Script changed

2025-10-09 20:07:44 +02:00 · 2025-10-09 20:07:44 +02:00 · eee7ee410c
commit eee7ee410c
parent c9223ecffc
7 changed files with 101 additions and 19 deletions
--- a/assets/test/hostname
+++ b/assets/test/hostname
@ -0,0 +1 @@
+bla
--- a/assets/test/hostname.backup
+++ b/assets/test/hostname.backup
@ -0,0 +1 @@
+cor3unit
--- a/assets/test/hosts
+++ b/assets/test/hosts
@ -0,0 +1,7 @@
+127.0.0.1	localhost
+127.0.1.1	bla.lan	bla
+
+# The following lines are desirable for IPv6 capable hosts
+::1     localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
--- a/assets/test/hosts.backup
+++ b/assets/test/hosts.backup
@ -0,0 +1,7 @@
+127.0.0.1	localhost
+127.0.1.1	cor3unit.lan	cor3unit
+
+# The following lines are desirable for IPv6 capable hosts
+::1     localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
--- a/assets/test/nginx.conf
+++ b/assets/test/nginx.conf
@ -0,0 +1,33 @@
+###########################################################
+###                                                     ###
+###                 MESHPI NGINX CONFIG                 ###
+###                                                     ###
+###########################################################
+
+server {
+    listen 80;
+    server_name DOMAIN IPADDR;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name DOMAIN IPADDR;
+
+    ssl_certificate CERTPATH;
+    ssl_certificate_key CERTPATH;
+
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+    location / {
+        try_files $uri $uri/ =404;
+        root /var/www/html;
+        index index.html;
+    }
+}
--- a/assets/test/test.sh
+++ b/assets/test/test.sh
@ -1,2 +1,3 @@
 #!/bin/bash

+sed -i.bak "s/DOMAIN/$HOSTNAME.local/g" nginx.conf
--- a/dev_env_setup.sh
+++ b/dev_env_setup.sh
@ -5,25 +5,25 @@ source assets/config/deps/dependencies

 ### DEPENDENCY CHECK & INSTALLER

-echo -e "\n${LCY}  Dependency and Privilege Check running...${CRS}\n"
+echo -e "\n  ${LCY}Dependency and Privilege Check running...${CRS}\n"

 ### PRIVILEGES

 if (( $(id -u) == 0 )); then
-    echo -e "${GRN}    Privilege check passed...${CRS}\n"
+    echo -e "    ${GRN}Privilege check passed...${CRS}\n"

 else 
-    echo -e "${RED}    Privilege check failed... Please run script with sudo or as root!${CRS}\n"
+    echo -e "    ${RED}Privilege check failed... Please run script with sudo or as root!${CRS}\n"
    exit 1
 fi

 ### DEPENDENCIES

 if command -v "$pkgs" >/dev/null 2>&1; then
-    echo -e "${GRN}    Dependency check passed...${CRS}\n"
+    echo -e "    ${GRN}Dependency check passed...${CRS}\n"
    
 else
-    echo -e "${RED}    Dependencies not met.${CRS}\n"
+    echo -e "    ${RED}Dependencies not met.${CRS}\n"
        
    while true; do
        echo -e "  ${YEL}Do you wish to install via APT?"
@ -31,15 +31,15 @@ else
        echo ""
        if [[ "$install" = "" || "$install" = "y" || "$install" = "Y" ]]; then
            sudo apt update && sudo apt install --install-suggests -y $pkgs --simulate  ## DEV
-            echo -e "\n${GRN}    Dependencies installed. Proceeding...${CRS}\n"
+            echo -e "\n    ${GRN}Dependencies installed. Proceeding...${CRS}\n"
            break 

        elif [[ "$install" == "n" || "$install" = "N" ]]; then
-            echo -e "\n${RED}    Missing dependencies... Exiting!${CRS}\n"
+            echo -e "\n    ${RED}Missing dependencies... Exiting!${CRS}\n"
            exit 1

        else
-            echo -e "\n${YEL}    Invalid response... Try again...\n\n  ${GRN}Y ${YEL}= (Yes, install dependencies and continue)\n  ${RED}N ${YEL}= (No, don't install dependencies and exit)${CRS}\n "
+            echo -e "\n ${YEL}Invalid response... Try again...\n\n  ${GRN}Y ${YEL}= (Yes, install dependencies and continue)\n  ${RED}N ${YEL}= (No, don't install dependencies and exit)${CRS}\n "
        fi
    done
 fi
@ -48,20 +48,50 @@ fi

 ###### HOST

-ip4=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)
-echo -e "  ${YEL}Current hostname : ${LCY}$HOSTNAME${CRS}"
+onif=$(/sbin/ip route get 162.249.72.1 | awk '{print $5}' | cut -d/ -f1)
+ip4=$(/sbin/ip -o -4 addr list "$onif" | awk '{print $4}' | cut -d/ -f1)
+#############################  add interface fail safe
+
+while true; do
+    echo -e "  ${YEL}What network interface will nginx be using?${CRS}"
+    read -p "  current = "$onif" --> " nif
+    if ! [ "$nif" ]; then
+        nif="$onif"
+        break
+    elif [ $? -eq 0 ]; then ############################### JEFF
+        break
+    else
+        echo -e "\n    ${LRD}Interface not found... Try again!${CRS}\n"
+    fi
+done
+echo -e "\n  ${YEL}Current hostname : ${LCY}$HOSTNAME${CRS}"
 echo -e "  ${YEL}Current ip address : ${LCY}$ip4${CRS}"
 echo -e "\n  ${YEL}This information will be used to configure ${LCY}nginx.conf ${YEL}during the next steps.${CRS}"
-read -p "  Would you like to change the hostname? (y/N) --> " conf_host_ip

-# ask for network interface
-# ask to change hostname in /etc/hosts & /etc/hostname
+while true; do
+
+    read -p "  Would you like to change the hostname? (y/N) --> " conf_hostname
+    if [[ "$conf_hostname" = "" || "$conf_hostname" = "n" || "$conf_hostname" = "N" ]]; then
+        new_hostname=$HOSTNAME
+        break
+    elif [[ "$conf_hostname" = "y" || "$conf_hostname" = "Y" ]]; then
+        read -p "  Enter new hostname --> " new_hostname
+        sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" assets/test/hosts #/etc/hosts
+        sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" assets/test/hostname #/etc/hostname
+        echo -e "\n    ${GRN}Host name changed to ${LCY}$new_hostname${CRS}"
+        break
+    else
+        echo -e "\n  ${YEL}Invalid response... Try again...\n\n  Y = (Yes, set new hostname)\n  N = (No, leave as is)${CRS}\n "
+    fi
+
+done

 ###### CERTIFICATION

 while true; do
        echo -e "\n  ${YEL}Configure SSL and create a self signed cetrificate?${CRS}"
        read -p "  (Y/n) --> " installSSL
+
        if [[ "$installSSL" = "" || "$installSSL" = "y" || "$installSSL" = "Y" ]]; then
            echo -e "  ${YEL}Enter path to certificates folder${CRS}"
            read -p "  default = /etc/nginx/ssl --> " cert_path
@ -72,7 +102,6 @@ while true; do
            else
                :
            fi
-            echo ""
            echo -e "  ${YEL}Enter file name for certificate and key${CRS}"
            read -p "  default = $HOSTNAME --> " cert_name
            if ! [ "$cert_name" ]; then
@ -83,15 +112,18 @@ while true; do
            echo ""
            #sudo mkdir -p "$cert_path"
            #sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout "$cert_path"/"$cert_name".key -out "$cert_path"/"$cert_name".crt
-            echo -e "\n${GRN}    SSL certificate files ${LCY}$cert_name.crt ${GRN}and ${LCY}$cert_name.key ${GRN}created and stored in ${LCY}$cert_path${CRS}\n"
+            echo -e "\n    ${GRN}SSL certificate files ${LCY}$cert_name.crt ${GRN}and ${LCY}$cert_name.key ${GRN}created and stored in ${LCY}$cert_path${CRS}\n"
            break
        elif [[ "$installSSL" == "n" || "$installSSL" = "N" ]]; then
-            echo -e "\n${RED}    No encryption established${CRS}\n"
+            echo -e "\n    ${RED}Encryption disabled${CRS}\n"
            break
        else
-            echo -e "\n${YEL}    Invalid response... Try again...\n\nY = (Yes, configure SSL certificate and continue)\nN = (No, leave unencrypted and continue)${CRS}\n "
+            echo -e "\n  ${YEL}Invalid response... Try again...\n\n  Y = (Yes, configure SSL certificate and continue)\n  N = (No, leave unencrypted and continue)${CRS}\n "
        fi
-    done
+
+done
+
+###### NGINX CONFIG


 ### DEV STATUS
@ -103,4 +135,4 @@ while true; do
 # restart nginx
 ## JEFF END

-echo -e "${GRN}\nScript ran through...${CRS}"
+echo -e "\n   ${LGN}Script ran through...${CRS}"