From d9d135f1a629352f6f791e80da4264c3dd1657ac Mon Sep 17 00:00:00 2001
From: 6543 <dasdfsafdsafdas453@freenet.de>
Date: Mon, 7 May 2018 22:25:38 +0200
Subject: [PATCH] add own

---
 own/site_add       | 61 ++++++++++++++++++++++++++++++++++++++++++++++
 own/site_del       |  6 +++++
 own/ssl_add-domain | 21 ++++++++++++++++
 own/ssl_del-domain | 11 +++++++++
 own/ssl_update     | 12 +++++++++
 5 files changed, 111 insertions(+)
 create mode 100755 own/site_add
 create mode 100755 own/site_del
 create mode 100755 own/ssl_add-domain
 create mode 100755 own/ssl_del-domain
 create mode 100755 own/ssl_update

diff --git a/own/site_add b/own/site_add
new file mode 100755
index 0000000..c04c3b9
--- /dev/null
+++ b/own/site_add
@@ -0,0 +1,61 @@
+#!/bin/bash
+if [ "$1" == "--help" ]; then
+  echo './site_add domain [<protokoll>://]<host>[:port]'
+else
+
+  domain=$1
+  aim=$2
+
+  if [[ $aim =~ :// ]]; then
+    aim_ip=`echo ${aim//\//} | cut -d ":" -f 2`
+    aim_port=`echo ${aim//\//} | cut -d ":" -f 3`
+  else
+    aim_ip=`echo $aim | cut -d ":" -f 1`
+    aim_port=`echo $aim | cut -d ":" -f 2`
+  fi
+
+  ## check domain is corect to server-ip:
+  # dig $domain | grep "A" | grep "$domain". | grep
+  #
+  # ...
+  #
+  ##
+
+  ## check if aim_ip can be pinged if not : msg.warning: no ping
+  #
+  # ...
+  #
+  ##
+
+  echo "Start Domain=$domain AIM_IP=$aim_ip AIM_Port=$aim_port "
+
+  # if config for domain exist
+  lxc-attach -n c_proxy -- [ -f /etc/nginx/sites-enabled/"$domain"_ssl ] && {
+
+    #update certs
+    /srv/services/proxy/ssl_update
+    # del conf
+    lxc-attach -n c_proxy -- rm /etc/nginx/sites-enabled/"$domain"_ssl
+
+  }
+
+  # if config for domain NOT exist AND not cert exist
+  lxc-attach -n c_proxy -- [ -f /etc/nginx/sites-enabled/"$domain"_ssl ] || [ -f /srv/services/proxy/ssl_confs/"$domain".conf ] || {
+    /srv/services/proxy/ssl_add-domain $domain
+  }
+
+  # cp template
+  lxc-attach -n c_proxy -- cp /etc/nginx/sites-available/muster.https /etc/nginx/sites-enabled/"$domain"_ssl
+  # setup config
+  lxc-attach -n c_proxy -- sed -i "s|###DNS-Name###|${domain}|g" /etc/nginx/sites-enabled/"$domain"_ssl
+  lxc-attach -n c_proxy -- sed -i "s|###AIM###|${aim}|g" /etc/nginx/sites-enabled/"$domain"_ssl
+
+  #del all entrys in host for domain
+  #> http://ccm.net/faq/1451-delete-lines-from-a-file-using-sed
+  #add entry for domain
+  #> http://ccm.net/faq/1451-delete-lines-from-a-file-using-sed
+  #sync hosts
+  lxc-attach -n c_proxy -- cat /etc/hosts > /etc/hosts
+
+fi
+lxc-attach -n c_proxy -- /etc/init.d/nginx restart
diff --git a/own/site_del b/own/site_del
new file mode 100755
index 0000000..12c52d1
--- /dev/null
+++ b/own/site_del
@@ -0,0 +1,6 @@
+#/bin/bash
+
+# del link
+# del conf
+#/ssl_domain_del
+echo "in work..."
diff --git a/own/ssl_add-domain b/own/ssl_add-domain
new file mode 100755
index 0000000..cab2fc9
--- /dev/null
+++ b/own/ssl_add-domain
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+domains=$1
+
+lxc-attach -n c_proxy -- /etc/init.d/nginx stop
+
+for i in `echo $domains | tr ";" " "`; do
+  lxc-attach -n c_proxy --  [ -d /etc/letsencrypt/live/$i/ ] && lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/live/$i/
+  lxc-attach -n c_proxy --  [ -d /etc/letsencrypt/archive/$i/ ] && lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/archive/$i/
+done
+
+lxc-attach -n c_proxy -- /opt/letsencrypt/letsencrypt-auto certonly -d $domains --standalone
+
+lxc-attach -n c_proxy -- /etc/init.d/nginx start
+
+for i in `echo $domains | tr ";" " "`; do
+  mkdir -p ./ssl_certs/$i
+  for j in privkey.pem fullchain.pem chain.pem cert.pem; do
+    lxc-attach -n c_proxy -- cat /etc/letsencrypt/live/$i/$j > ./ssl_certs/$i/$j
+  done
+done
diff --git a/own/ssl_del-domain b/own/ssl_del-domain
new file mode 100755
index 0000000..e7bd889
--- /dev/null
+++ b/own/ssl_del-domain
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+domain=$1
+
+[ -f ./ssl_confs/"$domain".conf ] || { echo not found; exit 1; }
+
+rm ./ssl_confs/"$domain".conf
+lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/live/"$domain"/
+lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/archive/"$domain"/
+
+rm ./nginx/sites-enabled/"$domain"*
diff --git a/own/ssl_update b/own/ssl_update
new file mode 100755
index 0000000..58b3c9b
--- /dev/null
+++ b/own/ssl_update
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+#renew certs
+lxc-attach -n c_proxy -- /opt/renewssl.sh
+
+#copy certs
+for i in `lxc-attach -n c_proxy -- ls /etc/letsencrypt/live/ |  tail -n +2`; do
+  mkdir -p ./ssl_certs/$i
+  for j in privkey.pem fullchain.pem chain.pem cert.pem; do
+    lxc-attach -n c_proxy -- cat /etc/letsencrypt/live/$i/$j > ./ssl_certs/$i/$j
+  done
+done