#!/usr/bin/env bash DELSITE(){ while [ $# -gt 0 ]; do case "$1" in -site) DEL_SITE=${2};; -ssl) DEL_SSL=${2};; -list) DELSITES; exit 0;; -*) echo "Invalid option: '${1}' requires an argument" 1>&2 echo echo -e "Usage: ${idsCL[Yellow]}nodemgmt delsite${idsCL[Default]} {" width=33 printf "%-${width}s- %s\n" " -site {FQDN address}" "(*required)" printf "%-${width}s- %s\n" " -ssl {yes or [no]}" "Delete SSL certs as well" printf "%-${width}s- %s\n" " -list" "List sites (same as running nodemgmt delsites)" echo "}" exit 1;; esac shift done if [ -z ${DEL_SITE+x} ]; then echo -e -n "${idsCL[LightCyan]}Delete what site address: ${idsCL[Default]}" read DEL_SITE echo fi if [[ $DEL_SSL =~ ^[Nn]$ ]]; then DEL_SSL=no elif [[ $DEL_SSL =~ ^[Yy]$ ]]; then DEL_SSL=yes elif [ -z ${DEL_SSL+x} ]; then echo -e -n "${idsCL[LightRed]}Do you also want to delete the certs for '${DEL_SITE}' as well? [y/N]${idsCL[Default]} " read DEL_SSL if [[ $DEL_SSL =~ ^[Nn]$ ]]; then DEL_SSL=no elif [[ $DEL_SSL =~ ^[Yy]$ ]]; then DEL_SSL=yes fi fi if [ ! -z ${DEL_SITE+x} ] && [ "${DEL_SITE}" != "" ]; then echo -e "${idsCL[LightRed]}Deleting site '${idsCL[Red]}${DEL_SITE^^}${idsCL[LightRed]}'...${idsCL[Default]}" echo echo -e "${idsCL[LightRed]}[[Removing Files and Folders]]${idsCL[Default]}" echo -e "${idsCL[LightRed]}-------------------------------------------${idsCL[Default]}" echo echo -en "${idsCL[LightCyan]}Removing NGINX files ... ${idsCL[Default]}" rm -f ${NM_NGINXPATH}/sites-enabled/${DEL_SITE}* >/dev/null 2>&1 echo -e "${idsCL[Green]}Done${idsCL[Default]}" echo if [ "${DEL_SSL}" == "yes" ]; then DEL-SSL ${DEL_SITE} echo fi ssh root@${NM_SINGLESRVR_IP['WEB']} sed -i "/${DEL_SITE}/d" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml # echo -en "${idsCL[LightCyan]}Reloading NGINX ... ${idsCL[Default]}" SERVICE nginx reload # echo -e "${idsCL[Green]}Done${idsCL[Default]}" # nid=1 # for nip in "${WEB_HOSTS[@]}"; do # if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then # nip='localhost ' # NCMD='' # else # NCMD="ssh root@${nip}" # fi # echo -en "Removing from Webserver-Node${nid} ($nip)... ${idsCL[Default]}" # if [ "${NCMD}" != "" ]; then # checkhost=$(CHECK_HOST ${nip}) # fi # if [ "${checkhost}" != "false" ]; then # #if [ -f ${NM_NGINXPATH}/sites-available/${DEL_SITE} ]; then # ${NCMD} rm -f ${NM_NGINXPATH}/sites-available/${DEL_SITE}* # ${NCMD} rm -f ${NM_NGINXPATH}/sites-enabled/${DEL_SITE}* # #fi # #if [ -d /var/www/${DEL_SITE} ]; then # ${NCMD} rm -rf /var/www/${DEL_SITE} # #fi # if [ "${DEL_SSL}" = "yes" ]; then # ${NCMD} rm -rf ${NM_CERTPATH}/archive/${DEL_SITE} # ${NCMD} rm -rf ${NM_CERTPATH}/live/${DEL_SITE} # ${NCMD} rm -f ${NM_CERTPATH}/renewal/${DEL_SITE}.conf # fi # echo -e "${idsCL[Green]}OK${idsCL[Default]}" # else # echo -e "${idsCL[Red]}Node is down${idsCL[Default]}" # fi # nid=`expr $nid + 1` # done # echo # SERVICE nginx reload ns echo -e "${idsCL[LightRed]}Site has been deleted.${idsCL[Default]}" else echo "Missing arguments" echo echo -e "Usage: ${idsCL[Yellow]}nodemgmt delsite${idsCL[Default]} {" width=33 printf "%-${width}s- %s\n" " -site {FQDN address}" "Site to delete" printf "%-${width}s- %s\n" " -ssl {yes or [no]}" "Delete SSL certs as well" printf "%-${width}s- %s\n" " -list" "List sites (same as running nodemgmt delsites)" echo "}" exit 1 fi } DELSITES(){ echo echo -e "${idsCL[Red]}Select a site to delete...${idsCL[Default]}" DIVIDER true sid=1 # filels="( $(ssh root@${LB_HOSTS[0]} ls ${NM_NGINXPATH}/sites-enabled/*) )" filels="( $(ls ${NM_NGINXPATH}/sites-enabled/*) )" # IFS='\n' for siteconf in $filels; do # for siteconf in "${NM_NGINXPATH}/sites-enabled/*" ; do # [ -e "$siteconf" ] || continue if [ ${siteconf:0:1} == '/' ]; then IFS='/'; site_conf=(${siteconf}); unset IFS [ "${site_conf[3]}" == "sites-enabled" ] && SITES[${sid}]=${site_conf[4]/.conf/} || [ "${site_conf[4]}" == "sites-enabled" ] && SITES[${sid}]=${site_conf[5]/.conf/} sid=`expr $sid + 1` fi done for s in "${!SITES[@]}"; do echo -e " [${idsCL[Yellow]}${s}${idsCL[Default]}] ${SITES[${s}]}" done echo if [ -z $action ] || [ "${action}" = "gui" ]; then echo " [B] Back" fi echo " [Q] Quit" echo echo -e -n "${idsCL[LightYellow]}Please select a site from above from above:${idsCL[Default]} " read selsite echo if [ -z ${SITES[$selsite]} ] && [ "${selsite}" != "Q" ] && [ "${selsite}" != "q" ] && [ "${selsite}" != "B" ] && [ "${selsite}" != "b" ]; then echo "Thats an invaild option," echo "please select a valid option only." sleep 1 DELSITES exit 0 elif [ "${selsite}" = "Q" ] || [ "${selsite}" = "q" ]; then exit 0 elif [ "${selsite}" = "B" ] || [ "${selsite}" = "b" ]; then GUI else while : do echo -e -n "${idsCL[LightRed]}Are you sure you want to delete '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}'? [y/N]${idsCL[Default]} " read response echo if [[ $response =~ ^[Yy]$ ]]; then echo -e -n "${idsCL[LightRed]}Do you also want to delete the certs for '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}', if they exist? [y/N]${idsCL[Default]} " read sslresponse DELSITE -site ${SITES[${selsite}]} -ssl ${sslresponse} echo DIVIDER ENTER2CONTINUE break else break fi done DELSITES exit 0 fi if [ -z $action ] || [ "${action}" = "gui" ]; then ENTER2CONTINUE fi } LISTSITES(){ echo echo -e "${idsCL[Red]}NGINX Site Config...${idsCL[Default]}" DIVIDER true # filels="( $(ssh root@${LB_HOSTS[0]} ls ${NM_NGINXPATH}/sites-enabled/*) )" filels="( $(ls ${NM_NGINXPATH}/sites-enabled/*) )" for siteconf in $filels; do if [ ${siteconf:0:1} == '/' ]; then IFS='/'; site_conf=(${siteconf}); unset IFS [ "${site_conf[3]}" == "sites-enabled" ] && SITENAME=${site_conf[4]/.conf/} || [ "${site_conf[4]}" == "sites-enabled" ] && SITENAME=${site_conf[5]/.conf/} [ grep -q "secure-access.conf" ${siteconf} ] && SECURE=Yes || SECURE=No [ grep -q "websocket-support.conf" ${siteconf} ] && WEBSOCKET=Yes || WEBSOCKET=No [ grep -q "hsts-support.conf" ${siteconf} ] && HSTS=Yes || HSTS=No [ grep -q "block-exploits.conf" ${siteconf} ] && EXPLOITS=Yes || EXPLOITS=No echo -e "${SITENAME} - ${SECURE} - ${WEBSOCKET} - ${HSTS} - ${EXPLOITS}" fi done if [ -z $action ] || [ "${action}" = "gui" ]; then ENTER2CONTINUE fi } NEWSITE(){ echo while [ $# -gt 0 ]; do case "$1" in -site) NEW_SITE=${2};; -type) SITE_TYPE=${2};; -ssl) CREATE_SSL=${2};; -proxy_scheme) PROXYSCHEME=${2};; -proxy_host) PROXYHOST=${2};; -proxy_port) PROXYPORT=${2};; -websocket) WEBSOCKET=${2};; -hsts) HSTS=${2};; -exploits) EXPLOITS=${2};; -secure) SECURE=${2};; -h | -help | --help) echo echo -e "Usage: ${idsCL[Yellow]}nodemgmt newcert${idsCL[Default]} {" width=33 printf "%-${width}s- %s\n" " -site {FQDN address(,es)}" "(new site and aliases, comma separated)" printf "%-${width}s- %s\n" " -ssl {yes or no}" "(defaults to yes)" printf "%-${width}s- %s\n" " -type {'local' or 'proxy'}" "(defaults to local)" printf "%-${width}s- %s\n" " -proxy_port {host port}" "(proxy backend host)" printf "%-${width}s- %s\n" " -proxy_host {IP or FQDN}" "(proxy backend port)" printf "%-${width}s- %s\n" " -proxy_scheme {http or https}" "(proxy backend scheme)" printf "%-${width}s- %s\n" " -websocket {yes or no}" "(websocket support)" printf "%-${width}s- %s\n" " -hsts {yes or no}" "(hsts support)" printf "%-${width}s- %s\n" " -exploits {yes or no}" "(block exploits)" printf "%-${width}s- %s\n" " -secure {yes or no}" "(secure access [nginx/.htpasswd])" echo "}" exit 1;; esac shift done #if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi #if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi if [ -z ${NEW_SITE+x} ]; then echo -e -n "${idsCL[LightCyan]}New site domain name (comma seperated for multiple) : ${idsCL[Default]}" read NEW_SITE showdivide=yes fi if [ -z ${CREATE_SSL+x} ]; then echo -e -n "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}" read CREATE_SSL showdivide=yes if [[ $CREATE_SSL =~ ^[Yy]$ ]] || [ "${CREATE_SSL}" = "" ]; then CREATE_SSL=yes # echo -e -n "${idsCL[LightCyan]}Add additonal domain names to the SSL cert (comma seperated)? : ${idsCL[Default]}" # read ssladd else CREATE_SSL=no fi fi if [ -z ${SITE_TYPE+x} ]; then echo -e -n "${idsCL[LightCyan]}Site type (local/{proxy}): ${idsCL[Default]}" read SITE_TYPE showdivide=yes if [ "${SITE_TYPE}" = "" ]; then SITE_TYPE=proxy fi fi if [ "${SITE_TYPE}" = "proxy" ]; then if [ -z ${PROXYHOST+x} ]; then echo -e -n "${idsCL[LightCyan]}What is the proxy backend address (IP or FQDN): ${idsCL[Default]}" read PROXYHOST showdivide=yes fi if [ -z ${PROXYPORT+x} ]; then echo -e -n "${idsCL[LightCyan]}What is the proxy backend port (tcp port): ${idsCL[Default]}" read PROXYPORT showdivide=yes fi if [ -z ${PROXYSCHEME+x} ]; then echo -e -n "${idsCL[LightCyan]}What is the proxy backend scheme (http/https): ${idsCL[Default]}" read PROXYSCHEME showdivide=yes fi if [ -z ${WEBSOCKET+x} ]; then echo -e -n "${idsCL[LightCyan]}Enable Websocket Support (y/N): ${idsCL[Default]}" read WEBSOCKET showdivide=yes if [[ ${WEBSOCKET} =~ ^[Nn]$ ]] || [ "${WEBSOCKET}" = "" ]; then WEBSOCKET=no elif [[ ${WEBSOCKET} =~ ^[Yy]$ ]]; then WEBSOCKET=yes else WEBSOCKET=no fi fi if [ -z ${HSTS+x} ]; then echo -e -n "${idsCL[LightCyan]}Enable HSTS Support (Y/n): ${idsCL[Default]}" read HSTS showdivide=yes [[ ${HSTS} =~ ^[Yy]$ ]] || [ "${HSTS}" = "" ] &&HSTS=yes || HSTS=no fi if [ -z ${EXPLOITS+x} ]; then echo -e -n "${idsCL[LightCyan]}Block exploits (y/N): ${idsCL[Default]}" read EXPLOITS showdivide=yes if [[ ${EXPLOITS} =~ ^[Nn]$ ]] || [ "${EXPLOITS}" = "" ]; then EXPLOITS=no elif [[ ${EXPLOITS} =~ ^[Yy]$ ]]; then EXPLOITS=yes else EXPLOITS=no fi fi if [ -z ${SECURE+x} ]; then echo -e -n "${idsCL[LightCyan]}Secure site with Authelia SSO (y/N): ${idsCL[Default]}" read SECURE showdivide=yes if [[ ${SECURE} =~ ^[Nn]$ ]] || [ "${SECURE}" = "" ]; then SECURE=no elif [[ ${SECURE} =~ ^[Yy]$ ]]; then SECURE=yes else SECURE=no fi fi fi [ "${showdivide}" == "yes" ] && DIVIDER echo width=14 printf "%-${width}s: %s\n" "New site" "${NEW_SITE}" printf "%-${width}s: %s\n" "Create SSL" "${CREATE_SSL}" printf "%-${width}s: %s\n" "Site type" "${SITE_TYPE}" if [ "${SITE_TYPE}" = "proxy" ]; then printf "%-${width}s: %s\n" "Proxy host" "${PROXYHOST}" printf "%-${width}s: %s\n" "Proxy port" "${PROXYPORT}" printf "%-${width}s: %s\n" "Proxy scheme" "${PROXYSCHEME}" printf "%-${width}s: %s\n" "Websocket Support" "${WEBSOCKET}" printf "%-${width}s: %s\n" "HSTS Support" "${HSTS}" printf "%-${width}s: %s\n" "Block Exploits" "${EXPLOITS}" printf "%-${width}s: %s\n" "Secure Access" "${SECURE}" fi echo -e -n "${idsCL[LightRed]}Is this information correct? [Y/n]${idsCL[Default]} " read -n 1 response echo if [[ $response =~ ^[Yy]$ ]] || [ "${response}" = "" ]; then if [[ ${NEW_SITE} == *","* ]]; then IFS=','; NEW_SITES=(${NEW_SITE}); unset IFS MAIN_SITE=${NEW_SITES[0]} NGINX_SERVERNAME=${NEW_SITE//[,]/ } else MAIN_SITE=${NEW_SITE} NGINX_SERVERNAME=${NEW_SITE} fi nginxconfig=${NM_NGINXPATH}/sites-enabled/${MAIN_SITE}.conf if [ "${SITE_TYPE}" = "proxy" ]; then if [ ! -z ${PROXYSCHEME+x} ] && [ ! -z ${PROXYHOST+x} ] && [ ! -z ${PROXYPORT+x} ]; then GO=true; fi else GO=true fi if [ "${GO}" = "true" ]; then echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}" echo [ "${WEBSOCKET}" == "yes" ] && WEBSOCKET="include conf.d\/include\/websocket-support.conf;" || WEBSOCKET="" [ "${HSTS}" == "yes" ] && HSTS="include conf.d\/include\/hsts-support.conf;" || HSTS="" [ "${EXPLOITS}" == "yes" ] && EXPLOITS="include conf.d\/include\/block-exploits.conf;" || EXPLOITS="" if [ "${SECURE}" == "yes" ]; then SECURE="include conf.d\/include\/secure-access.conf;" ssh root@${NM_SINGLESRVR_IP['WEB']} "sed -ie \"/domain: # Proxies only requiring username and password/a ~~~ - \\\"${MAIN_SITE}\\\"\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml" ssh root@${NM_SINGLESRVR_IP['WEB']} "sed -i \"s/~~~/ /g\" ${NM_DOCKER_COMPOSE_LOC['authelia']}/config/configuration.yml" ssh root@${NM_SINGLESRVR_IP['WEB']} "docker restart authelia" else SECURE="" fi ######################################### LOCAL if [ "${SITE_TYPE}" = "local" ]; then echo -e "server { listen 80;" > ${nginxconfig} if [ "${CREATE_SSL}" = "yes" ]; then echo -e " listen 443 ssl http2;" >> ${nginxconfig} fi echo -e " server_name ${NGINX_SERVERNAME}; set \$base /var/www/${MAIN_SITE}; root \$base/public_html; access_log /var/log/nginx/${MAIN_SITE}-access.log; error_log /var/log/nginx/${MAIN_SITE}-error.log warn;" >> ${nginxconfig} if [ "${CREATE_SSL}" = "yes" ]; then echo -e " ssl_certificate_key ${NM_CERTPATH}/live/${MAIN_SITE}/fullchain.pem; ssl_certificate_key ${NM_CERTPATH}/live/${MAIN_SITE}/privkey.pem; include conf.d/include/ssl-ciphers.conf;" >> ${nginxconfig} fi echo -e " index index.php; location / { try_files \$uri \$uri/ /index.php?\$query_string;" >> ${nginxconfig} if [ "${CREATE_SSL}" = "yes" ]; then echo -e " include conf.d/include/force-ssl.conf;" >> ${nginxconfig} fi echo -e " } location ~ \.php\$ { fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; include conf.d/include/php_fastcgi.conf; } include conf.d/include/general.conf;" >> ${nginxconfig} if [ "${CREATE_SSL}" = "yes" ]; then echo -e " include conf.d/include/letsencrypt-acme-challenge.conf;" >> ${nginxconfig} fi echo -e "}" >> ${nginxconfig} sudo -u www-data mkdir -p /var/www/${MAIN_SITE}/{public_html,nginx_logs} # echo -en "${idsCL[LightYellow]}Waiting for folder replication across the webserver nodes... ${idsCL[Default]}" # for nip in "${WEB_HOSTS[@]}"; do # checkhost=$(CHECK_HOST ${nip}) # if [ "${checkhost}" != "false" ]; then # if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) != *"${nip}"* ]]; then # checked=false # until [ "${checked}" = "" ]; do # checked=`ssh root@${nip} "[ ! -d /var/www/${MAIN_SITE} ] && echo does not exist"` # done # fi # fi # done # echo -e "${idsCL[Green]}Completed${idsCL[Default]}" # # echo -en "${idsCL[LightYellow]}Setting folder permissions... ${idsCL[Default]}" # SET-PERMISSIONS ${MAIN_SITE} # echo -e "${idsCL[Green]}Completed${idsCL[Default]}" ######################################### PROXY else cp ${NM_FOLDER}/templates/nginx.proxy.site ${nginxconfig} sed -i "s/<>/${NGINX_SERVERNAME}/g" ${nginxconfig} sed -i "s/<>/${MAIN_SITE}/g" ${nginxconfig} sed -i "s/<>/${PROXYHOST}/g" ${nginxconfig} sed -i "s/<>/${PROXYPORT}/g" ${nginxconfig} sed -i "s/<>/${PROXYSCHEME}/g" ${nginxconfig} sed -i "s/<>/${WEBSOCKET}/g" ${nginxconfig} sed -i "s/<>/${HSTS}/g" ${nginxconfig} sed -i "s/<>/${EXPLOITS}/g" ${nginxconfig} sed -i "s/<>/${SECURE}/g" ${nginxconfig} sed -i "s%<>%${NM_CERTPATH}%g" ${nginxconfig} fi if [ "${CREATE_SSL}" = "yes" ]; then [ "${ssladd}" != "" ] && NEWCERT ${NEW_SITE},${ssladd} newsite || NEWCERT ${NEW_SITE} newsite # if [ "${SITE_TYPE}" == "proxy" ]; then sed -i "s/#ssl_certificate/ssl_certificate/g" ${nginxconfig} # fi fi rm -f ${NM_FOLDER}/new-site.lastrun daterun=`date +%Y-%m-%d-%H-%M-%S` echo -e "${NEW_SITE}\n${daterun}" > ${NM_FOLDER}/new-site.lastrun # yes | cp -rfH ${NM_FOLDER}/new-site.lastrun ${NM_NGINXPATH}/new-site.lastrun # yes | cp -rfH ${NM_FOLDER}/new-site.lastrun /var/www/new-site.lastrun # daterun=`date +%Y-%m-%d-%H-%M-%S` # echo -e "${daterun}" >> ${NM_NGINXPATH}/new-site.lastrun DIVIDER true echo echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}" echo echo -e -n "${idsCL[LightCyan]}Reload NGINX on LB Nodes (Y/n): ${idsCL[Default]}" read -n 1 NGINXRELOAD if [[ ${NGINXRELOAD} =~ ^[Nn]$ ]]; then tmp='' else # echo # echo -en "${idsCL[LightYellow]}Verifying '${NEW_SITE}' replication across the nodes... ${idsCL[Default]}" # for nip in "${LB_HOSTS[@]}"; do # checkhost=$(CHECK_HOST ${nip}) # if [ "${checkhost}" != "false" ]; then # if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) != *"${nip}"* ]]; then # checked=false # until [ "${checked}" = "" ]; do # checked=`ssh root@${nip} "[ ! -f ${nginxconfig} ] && echo '.'"` # done # fi # fi # done # rm -f ${NM_CERTPATH}/live/${MAIN_CERT}/newcert # echo -e "${idsCL[Green]}Completed${idsCL[Default]}" echo SERVICE nginx restart fi else echo "Missing proxy arguments" Exit 1 fi else ${NM_SCRIPT} newsite exit 0 fi } NEWPROXYSITE_CREATE(){ SITENAME=${1} PROXYHOST=${2} PROXYPORT=${3} PROXYSCHEME=${4} WEBSOCKET=${5} HSTS=${6} EXPLOITS=${7} SECURE=${8} # if [[ ${SITENAME} == *","* ]]; then # IFS=','; ${SITENAMES}=(${SITENAME}); unset IFS # MAIN_SITE=${SITENAMES[0]} # NGINX_SERVERNAME=${SITENAMES//[,]/ } # else # MAIN_SITE=${SITENAME} # NGINX_SERVERNAME=${SITENAME} # fi # cp ${NM_FOLDER}/templates/nginx.proxy.site ${nginxconfig} # sed -i "s/<>/${NGINX_SERVERNAME}/g" ${nginxconfig} # sed -i "s/<>/${MAIN_SITE}/g" ${nginxconfig} # sed -i "s/<>/${PROXYHOST}/g" ${nginxconfig} # sed -i "s/<>/${PROXYPORT}/g" ${nginxconfig} # sed -i "s/<>/${PROXYSCHEME}/g" ${nginxconfig} # sed -i "s/<>/${WEBSOCKET}/g" ${nginxconfig} # sed -i "s/<>/${HSTS}/g" ${nginxconfig} # sed -i "s/<>/${EXPLOITS}/g" ${nginxconfig} # sed -i "s/<>/${SECURE}/g" ${nginxconfig} } SITEINFO(){ # start=`date +%s` cw_spc1=30 cw_spc2=10 cw_spc3=7 cw_spc4=7 cw_spc5=7 cw_spc6=8 cw_spc7=15 dl=110 if [ "${1}" == "edit" ]; then [ "${2}" == "" ] && echo -e "${idsCL[LightGreen]}Choose a site from the list below to edit: ${idsCL[Default]}" else echo -e "${idsCL[LightGreen]}Local NGINX Sites ${idsCL[Default]}" fi gosite=${NM_NGINXPATH[${RUN_NODE_TYPE}]}/sites-enabled declare -A SITELIST if [ "${gosite}" != "" ]; then sites=$(find ${gosite}/*); i=0 if [ "${1}" == "" ] || ([ "${1}" == "edit" ] && [ "${2}" == "" ]); then for sitefile in ${sites[@]}; do site=${sitefile##*/}; site=${site/.conf/} if (( i % 12 == 0 )) || [ $i = 0 ]; then DIVIDER false yellow ${dl} [ "${1}" == "edit" ] && msg1='##) Site Address' || msg1='Site Address' echo -en "${idsST[Bold]}${idsCL[LightCyan]}" printf "%-30s %-10s %-7s %-7s %-7s %-7s %-8s %-15s\n" "${msg1}" "Type" "SSL" "HSTS" "WBSKT" "EXPLT" "LOCK" "Proxy Connection" echo -en "${idsST[Reset]}${idsCL[Default]}" DIVIDER false yellow ${dl} else DIVIDER false darkGray ${dl} fi if [ "$(grep include/proxy.conf ${sitefile})" != "" ]; then type='Proxy' server=$(grep 'set $server' ${sitefile}) server=${server#*\"}; server=${server%\"*} scheme=$(grep 'set $forward_scheme' ${sitefile}) scheme=${scheme##* }; scheme=${scheme%;*} port=$(grep 'set $port' ${sitefile}) port=${port##* }; port=${port%;*} c=0; spc7=''; spct=$((${cw_spc7}-${#server})); until [ $c = ${spct} ]; do spc7="${spc7} "; c=`expr $c + 1`; done proxyhost="${scheme}://${server}:${port}" else type='HTTP' proxyhost='' fi [ "$(grep ssl_certificate_key ${sitefile})" != "" ] && ssl='Yes' || ssl='' [ "$(grep include/hsts-support.conf ${sitefile})" != "" ] && hsts='Yes' || hsts='' [ "$(grep include/websocket-support.conf ${sitefile})" != "" ] && wbskt='Yes' || wbskt='' [ "$(grep include/block-exploits.conf ${sitefile})" != "" ] && explt='Yes' || explt='' [ "$(grep include/secure-access.conf ${sitefile})" != "" ] && lock='Yes' || lock='' [ ${i} -lt 10 ] && ii=" ${i}" || ii=${i} [ "${1}" == "edit" ] && msg1="${ii}) ${site}" || msg1="${site}" printf "%-30s %-10s %-7s %-7s %-7s %-7s %-8s %-15s\n" "${msg1}" "${type}" "${ssl}" "${hsts}" "${wbskt}" "${explt}" "${lock}" "${proxyhost}" SITELIST[${i}]=${site} i=`expr $i + 1` done else i=0 for sitefile in ${sites[@]}; do site=${sitefile##*/}; site=${site/.conf/} SITELIST[${i}]=${site} i=`expr $i + 1` done fi if [ "${1}" == "edit" ]; then while [ "${edit^}" != "E" ]; do if [ "${2}" == "" ]; then echo -en "\n${idsCL[LightCyan]}Enter the site number you want to edit: ${idsCL[Default]}" read siteid echo else siteid=${2} fi site=${SITELIST[${siteid}]} sitefile=${gosite}/${site}.conf certpath=$(grep ssl_certificate_key ${sitefile}) if [ "${certpath}" != "" ]; then ssl='Yes' certpath=${certpath%/*}; certpath=${certpath#* } SUBJECTNAMES=$(openssl x509 -in ${certpath}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV) CERTEXPIRE=$(date -d "$(: | openssl x509 -in ${certpath}/cert.pem -text | grep 'Not After' |awk '{print $4,$5,$7}')" '+%s'); SUBJECTNAMES=${SUBJECTNAMES//$'\n'/, } else ssl='-' fi if [ "$(grep include/proxy.conf ${sitefile})" != "" ]; then type='Proxy' server=$(grep 'set $server' ${sitefile}) server=${server#*\"}; server=${server%\"*} scheme=$(grep 'set $forward_scheme' ${sitefile}) scheme=${scheme##* }; scheme=${scheme%;*} port=$(grep 'set $port' ${sitefile}) port=${port##* }; port=${port%;*} c=0; spc7=''; spct=$((${cw_spc7}-${#server})); until [ $c = ${spct} ]; do spc7="${spc7} "; c=`expr $c + 1`; done proxyhost="${server}${spc7}:${port}" else type='HTTP' proxyhost='' fi [ "$(grep include/hsts-support.conf ${sitefile})" != "" ] && hsts='Yes' || hsts='-' [ "$(grep include/websocket-support.conf ${sitefile})" != "" ] && wbskt='Yes' || wbskt='-' [ "$(grep include/block-exploits.conf ${sitefile})" != "" ] && explt='Yes' || explt='-' [ "$(grep include/secure-access.conf ${sitefile})" != "" ] && lock='Yes' || lock='-' f=0 until [ "${edit}" = "c" ]; do echo -e "\033[K${idsCL[White]}0) Site Address: ${idsCL[Cyan]}${idsST[Bold]}${site}${idsST[Reset]}" echo -e "\033[K${idsCL[White]}1) Site Type: ${idsCL[Cyan]}${idsST[Bold]}${type}${idsST[Reset]}" echo -e "\033[K${idsCL[White]}2) SSL Secure: ${idsCL[Cyan]}${idsST[Bold]}${ssl}${idsST[Reset]} - ${idsCL[LightCyan]}(${SUBJECTNAMES})" echo -e "\033[K${idsCL[White]}3) HSTS Enabled ${idsCL[Cyan]}${idsST[Bold]}${hsts}${idsST[Reset]}" echo -e "\033[K${idsCL[White]}4) Web Sockets: ${idsCL[Cyan]}${idsST[Bold]}${wbskt}${idsST[Reset]}" echo -e "\033[K${idsCL[White]}5) Exploits Block: ${idsCL[Cyan]}${idsST[Bold]}${explt}${idsST[Reset]}" echo -e "\033[K${idsCL[White]}6) Secured Access: ${idsCL[Cyan]}${idsST[Bold]}${lock}${idsST[Reset]}" if [ "${type}" == "Proxy" ]; then echo -e "\033[K${idsCL[White]}7) Proxy Address: ${idsCL[Cyan]}${idsST[Bold]}${server}${idsST[Reset]}" echo -e "\033[K${idsCL[White]}8) Proxy Scheme: ${idsCL[Cyan]}${idsST[Bold]}${scheme}${idsST[Reset]}" echo -e "\033[K${idsCL[White]}9) Proxy Port: ${idsCL[Cyan]}${idsST[Bold]}${port}${idsST[Reset]}" else echo -e "\033[K" echo -e "\033[K" echo -e "\033[K" fi if [ "${edit}" != "s" ]; then if [ $f -eq 0 ]; then echo -e "\033[K" echo -e "\033[K" echo -e "\033[K (${idsCL[Green]}s${idsCL[Default]})ave, (${idsCL[Red]}c${idsCL[Default]})ancel, (${idsCL[Green]}e${idsCL[Default]})xit" echo -e "\033[K" echo -e "\033[K" echo -e "\033[K" echo -e "\033[7A" fi echo -en "\n\033[K${idsCL[LightCyan]}Enter the line number to edit: ${idsCL[Default]}" read -n 1 edit case "${edit}" in 0) ;; 1) [ "${type}" == "HTTP" ] && type='Proxy' || type='HTTP';; 2) ;; 3) [ "${hsts}" == "-" ] && hsts='Yes' || hsts='-';; 4) [ "${wbskt}" == "-" ] && wbskt='Yes' || wbskt='-';; 5) [ "${explt}" == "-" ] && explt='Yes' || explt='-';; 6) [ "${lock}" == "-" ] && lock='Yes' || lock='-';; 7) echo -e "\033[K\n\033[K" echo -en "\033[KEnter new Proxy Address: " read server echo -e "\033[5A"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[5A" ;; 8) [ "${scheme}" == "http" ] && scheme='https' || scheme='http';; # 8) # echo -e "\033[K\n\033[K" # echo -en "\033[KEnter new Proxy Scheme (http/https): " # read scheme # echo -e "\033[5A"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[5A" # ;; 9) echo -e "\033[K\n\033[K" echo -en "\033[KEnter new Proxy Port: " read port echo -e "\033[5A"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[5A" ;; [Ee]) echo -e "\n\n\n" exit 0 ;; [Cc]) echo -e "\n\033[K\033[6A"; echo -e "\033[K\n\033[K\n\033[K\n\033[K\n\033[K\n\033[K"; echo -e "\033[6A" ;; esac # [ "$edit" = "7" ] && echo -e "\033[5A"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[5A" echo -e "\033[12A" else echo -en "\n\033[K${idsCL[LightCyan]}Confirm changes (Y/n): ${idsCL[Default]}" read -n 1 confirm case "${confirm}" in [Nn]) edit='' echo -e "\033[12A" ;; *) echo -e "\n\n\n" # NEWPROXYSITE_CREATE ${site} ${server} ${port} ${scheme} ${wbskt} ${hsts} ${explt} ${lock} # SITENAME=${1} # PROXYHOST=${2} # PROXYPORT=${3} # PROXYSCHEME=${4} # WEBSOCKET=${5} # HSTS=${6} # EXPLOITS=${7} # SECURE=${8} edit=c ;; esac fi f=1 done done echo fi else echo -e "\nNo site information found for this node" fi echo # end=`date +%s` # runtime=$((end-start)) # echo "runtime: ${runtime}" # echo }