CREATE_SSL}" = "yes" ]; then 
 					echo -e "
 		include conf.d/include/letsencrypt-acme-challenge.conf;
 		include conf.d/include/ssl-ciphers.conf;
@@ -634,9 +640,44 @@ NEWSITE(){
 			ln -s /etc/nginx/sites-available/${MAIN_SITE} /etc/nginx/sites-enabled/${MAIN_SITE}
 			if [ "${CREATE_SSL}" = "yes" ]; then
 				NEWCERT ${NEW_SITE}
-			else
-				SERVICE nginx reload
 			fi
+			
+			rm -f  /opt/idssys/nodemgmt/new-site.lastrun
+			daterun=`date +%Y-%m-%d-%H-%M`
+			echo -e "${NEW_SITE}\n${daterun}" > /opt/idssys/nodemgmt/new-site.lastrun
+			yes | cp -rfH /opt/idssys/nodemgmt/new-site.lastrun /etc/nginx/new-site.lastrun
+			yes | cp -rfH /opt/idssys/nodemgmt/new-site.lastrun /var/www/new-site.lastrun
+			daterun=`date +%Y-%m-%d-%H-%M`
+			echo -e "${daterun}" >> /etc/nginx/new-site.lastrun
+			DIVIDER true
+			echo -en "${idsCL[LightYellow]}Waiting for certificate replication between the nodes... ${idsCL[Default]}" 
+			checked=false
+			timeout=`date --date='2 minutes' +%s`
+			until [ "${checked}" = "" ]; do
+				tchecked=''
+				for nip in "${NODE_HOSTS[@]}"; do
+					if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
+						else NCMD="ssh root@${nip}"
+					fi
+					if [ "${NCMD}" != "" ]; then
+						tchecked+=`${NCMD} "cat /etc/nginx/new-site.lastrun" | diff - /etc/nginx/new-site.lastrun`
+						tchecked+=`${NCMD} "cat /var/www/new-site.lastrun" | diff - /var/www/new-site.lastrun`
+					fi
+				done
+				checked=${tchecked}
+				if [ "`date +%s`" -gt "$timeout" ]; then
+					echo -e "${idsCL[Red]}Timeout${idsCL[Default]}"
+					timeout=true
+					echo "Timeout occurred in waiting for replication between nodes." | mail -s "New-Site" ${STATUS_CHECK_EMAIL}
+					break
+				fi
+			done
+			if [ "${timeout}" != "true" ]; then
+				echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
+			fi
+			echo
+			
+			SERVICE nginx reload
 			echo ""
 			echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}"
 			echo ""