From 0bb748f2d9dfb2a8b617d4431502149f931268e8 Mon Sep 17 00:00:00 2001 From: gyurix Date: Fri, 2 Jul 2021 20:30:56 +0000 Subject: [PATCH] Major changes in mainline functions, new file cretated. --- scripts/check_certificates.sh | 20 ++-- scripts/check_proxy_state.sh | 164 +++++++++++++++++++++++++++ scripts/nginx_config_create.sh | 12 +- scripts/scheduler.sh | 196 +++++---------------------------- 4 files changed, 207 insertions(+), 185 deletions(-) create mode 100755 scripts/check_proxy_state.sh diff --git a/scripts/check_certificates.sh b/scripts/check_certificates.sh index 7e7cef9..24cbad4 100755 --- a/scripts/check_certificates.sh +++ b/scripts/check_certificates.sh @@ -5,9 +5,13 @@ LETSENCRYPT_URL=$LETSENCRYPT_URL DOMAIN_DIR=$DOMAIN_DIR DOMAIN=$1 - CERT_DIR=$CERT_DIR/$DOMAIN + DOMAIN_CERT_DIR=$CERT_DIR/$DOMAIN -service_exec="docker run --rm -v /etc/user/config/services/:/services/:ro -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker:ro registry.format.hu/setup /scripts/service-exec" +service_exec="docker run --rm \ + -v /etc/user/config/user.json:/etc/user/config/user.json:ro \ + -v /etc/user/config/services/:/services/:ro \ + -v /var/run/docker.sock:/var/run/docker.sock \ + -v /usr/bin/docker:/usr/bin/docker:ro registry.format.hu/setup /scripts/service-exec" letsencrypt_certificates() { $service_exec /services/letsencrypt.json start @@ -16,24 +20,24 @@ $service_exec /services/letsencrypt.json start create_self_signed_certificate() { # generate dhparam file -openssl dhparam -dsaparam -out $CERT_DIR/dhparam.pem 4096 +openssl dhparam -dsaparam -out $DOMAIN_CERT_DIR/dhparam.pem 4096; # generate key -openssl req -x509 -newkey rsa:4096 -keyout $CERT_DIR/key.pem -out $CERT_DIR/fullchain.pem -days 365 -sha256 -nodes -subj "/CN=$DOMAIN" +openssl req -x509 -newkey rsa:4096 -keyout $DOMAIN_CERT_DIR/key.pem -out $DOMAIN_CERT_DIR/cert.pem -days 365 -sha256 -nodes -subj "/CN=$DOMAIN"; +cp -a $DOMAIN_CERT_DIR/cert.pem $DOMAIN_CERT_DIR/fullchain.pem; } - -if [[ "$(ls $CERT_DIR)" == "" ]]; then +if [ ! -d "$DOMAIN_CERT_DIR" ]; then echo "$DOMAIN not contains certificates, creates new." - mkdir -p $CERT_DIR; + mkdir -p $DOMAIN_CERT_DIR; CURL_CHECK="curl -s -o /dev/null -w "%{http_code}" https://$LETSENCRYPT_URL"; if [[ "$(eval $CURL_CHECK)" != "200" ]] ; then create_self_signed_certificate; fi else - file="$CERT_DIR/letsencrypt" + file="$DOMAIN_CERT_DIR/letsencrypt" { echo "{ \"DOMAIN\": \"$DOMAIN\" }" } >> "$file" diff --git a/scripts/check_proxy_state.sh b/scripts/check_proxy_state.sh new file mode 100755 index 0000000..9da8063 --- /dev/null +++ b/scripts/check_proxy_state.sh @@ -0,0 +1,164 @@ +# Initial parameters +DATE=`date +%F-%H-%M-%S` +TIMEOUT=$TIMEOUT +RESTART=$RESTART +RESTART_COUNTER=0 + +# Set env variables +PROXY_SERVICE_FILE=$PROXY_SERVICE_FILE +ROLE=$ROLE +SERVICE_NAME=$SERVICE_NAME + +service_exec="docker run --rm -v /etc/user/config/services/:/services/:ro -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker:ro registry.format.hu/setup /scripts/service-exec" + +do_proxy_restart() { + + local NAMES="$1" + + for proxies in $NAMES ; do + docker stop $proxies; + sleep $TIMEOUT; + $service_exec $SERVICE_NAME.containers.$proxies start + if docker ps | grep $proxies ; then + if [ -z "$DOMAIN" ] ; then + echo "$proxies restarted successful"; + else + check_domain; + fi + else + PROXY_NAME=$proxies + for retries in $(seq 0 $((RESTART + 1))); do + if [[ $retries -le $RESTART ]] ; then + echo "Proxy "$PROXY_NAME" restarting in progress"; + docker stop $proxies; + sleep $TIMEOUT; + $service_exec $SERVICE_NAME.containers.$PROXY_NAME start + if docker ps | grep $PROXY_NAME ; then + echo "$PROXY_NAME restarted successful"; + else + echo "Restarting number is only: "$retries" so try again" + sleep $TIMEOUT; + fi + else + echo "Reached retrying limit: "$RESTART" ,giving up, starting recocer previous state" + recover_process; + fi + done + fi + done +} + +check_domain() { + echo "Checking $DOMAIN name"; + CURL_CHECK="curl -s -o /dev/null -w "%{http_code}" https://$DOMAIN"; + if [[ "$(eval $CURL_CHECK)" == "200" ]] ; then + echo "$proxies restarted successful"; + else + send_error_msg; + fi +} + +recover_process() { echo "Recovering previous state" +} + +send_error_msg () { echo "Sending error messages" +} + +check_proxy_state() { + +# Set restart counter to zero + CONTAINER_NAMES=""; + CONTAINERS_BY_ROLE=0 + RUNNING_CONTAINERS=0 + +# Check services with running containers by roles +for CONTAINER in $(jq -r --arg ROLE $ROLE '.containers[] | select(.ROLES==$ROLE)' $PROXY_SERVICE_FILE | jq -r .NAME) ; do + + CONTAINERS_BY_ROLE=$((CONTAINERS_BY_ROLE +1)) + + UP=$(docker ps | grep $CONTAINER | grep Up | wc -l) + RUNNING_CONTAINERS=$((RUNNING_CONTAINERS + UP)) + + CONTAINERS=$CONTAINERS" "$CONTAINER; + + if [[ "$UP" != 0 ]]; then + CONTAINER_NAMES=$CONTAINER_NAMES" "$CONTAINER; + fi; +done; + +# The roles numbers and the running containers numbers are equal or greater than 2 +if [[ "$RUNNING_CONTAINERS" == "$CONTAINERS_BY_ROLE" || "$RUNNING_CONTAINERS" -ge 2 ]] ; then + echo "Starting proxy restart process"; + do_proxy_restart "$CONTAINER_NAMES"; + +# In case of no running proxies found, try to start the service +elif [[ "$RUNNING_CONTAINERS" -eq 0 ]] ; then + echo "No running proxies found, starting all"; + + $service_exec /services/$SERVICE_NAME.json start; + + for proxies in $CONTAINERS ; do + + if docker ps | grep $proxies ; then + echo "$proxies started successful"; + else + echo "$proxies starting was unsuccesful" + fi + done +# In case of only one running proxy found, try to start the others of the service +elif [[ "$RUNNING_CONTAINERS" -eq 1 ]] ; then + echo "Only one running proxy found, starting all of the others"; + for proxies in $CONTAINERS ; do + if [[ $proxies != $CONTAINER_NAMES ]] ; then + echo "No running containers: "$proxies" found."; + $service_exec $SERVICE_NAME.containers.$proxies start; + if docker ps | grep $proxies ; then + echo "$proxies started successful"; + else + echo "$proxies starting was unsuccesful"; + fi + else + ONLY_RUNNING_PROXY_NAME=$proxies; + + fi + + done + + # At last need to restart the only one running proxy when the others started successful. + for CHECK_PROXIES in $CONTAINERS ; do + if [[ $CHECK_PROXIES != $ONLY_RUNNING_PROXY_NAME ]] ; then + if docker ps | grep $CHECK_PROXIES ; then + echo "Not running proxies successfuly started, let's start the only running one."; + do_proxy_restart $ONLY_RUNNING_PROXY_NAME; + else + echo "Not enough running proxies found, can't start the only running one."; + fi + fi + done + + +# sleep $TIMEOUT; +# RESTART_COUNTER=$((RESTART_COUNTER +1)) +# +# echo "RUNNING CONTAINERS: "$RUNNING_CONTAINERS; +# +# if [[ "$RESTART_COUNTER" -le "$RESTART" ]] ; then +# echo "ELSE: check proxy state"; +# check_proxy_state; +# else +# recover_process; +# fi +# for CONTAINER in `echo $CONTAINER_NAMES`; do + + +# done; + +fi + +} # end of check_proxy_state + + +# call method +check_proxy_state + + diff --git a/scripts/nginx_config_create.sh b/scripts/nginx_config_create.sh index ee2a9e8..460aded 100755 --- a/scripts/nginx_config_create.sh +++ b/scripts/nginx_config_create.sh @@ -3,11 +3,10 @@ cd /proxy_config DOMAIN=$1 -DEL=$2 -if [[ $DEL != "" ]]; then +if [ -n "$2" ]; then echo "$DOMAIN DELETED"; rm $DOMAIN.conf; - exit 0; + exit; fi DOMAIN_SOURCE=/domains/$DOMAIN @@ -24,11 +23,12 @@ ERROR_PAGE=$(jq -r .ERROR_PAGE $DOMAIN_SOURCE) # check whether certificates exist or not -if [ $HTTPS_PORT != "" ]; then +if [[ $HTTPS_PORT != "" ]]; then /scripts/check_certificates.sh "$DOMAIN"; fi -echo $DOMAIN; +echo "3"; +echo "created domain name: "$DOMAIN; file="/tmp/$DOMAIN.conf" @@ -36,7 +36,7 @@ file="/tmp/$DOMAIN.conf" { -if [ $HTTP_PORT != "" ]; then +if [[ $HTTP_PORT != "" ]]; then echo "server { listen $HTTP_PORT; server_name $DOMAIN_NAME; diff --git a/scripts/scheduler.sh b/scripts/scheduler.sh index 449615d..15b6d14 100755 --- a/scripts/scheduler.sh +++ b/scripts/scheduler.sh @@ -1,176 +1,19 @@ #!/bin/sh -service_exec="docker run --rm -v /etc/user/config/services/:/services/:ro -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker:ro registry.format.hu/setup /scripts/service-exec" # Initial parameters - DATE=`date +%F-%H-%M-%S` - TIMEOUT=$TIMEOUT - RESTART=$RESTART - RESTART_COUNTER=0 +DATE=`date +%F-%H-%M-%S` # Set env variables - - DOMAIN_DIR=$DOMAIN_DIR - CERT_DIR=$CERT_DIR - PROXY_SERVICE_FILE=$PROXY_SERVICE_FILE - PROXY_CONFIG_DIR=$PROXY_CONFIG_DIR - ROLE=$ROLE - SERVICE_NAME=$SERVICE_NAME - -do_proxy_restart() { - - local NAMES="$1" - - for proxies in $NAMES ; do - docker stop $proxies; - sleep $TIMEOUT; - $service_exec $SERVICE_NAME.containers.$proxies start - if docker ps | grep $proxies ; then - if [ -z "$DOMAIN" ] ; then - echo "$proxies restarted successful"; - else - check_domain; - fi - else - PROXY_NAME=$proxies - for retries in $(seq 0 $((RESTART + 1))); do - if [[ $retries -le $RESTART ]] ; then - echo "Proxy "$PROXY_NAME" restarting in progress"; - docker stop $proxies; - sleep $TIMEOUT; - $service_exec $SERVICE_NAME.containers.$PROXY_NAME start - if docker ps | grep $PROXY_NAME ; then - echo "$PROXY_NAME restarted successful"; - else - echo "Restarting number is only: "$retries" so try again" - sleep $TIMEOUT; - fi - else - echo "Reached retrying limit: "$RESTART" ,giving up, starting recocer previous state" - recover_process; - fi - done - fi - done -} - -check_domain() { echo "Checking $DOMAIN name"; -CURL_CHECK="curl -s -o /dev/null -w "%{http_code}" https://$DOMAIN"; -if [[ "$(eval $CURL_CHECK)" == "200" ]] ; then - echo "$proxies restarted successful"; -else - send_error_msg; -fi - -} - -recover_process() { echo "Recovering previous state" -} - -send_error_msg () { echo "Sending error messages" -} - -check_proxy_state() { -# Set restart counter to zero - - CONTAINER_NAMES=""; - CONTAINERS_BY_ROLE=0 - RUNNING_CONTAINERS=0 - -# Check services with running containers by roles -for CONTAINER in $(jq -r --arg ROLE $ROLE '.containers[] | select(.ROLES==$ROLE)' $PROXY_SERVICE_FILE | jq -r .NAME) ; do - - CONTAINERS_BY_ROLE=$((CONTAINERS_BY_ROLE +1)) - - UP=$(docker ps | grep $CONTAINER | grep Up | wc -l) - RUNNING_CONTAINERS=$((RUNNING_CONTAINERS + UP)) - - CONTAINERS=$CONTAINERS" "$CONTAINER; - - if [[ "$UP" != 0 ]]; then - CONTAINER_NAMES=$CONTAINER_NAMES" "$CONTAINER; - fi; -done; - -# The roles numbers and the running containers numbers are equal or greater than 2 -if [[ "$RUNNING_CONTAINERS" == "$CONTAINERS_BY_ROLE" || "$RUNNING_CONTAINERS" -ge 2 ]] ; then - echo "Starting proxy restart process"; - do_proxy_restart "$CONTAINER_NAMES"; - -# In case of no running proxies found, try to start the service -elif [[ "$RUNNING_CONTAINERS" -eq 0 ]] ; then - echo "No running proxies found, starting all"; - - $service_exec /services/$SERVICE_NAME.json start; - - for proxies in $CONTAINERS ; do - - if docker ps | grep $proxies ; then - echo "$proxies started successful"; - else - echo "$proxies starting was unsuccesful" - fi - done -# In case of only one running proxy found, try to start the others of the service -elif [[ "$RUNNING_CONTAINERS" -eq 1 ]] ; then - echo "Only one running proxy found, starting all of the others"; - for proxies in $CONTAINERS ; do - if [[ $proxies != $CONTAINER_NAMES ]] ; then - echo "No running containers: "$proxies" found."; - $service_exec $SERVICE_NAME.containers.$proxies start; - if docker ps | grep $proxies ; then - echo "$proxies started successful"; - else - echo "$proxies starting was unsuccesful"; - fi - else - ONLY_RUNNING_PROXY_NAME=$proxies; - - fi - - done - - # At last need to restart the only one running proxy when the others started successful. - for CHECK_PROXIES in $CONTAINERS ; do - if [[ $CHECK_PROXIES != $ONLY_RUNNING_PROXY_NAME ]] ; then - if docker ps | grep $CHECK_PROXIES ; then - echo "Not running proxies successfuly started, let's start the only running one."; - do_proxy_restart $ONLY_RUNNING_PROXY_NAME; - else - echo "Not enough running proxies found, can't start the only running one."; - fi - fi - done - - -# sleep $TIMEOUT; -# RESTART_COUNTER=$((RESTART_COUNTER +1)) -# -# echo "RUNNING CONTAINERS: "$RUNNING_CONTAINERS; -# -# if [[ "$RESTART_COUNTER" -le "$RESTART" ]] ; then -# echo "ELSE: check proxy state"; -# check_proxy_state; -# else -# recover_process; -# fi -# for CONTAINER in `echo $CONTAINER_NAMES`; do - - -# done; - -fi - - -} - - +DOMAIN_DIR=$DOMAIN_DIR +CERT_DIR=$CERT_DIR +PROXY_CONFIG_DIR=$PROXY_CONFIG_DIR # Triggers by certificate or proxy config changes unset IFS -inotifywait --exclude .sw -m -e CREATE,CLOSE_WRITE,CLOSE,DELETE -r $DOMAIN_DIR $CERT_DIR $PROXY_CONFIG_DIR | \ +inotifywait --exclude .sw -m -e CREATE,CLOSE_WRITE,DELETE -r $DOMAIN_DIR $CERT_DIR $PROXY_CONFIG_DIR | \ while read dir op file do @@ -178,16 +21,24 @@ do parent="/"$(echo $dir|cut -d / -f2) - if [[ "${parent}" == "${CERT_DIR}" && "${op}" == "CREATE,CLOSE_WRITE,CLOSE" ]]; then + if [[ "${parent}" == "${CERT_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]] ; then DOMAIN=$(echo $dir|cut -d / -f3); - echo "file: "$file; - echo "New cert created: '$DOMAIN'"; - #check_proxy_state; + if [ -f "$CERT_DIR/new_certificate" ]; then + echo "New cert created: '$DOMAIN'"; + echo "newcert check proxy"; + /scripts/check_proxy_state.sh; + fi - elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]] || \ - [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "DELETE" ]] ; then - echo "proxy config created, changed or deleted"; - check_proxy_state; + elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]]; then + echo "proxy config created, changed "; + /scripts/check_proxy_state.sh; + + elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "DELETE" ]] ; then + echo "proxy config deleted"; + FILE=$(echo $file) + if [ ! -f "$PROXY_CONFIG_DIR/$FILE" ]; then + /scripts/check_proxy_state.sh; + fi elif [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]]; then DOMAIN=$(echo $file); @@ -197,7 +48,10 @@ do elif [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "DELETE" ]] ; then DOMAIN=$(echo $file); echo "domain deleted"; - /scripts/nginx_config_create.sh "$DOMAIN" "DEL"; + if [ ! -f "$DOMAIN_DIR/$DOMAIN" ]; then + /scripts/nginx_config_create.sh "$DOMAIN" "DEL"; + fi fi + done