diff --git a/scripts/check_proxy_state.sh b/scripts/check_proxy_state.sh index b7c275d..e707839 100755 --- a/scripts/check_proxy_state.sh +++ b/scripts/check_proxy_state.sh @@ -7,8 +7,14 @@ RESTART_COUNTER=0 REGISTRY_URL=$DOCKER_REGISTRY_URL # Set env variables -DOMAIN="$1" +FILENAME="$1" DOMAIN_DIR=$DOMAIN_DIR +if [ -f $DOMAIN_DIR"/"$FILENAME ]; then + DOMAIN=$(jq -r .DOMAIN $DOMAIN_DIR"/"$FILENAME) +else + # in case of CERT_DIR + DOMAIN=$FILENAME +fi; PROXY_SERVICE_FILE=$PROXY_SERVICE_FILE ROLE=$ROLE SERVICE_NAME=$SERVICE_NAME @@ -23,8 +29,49 @@ else SETUP="setup"; DOCKER_REGISTRY_URL=""; fi +# SPECIAL MOUNTS CHEKING + +DNS_DIR=$DNS_DIR +if [ "$DNS_DIR" == "" ] ; then + DNS_DIR="/etc/system/data/dns"; +else + DNS="--env DNS_DIR=$DNS_DIR"; + DNS_PATH="--volume $DNS_DIR:/etc/dns:rw"; +fi + +USER_INIT_PATH=$USER_INIT_PATH + +if [ "$USER_INIT_PATH" == "" ]; then + USER_INIT_PATH=/etc/user/config; +else + USER_ENV="--env $USER_INIT_PATH=/etc/user/config"; + USER_PATH="--volume $USER_INIT_PATH:/etc/user/config:ro"; +fi + +# Setting service files path + +SERVICE_FILES=$SERVICE_FILES + +if [ "$SERVICE_FILES" == "" ]; then + SERVICE_FILES=/etc/user/config/services +fi + +CA_PATH=$CA_PATH +if [ "$CA_PATH" == "" ]; then + CA_PATH=/etc/ssl/certs; +else + CA="--env CA_PATH=$CA_PATH"; + CA_FILE="--volume $CA_PATH:$CA_PATH:ro"; +fi + service_exec="docker run --rm \ + $DNS $DNS_PATH \ + $CA $CA_FILE \ + $USER_ENV $USER_PATH \ + -w /services/ \ + -v $SERVICE_FILES/:/services/:ro \ + -v $SERVICE_FILES/tmp/:/services/tmp/:rw \ -w /services/ \ -v /etc/user/config/services/:/services/:ro \ -v /etc/user/config/services/tmp/:/services/tmp/:rw \ @@ -65,8 +112,6 @@ do_proxy_restart() { else echo "Reached retrying limit: "$RESTART" ,giving up, starting recocer previous state" recover_process; - - fi done fi @@ -86,7 +131,7 @@ check_domain() { recover_process() { echo "Recovering previous state"; - rm $DOMAIN_DIR/$DOMAIN; + rm $DOMAIN_DIR/$FILENAME; echo "#############################################################################" echo "######## DOMAIN ##### $DOMAIN #### DELETED ################" diff --git a/scripts/nginx_config_create.sh b/scripts/nginx_config_create.sh index 841f064..64ba7f9 100755 --- a/scripts/nginx_config_create.sh +++ b/scripts/nginx_config_create.sh @@ -4,19 +4,12 @@ GENERATE_CERTIFICATE=$GENERATE_CERTIFICATE cd /proxy_config -DOMAIN=$1 -if [ -n "$2" ]; then - echo "$DOMAIN DELETED"; - rm $DOMAIN.conf; - exit; -fi +FILENAME=$1 -DOMAIN_SOURCE=/domains/$DOMAIN -#DOMAIN_SOURCE=./domains/$DOMAIN +DOMAIN_SOURCE=/domains/$FILENAME DOMAIN_NAME=$(jq -r .DOMAIN $DOMAIN_SOURCE) HTTP_PORT=$(jq -r .HTTP_PORT $DOMAIN_SOURCE) -HTTPS_PORT=$(jq -r .HTTPS_PORT $DOMAIN_SOURCE) -LOCAL_NAME=$(jq -r .LOCAL_NAME $DOMAIN_SOURCE) +HTTPS_PORT=$(jq -r .HTTPS_PORT $DOMAIN_SOURCE); ALIASES_HTTP=$(jq -r '.ALIASES_HTTP | select(.!="null") | join(" ")' $DOMAIN_SOURCE) ALIASES_HTTPS=$(jq -r '.ALIASES_HTTPS | select(.!="null") | join(" ")' $DOMAIN_SOURCE) REDIRECT_HTTP=$(jq -r .REDIRECT_HTTP $DOMAIN_SOURCE) @@ -26,6 +19,16 @@ MAX_BODY_SIZE=$(jq -r .MAX_BODY_SIZE $DOMAIN_SOURCE) DEBUG=$(jq -r .DEBUG $DOMAIN_SOURCE) ALLOWED_NETWORK=$(jq -r '.ALLOWED_NETWORK | select(.!="null") | join(" ")' $DOMAIN_SOURCE) ALTERNATE_LOCATION_PATH=$(jq -r .ALTERNATE_LOCATION_PATH $DOMAIN_SOURCE) +LOCAL_NAME=$(jq -r .LOCAL_NAME $DOMAIN_SOURCE 2>/dev/null); +if [[ "$LOCAL_NAME" == "" || "$LOCAL_NAME" == "null" ]]; then + LOCAL_NAME=$(jq -r .LOCAL_IP $DOMAIN_SOURCE 2>/dev/null); +fi + +if [ -n "$2" ]; then + echo "$DOMAIN_NAME DELETED"; + rm $DOMAIN_NAME.conf; + exit; +fi add_alternate_location() { @@ -51,7 +54,7 @@ add_alternate_location() { ALP_LOCAL_PORT=$HTTP_PORT fi; - echo "location /$ALP_LOCAL_PATH {" + echo "location $ALP_LOCAL_PATH {" if [[ "$ALP_LOCAL_ALLOWED_NETWORK" != "" ]]; then @@ -72,7 +75,7 @@ add_alternate_location() { proxy_set_header X-Forwarded-For "'$proxy_add_x_forwarded_for'"; proxy_set_header X-Forwarded-Proto "'$scheme'"; proxy_set_header Upgrade "'$http_upgrade;'" - proxy_cookie_path /$ALP_LOCAL_PATH /$ALP_LOCAL_PATH; + proxy_cookie_path $ALP_LOCAL_PATH $ALP_LOCAL_PATH; proxy_set_header Connection "'$http_connection'"; proxy_connect_timeout 300; proxy_send_timeout 300; @@ -93,26 +96,21 @@ add_alternate_location() { # check whether certificates exist or not -if [ "$HTTPS_PORT" != "" ]; then - /scripts/check_certificates.sh "$DOMAIN"; -fi -echo "created domain name: "$DOMAIN; +echo "created domain name: "$DOMAIN_NAME; -file="/tmp/$DOMAIN.conf" +file="/tmp/$DOMAIN_NAME.conf" -#cp -a /scripts/nginx_template.conf /tmp/$DOMAIN.conf +#cp -a /scripts/nginx_template.conf /tmp/$DOMAIN_NAME.conf # if domain already exists as a config file append alternate location there -if [ -f $DOMAIN_NAME.conf ]; then - +if [ -f $DOMAIN_NAME.conf ] && [[ "$LOCAL_NAME" == "" || "$LOCAL_NAME" == "null" ]]; then { cat $DOMAIN_NAME.conf | head -n -1 add_alternate_location; echo "}" } >> "$file" - else # create new nginx config @@ -228,12 +226,12 @@ fi echo "rewrite_log on; proxy_ssl_server_name on; - ssl_dhparam /etc/ssl/keys/$DOMAIN/dhparam.pem;" + ssl_dhparam /etc/ssl/keys/$DOMAIN_NAME/dhparam.pem;" if [ "$GENERATE_CERTIFICATE" == "true" ]; then -echo "ssl_certificate /etc/ssl/keys/$DOMAIN/fullchain.pem; - ssl_certificate_key /etc/ssl/keys/$DOMAIN/key.pem;" +echo "ssl_certificate /etc/ssl/keys/$DOMAIN_NAME/fullchain.pem; + ssl_certificate_key /etc/ssl/keys/$DOMAIN_NAME/key.pem;" else echo "ssl_certificate /etc/ssl/keys/fullchain.pem; @@ -309,5 +307,8 @@ fi fi; # end of create new nginx config mv $file $DOMAIN_NAME.conf; -echo "$DOMAIN" >> new_config +echo "$DOMAIN_NAME" >> new_config +if [ "$HTTPS_PORT" != "" ]; then + /scripts/check_certificates.sh "$DOMAIN_NAME"; +fi diff --git a/scripts/scheduler.sh b/scripts/scheduler.sh index 2ab7442..96937a3 100755 --- a/scripts/scheduler.sh +++ b/scripts/scheduler.sh @@ -22,6 +22,8 @@ while read dir op file do + echo "DEBUG: $dir $file $op"; + parent="/"$(echo $dir|cut -d / -f2) if [[ "${parent}" == "${CERT_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]] ; then @@ -33,16 +35,17 @@ do /scripts/check_proxy_state.sh $DOMAIN; fi - elif [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" || "${op}" == "MOVED_TO" ]]; then - - DOMAIN=$(echo $file | jq .DOMAIN); + elif [ "${parent}" == "${DOMAIN_DIR}" ] && [[ "${op}" == "CLOSE_WRITE,CLOSE" || "${op}" == "MOVED_TO" ]]; then if [[ "${PROXY_TYPE}" == "haproxy" ]]; then - echo "haproxy config created, changed"; - /scripts/config_haproxy_create.sh $DOMAIN; + DOMAIN=$(cat $DOMAIN_DIR"/"$file | jq -r .DOMAIN); + if [ "$DOMAIN" == "$file" ]; then + echo "haproxy config created, changed"; + /scripts/config_haproxy_create.sh $file; + fi; else - echo "domain config created, changed"; - /scripts/nginx_config_create.sh "$DOMAIN"; + echo "domain config created, changed"; + /scripts/nginx_config_create.sh "$file"; fi elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]]; then @@ -55,16 +58,16 @@ elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ] fi; elif [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "DELETE" ]] ; then - DOMAIN=$(echo $file | jq .DOMAIN); - echo "domain deleted"; + + echo "domain file: $file deleted"; if [[ "${PROXY_TYPE}" == "haproxy" ]]; then echo "haproxy config deleted"; - /scripts/config_haproxy_create.sh; - - elif [ ! -f "$DOMAIN_DIR/$DOMAIN" ]; then - /scripts/nginx_config_create.sh "$DOMAIN" "DEL"; - /scripts/check_proxy_state.sh "$DOMAIN" "DEL"; + /scripts/config_haproxy_create.sh; + + elif [ ! -f "$DOMAIN_DIR/$file" ]; then + /scripts/nginx_config_create.sh "$file" "DEL"; + /scripts/check_proxy_state.sh "$file" "DEL"; fi fi