linux/docker - common /opt/bunkerized-nginx folder
This commit is contained in:
bunkerity
@@ -1,7 +1,7 @@
|
||||
#!/bin/sh
|
||||
|
||||
# load some functions
|
||||
. /opt/entrypoint/utils.sh
|
||||
. /opt/bunkerized-nginx/entrypoint/utils.sh
|
||||
|
||||
if [ "$MULTISITE" != "yes" ] && [ "$AUTO_LETS_ENCRYPT" = "yes" ] ; then
|
||||
first_server_name=$(echo "$SERVER_NAME" | cut -d " " -f 1)
|
||||
@@ -9,7 +9,7 @@ if [ "$MULTISITE" != "yes" ] && [ "$AUTO_LETS_ENCRYPT" = "yes" ] ; then
|
||||
EMAIL_LETS_ENCRYPT="${EMAIL_LETS_ENCRYPT-contact@$first_server_name}"
|
||||
if [ ! -f /etc/letsencrypt/live/${first_server_name}/fullchain.pem ] ; then
|
||||
echo "[*] Performing Let's Encrypt challenge for $domains_lets_encrypt ..."
|
||||
/opt/scripts/certbot-new.sh "$domains_lets_encrypt" "$EMAIL_LETS_ENCRYPT"
|
||||
/opt/bunkerized-nginx/scripts/certbot-new.sh "$domains_lets_encrypt" "$EMAIL_LETS_ENCRYPT"
|
||||
fi
|
||||
elif [ "$MULTISITE" = "yes" ] ; then
|
||||
servers=$(find /etc/nginx -name "site.env" | cut -d '/' -f 4)
|
||||
@@ -22,7 +22,7 @@ elif [ "$MULTISITE" = "yes" ] ; then
|
||||
if [ "$EMAIL_LETS_ENCRYPT" = "" ] ; then
|
||||
EMAIL_LETS_ENCRYPT="contact@${server}"
|
||||
fi
|
||||
/opt/scripts/certbot-new.sh "$domains" "EMAIL_LETS_ENCRYPT"
|
||||
/opt/bunkerized-nginx/scripts/certbot-new.sh "$domains" "EMAIL_LETS_ENCRYPT"
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
@@ -16,14 +16,14 @@ trap "trap_exit" TERM INT QUIT
|
||||
function trap_reload() {
|
||||
echo "[*] Catched reload operation"
|
||||
if [ "$SWARM_MODE" != "yes" ] ; then
|
||||
/opt/entrypoint/pre-jobs.sh
|
||||
/opt/bunkerized-nginx/entrypoint/pre-jobs.sh
|
||||
fi
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
echo "[*] Reloading nginx ..."
|
||||
nginx -s reload
|
||||
if [ $? -eq 0 ] ; then
|
||||
echo "[*] Reload successfull"
|
||||
/opt/entrypoint/post-jobs.sh
|
||||
/opt/bunkerized-nginx/entrypoint/post-jobs.sh
|
||||
else
|
||||
echo "[!] Reload failed"
|
||||
fi
|
||||
@@ -40,16 +40,16 @@ if [ ! -f "/etc/nginx/global.env" ] ; then
|
||||
|
||||
# check permissions
|
||||
if [ "$SWARM_MODE" != "yes" ] ; then
|
||||
/opt/entrypoint/permissions.sh
|
||||
/opt/bunkerized-nginx/entrypoint/permissions.sh
|
||||
else
|
||||
/opt/entrypoint/permissions-swarm.sh
|
||||
/opt/bunkerized-nginx/entrypoint/permissions-swarm.sh
|
||||
fi
|
||||
if [ "$?" -ne 0 ] ; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# start temp nginx to solve Let's Encrypt challenges if needed
|
||||
/opt/entrypoint/nginx-temp.sh
|
||||
/opt/bunkerized-nginx/entrypoint/nginx-temp.sh
|
||||
|
||||
# only do config if we are not in swarm mode
|
||||
if [ "$SWARM_MODE" != "yes" ] ; then
|
||||
@@ -57,10 +57,10 @@ if [ ! -f "/etc/nginx/global.env" ] ; then
|
||||
env | grep -E -v "^(HOSTNAME|PWD|PKG_RELEASE|NJS_VERSION|SHLVL|PATH|_|NGINX_VERSION|HOME)=" > "/tmp/variables.env"
|
||||
|
||||
# call the generator
|
||||
/opt/gen/main.py --settings /opt/settings.json --templates /opt/confs --output /etc/nginx --variables /tmp/variables.env
|
||||
/opt/bunkerized-nginx/gen/main.py --settings /opt/bunkerized-nginx/settings.json --templates /opt/bunkerized-nginx/confs --output /etc/nginx --variables /tmp/variables.env
|
||||
|
||||
# pre-jobs
|
||||
/opt/entrypoint/pre-jobs.sh
|
||||
/opt/bunkerized-nginx/entrypoint/pre-jobs.sh
|
||||
fi
|
||||
else
|
||||
echo "[*] Skipping configuration process"
|
||||
@@ -90,7 +90,7 @@ pid="$!"
|
||||
# autotest
|
||||
if [ "$1" == "test" ] ; then
|
||||
sleep 10
|
||||
echo -n "autotest" > /www/index.html
|
||||
echo -n "autotest" > /opt/bunkerized-nginx/www/index.html
|
||||
check=$(curl -H "User-Agent: legit" "http://localhost:8080")
|
||||
if [ "$check" == "autotest" ] ; then
|
||||
exit 0
|
||||
@@ -99,7 +99,7 @@ if [ "$1" == "test" ] ; then
|
||||
fi
|
||||
|
||||
# post jobs
|
||||
/opt/entrypoint/post-jobs.sh
|
||||
/opt/bunkerized-nginx/entrypoint/post-jobs.sh
|
||||
|
||||
# wait for nginx
|
||||
wait "$pid"
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
#!/bin/bash
|
||||
|
||||
# load some functions
|
||||
. /opt/entrypoint/utils.sh
|
||||
. /opt/bunkerized-nginx/entrypoint/utils.sh
|
||||
|
||||
# start nginx with temp conf for let's encrypt challenges and API
|
||||
if [ "$(has_value AUTO_LETS_ENCRYPT yes)" != "" ] || [ "$SWARM_MODE" = "yes" ] || [ "$AUTO_LETS_ENCRYPT" = "yes" ] ; then
|
||||
cp /opt/confs/global/nginx-temp.conf /tmp/nginx-temp.conf
|
||||
cp /opt/confs/global/api-temp.conf /tmp/api.conf
|
||||
cp /opt/bunkerized-nginx/confs/global/nginx-temp.conf /tmp/nginx-temp.conf
|
||||
cp /opt/bunkerized-nginx/confs/global/api-temp.conf /tmp/api.conf
|
||||
if [ "$SWARM_MODE" = "yes" ] ; then
|
||||
replace_in_file "/tmp/nginx-temp.conf" "%USE_API%" "include /tmp/api.conf;"
|
||||
replace_in_file "/tmp/api.conf" "%API_URI%" "$API_URI"
|
||||
|
||||
@@ -1,16 +1,16 @@
|
||||
#!/bin/bash
|
||||
|
||||
# load some functions
|
||||
. /opt/entrypoint/utils.sh
|
||||
. /opt/bunkerized-nginx/entrypoint/utils.sh
|
||||
|
||||
# User-Agents
|
||||
if [ "$(has_value BLOCK_USER_AGENT yes)" != "" ] ; then
|
||||
if [ -f "/cache/user-agents.list" ] && [ "$(wc -l /cache/user-agents.list | cut -d ' ' -f 1)" -gt 1 ] ; then
|
||||
echo "[*] Copying cached user-agents.list ..."
|
||||
cp /cache/user-agents.list /etc/nginx/user-agents.list
|
||||
cp /opt/bunkerized-nginx/cache/user-agents.list /etc/nginx/user-agents.list
|
||||
elif [ "$(ps aux | grep "user-agents\.sh")" = "" ] ; then
|
||||
echo "[*] Downloading bad user-agent list (in background) ..."
|
||||
/opt/scripts/user-agents.sh > /dev/null 2>&1 &
|
||||
/opt/bunkerized-nginx/scripts/user-agents.sh > /dev/null 2>&1 &
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -18,10 +18,10 @@ fi
|
||||
if [ "$(has_value BLOCK_REFERRER yes)" != "" ] ; then
|
||||
if [ -f "/cache/referrers.list" ] && [ "$(wc -l /cache/referrers.list | cut -d ' ' -f 1)" -gt 1 ] ; then
|
||||
echo "[*] Copying cached referrers.list ..."
|
||||
cp /cache/referrers.list /etc/nginx/referrers.list
|
||||
cp /opt/bunkerized-nginx/cache/referrers.list /etc/nginx/referrers.list
|
||||
elif [ "$(ps aux | grep "referrers\.sh")" = "" ] ; then
|
||||
echo "[*] Downloading bad referrer list (in background) ..."
|
||||
/opt/scripts/referrers.sh > /dev/null 2>&1 &
|
||||
/opt/bunkerized-nginx/scripts/referrers.sh > /dev/null 2>&1 &
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -29,10 +29,10 @@ fi
|
||||
if [ "$(has_value BLOCK_TOR_EXIT_NODE yes)" != "" ] ; then
|
||||
if [ -f "/cache/tor-exit-nodes.list" ] && [ "$(wc -l /cache/tor-exit-nodes.list | cut -d ' ' -f 1)" -gt 1 ] ; then
|
||||
echo "[*] Copying cached tor-exit-nodes.list ..."
|
||||
cp /cache/tor-exit-nodes.list /etc/nginx/tor-exit-nodes.list
|
||||
cp /opt/bunkerized-nginx/cache/tor-exit-nodes.list /etc/nginx/tor-exit-nodes.list
|
||||
elif [ "$(ps aux | grep "exit-nodes\.sh")" = "" ] ; then
|
||||
echo "[*] Downloading tor exit nodes list (in background) ..."
|
||||
/opt/scripts/exit-nodes.sh > /dev/null 2>&1 &
|
||||
/opt/bunkerized-nginx/scripts/exit-nodes.sh > /dev/null 2>&1 &
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -40,10 +40,10 @@ fi
|
||||
if [ "$(has_value BLOCK_PROXIES yes)" != "" ] ; then
|
||||
if [ -f "/cache/proxies.list" ] && [ "$(wc -l /cache/proxies.list | cut -d ' ' -f 1)" -gt 1 ] ; then
|
||||
echo "[*] Copying cached proxies.list ..."
|
||||
cp /cache/proxies.list /etc/nginx/proxies.list
|
||||
cp /opt/bunkerized-nginx/cache/proxies.list /etc/nginx/proxies.list
|
||||
elif [ "$(ps aux | grep "proxies\.sh")" = "" ] ; then
|
||||
echo "[*] Downloading proxies list (in background) ..."
|
||||
/opt/scripts/proxies.sh > /dev/null 2>&1 &
|
||||
/opt/bunkerized-nginx/scripts/proxies.sh > /dev/null 2>&1 &
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -51,9 +51,9 @@ fi
|
||||
if [ "$(has_value BLOCK_ABUSERS yes)" != "" ] ; then
|
||||
if [ -f "/cache/abusers.list" ] && [ "$(wc -l /cache/abusers.list | cut -d ' ' -f 1)" -gt 1 ] ; then
|
||||
echo "[*] Copying cached abusers.list ..."
|
||||
cp /cache/abusers.list /etc/nginx/abusers.list
|
||||
cp /opt/bunkerized-nginx/cache/abusers.list /etc/nginx/abusers.list
|
||||
elif [ "$(ps aux | grep "abusers\.sh")" = "" ] ; then
|
||||
echo "[*] Downloading abusers list (in background) ..."
|
||||
/opt/scripts/abusers.sh > /dev/null 2>&1 &
|
||||
/opt/bunkerized-nginx/scripts/abusers.sh > /dev/null 2>&1 &
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
# load some functions
|
||||
. /opt/entrypoint/utils.sh
|
||||
. /opt/bunkerized-nginx/entrypoint/utils.sh
|
||||
|
||||
# self signed certs for sites
|
||||
files=$(has_value GENERATE_SELF_SIGNED_SSL yes)
|
||||
@@ -58,7 +58,7 @@ if [ "$files" != "" ] ; then
|
||||
if [ "$EMAIL_LETS_ENCRYPT" = "" ] ; then
|
||||
EMAIL_LETS_ENCRYPT="contact@${FIRST_SERVER}"
|
||||
fi
|
||||
certbot_output=$(/opt/scripts/certbot-new.sh "$(echo -n $SERVER_NAME | sed 's/ /,/g')" "$EMAIL_LETS_ENCRYPT" 2>&1)
|
||||
certbot_output=$(/opt/bunkerized-nginx/scripts/certbot-new.sh "$(echo -n $SERVER_NAME | sed 's/ /,/g')" "$EMAIL_LETS_ENCRYPT" 2>&1)
|
||||
if [ $? -eq 0 ] ; then
|
||||
echo "[*] Certbot new successfully executed for domain(s) $(echo -n $SERVER_NAME | sed 's/ /,/g')"
|
||||
else
|
||||
@@ -70,11 +70,11 @@ fi
|
||||
|
||||
# GeoIP
|
||||
if [ "$(has_value BLACKLIST_COUNTRY ".\+")" != "" ] || [ "$(has_value WHITELIST_COUNTRY ".\+")" != "" ] ; then
|
||||
if [ -f "/cache/geoip.mmdb" ] ; then
|
||||
if [ -f "/opt/bunkerized-nginx/cache/geoip.mmdb" ] ; then
|
||||
echo "[*] Copying cached geoip.mmdb ..."
|
||||
cp /cache/geoip.mmdb /etc/nginx/geoip.mmdb
|
||||
cp /opt/bunkerized-nginx/cache/geoip.mmdb /etc/nginx/geoip.mmdb
|
||||
elif [ "$(ps aux | grep "geoip\.sh")" = "" ] ; then
|
||||
echo "[*] Downloading GeoIP database ..."
|
||||
/opt/scripts/geoip.sh > /dev/null 2>&1
|
||||
/opt/bunkerized-nginx/scripts/geoip.sh > /dev/null 2>&1
|
||||
fi
|
||||
fi
|
||||
|
||||
Reference in New Issue
Block a user