diff options
Diffstat (limited to 'utils')
-rwxr-xr-x | utils/filtron.sh | 66 | ||||
-rwxr-xr-x | utils/lib.sh | 185 | ||||
-rwxr-xr-x | utils/lxc.sh | 20 | ||||
-rwxr-xr-x | utils/morty.sh | 69 | ||||
-rwxr-xr-x | utils/searx.sh | 8 | ||||
-rw-r--r-- | utils/templates/etc/nginx/default.apps-available/morty.conf | 11 | ||||
-rw-r--r-- | utils/templates/etc/nginx/default.apps-available/searx.conf:filtron | 16 |
7 files changed, 338 insertions, 37 deletions
diff --git a/utils/filtron.sh b/utils/filtron.sh index d24b6c39e..c82c2d0a3 100755 --- a/utils/filtron.sh +++ b/utils/filtron.sh @@ -44,9 +44,8 @@ GO_ENV="${SERVICE_HOME}/.go_env" GO_PKG_URL="https://dl.google.com/go/go1.13.5.linux-amd64.tar.gz" GO_TAR=$(basename "$GO_PKG_URL") -# Apache Settings - APACHE_FILTRON_SITE="searx.conf" +NGINX_FILTRON_SITE="searx.conf" # shellcheck disable=SC2034 CONFIG_FILES=( @@ -60,9 +59,7 @@ usage() { # shellcheck disable=SC1117 cat <<EOF - usage:: - $(basename "$0") shell $(basename "$0") install [all|user|rules] $(basename "$0") update [filtron] @@ -72,6 +69,7 @@ usage:: $(basename "$0") inspect [service] $(basename "$0") option [debug-on|debug-off] $(basename "$0") apache [install|remove] + $(basename "$0") nginx [install|remove] shell start interactive shell from user ${SERVICE_USER} @@ -92,6 +90,9 @@ option apache (${PUBLIC_URL}) :install: apache site with a reverse proxy (ProxyPass) :remove: apache site ${APACHE_FILTRON_SITE} +nginx (${PUBLIC_URL}) + :install: nginx site with a reverse proxy (ProxyPass) + :remove: nginx site ${NGINX_FILTRON_SITE} filtron rules: ${FILTRON_RULES} @@ -118,8 +119,6 @@ EOF } main() { - rst_title "$SERVICE_NAME" part - required_commands \ sudo install git wget curl \ || exit @@ -127,7 +126,7 @@ main() { local _usage="unknown or missing $1 command $2" case $1 in - --source-only) ;; + --getenv) var="$2"; echo "${!var}"; exit 0;; -h|--help) usage; exit 0;; shell) @@ -143,6 +142,7 @@ main() { *) usage "$_usage"; exit 42;; esac ;; install) + rst_title "$SERVICE_NAME" part sudo_or_exit case $2 in all) install_all ;; @@ -187,6 +187,13 @@ main() { remove) remove_apache_site ;; *) usage "$_usage"; exit 42;; esac ;; + nginx) + sudo_or_exit + case $2 in + install) install_nginx_site ;; + remove) remove_nginx_site ;; + *) usage "$_usage"; exit 42;; + esac ;; option) sudo_or_exit case $2 in @@ -473,6 +480,51 @@ This removes apache site ${APACHE_FILTRON_SITE}." } +install_nginx_site() { + + rst_title "Install nginx site $NGINX_FILTRON_SITE" + + rst_para "\ +This installs a reverse proxy (ProxyPass) into nginx site (${NGINX_FILTRON_SITE})" + + ! nginx_is_installed && err_msg "nginx is not installed." + + if ! ask_yn "Do you really want to continue?" Yn; then + return + else + install_nginx + fi + + "${REPO_ROOT}/utils/searx.sh" install uwsgi + + SEARX_SRC=$("${REPO_ROOT}/utils/searx.sh" --getenv SEARX_SRC) + SEARX_URL_PATH=$("${REPO_ROOT}/utils/searx.sh" --getenv SEARX_URL_PATH) + nginx_install_app --variant=filtron "${NGINX_FILTRON_SITE}" + + info_msg "testing public url .." + if ! service_is_available "${PUBLIC_URL}"; then + err_msg "Public service at ${PUBLIC_URL} is not available!" + fi +} + +remove_nginx_site() { + + rst_title "Remove nginx site $NGINX_FILTRON_SITE" + + rst_para "\ +This removes nginx site ${NGINX_FILTRON_SITE}." + + ! nginx_is_installed && err_msg "nginx is not installed." + + if ! ask_yn "Do you really want to continue?" Yn; then + return + fi + + nginx_remove_site "$FILTRON_FILTRON_SITE" + +} + + rst-doc() { eval "echo \"$(< "${REPO_ROOT}/docs/build-templates/filtron.rst")\"" diff --git a/utils/lib.sh b/utils/lib.sh index 3a742f9da..4fc50ff39 100755 --- a/utils/lib.sh +++ b/utils/lib.sh @@ -138,6 +138,16 @@ rst_para() { fi } +die() { + echo -e "${_BRed}ERROR:${_creset} ${BASH_SOURCE[1]}: line ${BASH_LINENO[0]}: ${2-died ${1-1}}" >&2; + exit "${1-1}" +} + +die_caller() { + echo -e "${_BRed}ERROR:${_creset} ${BASH_SOURCE[2]}: line ${BASH_LINENO[1]}: ${FUNCNAME[1]}(): ${2-died ${1-1}}" >&2; + exit "${1-1}" +} + err_msg() { echo -e "${_BRed}ERROR:${_creset} $*" >&2; } warn_msg() { echo -e "${_BBlue}WARN:${_creset} $*" >&2; } info_msg() { echo -e "${_BYellow}INFO:${_creset} $*" >&2; } @@ -471,11 +481,7 @@ service_is_available() { # usage: service_is_available <URL> - local URL="$1" - if [[ -z $URL ]]; then - err_msg "service_is_available: missing arguments" - return 42 - fi + [[ -z $1 ]] && die_caller 42 "missing argument <URL>" http_code=$(curl -H 'Cache-Control: no-cache' \ --silent -o /dev/null --head --write-out '%{http_code}' --insecure \ @@ -624,6 +630,175 @@ EOF } +# nginx +# ----- + +nginx_distro_setup() { + # shellcheck disable=SC2034 + + NGINX_DEFAULT_SERVER=/etc/nginx/nginx.conf + + # Including *location* directives from a dedicated config-folder into the + # server directive is, what what fedora (already) does. + NGINX_APPS_ENABLED="/etc/nginx/default.d" + + # We add a apps-available folder and linking configurations into the + # NGINX_APPS_ENABLED folder. See also nginx_include_apps_enabled(). + NGINX_APPS_AVAILABLE="/etc/nginx/default.apps-available" + + case $DIST_ID-$DIST_VERS in + ubuntu-*|debian-*) + NGINX_PACKAGES="nginx" + NGINX_DEFAULT_SERVER=/etc/nginx/sites-available/default + ;; + arch-*) + NGINX_PACKAGES="nginx-mainline" + ;; + fedora-*) + NGINX_PACKAGES="nginx" + ;; + *) + err_msg "$DIST_ID-$DIST_VERS: nginx not yet implemented" + ;; + esac +} +nginx_distro_setup + +install_nginx(){ + info_msg "installing nginx ..." + pkg_install "${NGINX_PACKAGES}" + case $DIST_ID-$DIST_VERS in + arch-*|fedora-*) + systemctl enable nginx + systemctl start nginx + ;; + esac +} + +nginx_is_installed() { + command -v nginx &>/dev/null +} + +nginx_reload() { + + info_msg "reload nginx .." + echo + if ! nginx -t; then + err_msg "testing nginx configuration failed" + return 42 + fi + systemctl restart nginx +} + +nginx_install_app() { + + # usage: nginx_install_app [<template option> ...] <myapp> + # + # <template option>: see install_template + + local template_opts=() + local pos_args=("$0") + + for i in "$@"; do + case $i in + -*) template_opts+=("$i");; + *) pos_args+=("$i");; + esac + done + + nginx_include_apps_enabled "${NGINX_DEFAULT_SERVER}" + + install_template "${template_opts[@]}" \ + "${NGINX_APPS_AVAILABLE}/${pos_args[1]}" \ + root root 644 + nginx_enable_app "${pos_args[1]}" + info_msg "installed nginx app: ${pos_args[1]}" +} + +nginx_include_apps_enabled() { + + # Add the *NGINX_APPS_ENABLED* infrastruture to a nginx server block. Such + # infrastruture is already known from fedora, including apps (location + # directives) from the /etc/nginx/default.d folder into the *default* nginx + # server. + + # usage: nginx_include_apps_enabled <config-file> + # + # config-file: Config file with server directive in. + + [[ -z $1 ]] && die_caller 42 "missing argument <config-file>" + local server_conf="$1" + + # include /etc/nginx/default.d/*.conf; + local include_directive="include ${NGINX_APPS_ENABLED}/*.conf;" + local include_directive_re="^\s*include ${NGINX_APPS_ENABLED}/\*\.conf;" + + info_msg "checking existence: '${include_directive}' in file ${server_conf}" + if grep "${include_directive_re}" "${server_conf}"; then + info_msg "OK, already exists." + return + fi + + info_msg "add missing directive: '${include_directive}'" + cp "${server_conf}" "${server_conf}.bak" + + ( + local line + local stage=0 + while IFS= read -r line + do + echo "$line" + if [[ $stage = 0 ]]; then + if [[ $line =~ ^[[:space:]]*server*[[:space:]]*\{ ]]; then + stage=1 + fi + fi + + if [[ $stage = 1 ]]; then + echo " # Load configuration files for the default server block." + echo " $include_directive" + echo "" + stage=2 + fi + done < "${server_conf}.bak" + ) > "${server_conf}" + +} + +nginx_remove_app() { + + # usage: nginx_remove_app <myapp.conf> + + info_msg "remove nginx app: $1" + nginx_dissable_app "$1" + rm -f "${NGINX_APPS_AVAILABLE}/$1" +} + +nginx_enable_app() { + + # usage: nginx_enable_app <myapp.conf> + + local CONF="$1" + + info_msg "enable nginx app: ${CONF}" + mkdir -p "${NGINX_APPS_ENABLED}" + rm -f "${NGINX_APPS_ENABLED}/${CONF}" + ln -s "${NGINX_APPS_AVAILABLE}/${CONF}" "${NGINX_APPS_ENABLED}/${CONF}" + nginx_reload +} + +nginx_dissable_app() { + + # usage: nginx_disable_app <myapp.conf> + + local CONF="$1" + + info_msg "disable nginx app: ${CONF}" + rm -f "${NGINX_APPS_ENABLED}/${CONF}" + nginx_reload +} + + # Apache # ------ diff --git a/utils/lxc.sh b/utils/lxc.sh index 6a8dce94f..ce306fe85 100755 --- a/utils/lxc.sh +++ b/utils/lxc.sh @@ -73,9 +73,7 @@ usage() { # ---------------------------------------------------------------------------- _cmd="$(basename "$0")" cat <<EOF - usage:: - $_cmd build [containers|<name>] $_cmd copy [images] $_cmd remove [containers|<name>|images] @@ -101,7 +99,7 @@ show :suite: show services of all (or <name>) containers from the LXC suite :images: show information of local images cmd - use single qoutes to evaluate in container's bash, e.g. 'echo $(hostname)' + use single qoutes to evaluate in container's bash, e.g.: 'echo \$(hostname)' -- run command '...' in all containers of the LXC suite :<name>: run command '...' in container <name> install @@ -151,14 +149,14 @@ main() { fi case $1 in - --source-only) ;; + --getenv) var="$2"; echo "${!var}"; exit 0;; -h|--help) usage; exit 0;; build) sudo_or_exit case $2 in ${LXC_HOST_PREFIX}-*) build_container "$2" ;; - ''|containers) build_all_containers ;; + ''|--|containers) build_all_containers ;; *) usage "$_usage"; exit 42;; esac ;; @@ -171,7 +169,7 @@ main() { remove) sudo_or_exit case $2 in - ''|containers) remove_containers ;; + ''|--|containers) remove_containers ;; images) lxc_delete_images_localy ;; ${LXC_HOST_PREFIX}-*) ! lxc_exists "$2" && usage_containers "unknown container: $2" && exit 42 @@ -185,7 +183,7 @@ main() { start|stop) sudo_or_exit case $2 in - ''|containers) lxc_cmd "$1" ;; + ''|--|containers) lxc_cmd "$1" ;; ${LXC_HOST_PREFIX}-*) ! lxc_exists "$2" && usage_containers "unknown container: $2" && exit 42 info_msg "lxc $1 $2" @@ -203,7 +201,7 @@ main() { lxc exec -t "$3" -- "${LXC_REPO_ROOT}/utils/lxc.sh" __show suite \ | prefix_stdout "[${_BBlue}$3${_creset}] " ;; - *) show_suite;; + *|--) show_suite;; esac ;; images) show_images ;; @@ -213,7 +211,7 @@ main() { ! lxc_exists "$3" && usage_containers "unknown container: $3" && exit 42 lxc config show "$3" | prefix_stdout "[${_BBlue}${3}${_creset}] " ;; - *) + *|--) rst_title "container configurations" echo lxc list "$LXC_HOST_PREFIX-" @@ -228,7 +226,7 @@ main() { ! lxc_exists "$3" && usage_containers "unknown container: $3" && exit 42 lxc info "$3" | prefix_stdout "[${_BBlue}${3}${_creset}] " ;; - *) + *|--) rst_title "container info" echo lxc_cmd info @@ -267,7 +265,7 @@ main() { ! lxc_exists "$3" && usage_containers "unknown container: $3" && exit 42 lxc_exec_cmd "$3" "${LXC_REPO_ROOT}/utils/lxc.sh" __install "$2" ;; - '') lxc_exec "${LXC_REPO_ROOT}/utils/lxc.sh" __install "$2" ;; + ''|--) lxc_exec "${LXC_REPO_ROOT}/utils/lxc.sh" __install "$2" ;; *) usage_containers "unknown container: $3" && exit 42 esac ;; diff --git a/utils/morty.sh b/utils/morty.sh index 2aee0ac97..eae1b5bbc 100755 --- a/utils/morty.sh +++ b/utils/morty.sh @@ -47,6 +47,7 @@ CONFIG_FILES=() # Apache Settings APACHE_MORTY_SITE="morty.conf" +NGINX_MORTY_SITE="morty.conf" # ---------------------------------------------------------------------------- usage() { @@ -54,9 +55,7 @@ usage() { # shellcheck disable=SC1117 cat <<EOF - usage:: - $(basename "$0") shell $(basename "$0") install [all|user] $(basename "$0") update [morty] @@ -66,6 +65,7 @@ usage:: $(basename "$0") inspect [service] $(basename "$0") option [debug-on|debug-off] $(basename "$0") apache [install|remove] + $(basename "$0") nginx [install|remove] $(basename "$0") info [searx] shell @@ -86,6 +86,9 @@ option apache : ${PUBLIC_URL_MORTY} :install: apache site with a reverse proxy (ProxyPass) :remove: apache site ${APACHE_MORTY_SITE} +nginx (${PUBLIC_URL_MORTY}) + :install: nginx site with a reverse proxy (ProxyPass) + :remove: nginx site ${NGINX_MORTY_SITE} If needed, set the environment variables in the '${DOT_CONFIG#"$REPO_ROOT/"}' file:: PUBLIC_URL_MORTY: ${PUBLIC_URL_MORTY} @@ -122,8 +125,6 @@ EOF } main() { - rst_title "$SERVICE_NAME" part - required_commands \ sudo install git wget curl \ || exit @@ -131,7 +132,7 @@ main() { local _usage="ERROR: unknown or missing $1 command $2" case $1 in - --source-only) ;; + --getenv) var="$2"; echo "${!var}"; exit 0;; -h|--help) usage; exit 0;; shell) @@ -147,6 +148,7 @@ main() { *) usage "$_usage"; exit 42;; esac ;; install) + rst_title "$SERVICE_NAME" part sudo_or_exit case $2 in all) install_all ;; @@ -185,6 +187,13 @@ main() { remove) remove_apache_site ;; *) usage "$_usage"; exit 42;; esac ;; + nginx) + sudo_or_exit + case $2 in + install) install_nginx_site ;; + remove) remove_nginx_site ;; + *) usage "$_usage"; exit 42;; + esac ;; info) case $2 in searx) info_searx ;; @@ -348,8 +357,8 @@ EOF wait_key fi - if ! service_is_available "${PUBLIC_URL}"; then - warn_msg "Public service at ${PUBLIC_URL} is not available!" + if ! service_is_available "${PUBLIC_URL_MORTY}"; then + warn_msg "Public service at ${PUBLIC_URL_MORTY} is not available!" if ! in_container; then warn_msg "Check if public name is correct and routed or use the public IP from above." fi @@ -363,7 +372,7 @@ EOF fi local _debug_on - if ask_yn "Enable filtron debug mode (needs reinstall of systemd service)?"; then + if ask_yn "Enable morty debug mode (needs reinstall of systemd service)?"; then enable_debug _debug_on=1 else @@ -436,6 +445,50 @@ This removes apache site ${APACHE_MORTY_SITE}." apache_remove_site "$APACHE_MORTY_SITE" } +install_nginx_site() { + + rst_title "Install nginx site $NGINX_MORTY_SITE" + + rst_para "\ +This installs a reverse proxy (ProxyPass) into nginx site (${NGINX_MORTY_SITE})" + + ! nginx_is_installed && err_msg "nginx is not installed." + + if ! ask_yn "Do you really want to continue?" Yn; then + return + else + install_nginx + fi + + "${REPO_ROOT}/utils/searx.sh" install uwsgi + + SEARX_SRC=$("${REPO_ROOT}/utils/searx.sh" --getenv SEARX_SRC) + SEARX_URL_PATH=$("${REPO_ROOT}/utils/searx.sh" --getenv SEARX_URL_PATH) + nginx_install_app "${NGINX_MORTY_SITE}" + + info_msg "testing public url .." + if ! service_is_available "${PUBLIC_URL_MORTY}"; then + err_msg "Public service at ${PUBLIC_URL_MORTY} is not available!" + fi +} + +remove_nginx_site() { + + rst_title "Remove nginx site $NGINX_MORTY_SITE" + + rst_para "\ +This removes nginx site ${NGINX_MORTY_SITE}." + + ! nginx_is_installed && err_msg "nginx is not installed." + + if ! ask_yn "Do you really want to continue?" Yn; then + return + fi + + nginx_remove_site "$NGINX_MORTY_SITE" + +} + rst-doc() { eval "echo \"$(< "${REPO_ROOT}/docs/build-templates/morty.rst")\"" diff --git a/utils/searx.sh b/utils/searx.sh index dde2b93ab..9a73c58cc 100755 --- a/utils/searx.sh +++ b/utils/searx.sh @@ -114,9 +114,7 @@ usage() { # shellcheck disable=SC1117 cat <<EOF - usage:: - $(basename "$0") shell $(basename "$0") install [all|user|searx-src|pyenv|uwsgi|packages|buildhost] $(basename "$0") update [searx] @@ -178,8 +176,6 @@ EOF } main() { - rst_title "$SEARX_INSTANCE_NAME" part - required_commands \ sudo systemctl install git wget curl \ || exit @@ -187,9 +183,8 @@ main() { local _usage="unknown or missing $1 command $2" case $1 in - --source-only) ;; + --getenv) var="$2"; echo "${!var}"; exit 0;; -h|--help) usage; exit 0;; - shell) sudo_or_exit interactive_shell "${SERVICE_USER}" @@ -203,6 +198,7 @@ main() { *) usage "$_usage"; exit 42;; esac ;; install) + rst_title "$SEARX_INSTANCE_NAME" part sudo_or_exit case $2 in all) install_all ;; diff --git a/utils/templates/etc/nginx/default.apps-available/morty.conf b/utils/templates/etc/nginx/default.apps-available/morty.conf new file mode 100644 index 000000000..e7ffa27e2 --- /dev/null +++ b/utils/templates/etc/nginx/default.apps-available/morty.conf @@ -0,0 +1,11 @@ +# https://example.org/morty + +location /morty { + proxy_pass http://127.0.0.1:3000/; + + proxy_set_header Host \$http_host; + proxy_set_header Connection \$http_connection; + proxy_set_header X-Real-IP \$remote_addr; + proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; + proxy_set_header X-Scheme \$scheme; +} diff --git a/utils/templates/etc/nginx/default.apps-available/searx.conf:filtron b/utils/templates/etc/nginx/default.apps-available/searx.conf:filtron new file mode 100644 index 000000000..d3137e42d --- /dev/null +++ b/utils/templates/etc/nginx/default.apps-available/searx.conf:filtron @@ -0,0 +1,16 @@ +# https://example.org/searx + +location ${SEARX_URL_PATH} { + proxy_pass http://127.0.0.1:4004/; + + proxy_set_header Host \$http_host; + proxy_set_header Connection \$http_connection; + proxy_set_header X-Real-IP \$remote_addr; + proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; + proxy_set_header X-Scheme \$scheme; + proxy_set_header X-Script-Name ${SEARX_URL_PATH}; +} + +location ${SEARX_URL_PATH}/static { + alias ${SEARX_SRC}/searx/static; +} |