Update nodemgmt-scripts.sh
This commit is contained in:
@@ -28,7 +28,7 @@ case "$1" in
|
|||||||
do_with_root chmod -R 6775 /etc/letsencrypt
|
do_with_root chmod -R 6775 /etc/letsencrypt
|
||||||
echo -e "${idsCL[LightGreen]}Waiting for certifcate replication between the nodes...${idsCL[Default]}"
|
echo -e "${idsCL[LightGreen]}Waiting for certifcate replication between the nodes...${idsCL[Default]}"
|
||||||
sleep 20
|
sleep 20
|
||||||
"$0" service nginx reload
|
${FOLDER}/nodemgmt-scripts.sh service nginx reload
|
||||||
exit 0
|
exit 0
|
||||||
;;
|
;;
|
||||||
|
|
||||||
@@ -39,7 +39,7 @@ case "$1" in
|
|||||||
do_with_root chmod -R 6775 /etc/letsencrypt 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
|
do_with_root chmod -R 6775 /etc/letsencrypt 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||||
echo -e "${idsCL[LightGreen]}Waiting for certifcate replication between the nodes...${idsCL[Default]}"
|
echo -e "${idsCL[LightGreen]}Waiting for certifcate replication between the nodes...${idsCL[Default]}"
|
||||||
sleep 20
|
sleep 20
|
||||||
"$0" service nginx reload 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
|
${FOLDER}/nodemgmt-scripts.sh service nginx reload 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||||
exit 0
|
exit 0
|
||||||
;;
|
;;
|
||||||
|
|
||||||
@@ -49,7 +49,7 @@ case "$1" in
|
|||||||
do_with_root chown -R root:letsencrypt /etc/letsencrypt &>> /opt/idssys/nodemgmt/cert-renewal.lastrun
|
do_with_root chown -R root:letsencrypt /etc/letsencrypt &>> /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||||
do_with_root chmod -R 6775 /etc/letsencrypt &>> /opt/idssys/nodemgmt/cert-renewal.lastrun
|
do_with_root chmod -R 6775 /etc/letsencrypt &>> /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||||
sleep 20
|
sleep 20
|
||||||
"$0" service nginx reload &>> /opt/idssys/nodemgmt/cert-renewal.lastrun
|
${FOLDER}/nodemgmt-scripts.sh service nginx reload &>> /opt/idssys/nodemgmt/cert-renewal.lastrun
|
||||||
exit 0
|
exit 0
|
||||||
;;
|
;;
|
||||||
|
|
||||||
@@ -64,7 +64,7 @@ case "$1" in
|
|||||||
rm -rf /etc/letsencrypt/live/${DEL_SITE}
|
rm -rf /etc/letsencrypt/live/${DEL_SITE}
|
||||||
rm -f /etc/letsencrypt/renewal/${DEL_SITE}.conf
|
rm -f /etc/letsencrypt/renewal/${DEL_SITE}.conf
|
||||||
sleep 20
|
sleep 20
|
||||||
"$0" service nginx reload
|
${FOLDER}/nodemgmt-scripts.sh service nginx reload
|
||||||
echo -e "${idsCL[LightRed]}Site has been deleted.${idsCL[Default]}"
|
echo -e "${idsCL[LightRed]}Site has been deleted.${idsCL[Default]}"
|
||||||
|
|
||||||
;;
|
;;
|
||||||
@@ -74,6 +74,9 @@ case "$1" in
|
|||||||
site) NEW_SITE=$OPTARG ;;
|
site) NEW_SITE=$OPTARG ;;
|
||||||
type) SITE_TYPE=$OPTARG ;;
|
type) SITE_TYPE=$OPTARG ;;
|
||||||
ssl) CREATE_SSL=$OPTARG ;;
|
ssl) CREATE_SSL=$OPTARG ;;
|
||||||
|
proxy_scheme) PROXYSCHEME=$OPTARG ;;
|
||||||
|
proxy_host) PROXYHOST=$OPTARG ;;
|
||||||
|
proxy_port) PROXYPORT=$OPTARG ;;
|
||||||
:)
|
:)
|
||||||
echo "Invalid option: '${OPTARG}' requires an argument" 1>&2
|
echo "Invalid option: '${OPTARG}' requires an argument" 1>&2
|
||||||
echo ""
|
echo ""
|
||||||
@@ -81,12 +84,18 @@ case "$1" in
|
|||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
|
if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
|
||||||
if [ "${NEW_SITE}" != "" ] && [ "${SITE_TYPE}" != "" ]; then
|
if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
|
||||||
echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${NEW_SITE}${idsCL[LightGreen]}'...${idsCL[Default]}"
|
if [ "${NEW_SITE}" != "" ]]; then
|
||||||
echo ""
|
if [ "${SITE_TYPE}" = "proxy" ]; then
|
||||||
mkdir -p /var/www/${NEW_SITE}/{public_folder,nginx_logs}
|
if [ ! -z ${PROXYSCHEME+x} ] && [ ! -z ${PROXYHOST+x} ] && [ ! -z ${PROXYPORT+x} ]; then GO=true; fi
|
||||||
echo -e "server {
|
else GO=true; fi
|
||||||
|
if [ "${GO}" = "true" ]; then
|
||||||
|
echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${NEW_SITE}${idsCL[LightGreen]}'...${idsCL[Default]}"
|
||||||
|
echo ""
|
||||||
|
mkdir -p /var/www/${NEW_SITE}/{public_folder,nginx_logs}
|
||||||
|
if [ "${SITE_TYPE}" = "local" ]; then
|
||||||
|
echo -e "server {
|
||||||
listen 8443 ssl http2;
|
listen 8443 ssl http2;
|
||||||
listen 8080;
|
listen 8080;
|
||||||
|
|
||||||
@@ -96,37 +105,81 @@ case "$1" in
|
|||||||
root \$base/public_html;
|
root \$base/public_html;
|
||||||
|
|
||||||
access_log /var/www/${NEW_SITE}/nginx_logs/access.log;
|
access_log /var/www/${NEW_SITE}/nginx_logs/access.log;
|
||||||
error_log /var/www/${NEW_SITE}/nginx_logs/error.log warn;
|
error_log /var/www/${NEW_SITE}/nginx_logs/error.log warn;" > /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
|
||||||
|
if [ "${CREATE_SSL}" = "true"]; then
|
||||||
|
echo -e "
|
||||||
ssl_certificate /etc/letsencrypt/live/${NEW_SITE}/fullchain.pem;
|
ssl_certificate /etc/letsencrypt/live/${NEW_SITE}/fullchain.pem;
|
||||||
ssl_certificate_key /etc/letsencrypt/live/${NEW_SITE}/privkey.pem;
|
ssl_certificate_key /etc/letsencrypt/live/${NEW_SITE}/privkey.pem;
|
||||||
include conf.d/include/ssl-ciphers.conf;
|
include conf.d/include/ssl-ciphers.conf;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
fi
|
||||||
|
echo -e "
|
||||||
index index.php;
|
index index.php;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
try_files \$uri \$uri/ /index.php?\$query_string;
|
try_files \$uri \$uri/ /index.php?\$query_string;"
|
||||||
include conf.d/include/force-ssl.conf;
|
if [ "${CREATE_SSL}" = "true"]; then
|
||||||
}
|
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
fi
|
||||||
|
echo -e " }
|
||||||
|
|
||||||
location ~ \.php\$ {
|
location ~ \.php\$ {
|
||||||
fastcgi_pass unix:/var/run/php/php5.6-fpm.sock;
|
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
|
||||||
include conf.d/include/php_fastcgi.conf;
|
include conf.d/include/php_fastcgi.conf;
|
||||||
}
|
}
|
||||||
|
|
||||||
include conf.d/include/general.conf;
|
include conf.d/include/general.conf;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
if [ "${CREATE_SSL}" = "true"]; then
|
||||||
|
echo -e " include conf.d/include/letsencrypt-acme-challenge.conf;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
fi
|
||||||
|
echo -e "}" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
else
|
||||||
|
echo -e "server {
|
||||||
|
set \$forward_scheme ${PROXY_SCHEME};
|
||||||
|
set \$server \"${PROXY_HOST}\";
|
||||||
|
set \$port ${PROXY_PORT};
|
||||||
|
|
||||||
|
listen 8080;" > /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
if [ "${CREATE_SSL}" = "true"]; then
|
||||||
|
echo -e " listen 8443 ssl http2;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
fi
|
||||||
|
echo -e "
|
||||||
|
server_name ${NEW_SITE};
|
||||||
|
" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
if [ "${CREATE_SSL}" = "true"]; then
|
||||||
|
echo -e "
|
||||||
include conf.d/include/letsencrypt-acme-challenge.conf;
|
include conf.d/include/letsencrypt-acme-challenge.conf;
|
||||||
|
include conf.d/include/ssl-ciphers.conf;
|
||||||
|
ssl_certificate /etc/letsencrypt/live/${NEW_SITE}/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/${NEW_SITE}/privkey.pem;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
fi
|
||||||
|
echo -e "
|
||||||
|
access_log /var/www/!NGINX-Logs/proxy-${NEW_SITE}.log proxy;
|
||||||
|
|
||||||
|
location / {" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
if [ "${CREATE_SSL}" = "true"]; then
|
||||||
|
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
|
fi
|
||||||
|
echo -e " include conf.d/include/proxy.conf;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
" > /etc/nginx/sites-available/${NEW_SITE}.conf
|
" >> /etc/nginx/sites-available/${NEW_SITE}.conf
|
||||||
ln -s /etc/nginx/sites-available/${NEW_SITE}.conf /etc/nginx/sites-enabled/${NEW_SITE}.conf
|
fi
|
||||||
echo "Site folders have been created."
|
ln -s /etc/nginx/sites-available/${NEW_SITE}.conf /etc/nginx/sites-enabled/${NEW_SITE}.conf
|
||||||
echo -e "${idsCL[LightGreen]}Waiting for folder replication between the nodes...${idsCL[Default]}"
|
echo "Site folders have been created."
|
||||||
sleep 20
|
echo -e "${idsCL[LightGreen]}Waiting for folder replication between the nodes...${idsCL[Default]}"
|
||||||
nodemgmt set-permissions ${NEW_SITE}
|
sleep 20
|
||||||
nodemgmt newcert ${NEW_SITE}
|
nodemgmt set-permissions ${NEW_SITE}
|
||||||
echo ""
|
if [ "${CREATE_SSL}" = "true" ]; then
|
||||||
echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}"
|
${FOLDER}/nodemgmt-scripts.sh newcert ${NEW_SITE}
|
||||||
echo ""
|
fi
|
||||||
|
echo ""
|
||||||
|
echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}"
|
||||||
|
echo ""
|
||||||
|
else
|
||||||
|
echo "missing proxy arguments"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
echo "Missing parameters"
|
echo "Missing parameters"
|
||||||
echo ""
|
echo ""
|
||||||
@@ -139,7 +192,8 @@ case "$1" in
|
|||||||
printf "%-${width}s: %s\n" " -proxy_host {IP or FQDN}" "(required if type set to proxy)"
|
printf "%-${width}s: %s\n" " -proxy_host {IP or FQDN}" "(required if type set to proxy)"
|
||||||
printf "%-${width}s: %s\n" " -proxy_port {host port}" "(required if type set to proxy)"
|
printf "%-${width}s: %s\n" " -proxy_port {host port}" "(required if type set to proxy)"
|
||||||
echo "}"
|
echo "}"
|
||||||
fi
|
fi
|
||||||
|
exit 1
|
||||||
;;
|
;;
|
||||||
|
|
||||||
update)
|
update)
|
||||||
|
|||||||
Reference in New Issue
Block a user