Update nodemgmt-scripts.sh
This commit is contained in:
@@ -596,9 +596,9 @@ CERTRENEW(){
|
||||
echo -e "${idsCL[LightGreen]}Renewing Certificates...${idsCL[Default]}"
|
||||
echo
|
||||
sleep 5
|
||||
$CERT_DAEMON renew --webroot -w /var/www/html 2>&1 | tee ${FOLDER}/cert-renewal.lastrun
|
||||
# $CERT_DAEMON renew --force-renewal --webroot -w /var/www/html 2>&1 | tee ${FOLDER}/cert-renewal.lastrun
|
||||
# $CERT_DAEMON --dry-run renew --webroot -w /var/www/html 2>&1 | tee ${FOLDER}/cert-renewal.lastrun
|
||||
# $CERT_DAEMON --preferred-chain "ISRG Root X1" renew --webroot -w /var/www/html 2>&1 | tee ${FOLDER}/cert-renewal.lastrun
|
||||
$CERT_DAEMON renew --force-renewal --preferred-chain "ISRG Root X1" --webroot -w /var/www/html 2>&1 | tee ${FOLDER}/cert-renewal.lastrun
|
||||
# $CERT_DAEMON --dry-run --preferred-chain "ISRG Root X1" renew --webroot -w /var/www/html 2>&1 | tee ${FOLDER}/cert-renewal.lastrun
|
||||
chown -R root:letsencrypt /etc/letsencrypt 2>&1 | tee -a ${FOLDER}/cert-renewal.lastrun
|
||||
chmod -R 6775 /etc/letsencrypt 2>&1 | tee -a ${FOLDER}/cert-renewal.lastrun
|
||||
yes | cp -rfH ${FOLDER}/cert-renewal.lastrun /etc/letsencrypt/cert-renewal.lastrun
|
||||
@@ -1301,4 +1301,584 @@ SERVICES(){
|
||||
read -n 1 selsrvcopt
|
||||
selsrvcopt=`expr $selsrvcopt - 1`
|
||||
echo ""
|
||||
if [ -z ${NM_SRVCOPT[${selsrvcopt}]} ] && [ "${selsrvcopt}" != "Q" ] && [ "${selsrvcopt}" != "q" ] && [ "${sels\x72\x76\x63\x6F\x70\x74\x7D\x22\x20\x21\x3D\x20\x22\x42\x22\x20\x5D\x20\x26\x26\x20\x5B\x20\x22\x24\x7B\x73\x65\x6C\x73\x72\x76\x63\x6F\x70\x74\x7D\x22\x20\x21\x3D\x20\x22\x62\x22\x20\x5D\x3B\x20\x74\x68\x65\x6E\x0A\x09\x09\x09\x09\x65\x63\x68\x6F\x20\x22\x54\x68\x61\x74\x73\x20\x61\x6E\x20\x69\x6E\x76\x61\x69\x6C\x64\x20\x6F\x70\x74\x69\x6F\x6E\x2C\x22\x0A\x09\x09\x09\x09\x65\x63\x68\x6F\x20\x22\x70\x6C\x65\x61\x73\x65\x20\x73\x65\x6C\x65\x63\x74\x20\x61\x20\x76\x61\x6C\x69\x64\x20\x6F\x70\x74\x69\x6F\x6E\x20\x6F\x6E\x6C\x79\x2E\x22\x0A\x09\x09\x09\x09\x73\x6C\x65\x65\x70\x20\x31\x0A\x09\x09\x09\x09\x53\x45\x52\x56\x49\x43\x45\x53\x0A\x09\x09\x09\x09\x65\x78\x69\x74\x20\x30\x0A\x09\x09\x09\x65\x6C\x69\x66\x20\x5B\x20\x22\x24\x7B\x73\x65\x6C\x73\x72\x76\x63\x7D\x22\x20\x3D\x20\x22\x51\x22\x20\x5D\x20\x7C\x7C\x20\x5B\x20\x22\x24\x7B\x73\x65\x6C\x73\x72\x76\x63\x7D\x22\x20\x3D\x20\x22\x71\x22\x20\x5D\x3B\x20\x74\x68\x65\x6E\x0A\x09\x09\x09\x09\x65\x78\x69\x74\x20\x30\x0A\x09\x09\x09\x65\x6C\x69\x66\x20\x5B\x20\x22\x24\x7B\x73\x65\x6C\x73\x72\x76\x63\x7D\x22\x20\x3D\x20\x22\x42\x22\x20\x5D\x20\x7C\x7C\x20\x5B\x20\x22\x24\x7B\x73\x65\x6C\x73\x72\x76\x63\x7D\x22\x20\x3D\x20\x22\x62\x22\x20\x5D\x3B\x20\x74\x68\x65\x6E\x0A\x09\x09\x09\x09\x53\x45\x52\x56\x49\x43\x45\x53\x0A\x09\x09\x09\x09\x65\x78\x69\x74\x20\x30\x0A\x09\x09\x09\x65\x6C\x73\x65\x0A\x09\x09\x09\x09\x65\x63\x68\x6F\x0A\x09\x09\x09\x09\x53\x45\x52\x56\x49\x43\x45\x20\x24\x7B\x4E\x4F\x44\x45\x5F\x53\x45\x52\x56\x49\x43\x45\x53\x5B\x24\x7B\x73\x65\x6C\x73\x72\x76\x63\x7D\x5D\x7D\x20\x24\x7B\x4E\x4D\x5F\x53\x52\x56\x43\x4F\x50\x54\x5B\x24\x7B\x73\x65\x6C\x73\x72\x76\x63\x6F\x70\x74\x7D\x5D\x7D\x0A\x09\x09\x09\x09\x65\x63\x68\x6F\x20\x22\x22\x0A\x09\x09\x09\x09\x69\x66\x20\x5B\x20\x2D\x7A\x20\x24\x61\x63\x74\x69\x6F\x6E\x20\x5D\x20\x7C\x7C\x20\x5B\x20\x22\x24\x7B\x61\x63\x74\x69\x6F\x6E\x7D\x22\x20\x3D\x20\x22\x67\x75\x69\x22\x20\x5D\x3B\x20\x74\x68\x65\x6E\x0A\x09\x09\x09\x09\x09\x44\x49\x56\x49\x44\x45\x52\x0A\x09\x09\x09\x09\x09\x45\x4E\x54\x45\x52\x32\x43\x4F\x4E\x54\x49\x4E\x55\x45\x0A\x09\x09\x09\x09\x66\x69\x0A\x09\x09\x09\x09\x62\x72\x65\x61\x6B\x0A\x09\x09\x09\x66\x69\x0A\x09\x09\x66\x69\x0A\x09\x64\x6F\x6E\x65\x0A\x09\x0A\x7D\x0A\x0A\x53\x45\x52\x56\x49\x43\x45\x28\x29\x7B\x0A\x09\x4E\x4F\x44\x45\x5F\x54\x59\x50\x45\x3D\x27\x27\x0A\x09\x23\x76\x61\x72\x3D\x4E\x43\x5F\x48\x4F\x53\x54\x53\x5B\x40\x5D\x0A\x09\x66\x6F\x72\x20\x4E\x54\x59\x50\x45\x20\x69\x6E\x20\x22\x24\x7B\x4E\x4F\x44\x45\x5F\x54\x59\x50\x45\x53\x5B\x40\x5D\x7D\x22\x3B\x20\x64\x6F\x0A\x09\x09\x76\x61\x72\x3D\x24\x7B\x4E\x54\x59\x50\x45\x7D\x5F\x48\x4F\x53\x54\x53\x5B\x40\x5D\x0A\x09\x09\x66\x6F\x72\x20\x6E\x69\x70\x20\x69\x6E\x20\x22\x24\x7B\x21\x76\x61\x72\x7D\x22\x3B\x20\x64\x6F\x0A\x09\x09\x09\x49\x50\x3D\x24\x28\x2F\x73\x62\x69\x6E\x2F\x69\x70\x20\x2D\x6F\x20\x2D\x34\x20\x61\x64\x64\x72\x20\x6C\x69\x73\x74\x20\x65\x74\x68\x30\x20\x7C\x20\x61\x77\x6B\x20\x27\x7B\x70\x72\x69\x6E\x74\x20\x24\x34\x7D\x27\x20\x7C\x20\x63\x75\x74\x20\x2D\x64\x2F\x20\x2D\x66\x31\x29\x0A\x09\x09\x09\x69\x66\x20\x5B\x5B\x20\x24\x28\x2F\x73\x62\x69\x6E\x2F\x69\x70\x20\x2D\x6F\x20\x2D\x34\x20\x61\x64\x64\x72\x20\x6C\x69\x73\x74\x20\x65\x74\x68\x30\x20\x7C\x20\x61\x77\x6B\x20\x27\x7B\x70\x72\x69\x6E\x74\x20\x24\x34\x7D\x27\x20\x7C\x20\x63\x75\x74\x20\x2D\x64\x2F\x20\x2D\x66\x31\x29\x20\x3D\x3D\x20\x2A\x22\x24\x7B\x6E\x69\x70\x7D\x22\x2A\x20\x5D\x5D\x3B\x20\x74\x68\x65\x6E\x0A\x09\x09\x09\x09\x4E\x4F\x44\x45\x5F\x54\x59\x50\x45\x3D\x24\x7B\x4E\x54\x59\x50\x45\x7D\x3B\x0A\x09\x09\x09\x09\x62\x72\x65\x61\x6B\x20\x32\x0A\x09\x09\x09\x66\x69\x0A\x09\x09\x64\x6F\x6E\x65\x0A\x09\x64\x6F\x6E\x65\x0A\x09\x69\x66\x20\x5B\x20\x22\x24\x4E\x4F\x44\x45\x5F\x54\x59\x50\x45\x22\x20\x3D\x20\x22\x4E\x43\x22\x20\x5D\x3B\x20\x74\x68\x65\x6E\x0A\x09\x09\x4E\x54\x5F\x48\x4F\x53\x54\x53\x3D\x4E\x43\x5F\x48\x4F\x53\x54\x53\x5B\x40\x5D\x0A\x09\x09\x4E\x54\x5F\x48\x4F\x53\x54\x3D\x4E\x43\x5F\x48\x4F\x53\x54\x53\x5B\x30\x5D\x0A\x09\x09\x4E\x54\x53\x3D\x28\x27\x4E\x43\x27\x29\x3B\x20\x23\x4E\x54\x53\x3D\x24\x4E\x54\x53\x31\x5B\x40\x5D\x0A\x09\x6�
|
||||
if [ -z ${NM_SRVCOPT[${selsrvcopt}]} ] && [ "${selsrvcopt}" != "Q" ] && [ "${selsrvcopt}" != "q" ] && [ "${selsrvcopt}" != "B" ] && [ "${selsrvcopt}" != "b" ]; then
|
||||
echo "Thats an invaild option,"
|
||||
echo "please select a valid option only."
|
||||
sleep 1
|
||||
SERVICES
|
||||
exit 0
|
||||
elif [ "${selsrvc}" = "Q" ] || [ "${selsrvc}" = "q" ]; then
|
||||
exit 0
|
||||
elif [ "${selsrvc}" = "B" ] || [ "${selsrvc}" = "b" ]; then
|
||||
SERVICES
|
||||
exit 0
|
||||
else
|
||||
echo
|
||||
SERVICE ${NODE_SERVICES[${selsrvc}]} ${NM_SRVCOPT[${selsrvcopt}]}
|
||||
echo ""
|
||||
if [ -z $action ] || [ "${action}" = "gui" ]; then
|
||||
DIVIDER
|
||||
ENTER2CONTINUE
|
||||
fi
|
||||
break
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
}
|
||||
|
||||
SERVICE(){
|
||||
NODE_TYPE=''
|
||||
#var=NC_HOSTS[@]
|
||||
for NTYPE in "${NODE_TYPES[@]}"; do
|
||||
var=${NTYPE}_HOSTS[@]
|
||||
for nip in "${!var}"; do
|
||||
IP=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then
|
||||
NODE_TYPE=${NTYPE};
|
||||
break 2
|
||||
fi
|
||||
done
|
||||
done
|
||||
if [ "$NODE_TYPE" = "NC" ]; then
|
||||
NT_HOSTS=NC_HOSTS[@]
|
||||
NT_HOST=NC_HOSTS[0]
|
||||
NTS=('NC'); #NTS=$NTS1[@]
|
||||
elif [ "$NODE_TYPE" = "LB" ]; then
|
||||
NT_HOSTS=LB_HOSTS[@]
|
||||
NT_HOST=LB_HOSTS[0]
|
||||
NTS=('LB'); #NTS=$NTS1[@]
|
||||
elif [ "$NODE_TYPE" = "WEB" ]; then
|
||||
NT_HOSTS=WEB_HOSTS[@]
|
||||
NT_HOST=WEB_HOSTS[0]
|
||||
NTS=('WEB'); #NTS=$NTS1[@]
|
||||
elif [ "$NODE_TYPE" = "MYSQL" ]; then
|
||||
NT_HOSTS=MYSQL_HOSTS[@]
|
||||
NT_HOST=MYSQL_HOSTS[0]
|
||||
NTS=('MYSQL'); #NTS=$NTS1[@]
|
||||
elif [ "${1}" = "nginx" ]; then
|
||||
NT_HOSTS=WEB_HOSTS[@]
|
||||
NT_HOST=WEB_HOSTS[0]
|
||||
NTS=('WEB'); #NTS=NTS1[@]
|
||||
# NTS=$NODE_TYPES
|
||||
else
|
||||
NTS=(${NODE_TYPES[*]})
|
||||
fi
|
||||
|
||||
if [ "${3}" != "q" ]; then
|
||||
if [ "${NM_SERVICES[${1}]}" = "" ]; then
|
||||
echo -e "${idsCL[Red]}(${1}) is not an allowed service.${idsCL[Default]}"
|
||||
exit 1
|
||||
fi
|
||||
if [ "${NM_SRVCOPTS[${2}]}" = "" ]; then
|
||||
echo -e "${idsCL[Red]}(${2}) is not an allowed service action.${idsCL[Default]}"
|
||||
exit 1
|
||||
fi
|
||||
if [ "$2" = "start" ] && [ "$1" = "haproxy" ]; then
|
||||
TACT='restart'
|
||||
else
|
||||
TACT="${2}"
|
||||
fi
|
||||
|
||||
echo
|
||||
echo -e "${idsCL[LightGreen]}[[ ${NM_SERVICES[${1}]} ${NM_SRVCOPTS[${2}]}ing ]]${idsCL[Default]}"
|
||||
echo -e "${idsCL[LightGreen]}-------------------------------------------${idsCL[Default]}"
|
||||
fi
|
||||
|
||||
|
||||
if [ "${1}" = "nginx" ]; then
|
||||
if [ "${2}" = "restart" ] || [ "${2}" = "reload" ]; then
|
||||
if [ "${3}" != "ns" ]; then
|
||||
if [ "${3}" != "q" ]; then
|
||||
echo -en "${idsCL[LightYellow]}Verifying nginx config and ssl cert replication across the nodes... ${idsCL[Default]}"
|
||||
fi
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${!NT_HOST}"* ]]; then
|
||||
PH_CMD="ssh root@localhost"
|
||||
else
|
||||
PH_CMD="ssh root@${!NT_HOST}"
|
||||
fi
|
||||
${PH_CMD} "echo -e \"Service ${1} ${2}\" > /etc/nginx/test.repl"
|
||||
if [ "$NODE_TYPE" != "NC" ]; then
|
||||
${PH_CMD} "echo -e \"Service ${1} ${2}\" > /etc/letsencrypt/test.repl"
|
||||
fi
|
||||
for nip in "${!NT_HOSTS}"; do
|
||||
checkhost=$(CHECK_HOST ${nip})
|
||||
if [ "${checkhost}" != "false" ]; then
|
||||
if [ "${nip}" != "${!NT_HOST}" ]; then
|
||||
checked=false
|
||||
until [ "${checked}" = "" ]; do
|
||||
checked="`${PH_CMD} \"ssh root@${nip} 'if [ -f /etc/nginx/test.repl ]; then cat /etc/nginx/test.repl; fi' | diff - /etc/nginx/test.repl\"`"
|
||||
checked="`${PH_CMD} \"ssh root@${nip} 'if [ -f /etc/nginx/test.repl ]; then cat /etc/letsencrypt/test.repl; fi' | diff - /etc/letsencrypt/test.repl\"`"
|
||||
done
|
||||
fi
|
||||
fi
|
||||
done
|
||||
${PH_CMD} rm -f /etc/nginx/test.repl
|
||||
if [ "$NODE_TYPE" != "NC" ]; then
|
||||
${PH_CMD} rm -f /etc/letsencrypt/test.repl
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
if [ "${3}" != "q" ]; then
|
||||
echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
|
||||
echo
|
||||
fi
|
||||
|
||||
for NTYPE in "${NTS[@]}"; do
|
||||
var1=${NTYPE}SERVICES_CHECK
|
||||
if [[ "${!var1}" = *"${1}"* ]]; then
|
||||
nid=1
|
||||
var2=${NTYPE}_HOSTS[@]
|
||||
for nip in "${!var2}"; do
|
||||
# if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${3}"* ]]; then GO=true;
|
||||
# elif [ ! -z ${3+x} ] || [ "${3}" == "q" ]; then GO=true;
|
||||
# else GO=false;
|
||||
# fi
|
||||
# if [ "${GO}" == "true" ]; then
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then
|
||||
nip='localhost '
|
||||
NCMD=''
|
||||
else
|
||||
NCMD="ssh root@${nip}"
|
||||
fi
|
||||
|
||||
NOGOCHK=true;
|
||||
if [ "${1}" == "gitea" ]; then
|
||||
if [[ $($NCMD /sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) != *10.5.10.120* ]]; then
|
||||
NOGOCHK=false;
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "${NOGOCHK}" == "true" ]; then
|
||||
if [ "${3}" != "q" ]; then
|
||||
echo -en "${NM_SRVCOPTS[${2}]}ing on ${NM_NODETYPES[$NTYPE]}-Node${nid} ($nip)... ${idsCL[Default]}"
|
||||
fi
|
||||
checkhost=$(CHECK_HOST ${nip})
|
||||
if [ "${checkhost}" != "false" ]; then
|
||||
$NCMD systemctl $2 $1
|
||||
if [ "${3}" != "q" ]; then
|
||||
if [[ "enable,disable" = *"${2}"* ]] || [ "${1}" = "daemon-reload" ]; then
|
||||
echo -e "${idsCL[Green]}OK${idsCL[Default]}"
|
||||
elif [ "$(${NCMD} systemctl is-active ${1})" = "active" ]; then
|
||||
echo -e "${idsCL[Green]}OK${idsCL[Default]}"
|
||||
elif [ "$2" = "stop" ]; then
|
||||
echo -e "${idsCL[Red]}STOPPED${idsCL[Default]}"
|
||||
else
|
||||
echo -e "${idsCL[Red]}ERROR${idsCL[Default]}"
|
||||
fi
|
||||
fi
|
||||
elif [ "${3}" != "q" ]; then
|
||||
echo -e "${idsCL[Red]}Node is Down${idsCL[Default]}"
|
||||
fi
|
||||
fi
|
||||
# fi
|
||||
nid=`expr $nid + 1`
|
||||
# if [ "${1}" = "gitea" ]; then
|
||||
# break
|
||||
# fi
|
||||
done
|
||||
fi
|
||||
done
|
||||
|
||||
if [ "${3}" != "q" ]; then
|
||||
echo
|
||||
echo -e "${idsCL[Green]}${NM_SERVICES[${1}]} has been ${NM_SRVCOPTS[${2}]}ed${idsCL[Default]}"
|
||||
echo
|
||||
fi
|
||||
}
|
||||
|
||||
HAPROXY-CONFIG() {
|
||||
echo -e "${idsCL[Yellow]}Creating HAProxy Config Files${idsCL[Default]}"
|
||||
DIVIDER false yellow
|
||||
if [[ "${MYSQLSERVICES_CHECK}" = *"haproxy"* ]]; then
|
||||
nid=1
|
||||
for nip in "${MYSQL_HOSTS[@]}"; do
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then
|
||||
nip='localhost '
|
||||
NCMD=''
|
||||
else
|
||||
NCMD="ssh root@${nip}"
|
||||
fi
|
||||
echo -en "Creating File on MySQL-Node${nid} ($nip)... ${idsCL[Default]}"
|
||||
|
||||
${NCMD} "nodemgmt update q"
|
||||
${NCMD} "rm -f /etc/haproxy/haproxy.cfg"
|
||||
${NCMD} "sed -e 's;%NIP%;${nip};g' ${FOLDER}/templates/haproxy.config > /etc/haproxy/haproxy.cfg"
|
||||
|
||||
echo -e "${idsCL[Green]}COMPLETE${idsCL[Default]}"
|
||||
nid=`expr $nid + 1`
|
||||
done
|
||||
echo
|
||||
fi
|
||||
if [[ "${WEBSERVICES_CHECK}" = *"haproxy"* ]]; then
|
||||
nid=1
|
||||
for nip in "${WEB_HOSTS[@]}"; do
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then
|
||||
nip='localhost '
|
||||
NCMD=''
|
||||
else
|
||||
NCMD="ssh root@${nip}"
|
||||
fi
|
||||
echo -en "Creating File on Webserver-Node${nid} ($nip)... ${idsCL[Default]}"
|
||||
|
||||
${NCMD} "nodemgmt update q"
|
||||
${NCMD} "rm -f /etc/haproxy/haproxy.cfg"
|
||||
${NCMD} "sed -e 's;%NIP%;${nip};g' ${FOLDER}/templates/haproxy.config > /etc/haproxy/haproxy.cfg"
|
||||
|
||||
echo -e "${idsCL[Green]}COMPLETE${idsCL[Default]}"
|
||||
nid=`expr $nid + 1`
|
||||
done
|
||||
fi
|
||||
if [[ "${LBSERVICES_CHECK}" = *"haproxy"* ]]; then
|
||||
nid=1
|
||||
for nip in "${LB_HOSTS[@]}"; do
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then
|
||||
nip='localhost '
|
||||
NCMD=''
|
||||
else
|
||||
NCMD="ssh root@${nip}"
|
||||
fi
|
||||
echo -en "Creating File on LB-Node${nid} ($nip)... ${idsCL[Default]}"
|
||||
|
||||
${NCMD} "nodemgmt update q"
|
||||
${NCMD} "rm -f /etc/haproxy/haproxy.cfg"
|
||||
${NCMD} "sed -e 's;%NIP%;${nip};g' ${FOLDER}/templates/haproxy.config > /etc/haproxy/haproxy.cfg"
|
||||
|
||||
echo -e "${idsCL[Green]}COMPLETE${idsCL[Default]}"
|
||||
nid=`expr $nid + 1`
|
||||
done
|
||||
fi
|
||||
SERVICE haproxy reload
|
||||
echo ""
|
||||
echo -e "${idsCL[Green]}HAProxy Config Files have been created.${idsCL[Default]}"
|
||||
echo ""
|
||||
}
|
||||
|
||||
KEEPALIVE-CONFIG() {
|
||||
echo -e "${idsCL[Yellow]}Creating Keepalive Config Files${idsCL[Default]}"
|
||||
DIVIDER false yellow
|
||||
if [[ "${MYSQLSERVICES_CHECK}" = *"keepalive"* ]]; then
|
||||
nid=1
|
||||
for nip in "${MYSQL_HOSTS[@]}"; do
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then
|
||||
nip='localhost '
|
||||
NCMD=''
|
||||
else
|
||||
NCMD="ssh root@${nip}"
|
||||
fi
|
||||
echo -en "Creating File on MySQL-Node${nid} ($nip)... ${idsCL[Default]}"
|
||||
|
||||
${NCMD} "nodemgmt update q"
|
||||
${NCMD} "rm -f /etc/keepalived/keepalived.conf"
|
||||
${NCMD} "sed -e 's;%NIP%;${nip};g' ${FOLDER}/templates/keepalived.config > /etc/keepalived/keepalived.conf"
|
||||
|
||||
echo -e "${idsCL[Green]}COMPLETE${idsCL[Default]}"
|
||||
nid=`expr $nid + 1`
|
||||
done
|
||||
echo
|
||||
fi
|
||||
if [[ "${WEBSERVICES_CHECK}" = *"keepalive"* ]]; then
|
||||
nid=1
|
||||
for nip in "${WEB_HOSTS[@]}"; do
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then
|
||||
nip='localhost '
|
||||
NCMD=''
|
||||
else
|
||||
NCMD="ssh root@${nip}"
|
||||
fi
|
||||
echo -en "Creating File on Webserver-Node${nid} ($nip)... ${idsCL[Default]}"
|
||||
|
||||
${NCMD} "nodemgmt update q"
|
||||
${NCMD} "rm -f /etc/keepalived/keepalived.conf"
|
||||
${NCMD} "sed -e 's;%NIP%;${nip};g' ${FOLDER}/templates/keepalived.config > /etc/keepalived/keepalived.conf"
|
||||
|
||||
echo -e "${idsCL[Green]}COMPLETE${idsCL[Default]}"
|
||||
nid=`expr $nid + 1`
|
||||
done
|
||||
fi
|
||||
SERVICE keepalived reload
|
||||
echo ""
|
||||
echo -e "${idsCL[Green]}Keepalive Config Files have been created.${idsCL[Default]}"
|
||||
echo ""
|
||||
}
|
||||
|
||||
NODEUPDATE() {
|
||||
start=`date +%s`
|
||||
if [ "${1}" = "report" ]; then
|
||||
unset idsCL idsBG idsST
|
||||
idsCL=('')
|
||||
idsBG=('')
|
||||
idsST=('')
|
||||
fi
|
||||
declare -i cw; declare -i spc1; declare -i c
|
||||
echo -e "${idsCL[LightGreen]}Updating All Nodes${idsCL[Default]}"
|
||||
echo -e "${idsCL[LightGreen]}-------------------------------------------${idsCL[Default]}"
|
||||
nip=${MYSQLMANAGER}
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then
|
||||
nip='localhost'
|
||||
fi
|
||||
c=0; cw=14; spca=''
|
||||
spc1=${cw}-7
|
||||
until [ $c = ${spc1} ]; do spca="${spca} "; c=`expr $c + 1`; done
|
||||
c=0; cw=15; spcb=''
|
||||
spc1=${cw}-${#nip}
|
||||
until [ $c = ${spc1} ]; do spcb="${spcb} "; c=`expr $c + 1`; done
|
||||
echo -en "Updating MySQL-Manager${spca}($nip)${spcb}... ${idsCL[LightCyan]}NodeMGMT${idsCL[Default]} : "
|
||||
ssh root@${nip} "nodemgmt update q"
|
||||
echo -en "${idsCL[Green]}COMPLETE${idsCL[Default]} ... ${idsCL[LightCyan]}LinUPx${idsCL[Default]} : "
|
||||
ssh root@${nip} "runup runup"
|
||||
echo -e "${idsCL[Green]}COMPLETE${idsCL[Default]}"
|
||||
echo
|
||||
for NTYPE in "${NODE_TYPES[@]}"; do
|
||||
nid=1
|
||||
var=${NTYPE}_HOSTS[@]
|
||||
for nip in "${!var}"; do
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then
|
||||
nip='localhost '
|
||||
fi
|
||||
NCMD="ssh root@${nip}"
|
||||
c=0; cw=14; spca=''
|
||||
spc1=${cw}-${#NM_NODETYPES[$NTYPE]}
|
||||
until [ $c = ${spc1} ]; do spca="${spca} "; c=`expr $c + 1`; done
|
||||
c=0; cw=15; spcb=''
|
||||
spc1=${cw}-${#nip}
|
||||
until [ $c = ${spc1} ]; do spcb="${spcb} "; c=`expr $c + 1`; done
|
||||
echo -en "Updating ${NM_NODETYPES[$NTYPE]}-Node${nid}${spca}($nip)${spcb}... ${idsCL[LightCyan]}NodeMGMT${idsCL[Default]} : "
|
||||
${NCMD} "nodemgmt update q"
|
||||
echo -en "${idsCL[Green]}COMPLETE${idsCL[Default]} ... ${idsCL[LightCyan]}LinUPx${idsCL[Default]} : "
|
||||
${NCMD} "runup runup"
|
||||
echo -e "${idsCL[Green]}COMPLETE${idsCL[Default]}"
|
||||
nid=`expr $nid + 1`
|
||||
done
|
||||
echo
|
||||
done
|
||||
|
||||
|
||||
echo -e "${idsCL[Green]}All Nodes have been Updated.${idsCL[Default]}"
|
||||
echo
|
||||
echo
|
||||
end=`date +%s`
|
||||
runtime=$((end-start))
|
||||
echo "runtime: ${runtime}"
|
||||
}
|
||||
|
||||
VCENTER-SSL(){
|
||||
function status() {
|
||||
GREEN='\033[00;32m'
|
||||
RESTORE='\033[0m'
|
||||
echo -e "\n...${GREEN}$1${RESTORE}...\n"
|
||||
}
|
||||
|
||||
# Usage: input "Prompt Text" "Variable Name"
|
||||
function input() {
|
||||
GREEN='\033[00;32m'
|
||||
RESTORE='\033[0m'
|
||||
echo -en "\n...${GREEN}$1${RESTORE}: "
|
||||
read $2
|
||||
echo -e ""
|
||||
}
|
||||
|
||||
function pressanykey(){
|
||||
GREEN='\033[00;32m'
|
||||
RESTORE='\033[0m'
|
||||
echo -en "\n...${GREEN}$1. Press any key to continue.${RESTORE}..."
|
||||
read -r -p "" -n 1
|
||||
}
|
||||
|
||||
if [ ${ESXiHost+x} ] && [ ${ESXiUser+x} ]; then
|
||||
status "Checking for existing ssh keys for $ESXiHost"
|
||||
if [[ -e ~/.ssh/$ESXiHost'_rsa' ]]
|
||||
then
|
||||
status "Keys for $ESXiHost exist. Continuing"
|
||||
else
|
||||
status "Keys for $ESXiHost not found. Generating 4096 bit keys"
|
||||
ssh-keygen -b 4096 -t rsa -f ~/.ssh/$ESXiHost'_rsa' -q -N "" -C "$ESXiUser@$HOSTNAME LetsEncrypt"
|
||||
status "Adding new key to ssh-agent"
|
||||
eval `ssh-agent` && ssh-add ~/.ssh/$ESXiHost'_rsa'
|
||||
status "Configuring $ESXiHost for ssh access"
|
||||
pubkey=`cat ~/.ssh/$ESXiHost'_rsa.pub'`
|
||||
ssh $ESXiUser@$ESXiHost "mkdir -p /etc/ssh/keys-$ESXiUser &&
|
||||
echo $pubkey > /etc/ssh/keys-$ESXiUser/authorized_keys &&
|
||||
chmod 700 -R /etc/ssh/keys-$ESXiUser &&
|
||||
chmod 600 /etc/ssh/keys-$ESXiUser/authorized_keys &&
|
||||
chown -R $ESXiUser /etc/ssh/keys-$ESXiUser &&
|
||||
/etc/init.d/SSH restart"
|
||||
fi
|
||||
|
||||
# Copy letsencrypt cert to ESXi target
|
||||
status "Coping letsencrypt cert to $ESXiHost"
|
||||
sudo scp /etc/letsencrypt/live/$ESXiHost/* $ESXiUser@$ESXiHost:/root/
|
||||
|
||||
ssh $ESXiUser@$ESXiHost "/usr/lib/vmware-vmca/bin/certificate-manager"
|
||||
|
||||
else
|
||||
echo -e "${idsCL[Red]}Missing required variables.${idsCL[Default]}"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
ADD_LOGROTATE_CRONTAB(){
|
||||
if ! crontab -l | grep -q '/opt/idssys/nodemgmt/tmp-logrotate'; then
|
||||
(crontab -l ; echo "0 */1 * * * logrotate -f /opt/idssys/nodemgmt/tmp-logrotate")| crontab -
|
||||
fi
|
||||
/bin/chmod 0644 /opt/idssys/nodemgmt/tmp-logrotate
|
||||
echo ""
|
||||
echo -e "${idsCL[Green]}The crontab entry has been made${idsCL[Default]}"
|
||||
echo ""
|
||||
read -n 1 -s -p "Press any key to continue"
|
||||
}
|
||||
|
||||
RUN_COMMAND(){
|
||||
echo "${1} ${2} ${3} ${4} ${5} ${6} ${7} ${8} ${9} ${10} ${11} ${12} ${13} ${14}"
|
||||
for NTYPE in "${NODE_TYPES[@]}"; do
|
||||
echo -e "${idsST[Bold]}"; DIVIDER
|
||||
echo -e "${idsCL[Yellow]} ${NM_NODETYPES[$NTYPE]}-Node Run Command { ${1} }${idsCL[Default]}"
|
||||
DIVIDER; echo -e "${idsST[Reset]}"
|
||||
nid=1
|
||||
|
||||
var=${NTYPE}_HOSTS[@]
|
||||
for nip in "${!var}"; do
|
||||
if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''; LH='- localhost'
|
||||
else NCMD="ssh root@${nip}"; LH=''
|
||||
fi
|
||||
echo -e " ${idsST[Bold]}${idsCL[LightCyan]}${NM_NODETYPES[$NTYPE]}-Node${nid} (${nip})${idsST[Reset]}${idsCL[LightCyan]} ${idsCL[LightYello]}${LH}${idsCL[Default]}"
|
||||
DIVIDER false green
|
||||
${NCMD} ${1} ${2} ${3} ${4} ${5} ${6} ${7} ${8} ${9} ${10} ${11} ${12} ${13} ${14}
|
||||
echo
|
||||
nid=`expr $nid + 1`
|
||||
done
|
||||
echo
|
||||
done
|
||||
}
|
||||
|
||||
GUI(){
|
||||
DISP_HEADER true false
|
||||
while :
|
||||
do
|
||||
echo " [1] Node Status"
|
||||
echo " [2] Node Services"
|
||||
echo ""
|
||||
echo " [3] New Site"
|
||||
echo " [4] Delete Site"
|
||||
echo ""
|
||||
echo " [5] New Certificate"
|
||||
echo " [6] Renew Certificates"
|
||||
echo " [7] List Certificates"
|
||||
echo ""
|
||||
echo " [8] Set folder permissions on nodes"
|
||||
echo " [9] Backup Node Settings and Files"
|
||||
echo ""
|
||||
echo " [R] Add cron task to rotate wtmp & btmp log files"
|
||||
echo ""
|
||||
echo " [Q] Quit"
|
||||
echo ""
|
||||
echo ""
|
||||
echo -e -n "${idsCL[LightYellow]}Please select an [ActionItem] from above:${idsCL[Default]} "
|
||||
read -n 1 opt
|
||||
echo ""
|
||||
case $opt in
|
||||
1) STATUS; GUI;;
|
||||
2) SERVICES; GUI;;
|
||||
3) NEWSITE; GUI;;
|
||||
4) DELSITES; GUI;;
|
||||
5) NEWCERT; GUI;;
|
||||
6) CERTRENEW; GUI;;
|
||||
7) LISTCERTS; GUI;;
|
||||
8) SET-PERMISSIONS; GUI;;
|
||||
9) BACKUP; GUI;;
|
||||
[Rr]) ADD_LOGROTATE_CRONTAB; GUI;;
|
||||
[Qq]) EXIT1
|
||||
exit 0;;
|
||||
*) echo "Thats an invaild option,";
|
||||
echo "please select a valid option only.";
|
||||
sleep 1;;
|
||||
esac
|
||||
done
|
||||
}
|
||||
if [ ${action-x} ]; then
|
||||
if [[ "${noheader}" != *" ${action} "* ]] && [[ "${noheader}" != *" ${2} "* ]] && [ "${2}" != "q" ] && [ "${1}" != "gui" ] && [ "${1}" != "nightlyrenew" ]; then
|
||||
DISP_HEADER
|
||||
fi
|
||||
case $action in
|
||||
newcert) NEWCERT ${2};;
|
||||
certrenew) CERTRENEW;;
|
||||
delssl) DEL-SSL ${2};;
|
||||
listcerts) LISTCERTS;;
|
||||
checkcerts) CHECK-CERTS ${2};;
|
||||
nightlyrenew) NIGHTLYRENEW;;
|
||||
delsite) DELSITE ${2} ${3} ${4} ${5};;
|
||||
delsites) DELSITES;;
|
||||
newsite) NEWSITE ${2} ${3} ${4} ${5} ${6} ${7} ${8} ${9} ${10} ${11} ${12} ${13} ${14} ${15};;
|
||||
update) ;;
|
||||
update-nodes) NODEUPDATE ${2};;
|
||||
backup) BACKUP;;
|
||||
status)
|
||||
if [ "${2}" = "report" ]; then
|
||||
rm -f ${FOLDER}/status-check.lastrun
|
||||
STATUS report > ${FOLDER}/status-check.lastrun
|
||||
if [ "${3}" = "email" ] && [ "${STATUS_CHECK_EMAIL}" != "" ]; then
|
||||
STATUSLOG="$(cat ${FOLDER}/status-check.lastrun)"
|
||||
echo "Status Report\n\n${STATUSLOG}" | mail -s "Status Report" david@schroedercity.com
|
||||
echo "Status Report\n\n${STATUSLOG}" | mail -s "Status Report" 9208839613@mms.att.net
|
||||
fi
|
||||
else
|
||||
STATUS ${2}
|
||||
fi;;
|
||||
status-check) STATUS-CHECK ${2};;
|
||||
set-permissions) SET-PERMISSIONS ${2};;
|
||||
service)
|
||||
if [ "$2" = "gitea" ] && [ "$3" = "start" ]; then
|
||||
SET-PERMISSIONS gitea
|
||||
SERVICE gitea start
|
||||
elif [ "$2" = "gitea" ] && [ "$3" = "restart" ]; then
|
||||
SERVICE gitea stop
|
||||
SET-PERMISSIONS gitea
|
||||
SERVICE gitea start
|
||||
elif [ "$2" = "web" ]; then
|
||||
# if [ "$2" = "web" ]; then
|
||||
SERVICE nginx ${3}
|
||||
SERVICE php5.6-fpm ${3}
|
||||
SERVICE php7.2-fpm ${3}
|
||||
SERVICE php7.3-fpm ${3}
|
||||
SERVICE php7.4-fpm ${3}
|
||||
else
|
||||
SERVICE ${2} ${3} ${4}
|
||||
fi;;
|
||||
services) SERVICES;;
|
||||
haproxy-config) HAPROXY-CONFIG;;
|
||||
keepalive-config) KEEPALIVE-CONFIG;;
|
||||
vc-ssl) VCENTER-SSL;;
|
||||
run) RUN_COMMAND ${2} ${3} ${4} ${5} ${6} ${7} ${8} ${9} ${10} ${11} ${12} ${13} ${14} ${15};;
|
||||
gui) GUI;;
|
||||
*)
|
||||
echo -e "Usage: ${idsCL[LightCyan]}nodemgmt${idsCL[Default]} {"
|
||||
echo -e " ${idsCL[Yellow]}backup${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}certrenew${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}checkcerts${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}delsite${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}delsites${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}delssl${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}gui${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}haproxy-config${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}listcerts${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}newcert${idsCL[Default]} [domain(,s)]"
|
||||
echo -e " ${idsCL[Yellow]}newsite${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}nightlyrenew${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}run${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}service${idsCL[Default]} [service] [action]"
|
||||
echo -e " ${idsCL[Yellow]}services${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}set-permissions${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}status${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}status-check${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}update-nodes${idsCL[Default]}"
|
||||
echo -e " ${idsCL[Yellow]}vc-ssl${idsCL[Default]}"
|
||||
echo -e "}"
|
||||
echo ""
|
||||
echo ""
|
||||
exit 0;;
|
||||
esac
|
||||
else
|
||||
GUI
|
||||
fi
|
||||
|
||||
exit 0
|
||||
Reference in New Issue
Block a user