From: Ian Kelling Date: Mon, 3 Apr 2017 03:50:41 +0000 (-0700) Subject: add/improve proxy/port args X-Git-Url: https://iankelling.org/git/?a=commitdiff_plain;h=8d1ae39c659072b6407e913ac8a4df998f2c159a;p=basic-https-conf add/improve proxy/port args --- diff --git a/apache-site b/apache-site index cf0aa4a..2405713 100755 --- a/apache-site +++ b/apache-site @@ -28,8 +28,9 @@ location for storing certs. EXTRA_SETTINGS_FILE can be - for stdin -c CERT_DIR In priority: this arg, $ACME_TINY_WRAPPER_CERT_DIR, $HOME/webservercerts, if the other options aren't set. +-f [ADDR:]PORT Enable proxy to [ADDR:]PORT. ADDR default is 127.0.0.1 -i Insecure, no ssl --p ADDR_PORT Main address and port to listen on, default *:443 +-p PORT Main port to listen on, default 443 -r DocumentRoot -h|--help Print help and exit @@ -46,14 +47,15 @@ if [[ ! $cert_dir ]]; then fi ssl=true extra_settings= -addr_port="*:443" -temp=$(getopt -l help ic:p:r:h "$@") || usage 1 +port=443 +temp=$(getopt -l help ic:f:p:r:h "$@") || usage 1 eval set -- "$temp" while true; do case $1 in - -i) ssl=false; shift ;; -c) cert_dir="$2"; shift 2 ;; - -p) addr_port="$2"; shift 2 ;; + -f) proxy="$2"; shift 2 ;; + -i) ssl=false; shift ;; + -p) port="$2"; shift 2 ;; -r) root="$2"; shift 2 ;; --) shift; break ;; -h|--help) usage ;; @@ -76,7 +78,9 @@ if [[ ! $root ]]; then root=/var/www/$h/html fi -port=${addr_port##*:} +if [[ $proxy ]]; then + [[ $proxy == *:* ]] || proxy=127.0.0.1:$proxy +fi ##### end command line parsing ######## @@ -100,21 +104,20 @@ vhost_file=/etc/apache2/sites-enabled/$h.conf redir_file=/etc/apache2/sites-enabled/httpsredir.conf # note, we exepct ServerRoot of /etc/apache2 -cd /etc/apache2 -conf_files=(apache2.conf) - # apache requires exactly 1 listen directive per port (when no ip is also given), # so we have to parse the config to do it programatically. listen_80=false listen_port=false -while (( i=0; i < ${#conf_files[@]}; i++ )); do +cd /etc/apache2 +conf_files=(apache2.conf) +for (( i=0; i < ${#conf_files[@]}; i++ )); do f="${conf_files[i]}" # note: globs are expanded here: conf_files+=( $(sed -rn "s,^\s*Include(Optional)?\s+(\S+).*,\2,p" "$f") ) case $(readlink -f "$f") in $vhost_file|$redir_file) continue ;; esac - for p in $(sed -rn "s,^\s*Listen\s+(\S+).*,\1,p" "$f"); do + for p in $(sed -rn "s,^\s*listen\s+(\S+).*,\1,Ip" "$f"); do case $p in 80) listen_80=true ;; $port) listen_port=true ;; @@ -129,7 +132,7 @@ fi echo "$0: creating $vhost_file" cat >$vhost_file < + ServerName $h ServerAlias www.$h DocumentRoot $root @@ -148,6 +151,16 @@ if [[ -e /etc/apache2/mods-available/http2.load ]]; then EOF fi +if [[ $proxy ]]; then + a2enmod proxy proxy_http + # fyi: trailing slash is important + # reference: https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html + cat >>$vhost_file <>$vhost_file <>/etc/nginx/sites-enabled/$h.conf fi -if [[ $proxy_port ]]; then +if [[ $proxy ]]; then cat >>/etc/nginx/sites-enabled/$h.conf <