voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

update

Browse Source
This commit is contained in:
David Schroeder
2023-11-10 09:40:44 -06:00
parent 153a1fbe47
commit 1be15e3ee8
5 changed files with 132 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
defaults.inc
View File

@@ -134,9 +134,9 @@ else
done
fi
# echo "HERE: RUN_NODE_TYPE=$RUN_NODE_TYPE RUN_NODE_IP=$RUN_NODE_IP"
[ "${NM_REPL_NGINX_PATHS[${RUN_NODE_TYPE}]}" != "" ] && NM_NGINXPATH=${NM_REPL_NGINX_PATHS[${RUN_NODE_TYPE}]} || NM_NGINXPATH=/etc/nginx
[ "${NM_CERTPATHS[${RUN_NODE_TYPE}]}" != "" ] && NM_CERTPATH=${NM_CERTPATHS[${RUN_NODE_TYPE}]} || NM_CERTPATH=/etc/letsencrypt
[ "${NM_WWWPATHS[${RUN_NODE_TYPE}]}" != "" ] && NM_WWWPATH=${NM_WWWPATHS[${RUN_NODE_TYPE}]} || NM_WWWPATH=/var/www
[ "${NM_REPL_NGINX_PATHS}" != "" ] && [ "${NM_REPL_NGINX_PATHS[${RUN_NODE_TYPE}]}" != "" ] && NM_NGINXPATH=${NM_REPL_NGINX_PATHS[${RUN_NODE_TYPE}]} || NM_NGINXPATH=/etc/nginx
[ "${NM_CERTPATHS}" != "" ] && [ "${NM_CERTPATHS[${RUN_NODE_TYPE}]}" != "" ] && NM_CERTPATH=${NM_CERTPATHS[${RUN_NODE_TYPE}]} || NM_CERTPATH=/etc/letsencrypt
[ "${NM_WWWPATHS}" != "" ] && [ "${NM_WWWPATHS[${RUN_NODE_TYPE}]}" != "" ] && NM_WWWPATH=${NM_WWWPATHS[${RUN_NODE_TYPE}]} || NM_WWWPATH=/var/www
declare -A NM_SRVCOPTS
NM_SRVCOPTS['status']='Status'

13
inc/certs.inc
View File

@@ -1,5 +1,12 @@
#!/usr/bin/env bash
NEWCERT(){
CERTTEST=0
while [ $# -gt 0 ]; do
case "$1" in
-test) CERTTEST=1;;
esac
shift
done
echo
if [ -z ${1+x} ]; then
echo -e -n "${idsCL[LightCyan]}Create certificate for what name (comma seperated for mutiple) : ${idsCL[Default]}"
@@ -20,7 +27,11 @@ NEWCERT(){
# $CERT_DAEMON certonly --webroot -w ${NM_CERTPATH}/letsencrypt-acme-challenge -d ${NEW_CERT}
# $CERT_DAEMON certonly --webroot --preferred-chain "ISRG Root X1" -w ${NM_CERTPATH}/letsencrypt-acme-challenge -d ${NEW_CERT}
$CERT_DAEMON certonly --dry-run --webroot --preferred-chain "ISRG Root X1" -w ${NM_CERTPATH}/letsencrypt-acme-challenge -d ${NEW_CERT}
if [ ${CERTTEST} -eq 1 ]; then
$CERT_DAEMON certonly --dry-run --webroot --preferred-chain "ISRG Root X1" -w ${NM_CERTPATH}/letsencrypt-acme-challenge -d ${NEW_CERT}
else
$CERT_DAEMON certonly --webroot --preferred-chain "ISRG Root X1" -w ${NM_CERTPATH}/letsencrypt-acme-challenge -d ${NEW_CERT}
fi
# $CERT_DAEMON certonly --dry-run --webroot -w ${NM_CERTPATH}/letsencrypt-acme-challenge -d ${NEW_CERT}
chown -R root:le ${NM_CERTPATH}

202
inc/services.inc
View File

@@ -217,7 +217,7 @@ SERVICE(){
if [ "${1}" = "nginx" ] && ([ "${3}" == "" ] || [ "${3}" == "all" ]); then
if [ "${RUN_NODE_TYPE}" != "" ] && [ "${NM_REPL_NGINX_PATHS[${RUN_NODE_TYPE}]}" != "" ] && ([ "${2}" = "restart" ] || [ "${2}" = "reload" ]); then
if [ "${RUN_NODE_TYPE}" != "" ] && [ "${NM_REPL_NGINX_PATHS}" != "" ] && [ "${NM_REPL_NGINX_PATHS[${RUN_NODE_TYPE}]}" != "" ] && ([ "${2}" = "restart" ] || [ "${2}" = "reload" ]); then
if [ "${3}" != "ns" ]; then
if [ "${3}" != "q" ]; then
echo -en "${idsCL[LightYellow]}Verifying replication across the nodes... ${idsCL[Default]}"
@@ -270,103 +270,125 @@ SERVICE(){
echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
echo
fi
for NTYPE in "${NTS[@]}"; do
var1=${NTYPE}_SERVICES_CHECK[@]
# if [[ "${!var1}" = *"${1}"* ]]; then
if [[ " ${!var1} " =~ " ${1} " ]]; then
nid=1
if [ "${3}" != "" ]; then
var2=(${3})
sethost=true;
else
var2=${NTYPE}_HOSTS[@]
IFS=' '
var2=(${!var2})
unset IFS
sethost=false
fi
for nip in "${var2[@]}"; do
# if [[ "${RUN_NODE_IP}" == *"${3}"* ]]; then GO=true;
# elif [ ! -z ${3+x} ] || [ "${3}" == "q" ]; then GO=true;
# else GO=false;
# fi
# if [ "${GO}" == "true" ]; then
if [ $sethost == true ]; then
nodename=${NM_HOSTNAMES[${3}]}
if [ "${NTS}" == "" ]; then
for NTYPE in "${NTS[@]}"; do
var1=${NTYPE}_SERVICES_CHECK[@]
# if [[ "${!var1}" = *"${1}"* ]]; then
if [[ " ${!var1} " =~ " ${1} " ]]; then
nid=1
if [ "${3}" != "" ]; then
var2=(${3})
sethost=true;
else
nodename="${NM_HOSTNAMES[${nip}]}[${nip}]"
var2=${NTYPE}_HOSTS[@]
IFS=' '
var2=(${!var2})
unset IFS
sethost=false
fi
if [[ "${RUN_NODE_IP}" == *"${nip}"* ]]; then
nip='localhost '
NCMD=''
for nip in "${var2[@]}"; do
# if [[ "${RUN_NODE_IP}" == *"${3}"* ]]; then GO=true;
# elif [ ! -z ${3+x} ] || [ "${3}" == "q" ]; then GO=true;
# else GO=false;
# fi
# if [ "${GO}" == "true" ]; then
if [ $sethost == true ]; then
nodename=${NM_HOSTNAMES[${3}]}
else
NCMD="ssh root@${nip}"
nodename="${NM_HOSTNAMES[${nip}]}[${nip}]"
fi
if [[ "${RUN_NODE_IP}" == *"${nip}"* ]]; then
nip='localhost '
NCMD=''
else
NCMD="ssh root@${nip}"
fi
NOGOCHK=true;
# if [ "${1}" == "gitea" ] || [ "${1}" == "pdnsadmin" ] || [ "${1}" == "pdnsadmin.socket" ]; then
if [ "${1}" == "gitea" ]; then
if [[ $($NCMD ip addr show $(ip route | awk '/default/ { print $5 }') | grep "inet" | head -n 1 | awk '/inet/ {print $2}' | cut -d'/' -f1) != *${NM_SINGLESRVR_IP['WEB']}* ]]; then
NOGOCHK=false;
fi
elif [ "${1}" == "headscale" ]; then
if [[ $($NCMD ip addr show $(ip route | awk '/default/ { print $5 }') | grep "inet" | head -n 1 | awk '/inet/ {print $2}' | cut -d'/' -f1) != *${NM_SINGLESRVR_IP['HS']}* ]]; then
NOGOCHK=false;
fi
fi
if [ "${NOGOCHK}" == "true" ]; then
if [ "${3}" != "q" ]; then
echo -en "${NM_SRVCOPTS[${2}]}ing on ${nodename} ($nip)... ${idsCL[Default]}"
fi
checkhost=$(CHECK_HOST ${nip})
if [ "${checkhost}" != "false" ]; then
if [ "${1}"= = "offsite-power-check" ]; then
if [ "${3}" != "q" ] && [ "${2}" != "status" ]; then
if [ "$(ssh root@${nip} ps -U root | grep "offsite-power-check.sh start" | grep -v "grep" | awk '{print $1}')" != "" ]; then
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
else
echo -e "${idsCL[Red]}Not Running${idsCL[Default]}"
fi
fi
else
[ "${1}" = "pdnsadmin" ] && srva="pdnsadmin.socket pdnsadmin.service" || srva=${1}
if [ "${2}" != "status" ]; then
$NCMD systemctl ${2} ${srva} >/dev/null 2>&1
else
echo
$NCMD systemctl ${2} ${srva}
echo
fi
if [ "${3}" != "q" ] && [ "${2}" != "status" ]; then
if [[ "enable,disable" = *"${2}"* ]] || [ "${1}" = "daemon-reload" ]; then
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
elif [ "$(${NCMD} systemctl is-active ${1})" = "active" ]; then
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
elif [ "$2" = "stop" ]; then
echo -e "${idsCL[Red]}STOPPED${idsCL[Default]}"
else
echo -e "${idsCL[Red]}ERROR${idsCL[Default]}"
fi
fi
NOGOCHK=true;
if [ "${1}" == "gitea" ]; then
if [[ $($NCMD ip addr show $(ip route | awk '/default/ { print $5 }') | grep "inet" | head -n 1 | awk '/inet/ {print $2}' | cut -d'/' -f1) != *${NM_SINGLESRVR_IP['WEB']}* ]]; then
NOGOCHK=false;
fi
elif [ "${1}" == "headscale" ]; then
if [[ $($NCMD ip addr show $(ip route | awk '/default/ { print $5 }') | grep "inet" | head -n 1 | awk '/inet/ {print $2}' | cut -d'/' -f1) != *${NM_SINGLESRVR_IP['HS']}* ]]; then
NOGOCHK=false;
fi
elif [ "${3}" != "q" ]; then
echo -e "${idsCL[Red]}Node is Down${idsCL[Default]}"
fi
fi
# fi
nid=`expr $nid + 1`
# if [ "${1}" = "gitea" ]; then
# break
# fi
done
if [ "${NOGOCHK}" == "true" ]; then
if [ "${3}" != "q" ]; then
echo -en "${NM_SRVCOPTS[${2}]}ing on ${nodename} ($nip)... ${idsCL[Default]}"
fi
checkhost=$(CHECK_HOST ${nip})
if [ "${checkhost}" != "false" ]; then
if [ "${1}"= = "offsite-power-check" ]; then
if [ "${3}" != "q" ] && [ "${2}" != "status" ]; then
if [ "$(ssh root@${nip} ps -U root | grep "offsite-power-check.sh start" | grep -v "grep" | awk '{print $1}')" != "" ]; then
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
else
echo -e "${idsCL[Red]}Not Running${idsCL[Default]}"
fi
fi
else
[ "${1}" = "pdnsadmin" ] && srva="pdnsadmin.socket pdnsadmin.service" || srva=${1}
if [ "${2}" != "status" ]; then
$NCMD systemctl ${2} ${srva} >/dev/null 2>&1
else
echo
$NCMD systemctl ${2} ${srva}
echo
fi
if [ "${3}" != "q" ] && [ "${2}" != "status" ]; then
if [[ "enable,disable" = *"${2}"* ]] || [ "${1}" = "daemon-reload" ]; then
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
elif [ "$(${NCMD} systemctl is-active ${1})" = "active" ]; then
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
elif [ "$2" = "stop" ]; then
echo -e "${idsCL[Red]}STOPPED${idsCL[Default]}"
else
echo -e "${idsCL[Red]}ERROR${idsCL[Default]}"
fi
fi
fi
elif [ "${3}" != "q" ]; then
echo -e "${idsCL[Red]}Node is Down${idsCL[Default]}"
fi
fi
# fi
nid=`expr $nid + 1`
# if [ "${1}" = "gitea" ]; then
# break
# fi
done
fi
done
else #no-nodetypes, standalone setup
echo -en "${NM_SRVCOPTS[${2}]}ing on localhost ... ${idsCL[Default]}"
if [ "${2}" != "status" ]; then
systemctl ${2} ${srva} >/dev/null 2>&1
else
echo
systemctl ${2} ${srva}
echo
fi
done
if [ "${3}" != "q" ] && [ "${2}" != "status" ]; then
if [[ "enable,disable" = *"${2}"* ]] || [ "${1}" = "daemon-reload" ]; then
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
elif [ "$(systemctl is-active ${1})" = "active" ]; then
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
elif [ "$2" = "stop" ]; then
echo -e "${idsCL[Red]}STOPPED${idsCL[Default]}"
else
echo -e "${idsCL[Red]}ERROR${idsCL[Default]}"
fi
fi
fi
fi
if [ "${3}" != "q" ]; then

22
inc/sites.inc
View File

@@ -195,9 +195,11 @@ LISTSITES(){
}
NEWSITE(){
CERTTEST=0
echo
while [ $# -gt 0 ]; do
case "$1" in
-test) CERTTEST=1;;
-site) NEW_SITE=${2};;
-type) SITE_TYPE=${2};;
-ssl) CREATE_SSL=${2};;
@@ -454,7 +456,7 @@ NEWSITE(){
fi
if [ "${CREATE_SSL}" = "yes" ]; then
[ "${ssladd}" != "" ] && NEWCERT ${NEW_SITE},${ssladd} newsite || NEWCERT ${NEW_SITE} newsite
[ "${ssladd}" != "" ] && NEWCERT ${NEW_SITE},${ssladd} newsite ${CERTTEST} || NEWCERT ${NEW_SITE} newsite ${CERTTEST}
# if [ "${SITE_TYPE}" == "proxy" ]; then
sed -i "s/#ssl_certificate/ssl_certificate/g" ${nginxconfig}
# fi
@@ -471,27 +473,11 @@ NEWSITE(){
echo
echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}"
echo
echo -e -n "${idsCL[LightCyan]}Reload NGINX on LB Nodes (Y/n): ${idsCL[Default]}"
echo -e -n "${idsCL[LightCyan]}Reload NGINX on all Nodes (Y/n): ${idsCL[Default]}"
read -n 1 NGINXRELOAD
if [[ ${NGINXRELOAD} =~ ^[Nn]$ ]]; then
tmp=''
else
# echo
# echo -en "${idsCL[LightYellow]}Verifying '${NEW_SITE}' replication across the nodes... ${idsCL[Default]}"
# for nip in "${NM_HOSTS['LB'][@]}"; do
# checkhost=$(CHECK_HOST ${nip})
# if [ "${checkhost}" != "false" ]; then
# if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) != *"${nip}"* ]]; then
# checked=false
# until [ "${checked}" = "" ]; do
# checked=`ssh root@${nip} "[ ! -f ${nginxconfig} ] && echo '.'"`
# done
# fi
# fi
# done
# rm -f ${NM_CERTPATH}/live/${MAIN_CERT}/newcert
# echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
echo
SERVICE nginx restart
fi

2
nodemgmt-scripts.sh
View File

@@ -900,7 +900,7 @@ GUI(){
DISP_HEADER
fi
case $action in
newcert) NEWCERT ${2};;
newcert) NEWCERT ${2} ${3};;
certrenew) CERTRENEW;;
delssl) DEL-SSL ${2};;
listcerts) LISTCERTS;;