diff --git a/assets/test/hostname b/assets/test/hostname new file mode 100644 index 0000000..a7f8d9e --- /dev/null +++ b/assets/test/hostname @@ -0,0 +1 @@ +bla diff --git a/assets/test/hostname.backup b/assets/test/hostname.backup new file mode 100644 index 0000000..ebf0746 --- /dev/null +++ b/assets/test/hostname.backup @@ -0,0 +1 @@ +cor3unit diff --git a/assets/test/hosts b/assets/test/hosts new file mode 100644 index 0000000..06ea628 --- /dev/null +++ b/assets/test/hosts @@ -0,0 +1,7 @@ +127.0.0.1 localhost +127.0.1.1 bla.lan bla + +# The following lines are desirable for IPv6 capable hosts +::1 localhost ip6-localhost ip6-loopback +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters diff --git a/assets/test/hosts.backup b/assets/test/hosts.backup new file mode 100644 index 0000000..e33848e --- /dev/null +++ b/assets/test/hosts.backup @@ -0,0 +1,7 @@ +127.0.0.1 localhost +127.0.1.1 cor3unit.lan cor3unit + +# The following lines are desirable for IPv6 capable hosts +::1 localhost ip6-localhost ip6-loopback +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters diff --git a/assets/test/nginx.conf b/assets/test/nginx.conf new file mode 100644 index 0000000..139be12 --- /dev/null +++ b/assets/test/nginx.conf @@ -0,0 +1,33 @@ +########################################################### +### ### +### MESHPI NGINX CONFIG ### +### ### +########################################################### + +server { + listen 80; + server_name DOMAIN IPADDR; + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl; + server_name DOMAIN IPADDR; + + ssl_certificate CERTPATH; + ssl_certificate_key CERTPATH; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + location / { + try_files $uri $uri/ =404; + root /var/www/html; + index index.html; + } +} diff --git a/assets/test/test.sh b/assets/test/test.sh index 05a7907..1744fcb 100755 --- a/assets/test/test.sh +++ b/assets/test/test.sh @@ -1,2 +1,3 @@ #!/bin/bash +sed -i.bak "s/DOMAIN/$HOSTNAME.local/g" nginx.conf \ No newline at end of file diff --git a/dev_env_setup.sh b/dev_env_setup.sh index 302c316..ee8b9de 100755 --- a/dev_env_setup.sh +++ b/dev_env_setup.sh @@ -5,25 +5,25 @@ source assets/config/deps/dependencies ### DEPENDENCY CHECK & INSTALLER -echo -e "\n${LCY} Dependency and Privilege Check running...${CRS}\n" +echo -e "\n ${LCY}Dependency and Privilege Check running...${CRS}\n" ### PRIVILEGES if (( $(id -u) == 0 )); then - echo -e "${GRN} Privilege check passed...${CRS}\n" + echo -e " ${GRN}Privilege check passed...${CRS}\n" else - echo -e "${RED} Privilege check failed... Please run script with sudo or as root!${CRS}\n" + echo -e " ${RED}Privilege check failed... Please run script with sudo or as root!${CRS}\n" exit 1 fi ### DEPENDENCIES if command -v "$pkgs" >/dev/null 2>&1; then - echo -e "${GRN} Dependency check passed...${CRS}\n" + echo -e " ${GRN}Dependency check passed...${CRS}\n" else - echo -e "${RED} Dependencies not met.${CRS}\n" + echo -e " ${RED}Dependencies not met.${CRS}\n" while true; do echo -e " ${YEL}Do you wish to install via APT?" @@ -31,15 +31,15 @@ else echo "" if [[ "$install" = "" || "$install" = "y" || "$install" = "Y" ]]; then sudo apt update && sudo apt install --install-suggests -y $pkgs --simulate ## DEV - echo -e "\n${GRN} Dependencies installed. Proceeding...${CRS}\n" + echo -e "\n ${GRN}Dependencies installed. Proceeding...${CRS}\n" break elif [[ "$install" == "n" || "$install" = "N" ]]; then - echo -e "\n${RED} Missing dependencies... Exiting!${CRS}\n" + echo -e "\n ${RED}Missing dependencies... Exiting!${CRS}\n" exit 1 else - echo -e "\n${YEL} Invalid response... Try again...\n\n ${GRN}Y ${YEL}= (Yes, install dependencies and continue)\n ${RED}N ${YEL}= (No, don't install dependencies and exit)${CRS}\n " + echo -e "\n ${YEL}Invalid response... Try again...\n\n ${GRN}Y ${YEL}= (Yes, install dependencies and continue)\n ${RED}N ${YEL}= (No, don't install dependencies and exit)${CRS}\n " fi done fi @@ -48,20 +48,50 @@ fi ###### HOST -ip4=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) -echo -e " ${YEL}Current hostname : ${LCY}$HOSTNAME${CRS}" +onif=$(/sbin/ip route get 162.249.72.1 | awk '{print $5}' | cut -d/ -f1) +ip4=$(/sbin/ip -o -4 addr list "$onif" | awk '{print $4}' | cut -d/ -f1) +############################# add interface fail safe + +while true; do + echo -e " ${YEL}What network interface will nginx be using?${CRS}" + read -p " current = "$onif" --> " nif + if ! [ "$nif" ]; then + nif="$onif" + break + elif [ $? -eq 0 ]; then ############################### JEFF + break + else + echo -e "\n ${LRD}Interface not found... Try again!${CRS}\n" + fi +done +echo -e "\n ${YEL}Current hostname : ${LCY}$HOSTNAME${CRS}" echo -e " ${YEL}Current ip address : ${LCY}$ip4${CRS}" echo -e "\n ${YEL}This information will be used to configure ${LCY}nginx.conf ${YEL}during the next steps.${CRS}" -read -p " Would you like to change the hostname? (y/N) --> " conf_host_ip -# ask for network interface -# ask to change hostname in /etc/hosts & /etc/hostname +while true; do + + read -p " Would you like to change the hostname? (y/N) --> " conf_hostname + if [[ "$conf_hostname" = "" || "$conf_hostname" = "n" || "$conf_hostname" = "N" ]]; then + new_hostname=$HOSTNAME + break + elif [[ "$conf_hostname" = "y" || "$conf_hostname" = "Y" ]]; then + read -p " Enter new hostname --> " new_hostname + sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" assets/test/hosts #/etc/hosts + sudo sed -i.backup "s/$HOSTNAME/$new_hostname/g" assets/test/hostname #/etc/hostname + echo -e "\n ${GRN}Host name changed to ${LCY}$new_hostname${CRS}" + break + else + echo -e "\n ${YEL}Invalid response... Try again...\n\n Y = (Yes, set new hostname)\n N = (No, leave as is)${CRS}\n " + fi + +done ###### CERTIFICATION while true; do echo -e "\n ${YEL}Configure SSL and create a self signed cetrificate?${CRS}" read -p " (Y/n) --> " installSSL + if [[ "$installSSL" = "" || "$installSSL" = "y" || "$installSSL" = "Y" ]]; then echo -e " ${YEL}Enter path to certificates folder${CRS}" read -p " default = /etc/nginx/ssl --> " cert_path @@ -72,7 +102,6 @@ while true; do else : fi - echo "" echo -e " ${YEL}Enter file name for certificate and key${CRS}" read -p " default = $HOSTNAME --> " cert_name if ! [ "$cert_name" ]; then @@ -83,15 +112,18 @@ while true; do echo "" #sudo mkdir -p "$cert_path" #sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout "$cert_path"/"$cert_name".key -out "$cert_path"/"$cert_name".crt - echo -e "\n${GRN} SSL certificate files ${LCY}$cert_name.crt ${GRN}and ${LCY}$cert_name.key ${GRN}created and stored in ${LCY}$cert_path${CRS}\n" + echo -e "\n ${GRN}SSL certificate files ${LCY}$cert_name.crt ${GRN}and ${LCY}$cert_name.key ${GRN}created and stored in ${LCY}$cert_path${CRS}\n" break elif [[ "$installSSL" == "n" || "$installSSL" = "N" ]]; then - echo -e "\n${RED} No encryption established${CRS}\n" + echo -e "\n ${RED}Encryption disabled${CRS}\n" break else - echo -e "\n${YEL} Invalid response... Try again...\n\nY = (Yes, configure SSL certificate and continue)\nN = (No, leave unencrypted and continue)${CRS}\n " + echo -e "\n ${YEL}Invalid response... Try again...\n\n Y = (Yes, configure SSL certificate and continue)\n N = (No, leave unencrypted and continue)${CRS}\n " fi - done + +done + +###### NGINX CONFIG ### DEV STATUS @@ -103,4 +135,4 @@ while true; do # restart nginx ## JEFF END -echo -e "${GRN}\nScript ran through...${CRS}" +echo -e "\n ${LGN}Script ran through...${CRS}"