From 9051f912619b6813a0df34c08bad3a039d8b43fa Mon Sep 17 00:00:00 2001 From: Erreur32 Date: Fri, 12 Jul 2024 13:07:09 +0200 Subject: [PATCH] Add backup + optimisation code --- nginx_proxy_manager_cli.sh | 426 ++++++++++++++++++++++++------------- 1 file changed, 275 insertions(+), 151 deletions(-) mode change 100644 => 100755 nginx_proxy_manager_cli.sh diff --git a/nginx_proxy_manager_cli.sh b/nginx_proxy_manager_cli.sh old mode 100644 new mode 100755 index a216f98..50b0912 --- a/nginx_proxy_manager_cli.sh +++ b/nginx_proxy_manager_cli.sh @@ -1,22 +1,54 @@ #!/bin/bash -############################################################################### # Nginx Proxy Manager CLI Script # Erreur32 - July 2024 # # This script allows you to manage Nginx Proxy Manager via the API. It provides -# functionalities such as creating proxy hosts, managing users, and displaying -# configurations. +# functionalities such as creating proxy hosts, managing users, listing hosts, +# backing up configurations, and more. # # Usage: # ./nginx_proxy_manager_cli.sh [OPTIONS] # # Examples: # ./nginx_proxy_manager_cli.sh -d example.com -i 192.168.1.10 -p 8080 -s true -# ./nginx_proxy_manager_cli.sh --create-user newuser password123 +# ./nginx_proxy_manager_cli.sh --create-user newuser password123 user@example.com +# ./nginx_proxy_manager_cli.sh --delete-user 'username' # ./nginx_proxy_manager_cli.sh --list-hosts +# ./nginx_proxy_manager_cli.sh --backup # -############################################################################### +# Advanced proxy tab example: +# ./nginx_proxy_manager_cli.sh -d example.com -i 192.168.1.10 -p 8080 -a "proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;" +# +# Options: +# -d DOMAIN_NAMES Domain name (required for creating/updating hosts) +# -i FORWARD_HOST IP address or domain name of the target server (required for creating/updating hosts) +# -p FORWARD_PORT Port of the target server (required for creating/updating hosts) +# -f FORWARD_SCHEME Scheme for forwarding (http/https, default: http) +# -s SSL_FORCED Force SSL (true/false, default: false) +# -c CACHING_ENABLED Enable caching (true/false, default: false) +# -b BLOCK_EXPLOITS Block exploits (true/false, default: true) +# -w ALLOW_WEBSOCKET_UPGRADE Allow WebSocket upgrade (true/false, default: true) +# -h HTTP2_SUPPORT Support HTTP/2 (true/false, default: true) +# -a ADVANCED_CONFIG Advanced configuration (block of configuration settings) +# -e LETS_ENCRYPT_AGREE Accept Let's Encrypt (true/false, default: false) +# -m LETS_ENCRYPT_EMAIL Email for Let's Encrypt (required if LETS_ENCRYPT_AGREE is true) +# -n DNS_CHALLENGE DNS challenge (true/false, default: false) +# -t TOKEN_EXPIRY Token expiry duration (default: 1y) +# --create-user user pass Create a user with a username and password +# --delete-user username Delete a user by username +# --delete-host id Delete a proxy host by ID +# --list-hosts List the names of all proxy hosts +# --list-hosts-full List all proxy hosts with full details +# --list-ssl-certificates List all SSL certificates +# --list-users List all users +# --search-host hostname Search for a proxy host by domain name +# --enable-host id Enable a proxy host by ID +# --disable-host id Disable a proxy host by ID +# --check-token Check if the current token is valid +# --backup Backup all configurations to a file +# --help Display this help + # Variables to edit (required) NGINX_IP="127.0.0.1" @@ -25,7 +57,13 @@ API_USER="user@nginx" API_PASS="pass nginx" -################################ +#################### +# Edit (optionnal) # +#################### +BACKUP_DIR="./backups" +DATE=$(date +"%Y%m%d%H%M%S") +BACKUP_FILE="$BACKUP_DIR/backup_${NGINX_IP//./_}_$DATE.json" + # Colors COLOR_GREEN="\033[32m" COLOR_RED="\033[41;1m" @@ -39,7 +77,6 @@ BASE_URL="http://$NGINX_IP:81/api" API_ENDPOINT="/tokens" EXPIRY_FILE="expiry_${NGINX_IP}.txt" TOKEN_FILE="token_${NGINX_IP}.txt" -# Change Time velidity here TOKEN_EXPIRY="1y" # Default variables @@ -65,6 +102,8 @@ LIST_USERS=false SEARCH_HOST=false ENABLE_HOST=false DISABLE_HOST=false +CHECK_TOKEN=false +BACKUP=false # Check if necessary dependencies are installed check_dependencies() { @@ -77,22 +116,26 @@ check_dependencies() { done } -# Check if necessary dependencies are installed check_dependencies # Display help usage() { - echo -e "\n${COLOR_YELLOW}Usage: $0 -d domain -i ip -p port [-f forward_scheme] [-s ssl_forced] [-c caching_enabled] [-b block_exploits] [-w allow_websocket_upgrade] [-h http2_support] [-a advanced_config] [-e lets_encrypt_agree] [-m lets_encrypt_email] [-n dns_challenge] [-t token_expiry] [--create-user username password] [--delete-user username] [--delete-host id] [--list-hosts] [--list-hosts-full] [--list-ssl-certificates] [--list-users] [--search-host hostname] [--enable-host id] [--disable-host id] [--help]${COLOR_RESET}" + echo -e "\n${COLOR_YELLOW}Usage: $0 -d domain -i ip -p port [-f forward_scheme] [-s ssl_forced] [-c caching_enabled] [-b block_exploits] [-w allow_websocket_upgrade] [-h http2_support] [-a advanced_config] [-e lets_encrypt_agree] [-m lets_encrypt_email] [-n dns_challenge] [-t token_expiry] [--create-user username password] [--delete-user username] [--delete-host id] [--list-hosts] [--list-hosts-full] [--list-ssl-certificates] [--list-users] [--search-host hostname] [--enable-host id] [--disable-host id] [--check-token] [--backup] [--help]${COLOR_RESET}" echo "" echo -e "Examples:" + echo -e " Host Creation" echo -e " ./nginx_proxy_manager_cli.sh -d example.com -i 192.168.1.10 -p 8080 -s true" echo -e " ./nginx_proxy_manager_cli.sh --create-user newuser password123" + echo -e " ./nginx_proxy_manager_cli.sh --delete-user 'username'" echo -e " ./nginx_proxy_manager_cli.sh --list-hosts" - echo -e "" + echo -e " ./nginx_proxy_manager_cli.sh --backup" + echo -e " Advanced example:" + echo -e " ./nginx_proxy_manager_cli.sh -d example.com -i 192.168.1.10 -p 8080 -a 'proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;'" + echo "" echo -e "Options:" - echo -e " -d ${COLOR_ORANGE}DOMAIN_NAMES${COLOR_RESET} Domain name (${COLOR_RED} required ${COLOR_RESET})" - echo -e " -i ${COLOR_ORANGE}FORWARD_HOST${COLOR_RESET} IP address or domain name of the target server (${COLOR_RED} required ${COLOR_RESET})" - echo -e " -p ${COLOR_ORANGE}FORWARD_PORT${COLOR_RESET} Port of the target server (${COLOR_RED} required ${COLOR_RESET})" + echo -e " -d ${COLOR_ORANGE}DOMAIN_NAMES${COLOR_RESET} Domain name (${COLOR_RED}required${COLOR_RESET})" + echo -e " -i ${COLOR_ORANGE}FORWARD_HOST${COLOR_RESET} IP address or domain name of the target server (${COLOR_RED}required${COLOR_RESET})" + echo -e " -p ${COLOR_ORANGE}FORWARD_PORT${COLOR_RESET} Port of the target server (${COLOR_RED}required${COLOR_RESET})" echo -e " -f FORWARD_SCHEME Scheme for forwarding (http/https, default: http)" echo -e " -s SSL_FORCED Force SSL (true/false, default: $(colorize_boolean $SSL_FORCED))" echo -e " -c CACHING_ENABLED Enable caching (true/false, default: $(colorize_boolean $CACHING_ENABLED))" @@ -114,12 +157,14 @@ usage() { echo -e " --search-host hostname Search for a proxy host by domain name" echo -e " --enable-host id Enable a proxy host by ID" echo -e " --disable-host id Disable a proxy host by ID" + echo -e " --check-token Check if the current token is valid" + echo -e " --backup Backup all configurations to a file" echo -e " --help Display this help" echo exit 0 } -# Function to colorize true and false values +# Colorize boolean values for display colorize_boolean() { local value=$1 if [ "$value" = true ]; then @@ -129,7 +174,7 @@ colorize_boolean() { fi } -# Parse command-line options +# Parse options while getopts "d:i:p:f:s:c:b:w:h:a:e:m:n:t:-:" opt; do case $opt in d) DOMAIN_NAMES="$OPTARG" ;; @@ -153,6 +198,7 @@ while getopts "d:i:p:f:s:c:b:w:h:a:e:m:n:t:-:" opt; do CREATE_USER=true USERNAME="${!OPTIND}"; shift PASSWORD="${!OPTIND}"; shift + EMAIL="${!OPTIND}"; shift ;; delete-user) DELETE_USER=true @@ -178,28 +224,35 @@ while getopts "d:i:p:f:s:c:b:w:h:a:e:m:n:t:-:" opt; do DISABLE_HOST=true HOST_ID="${!OPTIND}"; shift ;; + check-token) CHECK_TOKEN=true ;; + backup) BACKUP=true ;; *) echo "Unknown option --${OPTARG}" ; usage ;; esac ;; *) usage ;; esac done -# Check if Nginx IP and port are accessible +# If no arguments are provided, display usage +if [ $# -eq 0 ]; then + usage +fi + +# Check if the Nginx Proxy Manager API is accessible check_nginx_access() { if ping -c 2 -W 2 $NGINX_IP &> /dev/null; then if curl --output /dev/null --silent --head --fail "$BASE_URL"; then - echo "Nginx url ✅ $BASE_URL" + echo " ✅ Nginx url: $BASE_URL" else - echo "Nginx url ⛔ $BASE_URL is NOT accessible." + echo " ⛔ Nginx url ⛔ $BASE_URL is NOT accessible." exit 1 fi else - echo "$NGINX_IP ⛔ is not responding. Houston, we have a problem." + echo " ⛔ $NGINX_IP ⛔ is not responding. Houston, we have a problem." exit 1 fi } -# Function to generate the token +# Generate a new API token generate_token() { response=$(curl -s -X POST "$BASE_URL$API_ENDPOINT" \ -H "Content-Type: application/json; charset=UTF-8" \ @@ -215,12 +268,12 @@ generate_token() { echo "Expiry: $expires" else echo -e "${COLOR_RED}Error generating token.${COLOR_RESET}" - echo -e "Check your [user] and [pass] and [IP]" + echo -e "Check your [user] and [pass] and [IP]" exit 1 fi } -# Function to validate the token +# Validate the existing token validate_token() { if [ ! -f "$TOKEN_FILE" ] || [ ! -f "$EXPIRY_FILE" ]; then return 1 @@ -239,21 +292,17 @@ validate_token() { fi } -# Check if Nginx is accessible -check_nginx_access +# Ensure Nginx access and token validity before proceeding +if [[ ! "$1" =~ --help ]]; then + check_nginx_access -# Check if the token file exists -if ! validate_token; then - echo "No valid token found. Generating a new token..." - generate_token + if ! validate_token; then + echo "No valid token found. Generating a new token..." + generate_token + fi fi -# Check required parameters for displaying help -if [ -z "$DOMAIN_NAMES" ] && ! $CREATE_USER && ! $DELETE_USER && ! $DELETE_HOST && ! $LIST_HOSTS && ! $LIST_HOSTS_FULL && ! $LIST_SSL_CERTIFICATES && ! $LIST_USERS && ! $SEARCH_HOST && ! $ENABLE_HOST && ! $DISABLE_HOST; then - usage -fi - -# Function to check if proxy host exists +# Check if a proxy host with the given domain names already exists check_existing_proxy_host() { RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \ -H "Authorization: Bearer $(cat $TOKEN_FILE)") @@ -274,44 +323,58 @@ check_existing_proxy_host() { fi } -# Function to update a proxy host +# Update an existing proxy host update_proxy_host() { HOST_ID=$1 echo -e "\n Updating proxy host for $DOMAIN_NAMES..." - DATA='{ - "domain_names": ["'"$DOMAIN_NAMES"'"], - "forward_host": "'"$FORWARD_HOST"'", - "forward_port": '"$FORWARD_PORT"', - "access_list_id": null, - "certificate_id": null, - "ssl_forced": '"$SSL_FORCED"', - "caching_enabled": '"$CACHING_ENABLED"', - "block_exploits": '"$BLOCK_EXPLOITS"', - "advanced_config": "'"$ADVANCED_CONFIG"'", - "meta": { - "letsencrypt_agree": '"$LETS_ENCRYPT_AGREE"', - "dns_challenge": '"$DNS_CHALLENGE"', - "letsencrypt_email": "'"$LETS_ENCRYPT_EMAIL"'" - }, - "allow_websocket_upgrade": '"$ALLOW_WEBSOCKET_UPGRADE"', - "http2_support": '"$HTTP2_SUPPORT"', - "forward_scheme": "'"$FORWARD_SCHEME"'", - "enabled": true, - "locations": [] - }' - RESPONSE=$(curl -s -X PUT "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \ + ADVANCED_CONFIG_ESCAPED=$(printf '%s' "$ADVANCED_CONFIG" | sed ':a;N;$!ba;s/\n/\\n/g' | sed 's/"/\\"/g') + + DATA=$(printf '{ + "domain_names": ["%s"], + "forward_host": "%s", + "forward_port": %s, + "access_list_id": null, + "certificate_id": null, + "ssl_forced": %s, + "caching_enabled": %s, + "block_exploits": %s, + "advanced_config": "%s", + "meta": { + "letsencrypt_agree": %s, + "dns_challenge": %s, + "letsencrypt_email": "%s" + }, + "allow_websocket_upgrade": %s, + "http2_support": %s, + "forward_scheme": "%s", + "enabled": true, + "locations": [] +}' "$DOMAIN_NAMES" "$FORWARD_HOST" "$FORWARD_PORT" "$SSL_FORCED" "$CACHING_ENABLED" "$BLOCK_EXPLOITS" "$ADVANCED_CONFIG_ESCAPED" "$LETS_ENCRYPT_AGREE" "$DNS_CHALLENGE" "$LETS_ENCRYPT_EMAIL" "$ALLOW_WEBSOCKET_UPGRADE" "$HTTP2_SUPPORT" "$FORWARD_SCHEME") + + echo -e "Request Data: $DATA" + + echo "$DATA" | jq . > /dev/null 2>&1 + if [ $? -ne 0 ]; then + echo -e "${COLOR_RED}Invalid JSON format${COLOR_RESET}" + exit 1 + fi + + RESPONSE=$(curl -v -s -X PUT "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \ -H "Authorization: Bearer $(cat $TOKEN_FILE)" \ -H "Content-Type: application/json; charset=UTF-8" \ --data-raw "$DATA") + + echo -e "Response: $RESPONSE" + if [ $(echo "$RESPONSE" | jq -r '.error | length') -eq 0 ]; then - echo -e " ${COLOR_GREEN}Proxy host updated successfully!${COLOR_RESET} ✅" + echo -e " ✅ ${COLOR_GREEN}Proxy host updated successfully!${COLOR_RESET} " else - echo -e " ${COLOR_RED}Failed to update proxy host. Error: $(echo "$RESPONSE" | jq -r '.message')${COLOR_RESET}" + echo -e " ⛔ ${COLOR_RED}Failed to update proxy host. Error: $(echo "$RESPONSE" | jq -r '.message')${COLOR_RESET}" fi } -# Function to create a new proxy host +# Create a new proxy host create_new_proxy_host() { echo "Creating proxy host for $DOMAIN_NAMES..." DATA='{ @@ -341,13 +404,13 @@ create_new_proxy_host() { -H "Content-Type: application/json; charset=UTF-8" \ --data-raw "$DATA") if [ $(echo "$RESPONSE" | jq -r '.error | length') -eq 0 ]; then - echo -e " ${COLOR_GREEN}Proxy host created successfully!${COLOR_RESET} ✅" + echo -e " ✅ ${COLOR_GREEN}Proxy host created successfully!${COLOR_RESET}" else - echo -e " ${COLOR_RED}Failed to create proxy host. Error: $(echo "$RESPONSE" | jq -r '.message')${COLOR_RESET}" + echo -e " ⛔ ${COLOR_RED}Failed to create proxy host. Error: $(echo "$RESPONSE" | jq -r '.message')${COLOR_RESET}" fi } -# Function to create or update a proxy host +# Create or update a proxy host based on the existence of the domain create_or_update_proxy_host() { if [ -z "$DOMAIN_NAMES" ] || [ -z "$FORWARD_HOST" ] || [ -z "$FORWARD_PORT" ]; then echo "The -d, -i, and -p options are required to create or update a proxy host." @@ -361,26 +424,28 @@ create_or_update_proxy_host() { check_existing_proxy_host } - -# Function to delete a proxy host +# Delete a proxy host by ID delete_proxy_host() { if [ -z "$HOST_ID" ]; then echo "The --delete-host option requires a host ID." usage fi - echo " Deleting proxy host ID: $HOST_ID..." + echo "Deleting proxy host ID: $HOST_ID..." + RESPONSE=$(curl -s -X DELETE "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \ -H "Authorization: Bearer $(cat $TOKEN_FILE)") - if [ $(echo "$RESPONSE" | jq -r '.error | length') -eq 0 ]; then - echo -e " ${COLOR_GREEN}Proxy host deleted successfully!${COLOR_RESET} ✅" + + if echo "$RESPONSE" | jq -e .error > /dev/null 2>&1; then + echo -e " ⛔ ${COLOR_RED}Failed to delete proxy host. Error: $(echo "$RESPONSE" | jq -r '.message')${COLOR_RESET}" else - echo -e " ${COLOR_RED}Failed to delete proxy host. Error: $(echo "$RESPONSE" | jq -r '.message')${COLOR_RESET}" + echo -e " ✅ ${COLOR_GREEN}Proxy host deleted successfully!${COLOR_RESET}" fi } -# Function to list all proxy hosts (simple) + +# List all proxy hosts with basic details list_proxy_hosts() { - echo -e "\n${COLOR_ORANGE} List of proxy hosts (simple)${COLOR_RESET}" + echo -e "\n${COLOR_ORANGE} 👉 List of proxy hosts (simple)${COLOR_RESET}" RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \ -H "Authorization: Bearer $(cat $TOKEN_FILE)") @@ -395,58 +460,24 @@ list_proxy_hosts() { done } - -# Function to list all proxy hosts with full details +# List all proxy hosts with full details list_proxy_hosts_full() { - echo -e "\n${COLOR_ORANGE} List of proxy hosts with full details...${COLOR_RESET}\n" + echo -e "\n${COLOR_ORANGE} 👉 List of proxy hosts with full details...${COLOR_RESET}\n" RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \ -H "Authorization: Bearer $(cat $TOKEN_FILE)") -# Parcourt chaque élément du tableau JSON et l'affiche -echo "$RESPONSE" | jq -c '.[]' | while read -r proxy; do - echo "$proxy" | jq . -done - -# echo "$RESPONSE" | jq -c '.[]' | while IFS= read -r line; do -# domain_names=$(echo "$line" | jq -r '.domain_names[]') -# advanced_config=$(echo "$line" | jq -r '.advanced_config') -# -# echo -e "${COLOR_GREEN}$domain_names${COLOR_RESET}" -# echo -e "$advanced_config" | awk '{ -# gsub(/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/, "'${COLOR_ORANGE}'&'${COLOR_RESET}'"); -# print -# }' | sed 's/^/ /' -# echo -# done -} - -# todo -list_proxy_hosts_advanced() { - echo -e "\n${COLOR_ORANGE} List of proxy hosts with full details...${COLOR_RESET}\n" - RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \ - -H "Authorization: Bearer $(cat $TOKEN_FILE)") - echo "$RESPONSE" | jq -c '.[]' | while IFS= read -r line; do - domain_names=$(echo "$line" | jq -r '.domain_names[]') - advanced_config=$(echo "$line" | jq -r '.advanced_config') - - echo -e "${COLOR_GREEN}$domain_names${COLOR_RESET}" - echo -e "$advanced_config" | awk '{ - gsub(/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/, "'${COLOR_ORANGE}'&'${COLOR_RESET}'"); - print - }' | sed 's/^/ /' - echo + echo "$RESPONSE" | jq -c '.[]' | while read -r proxy; do + echo "$proxy" | jq . done } - - -# Function to search for a proxy host and display details if found +# Search for a proxy host by domain name search_proxy_host() { if [ -z "$SEARCH_HOSTNAME" ]; then echo "The --search-host option requires a domain name." usage fi - echo -e "\n Searching for proxy host for $SEARCH_HOSTNAME..." + echo -e "\nSearching for proxy host for $SEARCH_HOSTNAME..." RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \ -H "Authorization: Bearer $(cat $TOKEN_FILE)") @@ -458,102 +489,191 @@ search_proxy_host() { done } -# Function to list all SSL certificates +# List all SSL certificates list_ssl_certificates() { - echo "List of SSL certificates..." + echo " 👉 List of SSL certificates..." RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/certificates" \ -H "Authorization: Bearer $(cat $TOKEN_FILE)") echo "$RESPONSE" | jq } -# Function to list all users +# List all users list_users() { - echo "List of users..." + echo " 👉 List of users..." RESPONSE=$(curl -s -X GET "$BASE_URL/users" \ -H "Authorization: Bearer $(cat $TOKEN_FILE)") echo "$RESPONSE" | jq } -# Function to create a user +# Create a new user create_user() { - if [ -z "$USERNAME" ] || [ -z "$PASSWORD" ]; then - echo "The username and password parameters are required to create a user." + if [ -z "$USERNAME" ] || [ -z "$PASSWORD" ] || [ -z "$EMAIL" ]; then + echo "The username, password, and email parameters are required to create a user." usage fi echo "Creating user $USERNAME..." - RESPONSE=$(curl -s -X POST "$BASE_URL/users" \ + + DATA=$(jq -n --arg username "$USERNAME" --arg password "$PASSWORD" --arg email "$EMAIL" --arg name "$USERNAME" --arg nickname "$USERNAME" --arg secret "$PASSWORD" '{ + name: $name, + nickname: $nickname, + email: $email, + roles: ["admin"], + is_disabled: false, + auth: { + type: "password", + secret: $secret + } + }') + + echo "Data being sent: $DATA" # Log the data being sent + + HTTP_RESPONSE=$(curl -s -w "HTTPSTATUS:%{http_code}" -X POST "$BASE_URL/users" \ -H "Authorization: Bearer $(cat $TOKEN_FILE)" \ -H "Content-Type: application/json; charset=UTF-8" \ - --data-raw '{ - "username": "'"$USERNAME"'", - "password": "'"$PASSWORD"'", - "roles": ["user"] - }') - if [ $(echo "$RESPONSE" | jq -r '.error | length') -eq 0 ]; then - echo -e " ${COLOR_GREEN}User created successfully!${COLOR_RESET} ✅" + --data-raw "$DATA") + + HTTP_BODY=$(echo "$HTTP_RESPONSE" | sed -e 's/HTTPSTATUS\:.*//g') + HTTP_STATUS=$(echo "$HTTP_RESPONSE" | tr -d '\n' | sed -e 's/.*HTTPSTATUS://') + + if [ "$HTTP_STATUS" -eq 201 ]; then + echo -e " ✅ ${COLOR_GREEN}User created successfully!${COLOR_RESET}" else - echo -e " ${COLOR_RED}Failed to create user. Error: $(echo "$RESPONSE" | jq -r '.message')${COLOR_RESET}" + echo "Data sent: $DATA" # Log the data sent + echo -e " ⛔ ${COLOR_RED}Failed to create user. HTTP status: $HTTP_STATUS. Response: $HTTP_BODY${COLOR_RESET}" fi } -# Function to delete a user +# Delete a user by username delete_user() { if [ -z "$USERNAME" ]; then echo "The --delete-user option requires a username." usage fi echo "Deleting user $USERNAME..." + + # Fetch the user ID based on the username USER_ID=$(curl -s -X GET "$BASE_URL/users" \ - -H "Authorization: Bearer $(cat $TOKEN_FILE)" | jq -r '.[] | select(.username == "'"$USERNAME"'") | .id') + -H "Authorization: Bearer $(cat $TOKEN_FILE)" | jq -r --arg USERNAME "$USERNAME" '.[] | select(.nickname == $USERNAME) | .id') if [ -n "$USER_ID" ]; then - RESPONSE=$(curl -s -X DELETE "$BASE_URL/users/$USER_ID" \ + HTTP_RESPONSE=$(curl -s -w "HTTPSTATUS:%{http_code}" -X DELETE "$BASE_URL/users/$USER_ID" \ -H "Authorization: Bearer $(cat $TOKEN_FILE)") - if [ $(echo "$RESPONSE" | jq -r '.error | length') -eq 0 ]; then - echo -e " ${COLOR_GREEN}User deleted successfully!${COLOR_RESET} ✅" + + HTTP_BODY=$(echo "$HTTP_RESPONSE" | sed -e 's/HTTPSTATUS\:.*//g') + HTTP_STATUS=$(echo "$HTTP_RESPONSE" | tr -d '\n' | sed -e 's/.*HTTPSTATUS://') + + if [ "$HTTP_STATUS" -eq 200 ]; then + echo -e " ✅ ${COLOR_GREEN}User deleted successfully!${COLOR_RESET}" else - echo -e " ${COLOR_RED}Failed to delete user. Error: $(echo "$RESPONSE" | jq -r '.message')${COLOR_RESET}" + echo -e " ⛔ ${COLOR_RED}Failed to delete user. HTTP status: $HTTP_STATUS. Response: $HTTP_BODY${COLOR_RESET}" fi else - echo "User not found: $USERNAME" + echo -e " ${COLOR_RED}User not found: $USERNAME${COLOR_RESET}" fi } -# Function to enable a proxy host +# Enable a proxy host by ID enable_proxy_host() { if [ -z "$HOST_ID" ]; then echo "The --enable-host option requires a host ID." usage fi - echo " Enabling proxy host ID: $HOST_ID..." - RESPONSE=$(curl -s -X PUT "$BASE_URL/nginx/proxy-hosts/$HOST_ID/enable" \ - -H "Authorization: Bearer $(cat $TOKEN_FILE)" \ - -H "Content-Type: application/json; charset=UTF-8") - if [ $(echo "$RESPONSE" | jq -r '.error | length') -eq 0 ]; then - echo -e " ${COLOR_GREEN}Proxy host enabled successfully!${COLOR_RESET} ✅" + echo "Enabling proxy host ID: $HOST_ID..." + + # Check if the proxy host exists before enabling + CHECK_RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \ + -H "Authorization: Bearer $(cat $TOKEN_FILE)") + + if echo "$CHECK_RESPONSE" | jq -e '.id' > /dev/null 2>&1; then + # Proxy host exists, proceed to enable + DATA=$(echo "$CHECK_RESPONSE" | jq '{enabled: 1}') + + HTTP_RESPONSE=$(curl -s -w "HTTPSTATUS:%{http_code}" -X PUT "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \ + -H "Authorization: Bearer $(cat $TOKEN_FILE)" \ + -H "Content-Type: application/json; charset=UTF-8" \ + --data-raw "$DATA") + + # Extract the body and the status + HTTP_BODY=$(echo "$HTTP_RESPONSE" | sed -e 's/HTTPSTATUS\:.*//g') + HTTP_STATUS=$(echo "$HTTP_RESPONSE" | tr -d '\n' | sed -e 's/.*HTTPSTATUS://') + + if [ "$HTTP_STATUS" -eq 200 ]; then + echo -e " ✅ ${COLOR_GREEN}Proxy host enabled successfully!${COLOR_RESET}" + else + echo -e " ⛔ ${COLOR_RED}Failed to enable proxy host. HTTP status: $HTTP_STATUS. Response: $HTTP_BODY${COLOR_RESET}" + fi else - echo -e " ${COLOR_RED}Failed to enable proxy host. Error: $(echo "$RESPONSE" | jq -r '.message')${COLOR_RESET}" + echo -e " ⛔ ${COLOR_RED}Proxy host with ID $HOST_ID does not exist.${COLOR_RESET}" fi } -# Function to disable a proxy host +# Disable a proxy host by ID disable_proxy_host() { if [ -z "$HOST_ID" ]; then echo "The --disable-host option requires a host ID." usage fi - echo " Disabling proxy host ID: $HOST_ID..." - RESPONSE=$(curl -s -X PUT "$BASE_URL/nginx/proxy-hosts/$HOST_ID/disable" \ - -H "Authorization: Bearer $(cat $TOKEN_FILE)" \ - -H "Content-Type: application/json; charset=UTF-8") - if [ $(echo "$RESPONSE" | jq -r '.error | length') -eq 0 ]; then - echo -e " ${COLOR_GREEN}Proxy host disabled successfully!${COLOR_RESET} ✅" + echo "Disabling proxy host ID: $HOST_ID..." + + # Check if the proxy host exists before disabling + CHECK_RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \ + -H "Authorization: Bearer $(cat $TOKEN_FILE)") + + if echo "$CHECK_RESPONSE" | jq -e '.id' > /dev/null 2>&1; then + # Proxy host exists, proceed to disable + DATA=$(echo "$CHECK_RESPONSE" | jq '{enabled: 0}') + + HTTP_RESPONSE=$(curl -s -w "HTTPSTATUS:%{http_code}" -X PUT "$BASE_URL/nginx/proxy-hosts/$HOST_ID" \ + -H "Authorization: Bearer $(cat $TOKEN_FILE)" \ + -H "Content-Type: application/json; charset=UTF-8" \ + --data-raw "$DATA") + + # Extract the body and the status + HTTP_BODY=$(echo "$HTTP_RESPONSE" | sed -e 's/HTTPSTATUS\:.*//g') + HTTP_STATUS=$(echo "$HTTP_RESPONSE" | tr -d '\n' | sed -e 's/.*HTTPSTATUS://') + + if [ "$HTTP_STATUS" -eq 200 ]; then + echo -e " ✅ ${COLOR_GREEN}Proxy host disabled successfully!${COLOR_RESET}" + else + echo -e " ⛔ ${COLOR_RED}Failed to disable proxy host. HTTP status: $HTTP_STATUS. Response: $HTTP_BODY${COLOR_RESET}" + fi else - echo -e " ${COLOR_RED}Failed to disable proxy host. Error: $(echo "$RESPONSE" | jq -r '.message')${COLOR_RESET}" + echo -e " ⛔ ${COLOR_RED}Proxy host with ID $HOST_ID does not exist.${COLOR_RESET}" fi } -# Call functions based on options +# Perform a full backup of all configurations +full_backup() { + mkdir -p "$BACKUP_DIR" + + # Backup proxy hosts + RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/proxy-hosts" \ + -H "Authorization: Bearer $(cat $TOKEN_FILE)") + echo "$RESPONSE" | jq '.' > "$BACKUP_DIR/proxy_hosts_${NGINX_IP//./_}_$DATE.json" + + # Backup users + RESPONSE=$(curl -s -X GET "$BASE_URL/users" \ + -H "Authorization: Bearer $(cat $TOKEN_FILE)") + echo "$RESPONSE" | jq '.' > "$BACKUP_DIR/users_${NGINX_IP//./_}_$DATE.json" + + # Backup SSL certificates + RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/certificates" \ + -H "Authorization: Bearer $(cat $TOKEN_FILE)") + echo "$RESPONSE" | jq '.' > "$BACKUP_DIR/ssl_certificates_${NGINX_IP//./_}_$DATE.json" + + # Backup access lists + RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/access-lists" \ + -H "Authorization: Bearer $(cat $TOKEN_FILE)") + echo "$RESPONSE" | jq '.' > "$BACKUP_DIR/access_lists_${NGINX_IP//./_}_$DATE.json" + + # Backup settings + RESPONSE=$(curl -s -X GET "$BASE_URL/nginx/settings" \ + -H "Authorization: Bearer $(cat $TOKEN_FILE)") + echo "$RESPONSE" | jq '.' > "$BACKUP_DIR/settings_${NGINX_IP//./_}_$DATE.json" + + echo -e " ✅ ${COLOR_GREEN}Full backup completed successfully!${COLOR_RESET}" +} + if [ "$CREATE_USER" = true ]; then create_user elif [ "$DELETE_USER" = true ]; then @@ -574,6 +694,10 @@ elif [ "$ENABLE_HOST" = true ]; then enable_proxy_host elif [ "$DISABLE_HOST" = true ]; then disable_proxy_host +elif [ "$CHECK_TOKEN" = true ]; then + validate_token +elif [ "$BACKUP" = true ]; then + full_backup else create_or_update_proxy_host fi