mirror of
https://github.com/Erreur32/nginx-proxy-manager-Bash-API.git
synced 2024-12-22 13:32:11 +01:00
Fix issue activation SSL
This commit is contained in:
parent
bad8a351bd
commit
482e9e0f32
1 changed files with 149 additions and 91 deletions
|
@ -19,41 +19,39 @@
|
||||||
# ./nginx_proxy_manager_cli.sh --create-user newuser password123 user@example.com
|
# ./nginx_proxy_manager_cli.sh --create-user newuser password123 user@example.com
|
||||||
# ./nginx_proxy_manager_cli.sh --delete-user 'username'
|
# ./nginx_proxy_manager_cli.sh --delete-user 'username'
|
||||||
# ./nginx_proxy_manager_cli.sh --list-hosts
|
# ./nginx_proxy_manager_cli.sh --list-hosts
|
||||||
|
#
|
||||||
# ./nginx_proxy_manager_cli.sh --generate-cert example.com user@example.com
|
# ./nginx_proxy_manager_cli.sh --ssl-host-enable 32
|
||||||
# ./nginx_proxy_manager_cli.sh --ssl-host-enable 1
|
|
||||||
#
|
#
|
||||||
# Advanced proxy tab example:
|
# Advanced proxy tab example:
|
||||||
# ./nginx_proxy_manager_cli.sh -d example.com -i 192.168.1.10 -p 8080 -a 'proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;'
|
# ./nginx_proxy_manager_cli.sh -d example.com -i 192.168.1.10 -p 8080 -a 'proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;'
|
||||||
#
|
#
|
||||||
# Options:
|
# Options:
|
||||||
# -d DOMAIN_NAMES Domain name (required for creating/updating hosts)
|
# -d DOMAIN_NAMES Domain name (required for creating/updating hosts)
|
||||||
# -i FORWARD_HOST IP address or domain name of the target server (required for creating/updating hosts)
|
# -i FORWARD_HOST IP address or domain name of the target server (required for creating/updating hosts)
|
||||||
# -p FORWARD_PORT Port of the target server (required for creating/updating hosts)
|
# -p FORWARD_PORT Port of the target server (required for creating/updating hosts)
|
||||||
# -f FORWARD_SCHEME Scheme for forwarding (http/https, default: http)
|
# -f FORWARD_SCHEME Scheme for forwarding (http/https, default: http)
|
||||||
# -c CACHING_ENABLED Enable caching (true/false, default: false)
|
# -c CACHING_ENABLED Enable caching (true/false, default: false)
|
||||||
# -b BLOCK_EXPLOITS Block exploits (true/false, default: true)
|
# -b BLOCK_EXPLOITS Block exploits (true/false, default: true)
|
||||||
# -w ALLOW_WEBSOCKET_UPGRADE Allow WebSocket upgrade (true/false, default: true)
|
# -w ALLOW_WEBSOCKET_UPGRADE Allow WebSocket upgrade (true/false, default: true)
|
||||||
# -a ADVANCED_CONFIG Advanced configuration (block of configuration settings)
|
# -a ADVANCED_CONFIG Advanced configuration (block of configuration settings)
|
||||||
# -t TOKEN_EXPIRY Token expiry duration (default: 1y)
|
# --backup Backup all configurations to a file
|
||||||
# --backup Backup all configurations to a file
|
# --check-token Check if the current token is valid
|
||||||
# --check-token Check if the current token is valid
|
# --create-user user pass email Create a user with a username, password and email
|
||||||
# --create-user user pass email Create a user with a username, password and email
|
# --delete-user username Delete a user by username
|
||||||
# --delete-user username Delete a user by username
|
# --delete-host id Delete a proxy host by ID
|
||||||
# --delete-host id Delete a proxy host by ID
|
# --show-host id Show full details for a specific host by ID
|
||||||
# --show-host id Show full details for a specific host by ID
|
# --show-default Show default settings for creating hosts
|
||||||
# --show-default Show default settings for creating hosts
|
# --list-hosts List the names of all proxy hosts
|
||||||
# --list-hosts List the names of all proxy hosts
|
# --list-hosts-full List all proxy hosts with full details
|
||||||
# --list-hosts-full List all proxy hosts with full details
|
# --list-ssl-certificates List all SSL certificates
|
||||||
# --list-ssl-certificates List all SSL certificates
|
# --list-users List all users
|
||||||
# --list-users List all users
|
# --search-host hostname Search for a proxy host by domain name
|
||||||
# --search-host hostname Search for a proxy host by domain name
|
# --enable-host id Enable a proxy host by ID
|
||||||
# --enable-host id Enable a proxy host by ID
|
# --disable-host id Disable a proxy host by ID
|
||||||
# --disable-host id Disable a proxy host by ID
|
# --ssl-host-enable id Enable SSL, HTTP/2, and HSTS for a proxy host (don't need to generate a custom cert)
|
||||||
# --generate-cert domain email Generate a Let's Encrypt certificate for the given domain and email
|
# --ssl-host-disable id Disable SSL, HTTP/2, and HSTS for a proxy host
|
||||||
# --ssl-host-enable id Enable SSL, HTTP/2, and HSTS for a proxy host (need --generate-cert first)
|
# --generate-cert domain email Generate a Let's Encrypt or Custom certificate for the given domain and email
|
||||||
# --ssl-host-disable id Disable SSL, HTTP/2, and HSTS for a proxy host
|
# --help Display this help
|
||||||
# --help Display this help
|
|
||||||
|
|
||||||
################################
|
################################
|
||||||
# Variables to Edit (required) #
|
# Variables to Edit (required) #
|
||||||
|
@ -64,6 +62,7 @@ NGINX_IP="127.0.0.1"
|
||||||
API_USER="user@nginx"
|
API_USER="user@nginx"
|
||||||
API_PASS="pass nginx"
|
API_PASS="pass nginx"
|
||||||
|
|
||||||
|
|
||||||
#################################
|
#################################
|
||||||
# Variables to Edit (optional) #
|
# Variables to Edit (optional) #
|
||||||
#################################
|
#################################
|
||||||
|
@ -111,6 +110,7 @@ ENABLE_SSL=false
|
||||||
DISABLE_SSL=false
|
DISABLE_SSL=false
|
||||||
SHOW_HOST=false
|
SHOW_HOST=false
|
||||||
SHOW_DEFAULT=false
|
SHOW_DEFAULT=false
|
||||||
|
CUSTOM_CERT=false
|
||||||
|
|
||||||
# Colors
|
# Colors
|
||||||
COLOR_GREEN="\033[32m"
|
COLOR_GREEN="\033[32m"
|
||||||
|
@ -136,53 +136,50 @@ check_dependencies
|
||||||
|
|
||||||
# Display help
|
# Display help
|
||||||
usage() {
|
usage() {
|
||||||
echo -e "\n${COLOR_YELLOW}Usage: $0 -d domain -i ip -p port [-f forward_scheme] [-c caching_enabled] [-b block_exploits] [-w allow_websocket_upgrade] [-a advanced_config] [-t token_expiry] [--create-user username password email] [--delete-user username] [--delete-host id] [--list-hosts] [--list-hosts-full] [--list-ssl-certificates] [--list-users] [--search-host hostname] [--enable-host id] [--disable-host id] [--check-token] [--backup] [--generate-cert domain email] [--ssl-host-enable id] [--ssl-host-disable id] [--show-host id] [--show-default] [--help]${COLOR_RESET}"
|
echo -e "\n${COLOR_YELLOW}Usage:./nginx_proxy_manager_cli.sh -d domain -i ip -p port [-f forward_scheme] [-c caching_enabled] [-b block_exploits] [-w allow_websocket_upgrade] [-a advanced_config] [-t token_expiry] [--create-user username password email] [--delete-user username] [--delete-host id] [--list-hosts] [--list-hosts-full] [--list-ssl-certificates] [--list-users] [--search-host hostname] [--enable-host id] [--disable-host id] [--check-token] [--backup] [--generate-cert domain email [--custom]] [--ssl-host-enable id] [--ssl-host-disable id] [--show-host id] [--show-default] [--help]${COLOR_RESET}"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e "Examples:"
|
echo -e "Examples:"
|
||||||
echo -e "\n Backup First before do anything ;)"
|
echo -e "\n 📦 Backup First before doing anything!"
|
||||||
echo -e " ./nginx_proxy_manager_cli.sh --backup"
|
echo -e " ./nginx_proxy_manager_cli.sh --backup"
|
||||||
echo -e "\n Host Creation"
|
echo -e "\n 🌐 Host Creation"
|
||||||
echo -e " ./nginx_proxy_manager_cli.sh --show-default"
|
echo -e " ./nginx_proxy_manager_cli.sh --show-default"
|
||||||
echo -e " ./nginx_proxy_manager_cli.sh -d example.com -i 192.168.1.10 -p 8080"
|
echo -e " ./nginx_proxy_manager_cli.sh -d example.com -i 192.168.1.10 -p 8080"
|
||||||
echo -e " ./nginx_proxy_manager_cli.sh --list-hosts"
|
echo -e " ./nginx_proxy_manager_cli.sh --list-hosts"
|
||||||
echo -e " ./nginx_proxy_manager_cli.sh --show-host id"
|
echo -e " ./nginx_proxy_manager_cli.sh --show-host 1"
|
||||||
echo -e "\n User Creation"
|
echo -e "\n 👤 User Management"
|
||||||
echo -e " ./nginx_proxy_manager_cli.sh --create-user newuser password123 user@example.com"
|
echo -e " ./nginx_proxy_manager_cli.sh --create-user newuser password123 user@example.com"
|
||||||
echo -e " ./nginx_proxy_manager_cli.sh --delete-user 'username'"
|
echo -e " ./nginx_proxy_manager_cli.sh --delete-user 'username'"
|
||||||
|
echo -e "\n 🔧 Advanced Example:"
|
||||||
echo -e "\n Advanced example:"
|
|
||||||
echo -e " ./nginx_proxy_manager_cli.sh -d example.com -i 192.168.1.10 -p 8080 -a 'proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;'"
|
echo -e " ./nginx_proxy_manager_cli.sh -d example.com -i 192.168.1.10 -p 8080 -a 'proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;'"
|
||||||
echo -e " ./nginx_proxy_manager_cli.sh --generate-cert example.com user@example.com"
|
echo -e " ./nginx_proxy_manager_cli.sh --ssl-host-enable 32"
|
||||||
echo -e " ./nginx_proxy_manager_cli.sh --ssl-host-enable 1 (Must have generated a cert before !! --generate-cert)"
|
|
||||||
echo -e ""
|
echo -e ""
|
||||||
echo -e "Options:"
|
echo -e "Options:"
|
||||||
echo -e " -d ${COLOR_ORANGE}DOMAIN_NAMES${COLOR_RESET} Domain name (${COLOR_RED}required${COLOR_RESET})"
|
echo -e " -d ${COLOR_ORANGE}DOMAIN_NAMES${COLOR_RESET} Domain name (${COLOR_RED}required${COLOR_RESET})"
|
||||||
echo -e " -i ${COLOR_ORANGE}FORWARD_HOST${COLOR_RESET} IP address or domain name of the target server (${COLOR_RED}required${COLOR_RESET})"
|
echo -e " -i ${COLOR_ORANGE}FORWARD_HOST${COLOR_RESET} IP address or domain name of the target server (${COLOR_RED}required${COLOR_RESET})"
|
||||||
echo -e " -p ${COLOR_ORANGE}FORWARD_PORT${COLOR_RESET} Port of the target server (${COLOR_RED}required${COLOR_RESET})"
|
echo -e " -p ${COLOR_ORANGE}FORWARD_PORT${COLOR_RESET} Port of the target server (${COLOR_RED}required${COLOR_RESET})"
|
||||||
echo -e " -f FORWARD_SCHEME Scheme for forwarding (http/https, default: http)"
|
echo -e " -f FORWARD_SCHEME Scheme for forwarding (http/https, default: http)"
|
||||||
echo -e " -c CACHING_ENABLED Enable caching (true/false, default: $(colorize_boolean $CACHING_ENABLED))"
|
echo -e " -c CACHING_ENABLED Enable caching (true/false, default: $(colorize_boolean $CACHING_ENABLED))"
|
||||||
echo -e " -b BLOCK_EXPLOITS Block exploits (true/false, default: $(colorize_boolean $BLOCK_EXPLOITS))"
|
echo -e " -b BLOCK_EXPLOITS Block exploits (true/false, default: $(colorize_boolean $BLOCK_EXPLOITS))"
|
||||||
echo -e " -w ALLOW_WEBSOCKET_UPGRADE Allow WebSocket upgrade (true/false, default: $(colorize_boolean $ALLOW_WEBSOCKET_UPGRADE))"
|
echo -e " -w ALLOW_WEBSOCKET_UPGRADE Allow WebSocket upgrade (true/false, default: $(colorize_boolean $ALLOW_WEBSOCKET_UPGRADE))"
|
||||||
echo -e " -a ADVANCED_CONFIG Advanced configuration (string)"
|
echo -e " -a ADVANCED_CONFIG Advanced configuration (string)"
|
||||||
echo -e " -t TOKEN_EXPIRY Token expiry duration (default: ${COLOR_YELLOW}1y${COLOR_RESET})"
|
echo -e " --backup Backup all configurations to a file"
|
||||||
echo -e " --backup Backup all configurations to a file"
|
echo -e " --check-token Check if the current token is valid"
|
||||||
echo -e " --check-token Check if the current token is valid"
|
echo -e " --create-user user pass email Create a user with a username, password and email"
|
||||||
echo -e " --create-user user pass email Create a user with a username, password and email"
|
echo -e " --delete-user username Delete a user by username"
|
||||||
echo -e " --delete-user username Delete a user by username"
|
echo -e " --delete-host id Delete a proxy host by ID"
|
||||||
echo -e " --delete-host id Delete a proxy host by ID"
|
echo -e " --show-default Show default settings for creating hosts"
|
||||||
echo -e " --show-default Show default settings for creating hosts"
|
echo -e " --show-host id Show full details for a specific host by ID"
|
||||||
echo -e " --show-host id Show full details for a specific host by ID"
|
echo -e " --list-hosts List the names of all proxy hosts"
|
||||||
echo -e " --list-hosts List the names of all proxy hosts"
|
echo -e " --list-hosts-full List all proxy hosts with full details"
|
||||||
echo -e " --list-hosts-full List all proxy hosts with full details"
|
echo -e " --list-ssl-certificates List all SSL certificates"
|
||||||
echo -e " --list-ssl-certificates List all SSL certificates"
|
echo -e " --list-users List all users"
|
||||||
echo -e " --list-users List all users"
|
echo -e " --search-host hostname Search for a proxy host by domain name"
|
||||||
echo -e " --search-host hostname Search for a proxy host by domain name"
|
echo -e " --enable-host id Enable a proxy host by ID"
|
||||||
echo -e " --enable-host id Enable a proxy host by ID"
|
echo -e " --disable-host id Disable a proxy host by ID"
|
||||||
echo -e " --disable-host id Disable a proxy host by ID"
|
echo -e " --ssl-host-enable id Enable SSL, HTTP/2, and HSTS for a proxy host"
|
||||||
echo -e " --generate-cert domain email Generate a Let's Encrypt certificate for the given domain and email"
|
echo -e " --ssl-host-disable id Disable SSL, HTTP/2, and HSTS for a proxy host"
|
||||||
echo -e " --ssl-host-enable id Enable SSL, HTTP/2, and HSTS for a proxy host"
|
echo -e " --generate-cert domain email [--custom] Generate a Let's Encrypt [or] Custom certificate for the given domain and email"
|
||||||
echo -e " --ssl-host-disable id Disable SSL, HTTP/2, and HSTS for a proxy host"
|
echo -e " --help Display this help"
|
||||||
echo -e " --help Display this help"
|
|
||||||
echo
|
echo
|
||||||
exit 0
|
exit 0
|
||||||
}
|
}
|
||||||
|
@ -208,7 +205,6 @@ while getopts "d:i:p:f:c:b:w:a:t:-:" opt; do
|
||||||
b) BLOCK_EXPLOITS="$OPTARG" ;;
|
b) BLOCK_EXPLOITS="$OPTARG" ;;
|
||||||
w) ALLOW_WEBSOCKET_UPGRADE="$OPTARG" ;;
|
w) ALLOW_WEBSOCKET_UPGRADE="$OPTARG" ;;
|
||||||
a) ADVANCED_CONFIG="$OPTARG" ;;
|
a) ADVANCED_CONFIG="$OPTARG" ;;
|
||||||
t) TOKEN_EXPIRY="$OPTARG" ;;
|
|
||||||
-)
|
-)
|
||||||
case "${OPTARG}" in
|
case "${OPTARG}" in
|
||||||
help) usage ;;
|
help) usage ;;
|
||||||
|
@ -249,6 +245,7 @@ while getopts "d:i:p:f:c:b:w:a:t:-:" opt; do
|
||||||
DOMAIN="${!OPTIND}"; shift
|
DOMAIN="${!OPTIND}"; shift
|
||||||
EMAIL="${!OPTIND}"; shift
|
EMAIL="${!OPTIND}"; shift
|
||||||
;;
|
;;
|
||||||
|
custom) CUSTOM_CERT=true ;;
|
||||||
ssl-host-enable)
|
ssl-host-enable)
|
||||||
ENABLE_SSL=true
|
ENABLE_SSL=true
|
||||||
HOST_ID="${!OPTIND}"; shift
|
HOST_ID="${!OPTIND}"; shift
|
||||||
|
@ -343,6 +340,7 @@ if [[ ! "$1" =~ --help ]]; then
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
# Check if a proxy host with the given domain names already exists
|
# Check if a proxy host with the given domain names already exists
|
||||||
check_existing_proxy_host() {
|
check_existing_proxy_host() {
|
||||||
RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \
|
RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \
|
||||||
|
@ -475,8 +473,51 @@ delete_proxy_host() {
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# Function to pad strings to a certain length
|
||||||
|
pad() {
|
||||||
|
local str="$1"
|
||||||
|
local len="$2"
|
||||||
|
local str_len=${#str}
|
||||||
|
local pad_len=$((len - str_len))
|
||||||
|
local padding=$(printf '%*s' "$pad_len" "")
|
||||||
|
echo "$str$padding"
|
||||||
|
}
|
||||||
|
|
||||||
# List all proxy hosts with basic details
|
# List all proxy hosts with basic details
|
||||||
list_proxy_hosts() {
|
list_proxy_hosts() {
|
||||||
|
echo -e "\n${COLOR_ORANGE} 👉 List of proxy hosts (simple)${COLOR_RESET}"
|
||||||
|
printf " %-6s %-36s %-9s %-4s\n" "ID" "Domain" "Status" "SSL"
|
||||||
|
|
||||||
|
RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \
|
||||||
|
-H "Authorization: Bearer $(cat $TOKEN_FILE)")
|
||||||
|
|
||||||
|
echo "$RESPONSE" | jq -r '.[] | "\(.id) \(.domain_names | join(", ")) \(.enabled) \(.ssl_forced)"' | while read -r id domain enabled ssl_forced; do
|
||||||
|
if [ "$enabled" -eq 1 ]; then
|
||||||
|
#status="[${WHITE_ON_GREEN}enabled${COLOR_RESET} ]"
|
||||||
|
status="$(echo -e "${WHITE_ON_GREEN} enabled ${COLOR_RESET}")"
|
||||||
|
else
|
||||||
|
#status="[${COLOR_RED}disabled${COLOR_RESET}]"
|
||||||
|
status="$(echo -e "${COLOR_RED} disable ${COLOR_RESET}")"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$ssl_forced" -eq 1 ]; then
|
||||||
|
ssl_status="✅"
|
||||||
|
else
|
||||||
|
ssl_status="✘"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Print the row with colors
|
||||||
|
printf " ${COLOR_YELLOW}%6s${COLOR_RESET} ${COLOR_GREEN}%-36s${COLOR_RESET} %-8s %-4s\n" \
|
||||||
|
"$(pad "$id" 6)" "$(pad "$domain" 36)" "$status" "$ssl_status"
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# List all proxy hosts with basic details
|
||||||
|
list_proxy_hosts_() {
|
||||||
echo -e "\n${COLOR_ORANGE} 👉 List of proxy hosts (simple)${COLOR_RESET}"
|
echo -e "\n${COLOR_ORANGE} 👉 List of proxy hosts (simple)${COLOR_RESET}"
|
||||||
RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \
|
RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \
|
||||||
-H "Authorization: Bearer $(cat $TOKEN_FILE)")
|
-H "Authorization: Bearer $(cat $TOKEN_FILE)")
|
||||||
|
@ -550,6 +591,7 @@ list_users() {
|
||||||
echo "$RESPONSE" | jq
|
echo "$RESPONSE" | jq
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
# Create a new user
|
# Create a new user
|
||||||
create_user() {
|
create_user() {
|
||||||
if [ -z "$USERNAME" ] || [ -z "$PASSWORD" ] || [ -z "$EMAIL" ]; then
|
if [ -z "$USERNAME" ] || [ -z "$PASSWORD" ] || [ -z "$EMAIL" ]; then
|
||||||
|
@ -690,10 +732,10 @@ disable_proxy_host() {
|
||||||
# Generate Let's Encrypt certificate if not exists
|
# Generate Let's Encrypt certificate if not exists
|
||||||
generate_certificate() {
|
generate_certificate() {
|
||||||
if [ -z "$DOMAIN" ] || [ -z "$EMAIL" ]; then
|
if [ -z "$DOMAIN" ] || [ -z "$EMAIL" ]; then
|
||||||
echo " The --generate-cert option requires a domain and email."
|
echo -e "\n 🛡️ The --generate-cert option requires a domain and email."
|
||||||
usage
|
usage
|
||||||
fi
|
fi
|
||||||
echo " Checking if Let's Encrypt certificate for domain: $DOMAIN exists..."
|
echo -e "\n 👀 Checking if Let's Encrypt certificate for domain: $DOMAIN exists..."
|
||||||
|
|
||||||
RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/certificates" \
|
RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/certificates" \
|
||||||
-H "Authorization: Bearer $(cat $TOKEN_FILE)")
|
-H "Authorization: Bearer $(cat $TOKEN_FILE)")
|
||||||
|
@ -706,7 +748,7 @@ generate_certificate() {
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo " Generating Let's Encrypt certificate for domain: $DOMAIN..."
|
echo -e " ⚙️ Generating Let's Encrypt certificate for domain: $DOMAIN..."
|
||||||
|
|
||||||
DATA=$(jq -n --arg domain "$DOMAIN" --arg email "$EMAIL" --argjson agree true '{
|
DATA=$(jq -n --arg domain "$DOMAIN" --arg email "$EMAIL" --argjson agree true '{
|
||||||
provider: "letsencrypt",
|
provider: "letsencrypt",
|
||||||
|
@ -717,7 +759,7 @@ generate_certificate() {
|
||||||
}
|
}
|
||||||
}')
|
}')
|
||||||
|
|
||||||
echo -e " Please WAIT until validation or not!! \n Data being sent: $DATA" # Log the data being sent
|
echo -e "\n 🔔 Please WAIT until validation !!(or not)!! \n Data being sent: $DATA" # Log the data being sent
|
||||||
|
|
||||||
HTTP_RESPONSE=$(curl -s -w "HTTPSTATUS:%{http_code}" -X POST "$BASE_URL/nginx/certificates" \
|
HTTP_RESPONSE=$(curl -s -w "HTTPSTATUS:%{http_code}" -X POST "$BASE_URL/nginx/certificates" \
|
||||||
-H "Authorization: Bearer $(cat $TOKEN_FILE)" \
|
-H "Authorization: Bearer $(cat $TOKEN_FILE)" \
|
||||||
|
@ -735,34 +777,48 @@ generate_certificate() {
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
# Enable SSL, HTTP/2, and HSTS for a proxy host
|
|
||||||
|
# enable_ssl function
|
||||||
enable_ssl() {
|
enable_ssl() {
|
||||||
if [ -z "$HOST_ID" ]; then
|
if [ -z "$HOST_ID" ]; then
|
||||||
echo " The --ssl-host-enable option requires a host ID."
|
echo -e "\n 🛡️ The --ssl-host-enable option requires a host ID."
|
||||||
usage
|
usage
|
||||||
fi
|
fi
|
||||||
echo " Enabling SSL, HTTP/2, and HSTS for proxy host ID: $HOST_ID..."
|
echo -e "\n ✅ Enabling SSL, HTTP/2, and HSTS for proxy host ID: $HOST_ID..."
|
||||||
|
|
||||||
|
# Check host details
|
||||||
CHECK_RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \
|
CHECK_RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \
|
||||||
-H "Authorization: Bearer $(cat $TOKEN_FILE)")
|
-H "Authorization: Bearer $(cat $TOKEN_FILE)")
|
||||||
|
|
||||||
CERTIFICATE_ID=$(echo "$CHECK_RESPONSE" | jq -r '.certificate_id')
|
CERTIFICATE_ID=$(echo "$CHECK_RESPONSE" | jq -r '.certificate_id')
|
||||||
if [ "$CERTIFICATE_ID" == "null" ]; then
|
DOMAIN_NAMES=$(echo "$CHECK_RESPONSE" | jq -r '.domain_names[]')
|
||||||
echo " No certificate associated with this host."
|
|
||||||
exit 0
|
# Check if a Let's Encrypt certificate exists
|
||||||
else
|
CERT_EXISTS=$(curl -s -X GET "$BASE_URL/nginx/certificates" \
|
||||||
|
-H "Authorization: Bearer $(cat $TOKEN_FILE)" | jq -r --arg domain "$DOMAIN_NAMES" '.[] | select(.provider == "letsencrypt" and .domain_names[] == $domain) | .id')
|
||||||
|
|
||||||
|
if [ -z "$CERT_EXISTS" ]; then
|
||||||
|
echo " ⛔ No Let's Encrypt certificate associated with this host. Generating a new certificate..."
|
||||||
|
|
||||||
|
generate_certificate
|
||||||
CERTIFICATE_ID=$(curl -s -X GET "$BASE_URL/nginx/certificates" \
|
CERTIFICATE_ID=$(curl -s -X GET "$BASE_URL/nginx/certificates" \
|
||||||
-H "Authorization: Bearer $(cat $TOKEN_FILE)" | jq -r --arg DOMAIN "$DOMAIN" '.[] | select(.domain_names[] == $DOMAIN) | .id')
|
-H "Authorization: Bearer $(cat $TOKEN_FILE)" | jq -r --arg domain "$DOMAIN_NAMES" '.[] | select(.provider == "letsencrypt" and .domain_names[] == $domain) | .id')
|
||||||
|
else
|
||||||
|
echo " ✅ Existing Let's Encrypt certificate found. Using certificate ID: $CERT_EXISTS"
|
||||||
|
CERTIFICATE_ID="$CERT_EXISTS"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
DATA=$(jq -n --argjson cert_id "$CERTIFICATE_ID" '{
|
# Update the host with SSL enabled
|
||||||
|
DATA=$(jq -n --arg cert_id "$CERTIFICATE_ID" '{
|
||||||
|
certificate_id: $cert_id,
|
||||||
ssl_forced: true,
|
ssl_forced: true,
|
||||||
http2_support: true,
|
http2_support: true,
|
||||||
hsts_enabled: true,
|
hsts_enabled: true,
|
||||||
hsts_subdomains: true,
|
hsts_subdomains: false
|
||||||
certificate_id: $cert_id
|
|
||||||
}')
|
}')
|
||||||
|
|
||||||
|
echo -e "\n Data being sent for SSL enablement: $DATA" # Log the data being sent
|
||||||
|
|
||||||
HTTP_RESPONSE=$(curl -s -w "HTTPSTATUS:%{http_code}" -X PUT "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \
|
HTTP_RESPONSE=$(curl -s -w "HTTPSTATUS:%{http_code}" -X PUT "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \
|
||||||
-H "Authorization: Bearer $(cat $TOKEN_FILE)" \
|
-H "Authorization: Bearer $(cat $TOKEN_FILE)" \
|
||||||
-H "Content-Type: application/json; charset=UTF-8" \
|
-H "Content-Type: application/json; charset=UTF-8" \
|
||||||
|
@ -772,20 +828,22 @@ enable_ssl() {
|
||||||
HTTP_STATUS=$(echo "$HTTP_RESPONSE" | tr -d '\n' | sed -e 's/.*HTTPSTATUS://')
|
HTTP_STATUS=$(echo "$HTTP_RESPONSE" | tr -d '\n' | sed -e 's/.*HTTPSTATUS://')
|
||||||
|
|
||||||
if [ "$HTTP_STATUS" -eq 200 ]; then
|
if [ "$HTTP_STATUS" -eq 200 ]; then
|
||||||
echo -e " ✅ ${COLOR_GREEN}SSL, HTTP/2, and HSTS enabled successfully!${COLOR_RESET}"
|
echo -e "\n ✅ ${COLOR_GREEN}SSL, HTTP/2, and HSTS enabled successfully!${COLOR_RESET}\n"
|
||||||
else
|
else
|
||||||
echo " Data sent: $DATA" # Log the data sent
|
echo -e "\n 👉Data sent: $DATA" # Log the data sent
|
||||||
echo -e " ⛔ ${COLOR_RED}Failed to enable SSL, HTTP/2, and HSTS. HTTP status: $HTTP_STATUS. Response: $HTTP_BODY${COLOR_RESET}"
|
echo -e "\n ⛔ ${COLOR_RED}Failed to enable SSL, HTTP/2, and HSTS. HTTP status: $HTTP_STATUS. Response: $HTTP_BODY${COLOR_RESET}\n"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Function to disable SSL for a proxy host
|
# Function to disable SSL for a proxy host
|
||||||
disable_ssl() {
|
disable_ssl() {
|
||||||
if [ -z "$HOST_ID" ]; then
|
if [ -z "$HOST_ID" ]; then
|
||||||
echo " The --ssl-host-disable option requires a host ID."
|
echo -e "\n 🛡️ The --ssl-host-disable option requires a host ID."
|
||||||
usage
|
usage
|
||||||
fi
|
fi
|
||||||
echo " Disabling SSL for proxy host ID: $HOST_ID..."
|
echo -e "\n 🚫 Disabling SSL for proxy host ID: $HOST_ID..."
|
||||||
|
|
||||||
CHECK_RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \
|
CHECK_RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \
|
||||||
-H "Authorization: Bearer $(cat $TOKEN_FILE)")
|
-H "Authorization: Bearer $(cat $TOKEN_FILE)")
|
||||||
|
@ -825,7 +883,7 @@ disable_ssl() {
|
||||||
# Function to show full details for a specific host by ID
|
# Function to show full details for a specific host by ID
|
||||||
show_host() {
|
show_host() {
|
||||||
if [ -z "$HOST_ID" ]; then
|
if [ -z "$HOST_ID" ]; then
|
||||||
echo " The --show-host option requires a host ID."
|
echo -e "\n ⛔ The --show-host option requires a host ID."
|
||||||
usage
|
usage
|
||||||
fi
|
fi
|
||||||
echo -e "\n${COLOR_ORANGE} 👉 Full details for proxy host ID: $HOST_ID...${COLOR_RESET}\n"
|
echo -e "\n${COLOR_ORANGE} 👉 Full details for proxy host ID: $HOST_ID...${COLOR_RESET}\n"
|
||||||
|
@ -837,7 +895,9 @@ show_host() {
|
||||||
|
|
||||||
# Display default settings for creating hosts
|
# Display default settings for creating hosts
|
||||||
show_default() {
|
show_default() {
|
||||||
echo -e "\n 🛠 ${COLOR_YELLOW}Default settings for creating hosts (change according to your needs):${COLOR_RESET}"
|
echo -e "\n ⭐ ${COLOR_YELLOW}Default settings Token:${COLOR_RESET}"
|
||||||
|
echo -e " - TOKEN_EXPIRY: ${COLOR_ORANGE}${TOKEN_EXPIRY}${COLOR_RESET}"
|
||||||
|
echo -e "\n ⭐ ${COLOR_YELLOW}Default settings for creating hosts (change according to your needs):${COLOR_RESET}"
|
||||||
echo -e " - FORWARD_SCHEME: ${COLOR_ORANGE}${FORWARD_SCHEME}${COLOR_RESET}"
|
echo -e " - FORWARD_SCHEME: ${COLOR_ORANGE}${FORWARD_SCHEME}${COLOR_RESET}"
|
||||||
echo -e " - SSL_FORCED: ${COLOR_ORANGE}${SSL_FORCED}${COLOR_RESET}"
|
echo -e " - SSL_FORCED: ${COLOR_ORANGE}${SSL_FORCED}${COLOR_RESET}"
|
||||||
echo -e " - CACHING_ENABLED: ${COLOR_ORANGE}${CACHING_ENABLED}${COLOR_RESET}"
|
echo -e " - CACHING_ENABLED: ${COLOR_ORANGE}${CACHING_ENABLED}${COLOR_RESET}"
|
||||||
|
@ -846,8 +906,6 @@ show_default() {
|
||||||
echo -e " - HTTP2_SUPPORT: ${COLOR_ORANGE}${HTTP2_SUPPORT}${COLOR_RESET}"
|
echo -e " - HTTP2_SUPPORT: ${COLOR_ORANGE}${HTTP2_SUPPORT}${COLOR_RESET}"
|
||||||
echo -e " - HSTS_ENABLED: ${COLOR_ORANGE}${HSTS_ENABLED}${COLOR_RESET}"
|
echo -e " - HSTS_ENABLED: ${COLOR_ORANGE}${HSTS_ENABLED}${COLOR_RESET}"
|
||||||
echo -e " - HSTS_SUBDOMAINS: ${COLOR_ORANGE}${HSTS_SUBDOMAINS}${COLOR_RESET}"
|
echo -e " - HSTS_SUBDOMAINS: ${COLOR_ORANGE}${HSTS_SUBDOMAINS}${COLOR_RESET}"
|
||||||
echo -e " - ADVANCED_CONFIG: ${COLOR_ORANGE}${ADVANCED_CONFIG}${COLOR_RESET}"
|
|
||||||
echo -e " - TOKEN_EXPIRY: ${COLOR_ORANGE}${TOKEN_EXPIRY}${COLOR_RESET}"
|
|
||||||
echo
|
echo
|
||||||
exit 0
|
exit 0
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue