update
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
#!/usr/bin/env bash
|
||||
# VERS='4.12.120-11102023'
|
||||
VERS='4.12.120-KYLEUPGRADE'
|
||||
VERS='4.12.122-KYLEUPGRADEv2'
|
||||
|
||||
noheader=' service status-check nightlyrephp7.3-fpm,new backup report check checkcerts gitea update-nodes copynpmcerts singleservercheck update-dyndns backup-offsitepfsense gui nightlyreview update '
|
||||
CERT_DAEMON='/snap/bin/certbot'
|
||||
|
||||
@@ -19,7 +19,7 @@ DELSITE(){
|
||||
shift
|
||||
done
|
||||
if [ -z ${DEL_SITE+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}Delete what site address: ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}Delete what site address: ${idsCL[Default]}"
|
||||
read DEL_SITE
|
||||
echo
|
||||
fi
|
||||
@@ -28,7 +28,7 @@ DELSITE(){
|
||||
elif [[ $DEL_SSL =~ ^[Yy]$ ]]; then
|
||||
DEL_SSL=yes
|
||||
elif [ -z ${DEL_SSL+x} ]; then
|
||||
echo -e -n "${idsCL[LightRed]}Do you also want to delete the certs for '${DEL_SITE}' as well? [y/N]${idsCL[Default]} "
|
||||
echo -en "${idsCL[LightRed]}Do you also want to delete the certs for '${DEL_SITE}' as well? [y/N]${idsCL[Default]} "
|
||||
read DEL_SSL
|
||||
if [[ $DEL_SSL =~ ^[Nn]$ ]]; then
|
||||
DEL_SSL=no
|
||||
@@ -131,7 +131,7 @@ DELSITES(){
|
||||
fi
|
||||
echo " [Q] Quit"
|
||||
echo
|
||||
echo -e -n "${idsCL[LightYellow]}Please select a site from above from above:${idsCL[Default]} "
|
||||
echo -en "${idsCL[LightYellow]}Please select a site from above from above:${idsCL[Default]} "
|
||||
read selsite
|
||||
echo
|
||||
if [ -z ${SITES[$selsite]} ] && [ "${selsite}" != "Q" ] && [ "${selsite}" != "q" ] && [ "${selsite}" != "B" ] && [ "${selsite}" != "b" ]; then
|
||||
@@ -147,11 +147,11 @@ DELSITES(){
|
||||
else
|
||||
while :
|
||||
do
|
||||
echo -e -n "${idsCL[LightRed]}Are you sure you want to delete '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}'? [y/N]${idsCL[Default]} "
|
||||
echo -en "${idsCL[LightRed]}Are you sure you want to delete '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}'? [y/N]${idsCL[Default]} "
|
||||
read response
|
||||
echo
|
||||
if [[ $response =~ ^[Yy]$ ]]; then
|
||||
echo -e -n "${idsCL[LightRed]}Do you also want to delete the certs for '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}', if they exist? [y/N]${idsCL[Default]} "
|
||||
echo -en "${idsCL[LightRed]}Do you also want to delete the certs for '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}', if they exist? [y/N]${idsCL[Default]} "
|
||||
read sslresponse
|
||||
DELSITE -site ${SITES[${selsite}]} -ssl ${sslresponse}
|
||||
echo
|
||||
@@ -233,50 +233,56 @@ NEWSITE(){
|
||||
#if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
|
||||
#if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
|
||||
if [ -z ${NEW_SITE+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}New site domain name (comma seperated for multiple) : ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}New site domain name (comma seperated for multiple): ${idsCL[Default]}"
|
||||
read NEW_SITE
|
||||
showdivide=yes
|
||||
echo
|
||||
fi
|
||||
|
||||
if [ -z ${CREATE_SSL+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}"
|
||||
read CREATE_SSL
|
||||
showdivide=yes
|
||||
if [[ $CREATE_SSL =~ ^[Yy]$ ]] || [ "${CREATE_SSL}" = "" ]; then
|
||||
CREATE_SSL=yes
|
||||
# echo -e -n "${idsCL[LightCyan]}Add additonal domain names to the SSL cert (comma seperated)? : ${idsCL[Default]}"
|
||||
# echo -en "${idsCL[LightCyan]}Add additonal domain names to the SSL cert (comma seperated)? : ${idsCL[Default]}"
|
||||
# read ssladd
|
||||
else
|
||||
CREATE_SSL=no
|
||||
fi
|
||||
echo
|
||||
fi
|
||||
|
||||
if [ -z ${SITE_TYPE+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}Site type (local/{proxy}): ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}Site type (local/{proxy}): ${idsCL[Default]}"
|
||||
read SITE_TYPE
|
||||
showdivide=yes
|
||||
if [ "${SITE_TYPE}" = "" ]; then
|
||||
SITE_TYPE=proxy
|
||||
fi
|
||||
echo
|
||||
fi
|
||||
if [ "${SITE_TYPE}" = "proxy" ]; then
|
||||
if [ -z ${PROXYHOST+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}What is the proxy backend address (IP or FQDN): ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}What is the proxy backend address (IP or FQDN): ${idsCL[Default]}"
|
||||
read PROXYHOST
|
||||
showdivide=yes
|
||||
echo
|
||||
fi
|
||||
if [ -z ${PROXYPORT+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}What is the proxy backend port (tcp port): ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}What is the proxy backend port (tcp port): ${idsCL[Default]}"
|
||||
read PROXYPORT
|
||||
showdivide=yes
|
||||
echo
|
||||
fi
|
||||
if [ -z ${PROXYSCHEME+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}What is the proxy backend scheme (http/https): ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}What is the proxy backend scheme (http/https): ${idsCL[Default]}"
|
||||
read PROXYSCHEME
|
||||
showdivide=yes
|
||||
echo
|
||||
fi
|
||||
if [ -z ${WEBSOCKET+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}Enable Websocket Support (y/N): ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}Enable Websocket Support (y/N): ${idsCL[Default]}"
|
||||
read WEBSOCKET
|
||||
showdivide=yes
|
||||
if [[ ${WEBSOCKET} =~ ^[Nn]$ ]] || [ "${WEBSOCKET}" = "" ]; then
|
||||
@@ -286,15 +292,17 @@ NEWSITE(){
|
||||
else
|
||||
WEBSOCKET=no
|
||||
fi
|
||||
echo
|
||||
fi
|
||||
if [ -z ${HSTS+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}Enable HSTS Support (Y/n): ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}Enable HSTS Support (Y/n): ${idsCL[Default]}"
|
||||
read HSTS
|
||||
showdivide=yes
|
||||
[[ ${HSTS} =~ ^[Yy]$ ]] || [ "${HSTS}" = "" ] &&HSTS=yes || HSTS=no
|
||||
echo
|
||||
fi
|
||||
if [ -z ${EXPLOITS+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}Block exploits (y/N): ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}Block exploits (y/N): ${idsCL[Default]}"
|
||||
read EXPLOITS
|
||||
showdivide=yes
|
||||
if [[ ${EXPLOITS} =~ ^[Nn]$ ]] || [ "${EXPLOITS}" = "" ]; then
|
||||
@@ -304,19 +312,21 @@ NEWSITE(){
|
||||
else
|
||||
EXPLOITS=no
|
||||
fi
|
||||
echo
|
||||
fi
|
||||
if [ -z ${SECURE+x} ]; then
|
||||
echo -e -n "${idsCL[LightCyan]}Secure site with Authelia SSO (y/N): ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}Secure site with Authelia SSO (y/N): ${idsCL[Default]}"
|
||||
read SECURE
|
||||
showdivide=yes
|
||||
if [[ ${SECURE} =~ ^[Nn]$ ]] || [ "${SECURE}" = "" ]; then
|
||||
SECURE=no
|
||||
elif [[ ${SECURE} =~ ^[Yy]$ ]]; then
|
||||
SECURE=yes
|
||||
|
||||
if [[ ${SECURE} =~ ^[Yy]$ ]]; then
|
||||
echo -en "${idsCL[LightCyan]}Would you like a side of MFA with that SSO (Y/n): ${idsCL[Default]}"
|
||||
read MFA
|
||||
showdivide=yes
|
||||
[[ ${MFA} =~ ^[Yy]$ ]] && SECURE=2FA || SECURE=1FA
|
||||
else
|
||||
SECURE=no
|
||||
fi
|
||||
echo
|
||||
fi
|
||||
fi
|
||||
[ "${showdivide}" == "yes" ] && DIVIDER
|
||||
@@ -334,7 +344,7 @@ NEWSITE(){
|
||||
printf "%-${width}s: %s\n" "Block Exploits" "${EXPLOITS}"
|
||||
printf "%-${width}s: %s\n" "Secure Access" "${SECURE}"
|
||||
fi
|
||||
echo -e -n "${idsCL[LightRed]}Is this information correct? [Y/n]${idsCL[Default]} "
|
||||
echo -en "${idsCL[LightRed]}Is this information correct? [Y/n]${idsCL[Default]} "
|
||||
read -n 1 response
|
||||
echo
|
||||
if [[ $response =~ ^[Yy]$ ]] || [ "${response}" = "" ]; then
|
||||
@@ -361,18 +371,22 @@ NEWSITE(){
|
||||
[ "${WEBSOCKET}" == "yes" ] && WEBSOCKET="include conf.d\/include\/websocket-support.conf;" || WEBSOCKET=""
|
||||
[ "${HSTS}" == "yes" ] && HSTS="include conf.d\/include\/hsts-support.conf;" || HSTS=""
|
||||
[ "${EXPLOITS}" == "yes" ] && EXPLOITS="include conf.d\/include\/block-exploits.conf;" || EXPLOITS=""
|
||||
if [ "${SECURE}" == "yes" ] && [ "${NM_DOCKER_COMPOSE_LOC['authelia']}" != "" ]; then
|
||||
if [[ "${SECURE}" = *"FA"* ]] && [ "${NM_DOCKER_COMPOSE_LOC['authelia']}" != "" ]; then
|
||||
echo -e "${idsCL[LightGreen]}Configuring Authelia SSO for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}"
|
||||
SECURE="include conf.d\/include\/secure-access.conf;"
|
||||
for NTYPE in "${NM_NODE_TYPES[@]}"; do
|
||||
if [[ "${NM_DOCKERS_CHECK[${NTYPE}]}" == *"authelia"* ]]; then
|
||||
NM_AUTHELIA_IP=${NM_SINGLESRVR_IP[${NTYPE}]}
|
||||
break
|
||||
fi
|
||||
done
|
||||
ssh root@${NM_AUTHELIA_IP} "sed -ie \"/domain: # Proxies only requiring username and password/a ~~~ - \\\"${MAIN_SITE}\\\"\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml"
|
||||
done
|
||||
if [ "${SECURE}" == "2FA" ]; then
|
||||
ssh root@${NM_AUTHELIA_IP} "sed -ie \"/domain: # Proxies needing 2 factor below/a ~~~ - \\\"${MAIN_SITE}\\\"\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml"
|
||||
else
|
||||
ssh root@${NM_AUTHELIA_IP} "sed -ie \"/domain: # Proxies only requiring username and password/a ~~~ - \\\"${MAIN_SITE}\\\"\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml"
|
||||
fi
|
||||
ssh root@${NM_AUTHELIA_IP} "sed -i \"s/~~~/ /g\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml"
|
||||
|
||||
ssh root@${NM_AUTHELIA_IP} "/usr/bin/docker restart authelia"
|
||||
ssh root@${NM_AUTHELIA_IP} "/usr/bin/docker restart authelia >/dev/null 2>&1"
|
||||
|
||||
else
|
||||
SECURE=""
|
||||
@@ -478,7 +492,7 @@ NEWSITE(){
|
||||
echo
|
||||
echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}"
|
||||
echo
|
||||
echo -e -n "${idsCL[LightCyan]}Restart NGINX on all Nodes (Y/n): ${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}Restart NGINX on all Nodes (Y/n): ${idsCL[Default]}"
|
||||
read -n 1 NGINXRELOAD
|
||||
if [[ ${NGINXRELOAD} =~ ^[Nn]$ ]]; then
|
||||
tmp=''
|
||||
|
||||
Reference in New Issue
Block a user