Adding connfig create files

2012-01-01 00:43:59 +00:00
parent 6b77774193
commit 470df579cf
3 changed files with 133 additions and 1 deletions
--- a/scripts/nginx_config_create.sh
+++ b/scripts/nginx_config_create.sh
@@ -0,0 +1,111 @@
 #!/bin/sh
 JQ="jq -r"
 DOMAIN=$DOMAIN
 DOMAIN_SOURCE=/domains/$DOMAIN.json
 DOMAIN_NAME=$(jq -r .DOMAIN $DOMAIN_SOURCE)
 HTTP_PORT=$(jq -r .HTTP_PORT $DOMAIN_SOURCE)
 HTTPS_PORT=$(jq -r .HTTPS_PORT $DOMAIN_SOURCE)
 LOCAL_IP=$(jq -r .LOCAL_IP $DOMAIN_SOURCE)
 ALIASES_HTTP=$(jq -r .ALIASES_HTTP $DOMAIN_SOURCE)
 ALIASES_HTTPS=$(jq -r .ALIASES_HTTPS $DOMAIN_SOURCE)
 REDIRECT_HTTP=$(jq -r .REDIRECT_HTTP $DOMAIN_SOURCE)
 REDIRECT_HTTPS=$(jq -r .REDIRECT_HTTPS $DOMAIN_SOURCE)
 ERROR_PAGE=$(jq -r .ERROR_PAGE $DOMAIN_SOURCE)
 cd /proxy_config
 file="$DOMAIN.conf"
 cp -a nginx_template.conf $DOMAIN.conf
 {
 if [ $HTTP_PORT != "" ]; then
 	echo "server {
 listen $HTTP_PORT;
 server_name $DOMAIN_NAME;
 rewrite_log on"
 fi
 echo
 if [[ $REDIRECT_HTTP != "" ]]; then
 	echo "return 301 http://$REDIRECT_HTTP;
 }"
 elif [[ $REDIRECT_HTTPS != "" ]]; then
 	echo "return 301 https://$REDIRECT_HTTPS;
 }"
 	else
 		if [[ $ERROR_PAGE != "" ]]; then
 		echo "error_page 404 /$ERROR_PAGE;
 location = /$ERROR_PAGE {
      root    html;
      allow   all;
      index   404.html
      rewrite ^ "'$scheme'"http://$ERROR_PAGE"'$request_uri'" permanent;
              }"
 		fi
 	echo "location / {
 proxy_pass http://$LOCAL_IP:$HTTP_PORT;
 proxy_redirect off;
 proxy_buffering off;
 proxy_set_header X-Forwarded-For "'$proxy_add_x_forwarded_for'";
 proxy_set_header Upgrade "'$http_upgrade'";
 proxy_set_header Connection "'$http_connection'";
 proxy_cookie_path / /;
 access_log off;
 }"
 fi
 if [[ $HTTPS_PORT == "" ]] ; then
 	echo "}"
 fi
 if [ $HTTPS_PORT != "" ]; then
 	echo "server {
 listen $HTTPS_PORT ssl;
 server_name $DOMAIN_NAME;
 rewrite_log on
 proxy_ssl_server_name on; 
 ssl_dhparam /etc/ssl/keys/dhparams.pem;
 ssl_certificate /etc/ssl/keys/fullchain.pem;
 ssl_certificate_key /etc/ssl/keys/key.pem;
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 ssl_prefer_server_ciphers on;
 ssl_ciphers "'"EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"'";
 # Hardening as-per https://gist.github.com/plentz/6737338
 ssl_session_cache shared:SSL:50m;
 ssl_session_timeout 5m;
 ssl_stapling on;"
 fi
 echo
 if [[ $ERROR_PAGE != "" ]]; then
 	echo "error_page 404 /$ERROR_PAGE;
 location = /$ERROR_PAGE {
      root    html;
      allow   all;
      index   404.html
      rewrite ^ "'$scheme'" http://$ERROR_PAGE"'$request_uri'" permanent;
              }"
 fi
 echo 
 echo "location / {
 proxy_pass http://$LOCAL_IP:$HTTP_PORT;
 proxy_redirect off;
 proxy_buffering off;
 proxy_set_header X-Forwarded-For "'$proxy_add_x_forwarded_for'";
 proxy_set_header Upgrade "'$http_upgrade'";
 proxy_set_header Connection "'$http_connection'";
 proxy_cookie_path / /;
 access_log off;
 } 
 }"
 } >> "$file"
--- a/scripts/nginx_template.conf
+++ b/scripts/nginx_template.conf
@@ -0,0 +1,15 @@
 daemon off;                                                                   
 worker_processes  1;                                                            
 error_log stderr debug;                                                        
 events {                                                                        
    worker_connections  1024;                                                   
 } 
 http {                                                                        
    include       mime.types;                                                 
    default_type  application/octet-stream;                                   
    access_log /dev/stdout;                                                   
    sendfile        on;                                                         
    keepalive_timeout  65;
--- a/scripts/scheduler.sh
+++ b/scripts/scheduler.sh
@@ -10,6 +10,7 @@ service_exec="docker run --rm -v /etc/user/config/services/:/services/:ro -v /va
 # Set env variables
 	DOMAIN_DIR=$DOMAIN_DIR
 	CERT_DIR=$CERT_DIR
 	PROXY_SERVICE_FILE=$PROXY_SERVICE_FILE
 	PROXY_CONFIG_DIR=$PROXY_CONFIG_DIR
@@ -165,7 +166,7 @@ fi
 unset IFS
-inotifywait --exclude .sw -m -e CREATE,CLOSE_WRITE,CLOSE,DELETE -r $CERT_DIR $PROXY_CONFIG_DIR | \
+inotifywait --exclude .sw -m -e CREATE,CLOSE_WRITE,CLOSE,DELETE -r $DOMAIN_DIR $CERT_DIR $PROXY_CONFIG_DIR | \
 while read dir op file
 do 
@@ -182,6 +183,11 @@ do
      [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "DELETE" ]] ; then
 		echo "proxy config created, changed or deleted";
 		check_proxy_state;
 elif [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]] || \
      [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "DELETE" ]] ; then
 		echo "domain config created, changed or deleted";
 		./nginx_config_create.sh;
 fi
 done