add several configuration vars

This commit is contained in:
Simon Vieille 2019-08-01 10:19:13 +02:00
父節點 3da474274b
當前提交 637e014b2a
簽署人: deblan
GPG 金鑰 ID: 03383D15A1D31745
共有 5 個檔案被更改,包括 46 行新增22 行删除

1
.gitignore vendored
查看文件

@ -1,3 +1,4 @@
/etc/config
/share/bin/crypt
/share/bin/twigc
/tests

查看文件

@ -47,7 +47,7 @@ fi
# WEB_HTTPS_GENERATE_CERTIFICATE="$(form_yes_no -t "$TITLE" -l "Retrieve certificate using LE")"
#fi
DOCUMENT_ROOT="$(form_input -t "$TITLE" -l "Document Root" -d "/var/www/service-web/www/$DOMAIN/web")"
DOCUMENT_ROOT="$(form_input -t "$TITLE" -l "Document Root" -d "$WEB_ROOT_PATH/$DOMAIN/web")"
PHP_ENABLED="$(form_yes_no -t "$TITLE" -l "Support of PHP")"
@ -66,7 +66,6 @@ fi
USER_PASSWORD="$(tr -dc "0123456789!@#$%()[]*@<>abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" < /dev/urandom | head -c 20)"
SYSTEM_USER_USERNAME="$(form_input -t "$TITLE" -l "System username" -d "web" -r)"
SYSTEM_USER_GROUP="webgroup"
SYSTEM_USER_PASSWORD=$(
PASSWORD="$USER_PASSWORD"
@ -92,6 +91,11 @@ export PHP_VERSION
export WEB_HTTP
export WEB_HTTPS
export WEB_HTTPS_FORCE
export WEB_ROOT_PATH
export WEB_LOG_PATH
export WEB_HTTPS_DEFAULT_CERT_PEM
export WEB_HTTPS_DEFAULT_CERT_PRIVKEY
export WEB_HTTPS_DEFAULT_CERT_CHAIN
TMP_FILE="/tmp/vhost-add-$(tr -dc "qwertQWERTasdfgASDFGzxcvbZXCVB" < /dev/urandom | head -c 16)"
template summary > "$TMP_FILE"
@ -111,9 +115,9 @@ fi
# User and directory creation #
###############################
useradd -G "$SYSTEM_USER_GROUP" -s /bin/zsh -m -p "$SYSTEM_USER_PASSWORD" -d "/services/web/www/$DOMAIN" "$SYSTEM_USER_USERNAME" -k /etc/skel/
chgrp www-data "/services/web/www/$DOMAIN"
chmod o-r "/services/web/www/$DOMAIN"
useradd -G "$SYSTEM_USER_GROUP" -s "$DEFAULT_SHELL" -m -p "$SYSTEM_USER_PASSWORD" -d "$WEB_ROOT_PATH/$DOMAIN" "$SYSTEM_USER_USERNAME" -k "$SKEL_PATH"
chgrp www-data "$WEB_ROOT_PATH/$DOMAIN"
chmod o-r "$WEB_ROOT_PATH/$DOMAIN"
#######################
# Make configurations #
@ -124,17 +128,20 @@ SERVICES_TO_RELOAD="apache2"
SYSTEM_USER_ID="$(id -u "$SYSTEM_USER_USERNAME")"
PHP_FPM_PORT=$((SYSTEM_USER_ID + 12000))
export PHP_FPM_PORT
if [ "$WEB_HTTP" = "yes" ]; then
VHOST_FILE_SA="/etc/apache2/sites-available/${DOMAIN}.${WEB_HTTP_PORT}.conf"
VHOST_FILE_SE="/etc/apache2/sites-enabled/${DOMAIN}.${WEB_HTTP_PORT}.conf"
VHOST_FILE_SA="$APACHE_VHOST_SITES_AVAILABLE_PATH/${DOMAIN}.${WEB_HTTP_PORT}.conf"
VHOST_FILE_SE="$APACHE_VHOST_SITES_ENABLED_PATH/${DOMAIN}.${WEB_HTTP_PORT}.conf"
PORT=$WEB_HTTP_PORT template vhost-http > "$VHOST_FILE_SA"
ln -rs "$VHOST_FILE_SA" "$VHOST_FILE_SE"
fi
if [ "$WEB_HTTPS" = "yes" ]; then
VHOST_FILE_SA="/etc/apache2/sites-available/${DOMAIN}.${WEB_HTTPS_PORT}.conf"
VHOST_FILE_SE="/etc/apache2/sites-enabled/${DOMAIN}.${WEB_HTTPS_PORT}.conf"
VHOST_FILE_SA="$APACHE_VHOST_SITES_AVAILABLE_PATH/${DOMAIN}.${WEB_HTTPS_PORT}.conf"
VHOST_FILE_SE="$APACHE_VHOST_SITES_ENABLED_PATH/${DOMAIN}.${WEB_HTTPS_PORT}.conf"
PORT=$WEB_HTTPS_PORT template vhost-https > "$VHOST_FILE_SA"
@ -142,15 +149,13 @@ if [ "$WEB_HTTPS" = "yes" ]; then
fi
if [ "$PHP_ENABLED" = "yes" ]; then
if [ "$PHP_VERSION" = "5.6" ]; then
SERVICES_TO_RELOAD="$SERVICES_TO_RELOAD php5-fpm"
PHP_FPM_FILE="/etc/php5/fpm/pool.d/${SYSTEM_USER_USERNAME}.conf"
else
SERVICES_TO_RELOAD="$SERVICES_TO_RELOAD php${PHP_VERSION}-fpm"
PHP_FPM_FILE="/etc/php/$PHP_VERSION/fpm/pool.d/${SYSTEM_USER_USERNAME}.conf"
fi
PHP_VERSION_NORMALISED="$(echo "$PHP_VERSION" | tr -dc 1234567890)"
export PHP_FPM_PORT
eval "FPM_POOL_PATH=\$PHP_FPM${PHP_VERSION_NORMALISED}_POOL_PATH"
eval "FPM_SERVICE=\$PHP_FPM${PHP_VERSION_NORMALISED}_SERVICE"
SERVICES_TO_RELOAD="$SERVICES_TO_RELOAD $FPM_SERVICE"
PHP_FPM_FILE="$FPM_POOL_PATH/${SYSTEM_USER_USERNAME}.conf"
template php-fpm > "$PHP_FPM_FILE"
fi

查看文件

@ -1,3 +1,21 @@
WEB_HTTP_PORT=81
WEB_HTTPS_PORT=444
SKEL_PATH=/etc/skel
DEFAULT_SHELL=/bin/zsh
WEB_ROOT_PATH=/var/www/service-web/www
WEB_LOG_PATH=/services/web/logs
APACHE_VHOST_SITES_AVAILABLE_PATH=/etc/apache2/sites-available
APACHE_VHOST_SITES_ENABLED_PATH=/etc/apache2/sites-enabled
PHP_FPM56_POOL_PATH=/etc/php5/fpm/pool.d
PHP_FPM71_POOL_PATH=/etc/php/7.1/fpm/pool.d
PHP_FPM72_POOL_PATH=/etc/php/7.2/fpm/pool.d
PHP_FPM73_POOL_PATH=/etc/php/7.3/fpm/pool.d
PHP_FPM56_SERVICE=php5-fpm
PHP_FPM71_SERVICE=php7.1-fpm
PHP_FPM72_SERVICE=php7.2-fpm
PHP_FPM73_SERVICE=php7.3-fpm
PHP_BIN=/usr/bin/php7.3
WEB_HTTPS_DEFAULT_CERT_PEM=/etc/letsencrypt/live/example.com/cert.pem
WEB_HTTPS_DEFAULT_CERT_PRIVKEY=/etc/letsencrypt/live/example.com/privkey.pem
WEB_HTTPS_DEFAULT_CERT_CHAIN=/etc/letsencrypt/live/example.com/chain.pem
SYSTEM_USER_GROUP=webgroup

查看文件

@ -7,8 +7,8 @@
DocumentRoot {{ DOCUMENT_ROOT }}
SuexecUserGroup {{ SYSTEM_USER_USERNAME }} {{ SYSTEM_USER_GROUP }}
ErrorLog /services/web/logs/{{ DOMAIN }}.log
CustomLog /services/web/logs/{{ DOMAIN }}.log combined
ErrorLog {{ WEB_LOG_PATH }}/{{ DOMAIN }}.log
CustomLog {{ WEB_LOG_PATH }}/{{ DOMAIN }}.log combined
{% block force_https %}{% if WEB_HTTPS_FORCE == "yes" %}
Redirect permanent / https://{{ DOMAIN }}/
{% endif %}{% endblock %}

查看文件

@ -10,9 +10,9 @@
{{ parent() ? (parent() ~ "\n") : '' }}
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/deblan.org/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/deblan.org/privkey.pem
SSLCACertificateFile /etc/letsencrypt/live/deblan.org/chain.pem
SSLCertificateFile {{ WEB_HTTPS_DEFAULT_CERT_PEM }}
SSLCertificateKeyFile {{ WEB_HTTPS_DEFAULT_CERT_PRIVKEY }}
SSLCACertificateFile {{ WEB_HTTPS_DEFAULT_CERT_CHAIN }}
# SSLCertificateFile /etc/letsencrypt/live/{{ DOMAIN }}/cert.pem
# SSLCertificateKeyFile /etc/letsencrypt/live/{{ DOMAIN }}/privkey.pem