This commit is contained in:
6543 2018-05-07 22:25:38 +02:00
parent b27bd38080
commit d9d135f1a6
5 changed files with 111 additions and 0 deletions

61
own/site_add Executable file
View File

@ -0,0 +1,61 @@
#!/bin/bash
if [ "$1" == "--help" ]; then
echo './site_add domain [<protokoll>://]<host>[:port]'
else

domain=$1
aim=$2

if [[ $aim =~ :// ]]; then
aim_ip=`echo ${aim//\//} | cut -d ":" -f 2`
aim_port=`echo ${aim//\//} | cut -d ":" -f 3`
else
aim_ip=`echo $aim | cut -d ":" -f 1`
aim_port=`echo $aim | cut -d ":" -f 2`
fi

## check domain is corect to server-ip:
# dig $domain | grep "A" | grep "$domain". | grep
#
# ...
#
##

## check if aim_ip can be pinged if not : msg.warning: no ping
#
# ...
#
##

echo "Start Domain=$domain AIM_IP=$aim_ip AIM_Port=$aim_port "

# if config for domain exist
lxc-attach -n c_proxy -- [ -f /etc/nginx/sites-enabled/"$domain"_ssl ] && {

#update certs
/srv/services/proxy/ssl_update
# del conf
lxc-attach -n c_proxy -- rm /etc/nginx/sites-enabled/"$domain"_ssl

}

# if config for domain NOT exist AND not cert exist
lxc-attach -n c_proxy -- [ -f /etc/nginx/sites-enabled/"$domain"_ssl ] || [ -f /srv/services/proxy/ssl_confs/"$domain".conf ] || {
/srv/services/proxy/ssl_add-domain $domain
}

# cp template
lxc-attach -n c_proxy -- cp /etc/nginx/sites-available/muster.https /etc/nginx/sites-enabled/"$domain"_ssl
# setup config
lxc-attach -n c_proxy -- sed -i "s|###DNS-Name###|${domain}|g" /etc/nginx/sites-enabled/"$domain"_ssl
lxc-attach -n c_proxy -- sed -i "s|###AIM###|${aim}|g" /etc/nginx/sites-enabled/"$domain"_ssl

#del all entrys in host for domain
#> http://ccm.net/faq/1451-delete-lines-from-a-file-using-sed
#add entry for domain
#> http://ccm.net/faq/1451-delete-lines-from-a-file-using-sed
#sync hosts
lxc-attach -n c_proxy -- cat /etc/hosts > /etc/hosts

fi
lxc-attach -n c_proxy -- /etc/init.d/nginx restart

6
own/site_del Executable file
View File

@ -0,0 +1,6 @@
#/bin/bash

# del link
# del conf
#/ssl_domain_del
echo "in work..."

21
own/ssl_add-domain Executable file
View File

@ -0,0 +1,21 @@
#!/bin/bash

domains=$1

lxc-attach -n c_proxy -- /etc/init.d/nginx stop

for i in `echo $domains | tr ";" " "`; do
lxc-attach -n c_proxy -- [ -d /etc/letsencrypt/live/$i/ ] && lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/live/$i/
lxc-attach -n c_proxy -- [ -d /etc/letsencrypt/archive/$i/ ] && lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/archive/$i/
done

lxc-attach -n c_proxy -- /opt/letsencrypt/letsencrypt-auto certonly -d $domains --standalone

lxc-attach -n c_proxy -- /etc/init.d/nginx start

for i in `echo $domains | tr ";" " "`; do
mkdir -p ./ssl_certs/$i
for j in privkey.pem fullchain.pem chain.pem cert.pem; do
lxc-attach -n c_proxy -- cat /etc/letsencrypt/live/$i/$j > ./ssl_certs/$i/$j
done
done

11
own/ssl_del-domain Executable file
View File

@ -0,0 +1,11 @@
#!/bin/bash

domain=$1

[ -f ./ssl_confs/"$domain".conf ] || { echo not found; exit 1; }

rm ./ssl_confs/"$domain".conf
lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/live/"$domain"/
lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/archive/"$domain"/

rm ./nginx/sites-enabled/"$domain"*

12
own/ssl_update Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash

#renew certs
lxc-attach -n c_proxy -- /opt/renewssl.sh

#copy certs
for i in `lxc-attach -n c_proxy -- ls /etc/letsencrypt/live/ | tail -n +2`; do
mkdir -p ./ssl_certs/$i
for j in privkey.pem fullchain.pem chain.pem cert.pem; do
lxc-attach -n c_proxy -- cat /etc/letsencrypt/live/$i/$j > ./ssl_certs/$i/$j
done
done