voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

Update sites.inc

Browse Source
This commit is contained in:
David Schroeder
2023-11-12 11:32:43 -06:00
parent 8332b9d91e
commit c805a5b88a
1 changed files with 133 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

265
inc/sites.inc
View File

@@ -681,151 +681,152 @@ SITEINFO(){
read siteid
echo
site=${SITELIST[${siteid}]}
sitefile=${gosite}/${site}.conf
if [ "$(grep \#ssl_certificate ${sitefile})" != "" ]; then
ssl='-'
SUBJECTNAMES=""
else
ssl='Yes'
certpath=$(grep ssl_certificate_key ${sitefile})
certpath=${certpath%/*}
certpath=${certpath#* }
SUBJECTNAMES=$(openssl x509 -in ${certpath}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV)
CERTEXPIRE=$(date -d "$(: | openssl x509 -in ${certpath}/cert.pem -text | grep 'Not After' |awk '{print $4,$5,$7}')" '+%s');
SUBJECTNAMES=${SUBJECTNAMES//$'\n'/, }
fi
if [ "${SITELIST[${siteid}]}" != "" ]; then
site=${SITELIST[${siteid}]}
sitefile=${gosite}/${site}.conf
if [ "$(grep \#ssl_certificate ${sitefile})" != "" ]; then
ssl='-'
SUBJECTNAMES=""
else
ssl='Yes'
certpath=$(grep ssl_certificate_key ${sitefile})
certpath=${certpath%/*}
certpath=${certpath#* }
SUBJECTNAMES=$(openssl x509 -in ${certpath}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV)
CERTEXPIRE=$(date -d "$(: | openssl x509 -in ${certpath}/cert.pem -text | grep 'Not After' |awk '{print $4,$5,$7}')" '+%s');
SUBJECTNAMES=${SUBJECTNAMES//$'\n'/, }
fi
if [ "$(grep include/proxy.conf ${sitefile})" != "" ]; then
type='Proxy'
server=$(grep 'set $server' ${sitefile})
server=${server#*\"}; server=${server%\"*}
if [ "$(grep include/proxy.conf ${sitefile})" != "" ]; then
type='Proxy'
server=$(grep 'set $server' ${sitefile})
server=${server#*\"}; server=${server%\"*}
servernames=$(grep 'server_name' ${sitefile})
servernames=${servernames//;/}
servernames=${servernames#* }
servernames=${servernames// /,}
servernames=$(grep 'server_name' ${sitefile})
servernames=${servernames//;/}
servernames=${servernames#* }
servernames=${servernames// /,}
scheme=$(grep 'set $forward_scheme' ${sitefile})
scheme=${scheme##* }; scheme=${scheme%;*}
port=$(grep 'set $port' ${sitefile})
port=${port##* }; port=${port%;*}
scheme=$(grep 'set $forward_scheme' ${sitefile})
scheme=${scheme##* }; scheme=${scheme%;*}
port=$(grep 'set $port' ${sitefile})
port=${port##* }; port=${port%;*}
else
type='HTTP'
fi
[ "$(grep '\#include conf.d/include/hsts-support.conf' ${sitefile})" != "" ] && hsts='-' || hsts='Yes'
[ "$(grep '\#include conf.d/include/websocket-support.conf' ${sitefile})" != "" ] && wbskt='-' || wbskt='Yes'
[ "$(grep '\#include conf.d/include/block-exploits.conf' ${sitefile})" != "" ] && explt='-' || explt='Yes'
# [ "$(grep '\#include conf.d/include/secure-access.conf' ${sitefile})" != "" ] && lock='-' || lock='Yes'
if [ "$(grep '\#include conf.d/include/secure-access.conf' ${sitefile})" == "" ]; then
sitefacline=$(ssh root@${NM_AUTHELIA_IP} grep -Fn ${site} /mnt/web-data/authelia/config/configuration.yml | sort | tail -n1)
sitefacline=${onefacline%%:*}
if [ "${sitefacline}" == "" ]; then
lock='error'
elif [ ${sitefacline} -lt ${onefacline} ]; then
lock='1FA'
elif [ ${sitefacline} -lt ${twofacline} ]; then
lock='2FA'
fi
else
lock='-'
fi
f=0; edit=0
until [ "${edit^}" = "C" ]; do
echo -e "\033[K${idsCL[White]}0) Site Address(es): ${idsCL[Cyan]}${idsST[Bold]}${servernames}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}1) Site Type: ${idsCL[Cyan]}${idsST[Bold]}${type}${idsST[Reset]}"
echo -en "\033[K${idsCL[White]}2) SSL Secure: ${idsCL[Cyan]}${idsST[Bold]}${ssl}${idsST[Reset]}"
[ "${SUBJECTNAMES}" != "" ] && echo -e " ${idsCL[Cyan]}[SSL Names: ${idsCL[Yellow]}${SUBJECTNAMES}${idsCL[Cyan]}; expires ${idsCL[Yellow]}$(date -d @${CERTEXPIRE} '+%m-%d-%Y')${idsCL[Cyan]}]" || echo
echo -e "\033[K${idsCL[White]}3) HSTS Enabled ${idsCL[Cyan]}${idsST[Bold]}${hsts}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}4) Web Sockets: ${idsCL[Cyan]}${idsST[Bold]}${wbskt}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}5) Exploits Block: ${idsCL[Cyan]}${idsST[Bold]}${explt}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}6) Secured Access: ${idsCL[Cyan]}${idsST[Bold]}${lock}${idsST[Reset]}"
if [ "${type}" == "Proxy" ]; then
echo -e "\033[K${idsCL[White]}7) Proxy Address: ${idsCL[Cyan]}${idsST[Bold]}${server}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}8) Proxy Scheme: ${idsCL[Cyan]}${idsST[Bold]}${scheme}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}9) Proxy Port: ${idsCL[Cyan]}${idsST[Bold]}${port}${idsST[Reset]}"
else
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K"
type='HTTP'
fi
if [ "${edit}" != "s" ]; then
# if [ $f -eq 0 ]; then
[ "$(grep '\#include conf.d/include/hsts-support.conf' ${sitefile})" != "" ] && hsts='-' || hsts='Yes'
[ "$(grep '\#include conf.d/include/websocket-support.conf' ${sitefile})" != "" ] && wbskt='-' || wbskt='Yes'
[ "$(grep '\#include conf.d/include/block-exploits.conf' ${sitefile})" != "" ] && explt='-' || explt='Yes'
# [ "$(grep '\#include conf.d/include/secure-access.conf' ${sitefile})" != "" ] && lock='-' || lock='Yes'
if [ "$(grep '\#include conf.d/include/secure-access.conf' ${sitefile})" == "" ]; then
sitefacline=$(ssh root@${NM_AUTHELIA_IP} grep -Fn ${site} /mnt/web-data/authelia/config/configuration.yml | sort | tail -n1)
sitefacline=${onefacline%%:*}
if [ "${sitefacline}" == "" ]; then
lock='error'
elif [ ${sitefacline} -lt ${onefacline} ]; then
lock='1FA'
elif [ ${sitefacline} -lt ${twofacline} ]; then
lock='2FA'
fi
else
lock='-'
fi
f=0; edit=0
until [ "${edit^}" = "C" ]; do
echo -e "\033[K${idsCL[White]}0) Site Address(es): ${idsCL[Cyan]}${idsST[Bold]}${servernames}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}1) Site Type: ${idsCL[Cyan]}${idsST[Bold]}${type}${idsST[Reset]}"
echo -en "\033[K${idsCL[White]}2) SSL Secure: ${idsCL[Cyan]}${idsST[Bold]}${ssl}${idsST[Reset]}"
[ "${SUBJECTNAMES}" != "" ] && echo -e " ${idsCL[Cyan]}[SSL Names: ${idsCL[Yellow]}${SUBJECTNAMES}${idsCL[Cyan]}; expires ${idsCL[Yellow]}$(date -d @${CERTEXPIRE} '+%m-%d-%Y')${idsCL[Cyan]}]" || echo
echo -e "\033[K${idsCL[White]}3) HSTS Enabled ${idsCL[Cyan]}${idsST[Bold]}${hsts}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}4) Web Sockets: ${idsCL[Cyan]}${idsST[Bold]}${wbskt}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}5) Exploits Block: ${idsCL[Cyan]}${idsST[Bold]}${explt}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}6) Secured Access: ${idsCL[Cyan]}${idsST[Bold]}${lock}${idsST[Reset]}"
if [ "${type}" == "Proxy" ]; then
echo -e "\033[K${idsCL[White]}7) Proxy Address: ${idsCL[Cyan]}${idsST[Bold]}${server}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}8) Proxy Scheme: ${idsCL[Cyan]}${idsST[Bold]}${scheme}${idsST[Reset]}"
echo -e "\033[K${idsCL[White]}9) Proxy Port: ${idsCL[Cyan]}${idsST[Bold]}${port}${idsST[Reset]}"
else
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K (${idsCL[Green]}s${idsCL[Default]})ave, (${idsCL[Red]}c${idsCL[Default]})ancel, (${idsCL[Green]}e${idsCL[Default]})xit"
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[7A"
# fi
fi
if [ "${edit}" != "s" ]; then
# if [ $f -eq 0 ]; then
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K (${idsCL[Green]}s${idsCL[Default]})ave, (${idsCL[Red]}c${idsCL[Default]})ancel, (${idsCL[Green]}e${idsCL[Default]})xit"
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[7A"
# fi
echo -en "\n\033[K${idsCL[LightCyan]}Enter the line number to edit: ${idsCL[Default]}"
read -n 1 edit
echo -en "\n\033[K${idsCL[LightCyan]}Enter the line number to edit: ${idsCL[Default]}"
read -n 1 edit
case "${edit}" in
0) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Server Names (comma seperated): "
read -i "${servernames}" -e servernames
servernames=${servernames//, /,}
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
1) [ "${type}" == "HTTP" ] && type='Proxy' || type='HTTP';;
2) [ "${ssl}" == "-" ] && ssl='Yes' || ssl='-';;
3) [ "${hsts}" == "-" ] && hsts='Yes' || hsts='-';;
4) [ "${wbskt}" == "-" ] && wbskt='Yes' || wbskt='-';;
5) [ "${explt}" == "-" ] && explt='Yes' || explt='-';;
6) if [ "${lock}" == "-" ]; then
lock='1FA'
elif [ "${lock}" == "1FA" ]; then
lock='2FA'
elif [ "${lock}" == "2FA" ]; then
lock='-'
fi
;;
7) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Proxy Address: "
read -i "${server}" -e server
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
8) [ "${scheme}" == "http" ] && scheme='https' || scheme='http';;
9) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Proxy Port: "
read -i "${port}" -e port
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
case "${edit}" in
0) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Server Names (comma seperated): "
read -i "${servernames}" -e servernames
servernames=${servernames//, /,}
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
1) [ "${type}" == "HTTP" ] && type='Proxy' || type='HTTP';;
2) [ "${ssl}" == "-" ] && ssl='Yes' || ssl='-';;
3) [ "${hsts}" == "-" ] && hsts='Yes' || hsts='-';;
4) [ "${wbskt}" == "-" ] && wbskt='Yes' || wbskt='-';;
5) [ "${explt}" == "-" ] && explt='Yes' || explt='-';;
6) if [ "${lock}" == "-" ]; then
lock='1FA'
elif [ "${lock}" == "1FA" ]; then
lock='2FA'
elif [ "${lock}" == "2FA" ]; then
lock='-'
fi
;;
7) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Proxy Address: "
read -i "${server}" -e server
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
8) [ "${scheme}" == "http" ] && scheme='https' || scheme='http';;
9) echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Proxy Port: "
read -i "${port}" -e port
echo -e "\033[5A"; for (( c=1; c<=5; c++ )); do echo -e "\033[K"; done; echo -e "\033[5A"
;;
[Ee])
echo -e "\n\033[K\n\033[K"
exit 0
;;
[Cc])
echo -e "\033[K\n\033[K"
echo -e "\033[8A"; for (( c=1; c<=8; c++ )); do echo -e "\033[K"; done; echo -e "\033[8A"
;;
*) ;;
esac
[ "${edit}" == "" ] && echo -e "\033[13A" || echo -e "\033[12A"
else
echo -en "\n\033[K${idsCL[LightCyan]}Confirm changes (Y/n): ${idsCL[Default]}"
read -n 1 confirm
case "${confirm}" in
[Nn])
edit=''
echo -e "\033[12A"
;;
*)
echo -e "\n\033[K\n\033[K"
NEWPROXYSITE_CREATE ${site} ${servernames} ${server} ${port} ${scheme} ${wbskt} ${hsts} ${explt} ${lock} ${ssl}
break 3
;;
esac
[Ee])
echo -e "\n\033[K\n\033[K"
exit 0
;;
[Cc])
echo -e "\r\033[K\n\r\033[K"
echo -e "\033[7A"; for (( c=1; c<=7; c++ )); do echo -e "\r\033[K"; done; echo -e "\033[7A"
;;
*) ;;
esac
[ "${edit}" == "" ] && echo -e "\033[13A" || echo -e "\033[12A"
else
echo -en "\n\033[K${idsCL[LightCyan]}Confirm changes (Y/n): ${idsCL[Default]}"
read -n 1 confirm
case "${confirm}" in
[Nn])
edit=''
echo -e "\033[12A"
;;
*)
echo -e "\n\033[K\n\033[K"
NEWPROXYSITE_CREATE ${site} ${servernames} ${server} ${port} ${scheme} ${wbskt} ${hsts} ${explt} ${lock} ${ssl}
break 3
;;
esac
fi
f=1
done
fi
f=1
done
fi
done
echo