add own

2018-05-07 22:25:38 +02:00 · 2018-05-07 22:25:38 +02:00 · d9d135f1a6
commit d9d135f1a6
parent b27bd38080
5 changed files with 111 additions and 0 deletions
--- a/own/site_add
+++ b/own/site_add
@ -0,0 +1,61 @@
+#!/bin/bash
+if [ "$1" == "--help" ]; then
+  echo './site_add domain [<protokoll>://]<host>[:port]'
+else
+
+  domain=$1
+  aim=$2
+
+  if [[ $aim =~ :// ]]; then
+    aim_ip=`echo ${aim//\//} | cut -d ":" -f 2`
+    aim_port=`echo ${aim//\//} | cut -d ":" -f 3`
+  else
+    aim_ip=`echo $aim | cut -d ":" -f 1`
+    aim_port=`echo $aim | cut -d ":" -f 2`
+  fi
+
+  ## check domain is corect to server-ip:
+  # dig $domain | grep "A" | grep "$domain". | grep
+  #
+  # ...
+  #
+  ##
+
+  ## check if aim_ip can be pinged if not : msg.warning: no ping
+  #
+  # ...
+  #
+  ##
+
+  echo "Start Domain=$domain AIM_IP=$aim_ip AIM_Port=$aim_port "
+
+  # if config for domain exist
+  lxc-attach -n c_proxy -- [ -f /etc/nginx/sites-enabled/"$domain"_ssl ] && {
+
+    #update certs
+    /srv/services/proxy/ssl_update
+    # del conf
+    lxc-attach -n c_proxy -- rm /etc/nginx/sites-enabled/"$domain"_ssl
+
+  }
+
+  # if config for domain NOT exist AND not cert exist
+  lxc-attach -n c_proxy -- [ -f /etc/nginx/sites-enabled/"$domain"_ssl ] || [ -f /srv/services/proxy/ssl_confs/"$domain".conf ] || {
+    /srv/services/proxy/ssl_add-domain $domain
+  }
+
+  # cp template
+  lxc-attach -n c_proxy -- cp /etc/nginx/sites-available/muster.https /etc/nginx/sites-enabled/"$domain"_ssl
+  # setup config
+  lxc-attach -n c_proxy -- sed -i "s|###DNS-Name###|${domain}|g" /etc/nginx/sites-enabled/"$domain"_ssl
+  lxc-attach -n c_proxy -- sed -i "s|###AIM###|${aim}|g" /etc/nginx/sites-enabled/"$domain"_ssl
+
+  #del all entrys in host for domain
+  #> http://ccm.net/faq/1451-delete-lines-from-a-file-using-sed
+  #add entry for domain
+  #> http://ccm.net/faq/1451-delete-lines-from-a-file-using-sed
+  #sync hosts
+  lxc-attach -n c_proxy -- cat /etc/hosts > /etc/hosts
+
+fi
+lxc-attach -n c_proxy -- /etc/init.d/nginx restart
--- a/own/site_del
+++ b/own/site_del
@ -0,0 +1,6 @@
+#/bin/bash
+
+# del link
+# del conf
+#/ssl_domain_del
+echo "in work..."
--- a/own/ssl_add-domain
+++ b/own/ssl_add-domain
@ -0,0 +1,21 @@
+#!/bin/bash
+
+domains=$1
+
+lxc-attach -n c_proxy -- /etc/init.d/nginx stop
+
+for i in `echo $domains | tr ";" " "`; do
+  lxc-attach -n c_proxy --  [ -d /etc/letsencrypt/live/$i/ ] && lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/live/$i/
+  lxc-attach -n c_proxy --  [ -d /etc/letsencrypt/archive/$i/ ] && lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/archive/$i/
+done
+
+lxc-attach -n c_proxy -- /opt/letsencrypt/letsencrypt-auto certonly -d $domains --standalone
+
+lxc-attach -n c_proxy -- /etc/init.d/nginx start
+
+for i in `echo $domains | tr ";" " "`; do
+  mkdir -p ./ssl_certs/$i
+  for j in privkey.pem fullchain.pem chain.pem cert.pem; do
+    lxc-attach -n c_proxy -- cat /etc/letsencrypt/live/$i/$j > ./ssl_certs/$i/$j
+  done
+done
--- a/own/ssl_del-domain
+++ b/own/ssl_del-domain
@ -0,0 +1,11 @@
+#!/bin/bash
+
+domain=$1
+
+[ -f ./ssl_confs/"$domain".conf ] || { echo not found; exit 1; }
+
+rm ./ssl_confs/"$domain".conf
+lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/live/"$domain"/
+lxc-attach -n c_proxy -- rm -R /etc/letsencrypt/archive/"$domain"/
+
+rm ./nginx/sites-enabled/"$domain"*
--- a/own/ssl_update
+++ b/own/ssl_update
@ -0,0 +1,12 @@
+#!/bin/bash
+
+#renew certs
+lxc-attach -n c_proxy -- /opt/renewssl.sh
+
+#copy certs
+for i in `lxc-attach -n c_proxy -- ls /etc/letsencrypt/live/ |  tail -n +2`; do
+  mkdir -p ./ssl_certs/$i
+  for j in privkey.pem fullchain.pem chain.pem cert.pem; do
+    lxc-attach -n c_proxy -- cat /etc/letsencrypt/live/$i/$j > ./ssl_certs/$i/$j
+  done
+done