voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

update

Browse Source
This commit is contained in:
David Schroeder
2023-11-11 00:16:37 -06:00
parent 2c07fed019
commit db759b3cd4
2 changed files with 43 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
defaults.inc
View File

@@ -1,6 +1,6 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# VERS='4.12.120-11102023' # VERS='4.12.120-11102023'
VERS='4.12.120-KYLEUPGRADE' VERS='4.12.122-KYLEUPGRADEv2'
noheader=' service status-check nightlyrephp7.3-fpm,new backup report check checkcerts gitea update-nodes copynpmcerts singleservercheck update-dyndns backup-offsitepfsense gui nightlyreview update ' noheader=' service status-check nightlyrephp7.3-fpm,new backup report check checkcerts gitea update-nodes copynpmcerts singleservercheck update-dyndns backup-offsitepfsense gui nightlyreview update '
CERT_DAEMON='/snap/bin/certbot' CERT_DAEMON='/snap/bin/certbot'

70
inc/sites.inc
View File

@@ -19,7 +19,7 @@ DELSITE(){
shift shift
done done
if [ -z ${DEL_SITE+x} ]; then if [ -z ${DEL_SITE+x} ]; then
echo -e -n "${idsCL[LightCyan]}Delete what site address: ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}Delete what site address: ${idsCL[Default]}"
read DEL_SITE read DEL_SITE
echo echo
fi fi
@@ -28,7 +28,7 @@ DELSITE(){
elif [[ $DEL_SSL =~ ^[Yy]$ ]]; then elif [[ $DEL_SSL =~ ^[Yy]$ ]]; then
DEL_SSL=yes DEL_SSL=yes
elif [ -z ${DEL_SSL+x} ]; then elif [ -z ${DEL_SSL+x} ]; then
echo -e -n "${idsCL[LightRed]}Do you also want to delete the certs for '${DEL_SITE}' as well? [y/N]${idsCL[Default]} " echo -en "${idsCL[LightRed]}Do you also want to delete the certs for '${DEL_SITE}' as well? [y/N]${idsCL[Default]} "
read DEL_SSL read DEL_SSL
if [[ $DEL_SSL =~ ^[Nn]$ ]]; then if [[ $DEL_SSL =~ ^[Nn]$ ]]; then
DEL_SSL=no DEL_SSL=no
@@ -131,7 +131,7 @@ DELSITES(){
fi fi
echo " [Q] Quit" echo " [Q] Quit"
echo echo
echo -e -n "${idsCL[LightYellow]}Please select a site from above from above:${idsCL[Default]} " echo -en "${idsCL[LightYellow]}Please select a site from above from above:${idsCL[Default]} "
read selsite read selsite
echo echo
if [ -z ${SITES[$selsite]} ] && [ "${selsite}" != "Q" ] && [ "${selsite}" != "q" ] && [ "${selsite}" != "B" ] && [ "${selsite}" != "b" ]; then if [ -z ${SITES[$selsite]} ] && [ "${selsite}" != "Q" ] && [ "${selsite}" != "q" ] && [ "${selsite}" != "B" ] && [ "${selsite}" != "b" ]; then
@@ -147,11 +147,11 @@ DELSITES(){
else else
while : while :
do do
echo -e -n "${idsCL[LightRed]}Are you sure you want to delete '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}'? [y/N]${idsCL[Default]} " echo -en "${idsCL[LightRed]}Are you sure you want to delete '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}'? [y/N]${idsCL[Default]} "
read response read response
echo echo
if [[ $response =~ ^[Yy]$ ]]; then if [[ $response =~ ^[Yy]$ ]]; then
echo -e -n "${idsCL[LightRed]}Do you also want to delete the certs for '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}', if they exist? [y/N]${idsCL[Default]} " echo -en "${idsCL[LightRed]}Do you also want to delete the certs for '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}', if they exist? [y/N]${idsCL[Default]} "
read sslresponse read sslresponse
DELSITE -site ${SITES[${selsite}]} -ssl ${sslresponse} DELSITE -site ${SITES[${selsite}]} -ssl ${sslresponse}
echo echo
@@ -233,50 +233,56 @@ NEWSITE(){
#if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi #if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
#if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi #if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
if [ -z ${NEW_SITE+x} ]; then if [ -z ${NEW_SITE+x} ]; then
echo -e -n "${idsCL[LightCyan]}New site domain name (comma seperated for multiple) : ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}New site domain name (comma seperated for multiple): ${idsCL[Default]}"
read NEW_SITE read NEW_SITE
showdivide=yes showdivide=yes
echo
fi fi
if [ -z ${CREATE_SSL+x} ]; then if [ -z ${CREATE_SSL+x} ]; then
echo -e -n "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}"
read CREATE_SSL read CREATE_SSL
showdivide=yes showdivide=yes
if [[ $CREATE_SSL =~ ^[Yy]$ ]] || [ "${CREATE_SSL}" = "" ]; then if [[ $CREATE_SSL =~ ^[Yy]$ ]] || [ "${CREATE_SSL}" = "" ]; then
CREATE_SSL=yes CREATE_SSL=yes
# echo -e -n "${idsCL[LightCyan]}Add additonal domain names to the SSL cert (comma seperated)? : ${idsCL[Default]}" # echo -en "${idsCL[LightCyan]}Add additonal domain names to the SSL cert (comma seperated)? : ${idsCL[Default]}"
# read ssladd # read ssladd
else else
CREATE_SSL=no CREATE_SSL=no
fi fi
echo
fi fi
if [ -z ${SITE_TYPE+x} ]; then if [ -z ${SITE_TYPE+x} ]; then
echo -e -n "${idsCL[LightCyan]}Site type (local/{proxy}): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}Site type (local/{proxy}): ${idsCL[Default]}"
read SITE_TYPE read SITE_TYPE
showdivide=yes showdivide=yes
if [ "${SITE_TYPE}" = "" ]; then if [ "${SITE_TYPE}" = "" ]; then
SITE_TYPE=proxy SITE_TYPE=proxy
fi fi
echo
fi fi
if [ "${SITE_TYPE}" = "proxy" ]; then if [ "${SITE_TYPE}" = "proxy" ]; then
if [ -z ${PROXYHOST+x} ]; then if [ -z ${PROXYHOST+x} ]; then
echo -e -n "${idsCL[LightCyan]}What is the proxy backend address (IP or FQDN): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}What is the proxy backend address (IP or FQDN): ${idsCL[Default]}"
read PROXYHOST read PROXYHOST
showdivide=yes showdivide=yes
echo
fi fi
if [ -z ${PROXYPORT+x} ]; then if [ -z ${PROXYPORT+x} ]; then
echo -e -n "${idsCL[LightCyan]}What is the proxy backend port (tcp port): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}What is the proxy backend port (tcp port): ${idsCL[Default]}"
read PROXYPORT read PROXYPORT
showdivide=yes showdivide=yes
echo
fi fi
if [ -z ${PROXYSCHEME+x} ]; then if [ -z ${PROXYSCHEME+x} ]; then
echo -e -n "${idsCL[LightCyan]}What is the proxy backend scheme (http/https): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}What is the proxy backend scheme (http/https): ${idsCL[Default]}"
read PROXYSCHEME read PROXYSCHEME
showdivide=yes showdivide=yes
echo
fi fi
if [ -z ${WEBSOCKET+x} ]; then if [ -z ${WEBSOCKET+x} ]; then
echo -e -n "${idsCL[LightCyan]}Enable Websocket Support (y/N): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}Enable Websocket Support (y/N): ${idsCL[Default]}"
read WEBSOCKET read WEBSOCKET
showdivide=yes showdivide=yes
if [[ ${WEBSOCKET} =~ ^[Nn]$ ]] || [ "${WEBSOCKET}" = "" ]; then if [[ ${WEBSOCKET} =~ ^[Nn]$ ]] || [ "${WEBSOCKET}" = "" ]; then
@@ -286,15 +292,17 @@ NEWSITE(){
else else
WEBSOCKET=no WEBSOCKET=no
fi fi
echo
fi fi
if [ -z ${HSTS+x} ]; then if [ -z ${HSTS+x} ]; then
echo -e -n "${idsCL[LightCyan]}Enable HSTS Support (Y/n): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}Enable HSTS Support (Y/n): ${idsCL[Default]}"
read HSTS read HSTS
showdivide=yes showdivide=yes
[[ ${HSTS} =~ ^[Yy]$ ]] || [ "${HSTS}" = "" ] &&HSTS=yes || HSTS=no [[ ${HSTS} =~ ^[Yy]$ ]] || [ "${HSTS}" = "" ] &&HSTS=yes || HSTS=no
echo
fi fi
if [ -z ${EXPLOITS+x} ]; then if [ -z ${EXPLOITS+x} ]; then
echo -e -n "${idsCL[LightCyan]}Block exploits (y/N): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}Block exploits (y/N): ${idsCL[Default]}"
read EXPLOITS read EXPLOITS
showdivide=yes showdivide=yes
if [[ ${EXPLOITS} =~ ^[Nn]$ ]] || [ "${EXPLOITS}" = "" ]; then if [[ ${EXPLOITS} =~ ^[Nn]$ ]] || [ "${EXPLOITS}" = "" ]; then
@@ -304,19 +312,21 @@ NEWSITE(){
else else
EXPLOITS=no EXPLOITS=no
fi fi
echo
fi fi
if [ -z ${SECURE+x} ]; then if [ -z ${SECURE+x} ]; then
echo -e -n "${idsCL[LightCyan]}Secure site with Authelia SSO (y/N): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}Secure site with Authelia SSO (y/N): ${idsCL[Default]}"
read SECURE read SECURE
showdivide=yes showdivide=yes
if [[ ${SECURE} =~ ^[Nn]$ ]] || [ "${SECURE}" = "" ]; then if [[ ${SECURE} =~ ^[Yy]$ ]]; then
SECURE=no echo -en "${idsCL[LightCyan]}Would you like a side of MFA with that SSO (Y/n): ${idsCL[Default]}"
elif [[ ${SECURE} =~ ^[Yy]$ ]]; then read MFA
SECURE=yes showdivide=yes
[[ ${MFA} =~ ^[Yy]$ ]] && SECURE=2FA || SECURE=1FA
else else
SECURE=no SECURE=no
fi fi
echo
fi fi
fi fi
[ "${showdivide}" == "yes" ] && DIVIDER [ "${showdivide}" == "yes" ] && DIVIDER
@@ -334,7 +344,7 @@ NEWSITE(){
printf "%-${width}s: %s\n" "Block Exploits" "${EXPLOITS}" printf "%-${width}s: %s\n" "Block Exploits" "${EXPLOITS}"
printf "%-${width}s: %s\n" "Secure Access" "${SECURE}" printf "%-${width}s: %s\n" "Secure Access" "${SECURE}"
fi fi
echo -e -n "${idsCL[LightRed]}Is this information correct? [Y/n]${idsCL[Default]} " echo -en "${idsCL[LightRed]}Is this information correct? [Y/n]${idsCL[Default]} "
read -n 1 response read -n 1 response
echo echo
if [[ $response =~ ^[Yy]$ ]] || [ "${response}" = "" ]; then if [[ $response =~ ^[Yy]$ ]] || [ "${response}" = "" ]; then
@@ -361,18 +371,22 @@ NEWSITE(){
[ "${WEBSOCKET}" == "yes" ] && WEBSOCKET="include conf.d\/include\/websocket-support.conf;" || WEBSOCKET="" [ "${WEBSOCKET}" == "yes" ] && WEBSOCKET="include conf.d\/include\/websocket-support.conf;" || WEBSOCKET=""
[ "${HSTS}" == "yes" ] && HSTS="include conf.d\/include\/hsts-support.conf;" || HSTS="" [ "${HSTS}" == "yes" ] && HSTS="include conf.d\/include\/hsts-support.conf;" || HSTS=""
[ "${EXPLOITS}" == "yes" ] && EXPLOITS="include conf.d\/include\/block-exploits.conf;" || EXPLOITS="" [ "${EXPLOITS}" == "yes" ] && EXPLOITS="include conf.d\/include\/block-exploits.conf;" || EXPLOITS=""
if [ "${SECURE}" == "yes" ] && [ "${NM_DOCKER_COMPOSE_LOC['authelia']}" != "" ]; then if [[ "${SECURE}" = *"FA"* ]] && [ "${NM_DOCKER_COMPOSE_LOC['authelia']}" != "" ]; then
echo -e "${idsCL[LightGreen]}Configuring Authelia SSO for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}"
SECURE="include conf.d\/include\/secure-access.conf;" SECURE="include conf.d\/include\/secure-access.conf;"
for NTYPE in "${NM_NODE_TYPES[@]}"; do for NTYPE in "${NM_NODE_TYPES[@]}"; do
if [[ "${NM_DOCKERS_CHECK[${NTYPE}]}" == *"authelia"* ]]; then if [[ "${NM_DOCKERS_CHECK[${NTYPE}]}" == *"authelia"* ]]; then
NM_AUTHELIA_IP=${NM_SINGLESRVR_IP[${NTYPE}]} NM_AUTHELIA_IP=${NM_SINGLESRVR_IP[${NTYPE}]}
break break
fi fi
done done
ssh root@${NM_AUTHELIA_IP} "sed -ie \"/domain: # Proxies only requiring username and password/a ~~~ - \\\"${MAIN_SITE}\\\"\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml" if [ "${SECURE}" == "2FA" ]; then
ssh root@${NM_AUTHELIA_IP} "sed -ie \"/domain: # Proxies needing 2 factor below/a ~~~ - \\\"${MAIN_SITE}\\\"\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml"
else
ssh root@${NM_AUTHELIA_IP} "sed -ie \"/domain: # Proxies only requiring username and password/a ~~~ - \\\"${MAIN_SITE}\\\"\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml"
fi
ssh root@${NM_AUTHELIA_IP} "sed -i \"s/~~~/ /g\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml" ssh root@${NM_AUTHELIA_IP} "sed -i \"s/~~~/ /g\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml"
ssh root@${NM_AUTHELIA_IP} "/usr/bin/docker restart authelia >/dev/null 2>&1"
ssh root@${NM_AUTHELIA_IP} "/usr/bin/docker restart authelia"
else else
SECURE="" SECURE=""
@@ -478,7 +492,7 @@ NEWSITE(){
echo echo
echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}" echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}"
echo echo
echo -e -n "${idsCL[LightCyan]}Restart NGINX on all Nodes (Y/n): ${idsCL[Default]}" echo -en "${idsCL[LightCyan]}Restart NGINX on all Nodes (Y/n): ${idsCL[Default]}"
read -n 1 NGINXRELOAD read -n 1 NGINXRELOAD
if [[ ${NGINXRELOAD} =~ ^[Nn]$ ]]; then if [[ ${NGINXRELOAD} =~ ^[Nn]$ ]]; then
tmp='' tmp=''