msb/vhost-stack
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

reworked getopts

Browse Source
This commit is contained in:
Matthew Saunders Brown 2021-10-05 11:33:24 -07:00
parent b3e918f252
commit e8570e1a82
20 changed files with 399 additions and 513 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
bin/vhost-add.sh
View File

@ -12,84 +12,64 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Add virtualhost to this server." echo "Add virtualhost to this server."
echo "" echo ""
echo "usage: $thisfilename virtualhost username [OPTIONS]" echo "usage: $thisfilename -d <domain> -u <username> [-h]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo "" echo " -d <domain> Domain name to add as a VirtualHost. www. subdomain is automatically aliased."
echo " Username must already exist. If need be run vhost-user-add.sh first." echo " -u <username> Username to install VirtualHost for. Username must already exist."
echo " If need be run vhost-user-add.sh first."
echo " Or use vhost-deploy.sh instead to automatically generate username." echo " Or use vhost-deploy.sh instead to automatically generate username."
exit
} }
# check for and set virtualhost & username vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for domain (virtualhost)
help if [[ -z $domain ]]; then
else echo "domain is required"
# virtualhost exit
if vhost::validate_domain $1; then
virtualhost="${1,,}"
else
echo "ERROR: $1 is not a valid domain name."
exit 1
fi
# username
if [ -n "$2" ]; then
if [ $2 == "-h" ]; then
help
else
username="${2,,}"
fi
else
echo "username not set"
exit 1
fi
# last check for -h
if [ -n "$3" ]; then
if [ $3 == "-h" ]; then
help
fi
fi
fi
else
help
fi fi
if [ ! -d /home/$username ]; then # check for username
if [[ -z $username ]]; then
echo "username is required"
exit
fi
if [[ ! -d /home/$username ]]; then
echo "home dir for $username does not exist" echo "home dir for $username does not exist"
exit 1 exit 1
fi fi
if [ -d /srv/www/$virtualhost ]; then if [[ -d /srv/www/$domain ]]; then
chown $username:$username /srv/www/$virtualhost chown $username:$username /srv/www/$domain
chmod 755 /srv/www/$virtualhost chmod 755 /srv/www/$domain
else else
install -d -o $username -g $username -m 755 /srv/www/$virtualhost install -d -o $username -g $username -m 755 /srv/www/$domain
fi fi
if [ -d /srv/www/$virtualhost/html ]; then if [[ -d /srv/www/$domain/html ]]; then
chown $username:$username /srv/www/$virtualhost/html chown $username:$username /srv/www/$domain/html
chmod 755 /srv/www/$virtualhost/html chmod 755 /srv/www/$domain/html
else else
install -d -o $username -g $username -m 755 /srv/www/$virtualhost/html install -d -o $username -g $username -m 755 /srv/www/$domain/html
fi fi
if [ ! -e /home/$username/$virtualhost ]; then if [[ ! -e /home/$username/$domain ]]; then
ln -s /srv/www/$virtualhost /home/$username/$virtualhost ln -s /srv/www/$domain /home/$username/$domain
chown -h $username:$username /home/$username/$virtualhost chown -h $username:$username /home/$username/$domain
fi fi
if [ -d /usr/jails/$username ]; then if [[ -d /usr/jails/$username ]]; then
if [ ! -d /usr/jails/$username/srv/www/$virtualhost ]; then if [[ ! -d /usr/jails/$username/srv/www/$domain ]]; then
install -d -o $username -g $username -m 755 /usr/jails/$username/srv/www/$virtualhost install -d -o $username -g $username -m 755 /usr/jails/$username/srv/www/$domain
mount --bind /srv/www/$virtualhost /usr/jails/$username/srv/www/$virtualhost mount --bind /srv/www/$domain /usr/jails/$username/srv/www/$domain
echo "/srv/www/$virtualhost /usr/jails/$username/srv/www/$virtualhost none bind 0 0" >> /etc/fstab.jails echo "/srv/www/$domain /usr/jails/$username/srv/www/$domain none bind 0 0" >> /etc/fstab.jails
fi fi
fi fi
# php-fpm pool # php-fpm pool
vhost::set-phpVersion vhost::set-phpVersion
if [ ! -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]; then if [[ ! -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
# create /etc/php/$phpVersion/fpm/pool.d/$username.conf # create /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "[$username]" > /etc/php/$phpVersion/fpm/pool.d/$username.conf echo "[$username]" > /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "user = $username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf echo "user = $username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
@ -103,7 +83,7 @@ if [ ! -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]; then
echo "pm = ondemand" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf echo "pm = ondemand" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "pm.max_children = 12" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf echo "pm.max_children = 12" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "pm.process_idle_timeout = 3s;" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf echo "pm.process_idle_timeout = 3s;" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -fwebmaster@$virtualhost" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf echo "php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -fwebmaster@$domain" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
# restart php$phpVersion-fpm # restart php$phpVersion-fpm
if systemctl is-active --quiet php$phpVersion-fpm ; then if systemctl is-active --quiet php$phpVersion-fpm ; then
if /usr/sbin/php-fpm$phpVersion -t >/dev/null 2>&1 ; then if /usr/sbin/php-fpm$phpVersion -t >/dev/null 2>&1 ; then
@ -115,4 +95,4 @@ if [ ! -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]; then
fi fi
# create & enable apache config # create & enable apache config
/usr/local/bin/vhost-enable.sh VHostHTTP $virtualhost /usr/local/bin/vhost-enable.sh VHostHTTP $domain

60
bin/vhost-del.sh
View File

@ -12,76 +12,74 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Removes virtualhost from server." echo "Removes virtualhost from server."
echo "" echo ""
echo "usage: $thisfilename virtualhost [OPTIONS]" echo "usage: $thisfilename -d <domain> [-h]"
echo "" echo ""
echo " -d <domain> Domain name of VirtualHost to remove."
echo " -h Print this help." echo " -h Print this help."
exit exit
} }
# check for and set virtualhost vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for domain (virtualhost)
help if [[ -z $domain ]]; then
else echo "domain is required"
virtualhost="${1,,}" exit
fi
else
help
fi fi
# remove virtualhost dir # check for virtualhost dir
if [ ! -d /srv/www/$virtualhost ]; then if [[ ! -d /srv/www/$domain ]]; then
echo "virtualhost dir does not exist" echo "virtualhost dir does not exist"
exit 1 exit 1
fi fi
username=$(stat -c '%U' /srv/www/$virtualhost) username=$(stat -c '%U' /srv/www/$domain)
# disable the apache conf and reload apache # disable the apache conf and reload apache
if [ -h /etc/apache2/sites-enabled/$virtualhost.conf ]; then if [[ -h /etc/apache2/sites-enabled/$domain.conf ]]; then
a2dissite --quiet $virtualhost a2dissite --quiet $domain
systemctl --quiet is-active apache2 && systemctl --quiet reload apache2 systemctl --quiet is-active apache2 && systemctl --quiet reload apache2
fi fi
# remove the apache config # remove the apache config
if [ -f /etc/apache2/sites-available/$virtualhost.conf ]; then if [[ -f /etc/apache2/sites-available/$domain.conf ]]; then
rm /etc/apache2/sites-available/$virtualhost.conf rm /etc/apache2/sites-available/$domain.conf
fi fi
# remove varnish config # remove varnish config
if [ -f /etc/varnish/sites.d/$virtualhost.vcl ]; then if [[ -f /etc/varnish/sites.d/$domain.vcl ]]; then
rm /etc/varnish/sites.d/$virtualhost.vcl rm /etc/varnish/sites.d/$domain.vcl
/usr/local/bin/vhost-varnish-update-sites.sh /usr/local/bin/vhost-varnish-update-sites.sh
# don't bother to restart varnish as it will clear cache unnecessarily # don't bother to restart varnish as it will clear cache unnecessarily
fi fi
# if virtualhost is mounted in a jail, unmount it # if virtualhost is mounted in a jail, unmount it
if grep -q "^/dev/sda /usr/jails/$username/srv/www/$virtualhost " /etc/mtab; then if grep -q "^/dev/sda /usr/jails/$username/srv/www/$domain " /etc/mtab; then
umount /usr/jails/$username/srv/www/$virtualhost umount /usr/jails/$username/srv/www/$domain
fi fi
# if virtualhost mount in fstab.jails exists remove it # if virtualhost mount in fstab.jails exists remove it
if grep -q "/usr/jails/$username/srv/www/$virtualhost" /etc/fstab.jails; then if grep -q "/usr/jails/$username/srv/www/$domain" /etc/fstab.jails; then
sed -i "\|/usr/jails/$username/srv/www/$virtualhost|d" /etc/fstab.jails sed -i "\|/usr/jails/$username/srv/www/$domain|d" /etc/fstab.jails
fi fi
# if virtualhost symlink exists in jail remove it # if virtualhost symlink exists in jail remove it
if [ -h /usr/jails/$username/home/$username/$virtualhost ]; then if [[ -h /usr/jails/$username/home/$username/$domain ]]; then
unlink /usr/jails/$username/home/$username/$virtualhost unlink /usr/jails/$username/home/$username/$domain
fi fi
# if virtualhost symlink exists in home dir remove it # if virtualhost symlink exists in home dir remove it
if [ -h /home/$username/$virtualhost ]; then if [[ -h /home/$username/$domain ]]; then
unlink /home/$username/$virtualhost unlink /home/$username/$domain
fi fi
# if virtualhost dir exists in jail remove it # if virtualhost dir exists in jail remove it
if [ -d /usr/jails/$username/srv/www/$virtualhost ]; then if [[ -d /usr/jails/$username/srv/www/$domain ]]; then
rm -r /usr/jails/$username/srv/www/$virtualhost rm -r /usr/jails/$username/srv/www/$domain
fi fi
# remove virtualhost dir # remove virtualhost dir
if [ -d /srv/www/$virtualhost ]; then if [[ -d /srv/www/$domain ]]; then
rm -r /srv/www/$virtualhost rm -r /srv/www/$domain
fi fi

87
bin/vhost-deploy.sh
View File

@ -12,97 +12,60 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Add virtualhost to this server, including shell user and MySQL database." echo "Add virtualhost to this server, including shell user and MySQL database."
echo "" echo ""
echo "usage: $thisfilename virtualhost [OPTIONS]" echo "usage: $thisfilename -d <domain> [OPTIONS]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -u USERNAME Username to use for this virtualhost. Optional, defaults to first 8 alphanumeric characters of virtualhost." echo " -d <domain> Domain name of VirtualHost to remove."
echo " -p PASSWORD Password for username. Optional, random password generated if none specified." echo " -u <username> Username to use for this virtualhost. Optional, defaults to first 8 alphanumeric characters of virtualhost."
echo " -p <password> Password for username. Optional, random password generated if none specified."
echo " -j Whether or not to jail the user. Optional, default is to not jail user." echo " -j Whether or not to jail the user. Optional, default is to not jail user."
exit exit
} }
# check for and set virtualhost vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for domain (virtualhost)
help if [[ -z $domain ]]; then
elif vhost::validate_domain $1; then echo "domain is required"
virtualhost="${1,,}" exit
shift
else
echo "ERROR: Invalid virtualhost: $1"
exit 1
fi
else
help
fi fi
while getopts "hu:p:j" opt; do if [[ -d /srv/www/$domain ]] || [[ -f /etc/apache2/sites-available/$domain.conf ]]; then
case "${opt}" in echo "virtualhost for $domain already installed"
h )
help
exit;;
u )
username=${OPTARG}
;;
p )
password=${OPTARG}
;;
j )
jail=true
;;
\? )
echo "Invalid option: $OPTARG"
exit 1
;;
: )
echo "Invalid option: $OPTARG requires an argument"
exit 1
;;
esac
done
# check virtualhost
if [ ! -n "$virtualhost" ]; then
echo "virtualhost not set"
exit 1
fi
if [ -d /srv/www/$virtualhost ] || [ -f /etc/apache2/sites-available/$virtualhost.conf ]; then
echo "virtualhost for $virtualhost already installed"
exit 1 exit 1
fi fi
# check for and set username # check for and set username
if [ ! -n "$username" ]; then if [[ -z "$username" ]]; then
username=`echo $virtualhost | sed 's|\.||'` username=`echo $domain | sed 's|\.||'`
username=`echo ${username:0:8}` username=`echo ${username:0:8}`
if grep -q "^$username:" /etc/passwd; then if grep -q "^$username:" /etc/passwd; then
# username already exists, try another # username already exists, try another
username=`echo $virtualhost | sed 's|\.||'` username=`echo $domain | sed 's|\.||'`
username=`echo ${username:0:7}` username=`echo ${username:0:7}`
if grep -q "^$username:" /etc/passwd; then if grep -q "^$username:" /etc/passwd; then
# username already exists, try another # username already exists, try another
username=`echo $virtualhost | sed 's|\.||'` username=`echo $domain | sed 's|\.||'`
username=`echo ${username:0:6}` username=`echo ${username:0:6}`
if grep -q "^$username:" /etc/passwd; then if grep -q "^$username:" /etc/passwd; then
# username already exists, try another # username already exists, try another
username=`echo $virtualhost | sed 's|\.||'` username=`echo $domain | sed 's|\.||'`
username=`echo ${username:0:5}` username=`echo ${username:0:5}`
if grep -q "^$username:" /etc/passwd; then if grep -q "^$username:" /etc/passwd; then
# username already exists, try another # username already exists, try another
username=`echo $virtualhost | sed 's|\.||'` username=`echo $domain | sed 's|\.||'`
username=`echo ${username:0:9}` username=`echo ${username:0:9}`
if grep -q "^$username:" /etc/passwd; then if grep -q "^$username:" /etc/passwd; then
# username already exists, try another # username already exists, try another
username=`echo $virtualhost | sed 's|\.||'` username=`echo $domain | sed 's|\.||'`
username=`echo ${username:0:10}` username=`echo ${username:0:10}`
if grep -q "^$username:" /etc/passwd; then if grep -q "^$username:" /etc/passwd; then
# username already exists, try another # username already exists, try another
username=`echo $virtualhost | sed 's|\.||'` username=`echo $domain | sed 's|\.||'`
username=`echo ${username:0:11}` username=`echo ${username:0:11}`
if grep -q "^$username:" /etc/passwd; then if grep -q "^$username:" /etc/passwd; then
# username already exists, try another # username already exists, try another
username=`echo $virtualhost | sed 's|\.||'` username=`echo $domain | sed 's|\.||'`
username=`echo ${username:0:12}` username=`echo ${username:0:12}`
if grep -q "^$username:" /etc/passwd; then if grep -q "^$username:" /etc/passwd; then
echo "trouble setting unique username, specify '-u USERNAME' to use an existing username" echo "trouble setting unique username, specify '-u USERNAME' to use an existing username"
@ -119,19 +82,19 @@ fi
if ! grep -q "^$username:" /etc/passwd; then if ! grep -q "^$username:" /etc/passwd; then
# check for and set password # check for and set password
if [ ! -n "$password" ]; then if [[ -z "$password" ]]; then
password=`/usr/bin/pwgen 12 1` password=`/usr/bin/pwgen 12 1`
fi fi
# add user # add user
/usr/local/bin/vhost-user-add.sh $username -p "$password" /usr/local/bin/vhost-user-add.sh $username -p "$password"
# if jail option is set then jail user # if jail option is set then jail user
if [[ $jail = true ]]; then if [[ -n $jail ]]; then
/usr/local/bin/vhost-user-jail.sh $username > /dev/null 2>&1 /usr/local/bin/vhost-user-jail.sh $username > /dev/null 2>&1
fi fi
fi fi
# add virtualhost # add virtualhost
/usr/local/bin/vhost-add.sh $virtualhost $username > /dev/null 2>&1 /usr/local/bin/vhost-add.sh $domain $username > /dev/null 2>&1
# add mysql database # add mysql database
/usr/local/bin/vhost-mysql-db-add.sh $virtualhost > /dev/null 2>&1 /usr/local/bin/vhost-mysql-db-add.sh $domain > /dev/null 2>&1

37
bin/vhost-destroy.sh
View File

@ -12,40 +12,41 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Remove virtualhost and associated user & database & db user from this server." echo "Remove virtualhost and associated user & database & db user from this server."
echo "" echo ""
echo "usage: $thisfilename virtualhost" echo "usage: $thisfilename -d <domain>"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -d <domain> Domain name of VirtualHost to remove."
exit exit
} }
# check for and set virtualhost vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for domain (virtualhost)
help if [[ -z $domain ]]; then
elif [ ! -d /srv/www/$1 ]; then echo "domain is required"
exit
fi
# check that virtualhost dir exists
if [[ ! -d /srv/www/$domain ]]; then
echo "virtualhost dir does not exist" echo "virtualhost dir does not exist"
exit 1 exit 1
else
virtualhost="${1,,}"
fi
else
help
fi fi
# check for database and delete if it exists # check for database and delete if it exists
database=${virtualhost//./dot} database=${domain//./dot}
database=${database//-/dash} database=${database//-/dash}
if [ -d /var/lib/mysql/$database ]; then if [[ -d /var/lib/mysql/$database ]]; then
/usr/local/bin/vhost-mysql-db-del.sh $virtualhost /usr/local/bin/vhost-mysql-db-del.sh $domain
fi fi
# get & set username for this virtualhost # get & set username for this virtualhost
username=$(stat -c '%U' /srv/www/$virtualhost) username=$(stat -c '%U' /srv/www/$domain)
# check for a delete varnish config # check for a delete varnish config
# del virtualhost files & configs # del virtualhost files & configs
/usr/local/bin/vhost-del.sh $virtualhost /usr/local/bin/vhost-del.sh $domain
# check for any remaining virtualhosts before deleting user # check for any remaining virtualhosts before deleting user
# same check is done in vhost-user-del.sh # same check is done in vhost-user-del.sh
@ -53,11 +54,11 @@ username=$(stat -c '%U' /srv/www/$virtualhost)
vhost::set-virtualhostArray vhost::set-virtualhostArray
for v in "${virtualhostArray[@]}" for v in "${virtualhostArray[@]}"
do do
if [ $(stat -c '%U' /srv/www/$v) = $username ]; then if [[ $(stat -c '%U' /srv/www/$v) = $username ]]; then
existingvirtualhosts=true existingvirtualhosts=true
fi fi
done done
if [ -n "$existingvirtualhosts" ]; then if [[ -n "$existingvirtualhosts" ]]; then
/usr/local/bin/vhost-user-del.sh $username /usr/local/bin/vhost-user-del.sh $username
fi fi

23
bin/vhost-disable.sh
View File

@ -12,24 +12,21 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Disable Apache config for specified virtualhost." echo "Disable Apache config for specified virtualhost."
echo "" echo ""
echo "usage: $thisfilename virtualhost" echo "usage: $thisfilename -d <domain>"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -d <domain> Domain name of VirtualHost to remove."
exit exit
} }
# check for and set virtualhost vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for domain (virtualhost)
help if [[ -z $domain ]]; then
else echo "domain is required"
virtualhost="${1,,}" exit
fi
else
echo "virtualhost not set"
exit 1
fi fi
if [[ -h /etc/apache2/sites-enabled/$virtualhost.conf ]]; then if [[ -h /etc/apache2/sites-enabled/$domain.conf ]]; then
a2dissite --quiet $virtualhost && systemctl --quiet is-active apache2 && systemctl --quiet reload apache2 a2dissite --quiet $domain && systemctl --quiet is-active apache2 && systemctl --quiet reload apache2
fi fi

140
bin/vhost-enable.sh
View File

@ -12,9 +12,12 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Enable Apache config for virtualhost." echo "Enable Apache config for virtualhost."
echo "" echo ""
echo "usage: $thisfilename macro_name vhost [subdomain|alias]" echo "usage: $thisfilename -d <domain> -m <macro> [-o <subdomain>|<alias>|<redirect_url>] [-h]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -d <domain> Domain name of VirtualHost to remove."
echo " -m <macro> Name of Apache macro to apply."
echo " -o <option> Subdomain or Alias or Redirect URL if specified macro requires one."
echo "" echo ""
echo " Available Apache Macros:" echo " Available Apache Macros:"
echo "" echo ""
@ -32,101 +35,96 @@ help()
echo " Usage examples:" echo " Usage examples:"
echo " vhost-enable.sh VHostHTTPS example.com" echo " vhost-enable.sh VHostHTTPS example.com"
echo " vhost-enable.sh VHostSubdomainHTTPS example.com staging" echo " vhost-enable.sh VHostSubdomainHTTPS example.com staging"
echo " vhost-enable.sh VHostAliasHTTPS example.com existingsite" echo " vhost-enable.sh -d example.com(exising Vhost) -m VHostAliasHTTPS -o alias(site to alias to existing vhost)"
echo " vhost-enable.sh VMailHTTPS mail.example.com" echo " vhost-enable.sh VMailHTTPS mail.example.com"
echo " vhost-enable.sh RedirectHTTPS example.com https://my.newsite.com/path/page.html" echo " vhost-enable.sh RedirectHTTPS example.com https://my.newsite.com/path/page.html"
echo "" echo ""
echo " Apache mod_macro config will look like:" echo " Apache mod_macro config will look like:"
echo ' Use VHostHTTP $vhost $username' echo ' Use VHostHTTP $domain $username'
echo ' Use VHostHTTPS $vhost $username' echo ' Use VHostHTTPS $domain $username'
echo ' Use VHostHTTPSVarnish $vhost $username' echo ' Use VHostHTTPSVarnish $domain $username'
echo ' Use VHostSubdomainHTTP $vhost $username $subdomain' echo ' Use VHostSubdomainHTTP $domain $username $subdomain'
echo ' Use VHostSubdomainHTTPS $vhost $username $subdomain' echo ' Use VHostSubdomainHTTPS $domain $username $subdomain'
echo ' Use VHostSubdomainHTTPSVarnish $vhost $username $subdomain' echo ' Use VHostSubdomainHTTPSVarnish $domain $username $subdomain'
echo ' Use VHostAliasHTTP $vhost $username $alias' echo ' Use VHostAliasHTTP $domain $username $alias'
echo ' Use VHostAliasHTTPS $vhost $username $alias' echo ' Use VHostAliasHTTPS $domain $username $alias'
echo ' Use VHostAliasHTTPSVarnish $vhost $username $alias' echo ' Use VHostAliasHTTPSVarnish $domain $username $alias'
echo ' Use VMailHTTPS $vhost' echo ' Use VMailHTTPS $domain'
echo ' Use RedirectHTTP $vhost $redirect' echo ' Use RedirectHTTP $domain $redirect'
echo ' Use RedirectHTTPS $vhost $redirect' echo ' Use RedirectHTTPS $domain $redirect'
echo '' echo ''
echo ' $username is autodetected from vhost dir ownership' echo ' $username is autodetected from vhost dir ownership'
echo " See /etc/apache2/mods-available/macro.conf for macro details." echo " See /etc/apache2/mods-available/macro.conf for macro details."
echo "" echo ""
exit
} }
macro_array=($(grep Macro /etc/apache2/mods-available/macro.conf |cut -d ' ' -f 2|grep -v Macro)) macro_array=($(grep Macro /etc/apache2/mods-available/macro.conf |cut -d ' ' -f 2|grep -v Macro))
macro_vhost_line="Use" macro_vhost_line="Use"
# check for and set macro & vhost vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for macro
help if [[ -n $macro ]]; then
else if [[ " ${macro_array[@]} " =~ " ${macro} " ]]; then
# check for and set macro macro_vhost_line="$macro_vhost_line $macro"
macro_name=$1
if [[ " ${macro_array[@]} " =~ " ${macro_name} " ]]; then
macro_vhost_line="$macro_vhost_line $macro_name"
else else
echo "invalid macro name" echo "invalid macro name"
exit 1 exit 1
fi fi
# check for and set vhost
if [ -n "$2" ]; then
vhost=$2
macro_vhost_line="$macro_vhost_line $vhost"
vhost_conf="$vhost.conf"
else
echo "vhost not set"
echo
help
fi
fi
else else
help echo "macro is required"
exit
fi
# check for domain (virtualhost)
if [[ -n $domain ]]; then
macro_vhost_line="$macro_vhost_line $domain"
vhost_conf="$domain.conf"
else
echo "domain is required"
exit
fi fi
# set username for all VHost macros # set username for all VHost macros
if [[ "$macro_name" == *"VHost"* ]]; then if [[ "$macro" == *"VHost"* ]]; then
# check for vhost dir # check for vhost dir
if [ -d "/srv/www/$vhost" ]; then if [[ -d "/srv/www/$domain" ]]; then
# get and set $username # get and set $username
username=$(stat -c '%U' /srv/www/$vhost) username=$(stat -c '%U' /srv/www/$domain)
macro_vhost_line="$macro_vhost_line $username" macro_vhost_line="$macro_vhost_line $username"
else else
echo "vhost dir for $vhost does not exist" echo "VirtualHost dir for $domain does not exist."
exit 1 exit 1
fi fi
# check for and set Subdomain # check for and set Subdomain
if [[ "$macro_name" == *"Subdomain"* ]]; then if [[ "$macro" == *"Subdomain"* ]]; then
if [ -n "$3" ]; then if [[ -n $option ]]; then
subdomain=$3 subdomain=$option
# make sure Subdomain isn't already installed # make sure Subdomain isn't already installed
if [ -d "/srv/www/$subdomain.$vhost" ]; then if [[ -d "/srv/www/$subdomain.$domain" ]]; then
echo "$subdomain.$vhost is already installed as it's own vhost" echo "$subdomain.$domain is already installed as it's own VirtualHost."
exit 1 exit 1
fi fi
if [ ! -d "/srv/www/$vhost/$subdomain" ]; then if [[ ! -d "/srv/www/$domain/$subdomain" ]]; then
echo "subdomain directory (/srv/www/$vhost/$subdomain) does not exist" echo "Subdomain directory (/srv/www/$domain/$subdomain) does not exist"
exit 1 exit 1
fi fi
macro_vhost_line="$macro_vhost_line $subdomain" macro_vhost_line="$macro_vhost_line $subdomain"
vhost_conf="$subdomain.$vhost_conf" vhost_conf="$subdomain.$domain_conf"
else else
echo "subdomain not set" echo "subdomain (-o OPTION) not set"
exit 1 exit 1
fi fi
fi fi
# check for and set Alias # check for and set Alias
if [[ "$macro_name" == *"Alias"* ]]; then if [[ "$macro" == *"Alias"* ]]; then
if [ -n "$3" ]; then if [ -n $option ]; then
alias=$option
# make sure Alias domain isn't already installed as it's own vhost # make sure Alias domain isn't already installed as it's own vhost
if [ -d "/srv/www/$vhost" ]; then if [ -d "/srv/www/$alias" ]; then
echo "$alias is already installed as it's own vhost" echo "$alias is already installed as it's own vhost"
exit 1 exit 1
else else
alias=$3
macro_vhost_line="$macro_vhost_line $alias" macro_vhost_line="$macro_vhost_line $alias"
fi fi
else else
@ -135,12 +133,12 @@ if [[ "$macro_name" == *"VHost"* ]]; then
fi fi
fi fi
# check for varnish config # check for varnish config
if [[ "$macro_name" == *"Varnish"* ]]; then if [[ "$macro" == *"Varnish"* ]]; then
varnish_host=$vhost varnish_host=$domain
if [[ "$macro_name" == *"Subdomain"* ]]; then if [[ "$macro" == *"Subdomain"* ]]; then
varnish_host="$subdomain.$varnish_host" varnish_host="$subdomain.$varnish_host"
fi fi
if [ ! -f "/etc/varnish/sites.d/$varnish_host.vcl" ]; then if [[ ! -f "/etc/varnish/sites.d/$varnish_host.vcl" ]]; then
echo "$varnish_config_file Varnish config file does not exist" echo "$varnish_config_file Varnish config file does not exist"
exit 1 exit 1
fi fi
@ -148,12 +146,12 @@ if [[ "$macro_name" == *"VHost"* ]]; then
fi fi
# check for and set redirect # check for and set redirect
if [[ "$macro_name" == *"Redirect"* ]]; then if [[ "$macro" == *"Redirect"* ]]; then
if [ -n "$3" ]; then if [[ -n $option ]]; then
redirect=$3 redirect=$option
# make sure Redirect domain isn't already installed as it's own vhost # make sure Redirect domain isn't already installed as it's own vhost
if [ -d "/srv/www/$vhost" ]; then if [[ -d "/srv/www/$domain" ]]; then
echo "$vhost is already installed as it's own vhost" echo "$domain is already installed as it's own vhost"
exit 1 exit 1
else else
macro_vhost_line="$macro_vhost_line $redirect" macro_vhost_line="$macro_vhost_line $redirect"
@ -165,23 +163,27 @@ if [[ "$macro_name" == *"Redirect"* ]]; then
fi fi
# if https check for le cert # if https check for le cert
if [[ "$macro_name" == *"HTTPS"* ]]; then if [[ "$macro" == *"HTTPS"* ]]; then
cert_host=$vhost if [[ "$macro" == *"Alias"* ]]; then
if [[ "$macro_name" == *"Subdomain"* ]]; then cert_host="$alias"
else
cert_host=$domain
if [[ "$macro" == *"Subdomain"* ]]; then
cert_host="$subdomain.$cert_host" cert_host="$subdomain.$cert_host"
fi fi
if [ ! -f "/etc/ssl/letsencrypt/$cert_host.pem" ]; then fi
if [[ ! -f "/etc/ssl/letsencrypt/$cert_host.pem" ]]; then
echo "cert file for $cert_host does not exist" echo "cert file for $cert_host does not exist"
exit 1 exit 1
fi fi
fi fi
# create / edit apache conf # create / edit apache conf
echo "$macro_vhost_line" > /etc/apache2/sites-available/$vhost_conf echo "$macro_vhost_line" > /etc/apache2/sites-available/$domain_conf
# enable apache conf # enable apache conf
if [[ ! -h /etc/apache2/sites-enabled/$vhost_conf ]]; then if [[ ! -h /etc/apache2/sites-enabled/$domain_conf ]]; then
a2ensite --quiet $vhost_conf a2ensite --quiet $domain_conf
fi fi
# restart apache # restart apache

33
bin/vhost-fix-perms.sh
View File

@ -12,45 +12,24 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Make sure all home (/home/...) and virtualhost (/srv/www/...) files are owned by correct users." echo "Make sure all home (/home/...) and virtualhost (/srv/www/...) files are owned by correct users."
echo "" echo ""
echo "usage: $thisfilename [OPTIONS]" echo "usage: $thisfilename [-n|-v] [-h]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -n dry-run - List all files that need modification, but don't actually do anything." echo " -n dry-run - List all files that need modification, but don't actually do anything."
echo " -v verbose - List all files that are being modified." echo " -v verbose - List all files that are being modified."
exit
} }
while getopts "hvn" opt; do vhost:getoptions "$@"
case "${opt}" in
h )
help
;;
v )
mode=verbose
;;
n )
mode=dry-run
;;
\? )
echo "Invalid option: $OPTARG"
exit 1
;;
: )
echo "Invalid option: $OPTARG requires an argument"
exit 1
;;
esac
done
for VHOST in /srv/www/*/; { for VHOST in /srv/www/*/; {
# get username # get username
USER=$(stat -c '%U' $VHOST) USER=$(stat -c '%U' $VHOST)
# make sure all files & dirs are owned by user # make sure all files & dirs are owned by user
if [ "$mode" = "verbose" ] || [ "$mode" = "dry-run" ]; then if [[ -n $verbose ]] || [[ -n $dryrun ]]; then
/usr/bin/find $VHOST ! -user $USER /usr/bin/find $VHOST ! -user $USER
fi fi
if [ "$mode" != "dry-run" ]; then if [[ -n $dryrun ]]; then
/usr/bin/find $VHOST ! -user $USER -exec chown $USER {} + /usr/bin/find $VHOST ! -user $USER -exec chown $USER {} +
fi fi
@ -61,10 +40,10 @@ for HOME in /home/*/; {
# get username # get username
USER=$(stat -c '%U' $HOME) USER=$(stat -c '%U' $HOME)
# make sure all files & dirs are owned by user # make sure all files & dirs are owned by user
if [ "$mode" = "verbose" ] || [ "$mode" = "dry-run" ]; then if [[ -n $verbose ]] || [[ -n $dryrun ]]; then
/usr/bin/find $HOME ! -user $USER /usr/bin/find $HOME ! -user $USER
fi fi
if [ "$mode" != "dry-run" ]; then if [[ -n $dryrun ]]; then
/usr/bin/find $HOME ! -user $USER -exec chown $USER {} + /usr/bin/find $HOME ! -user $USER -exec chown $USER {} +
fi fi

76
bin/vhost-mysql-db-add.sh
View File

@ -12,12 +12,13 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Creates default MySQL database and db user for specified virtualhost." echo "Creates default MySQL database and db user for specified virtualhost."
echo "" echo ""
echo "usage: $thisfilename virtualhost [OPTIONS]" echo "usage: $thisfilename -d <domain> [OPTIONS]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -u USERNAME Username for accessing the database. Optional, autogenerated if none specified." echo " -d <domain> Domain name of VirtualHost to remove."
echo " -p PASSWORD Password for username. Optional, random password generated if none specified." echo " -u <username> Username for accessing the database. Optional, autogenerated if none specified."
echo " -s Save db info to /home/username/.my.cnf. Warning! This inlcudes the unencrypted password." echo " -p <password> Password for username. Optional, random password generated if none specified."
echo " -w Write db info to /home/username/.my.cnf. Warning! This inlcudes the unencrypted password."
echo " -v Verbose - output newly created db info to console." echo " -v Verbose - output newly created db info to console."
echo "" echo ""
echo " MySQL database names is based on virtualhost with . replaced by the word 'dot'" echo " MySQL database names is based on virtualhost with . replaced by the word 'dot'"
@ -26,54 +27,19 @@ help()
echo " e.g. for virtualost example.com the db name will be 'exampledotcom' and the" echo " e.g. for virtualost example.com the db name will be 'exampledotcom' and the"
echo " username will be examplec@example.com." echo " username will be examplec@example.com."
echo " It is highly recommended to use either the -s or -v option if you don't use -p." echo " It is highly recommended to use either the -s or -v option if you don't use -p."
exit
} }
while getopts "hu:p:sv" opt; do vhost:getoptions "$@"
case "${opt}" in
h )
help
exit;;
u )
username=${OPTARG}
;;
p )
password=${OPTARG}
;;
s )
save=true
;;
v )
verbose=true
;;
\? )
echo "Invalid option: $OPTARG"
exit 1
;;
: )
echo "Invalid option: $OPTARG requires an argument"
exit 1
;;
esac
done
shift $((OPTIND-1)) # check for domain (virtualhost)
if [[ -z $domain ]]; then
# check for and set virtualhost echo "domain is required"
if [ -n "$1" ]; then exit
virtualhost="${1,,}"
else
echo "virtualhost not set"
exit 1
fi fi
echo "virtualhost=$virtualhost username=$username password=$password save=$save verbose=$verbose"
exit
# make sure virtualhost exists # make sure virtualhost exists
if [ ! -d /srv/www/$virtualhost ]; then if [[ ! -d /srv/www/$domain ]]; then
echo "virtualhost $virtualhost does not exist" echo "virtualhost $domain does not exist"
exit 1 exit 1
fi fi
@ -82,25 +48,21 @@ database=${virtualhost//./dot}
database=${database//-/dash} database=${database//-/dash}
# make sure database doesn't already exist # make sure database doesn't already exist
if [ -d /var/lib/mysql/$database ]; then if [[ -d /var/lib/mysql/$database ]]; then
echo "database $database already exists" echo "database $database already exists"
exit 1 exit 1
fi fi
# get & set username of virtualhost # get & set username of virtualhost
vhost_username=$(stat -c '%U' /srv/www/$virtualhost) vhost_username=$(stat -c '%U' /srv/www/$domain)
# check for and set mysql username # check for and set mysql username
if [ -n "$2" ]; then if [[ -z $username ]]; then
username=$2 username=$vhost_username@$domain
else
username=$vhost_username@$virtualhost
fi fi
# check for and set mysql password # check for and set mysql password
if [ -n "$3" ]; then if [[ -z $password ]]; then
password=$3
else
password=`/usr/bin/pwgen 16 1` password=`/usr/bin/pwgen 16 1`
fi fi
@ -110,7 +72,7 @@ mysql -e "GRANT ALL PRIVILEGES ON $database.* TO '$username'@'localhost';"
mysqladmin flush-privileges mysqladmin flush-privileges
# save mysql db info to file # save mysql db info to file
if [ -n $save ]; then if [[ -n $write ]]; then
touch /home/$vhost_username/.my.cnf touch /home/$vhost_username/.my.cnf
chown $vhost_username:$vhost_username /home/$vhost_username/.my.cnf chown $vhost_username:$vhost_username /home/$vhost_username/.my.cnf
chmod 640 /home/$vhost_username/.my.cnf chmod 640 /home/$vhost_username/.my.cnf
@ -121,6 +83,6 @@ if [ -n $save ]; then
echo "password=$password" >> /home/$vhost_username/.my.cnf echo "password=$password" >> /home/$vhost_username/.my.cnf
fi fi
if [ -n $verbose ]; then if [[ -n $verbose ]]; then
echo "database=$database user=$username password=$password" echo "database=$database user=$username password=$password"
fi fi

25
bin/vhost-mysql-db-del.sh
View File

@ -12,22 +12,19 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Remove MySQL database and default db user for the specified virtualhost." echo "Remove MySQL database and default db user for the specified virtualhost."
echo "" echo ""
echo "usage: $thisfilename virtualhost." echo "usage: $thisfilename -d <domain>"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -d <domain> Domain name of VirtualHost to MySQL db for."
exit exit
} }
# check for and set virtualhost. vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for domain (virtualhost)
help if [[ -z $domain ]]; then
else echo "domain is required"
virtualhost="${1,,}" exit
fi
else
echo "virtualhost not set"
exit 1
fi fi
# set database name # set database name
@ -38,9 +35,9 @@ database=${database//-/dash}
mysql -e "DROP DATABASE IF EXISTS $database;" mysql -e "DROP DATABASE IF EXISTS $database;"
# set default username and attempt to drop user # set default username and attempt to drop user
if [ -d /srv/www/$virtualhost ]; then if [ -d /srv/www/$domain ]; then
vhost_username=$(stat -c '%U' /srv/www/$virtualhost) vhost_username=$(stat -c '%U' /srv/www/$domain)
username=$vhost_username@$virtualhost username=$vhost_username@$domain
mysql -e "DROP USER IF EXISTS '$username'@'localhost';" mysql -e "DROP USER IF EXISTS '$username'@'localhost';"
mysqladmin flush-privileges mysqladmin flush-privileges
fi fi

56
bin/vhost-user-add.sh
View File

@ -12,67 +12,39 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Add system user to server." echo "Add system user to server."
echo "" echo ""
echo "usage: $thisfilename username [OPTIONS]" echo "usage: $thisfilename -u <domain> [-p <password> [-i <uid>] [-w] [-h]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -p PASSWORD Password for username. Optional, random password generated if none specified." echo " -u <domain> System username to add to server."
echo " -u UID Numberic User ID to assign to user. Optional, next available uid set if none specified." echo " -p <password> Password for username. Optional, random password generated if none specified."
echo " -s Save user info to /home/username/.passwd. Warning! This inlcudes the unencrypted password." echo " -i <uid> Numberic User ID to assign to user. Optional, next available uid set if none specified."
echo " -w Write user info to /home/username/.passwd. Warning! This inlcudes the unencrypted password."
exit exit
} }
# check for and set username vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for username
help if [ -z "$username" ]; then
else
username="${1,,}"
fi
else
echo "username not set" echo "username not set"
exit 1 exit 1
fi fi
while getopts "hp:su:" opt; do
case "${opt}" in
h )
help
;;
p )
password=${OPTARG}
;;
s )
save=true
;;
u )
uid=${OPTARG}
;;
\? )
echo "Invalid option: $OPTARG"
exit 1
;;
: )
echo "Invalid option: $OPTARG requires an argument"
exit 1
;;
esac
done
# generate password if none specified # generate password if none specified
if [ ! -n "$password" ]; then if [ -z "$password" ]; then
password=`/usr/bin/pwgen 12 1` password=`/usr/bin/pwgen 12 1`
fi fi
# get next UID if none specified # get next UID if none specified
if [ ! -n "$uid" ]; then if [ -z "$uid" ]; then
userid=`awk -F: '{uid[$3]=1}END{for(x=1000; x<=65534; x++) {if(uid[x] != ""){}else{print x; exit;}}}' /etc/passwd` uid=`awk -F: '{uid[$3]=1}END{for(x=1000; x<=65534; x++) {if(uid[x] != ""){}else{print x; exit;}}}' /etc/passwd`
fi fi
# user & related files are only added if they don't already exist # user & related files are only added if they don't already exist
# in this way it's safe to repeatedly try to add the same user # in this way it's safe to repeatedly try to add the same user
if ! /bin/grep -q "^$username:" /etc/passwd; then if ! /bin/grep -q "^$username:" /etc/passwd; then
newusers="$username:$password:$userid:$userid::/home/$username:/bin/bash" newusers="$username:$password:$uid:$uid::/home/$username:/bin/bash"
echo "$newusers"|newusers echo "$newusers"|newusers
pwck -s pwck -s
grpck -s grpck -s
@ -105,7 +77,7 @@ if [[ ! -f "/home/$username/.profile" ]]; then
install -o $username -g $username -m 640 /etc/skel/.profile /home/$username install -o $username -g $username -m 640 /etc/skel/.profile /home/$username
fi fi
if [ -n "$save" ]; then if [[ -n $write ]]; then
if [[ ! -f "/home/$username/.passwd" ]]; then if [[ ! -f "/home/$username/.passwd" ]]; then
touch /home/$username/.passwd touch /home/$username/.passwd
chmod 640 /home/$username/.passwd chmod 640 /home/$username/.passwd

15
bin/vhost-user-del.sh
View File

@ -12,20 +12,17 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Remove user from this server." echo "Remove user from this server."
echo "" echo ""
echo "usage: $thisfilename username" echo "usage: $thisfilename -u <username> [-h]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -u <username> System username to remove from server."
exit exit
} }
# check for and set username vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for username
help if [ -z "$username" ]; then
else
username="${1,,}"
fi
else
echo "username not set" echo "username not set"
exit 1 exit 1
fi fi

17
bin/vhost-user-jail-reset.sh
View File

@ -4,6 +4,8 @@
# https://git.stack-source.com/msb/vhost-stack # https://git.stack-source.com/msb/vhost-stack
# MIT License Copyright (c) 2021 Matthew Saunders Brown # MIT License Copyright (c) 2021 Matthew Saunders Brown
# CURRENTLY IN DEBUG MODE. ECHOS COMMANDS, DOES NOT RUN ANYTHING
# load include file # load include file
source $(dirname $0)/vhost.sh source $(dirname $0)/vhost.sh
@ -12,20 +14,17 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Rebuild jail for specified user." echo "Rebuild jail for specified user."
echo "" echo ""
echo "usage: $thisfilename username [OPTIONS]" echo "usage: $thisfilename -u <username> [-h]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -u <username> System username to reset jail for."
exit exit
} }
# check for and set username vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for username
help if [ -z "$username" ]; then
else
username="${1,,}"
fi
else
echo "username not set" echo "username not set"
exit 1 exit 1
fi fi

18
bin/vhost-user-jail.sh
View File

@ -12,20 +12,18 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Jail specified user." echo "Jail specified user."
echo "" echo ""
echo "usage: $thisfilename username" echo "usage: $thisfilename -u <username> [-h]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -u <username> System username to jail."
exit exit
} }
# check for and set username
if [ -n "$1" ]; then vhost:getoptions "$@"
if [ $1 == "-h" ]; then
help # check for username
else if [ -z "$username" ]; then
username="${1,,}"
fi
else
echo "username not set" echo "username not set"
exit 1 exit 1
fi fi
@ -40,7 +38,7 @@ if [[ ! -d /home/$username ]]; then
exit 1 exit 1
fi fi
if [[ -d "/usr/jails/$username" ]]; then if [[ -d /usr/jails/$username ]]; then
echo "/usr/jails/$username already exists" echo "/usr/jails/$username already exists"
exit 1 exit 1
fi fi

10
bin/vhost-user-jails-cp.sh
View File

@ -10,9 +10,9 @@ source $(dirname $0)/vhost.sh
help() help()
{ {
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Add file to all existing jails." echo "Add file or directory to all existing jails."
echo "" echo ""
echo "usage: $thisfilename pathtofile" echo "usage: $thisfilename <path_to_file_or_directory>"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
exit exit
@ -26,13 +26,13 @@ if [ -n "$1" ]; then
cpfile=$1 cpfile=$1
fi fi
else else
echo "file to copy in to jails not set" echo "file or directory to copy in to jails not set"
exit 1 exit 1
fi fi
# make sure file exists # make sure file exists
if [ ! -f "$cpfile" ]; then if [[ ! -f $cpfile ]] && [[ ! -d $cpfile ]]; then
echo "invalid file for copying in to jails" echo "invalid file or directory for copying in to jails"
exit 1 exit 1
fi fi

8
bin/vhost-user-jails-update.sh
View File

@ -24,13 +24,7 @@ help()
exit exit
} }
# check for -h vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then
help
exit
fi
fi
# make sure jails dir exists # make sure jails dir exists
if [[ ! -e /usr/jails/ ]]; then if [[ ! -e /usr/jails/ ]]; then

33
bin/vhost-varnish-disable.sh
View File

@ -10,34 +10,31 @@ source $(dirname $0)/vhost.sh
help() help()
{ {
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Disables Varnish config for specified virtualhost." echo "Disables Varnish config for specified domain (VirtualHost)."
echo "" echo ""
echo "usage: $thisfilename virtualhost" echo "usage: $thisfilename -d <domain> [-h]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -d <domain> Domain name (VirtualHost) to disable Varnish for."
echo "" echo ""
echo " Varnish is proxied through Apache. This disables the" echo " Varnish is proxied through Apache. This disables the"
echo " Apache proxy to Varnish and removes the varnish config." echo " Apache proxy to Varnish and removes the varnish config."
exit exit
} }
# check for and set virtualhost vhost:getoptions "$@"
if [ -n "$1" ]; then
if [ $1 == "-h" ]; then # check for domain (virtualhost)
help if [[ -z $domain ]]; then
else echo "domain is required"
virtualhost="${1,,}" exit
fi
else
echo "virtualhost not set"
exit 1
fi fi
# grab macro line from virtualhost config # grab macro line from virtualhost config
if macro_vhost_line=`grep -m 1 "Use .*" /etc/apache2/sites-available/$virtualhost.conf` ; then if macro_vhost_line=`grep -m 1 "Use .*" /etc/apache2/sites-available/$domain.conf` ; then
macro_name=`echo "$macro_vhost_line" | awk '{print $2}'` macro_name=`echo "$macro_vhost_line" | awk '{print $2}'`
else else
echo "$virtualhost is not configured with mod_macro" echo "$domain is not configured with mod_macro"
exit 1 exit 1
fi fi
@ -45,9 +42,9 @@ fi
if [[ $macro_name =~ ^.*Varnish$ ]]; then if [[ $macro_name =~ ^.*Varnish$ ]]; then
# set new macro_name # set new macro_name
macro_name=`echo $macro_name | sed -e 's|Varnish$||'` macro_name=`echo $macro_name | sed -e 's|Varnish$||'`
vhost_enable="$macro_name $virtualhost" vhost_enable="$macro_name $domain"
else else
echo "Varnish is not enabled for $virtualhost" echo "Varnish is not enabled for $domain"
exit 1 exit 1
fi fi
@ -59,8 +56,8 @@ fi
/usr/local/bin/vhost-enable.sh $vhost_enable /usr/local/bin/vhost-enable.sh $vhost_enable
if [ -f /etc/varnish/sites.d/$virtualhost ]; then if [[ -f /etc/varnish/sites.d/$domain ]]; then
rm /etc/varnish/sites.d/$virtualhost rm /etc/varnish/sites.d/$domain
/usr/local/bin/vhost-varnish-update-sites.sh $vhost_enable /usr/local/bin/vhost-varnish-update-sites.sh $vhost_enable
# uncomment to flush varnish cache # uncomment to flush varnish cache
# systemctl is-active --quiet varnish && systemctl reload --quiet varnish # systemctl is-active --quiet varnish && systemctl reload --quiet varnish

59
bin/vhost-varnish-enable.sh
View File

@ -12,60 +12,57 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Enables Varnish for specified virtualhost." echo "Enables Varnish for specified virtualhost."
echo "" echo ""
echo "usage: $thisfilename virtualhost. [OPTIONS]" echo "usage: $thisfilename -d <domain> [-h]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo " -d <domain> Domain name (VirtualHost) to enable Varnish for."
echo "" echo ""
echo " Creates Varnish config, loads it in Varnish and then" echo " Creates Varnish config, loads it in Varnish and then"
echo " enables Apache proxy to Varnish for virtualhost." echo " enables Apache proxy to Varnish for virtualhost."
exit exit
} }
# check for and set virtualhost vhost:getoptions "$@"
# check for and set username
if [ -n "$1" ]; then # check for domain (virtualhost)
if [ $1 == "-h" ]; then if [[ -z $domain ]]; then
help echo "domain is required"
else exit
virtualhost="${1,,}"
fi
else
echo "virtualhost not set"
exit 1
fi fi
# make sure virtualhost is enabled via symlink # make sure virtualhost is enabled via symlink
if [ ! -h "/etc/apache2/sites-enabled/$virtualhost.conf" ]; then if [[ ! -h "/etc/apache2/sites-enabled/$domain.conf" ]]; then
echo "virtualhost is not enabled" echo "virtualhost is not enabled"
exit 1 exit 1
fi fi
# make sure virtualhost config is in standard location # make sure virtualhost config is in standard location
if [ ! -f "/etc/apache2/sites-available/$virtualhost.conf" ]; then if [[ ! -f "/etc/apache2/sites-available/$domain.conf" ]]; then
echo "virtualhost config for $virtualhost not in /etc/apache2/sites-available/" echo "virtualhost config for $domain not in /etc/apache2/sites-available/"
exit 1 exit 1
fi fi
# grab macro line from virtualhost config # grab macro line from virtualhost config
if macro_vhost_line=`grep -m 1 "Use .*" /etc/apache2/sites-available/$virtualhost.conf` ; then if macro_vhost_line=`grep -m 1 "Use .*" /etc/apache2/sites-available/$domain.conf` ; then
macro_name=`echo "$macro_vhost_line" | awk '{print $2}'` macro_name=`echo "$macro_vhost_line" | awk '{print $2}'`
else else
echo "$virtualhost is not configured with mod_macro" echo "$domain is not configured with mod_macro"
exit 1 exit 1
fi fi
# make sure Varnish is not already enabled # make sure Varnish is not already enabled
if [[ $macro_name =~ ^.*Varnish$ ]]; then if [[ $macro_name =~ ^.*Varnish$ ]]; then
echo "Varnish already enabled for $virtualhost" echo "Varnish already enabled for $domain"
exit 1 exit 1
fi fi
# check for valid HTTPS VHost macro # check for valid HTTPS VHost macro
if [[ $macro_name =~ ^VHost[[:alpha:]]*HTTPS$ ]]; then if [[ $macro_name =~ ^VHost[[:alpha:]]*HTTPS$ ]]; then
macro_name_new="${macro_name}Varnish" macro_name_new="${macro_name}Varnish"
vhost_enable="$macro_name_new $virtualhost" vhost_enable="$macro_name_new $domain"
else else
echo "$virtualhost must be enabled with an HTTPS VHost macro" echo "$domain must be enabled with an HTTPS VHost macro"
exit 1 exit 1
fi fi
@ -83,27 +80,27 @@ if [[ "$macro_name" == *"Alias"* ]]; then
fi fi
# check for ssl cert # check for ssl cert
if [ ! -f "/etc/ssl/letsencrypt/$virtualhost.pem" ]; then if [[ ! -f "/etc/ssl/letsencrypt/$domain.pem" ]]; then
echo "$virtualhost.pem cert file does not exist" echo "$domain.pem cert file does not exist"
exit 1 exit 1
fi fi
# make sure varnish is installed # make sure varnish is installed
if [ ! -f /etc/varnish/sites.d/example.com.vcl ]; then if [[ ! -f /etc/varnish/sites.d/example.com.vcl ]]; then
echo "Varnish not installed & configured on this server" echo "Varnish not installed & configured on this server"
exit 1 exit 1
fi fi
# check for / create varnish config # check for / create varnish config
if [ ! -f "/etc/varnish/sites.d/$virtualhost.vcl" ]; then if [[ ! -f "/etc/varnish/sites.d/$domain.vcl" ]]; then
# create varnish config # create varnish config
echo "sub vcl_recv {" > /etc/varnish/sites.d/$virtualhost.vcl echo "sub vcl_recv {" > /etc/varnish/sites.d/$domain.vcl
echo " if (req.http.host == \"$virtualhost\" || req.http.host == \"www.$virtualhost\") {" >> /etc/varnish/sites.d/$virtualhost.vcl echo " if (req.http.host == \"$domain\" || req.http.host == \"www.$domain\") {" >> /etc/varnish/sites.d/$domain.vcl
echo " # Uncomment next line to bypass varnish cache" >> /etc/varnish/sites.d/$virtualhost.vcl echo " # Uncomment next line to bypass varnish cache" >> /etc/varnish/sites.d/$domain.vcl
echo " #return (pass);" >> /etc/varnish/sites.d/$virtualhost.vcl echo " #return (pass);" >> /etc/varnish/sites.d/$domain.vcl
echo " call wordpress;" >> /etc/varnish/sites.d/$virtualhost.vcl echo " call wordpress;" >> /etc/varnish/sites.d/$domain.vcl
echo " }" >> /etc/varnish/sites.d/$virtualhost.vcl echo " }" >> /etc/varnish/sites.d/$domain.vcl
echo "}" >> /etc/varnish/sites.d/$virtualhost.vcl echo "}" >> /etc/varnish/sites.d/$domain.vcl
/usr/local/bin/vhost-varnish-update-sites.sh /usr/local/bin/vhost-varnish-update-sites.sh
systemctl is-active --quiet varnish && systemctl reload --quiet varnish systemctl is-active --quiet varnish && systemctl reload --quiet varnish
fi fi

2
bin/vhost-varnish-update-sites.sh
View File

@ -12,7 +12,7 @@ help()
thisfilename=$(basename -- "$0") thisfilename=$(basename -- "$0")
echo "Makes sure all existing varnish configs are loaded." echo "Makes sure all existing varnish configs are loaded."
echo "" echo ""
echo "usage: $thisfilename" echo "usage: $thisfilename [-h]"
echo "" echo ""
echo " -h Print this help." echo " -h Print this help."
echo "" echo ""

53
bin/vhost.sh
View File

@ -37,6 +37,59 @@ function vhost::validate_domain () {
fi fi
} }
function vhost:getoptions () {
local OPTIND
while getopts "d:i:o:p:u:jhnvw" opt ; do
case "${opt}" in
h ) # display help and exit
help
exit
;;
d ) # domain name (virtualhost) to act on
domain=${OPTARG,,}
if ! vhost::validate_domain $domain; then
echo "ERROR: $domain is not a valid domain name."
exit
fi
;;
i ) # User ID (UID) for new user
uid=${OPTARG}
;;
i ) # option - usually applied to previously specified variable
# e.g. could be subdomain or alias depending on the macro defined
option=${OPTARG}
;;
p ) # password
password=${OPTARG}
;;
u ) # username
username=${OPTARG,,}
;;
j ) # jail - if enabled user will be jailed
jail=true
;;
n ) # dry-run
dryrun=true
;;
v ) # verbose
verbose=true
;;
w ) # write - store data in file
write=true
;;
\? )
echo "Invalid option: $OPTARG"
exit 1
;;
: )
echo "Invalid option: $OPTARG requires an argument"
exit 1
;;
esac
done
shift $((OPTIND-1))
}
# check for local config, which can be used to override any of the above # check for local config, which can be used to override any of the above
if [[ -f /usr/local/etc/vhost.conf ]]; then if [[ -f /usr/local/etc/vhost.conf ]]; then
source /usr/local/etc/vhost.conf source /usr/local/etc/vhost.conf

26
etc/apache2/mods-available/macro.conf
View File

@ -201,10 +201,10 @@
<Macro VHostAliasHTTP $vhost $username $alias> <Macro VHostAliasHTTP $vhost $username $alias>
<VirtualHost *:80> <VirtualHost *:80>
ServerName $vhost ServerName $alias
ServerAlias www.$vhost ServerAlias www.$alias
ServerAlias $vhost.example.com ServerAlias $alias.example.com
DocumentRoot /srv/www/$alias/html DocumentRoot /srv/www/$vhost/html
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
@ -213,10 +213,10 @@
<Macro VHostAliasHTTPS $vhost $username $alias> <Macro VHostAliasHTTPS $vhost $username $alias>
<VirtualHost *:80> <VirtualHost *:80>
ServerName $vhost ServerName $alias
ServerAlias www.$vhost ServerAlias www.$alias
ServerAlias $vhost.example.com ServerAlias $alias.example.com
DocumentRoot /srv/www/$alias/html DocumentRoot /srv/www/$vhost/html
## <Location "/"> ## <Location "/">
## <If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#"> ## <If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
## Redirect 301 "https://%{HTTP_HOST}%{REQUEST_URI}" ## Redirect 301 "https://%{HTTP_HOST}%{REQUEST_URI}"
@ -227,14 +227,14 @@
</FilesMatch> </FilesMatch>
</VirtualHost> </VirtualHost>
<VirtualHost *:443> <VirtualHost *:443>
ServerName $vhost ServerName $alias
ServerAlias www.$vhost ServerAlias www.$alias
ServerAlias $vhost.example.com ServerAlias $alias.example.com
DocumentRoot /srv/www/$alias/html DocumentRoot /srv/www/$vhost/html
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
SSLEngine on SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem SSLCertificateFile /etc/ssl/letsencrypt/$alias.pem
</VirtualHost> </VirtualHost>
</Macro> </Macro>