tool creating nginx proxy with local port, then it could be ipfs p2p teleported
This commit is contained in:
parent
5c3a7c17b7
commit
83f5d36a00
|
@ -0,0 +1,11 @@
|
|||
# Create custom Nginx reverse proxy easily
|
||||
|
||||
Create a reverse proxy for domain tata.toto.com go to port 80 of device 192.168.1.27, with auto-https and 443 redirection:
|
||||
`./nvh.sh tata.toto.com 192.168.1.27 80 ssl=1`
|
||||
|
||||
Create a reverse proxy for my service on localhost on port 10010, no https:
|
||||
`./nvh.sh mylocalservice.fr 127.0.0.1 10010`
|
||||
|
||||
TODO: Add option to configure a webserver, and option for php-fpm7.4 server
|
||||
|
||||
enjoy
|
|
@ -0,0 +1,99 @@
|
|||
#/bin/bash
|
||||
|
||||
red=`tput setaf 1`
|
||||
green=`tput setaf 2`
|
||||
yellow=`tput setaf 3`
|
||||
bold=`tput bold`
|
||||
blue=`tput setaf 4`
|
||||
reset=`tput sgr0`
|
||||
|
||||
MY_PATH="`dirname \"$0\"`" # relative
|
||||
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
|
||||
|
||||
sslRedir="$MY_PATH/ssl-bloc-redirect.txt"
|
||||
tplVHost="$MY_PATH/templates/vhost.txt"
|
||||
|
||||
###
|
||||
# Get Arguments
|
||||
###
|
||||
args="$@"
|
||||
domain="$1"
|
||||
ip="$2"
|
||||
port="$3"
|
||||
|
||||
parseArgs(){
|
||||
i=0
|
||||
for cmd in $args; do
|
||||
arg[$i]=$cmd
|
||||
[[ ${arg[$i]} =~ "domain=" ]] && domain=$(echo ${arg[$i]} | grep "\<domain=" | awk -F '=' '{ print $2 }')
|
||||
[[ ${arg[$i]} =~ "ip=" ]] && ip=$(echo ${arg[$i]} | grep "\<ip=" | awk -F '=' '{ print $2 }')
|
||||
[[ ${arg[$i]} =~ "port=" ]] && port=$(echo ${arg[$i]} | grep "\<port=" | awk -F '=' '{ print $2 }')
|
||||
[[ ${arg[$i]} =~ "ssl=" ]] && ssl=$(echo ${arg[$i]} | grep "\<ssl=" | awk -F '=' '{ print $2 }')
|
||||
((i++))
|
||||
done
|
||||
}
|
||||
parseArgs
|
||||
|
||||
newVHost="/etc/nginx/conf.d/$domain.conf"
|
||||
|
||||
[[ $ip == "local" ]] && ip="127.0.0.1"
|
||||
|
||||
addSSL(){
|
||||
echo "${yellow}Création du certificat SSL pour $domain...${reset}"
|
||||
sudo /usr/bin/certbot --nginx certonly -d $domain && echo "${green}Le certificat de $domain a bien été déployé${reset}" || echo "${red}Une erreur s'est produite lors de la création du certificat SSL${reset}"
|
||||
|
||||
sudo sed -i -e 's/listen 80;/listen 443 ssl;/' $newVHost
|
||||
sudo sed -i -e '/includes\/errors.conf/i \\ listen [::]:443 ssl;\n include includes/ssl.conf;' $newVHost
|
||||
sudo sed -i -e '/error_log/i \\ ssl_certificate /etc/letsencrypt/live/$domain/fullchain.pem;\n ssl_certificate_key /etc/letsencrypt/live/$domain/privkey.pem;\n' $newVHost
|
||||
sudo cat $sslRedir | sudo tee -a $newVHost > /dev/null
|
||||
sudo sed -i -e 's/$domain/'"$domain"'/g' $newVHost
|
||||
}
|
||||
|
||||
if [[ -e $newVHost ]]; then
|
||||
echo "${yellow}Le virtualhost existe déjà${reset}"
|
||||
if [[ -z $(grep "ssl_certificate_key" $newVHost) ]]; then
|
||||
echo "Certificat SSL non présent"
|
||||
if [[ $ssl =~ ^(1|true|oui)$ ]]; then
|
||||
echo "Installation du certificat SSL ..."
|
||||
addSSL
|
||||
sudo service nginx reload && echo "${green}Le domaine $domain à bien été créé et configuré =)${reset}" || echo "${red}Impossible de recharger nginx${reset}"
|
||||
exit 0
|
||||
else
|
||||
echo "${yellow}Aucune action n'a été effectué${reset}"
|
||||
exit 0
|
||||
fi
|
||||
else
|
||||
echo "${yellow}Le SSL est déjà configuré sur le VHost${reset}"
|
||||
exit 0
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
create_vhost(){
|
||||
echo "${yellow}Génération du nouveau VirtualHost...${reset}"
|
||||
sudo cp $tplVHost $newVHost
|
||||
sudo sed -i -e 's/$_DOMAIN/'"$domain"'/g' $newVHost
|
||||
sudo sed -i -e 's/$_IP/'"$ip"'/g' $newVHost
|
||||
sudo sed -i -e 's/$_PORT/'"$port"'/g' $newVHost
|
||||
if [[ $ssl =~ ^(1|true|oui)$ ]]; then
|
||||
printf "${yellow}Configuration SSL du VHost...${reset}"
|
||||
addSSL && echo "${green}OK${reset}" || echo "${red}KO${reset}"
|
||||
else
|
||||
echo "${yellow}Aucune configuration SSL ne sera effectué.${reset}"
|
||||
fi
|
||||
sudo service nginx reload && echo "${green}Le domaine $domain à bien été créé et configuré =)${reset}" || echo "${red}Impossible de recharger nginx${reset}"
|
||||
}
|
||||
|
||||
echo "Nous allons créer le domaine ${blue}$domain ${reset}qui sera lié au port ${blue}$port ${reset}de l'IP ${blue}$ip.${reset}"
|
||||
if [[ $p2vmProvided != 1 ]]; then
|
||||
read -p "${bold}Confirmez-vous cette action ?${reset} (${green}y${reset} ou ${red}n${reset}) : " yn
|
||||
case $yn in
|
||||
[Yy]* ) create_vhost break;;
|
||||
[Nn]* ) echo "${red}Fermeture du script${reset}" && exit;;
|
||||
* ) echo "Merci de sélectionner yes ou no";;
|
||||
esac
|
||||
else
|
||||
create_vhost
|
||||
fi
|
||||
|
||||
exit 0
|
|
@ -0,0 +1,12 @@
|
|||
|
||||
server {
|
||||
listen 80;
|
||||
server_name $domain;
|
||||
include includes/letsencrypt.conf;
|
||||
|
||||
if ($host = $domain) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
return 404;
|
||||
}
|
|
@ -0,0 +1,23 @@
|
|||
upstream $domain {
|
||||
server 192.168.9.$ipvm:$port; #Production
|
||||
#server 192.168.9.9; #Redirection maintenance
|
||||
}
|
||||
|
||||
server {
|
||||
server_name $domain;
|
||||
listen 80;
|
||||
include includes/errors.conf;
|
||||
|
||||
location / {
|
||||
proxy_pass http://$domain;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_redirect off;
|
||||
}
|
||||
|
||||
error_log /var/log/nginx/$domain_error.log;
|
||||
access_log /var/log/nginx/$domain_access.log;
|
||||
|
||||
}
|
Loading…
Reference in New Issue