voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

update

Browse Source
This commit is contained in:
David Schroeder
2023-11-23 20:28:11 -06:00
parent 80e136c657
commit c823593c62
4 changed files with 34 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
conf/defaults.local.example.inc
View File

@@ -8,17 +8,19 @@ NM_NODEMANAGER=192.168.1.5
# NM_VC_USER='administrator@vsphere.local' # NM_VC_USER='administrator@vsphere.local'
# NM_VC_PASS='supersecret' # NM_VC_PASS='supersecret'
# DEFINE DYNMAIC DNS LOGIN INFO FOR POWER-DNS SERVERS FOR UPDATING RECORDS # DEFINE DYNAMIC DNS LOGIN INFO FOR POWER-DNS SERVERS FOR UPDATING RECORDS
#----------------------------------------------------------------------------------------------------------------------------------------- #-----------------------------------------------------------------------------------------------------------------------------------------
# NM_DYNHOST="wdns.scity.us" # IF NOT DEFINED, USES SCITY DEFAULT PDNS SERVERS (wdns.scity.us) NM_PDNS_HOST="" # IF NOT DEFINED, USES SCITY DEFAULT PDNS SERVERS (wdns.scity.us)
NM_DYNUSER="" NM_PDNS_USER=""
NM_DYNPASS="" NM_PDNS_PASS=""
NM_WPDNS_KEY="" NM_PDNS_APIKEY=""
NM_DYNDNS_SITES['mainsite']='comma seperated list of DNS A records to update'
NM_DYNDNS_LOC['mainsite']='comma seperated list of DNS A records to update' NM_DYNDNS_SITES['offsite']='comma seperated list of DNS A records to update for other site'
NM_DYNDNS_LOC['offsite']='comma seperated list of DNS A records to update for other site'
# DEFINE PATHS FOR NEW CERTS AND NEW SITES (except proxy sites which default to nginx)
#-----------------------------------------------------------------------------------------------------------------------------------------
NM_CERTPATHS['LB']='/etc/letsencrypt'
NM_WWWPATHS['WEB']='/var/www'
# DEFIINE NODE TYPES OF THEIR ASSOCIATES HOSTS TO MONITOR (comma seperated) # DEFIINE NODE TYPES OF THEIR ASSOCIATES HOSTS TO MONITOR (comma seperated)
#----------------------------------------------------------------------------------------------------------------------------------------- #-----------------------------------------------------------------------------------------------------------------------------------------

8
defaults.inc
View File

@@ -1,5 +1,5 @@
#!/usr/bin/env bash #!/usr/bin/env bash
VERS='4.15.13-11232023' VERS='4.15.14-11232023'
noheader=' service status-check nightlyrephp7.3-fpm,new backup report check checkcerts gitea update-nodes copynpmcerts singleservercheck update-dyndns backup-offsitepfsense gui nightlyreview update log ' noheader=' service status-check nightlyrephp7.3-fpm,new backup report check checkcerts gitea update-nodes copynpmcerts singleservercheck update-dyndns backup-offsitepfsense gui nightlyreview update log '
CERT_DAEMON='/snap/bin/certbot' CERT_DAEMON='/snap/bin/certbot'
@@ -26,7 +26,7 @@ if [ -f ${NM_FOLDER}/conf/defaults.local.inc ]; then
declare -A NM_SINGLESRVR_IP declare -A NM_SINGLESRVR_IP
declare -A NM_CERTPATHS declare -A NM_CERTPATHS
declare -A NM_WWWPATHS declare -A NM_WWWPATHS
declare -A NM_DYNDNS_LOC declare -A NM_DYNDNS_SITES
source ${NM_FOLDER}/conf/defaults.local.inc source ${NM_FOLDER}/conf/defaults.local.inc
@@ -111,8 +111,8 @@ NM_LOGFILE=${NM_LOGFOLDER}/logfile
[ "${NM_RENOTIFY_TIMEOUT}" == "" ] && NM_RENOTIFY_TIMEOUT=3600 [ "${NM_RENOTIFY_TIMEOUT}" == "" ] && NM_RENOTIFY_TIMEOUT=3600
NM_WANDNS='wdns.scity.us' NM_PDNS_WANDNS='wdns.scity.us'
NM_LANDNS='ldns.scity.us' NM_PDNS_LANDNS='ldns.scity.us'
TSI=$(/sbin/ip link | grep tailscale0) && [ ${#TSI} != 0 ] && RUN_NODE_TSIP=$(/sbin/ip -o -4 addr list tailscale0 | awk '{print $4}' | cut -d/ -f1) || RUN_NODE_TSIP= TSI=$(/sbin/ip link | grep tailscale0) && [ ${#TSI} != 0 ] && RUN_NODE_TSIP=$(/sbin/ip -o -4 addr list tailscale0 | awk '{print $4}' | cut -d/ -f1) || RUN_NODE_TSIP=
[ "$(ip route | awk '/default/ { print $5 }')" == "link" ] && RNIP=$(ip addr show $(ip route | awk '/1 dev eth0/ { print $5 }') | grep "inet" | head -n 1 | awk '/inet/ {print $2}' | cut -d'/' -f1) || [ "$(ip route | awk '/default/ { print $5 }')" == "link" ] && RNIP=$(ip addr show $(ip route | awk '/1 dev eth0/ { print $5 }') | grep "inet" | head -n 1 | awk '/inet/ {print $2}' | cut -d'/' -f1) ||

4
inc/certs.inc
View File

@@ -625,7 +625,7 @@ VCENTER-SSL(){
[ "${NM_VC_ACMEFOLDER}" == "" ] && NM_VC_ACMEFOLDER="/root/.acme.sh" [ "${NM_VC_ACMEFOLDER}" == "" ] && NM_VC_ACMEFOLDER="/root/.acme.sh"
[ "${NM_VC_ACMESCRIPT}" == "" ] && NM_VC_ACMESCRIPT="acme.sh" [ "${NM_VC_ACMESCRIPT}" == "" ] && NM_VC_ACMESCRIPT="acme.sh"
if [ "${NM_VC_HOSTNAME}" != "" ] && [ "${NM_VC_USER}" != "" ] && [ "${NM_VC_PASS}" != "" ] && [ "${NM_WPDNS_KEY}" != "" ]; then if [ "${NM_VC_HOSTNAME}" != "" ] && [ "${NM_VC_USER}" != "" ] && [ "${NM_VC_PASS}" != "" ] && [ "${NM_PDNS_APIKEY}" != "" ]; then
VCSERVER="https://${NM_VC_HOSTNAME}" VCSERVER="https://${NM_VC_HOSTNAME}"
VC_CERT="${NM_VC_ACMEFOLDER}/${NM_VC_HOSTNAME}/${NM_VC_HOSTNAME}.cer" VC_CERT="${NM_VC_ACMEFOLDER}/${NM_VC_HOSTNAME}/${NM_VC_HOSTNAME}.cer"
@@ -652,7 +652,7 @@ VCENTER-SSL(){
echo '#!/usr/bin/env bash' >| /tmp/vcenter-update-ssl.sh echo '#!/usr/bin/env bash' >| /tmp/vcenter-update-ssl.sh
echo "export PDNS_Url='https://wdns.scity.us' echo "export PDNS_Url='https://wdns.scity.us'
export PDNS_Token='${NM_WPDNS_KEY}' export PDNS_Token='${NM_PDNS_APIKEY}'
# export PDNS_ServerId='localhost' # export PDNS_ServerId='localhost'
export PDNS_ServerId='scity.us' export PDNS_ServerId='scity.us'
export PDNS_Ttl=60 export PDNS_Ttl=60

30
nodemgmt-scripts.sh
View File

@@ -408,10 +408,11 @@ ADD_LOGROTATE_CRONTAB(){
} }
UPDATE_DYNDNS(){ UPDATE_DYNDNS(){
[ "${NM_DYNHOST}" != "" ] && PDNS_SERVER=${NM_DYNHOST} || PDNS_SERVER=${NM_WANDNS} [ "${NM_PDNS_HOST}" != "" ] && PDNS_SERVER=${NM_PDNS_HOST} || PDNS_SERVER=${NM_PDNS_WANDNS}
TESTMODE=0; FORCE=0; TESTMODE=0; FORCE=0;
while [ $# -gt 0 ]; do while [ $# -gt 0 ]; do
case "${1}" in case "${1}" in
-s|-site) FORCE=1;;
-f|-force) FORCE=1;; -f|-force) FORCE=1;;
-t|-test) TESTMODE=1;; -t|-test) TESTMODE=1;;
-h | -help | --help) -h | -help | --help)
@@ -419,6 +420,7 @@ UPDATE_DYNDNS(){
echo -e "Usage: ${idsCL[LightYellow]}[nodemgmt or nmg] update-dyndns ${idsCL[Yellow]}{location}${idsCL[Default]} {" echo -e "Usage: ${idsCL[LightYellow]}[nodemgmt or nmg] update-dyndns ${idsCL[Yellow]}{location}${idsCL[Default]} {"
width=35 width=35
printf "%-${width}s- %s\n" " {location}" "(site location name to update for)" printf "%-${width}s- %s\n" " {location}" "(site location name to update for)"
printf "%-${width}s- %s\n" " -s|-site" "(configured site to run for [NM_DYNDNS_SITES variable])"
printf "%-${width}s- %s\n" " -f|-force" "(will force a record update without IP changing)" printf "%-${width}s- %s\n" " -f|-force" "(will force a record update without IP changing)"
printf "%-${width}s- %s\n" " -t|-test" "(tests but does not update records)" printf "%-${width}s- %s\n" " -t|-test" "(tests but does not update records)"
echo "}" echo "}"
@@ -427,9 +429,9 @@ UPDATE_DYNDNS(){
esac esac
shift shift
done done
if [ "${NM_DYNDNS_LOC[${LOCATION,,}]}" != "" ]; then if [ "${NM_DYNDNS_SITES[${LOCATION,,}]}" != "" ]; then
arr DYNDNS_HOSTS arr DYNDNS_HOSTS
IFS=,; hosts=(${NM_DYNDNS_LOC[${LOCATION,,}]}); unset IFS IFS=,; hosts=(${NM_DYNDNS_SITES[${LOCATION,,}]}); unset IFS
for host in "${hosts[@]}"; do for host in "${hosts[@]}"; do
arr_insert DYNDNS_HOSTS ${host} arr_insert DYNDNS_HOSTS ${host}
done done
@@ -452,22 +454,24 @@ UPDATE_DYNDNS(){
SENDNOTICE "${LOCATION^^} WAN IP Changed" "Updated '${LOCATION^}' WAN IP from '${OLDIP}' to '${NEWIP}'" SENDNOTICE "${LOCATION^^} WAN IP Changed" "Updated '${LOCATION^}' WAN IP from '${OLDIP}' to '${NEWIP}'"
echo -en "${idsCL[Green]}'${idsCL[LightCyan]}${LOCATION^^}${idsCL[Green]}' WAN IP has changed, updating all pre-defined 'A' records ... " echo -en "${idsCL[Green]}'${idsCL[LightCyan]}${LOCATION^^}${idsCL[Green]}' WAN IP has changed, updating all pre-defined 'A' records ... "
fi fi
if [ "${NM_DYNUSER}" != "" ] && [ "${NM_DYNPASS}" != "" ]; then if [ "${NM_PDNS_USER}" != "" ] && [ "${NM_PDNS_PASS}" != "" ]; then
if [ "$(curl -m 3 -sL "https://${NM_DYNUSER}df:${NM_DYNPASS}@${PDNS_SERVER}/domain/${domain}" | grep "HTTP 403 Error")" == "" ]; then if [ "$(curl -m 3 -sL "https://${NM_PDNS_USER}df:${NM_PDNS_PASS}@${PDNS_SERVER}/domain/${domain}" | grep "HTTP 403 Error")" == "" ]; then
for host in ${DYNDNS_HOSTS[@]}; do for host in ${DYNDNS_HOSTS[@]}; do
/usr/bin/curl -s "https://${NM_DYNUSER}:${NM_DYNPASS}@${PDNS_SERVER}/nic/update?hostname=${host}&myip=${NEWIP}" > /dev/null 2>&1 /usr/bin/curl -s "https://${NM_PDNS_USER}:${NM_PDNS_PASS}@${PDNS_SERVER}/nic/update?hostname=${host}&myip=${NEWIP}" > /dev/null 2>&1
done done
[ "${LOCATION,,}" == "mainsite" ] && /usr/bin/curl -s "https://${NM_DYNUSER}:${NM_DYNPASS}@${NM_LANDNS}/nic/update?hostname=sc1.scity.us&myip=${NEWIP}" > /dev/null 2>&1 if [ "${NM_PDNS_USER}" == "systems" ]; then
[ "${LOCATION,,}" == "offsite" ] && /usr/bin/curl -s "https://${NM_DYNUSER}:${NM_DYNPASS}@${NM_LANDNS}/nic/update?hostname=wan.offsite.scity.us&myip=${NEWIP}" > /dev/null 2>&1 [ "${LOCATION,,}" == "mainsite" ] && /usr/bin/curl -s "https://${NM_PDNS_USER}:${NM_PDNS_PASS}@${NM_PDNS_LANDNS}/nic/update?hostname=sc1.scity.us&myip=${NEWIP}" > /dev/null 2>&1
[ "${LOCATION,,}" == "offsite" ] && /usr/bin/curl -s "https://${NM_PDNS_USER}:${NM_PDNS_PASS}@${NM_PDNS_LANDNS}/nic/update?hostname=wan.offsite.scity.us&myip=${NEWIP}" > /dev/null 2>&1
fi
echo -e "${idsCL[Green]}Done${idsCL[Default]}" echo -e "${idsCL[Green]}Done${idsCL[Default]}"
else else
echo -e "\n\n${idsCL[LightRed]}INVALID DYNDNS username and/or password (NM_DYNUSER=${NM_DYNUSER}) (NM_DYNPASS=${NM_DYNPASS})\n" echo -e "\n\n${idsCL[LightRed]}INVALID DYNDNS username and/or password (NM_PDNS_USER=${NM_PDNS_USER}) (NM_PDNS_PASS=${NM_PDNS_PASS})\n"
# SENDNOTICE "${LOCATION^^} DYNDNS ERROR" "INVALID DYNDNS username or password (NM_DYNUSER=${NM_DYNUSER}) (NM_DYNPASS=${NM_DYNPASS})" 1 # SENDNOTICE "${LOCATION^^} DYNDNS ERROR" "INVALID DYNDNS username or password (NM_PDNS_USER=${NM_PDNS_USER}) (NM_PDNS_PASS=${NM_PDNS_PASS})" 1
exit 1 exit 1
fi fi
else else
echo -e "\n\n${idsCL[LightYellow]}Missing DYNDNS username and/or password (NM_DYNUSER=${NM_DYNUSER}) (NM_DYNPASS=${NM_DYNPASS})\n" echo -e "\n\n${idsCL[LightYellow]}Missing DYNDNS username and/or password (NM_PDNS_USER=${NM_PDNS_USER}) (NM_PDNS_PASS=${NM_PDNS_PASS})\n"
# SENDNOTICE "${LOCATION^^} DYNDNS ERROR" "MISSING DYNDNS username or password (NM_DYNUSER=${NM_DYNUSER}) (NM_DYNPASS=${NM_DYNPASS})" 1 # SENDNOTICE "${LOCATION^^} DYNDNS ERROR" "MISSING DYNDNS username or password (NM_PDNS_USER=${NM_PDNS_USER}) (NM_PDNS_PASS=${NM_PDNS_PASS})" 1
exit 1 exit 1
fi fi
@@ -485,7 +489,7 @@ UPDATE_DYNDNS(){
fi fi
if [ ${TESTMODE} -eq 1 ]; then if [ ${TESTMODE} -eq 1 ]; then
echo -en "\nDYNDNS Credential Test: " echo -en "\nDYNDNS Credential Test: "
if [ "$(curl -m 3 -sL "https://${NM_DYNUSER}df:${NM_DYNPASS}@${PDNS_SERVER}/domain/${domain}" | grep "HTTP 403 Error")" == "" ]; then if [ "$(curl -m 3 -sL "https://${NM_PDNS_USER}df:${NM_PDNS_PASS}@${PDNS_SERVER}/domain/${domain}" | grep "HTTP 403 Error")" == "" ]; then
echo -e "${idsCL[Green]}Pass${idsCL[Default]}" echo -e "${idsCL[Green]}Pass${idsCL[Default]}"
else else
echo -e "${idsCL[LightRed]}Fail${idsCL[Default]}" echo -e "${idsCL[LightRed]}Fail${idsCL[Default]}"