safebox/proxy-scheduler
7
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix

Browse Source
This commit is contained in:
Gyorgy Berenyi
2023-02-03 11:26:56 +00:00
parent b7ffad16d1
commit e9aa324cf0
3 changed files with 92 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
scripts/check_proxy_state.sh
View File

@@ -7,8 +7,14 @@ RESTART_COUNTER=0
REGISTRY_URL=$DOCKER_REGISTRY_URL REGISTRY_URL=$DOCKER_REGISTRY_URL
# Set env variables # Set env variables
DOMAIN="$1" FILENAME="$1"
DOMAIN_DIR=$DOMAIN_DIR DOMAIN_DIR=$DOMAIN_DIR
if [ -f $DOMAIN_DIR"/"$FILENAME ]; then
DOMAIN=$(jq -r .DOMAIN $DOMAIN_DIR"/"$FILENAME)
else
# in case of CERT_DIR
DOMAIN=$FILENAME
fi;
PROXY_SERVICE_FILE=$PROXY_SERVICE_FILE PROXY_SERVICE_FILE=$PROXY_SERVICE_FILE
ROLE=$ROLE ROLE=$ROLE
SERVICE_NAME=$SERVICE_NAME SERVICE_NAME=$SERVICE_NAME
@@ -23,8 +29,49 @@ else
SETUP="setup"; SETUP="setup";
DOCKER_REGISTRY_URL=""; DOCKER_REGISTRY_URL="";
fi fi
# SPECIAL MOUNTS CHEKING
DNS_DIR=$DNS_DIR
if [ "$DNS_DIR" == "" ] ; then
DNS_DIR="/etc/system/data/dns";
else
DNS="--env DNS_DIR=$DNS_DIR";
DNS_PATH="--volume $DNS_DIR:/etc/dns:rw";
fi
USER_INIT_PATH=$USER_INIT_PATH
if [ "$USER_INIT_PATH" == "" ]; then
USER_INIT_PATH=/etc/user/config;
else
USER_ENV="--env $USER_INIT_PATH=/etc/user/config";
USER_PATH="--volume $USER_INIT_PATH:/etc/user/config:ro";
fi
# Setting service files path
SERVICE_FILES=$SERVICE_FILES
if [ "$SERVICE_FILES" == "" ]; then
SERVICE_FILES=/etc/user/config/services
fi
CA_PATH=$CA_PATH
if [ "$CA_PATH" == "" ]; then
CA_PATH=/etc/ssl/certs;
else
CA="--env CA_PATH=$CA_PATH";
CA_FILE="--volume $CA_PATH:$CA_PATH:ro";
fi
service_exec="docker run --rm \ service_exec="docker run --rm \
$DNS $DNS_PATH \
$CA $CA_FILE \
$USER_ENV $USER_PATH \
-w /services/ \
-v $SERVICE_FILES/:/services/:ro \
-v $SERVICE_FILES/tmp/:/services/tmp/:rw \
-w /services/ \ -w /services/ \
-v /etc/user/config/services/:/services/:ro \ -v /etc/user/config/services/:/services/:ro \
-v /etc/user/config/services/tmp/:/services/tmp/:rw \ -v /etc/user/config/services/tmp/:/services/tmp/:rw \
@@ -65,8 +112,6 @@ do_proxy_restart() {
else else
echo "Reached retrying limit: "$RESTART" ,giving up, starting recocer previous state" echo "Reached retrying limit: "$RESTART" ,giving up, starting recocer previous state"
recover_process; recover_process;
fi fi
done done
fi fi
@@ -86,7 +131,7 @@ check_domain() {
recover_process() { recover_process() {
echo "Recovering previous state"; echo "Recovering previous state";
rm $DOMAIN_DIR/$DOMAIN; rm $DOMAIN_DIR/$FILENAME;
echo "#############################################################################" echo "#############################################################################"
echo "######## DOMAIN ##### $DOMAIN #### DELETED ################" echo "######## DOMAIN ##### $DOMAIN #### DELETED ################"

51
scripts/nginx_config_create.sh
View File

@@ -4,19 +4,12 @@ GENERATE_CERTIFICATE=$GENERATE_CERTIFICATE
cd /proxy_config cd /proxy_config
DOMAIN=$1 FILENAME=$1
if [ -n "$2" ]; then
echo "$DOMAIN DELETED";
rm $DOMAIN.conf;
exit;
fi
DOMAIN_SOURCE=/domains/$DOMAIN DOMAIN_SOURCE=/domains/$FILENAME
#DOMAIN_SOURCE=./domains/$DOMAIN
DOMAIN_NAME=$(jq -r .DOMAIN $DOMAIN_SOURCE) DOMAIN_NAME=$(jq -r .DOMAIN $DOMAIN_SOURCE)
HTTP_PORT=$(jq -r .HTTP_PORT $DOMAIN_SOURCE) HTTP_PORT=$(jq -r .HTTP_PORT $DOMAIN_SOURCE)
HTTPS_PORT=$(jq -r .HTTPS_PORT $DOMAIN_SOURCE) HTTPS_PORT=$(jq -r .HTTPS_PORT $DOMAIN_SOURCE);
LOCAL_NAME=$(jq -r .LOCAL_NAME $DOMAIN_SOURCE)
ALIASES_HTTP=$(jq -r '.ALIASES_HTTP | select(.!="null") | join(" ")' $DOMAIN_SOURCE) ALIASES_HTTP=$(jq -r '.ALIASES_HTTP | select(.!="null") | join(" ")' $DOMAIN_SOURCE)
ALIASES_HTTPS=$(jq -r '.ALIASES_HTTPS | select(.!="null") | join(" ")' $DOMAIN_SOURCE) ALIASES_HTTPS=$(jq -r '.ALIASES_HTTPS | select(.!="null") | join(" ")' $DOMAIN_SOURCE)
REDIRECT_HTTP=$(jq -r .REDIRECT_HTTP $DOMAIN_SOURCE) REDIRECT_HTTP=$(jq -r .REDIRECT_HTTP $DOMAIN_SOURCE)
@@ -26,6 +19,16 @@ MAX_BODY_SIZE=$(jq -r .MAX_BODY_SIZE $DOMAIN_SOURCE)
DEBUG=$(jq -r .DEBUG $DOMAIN_SOURCE) DEBUG=$(jq -r .DEBUG $DOMAIN_SOURCE)
ALLOWED_NETWORK=$(jq -r '.ALLOWED_NETWORK | select(.!="null") | join(" ")' $DOMAIN_SOURCE) ALLOWED_NETWORK=$(jq -r '.ALLOWED_NETWORK | select(.!="null") | join(" ")' $DOMAIN_SOURCE)
ALTERNATE_LOCATION_PATH=$(jq -r .ALTERNATE_LOCATION_PATH $DOMAIN_SOURCE) ALTERNATE_LOCATION_PATH=$(jq -r .ALTERNATE_LOCATION_PATH $DOMAIN_SOURCE)
LOCAL_NAME=$(jq -r .LOCAL_NAME $DOMAIN_SOURCE 2>/dev/null);
if [[ "$LOCAL_NAME" == "" || "$LOCAL_NAME" == "null" ]]; then
LOCAL_NAME=$(jq -r .LOCAL_IP $DOMAIN_SOURCE 2>/dev/null);
fi
if [ -n "$2" ]; then
echo "$DOMAIN_NAME DELETED";
rm $DOMAIN_NAME.conf;
exit;
fi
add_alternate_location() { add_alternate_location() {
@@ -51,7 +54,7 @@ add_alternate_location() {
ALP_LOCAL_PORT=$HTTP_PORT ALP_LOCAL_PORT=$HTTP_PORT
fi; fi;
echo "location /$ALP_LOCAL_PATH {" echo "location $ALP_LOCAL_PATH {"
if [[ "$ALP_LOCAL_ALLOWED_NETWORK" != "" ]]; then if [[ "$ALP_LOCAL_ALLOWED_NETWORK" != "" ]]; then
@@ -72,7 +75,7 @@ add_alternate_location() {
proxy_set_header X-Forwarded-For "'$proxy_add_x_forwarded_for'"; proxy_set_header X-Forwarded-For "'$proxy_add_x_forwarded_for'";
proxy_set_header X-Forwarded-Proto "'$scheme'"; proxy_set_header X-Forwarded-Proto "'$scheme'";
proxy_set_header Upgrade "'$http_upgrade;'" proxy_set_header Upgrade "'$http_upgrade;'"
proxy_cookie_path /$ALP_LOCAL_PATH /$ALP_LOCAL_PATH; proxy_cookie_path $ALP_LOCAL_PATH $ALP_LOCAL_PATH;
proxy_set_header Connection "'$http_connection'"; proxy_set_header Connection "'$http_connection'";
proxy_connect_timeout 300; proxy_connect_timeout 300;
proxy_send_timeout 300; proxy_send_timeout 300;
@@ -93,26 +96,21 @@ add_alternate_location() {
# check whether certificates exist or not # check whether certificates exist or not
if [ "$HTTPS_PORT" != "" ]; then
/scripts/check_certificates.sh "$DOMAIN";
fi
echo "created domain name: "$DOMAIN; echo "created domain name: "$DOMAIN_NAME;
file="/tmp/$DOMAIN.conf" file="/tmp/$DOMAIN_NAME.conf"
#cp -a /scripts/nginx_template.conf /tmp/$DOMAIN.conf #cp -a /scripts/nginx_template.conf /tmp/$DOMAIN_NAME.conf
# if domain already exists as a config file append alternate location there # if domain already exists as a config file append alternate location there
if [ -f $DOMAIN_NAME.conf ]; then if [ -f $DOMAIN_NAME.conf ] && [[ "$LOCAL_NAME" == "" || "$LOCAL_NAME" == "null" ]]; then
{ {
cat $DOMAIN_NAME.conf | head -n -1 cat $DOMAIN_NAME.conf | head -n -1
add_alternate_location; add_alternate_location;
echo "}" echo "}"
} >> "$file" } >> "$file"
else else
# create new nginx config # create new nginx config
@@ -228,12 +226,12 @@ fi
echo "rewrite_log on; echo "rewrite_log on;
proxy_ssl_server_name on; proxy_ssl_server_name on;
ssl_dhparam /etc/ssl/keys/$DOMAIN/dhparam.pem;" ssl_dhparam /etc/ssl/keys/$DOMAIN_NAME/dhparam.pem;"
if [ "$GENERATE_CERTIFICATE" == "true" ]; then if [ "$GENERATE_CERTIFICATE" == "true" ]; then
echo "ssl_certificate /etc/ssl/keys/$DOMAIN/fullchain.pem; echo "ssl_certificate /etc/ssl/keys/$DOMAIN_NAME/fullchain.pem;
ssl_certificate_key /etc/ssl/keys/$DOMAIN/key.pem;" ssl_certificate_key /etc/ssl/keys/$DOMAIN_NAME/key.pem;"
else else
echo "ssl_certificate /etc/ssl/keys/fullchain.pem; echo "ssl_certificate /etc/ssl/keys/fullchain.pem;
@@ -309,5 +307,8 @@ fi
fi; # end of create new nginx config fi; # end of create new nginx config
mv $file $DOMAIN_NAME.conf; mv $file $DOMAIN_NAME.conf;
echo "$DOMAIN" >> new_config echo "$DOMAIN_NAME" >> new_config
if [ "$HTTPS_PORT" != "" ]; then
/scripts/check_certificates.sh "$DOMAIN_NAME";
fi

23
scripts/scheduler.sh
View File

@@ -22,6 +22,8 @@ while read dir op file
do do
echo "DEBUG: $dir $file $op";
parent="/"$(echo $dir|cut -d / -f2) parent="/"$(echo $dir|cut -d / -f2)
if [[ "${parent}" == "${CERT_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]] ; then if [[ "${parent}" == "${CERT_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]] ; then
@@ -33,16 +35,17 @@ do
/scripts/check_proxy_state.sh $DOMAIN; /scripts/check_proxy_state.sh $DOMAIN;
fi fi
elif [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" || "${op}" == "MOVED_TO" ]]; then elif [ "${parent}" == "${DOMAIN_DIR}" ] && [[ "${op}" == "CLOSE_WRITE,CLOSE" || "${op}" == "MOVED_TO" ]]; then
DOMAIN=$(echo $file | jq .DOMAIN);
if [[ "${PROXY_TYPE}" == "haproxy" ]]; then if [[ "${PROXY_TYPE}" == "haproxy" ]]; then
DOMAIN=$(cat $DOMAIN_DIR"/"$file | jq -r .DOMAIN);
if [ "$DOMAIN" == "$file" ]; then
echo "haproxy config created, changed"; echo "haproxy config created, changed";
/scripts/config_haproxy_create.sh $DOMAIN; /scripts/config_haproxy_create.sh $file;
fi;
else else
echo "domain config created, changed"; echo "domain config created, changed";
/scripts/nginx_config_create.sh "$DOMAIN"; /scripts/nginx_config_create.sh "$file";
fi fi
elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]]; then elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]]; then
@@ -55,16 +58,16 @@ elif [[ "${parent}" == "${PROXY_CONFIG_DIR}" && "${op}" == "CLOSE_WRITE,CLOSE" ]
fi; fi;
elif [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "DELETE" ]] ; then elif [[ "${parent}" == "${DOMAIN_DIR}" && "${op}" == "DELETE" ]] ; then
DOMAIN=$(echo $file | jq .DOMAIN);
echo "domain deleted"; echo "domain file: $file deleted";
if [[ "${PROXY_TYPE}" == "haproxy" ]]; then if [[ "${PROXY_TYPE}" == "haproxy" ]]; then
echo "haproxy config deleted"; echo "haproxy config deleted";
/scripts/config_haproxy_create.sh; /scripts/config_haproxy_create.sh;
elif [ ! -f "$DOMAIN_DIR/$DOMAIN" ]; then elif [ ! -f "$DOMAIN_DIR/$file" ]; then
/scripts/nginx_config_create.sh "$DOMAIN" "DEL"; /scripts/nginx_config_create.sh "$file" "DEL";
/scripts/check_proxy_state.sh "$DOMAIN" "DEL"; /scripts/check_proxy_state.sh "$file" "DEL";
fi fi
fi fi