voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

Update sites.inc

Browse Source
This commit is contained in:
David Schroeder
2023-11-14 08:57:25 -06:00
parent a1a5a43a29
commit 86dc78c45d
1 changed files with 138 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

262
inc/sites.inc
View File

@@ -197,9 +197,7 @@ NEWSITE(){
esac esac
shift shift
done done
#if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
#if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
if [ -z ${NEW_SITE+x} ]; then if [ -z ${NEW_SITE+x} ]; then
until [ "${NEW_SITE}" != "" ]; do until [ "${NEW_SITE}" != "" ]; do
echo -en "${idsCL[LightCyan]}New site domain name (comma seperated for multiple): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}New site domain name (comma seperated for multiple): ${idsCL[Default]}"
@@ -208,7 +206,6 @@ NEWSITE(){
done done
showdivide=yes showdivide=yes
fi fi
if [[ ${NEW_SITE} == *","* ]]; then if [[ ${NEW_SITE} == *","* ]]; then
IFS=','; NEW_SITES=(${NEW_SITE}); unset IFS IFS=','; NEW_SITES=(${NEW_SITE}); unset IFS
MAIN_SITE=${NEW_SITES[0]} MAIN_SITE=${NEW_SITES[0]}
@@ -233,19 +230,17 @@ NEWSITE(){
exit 0 exit 0
fi fi
fi fi
# if [ -z ${CREATE_SSL+x} ]; then
if [ -z ${CREATE_SSL+x} ]; then # echo -en "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}"
echo -en "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}" # read CREATE_SSL
read CREATE_SSL # showdivide=yes
showdivide=yes # if [[ $CREATE_SSL =~ ^[Yy]$ ]] || [ "${CREATE_SSL}" = "" ]; then
if [[ $CREATE_SSL =~ ^[Yy]$ ]] || [ "${CREATE_SSL}" = "" ]; then # CREATE_SSL=yes
CREATE_SSL=yes # else
else # CREATE_SSL=no
CREATE_SSL=no # fi
fi # echo
echo # fi
fi
if [ -z ${SITE_TYPE+x} ]; then if [ -z ${SITE_TYPE+x} ]; then
echo -en "${idsCL[LightCyan]}Site type (local/{proxy}): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}Site type (local/{proxy}): ${idsCL[Default]}"
read SITE_TYPE read SITE_TYPE
@@ -280,75 +275,81 @@ NEWSITE(){
done done
showdivide=yes showdivide=yes
fi fi
if [ -z ${WEBSOCKET+x} ]; then # if [ -z ${WEBSOCKET+x} ]; then
echo -en "${idsCL[LightCyan]}Enable Websocket Support (y/N): ${idsCL[Default]}" # echo -en "${idsCL[LightCyan]}Enable Websocket Support (y/N): ${idsCL[Default]}"
read WEBSOCKET # read WEBSOCKET
showdivide=yes # showdivide=yes
if [[ ${WEBSOCKET} =~ ^[Nn]$ ]] || [ "${WEBSOCKET}" = "" ]; then # if [[ ${WEBSOCKET} =~ ^[Nn]$ ]] || [ "${WEBSOCKET}" = "" ]; then
WEBSOCKET=no # WEBSOCKET=no
elif [[ ${WEBSOCKET} =~ ^[Yy]$ ]]; then # elif [[ ${WEBSOCKET} =~ ^[Yy]$ ]]; then
WEBSOCKET=yes # WEBSOCKET=yes
else # else
WEBSOCKET=no # WEBSOCKET=no
fi # fi
echo # echo
fi # fi
if [ -z ${HSTS+x} ]; then # if [ -z ${HSTS+x} ]; then
echo -en "${idsCL[LightCyan]}Enable HSTS Support (Y/n): ${idsCL[Default]}" # echo -en "${idsCL[LightCyan]}Enable HSTS Support (Y/n): ${idsCL[Default]}"
read HSTS # read HSTS
showdivide=yes # showdivide=yes
([[ ${HSTS} =~ ^[Yy]$ ]] || [ "${HSTS}" = "" ]) && HSTS=yes || HSTS=no # ([[ ${HSTS} =~ ^[Yy]$ ]] || [ "${HSTS}" = "" ]) && HSTS=yes || HSTS=no
echo # echo
fi # fi
if [ -z ${EXPLOITS+x} ]; then # if [ -z ${EXPLOITS+x} ]; then
echo -en "${idsCL[LightCyan]}Block exploits (y/N): ${idsCL[Default]}" # echo -en "${idsCL[LightCyan]}Block exploits (y/N): ${idsCL[Default]}"
read EXPLOITS # read EXPLOITS
showdivide=yes # showdivide=yes
if [[ ${EXPLOITS} =~ ^[Nn]$ ]] || [ "${EXPLOITS}" = "" ]; then # if [[ ${EXPLOITS} =~ ^[Nn]$ ]] || [ "${EXPLOITS}" = "" ]; then
EXPLOITS=no # EXPLOITS=no
elif [[ ${EXPLOITS} =~ ^[Yy]$ ]]; then # elif [[ ${EXPLOITS} =~ ^[Yy]$ ]]; then
EXPLOITS=yes # EXPLOITS=yes
else # else
EXPLOITS=no # EXPLOITS=no
fi # fi
echo # echo
fi # fi
if [ -z ${SECURE+x} ]; then # if [ -z ${SECURE+x} ]; then
echo -en "${idsCL[LightCyan]}Secure site with Authelia SSO (y/N): ${idsCL[Default]}" # echo -en "${idsCL[LightCyan]}Secure site with Authelia SSO (y/N): ${idsCL[Default]}"
read SECURE # read SECURE
showdivide=yes # showdivide=yes
if [[ ${SECURE} =~ ^[Nn]$ ]] || [ "${SECURE}" = "" ]; then # if [[ ${SECURE} =~ ^[Nn]$ ]] || [ "${SECURE}" = "" ]; then
SECURE=no # SECURE=no
elif [[ ${SECURE} =~ ^[Yy]$ ]]; then # elif [[ ${SECURE} =~ ^[Yy]$ ]]; then
echo -en "${idsCL[LightCyan]}Would you like to add a side of MFA with that SSO (Y/n): ${idsCL[Default]}" # echo -en "${idsCL[LightCyan]}Would you like to add a side of MFA with that SSO (Y/n): ${idsCL[Default]}"
read MFA # read MFA
showdivide=yes # showdivide=yes
([[ ${MFA} =~ ^[Yy]$ ]] || [ "${MFA}" = "" ]) && SECURE="2FA" || SECURE="1FA" # ([[ ${MFA} =~ ^[Yy]$ ]] || [ "${MFA}" = "" ]) && SECURE="2FA" || SECURE="1FA"
else # else
SECURE=no # SECURE=no
fi # fi
echo # echo
fi # fi
fi fi
[ "${showdivide}" == "yes" ] && DIVIDER [ "${showdivide}" == "yes" ] && DIVIDER
echo echo
width=18
printf "%-${width}s: %s\n" "New site" "${NEW_SITE}"
printf "%-${width}s: %s\n" "Create SSL" "${CREATE_SSL}" NEWSITE=1
printf "%-${width}s: %s\n" "Site type" "${SITE_TYPE}" EDITSITE
if [ "${SITE_TYPE}" = "proxy" ]; then
printf "%-${width}s: %s\n" "Proxy host" "${PROXYHOST}"
printf "%-${width}s: %s\n" "Proxy port" "${PROXYPORT}" # width=18
printf "%-${width}s: %s\n" "Proxy scheme" "${PROXYSCHEME}" # printf "%-${width}s: %s\n" "New site" "${NEW_SITE}"
printf "%-${width}s: %s\n" "Websocket Support" "${WEBSOCKET}" # printf "%-${width}s: %s\n" "Create SSL" "${CREATE_SSL}"
printf "%-${width}s: %s\n" "HSTS Support" "${HSTS}" # printf "%-${width}s: %s\n" "Site type" "${SITE_TYPE}"
printf "%-${width}s: %s\n" "Block Exploits" "${EXPLOITS}" # if [ "${SITE_TYPE}" = "proxy" ]; then
printf "%-${width}s: %s\n" "Secure Access" "${SECURE}" # printf "%-${width}s: %s\n" "Proxy host" "${PROXYHOST}"
fi # printf "%-${width}s: %s\n" "Proxy port" "${PROXYPORT}"
echo # printf "%-${width}s: %s\n" "Proxy scheme" "${PROXYSCHEME}"
echo -en "${idsCL[LightGreen]}Is this information correct? [Y/n]${idsCL[Default]} " # printf "%-${width}s: %s\n" "Websocket Support" "${WEBSOCKET}"
read -n 1 response # printf "%-${width}s: %s\n" "HSTS Support" "${HSTS}"
echo # printf "%-${width}s: %s\n" "Block Exploits" "${EXPLOITS}"
# printf "%-${width}s: %s\n" "Secure Access" "${SECURE}"
# fi
# echo
# echo -en "${idsCL[LightGreen]}Is this information correct? [Y/n]${idsCL[Default]} "
# read -n 1 response
# echo
if [[ $response =~ ^[Yy]$ ]] || [ "${response}" = "" ]; then if [[ $response =~ ^[Yy]$ ]] || [ "${response}" = "" ]; then
if [ "${SITE_TYPE}" = "proxy" ]; then if [ "${SITE_TYPE}" = "proxy" ]; then
@@ -761,7 +762,6 @@ SITEINFO(){
EDITSITE EDITSITE
else #no site else #no site
echo -e "\033[3A"; for (( c=1; c<=3; c++ )); do echo -e "\r\033[K"; done; echo -e "\033[4A" echo -e "\033[3A"; for (( c=1; c<=3; c++ )); do echo -e "\r\033[K"; done; echo -e "\033[4A"
fi fi
@@ -784,53 +784,67 @@ SITEINFO(){
EDITSITE(){ EDITSITE(){
site=${SITELIST[${siteid}]} site=${SITELIST[${siteid}]}
sitefile=${gosite}/${site}.conf sitefile=${gosite}/${site}.conf
siteconfig=$(cat ${sitefile}) if [ -f ${sitefile} ]; then
if [ "$(echo "${siteconfig}" | grep \#ssl_certificate)" != "" ]; then siteconfig=$(cat ${sitefile})
ssl='-' if [ "$(echo "${siteconfig}" | grep \#ssl_certificate)" != "" ]; then
SUBJECTNAMES="" ssl='-'
else SUBJECTNAMES=""
ssl='Yes' else
ssl='Yes'
certpath=$(echo "${siteconfig}" | grep ssl_certificate_key) certpath=$(echo "${siteconfig}" | grep ssl_certificate_key)
certpath=${certpath%/*} certpath=${certpath%/*}
certpath=${certpath#* } certpath=${certpath#* }
SUBJECTNAMES=$(openssl x509 -in ${certpath}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV) SUBJECTNAMES=$(openssl x509 -in ${certpath}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV)
CERTEXPIRE=$(date -d "$(: | openssl x509 -in ${certpath}/cert.pem -text | grep 'Not After' |awk '{print $4,$5,$7}')" '+%s'); CERTEXPIRE=$(date -d "$(: | openssl x509 -in ${certpath}/cert.pem -text | grep 'Not After' |awk '{print $4,$5,$7}')" '+%s');
SUBJECTNAMES=${SUBJECTNAMES//$'\n'/, } SUBJECTNAMES=${SUBJECTNAMES//$'\n'/, }
fi fi
if [ "$(echo "${siteconfig}" | grep include/proxy.conf)" != "" ]; then if [ "$(echo "${siteconfig}" | grep include/proxy.conf)" != "" ]; then
type='Proxy' type='Proxy'
server=$(echo "${siteconfig}" | grep 'set $server') server=$(echo "${siteconfig}" | grep 'set $server')
server=${server#*\"}; server=${server%\"*} server=${server#*\"}; server=${server%\"*}
servernames=$(echo "${siteconfig}" | grep 'server_name') servernames=$(echo "${siteconfig}" | grep 'server_name')
servernames=${servernames//;/} servernames=${servernames//;/}
servernames=${servernames#* } servernames=${servernames#* }
servernames=${servernames// /,} servernames=${servernames// /,}
scheme=$(echo "${siteconfig}" | grep 'set $forward_scheme') scheme=$(echo "${siteconfig}" | grep 'set $forward_scheme')
scheme=${scheme##* }; scheme=${scheme%;*} scheme=${scheme##* }; scheme=${scheme%;*}
port=$(echo "${siteconfig}" | grep 'set $port') port=$(echo "${siteconfig}" | grep 'set $port')
port=${port##* }; port=${port%;*} port=${port##* }; port=${port%;*}
else else
type='HTTP' type='HTTP'
fi fi
[ "$(echo "${siteconfig}" | grep '\#include conf.d/include/hsts-support.conf')" != "" ] && hsts='-' || hsts='Yes' [ "$(echo "${siteconfig}" | grep '\#include conf.d/include/hsts-support.conf')" != "" ] && hsts='-' || hsts='Yes'
[ "$(echo "${siteconfig}" | grep '\#include conf.d/include/websocket-support.conf')" != "" ] && wbskt='-' || wbskt='Yes' [ "$(echo "${siteconfig}" | grep '\#include conf.d/include/websocket-support.conf')" != "" ] && wbskt='-' || wbskt='Yes'
[ "$(echo "${siteconfig}" | grep '\#include conf.d/include/block-exploits.conf')" != "" ] && explt='-' || explt='Yes' [ "$(echo "${siteconfig}" | grep '\#include conf.d/include/block-exploits.conf')" != "" ] && explt='-' || explt='Yes'
if [ "$(echo "${siteconfig}" | grep '\#include conf.d/include/secure-access.conf')" == "" ]; then if [ "$(echo "${siteconfig}" | grep '\#include conf.d/include/secure-access.conf')" == "" ]; then
sitefacline=$(echo "${autheliaconfig}" | grep -Fn ${site} | sort | tail -n1) sitefacline=$(echo "${autheliaconfig}" | grep -Fn ${site} | sort | tail -n1)
sitefacline=${sitefacline%%:*} sitefacline=${sitefacline%%:*}
if [ "${sitefacline}" == "" ]; then if [ "${sitefacline}" == "" ]; then
lock='error' lock='error'
elif [ ${sitefacline} -lt ${onefacline} ]; then elif [ ${sitefacline} -lt ${onefacline} ]; then
lock='1FA' lock='1FA'
elif [ ${sitefacline} -lt ${twofacline} ]; then elif [ ${sitefacline} -lt ${twofacline} ]; then
lock='2FA' lock='2FA'
fi
else
lock='-'
fi fi
else else
type=${SITE_TYPE}
servernames=${NEW_SITE}
server=${PROXYHOST}
scheme=${PROXYSCHEME}
port=${PROXYPORT}
ssl='Yes'
hsts='Yes'
wbskt='-'
explt='-'
lock='-' lock='-'
fi fi
editc=0 editc=0
until [ "${editc^}" = "C" ]; do until [ "${editc^}" = "C" ]; do
echo -e "\033[K${idsCL[White]}0) Site Address(es): ${idsCL[Cyan]}${idsST[Bold]}${servernames//,/, }${idsST[Reset]}" echo -e "\033[K${idsCL[White]}0) Site Address(es): ${idsCL[Cyan]}${idsST[Bold]}${servernames//,/, }${idsST[Reset]}"