vhost.sh 4.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153
  1. #!/bin/bash
  2. echo -e '
  3. _ _
  4. __ _| |_ ___ __| |_
  5. \ V / ` \/ _ (_-< _|
  6. \_/|_||_\___/__/\__|
  7. '
  8. echo -e "Nginx VHOST install "
  9. . bin/checkroot.sh
  10. # get the current position
  11. _cwd="$(pwd)"
  12. # check for assets forlder
  13. _assets="$_cwd/assets"
  14. if [ ! -d "$_assets" ]; then
  15. _assets="$_cwd/../assets"
  16. if [ ! -d "$_assets" ]; then
  17. echo "!! can't find assets directory !!"
  18. exit
  19. fi
  20. fi
  21. _domain=""
  22. _validated=""
  23. _drupal=""
  24. _letsencrypt=""
  25. while [ "$_domain" = "" ]
  26. do
  27. read -p "enter a domain name ? " _domain
  28. if [ "$_domain" != "" ]; then
  29. read -p "is domain $_domain correcte [y|n] " validated
  30. if [ "$validated" = "y" ]; then
  31. break
  32. else
  33. _domain=""
  34. fi
  35. fi
  36. done
  37. # ask for simple php conf or drupal conf
  38. while [ "$_drupal" != "yes" ] && [ "$_drupal" != "no" ]
  39. do
  40. echo -n "Is your site is a drupal one? [yes|no] "
  41. read _drupal
  42. done
  43. # ask for let's encrypt
  44. while [ "$_letsencrypt" != "yes" ] && [ "$_letsencrypt" != "no" ]
  45. do
  46. echo -e "Let's encrypt"
  47. echo -e "Let's encrypt needs a public registered domain name with proper DNS records ( A records or CNAME records for subdomains pointing to your server)."
  48. echo -n "Should we install let's encrypt certificate with $_domain? [yes|no] "
  49. read _letsencrypt
  50. done
  51. service nginx stop
  52. # lets'encrypt
  53. # https://certbot.eff.org/lets-encrypt/debianstretch-nginx
  54. if [ "$_letsencrypt" = "yes" ]; then
  55. apk add certbot
  56. certbot certonly --standalone -d "$_domain" --cert-name "$_domain"
  57. # TODO stop the whole process if letsencrypt faile
  58. mkdir -p /etc/nginx/ssl/certs/"$_domain"
  59. openssl dhparam -out /etc/nginx/ssl/certs/"$_domain"/dhparam.pem 2048
  60. # renewing
  61. touch /var/spool/cron/crontabs/root
  62. crontab -l > mycron
  63. echo -e "0 3 * * * certbot renew --pre-hook 'service nginx stop' --post-hook 'service nginx start' --cert-name $_domain" >> mycron
  64. crontab mycron
  65. rm -f mycron
  66. fi
  67. if [ "$_drupal" = "yes" ]; then
  68. if [ "$_letsencrypt" = "yes" ]; then
  69. _conffile="drupal-ssl.nginxconf"
  70. else
  71. _conffile="drupal.nginxconf"
  72. fi
  73. else
  74. if [ "$_letsencrypt" = "yes" ]; then
  75. _conffile="simple-phpfpm-ssl.nginxconf"
  76. else
  77. _conffile="simple-phpfpm.nginxconf"
  78. fi
  79. fi
  80. cp "$_assets/vhosts/$_conffile" /etc/nginx/conf.d/"$_domain".conf
  81. sed -i -r "s/DOMAIN\.LTD/$_domain/g" /etc/nginx/conf.d/"$_domain".conf
  82. mkdir -p /var/www/"$_domain"/app/web
  83. mkdir /var/www/"$_domain"/log
  84. cp "$_assets/vhosts/index.php" /var/www/"$_domain"/app/web/
  85. sed -i -r "s/DOMAIN\.LTD/$_domain/g" /var/www/"$_domain"/app/web/index.php
  86. #set proper right to user will handle the app
  87. chown -R www:www /var/www/"$_domain"/
  88. # chmod -R g+w /var/www/"$_domain"/
  89. # chmod -R g+r /var/www/"$_domain"/
  90. # create a shortcut to the site
  91. echo -n "Should we install a shortcut for a user? [Y|n] "
  92. read yn
  93. yn=${yn:-y}
  94. if [ "$yn" = "Y" ] || [ "$yn" = "y" ]; then
  95. # if $user var does not exists (vhost.sh ran directly) ask for it
  96. if [ -z ${user+x} ]; then
  97. while [ "$user" = "" ]
  98. do
  99. read -p "enter an existing user name ? " user
  100. if [ "$user" != "" ]; then
  101. # check if user already exists
  102. if id "$user" >/dev/null 2>&1; then
  103. read -p "is user name $user correcte [y|n] " validated
  104. if [ "$validated" = "y" ]; then
  105. break
  106. else
  107. user=""
  108. fi
  109. else
  110. echo -e "user $user doesn't exists, you must provide an existing user"
  111. user=""
  112. fi
  113. fi
  114. done
  115. fi
  116. echo -e "installing shortcut for '$user'";
  117. mkdir /home/"$user"/www/
  118. chown "$user":"$user" /home/"$user"/www/
  119. ln -s /var/www/"$_domain" /home/"$user"/www/"$_domain"
  120. chown "$user":"$user" /home/"$user"/www/"$_domain"
  121. chown -R www:"$user" /home/"$user"/www/"$_domain"/app
  122. chmod -R g+rw /home/"$user"/www/"$_domain"/app
  123. . bin/gitdeploy.sh
  124. else
  125. echo -e 'no shortcut installed'
  126. fi
  127. # activate the vhost
  128. # ln -s /etc/nginx/sites-available/"$_domain".conf /etc/nginx/sites-enabled/"$_domain".conf
  129. nginx -t
  130. # restart nginx
  131. service nginx start
  132. echo -e "vhost $_domain configured"