voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

Update sites.inc

Browse Source
This commit is contained in:
David Schroeder
2023-11-14 08:23:04 -06:00
parent bf07742ec9
commit a797fa26b7
1 changed files with 183 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

363
inc/sites.inc
View File

@@ -758,195 +758,16 @@ SITEINFO(){
exit 0
elif [ "${SITELIST[${siteid}]}" != "" ]; then
site=${SITELIST[${siteid}]}
sitefile=${gosite}/${site}.conf
siteconfig=$(cat ${sitefile})
if [ "$(echo "${siteconfig}" | grep \#ssl_certificate)" != "" ]; then
ssl='-'
SUBJECTNAMES=""
else
ssl='Yes'
certpath=$(echo "${siteconfig}" | grep ssl_certificate_key)
certpath=${certpath%/*}
certpath=${certpath#* }
SUBJECTNAMES=$(openssl x509 -in ${certpath}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV)
CERTEXPIRE=$(date -d "$(: | openssl x509 -in ${certpath}/cert.pem -text | grep 'Not After' |awk '{print $4,$5,$7}')" '+%s');
SUBJECTNAMES=${SUBJECTNAMES//$'\n'/, }
fi
if [ "$(echo "${siteconfig}" | grep include/proxy.conf)" != "" ]; then
type='Proxy'
server=$(echo "${siteconfig}" | grep 'set $server')
server=${server#*\"}; server=${server%\"*}
servernames=$(echo "${siteconfig}" | grep 'server_name')
servernames=${servernames//;/}
servernames=${servernames#* }
servernames=${servernames// /,}
scheme=$(echo "${siteconfig}" | grep 'set $forward_scheme')
scheme=${scheme##* }; scheme=${scheme%;*}
port=$(echo "${siteconfig}" | grep 'set $port')
port=${port##* }; port=${port%;*}
else
type='HTTP'
fi
[ "$(echo "${siteconfig}" | grep '\#include conf.d/include/hsts-support.conf')" != "" ] && hsts='-' || hsts='Yes'
[ "$(echo "${siteconfig}" | grep '\#include conf.d/include/websocket-support.conf')" != "" ] && wbskt='-' || wbskt='Yes'
[ "$(echo "${siteconfig}" | grep '\#include conf.d/include/block-exploits.conf')" != "" ] && explt='-' || explt='Yes'
if [ "$(echo "${siteconfig}" | grep '\#include conf.d/include/secure-access.conf')" == "" ]; then
sitefacline=$(echo "${autheliaconfig}" | grep -Fn ${site} | sort | tail -n1)
sitefacline=${sitefacline%%:*}
if [ "${sitefacline}" == "" ]; then
lock='error'
elif [ ${sitefacline} -lt ${onefacline} ]; then
lock='1FA'
elif [ ${sitefacline} -lt ${twofacline} ]; then
lock='2FA'
fi
else
lock='-'
fi
editc=0
until [ "${editc^}" = "C" ]; do
echo -e "\033[K${idsCL[White]}0) Site Address(es): ${idsCL[Cyan]}${idsST[Bold]}${servernames}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}1) Site Type: ${idsCL[Cyan]}${idsST[Bold]}${type}${idsST[Reset]}"
echo -en "\033[K${idsCL[White]}2) SSL Secure: ${idsCL[Cyan]}${idsST[Bold]}${ssl}${idsST[Reset]}"
[ "${SUBJECTNAMES}" != "" ] && echo -e " ${idsCL[Cyan]}[SSL Names: ${idsCL[Yellow]}${SUBJECTNAMES}${idsCL[Cyan]}; expires ${idsCL[Yellow]}$(date -d @${CERTEXPIRE} '+%m-%d-%Y')${idsCL[Cyan]}]" || echo
echo -e "\033[K${idsCL[White]}3) HSTS Enabled: ${idsCL[Cyan]}${idsST[Bold]}${hsts}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}4) Web Sockets: ${idsCL[Cyan]}${idsST[Bold]}${wbskt}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}5) Exploits Block: ${idsCL[Cyan]}${idsST[Bold]}${explt}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}6) Secured Access: ${idsCL[Cyan]}${idsST[Bold]}${lock}${idsST[Reset]}"
if [ "${type}" == "Proxy" ]; then
echo -e "\033[K${idsCL[White]}7) Proxy Address: ${idsCL[Cyan]}${idsST[Bold]}${server}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}8) Proxy Scheme: ${idsCL[Cyan]}${idsST[Bold]}${scheme}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}9) Proxy Port: ${idsCL[Cyan]}${idsST[Bold]}${port}${idsST[Reset]}"
else
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K"
fi
if [ "${editc}" != "s" ]; then
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K (${idsCL[Green]}S${idsCL[Default]})ave Site, (${idsCL[Red]}D${idsCL[Default]})elete Site, (${idsCL[Yellow]}C${idsCL[Default]})ancel, (${idsCL[Yellow]}E${idsCL[Default]})xit"
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[7A"
echo -en "\033[K\n\033[K\r${idsCL[LightCyan]}Enter the item number to edit: ${idsCL[Default]}"
read -n 1 editc
case "${editc}" in
0) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Server Names (comma seperated): "
read -i "${servernames}" -e servernames
servernames=${servernames//, /,}
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
1) [ "${type}" == "HTTP" ] && type='Proxy' || type='HTTP';;
2) [ "${ssl}" == "-" ] && ssl='Yes' || ssl='-';;
3) [ "${hsts}" == "-" ] && hsts='Yes' || hsts='-';;
4) [ "${wbskt}" == "-" ] && wbskt='Yes' || wbskt='-';;
5) [ "${explt}" == "-" ] && explt='Yes' || explt='-';;
6) if [ "${lock}" == "-" ]; then
lock='1FA'
elif [ "${lock}" == "1FA" ]; then
lock='2FA'
elif [ "${lock}" == "2FA" ]; then
lock='-'
fi
;;
7) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Proxy Address: "
read -i "${server}" -e server
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
8) [ "${scheme}" == "http" ] && scheme='https' || scheme='http';;
9) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Proxy Port: "
read -i "${port}" -e port
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
[Cc])
echo -e "\r\033[K\n\r\033[K\n\r\033[K"
echo -e "\033[16A"; for (( c=1; c<=16; c++ )); do echo -e "\r\033[K"; done; echo -e "\033[16A"
echo -e "\n\n\n\n\n\n\n\n"
;;
[Dd])
echo -e "\033[K\n\033[K"
echo -en "\033[K${idsCL[LightCyan]}Are you sure you wish to delete the site and associated SSL if applicable (y/N): ${idsCL[Default]}"
read -n 1 delconfirm
case "${delconfirm}" in
[Yy])
echo -en "\n\n${idsCL[LightCyan]}Removing site ... "
DELSITE -site ${site} -ssl yes >/dev/null 2>&1
echo -e "${idsCL[LightGreen]}Done\n${idsCL[Default]}"
[ "${SEARCH}" != "0" ] && SITEINFO -edit -search ${SEARCH} || SITEINFO -edit
exit 0
;;
*)
[ "${delconfirm}" != "" ] && echo
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
esac
;;
[Ee])
echo -e "\033[K"
exit 0
;;
EDITSITE
*) ;;
esac
[ "${editc}" == "" ] && echo -e "\033[13A" || echo -e "\033[12A"
else
for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[6A"
echo -en "\n\033[K${idsCL[LightCyan]}Confirm changes (Y/n): ${idsCL[Default]}"
read -n 1 confirm
case "${confirm}" in
[Nn])
editc=C
echo -e "\r\033[K\n\r\033[K\n\r\033[K"
echo -e "\033[13A"; for (( c=1; c<=13; c++ )); do echo -e "\r\033[K"; done; echo -e "\033[17A"
;;
*)
[ "${confirm}" !="" ] && echo
echo -en "\033[1A\033[K\r${idsCL[LightCyan]}Configuring changes ... ${idsCL[Default]}"
NEWPROXYSITE_CREATE ${site} ${servernames} ${server} ${port} ${scheme} ${wbskt} ${hsts} ${explt} ${lock} ${ssl} >/dev/null 2>&1
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}"
echo
echo -en "\033[K\r${idsCL[LightCyan]}Continue or Exit (C/e): ${idsCL[Default]}"
read -n1 con
case "${con}" in
[Ee])
# echo -e "\n\033[K\n\033[K"
exit 0
;;
*)
editc=C
echo -e "\r\033[K\n\r\033[K\n\r\033[K"
echo -e "\033[17A"; for (( c=1; c<=17; c++ )); do echo -e "\r\033[K"; done; echo -e "\033[20A"
[ "${SEARCH}" != "0" ] && SITEINFO -edit -search ${SEARCH} || LISTCERTS -edit
exit 0
;;
esac
;;
esac
fi
done
else #no site
echo -e "\033[3A"; for (( c=1; c<=3; c++ )); do echo -e "\r\033[K"; done; echo -e "\033[4A"
fi
done
echo
fi
else
echo -e "\nNo site information found for this node"
fi
@@ -960,6 +781,188 @@ SITEINFO(){
}
EDITSITE(){
site=${SITELIST[${siteid}]}
sitefile=${gosite}/${site}.conf
siteconfig=$(cat ${sitefile})
if [ "$(echo "${siteconfig}" | grep \#ssl_certificate)" != "" ]; then
ssl='-'
SUBJECTNAMES=""
else
ssl='Yes'
certpath=$(echo "${siteconfig}" | grep ssl_certificate_key)
certpath=${certpath%/*}
certpath=${certpath#* }
SUBJECTNAMES=$(openssl x509 -in ${certpath}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV)
CERTEXPIRE=$(date -d "$(: | openssl x509 -in ${certpath}/cert.pem -text | grep 'Not After' |awk '{print $4,$5,$7}')" '+%s');
SUBJECTNAMES=${SUBJECTNAMES//$'\n'/, }
fi
if [ "$(echo "${siteconfig}" | grep include/proxy.conf)" != "" ]; then
type='Proxy'
server=$(echo "${siteconfig}" | grep 'set $server')
server=${server#*\"}; server=${server%\"*}
servernames=$(echo "${siteconfig}" | grep 'server_name')
servernames=${servernames//;/}
servernames=${servernames#* }
servernames=${servernames// /,}
scheme=$(echo "${siteconfig}" | grep 'set $forward_scheme')
scheme=${scheme##* }; scheme=${scheme%;*}
port=$(echo "${siteconfig}" | grep 'set $port')
port=${port##* }; port=${port%;*}
else
type='HTTP'
fi
[ "$(echo "${siteconfig}" | grep '\#include conf.d/include/hsts-support.conf')" != "" ] && hsts='-' || hsts='Yes'
[ "$(echo "${siteconfig}" | grep '\#include conf.d/include/websocket-support.conf')" != "" ] && wbskt='-' || wbskt='Yes'
[ "$(echo "${siteconfig}" | grep '\#include conf.d/include/block-exploits.conf')" != "" ] && explt='-' || explt='Yes'
if [ "$(echo "${siteconfig}" | grep '\#include conf.d/include/secure-access.conf')" == "" ]; then
sitefacline=$(echo "${autheliaconfig}" | grep -Fn ${site} | sort | tail -n1)
sitefacline=${sitefacline%%:*}
if [ "${sitefacline}" == "" ]; then
lock='error'
elif [ ${sitefacline} -lt ${onefacline} ]; then
lock='1FA'
elif [ ${sitefacline} -lt ${twofacline} ]; then
lock='2FA'
fi
else
lock='-'
fi
editc=0
until [ "${editc^}" = "C" ]; do
echo -e "\033[K${idsCL[White]}0) Site Address(es): ${idsCL[Cyan]}${idsST[Bold]}${servernames}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}1) Site Type: ${idsCL[Cyan]}${idsST[Bold]}${type}${idsST[Reset]}"
echo -en "\033[K${idsCL[White]}2) SSL Secure: ${idsCL[Cyan]}${idsST[Bold]}${ssl}${idsST[Reset]}"
[ "${SUBJECTNAMES}" != "" ] && echo -e " ${idsCL[Cyan]}[SSL Names: ${idsCL[Yellow]}${SUBJECTNAMES}${idsCL[Cyan]}; expires ${idsCL[Yellow]}$(date -d @${CERTEXPIRE} '+%m-%d-%Y')${idsCL[Cyan]}]" || echo
echo -e "\033[K${idsCL[White]}3) HSTS Enabled: ${idsCL[Cyan]}${idsST[Bold]}${hsts}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}4) Web Sockets: ${idsCL[Cyan]}${idsST[Bold]}${wbskt}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}5) Exploits Block: ${idsCL[Cyan]}${idsST[Bold]}${explt}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}6) Secured Access: ${idsCL[Cyan]}${idsST[Bold]}${lock}${idsST[Reset]}"
if [ "${type}" == "Proxy" ]; then
echo -e "\033[K${idsCL[White]}7) Proxy Address: ${idsCL[Cyan]}${idsST[Bold]}${server}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}8) Proxy Scheme: ${idsCL[Cyan]}${idsST[Bold]}${scheme}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}9) Proxy Port: ${idsCL[Cyan]}${idsST[Bold]}${port}${idsST[Reset]}"
else
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K"
fi
if [ "${editc}" != "s" ]; then
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K (${idsCL[Green]}S${idsCL[Default]})ave Site, (${idsCL[Red]}D${idsCL[Default]})elete Site, (${idsCL[Yellow]}C${idsCL[Default]})ancel, (${idsCL[Yellow]}E${idsCL[Default]})xit"
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[7A"
echo -en "\033[K\n\033[K\r${idsCL[LightCyan]}Enter the item number to edit: ${idsCL[Default]}"
read -n 1 editc
case "${editc}" in
0) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Server Names (comma seperated): "
read -i "${servernames}" -e servernames
servernames=${servernames//, /,}
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
1) [ "${type}" == "HTTP" ] && type='Proxy' || type='HTTP';;
2) [ "${ssl}" == "-" ] && ssl='Yes' || ssl='-';;
3) [ "${hsts}" == "-" ] && hsts='Yes' || hsts='-';;
4) [ "${wbskt}" == "-" ] && wbskt='Yes' || wbskt='-';;
5) [ "${explt}" == "-" ] && explt='Yes' || explt='-';;
6) if [ "${lock}" == "-" ]; then
lock='1FA'
elif [ "${lock}" == "1FA" ]; then
lock='2FA'
elif [ "${lock}" == "2FA" ]; then
lock='-'
fi
;;
7) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Proxy Address: "
read -i "${server}" -e server
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
8) [ "${scheme}" == "http" ] && scheme='https' || scheme='http';;
9) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Proxy Port: "
read -i "${port}" -e port
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
[Cc])
echo -e "\r\033[K\n\r\033[K\n\r\033[K"
echo -e "\033[16A"; for (( c=1; c<=16; c++ )); do echo -e "\r\033[K"; done; echo -e "\033[16A"
echo -e "\n\n\n\n\n\n\n\n"
;;
[Dd])
echo -e "\033[K\n\033[K"
echo -en "\033[K${idsCL[LightCyan]}Are you sure you wish to delete the site and associated SSL if applicable (y/N): ${idsCL[Default]}"
read -n 1 delconfirm
case "${delconfirm}" in
[Yy])
echo -en "\n\n${idsCL[LightCyan]}Removing site ... "
DELSITE -site ${site} -ssl yes >/dev/null 2>&1
echo -e "${idsCL[LightGreen]}Done\n${idsCL[Default]}"
[ "${SEARCH}" != "0" ] && SITEINFO -edit -search ${SEARCH} || SITEINFO -edit
exit 0
;;
*)
[ "${delconfirm}" != "" ] && echo
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
esac
;;
[Ee])
echo -e "\033[K"
exit 0
;;
*) ;;
esac
[ "${editc}" == "" ] && echo -e "\033[13A" || echo -e "\033[12A"
else
for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[6A"
echo -en "\n\033[K${idsCL[LightCyan]}Confirm changes (Y/n): ${idsCL[Default]}"
read -n 1 confirm
case "${confirm}" in
[Nn])
editc=C
echo -e "\r\033[K\n\r\033[K\n\r\033[K"
echo -e "\033[13A"; for (( c=1; c<=13; c++ )); do echo -e "\r\033[K"; done; echo -e "\033[17A"
;;
*)
[ "${confirm}" !="" ] && echo
echo -en "\033[1A\033[K\r${idsCL[LightCyan]}Configuring changes ... ${idsCL[Default]}"
NEWPROXYSITE_CREATE ${site} ${servernames} ${server} ${port} ${scheme} ${wbskt} ${hsts} ${explt} ${lock} ${ssl} >/dev/null 2>&1
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}"
echo
echo -en "\033[K\r${idsCL[LightCyan]}Continue or Exit (C/e): ${idsCL[Default]}"
read -n1 con
case "${con}" in
[Ee])
# echo -e "\n\033[K\n\033[K"
exit 0
;;
*)
editc=C
echo -e "\r\033[K\n\r\033[K\n\r\033[K"
echo -e "\033[17A"; for (( c=1; c<=17; c++ )); do echo -e "\r\033[K"; done; echo -e "\033[20A"
[ "${SEARCH}" != "0" ] && SITEINFO -edit -search ${SEARCH} || LISTCERTS -edit
exit 0
;;
esac
;;
esac
fi
done
}