voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity
Files
d07c54e98b13c57ee62836fe8f09ab4702125455
NodeMgmt/inc/sites.inc
David Schroeder d07c54e98b Update sites.inc
2023-05-25 22:12:13 -05:00

643 lines
22 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
DELSITE(){
while [ $# -gt 0 ]; do
case "$1" in
-site) DEL_SITE=${2};;
-ssl) DEL_SSL=${2};;
-list) DELSITES; exit 0;;
-*)
echo "Invalid option: '${1}' requires an argument" 1>&2
echo ""
echo -e "Usage: ${idsCL[Yellow]}nodemgmt delsite${idsCL[Default]} {"
width=33
printf "%-${width}s- %s\n" " -site {FQDN address}" "(*required)"
printf "%-${width}s- %s\n" " -ssl {yes or [no]}" "Delete SSL certs as well"
printf "%-${width}s- %s\n" " -list" "List sites (same as running nodemgmt delsites)"
echo "}"
exit 1;;
esac
shift
done
if [ -z ${DEL_SITE+x} ]; then
echo -e -n "${idsCL[LightCyan]}Delete what site address: ${idsCL[Default]}"
read DEL_SITE
echo ""
fi
if [[ $DEL_SSL =~ ^[Nn]$ ]]; then
DEL_SSL=no
elif [[ $DEL_SSL =~ ^[Yy]$ ]]; then
DEL_SSL=yes
elif [ -z ${DEL_SSL+x} ]; then
echo -e -n "${idsCL[LightRed]}Do you also want to delete the certs for '${DEL_SITE}' as well? [y/N]${idsCL[Default]} "
read DEL_SSL
fi
if [ ! -z ${DEL_SITE+x} ] && [ "${DEL_SITE}" != "" ]; then
echo -e "${idsCL[LightRed]}Deleting site '${idsCL[Red]}${DEL_SITE^^}${idsCL[LightRed]}'...${idsCL[Default]}"
echo ""
echo -e "${idsCL[LightRed]}[[Removing Files and Folders]]${idsCL[Default]}"
echo -e "${idsCL[LightRed]}-------------------------------------------${idsCL[Default]}"
echo
echo -en "${idsCL[LightCyan]}Removing files from all Nodes ... ${idsCL[Default]}"
ssh root@10.10.1.120 rm -f /etc/nginx/sites-enabled/${DEL_SITE}* >/dev/null 2>&1
ssh root@10.10.10.80 rm -f /etc/nginx/sites-enabled/${DEL_SITE}* >/dev/null 2>&1
if [ "${DEL_SSL}" == "yes" ]; then
ssh root@10.10.10.80 rm -rf /etc/letsencrypt/archive/${DEL_SITE} >/dev/null 2>&1
ssh root@10.10.10.80 rm -rf /etc/letsencrypt/live/${DEL_SITE} >/dev/null 2>&1
ssh root@10.10.10.80 rm -f /etc/letsencrypt/renewal/${DEL_SITE}.conf >/dev/null 2>&1
fi
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
echo
echo -en "${idsCL[LightCyan]}Reloading NGINX ... ${idsCL[Default]}"
ssh root@10.10.10.80 nodemgmt service nginx reload >/dev/null 2>&1
ssh root@10.10.1.120 nodemgmt service nginx reload >/dev/null 2>&1
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
# nid=1
# for nip in "${WEB_HOSTS[@]}"; do
# if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then
# nip='localhost '
# NCMD=''
# else
# NCMD="ssh root@${nip}"
# fi
# echo -en "Removing from Webserver-Node${nid} ($nip)... ${idsCL[Default]}"
# if [ "${NCMD}" != "" ]; then
# checkhost=$(CHECK_HOST ${nip})
# fi
# if [ "${checkhost}" != "false" ]; then
# #if [ -f /etc/nginx/sites-available/${DEL_SITE} ]; then
# ${NCMD} rm -f /etc/nginx/sites-available/${DEL_SITE}*
# ${NCMD} rm -f /etc/nginx/sites-enabled/${DEL_SITE}*
# #fi
# #if [ -d /var/www/${DEL_SITE} ]; then
# ${NCMD} rm -rf /var/www/${DEL_SITE}
# #fi
# if [ "${DEL_SSL}" = "yes" ]; then
# ${NCMD} rm -rf /etc/letsencrypt/archive/${DEL_SITE}
# ${NCMD} rm -rf /etc/letsencrypt/live/${DEL_SITE}
# ${NCMD} rm -f /etc/letsencrypt/renewal/${DEL_SITE}.conf
# fi
# echo -e "${idsCL[Green]}OK${idsCL[Default]}"
# else
# echo -e "${idsCL[Red]}Node is down${idsCL[Default]}"
# fi
# nid=`expr $nid + 1`
# done
# echo ""
# SERVICE nginx reload ns
echo -e "${idsCL[LightRed]}Site has been deleted.${idsCL[Default]}"
else
echo "Missing arguments"
echo ""
echo -e "Usage: ${idsCL[Yellow]}nodemgmt delsite${idsCL[Default]} {"
width=33
printf "%-${width}s- %s\n" " -site {FQDN address}" "Site to delete"
printf "%-${width}s- %s\n" " -ssl {yes or [no]}" "Delete SSL certs as well"
printf "%-${width}s- %s\n" " -list" "List sites (same as running nodemgmt delsites)"
echo "}"
exit 1
fi
}
DELSITES(){
echo
echo -e "${idsCL[Red]}Select a site to delete...${idsCL[Default]}"
DIVIDER true
sid=1
filels="( $(ssh root@${WEB_HOSTS[0]} ls '/etc/nginx/sites-available/*') )"
# IFS='\n'
for siteconf in $filels; do
# for siteconf in /etc/nginx/sites-available/* ; do
# [ -e "$siteconf" ] || continue
if [ ${siteconf:0:1} == '/' ]; then
IFS='/'; site_conf=(${siteconf}); unset IFS
SITES[${sid}]=${site_conf[4]}
sid=`expr $sid + 1`
fi
done
for s in "${!SITES[@]}"; do
echo " [${s}] ${SITES[${s}]}"
done
echo ""
if [ -z $action ] || [ "${action}" = "gui" ]; then
echo " [B] Back"
fi
echo " [Q] Quit"
echo ""
echo -e -n "${idsCL[LightYellow]}Please select a site from above from above:${idsCL[Default]} "
read selsite
echo ""
if [ -z ${SITES[$selsite]} ] && [ "${selsite}" != "Q" ] && [ "${selsite}" != "q" ] && [ "${selsite}" != "B" ] && [ "${selsite}" != "b" ]; then
echo "Thats an invaild option,"
echo "please select a valid option only."
sleep 1
DELSITES
exit 0
elif [ "${selsite}" = "Q" ] || [ "${selsite}" = "q" ]; then
exit 0
elif [ "${selsite}" = "B" ] || [ "${selsite}" = "b" ]; then
GUI
else
while :
do
echo -e -n "${idsCL[LightRed]}Are you sure you want to delete '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}'? [y/N]${idsCL[Default]} "
read response
echo ""
if [[ $response =~ ^[Yy]$ ]]; then
echo -e -n "${idsCL[LightRed]}Do you also want to delete the certs for '${idsCL[Red]}${SITES[${selsite}]^^}${idsCL[LightRed]}', if they exist? [y/N]${idsCL[Default]} "
read sslresponse
DELSITE -site ${SITES[${selsite}]} -ssl ${sslresponse}
echo ""
DIVIDER
ENTER2CONTINUE
break
else
break
fi
done
DELSITES
exit 0
fi
if [ -z $action ] || [ "${action}" = "gui" ]; then
ENTER2CONTINUE
fi
}
NEWSITE(){
echo
while [ $# -gt 0 ]; do
case "$1" in
-site) NEW_SITE=${2};;
-type) SITE_TYPE=${2};;
-ssl) CREATE_SSL=${2};;
-proxy_scheme) PROXYSCHEME=${2};;
-proxy_host) PROXYHOST=${2};;
-proxy_port) PROXYPORT=${2};;
-websocket) WEBSOCKET=${2};;
-hsts) HSTS=${2};;
-exploits) EXPLOITS=${2};;
-secure) SECURE=${2};;
-h | -help | --help)
echo ""
echo -e "Usage: ${idsCL[Yellow]}nodemgmt newcert${idsCL[Default]} {"
width=33
printf "%-${width}s- %s\n" " -site {FQDN address(,es)}" "(new site and aliases, comma separated)"
printf "%-${width}s- %s\n" " -ssl {yes or no}" "(defaults to yes)"
printf "%-${width}s- %s\n" " -type {'local' or 'proxy'}" "(defaults to local)"
printf "%-${width}s- %s\n" " -proxy_port {host port}" "(proxy backend host)"
printf "%-${width}s- %s\n" " -proxy_host {IP or FQDN}" "(proxy backend port)"
printf "%-${width}s- %s\n" " -proxy_scheme {http or https}" "(proxy backend scheme)"
printf "%-${width}s- %s\n" " -websocket {yes or no}" "(websocket support)"
printf "%-${width}s- %s\n" " -hsts {yes or no}" "(hsts support)"
printf "%-${width}s- %s\n" " -exploits {yes or no}" "(block exploits)"
printf "%-${width}s- %s\n" " -secure {yes or no}" "(secure access [nginx/.htpasswd])"
echo "}"
exit 1;;
esac
shift
done
#if [ -z ${SITE_TYPE+x} ]; then SITE_TYPE=local; fi
#if [ -z ${CREATE_SSL+x} ]; then CREATE_SSL=true; fi
if [ -z ${NEW_SITE+x} ]; then
echo -e -n "${idsCL[LightCyan]}New site domain name (comma seperated for multiple) : ${idsCL[Default]}"
read NEW_SITE
showdivide=yes
fi
if [ -z ${CREATE_SSL+x} ]; then
echo -e -n "${idsCL[LightCyan]}Create SSL for site? [Y/n] ${idsCL[Default]}"
read CREATE_SSL
showdivide=yes
if [[ $CREATE_SSL =~ ^[Yy]$ ]] || [ "${CREATE_SSL}" = "" ]; then
CREATE_SSL=yes
# echo -e -n "${idsCL[LightCyan]}Add additonal domain names to the SSL cert (comma seperated)? : ${idsCL[Default]}"
# read ssladd
else
CREATE_SSL=no
fi
fi
if [ -z ${SITE_TYPE+x} ]; then
echo -e -n "${idsCL[LightCyan]}Site type (local/{proxy}): ${idsCL[Default]}"
read SITE_TYPE
showdivide=yes
if [ "${SITE_TYPE}" = "" ]; then
SITE_TYPE=proxy
fi
fi
if [ "${SITE_TYPE}" = "proxy" ]; then
if [ -z ${PROXYHOST+x} ]; then
echo -e -n "${idsCL[LightCyan]}What is the proxy backend address (IP or FQDN): ${idsCL[Default]}"
read PROXYHOST
showdivide=yes
fi
if [ -z ${PROXYPORT+x} ]; then
echo -e -n "${idsCL[LightCyan]}What is the proxy backend port (tcp port): ${idsCL[Default]}"
read PROXYPORT
showdivide=yes
fi
if [ -z ${PROXYSCHEME+x} ]; then
echo -e -n "${idsCL[LightCyan]}What is the proxy backend scheme (http/https): ${idsCL[Default]}"
read PROXYSCHEME
showdivide=yes
fi
if [ -z ${WEBSOCKET+x} ]; then
echo -e -n "${idsCL[LightCyan]}Enable Websocket Support (y/N): ${idsCL[Default]}"
read WEBSOCKET
showdivide=yes
if [[ ${WEBSOCKET} =~ ^[Nn]$ ]] || [ "${WEBSOCKET}" = "" ]; then
WEBSOCKET=no
elif [[ ${WEBSOCKET} =~ ^[Yy]$ ]]; then
WEBSOCKET=yes
else
WEBSOCKET=no
fi
fi
if [ -z ${HSTS+x} ]; then
echo -e -n "${idsCL[LightCyan]}Enable HSTS Support (Y/n): ${idsCL[Default]}"
read HSTS
showdivide=yes
[[ ${HSTS} =~ ^[Yy]$ ]] || [ "${HSTS}" = "" ] &&HSTS=yes || HSTS=no
fi
if [ -z ${EXPLOITS+x} ]; then
echo -e -n "${idsCL[LightCyan]}Block exploits (y/N): ${idsCL[Default]}"
read EXPLOITS
showdivide=yes
if [[ ${EXPLOITS} =~ ^[Nn]$ ]] || [ "${EXPLOITS}" = "" ]; then
EXPLOITS=no
elif [[ ${EXPLOITS} =~ ^[Yy]$ ]]; then
EXPLOITS=yes
else
EXPLOITS=no
fi
fi
if [ -z ${SECURE+x} ]; then
echo -e -n "${idsCL[LightCyan]}Secure site with passwords from [ nginx/.htpasswd ](y/N): ${idsCL[Default]}"
read SECURE
showdivide=yes
if [[ ${SECURE} =~ ^[Nn]$ ]] || [ "${SECURE}" = "" ]; then
SECURE=no
elif [[ ${SECURE} =~ ^[Yy]$ ]]; then
SECURE=yes
else
SECURE=no
fi
fi
fi
[ "${showdivide}" == "yes" ] && DIVIDER
echo
width=14
printf "%-${width}s: %s\n" "New site" "${NEW_SITE}"
printf "%-${width}s: %s\n" "Create SSL" "${CREATE_SSL}"
printf "%-${width}s: %s\n" "Site type" "${SITE_TYPE}"
if [ "${SITE_TYPE}" = "proxy" ]; then
printf "%-${width}s: %s\n" "Proxy host" "${PROXYHOST}"
printf "%-${width}s: %s\n" "Proxy port" "${PROXYPORT}"
printf "%-${width}s: %s\n" "Proxy scheme" "${PROXYSCHEME}"
printf "%-${width}s: %s\n" "Websocket Support" "${WEBSOCKET}"
printf "%-${width}s: %s\n" "HSTS Support" "${HSTS}"
printf "%-${width}s: %s\n" "Block Exploits" "${EXPLOITS}"
printf "%-${width}s: %s\n" "Secure Access" "${SECURE}"
fi
echo -e -n "${idsCL[LightRed]}Is this information correct? [Y/n]${idsCL[Default]} "
read -n 1 response
echo
if [[ $response =~ ^[Yy]$ ]] || [ "${response}" = "" ]; then
if [[ ${NEW_SITE} == *","* ]]; then
IFS=','; NEW_SITES=(${NEW_SITE}); unset IFS
MAIN_SITE=${NEW_SITES[0]}
NGINX_SERVERNAME=${NEW_SITE//[,]/ }
else
MAIN_SITE=${NEW_SITE}
NGINX_SERVERNAME=${NEW_SITE}
fi
if [ "${SITE_TYPE}" = "proxy" ]; then
if [ ! -z ${PROXYSCHEME+x} ] && [ ! -z ${PROXYHOST+x} ] && [ ! -z ${PROXYPORT+x} ]; then GO=true; fi
else GO=true
fi
if [ "${GO}" = "true" ]; then
echo -e "${idsCL[LightGreen]}Setting up new site for '${idsCL[Yellow]}${MAIN_SITE}${idsCL[LightGreen]}' {${NGINX_SERVERNAME}}...${idsCL[Default]}"
echo ""
[ "${WEBSOCKET}" == "yes" ] && WEBSOCKET="include conf.d\/include\/websocket-support.conf;" || WEBSOCKET=""
[ "${HSTS}" == "yes" ] && HSTS="include conf.d\/include\/hsts-support.conf;" || HSTS=""
[ "${EXPLOITS}" == "yes" ] && EXPLOITS="include conf.d\/include\/block-exploits.conf;" || EXPLOITS=""
[ "${SECURE}" == "yes" ] && SECURE="include conf.d\/include\/secure-access.conf;" || SECURE=""
######################################### LOCAL
if [ "${SITE_TYPE}" = "local" ]; then
echo -e "server {
listen 80;" > /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "yes" ]; then
echo -e " listen 443 ssl http2;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi
echo -e "
server_name ${NGINX_SERVERNAME};
set \$base /var/www/${MAIN_SITE};
root \$base/public_html;
access_log /var/log/nginx/${MAIN_SITE}-access.log;
error_log /var/log/nginx/${MAIN_SITE}-error.log warn;" >> /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "yes" ]; then
echo -e "
ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${MAIN_SITE}/privkey.pem;
include conf.d/include/ssl-ciphers.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi
echo -e "
index index.php;
location / {
try_files \$uri \$uri/ /index.php?\$query_string;" >> /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "yes" ]; then
echo -e " include conf.d/include/force-ssl.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi
echo -e " }
location ~ \.php\$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
include conf.d/include/php_fastcgi.conf;
}
include conf.d/include/general.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
if [ "${CREATE_SSL}" = "yes" ]; then
echo -e " include conf.d/include/letsencrypt-acme-challenge.conf;" >> /etc/nginx/sites-available/${MAIN_SITE}
fi
echo -e "}" >> /etc/nginx/sites-available/${MAIN_SITE}
sudo -u www-data mkdir -p /var/www/${MAIN_SITE}/{public_html,nginx_logs}
# echo -en "${idsCL[LightYellow]}Waiting for folder replication across the webserver nodes... ${idsCL[Default]}"
# for nip in "${WEB_HOSTS[@]}"; do
# checkhost=$(CHECK_HOST ${nip})
# if [ "${checkhost}" != "false" ]; then
# if [[ $(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) != *"${nip}"* ]]; then
# checked=false
# until [ "${checked}" = "" ]; do
# checked=`ssh root@${nip} "[ ! -d /var/www/${MAIN_SITE} ] && echo does not exist"`
# done
# fi
# fi
# done
# echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
#
# echo -en "${idsCL[LightYellow]}Setting folder permissions... ${idsCL[Default]}"
# SET-PERMISSIONS ${MAIN_SITE}
# echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
######################################### PROXY
else
cp ${FOLDER}/templates/nginx.proxy.site /etc/nginx/sites-enabled/${MAIN_SITE}.conf
sed -i "s/<<SERVER_NAME>>/${NGINX_SERVERNAME}/g" /etc/nginx/sites-enabled/${MAIN_SITE}.conf
sed -i "s/<<MAIN_SITE>>/${MAIN_SITE}/g" /etc/nginx/sites-enabled/${MAIN_SITE}.conf
sed -i "s/<<PROXY_IP>>/${PROXYHOST}/g" /etc/nginx/sites-enabled/${MAIN_SITE}.conf
sed -i "s/<<PROXY_PORT>>/${PROXYPORT}/g" /etc/nginx/sites-enabled/${MAIN_SITE}.conf
sed -i "s/<<PROXY_SCHEME>>/${PROXYSCHEME}/g" /etc/nginx/sites-enabled/${MAIN_SITE}.conf
sed -i "s/<<WEBSOCKET>>/${WEBSOCKET}/g" /etc/nginx/sites-enabled/${MAIN_SITE}.conf
sed -i "s/<<HSTS>>/${HSTS}/g" /etc/nginx/sites-enabled/${MAIN_SITE}.conf
sed -i "s/<<EXPLOITS>>/${EXPLOITS}/g" /etc/nginx/sites-enabled/${MAIN_SITE}.conf
sed -i "s/<<SECURE>>/${SECURE}/g" /etc/nginx/sites-enabled/${MAIN_SITE}.conf
fi
if [ "${CREATE_SSL}" = "yes" ]; then
[ "${ssladd}" != "" ] && NEWCERT ${NEW_SITE},${ssladd} || NEWCERT ${NEW_SITE}
# if [ "${SITE_TYPE}" == "proxy" ]; then
sed -i "s/#ssl_certificate/ssl_certificate/g" /etc/nginx/sites-enabled/${MAIN_SITE}.conf
# fi
fi
rm -f ${FOLDER}/new-site.lastrun
daterun=`date +%Y-%m-%d-%H-%M-%S`
echo -e "${NEW_SITE}\n${daterun}" > ${FOLDER}/new-site.lastrun
# yes | cp -rfH ${FOLDER}/new-site.lastrun /etc/nginx/new-site.lastrun
# yes | cp -rfH ${FOLDER}/new-site.lastrun /var/www/new-site.lastrun
# daterun=`date +%Y-%m-%d-%H-%M-%S`
# echo -e "${daterun}" >> /etc/nginx/new-site.lastrun
DIVIDER true
echo ""
echo -e "${idsCL[LightGreen]}The new site for '${idsCL[LightGreen]}${NEW_SITE}${idsCL[Default]}' has been created.${idsCL[Default]}"
echo ""
else
echo "Missing proxy arguments"
Exit 1
fi
else
${SCRIPT} newsite
exit 0
fi
}
SITEINFO(){
# start=`date +%s`
cw_spc1=30
cw_spc2=10
cw_spc3=7
cw_spc4=7
cw_spc5=7
cw_spc6=8
cw_spc7=15
dl=110
MIP=$(ip addr show $(ip route | awk '/default/ { print $5 }') | grep "inet" | head -n 1 | awk '/inet/ {print $2}' | cut -d'/' -f1)
for NTYPE in "${NODE_TYPES[@]}"; do
var=${NTYPE}_HOSTS[@]
NODE_TYPE=""
for nip in "${!var}"; do
if [[ "${MIP}" == *"${nip}"* ]]; then
NODE_TYPE=${NTYPE};
break 2
fi
done
done
if [ "${1}" == "edit" ]; then
[ "${2}" == "" ] && echo -e "${idsCL[LightGreen]}Choose a site from the list below to edit: ${idsCL[Default]}"
else
echo -e "${idsCL[LightGreen]}Local NGINX Sites ${idsCL[Default]}"
fi
gosite=${NODE_TYPE}_NGINX_SITES
declare -A SITELIST
if [ "${!gosite}" != "" ]; then
sites=$(find ${!gosite}/*); i=0
if [ "${1}" == "" ] || ([ "${1}" == "edit" ] && [ "${2}" == "" ]); then
for sitefile in ${sites[@]}; do
site=${sitefile##*/}; site=${site/.conf/}
if (( i % 12 == 0 )) || [ $i = 0 ]; then
DIVIDER false yellow ${dl}
[ "${1}" == "edit" ] && msg1='##) Site Address' || msg1='Site Address'
echo -en "${idsST[Bold]}${idsCL[LightCyan]}"
printf "%-30s %-10s %-7s %-7s %-7s %-7s %-8s %-15s\n" "${msg1}" "Type" "SSL" "HSTS" "WBSKT" "EXPLT" "LOCK" "Proxy Connection"
echo -en "${idsST[Reset]}${idsCL[Default]}"
DIVIDER false yellow ${dl}
else
DIVIDER false darkGray ${dl}
fi
if [ "$(grep include/proxy.conf ${sitefile})" != "" ]; then
type='Proxy'
server=$(grep 'set $server' ${sitefile})
server=${server#*\"}; server=${server%\"*}
scheme=$(grep 'set $forward_scheme' ${sitefile})
scheme=${scheme##* }; scheme=${scheme%;*}
port=$(grep 'set $port' ${sitefile})
port=${port##* }; port=${port%;*}
c=0; spc7=''; spct=$((${cw_spc7}-${#server})); until [ $c = ${spct} ]; do spc7="${spc7} "; c=`expr $c + 1`; done
proxyhost="${scheme}://${server}:${port}"
else
type='HTTP'
proxyhost=''
fi
[ "$(grep ssl_certificate_key ${sitefile})" != "" ] && ssl='Yes' || ssl=''
[ "$(grep include/hsts-support.conf ${sitefile})" != "" ] && hsts='Yes' || hsts=''
[ "$(grep include/websocket-support.conf ${sitefile})" != "" ] && wbskt='Yes' || wbskt=''
[ "$(grep include/block-exploits.conf ${sitefile})" != "" ] && explt='Yes' || explt=''
[ "$(grep include/secure-access.conf ${sitefile})" != "" ] && lock='Yes' || lock=''
[ ${i} -lt 10 ] && ii=" ${i}" || ii=${i}
[ "${1}" == "edit" ] && msg1="${ii}) ${site}" || msg1="${site}"
printf "%-30s %-10s %-7s %-7s %-7s %-7s %-8s %-15s\n" "${msg1}" "${type}" "${ssl}" "${hsts}" "${wbskt}" "${explt}" "${lock}" "${proxyhost}"
SITELIST[${i}]=${site}
i=`expr $i + 1`
done
else
i=0
for sitefile in ${sites[@]}; do
site=${sitefile##*/}; site=${site/.conf/}
SITELIST[${i}]=${site}
i=`expr $i + 1`
done
fi
if [ "${1}" == "edit" ]; then
if [ "${2}" == "" ]; then
echo -en "\n${idsCL[LightCyan]}Enter the site number you want to edit: ${idsCL[Default]}"
read siteid
echo
else
siteid=${2}
fi
site=${SITELIST[${siteid}]}
sitefile=${!gosite}/${site}.conf
certpath=$(grep ssl_certificate_key ${sitefile})
if [ "${certpath}" != "" ]; then
ssl='Yes'
certpath=${certpath%/*}; certpath=${certpath#* }
SUBJECTNAMES=$(openssl x509 -in ${certpath}/cert.pem -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV)
CERTEXPIRE=$(date -d "$(: | openssl x509 -in ${certpath}/cert.pem -text | grep 'Not After' |awk '{print $4,$5,$7}')" '+%s');
SUBJECTNAMES=${SUBJECTNAMES//$'\n'/, }
else
ssl='-'
fi
if [ "$(grep include/proxy.conf ${sitefile})" != "" ]; then
type='Proxy'
server=$(grep 'set $server' ${sitefile})
server=${server#*\"}; server=${server%\"*}
scheme=$(grep 'set $forward_scheme' ${sitefile})
scheme=${scheme##* }; scheme=${scheme%;*}
port=$(grep 'set $port' ${sitefile})
port=${port##* }; port=${port%;*}
c=0; spc7=''; spct=$((${cw_spc7}-${#server})); until [ $c = ${spct} ]; do spc7="${spc7} "; c=`expr $c + 1`; done
proxyhost="${server}${spc7}:${port}"
else
type='HTTP'
proxyhost=''
fi
[ "$(grep include/hsts-support.conf ${sitefile})" != "" ] && hsts='Yes' || hsts='-'
[ "$(grep include/websocket-support.conf ${sitefile})" != "" ] && wbskt='Yes' || wbskt='-'
[ "$(grep include/block-exploits.conf ${sitefile})" != "" ] && explt='Yes' || explt='-'
[ "$(grep include/secure-access.conf ${sitefile})" != "" ] && lock='Yes' || lock='-'
until [ "${edit}" = "c" ]; do
echo -e "\033[K${idsCL[Cyan]}0) Site Address: ${idsST[Bold]}${site}${idsST[Reset]}"
echo -e "\033[K${idsCL[Cyan]}1) Site Type: ${idsST[Bold]}${type}${idsST[Reset]}"
echo -e "\033[K${idsCL[Cyan]}2) SSL Secure: ${idsST[Bold]}${ssl}${idsST[Reset]} - ${idsCL[LightCyan]}(${SUBJECTNAMES})"
echo -e "\033[K${idsCL[Cyan]}3) HSTS Enabled ${idsST[Bold]}${hsts}${idsST[Reset]}"
echo -e "\033[K${idsCL[Cyan]}4) Web Sockets: ${idsST[Bold]}${wbskt}${idsST[Reset]}"
echo -e "\033[K${idsCL[Cyan]}5) Exploits Block: ${idsST[Bold]}${explt}${idsST[Reset]}"
echo -e "\033[K${idsCL[Cyan]}6) Secured: ${idsST[Bold]}${lock}${idsST[Reset]}"
if [ "${type}" == "Proxy" ]; then
echo -e "\033[K${idsCL[Cyan]}7) Proxy Address: ${idsST[Bold]}${server}${idsST[Reset]}"
echo -e "\033[K${idsCL[Cyan]}8) Proxy Scheme: ${idsST[Bold]}${scheme}${idsST[Reset]}"
echo -e "\033[K${idsCL[Cyan]}9) Proxy Port: ${idsST[Bold]}${port}${idsST[Reset]}"
else
echo -e "\033[K"
echo -e "\033[K"
echo -e "\033[K"
fi
if [ "${edit}" != "s" ]; then
echo -en "\n\033[K${idsCL[LightCyan]}Enter the line number to edit, or (s) to save: ${idsCL[Default]}"
read -n 1 edit
case "${edit}" in
0) ;;
1) [ "${type}" == "HTTP" ] && type='Proxy' || type='HTTP';;
2) ;;
3) [ "${hsts}" == "-" ] && hsts='Yes' || hsts='-';;
4) [ "${wbskt}" == "-" ] && wbskt='Yes' || wbskt='-';;
5) [ "${explt}" == "-" ] && explt='Yes' || explt='-';;
6) [ "${lock}" == "-" ] && lock='Yes' || lock='-';;
7)
echo -e "\033[K\n\033[K"
echo -en "\033[KEnter new Proxy Address: "
read server
;;
esac
([ $edit -eq 7 ] || [ $edit -eq 8 ] || [ $edit -eq 9 ]) && echo -e "\033[5A"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[K"; echo -e "\033[5A"
echo -e "\033[12A"
else
echo -en "\n\033[K${idsCL[LightCyan]}Confirm changes (Y/n): ${idsCL[Default]}"
read -n 1 confirm
case "${confirm}" in
[Nn])
edit=''
echo -e "\033[10A"
;;
*)
echo -e "\nSAVED"
edit=c
;;
esac
fi
done
echo
fi
else
echo -e "\nNo site information found for this node"
fi
echo
# end=`date +%s`
# runtime=$((end-start))
# echo "runtime: ${runtime}"
# echo
}
Reference in New Issue View Git Blame Copy Permalink