voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

Update sites.inc

Browse Source
This commit is contained in:
David Schroeder
2023-11-12 12:53:07 -06:00
parent 25c5794edf
commit bc46c0420b
1 changed files with 38 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
inc/sites.inc
View File

@@ -496,6 +496,7 @@ NEWPROXYSITE_CREATE(){
else
[ "${MAIN_SITE}" != "${SITENAME}" ] && [ -f ${NM_NGINXPATH}/sites-enabled/${SITENAME}.conf ] && mv ${NM_NGINXPATH}/sites-enabled/${SITENAME}.conf ${nginxconfig}
if [ ! -f ${nginxconfig} ]; then
echo -en "${idsCL[LightCyan]}Configuring initial NGINX Site config ... ${idsCL[Default]}"
cp ${NM_FOLDER}/templates/nginx.proxy.site ${nginxconfig}
sed -i "s/<<SERVER_NAME>>/${NGINX_SERVERNAME//,/ }/g" ${nginxconfig}
sed -i "s/<<MAIN_SITE>>/${MAIN_SITE}/g" ${nginxconfig}
@@ -503,10 +504,12 @@ NEWPROXYSITE_CREATE(){
sed -i "s/<<PROXY_PORT>>/${PROXYPORT}/g" ${nginxconfig}
sed -i "s/<<PROXY_SCHEME>>/${PROXYSCHEME}/g" ${nginxconfig}
sed -i "s%<<NM_CERTPATH>>%${NM_CERTPATH}%g" ${nginxconfig}
echo -e "${idsCL[LightGreen]}CDone${idsCL[Default]}"
else
oldservernames=$(grep 'server_name' ${nginxconfig});oldservernames=${oldservernames//;/};oldservernames=${oldservernames#* };oldservernames=${oldservernames// /,}
if [ "${MAIN_SITE}" != "${SITENAME}" ]; then
echo -e "${idsCL[LightCyan]}Detected MAIN_SITE name change, making necesary adjustments ... ${idsCL[Default]}"
echo -en "\n${idsCL[LightCyan]}Removing old SSL Cert ... "
DEL-SSL ${SITENAME} >/dev/null 2>&1
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}\n"
@@ -522,25 +525,39 @@ NEWPROXYSITE_CREATE(){
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}\n"
fi
echo -en "\n${idsCL[LightCyan]}Configuring NGINX proxy for site ... "
sed -i "/set \$forward_scheme/d" ${nginxconfig}; sed -i "/server {/a\\\tset \$forward_scheme ${PROXYSCHEME};" ${nginxconfig}
sed -i "/set \$server/d" ${nginxconfig}; sed -i "/set \$forward_scheme/a\\\tset \$server \"${PROXYHOST}\";" ${nginxconfig}
sed -i "/set \$port/d" ${nginxconfig}; sed -i "/set \$server/a\\\tset \$port ${PROXYPORT};" ${nginxconfig}
sed -i "/server_name/,+1 d" ${nginxconfig}; sed -i "/set \$port/a\\\n\tserver_name ${NGINX_SERVERNAME//,/ };" ${nginxconfig}
sed -i "/server_name/,+1 d" ${nginxconfig}; sed -i "/set \$port/a\\\n\tserver_name ${NGINX_SERVERNAME//,/ };" ${nginxconfig}
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}\n"
fi
if [ "${SSL^^}" == "YES" ]; then
echo -en "${idsCL[LightCyan]}Enabling SSL ... "
sed -i "s/#ssl_certificate/ssl_certificate/g" ${nginxconfig}
sed -i "s/#listen 443/listen 443/g" ${nginxconfig}
sed -i "s/#include conf.d\/include\/ssl-ciphers.conf/include conf.d\/include\/ssl-ciphers.conf/g" ${nginxconfig}
sed -i "s/#include conf.d\/include\/force-ssl.conf/include conf.d\/include\/force-ssl.conf/g" ${nginxconfig}
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}"
echo
if [ ! -f ${NM_CERTPATH}/live/${MAIN_SITE}/cert.pem ]; then
echo -e "\n${idsCL[LightCyan]}No SSL cert detected, will generate one now ... "
NEWCERT ${NGINX_SERVERNAME}
echo
fi
else
echo -en "${idsCL[LightCyan]}Disabling SSL ... "
sed -i "s/ssl_certificate/#ssl_certificate/g" ${nginxconfig}
sed -i "s/listen 443/#listen 443/g" ${nginxconfig}
sed -i "s/include conf.d\/include\/ssl-ciphers.conf/#include conf.d\/include\/ssl-ciphers.conf/g" ${nginxconfig}
sed -i "s/include conf.d\/include\/force-ssl.conf/#include conf.d\/include\/force-ssl.conf/g" ${nginxconfig}
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}"
echo
fi
if [[ "${SECURE}" = *"FA"* ]]; then
echo -en "${idsCL[LightCyan]}Enabling ${SECURE} SSO access ... "
sed -i "s/#include conf.d\/include\/secure-access.conf/include conf.d\/include\/secure-access.conf/g" ${nginxconfig}
ssh root@${NM_AUTHELIA_IP} sed -i "/${SITENAME}/d" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml
if [ "${SECURE}" == "2FA" ]; then
@@ -550,29 +567,48 @@ NEWPROXYSITE_CREATE(){
fi
ssh root@${NM_AUTHELIA_IP} "sed -i \"s/~~~/ /g\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml"
ssh root@${NM_AUTHELIA_IP} "/usr/bin/docker restart authelia >/dev/null 2>&1"
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}"
echo
else
echo -en "${idsCL[LightCyan]}Disabling SSO access ... "
sed -i "s/include conf.d\/include\/secure-access.conf/#include conf.d\/include\/secure-access.conf/g" ${nginxconfig}
[ "${NM_AUTHELIA_IP}" != "" ] && ssh root@${NM_AUTHELIA_IP} sed -i "/${SITENAME}/d" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}"
echo
fi
if [ "${WEBSOCKET^^}" == "YES" ]; then
echo -en "${idsCL[LightCyan]}Enabling Websocket Support ... "
sed -i "s/#include conf.d\/include\/websocket-support.conf/include conf.d\/include\/websocket-support.conf/g" ${nginxconfig}
else
echo -en "${idsCL[LightCyan]}Disabling Websocket Support ... "
sed -i "s/include conf.d\/include\/websocket-support.conf/#include conf.d\/include\/websocket-support.conf/g" ${nginxconfig}
fi
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}"
echo
if [ "${HSTS^^}" == "YES" ]; then
echo -en "${idsCL[LightCyan]}Enabling HSTS Support ... "
sed -i "s/#include conf.d\/include\/hsts-support.conf/include conf.d\/include\/hsts-support.conf/g" ${nginxconfig}
else
echo -en "${idsCL[LightCyan]}Disabling HSTS Support ... "
sed -i "s/include conf.d\/include\/hsts-support.conf/#include conf.d\/include\/hsts-support.conf/g" ${nginxconfig}
fi
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}"
echo
if [ "${EXPLOITS^^}" == "YES" ]; then
echo -en "${idsCL[LightCyan]}Enabling Web Exploit Blocks ... "
sed -i "s/#include conf.d\/include\/block-exploits.conf/include conf.d\/include\/block-exploits.conf/g" ${nginxconfig}
else
echo -en "${idsCL[LightCyan]}Disabling Web Exploit Blocks ... "
sed -i "s/include conf.d\/include\/block-exploits.conf/#include conf.d\/include\/block-exploits.conf/g" ${nginxconfig}
fi
echo -e "${idsCL[LightGreen]}Done${idsCL[Default]}"
echo
sed -i "s/##include/#include/g" ${nginxconfig}
sed -i "s/##ssl_/#ssl_/g" ${nginxconfig}
echo -e "${idsCL[LightGreen]}Site Configuration Complete${idsCL[Default]}"
fi
}