#!/usr/bin/env sh USAGE="usage: autonginx URL: url à laquelle le service sera accessible (exemple.urlab.be) IP: adresse ip locale du service (127.0.0.1 si sur cette machine, 172.23.100.X sinon) PORT: port utilisé par le service (entre 1 et 65535; certains ports sont déjà utilisés)" error() { echo "$@" >&2 exit 1 } sanitize() { if ! [ "$PORT" -eq "$PORT" ] 2> /dev/null; then error "$USAGE" fi if [ "$PORT" -lt 1 ] || [ "$PORT" -gt 65535 ]; then error "$USAGE" fi case "$URL" in *.urlab.be) SUBDOMAIN=${URL%.urlab.be} ;; *) error "$USAGE";; esac if [ "$SUBDOMAIN" = "" ]; then error "$USAGE" fi if [ "$(expr "$SUBDOMAIN" : '[A-Za-z0-9][A-Za-z0-9\-]\{0,61\}[A-Za-z0-9]\{0,1\}')" != "${#SUBDOMAIN}" ]; then error "$USAGE" fi if [ "$IP" != "127.0.0.1" ]; then case "$IP" in 127.0.0.1) ;; 172.23.100.[0-9]*) LAST=${IP#172.23.100.} if [ "$LAST" -lt 2 ] || [ "$LAST" -gt 254 ]; then error "$USAGE" fi ;; *) error "$USAGE";; esac fi } verify() { if ! ping -c 1 -W 1 "$IP" >/dev/null 2>/dev/null ; then error "Error : Cannot reach host $IP" fi if ! timeout 1 sh -c "(echo > /dev/tcp/$IP/$PORT) >/dev/null 2>&1"; then error "Error : Port $PORT isn't open" fi } main() { if [ "$(id -u)" -ne 0 ]; then error "Please run as root." >&2 fi if [ $# != 3 ]; then error "$USAGE" fi URL="$1" IP="$2" PORT="$3" NGINX="server { listen 80; listen [::]:80; server_name $URL; location / { proxy_pass http://$IP:$PORT/; include proxy_params; } }" sanitize verify mkdir -p /etc/nginx/sites-available mkdir -p /etc/nginx/sites-enabled sh -c 'echo "${0}" > /etc/nginx/sites-available/${1}' "$NGINX" "$URL" ln -s "/etc/nginx/sites-available/$URL" "/etc/nginx/sites-enabled/$URL" if nginx -t >/dev/null 2>/dev/null; then rm -f "/etc/nginx/sites-available/$URL" "/etc/nginx/sites-enabled/$URL" error "Error : Nginx config failed" fi if certbot run --nginx -d "$URL"; then rm -f "/etc/letsencrypt/live/$URL" "/etc/letsencrypt/archive/$URL" error "Error : certbot failure" fi } main "$@"