From 0758afc549cdd7ee6f535c1d4129689baf7c07af Mon Sep 17 00:00:00 2001 From: turbine Date: Sat, 10 Jan 2026 12:41:26 +0100 Subject: [PATCH] v1.1 --- autonginx | 93 --------------------------------- autonginx/README.md | 32 ++++++++++++ autonginx/autonginx | 124 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 156 insertions(+), 93 deletions(-) delete mode 100644 autonginx create mode 100644 autonginx/README.md create mode 100755 autonginx/autonginx diff --git a/autonginx b/autonginx deleted file mode 100644 index ace0a92..0000000 --- a/autonginx +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/env sh - -USAGE="usage: autonginx - -URL: url à laquelle le service sera accessible (exemple.urlab.be) -IP: adresse ip locale du service (127.0.0.1 si sur cette machine, 172.23.100.X sinon) -PORT: port utilisé par le service (entre 1 et 65535; certains ports sont déjà utilisés)" - -error() { - echo "$@" >&2 - exit 1 -} - -sanitize() { - if ! [ "$PORT" -eq "$PORT" ] 2> /dev/null; then - error "$USAGE" - fi - if [ "$PORT" -lt 1 ] || [ "$PORT" -gt 65535 ]; then - error "$USAGE" - fi - case "$URL" in - *.urlab.be) SUBDOMAIN=${URL%.urlab.be} ;; - *) error "$USAGE";; - esac - if [ "$SUBDOMAIN" = "" ]; then - error "$USAGE" - fi - if [ "$(expr "$SUBDOMAIN" : '[A-Za-z0-9][A-Za-z0-9\-]\{0,61\}[A-Za-z0-9]\{0,1\}')" != "${#SUBDOMAIN}" ]; then - error "$USAGE" - fi - if [ "$IP" != "127.0.0.1" ]; then - case "$IP" in - 127.0.0.1) ;; - 172.23.100.[0-9]*) - LAST=${IP#172.23.100.} - if [ "$LAST" -lt 2 ] || [ "$LAST" -gt 254 ]; then - error "$USAGE" - fi ;; - *) error "$USAGE";; - esac - fi -} - -verify() { - if ! ping -c 1 -W 1 "$IP" >/dev/null 2>/dev/null ; then - error "Error : Cannot reach host $IP" - fi - if ! timeout 1 sh -c "(echo > /dev/tcp/$IP/$PORT) >/dev/null 2>&1"; then - error "Error : Port $PORT isn't open" - fi -} - -main() { - if [ "$(id -u)" -ne 0 ]; then - error "Please run as root." >&2 - fi - if [ $# != 3 ]; then - error "$USAGE" - fi - - URL="$1" - IP="$2" - PORT="$3" - NGINX="server { - listen 80; - listen [::]:80; - - server_name $URL; - - location / { - proxy_pass http://$IP:$PORT/; - include proxy_params; - } -}" - - sanitize - verify - mkdir -p /etc/nginx/sites-available - mkdir -p /etc/nginx/sites-enabled - sh -c 'echo "${0}" > /etc/nginx/sites-available/${1}' "$NGINX" "$URL" - ln -s "/etc/nginx/sites-available/$URL" "/etc/nginx/sites-enabled/$URL" - if nginx -t >/dev/null 2>/dev/null; then - rm -f "/etc/nginx/sites-available/$URL" "/etc/nginx/sites-enabled/$URL" - error "Error : Nginx config failed" - fi - if certbot run --nginx -d "$URL"; then - rm -f "/etc/letsencrypt/live/$URL" "/etc/letsencrypt/archive/$URL" - error "Error : certbot failure" - fi -} - -main "$@" - diff --git a/autonginx/README.md b/autonginx/README.md new file mode 100644 index 0000000..089a84e --- /dev/null +++ b/autonginx/README.md @@ -0,0 +1,32 @@ +# autonginx + +## wtf is it? + +autonginx is a script that handles nginx config file creation and installation as well as installing a SSL certificate with certbot for a specific service. + +This service must be hosted on a machine in the same subnetwork as the reverse proxy's whether it's the exact same machine or another. + +## Prerequisites + +- have the (sub)domain name you want to use point to the public IP of the reverse proxy +- nginx +- certbot + +## Usage + +```sh +./autonginx +``` + +`URL`: url à laquelle le service sera accessible (domain.tld ou sub.domain.tld) + +`IP`: adresse ip locale du service + +`PORT`: port utilisé par le service (entre 1 et 65535; certains ports peuvent être déjà utilisés) + +## The future + +Ideas to improve this script: +- handle IPv6 +- colored output +- add options to enable/disable features diff --git a/autonginx/autonginx b/autonginx/autonginx new file mode 100755 index 0000000..b10ca50 --- /dev/null +++ b/autonginx/autonginx @@ -0,0 +1,124 @@ +#!/usr/bin/env sh + +USAGE="usage: ./autonginx + +URL: url à laquelle le service sera accessible (sub.domain.tld) +IP: adresse ip locale du service +PORT: port utilisé par le service (entre 1 et 65535; certains ports peuvent être déjà utilisés)" + +error() { + printf "%s\n" "$@" >&2 + exit 1 +} + +isvalid() { + if [ "$1" -lt "$2" ] || [ "$1" -gt "$3" ]; then + error "BAD NUMBER IN IP" "$USAGE" + fi +} + +sanitize() { + if ! [ "$PORT" -eq "$PORT" ] 2> /dev/null; then + error "PORT IS NAN" "$USAGE" + fi + if [ "$PORT" -lt 1 ] || [ "$PORT" -gt 65535 ]; then + error "BAD PORT" "$USAGE" + fi + #case "$URL" in + # *.urlab.be) SUBDOMAIN=${URL%.urlab.be} ;; + # *) error "$USAGE";; + #esac + #if [ "$SUBDOMAIN" = "" ]; then + # error "$USAGE" + #fi + #if [ "$(expr "$SUBDOMAIN" : '[A-Za-z0-9][A-Za-z0-9\-]\{0,61\}[A-Za-z0-9]\{0,1\}')" != "${#SUBDOMAIN}" ]; then + # error "$USAGE" + #fi + case "$IP" in + localhost) + ;; + 127.0.0.1) + ;; + 10.[0-9]*.[0-9]*.[0-9]*) + LAST=${IP#10.[0-9]*.[0-9]*.} + REST=${IP%?"$LAST"} + BEFLAST=${REST#10.[0-9]*.} + REST=${REST%?"$BEFLAST"} + BEFBEFLAST=${REST#10.} + isvalid "$LAST" 2 254 + isvalid "$BEFLAST" 2 254 + isvalid "$BEFBEFLAST" 2 254 + ;; + 172.[0-9]*.[0-9]*.[0-9]*) + LAST=${IP#172.[0-9]*.[0-9]*.} + REST=${IP%?"$LAST"} + BEFLAST=${REST#172.[0-9]*.} + REST=${REST%?"$BEFLAST"} + BEFBEFLAST=${REST#172.} + isvalid "$LAST" 2 254 + isvalid "$BEFLAST" 2 254 + isvalid "$BEFBEFLAST" 16 31 + ;; + 192.168.[0-9]*.[0-9]*) + LAST=${IP#192.168.[0-9]*.} + REST=${IP%?"$LAST"} + BEFLAST=${REST#192.168.} + isvalid "$LAST" 2 254 + isvalid "$BEFLAST" 2 254 + ;; + *) + error "BAD IP" "$USAGE" + ;; + esac +} + +verify() { + if ! ping -c 1 -W 1 "$IP" >/dev/null 2>/dev/null ; then + error "Error : Cannot reach host $IP" + fi + if ! timeout 1 sh -c "(echo > /dev/tcp/$IP/$PORT) >/dev/null 2>&1"; then + error "Error : Port $PORT isn't open" + fi +} + +main() { + if [ "$(id -u)" -ne 0 ]; then + error "Please run as root." >&2 + fi + if [ $# != 3 ]; then + error "BAD ARG NUM" "$USAGE" + fi + + URL="$1" + IP="$2" + PORT="$3" + NGINX="server { + listen 80; + listen [::]:80; + + server_name $URL; + + location / { + proxy_pass http://$IP:$PORT/; + include proxy_params; + } +}" + + sanitize + verify + mkdir -p /etc/nginx/sites-available + mkdir -p /etc/nginx/sites-enabled + sh -c 'echo "${0}" > /etc/nginx/sites-available/${1}' "$NGINX" "$URL" + ln -s "/etc/nginx/sites-available/$URL" "/etc/nginx/sites-enabled/$URL" + if ! nginx -t >/dev/null 2>/dev/null; then + rm -f "/etc/nginx/sites-available/$URL" "/etc/nginx/sites-enabled/$URL" + error "Error : Nginx config failed" + fi + if ! certbot run --nginx -d "$URL"; then + rm -f "/etc/letsencrypt/live/$URL" "/etc/letsencrypt/archive/$URL" + error "Error : certbot failure" + fi +} + +main "$@" +