Update nodemgmt-scripts.sh
This commit is contained in:
@@ -28,7 +28,7 @@ case "$1" in
|
||||
do_with_root chmod -R 6775 /etc/letsencrypt
|
||||
echo -e "${idsCL[LightGreen]}Waiting for certifcate replication between the nodes...${idsCL[Default]}"
|
||||
sleep 20
|
||||
"$0" service nginx reload
|
||||
${FOLDER}/nodemgmt-scripts.sh service nginx reload
|
||||
exit 0
|
||||
;;
|
||||
|
||||
@@ -39,7 +39,7 @@ case "$1" in
|
||||
do_with_root chmod -R 6775 /etc/letsencrypt 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||
echo -e "${idsCL[LightGreen]}Waiting for certifcate replication between the nodes...${idsCL[Default]}"
|
||||
sleep 20
|
||||
"$0" service nginx reload 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||
${FOLDER}/nodemgmt-scripts.sh service nginx reload 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||
exit 0
|
||||
;;
|
||||
|
||||
@@ -49,7 +49,7 @@ case "$1" in
|
||||
do_with_root chown -R root:letsencrypt /etc/letsencrypt &>> /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||
do_with_root chmod -R 6775 /etc/letsencrypt &>> /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||
sleep 20
|
||||
"$0" service nginx reload &>> /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||
${FOLDER}/nodemgmt-scripts.sh service nginx reload &>> /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||
exit 0
|
||||
;;
|
||||
|
||||
@@ -64,7 +64,7 @@ case "$1" in
|
||||
rm -rf /etc/letsencrypt/live/${DEL_SITE}
|
||||
rm -f /etc/letsencrypt/renewal/${DEL_SITE}.conf
|
||||
sleep 20
|
||||
"$0" service nginx reload
|
||||
${FOLDER}/nodemgmt-scripts.sh service nginx reload
|
||||
echo -e "${idsCL[LightRed]}Site has been deleted.${idsCL[Default]}"
|
||||
|
||||
;;
|
||||
@@ -74,6 +74,9 @@ case "$1" in
|
||||
site) NEW_SITE=$OPTARG ;;
|
||||
type) SITE_TYPE=$OPTARG ;;
|
||||
ssl) CREATE_SSL=$OPTARG ;;
|
||||
proxy_scheme) PROXYSCHEME=$OPTARG ;;
|
||||
proxy_host) PROXYHOST=$OPTARG ;;
|
||||
proxy_port) PROXYPORT=$OPTARG ;;
|
||||
:)
|
||||
echo "Invalid option: '${OPTARG}' requires an argument" 1>&2
|
||||
echo ""
|
||||
@@ -81,12 +84,18 @@ case "$1" in
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ "${NEW_SITE}" != "" ] && [ "${SITE_TYPE}" != "" ]; then
|
||||
echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${NEW_SITE}${idsCL[LightGreen]}'...${idsCL[Default]}"
|
||||
echo ""
|
||||
mkdir -p /var/www/${NEW_SITE}/{public_folder,nginx_logs}
|
||||
echo -e "server {
|
||||
if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
|
||||
if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
|
||||
if [ "${NEW_SITE}" != "" ]]; then
|
||||
if [ "${SITE_TYPE}" = "proxy" ]; then
|
||||
if [ ! -z ${PROXYSCHEME+x} ] && [ ! -z ${PROXYHOST+x} ] && [ ! -z ${PROXYPORT+x} ]; then GO=true; fi
|
||||
else GO=true; fi
|
||||
if [ "${GO}" = "true" ]; then
|
||||
echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${NEW_SITE}${idsCL[LightGreen]}'...${idsCL[Default]}"
|
||||
echo ""
|
||||
mkdir -p /var/www/${NEW_SITE}/{public_folder,nginx_logs}
|
||||
if [ "${SITE_TYPE}" = "local" ]; then
|
||||
echo -e "server {
|
||||
listen 8443 ssl http2;
|
||||
listen 8080;
|
||||
|
||||
@@ -96,37 +105,81 @@ case "$1" in
|
||||
root \$base/public_html;
|
||||
|
||||
access_log /var/www/${NEW_SITE}/nginx_logs/access.log;
|
||||
error_log /var/www/${NEW_SITE}/nginx_logs/error.log warn;
|
||||
error_log /var/www/${NEW_SITE}/nginx_logs/error.log warn;" > /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
|
||||
if [ "${CREATE_SSL}" = "true"]; then
|
||||
echo -e "
|
||||
ssl_certificate /etc/letsencrypt/live/${NEW_SITE}/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/${NEW_SITE}/privkey.pem;
|
||||
include conf.d/include/ssl-ciphers.conf;
|
||||
|
||||
include conf.d/include/ssl-ciphers.conf;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
fi
|
||||
echo -e "
|
||||
index index.php;
|
||||
|
||||
location / {
|
||||
try_files \$uri \$uri/ /index.php?\$query_string;
|
||||
include conf.d/include/force-ssl.conf;
|
||||
}
|
||||
try_files \$uri \$uri/ /index.php?\$query_string;"
|
||||
if [ "${CREATE_SSL}" = "true"]; then
|
||||
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
fi
|
||||
echo -e " }
|
||||
|
||||
location ~ \.php\$ {
|
||||
fastcgi_pass unix:/var/run/php/php5.6-fpm.sock;
|
||||
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
|
||||
include conf.d/include/php_fastcgi.conf;
|
||||
}
|
||||
|
||||
include conf.d/include/general.conf;
|
||||
include conf.d/include/general.conf;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
if [ "${CREATE_SSL}" = "true"]; then
|
||||
echo -e " include conf.d/include/letsencrypt-acme-challenge.conf;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
fi
|
||||
echo -e "}" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
else
|
||||
echo -e "server {
|
||||
set \$forward_scheme ${PROXY_SCHEME};
|
||||
set \$server \"${PROXY_HOST}\";
|
||||
set \$port ${PROXY_PORT};
|
||||
|
||||
listen 8080;" > /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
if [ "${CREATE_SSL}" = "true"]; then
|
||||
echo -e " listen 8443 ssl http2;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
fi
|
||||
echo -e "
|
||||
server_name ${NEW_SITE};
|
||||
" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
if [ "${CREATE_SSL}" = "true"]; then
|
||||
echo -e "
|
||||
include conf.d/include/letsencrypt-acme-challenge.conf;
|
||||
include conf.d/include/ssl-ciphers.conf;
|
||||
ssl_certificate /etc/letsencrypt/live/${NEW_SITE}/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/${NEW_SITE}/privkey.pem;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
fi
|
||||
echo -e "
|
||||
access_log /var/www/!NGINX-Logs/proxy-${NEW_SITE}.log proxy;
|
||||
|
||||
location / {" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
if [ "${CREATE_SSL}" = "true"]; then
|
||||
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
fi
|
||||
echo -e " include conf.d/include/proxy.conf;
|
||||
}
|
||||
}
|
||||
" > /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
ln -s /etc/nginx/sites-available/${NEW_SITE}.conf /etc/nginx/sites-enabled/${NEW_SITE}.conf
|
||||
echo "Site folders have been created."
|
||||
echo -e "${idsCL[LightGreen]}Waiting for folder replication between the nodes...${idsCL[Default]}"
|
||||
sleep 20
|
||||
nodemgmt set-permissions ${NEW_SITE}
|
||||
nodemgmt newcert ${NEW_SITE}
|
||||
echo ""
|
||||
echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}"
|
||||
echo ""
|
||||
" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||
fi
|
||||
ln -s /etc/nginx/sites-available/${NEW_SITE}.conf /etc/nginx/sites-enabled/${NEW_SITE}.conf
|
||||
echo "Site folders have been created."
|
||||
echo -e "${idsCL[LightGreen]}Waiting for folder replication between the nodes...${idsCL[Default]}"
|
||||
sleep 20
|
||||
nodemgmt set-permissions ${NEW_SITE}
|
||||
if [ "${CREATE_SSL}" = "true" ]; then
|
||||
${FOLDER}/nodemgmt-scripts.sh newcert ${NEW_SITE}
|
||||
fi
|
||||
echo ""
|
||||
echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}"
|
||||
echo ""
|
||||
else
|
||||
echo "missing proxy arguments"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo "Missing parameters"
|
||||
echo ""
|
||||
@@ -139,7 +192,8 @@ case "$1" in
|
||||
printf "%-${width}s: %s\n" " -proxy_host {IP or FQDN}" "(required if type set to proxy)"
|
||||
printf "%-${width}s: %s\n" " -proxy_port {host port}" "(required if type set to proxy)"
|
||||
echo "}"
|
||||
fi
|
||||
fi
|
||||
exit 1
|
||||
;;
|
||||
|
||||
update)
|
||||
|
||||
Reference in New Issue
Block a user