diff --git a/libraries/module/manage-host.sh b/libraries/module/manage-host.sh new file mode 100644 index 0000000..3ef093a --- /dev/null +++ b/libraries/module/manage-host.sh @@ -0,0 +1,172 @@ +#!/bin/bash +# Common Functions For Module: Manage Host + +# Module Functions +manage-host() { + ##################### + ## Check Functions ## + ##################### + + # Check If Array Empty + manage-host-check-array() { + if [ $1 = 0 ]; then + # Print Message + error "No hosts in host array. Aborting." + + # Exit Loop + break + fi + } + + # Check If User HTTP Directory Exists + manage-host-check-http() { + if [ ! -d /home/$1/http ]; then + # Print Message + echo "User does not have HTTP directory ($1)." + + # Continue Loop + continue + fi + } + + # Check If User Exists + manage-host-check-host() { + if [ ! -f /etc/nginx/sites-available/$1-$2.conf ]; then + # Print Message + echo "Invalid host ($2)." + + # Continue Loop + continue + fi + } + + ########################### + ## Interactive Functions ## + ########################### + + # Input Check + manage-host-input-check() { + # Check Loop + while true; do + # Take Input + read -p "Please enter a host: " HOST + + # Check Input + if [ -f /etc/nginx/sites-available/$1-$HOST.conf ]; then + # Exit Loop + break + else + # Print Error + echo "Invalid host. Ensure the host exists on the system." + fi + done + } + + # Input Host + manage-host-input-host() { + # Check Loop + while true; do + # Take Input + read -p "Please enter a host: " HOST + + # Check Input + if egrep -q '^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$' <<< $HOST; then + # Exit Loop + break + else + # Print Error + echo "Invalid host. Ensure the hostname is of valid format." + fi + done + } + + ########################## + ## Management Functions ## + ########################## + + # Add Host + manage-host-manage-add() { + subheader "Creating Host Directory..." + mkdir /home/$1/http/hosts/$2 + + subheader "Changing Host Directory Permissions..." + chown -R $1:$1 /home/$USER/http/hosts/$2 + chmod 770 /home/$USER/http/hosts/$2 + + subheader "Adding Configuration..." + cp $MODULEPATH/$MODULE/etc/nginx/sites-available/template.conf /etc/nginx/sites-available/$1-$2.conf + string_replace_file /etc/nginx/sites-available/$1-$2.conf "\$USER" "$1" + string_replace_file /etc/nginx/sites-available/$1-$2.conf "\$HOST" "$2" + touch /etc/nginx/custom.d/$1-$2.conf + } + + # Remove User + manage-host-manage-remove() { + subheader "Removing Host Configuration..." + rm -rf /etc/nginx/custom.d/$1-$2.conf + rm -rf /etc/nginx/sites-*/$1-$2.conf + + subheader "Removing Host Directory..." + rm -rf /home/$1/http/hosts/$2 + } + + # Enable Host + manage-host-enable-host() { + subheader "Enabling Host..." + ln -s /etc/nginx/sites-available/$1-$2.conf /etc/nginx/sites-enabled/$1-$2.conf + } + + # Disable Host + manage-host-disable-host() { + subheader "Disabling Host..." + rm /etc/nginx/sites-enabled/$1-$2.conf + } + + # Enable Caching + manage-host-enable-cache() { + subheader "Enabling Caching..." + string_replace_file /etc/nginx/sites-available/$1-$2.conf "#include /etc/nginx/conf.d/cache.conf" "include /etc/nginx/conf.d/cache.conf" + } + + # Disable Caching + manage-host-disable-cache() { + subheader "Disabling Caching..." + string_replace_file /etc/nginx/sites-available/$1-$2.conf "include /etc/nginx/conf.d/cache.conf" "#include /etc/nginx/conf.d/cache.conf" + } + + # Enable Hidden File Access Denial + manage-host-enable-deny() { + subheader "Enabling Hidden File Block..." + string_replace_file /etc/nginx/sites-available/$1-$2.conf "#include /etc/nginx/conf.d/deny.conf" "include /etc/nginx/conf.d/deny.conf" + } + + # Disable Hidden File Access Denial + manage-host-disable-deny() { + subheader "Disabling Hidden File Block..." + string_replace_file /etc/nginx/sites-available/$1-$2.conf "include /etc/nginx/conf.d/deny.conf" "#include /etc/nginx/conf.d/deny.conf" + } + + # Enable PHP + manage-host-enable-php() { + subheader "Enabling PHP..." + string_replace_file /etc/nginx/sites-available/$1-$2.conf "#include /etc/nginx/php.d/" "include /etc/nginx/php.d/" + } + + # Disable PHP + manage-host-disable-php() { + subheader "Disabling PHP..." + string_replace_file /etc/nginx/sites-available/$1-$2.conf "include /etc/nginx/php.d/" "#include /etc/nginx/php.d/" + } + + # Enable SSL + manage-host-enable-ssl() { + subheader "Enabling SSL..." + string_replace_file /etc/nginx/sites-available/$1-$2.conf "#listen 443 ssl" "listen 443 ssl" + } + + # Disable SSL + manage-host-disable-ssl() { + subheader "Disabling SSL..." + string_replace_file /etc/nginx/sites-available/$1-$2.conf "listen 443 ssl" "#listen 443 ssl" + } +} \ No newline at end of file diff --git a/libraries/module/manage-user.sh b/libraries/module/manage-user.sh index 851749d..f5f0d11 100755 --- a/libraries/module/manage-user.sh +++ b/libraries/module/manage-user.sh @@ -59,7 +59,7 @@ manage-user() { read -p "Please enter a user: " USER # Check Input - if grep -q '^[-0-9a-zA-Z]*$' <<< $1 || [[ $1 == "default" || $1 == "system" || $1 == "www-data" ]]; then + if grep -q '^[a-z][-a-z0-9_]*$' <<< $USER && [[ $USER != "default" || $USER != "system" || $USER != "www-data" ]]; then # Exit Loop break else @@ -87,11 +87,9 @@ manage-user() { subheader "Removing User Home..." rm -rf /home/$1 - subheader "Removing User Database..." - #PLACEHOLDER# - subheader "Removing User HTTP..." rm -rf /etc/nginx/php.d/$1.conf + rm -rf /etc/nginx/custom.d/$1-*.conf rm -rf /etc/nginx/sites-*/$1-*.conf rm -rf /etc/php5/fpm/pool.d/$1.conf } @@ -127,6 +125,25 @@ manage-user() { subheader "Removing User from Group..." deluser $1 $2 } + + # Enable PHP for User + manage-user-enable-php() { + subheader "Enabling PHP for User..." + cp $MODULEPATH/manage-user-add/etc/php5/fpm/pool.d/template.conf /etc/php5/fpm/pool.d/$1.conf + string_replace_file /etc/php5/fpm/pool.d/$1.conf "\$USER" "$1" + + subheader "Restarting Daemon..." + daemon_manage php5-fpm restart + } + + # Disable PHP for User + manage-user-disable-php() { + subheader "Disabling PHP for User..." + rm /etc/php5/fpm/pool.d/$1.conf + + subheader "Restarting Daemon..." + daemon_manage php5-fpm restart + } #################### ## Misc Functions ## @@ -143,7 +160,7 @@ manage-user() { # HTTP Directory manage-user-http-directory() { subheader "Creating HTTP Directory..." - mkdir -p /home/$1/http/{common,host,logs,secure} + mkdir -p /home/$1/http/{common,hosts,logs,secure} subheader "Changing HTTP Directory Permissions..." chown -R $1:$1 /home/$USER/http @@ -151,5 +168,9 @@ manage-user() { subheader "Adding User To WWW Group..." gpasswd -a www-data $1 + + subheader "Adding PHP Configuration..." + cp $MODULEPATH/manage-user-add/etc/nginx/php.d/template.conf /etc/nginx/php.d/$1.conf + string_replace_file /etc/nginx/php.d/$1.conf "\$USER" "$1" } } diff --git a/modules/clean-packages/init.sh b/modules/clean-packages/init.sh index f4b3641..feda445 100755 --- a/modules/clean-packages/init.sh +++ b/modules/clean-packages/init.sh @@ -3,7 +3,7 @@ # Module Warning warning "This module will remove all non-essential packages on this system, you have been warned!" -if ! (question --default yes "Do you still want to run this module and purge all non-essential packages? (Y/n)" || [ $UNATTENDED = 1 ]); then +if ! (question --default yes "Do you still want to run this module and purge all non-essential packages? (Y/n)" || [[ $UNATTENDED = 1 ]]); then # Skipped Message subheader "Skipping Module..." @@ -20,13 +20,13 @@ subheader "Creating Package List..." cp $MODULEPATH/$MODULE/$DISTRIBUTION-$VERSION/base-$ARCHITECTURE temp.list # Check Platform -if [ $PLATFORM = "hardware" ]; then +if [[ $PLATFORM = "hardware" ]]; then # Append Hardware Package List cat $MODULEPATH/$MODULE/$DISTRIBUTION-$VERSION/base-hardware-$ARCHITECTURE >> temp.list fi # Check Platform Package List -if [ -f $MODULEPATH/$MODULE/$DISTRIBUTION-$VERSION/specific-$PLATFORM-$ARCHITECTURE ]; then +if [[ -f $MODULEPATH/$MODULE/$DISTRIBUTION-$VERSION/specific-$PLATFORM-$ARCHITECTURE ]]; then # Append Platform Package List cat $MODULEPATH/$MODULE/$DISTRIBUTION-$VERSION/specific-$PLATFORM-$ARCHITECTURE >> temp.list fi diff --git a/modules/configure-general-system/init.sh b/modules/configure-general-system/init.sh index 3b53c2a..2ef0b69 100755 --- a/modules/configure-general-system/init.sh +++ b/modules/configure-general-system/init.sh @@ -2,7 +2,7 @@ # Configure (General): System Configuration # Enable BASH History -if question --default no "Do you want to enable BASH history? (y/N)" || [ $(read_variable_module bash_history) = 1 ]; then +if question --default no "Do you want to enable BASH history? (y/N)" || [[ $(read_variable_module bash_history) = 1 ]]; then subheader "Enabling BASH History..." rm /etc/profile.d/disable_history.sh &> /dev/null # Disable BASH History @@ -12,39 +12,39 @@ else fi # Enable Additional Getty Instances -if question --default no "Do you want to enable extra getty instances (uneeded on virtual machines, can save memory if disabled)? (y/N)" || [ $(read_variable_module getty_extra) = 1 ]; then +if question --default no "Do you want to enable extra getty instances (uneeded on virtual machines, can save memory if disabled)? (y/N)" || [[ $(read_variable_module getty_extra) = 1 ]]; then subheader "Enabling Additional Getty Instances..." - if [ $DISTRIBUTION = "debian" ]; then + if [[ $DISTRIBUTION = "debian" ]]; then sed -e 's/^#\([2-6].*getty.*\)/\1/' -i /etc/inittab - elif [ $DISTRIBUTION = "ubuntu" ]; then + elif [[ $DISTRIBUTION = "ubuntu" ]]; then rename.ul .conf.disabled .conf /etc/init/tty{3..6}.conf.disabled &> /dev/null fi # Disable Additional Getty Instances else subheader "Disabling Additional Getty Instances..." - if [ $DISTRIBUTION = "debian" ]; then + if [[ $DISTRIBUTION = "debian" ]]; then sed -e "s/\(^[2-6].*getty.*\)/#\1/" -i /etc/inittab - elif [ $DISTRIBUTION = "ubuntu" ]; then + elif [[ $DISTRIBUTION = "ubuntu" ]]; then rename.ul .conf .conf.disabled /etc/init/tty{3..6}.conf &> /dev/null fi fi # Change Default System Shell -if question --default yes "Do you want to change the default system shell? (Y/n)" || [ $(read_variable_module shell) != 0 ]; then +if question --default yes "Do you want to change the default system shell? (Y/n)" || [[ $(read_variable_module shell) != 0 ]]; then subheader "Changing Default System Shell..." # Attended Mode - if [ $UNATTENDED = 0 ]; then + if [[ $UNATTENDED = 0 ]]; then dpkg-reconfigure dash # Unattended Mode else # Set BASH As Default - if [ $(read_variable_module shell) = "bash" ]; then + if [[ $(read_variable_module shell) = "bash" ]]; then ln -fs bash /bin/sh ln -fs dash /bin/sh.distrib ln -fs bash.1.gz /usr/share/man/man1/sh.1.gz ln -fs dash.1.gz /usr/share/man/man1/sh.distrib.1.gz # Set DASH As Default - elif [ $(read_variable_module shell) = "dash" ]; then + elif [[ $(read_variable_module shell) = "dash" ]]; then ln -fs dash /bin/sh ln -fs bash /bin/sh.distrib ln -fs dash.1.gz /usr/share/man/man1/sh.1.gz @@ -57,16 +57,16 @@ if question --default yes "Do you want to change the default system shell? (Y/n) fi # Change System Timezone -if question --default yes "Do you want to change the system timezone? (Y/n)" || [ $(read_variable_module timezone) != 0 ]; then +if question --default yes "Do you want to change the system timezone? (Y/n)" || [[ $(read_variable_module timezone) != 0 ]]; then subheader "Changing System Timezone..." # Attended Mode - if [ $UNATTENDED = 0 ]; then + if [[ $UNATTENDED = 0 ]]; then # Set Timezone Manually dpkg-reconfigure tzdata # Unattended Mode else # Check Timezone Existance - if [ -f /usr/share/zoneinfo/$(read_variable_module timezone) ]; then + if [[ -f /usr/share/zoneinfo/$(read_variable_module timezone) ]]; then # Set Timezone From File cp /usr/share/zoneinfo/$(read_variable_module timezone) /etc/localtime echo $(read_variable_module timezone) > /etc/timezone diff --git a/modules/configure-general-user/init.sh b/modules/configure-general-user/init.sh index 8dada75..b148ee3 100755 --- a/modules/configure-general-user/init.sh +++ b/modules/configure-general-user/init.sh @@ -2,7 +2,7 @@ # Configure (General): User Files/Settings # Clean & Update Default User Files -if question --default yes "Do you want to clean and update default user files (in /etc/skel)? (Y/n)" || [ $(read_variable_module clean_default_skel) = 1 ]; then +if question --default yes "Do you want to clean and update default user files (in /etc/skel)? (Y/n)" || [[ $(read_variable_module clean_default_skel) = 1 ]]; then subheader "Cleaning Default User Files..." # Remove Skel Files rm -rf /etc/skel/.??* /etc/skel/* &> /dev/null @@ -21,7 +21,7 @@ if question --default yes "Do you want to clean and update default user files (i fi # Clean & Wipe Root Crontab -if question --default yes "Do you want to clean and wipe the root crontab? (Y/n)" || [ $(read_variable_module clean_root_crontab) = 1 ]; then +if question --default yes "Do you want to clean and wipe the root crontab? (Y/n)" || [[ $(read_variable_module clean_root_crontab) = 1 ]]; then subheader "Cleaning Root Crontab..." echo -n "" > temp crontab -u root temp diff --git a/modules/configure-http-nginx/etc/sites-available/default.conf b/modules/configure-http-nginx/etc/nginx/sites-available/default.conf similarity index 100% rename from modules/configure-http-nginx/etc/sites-available/default.conf rename to modules/configure-http-nginx/etc/nginx/sites-available/default.conf diff --git a/modules/configure-http-nginx/init.sh b/modules/configure-http-nginx/init.sh index bff0213..3612003 100755 --- a/modules/configure-http-nginx/init.sh +++ b/modules/configure-http-nginx/init.sh @@ -5,7 +5,7 @@ check_package_message "" "nginx" "install-http-nginx" # Enable Compression -if question --default yes "Do you want to enable gzip compression to save bandwidth and decrease page load time (compresses CSS, HTML, Javascript & XML at gzip compression level 6)? (Y/n)" || [ $(read_variable_module gzip) = 1 ]; then +if question --default yes "Do you want to enable gzip compression to save bandwidth and decrease page load time (compresses CSS, HTML, Javascript & XML at gzip compression level 6)? (Y/n)" || [[ $(read_variable_module gzip) = 1 ]]; then subheader "Enabling Compression..." cp -r $MODULEPATH/install-http-nginx/etc/nginx/nginx.d/gzip.conf /etc/nginx/nginx.d/ # Disable Compression @@ -15,17 +15,17 @@ else fi # Enable Virtual Host For Hostname -if question --default yes "Do you want to enable a virtual host that accepts all requests for the servers hostname (can be useful for scripts such as bandwidth monitors)? (Y/n)" || [ $(read_variable_module hostname_virtual_host) = 1 ]; then +if question --default yes "Do you want to enable a virtual host that accepts all requests for the servers hostname (can be useful for scripts such as bandwidth monitors)? (Y/n)" || [[ $(read_variable_module hostname_virtual_host) = 1 ]]; then subheader "Enabling Virtual Host For Hostname..." - mv /etc/nginx/sites-available/system.conf.disabled /etc/nginx/sites-available/system.conf + ln -s /etc/nginx/sites-available/system.conf /etc/nginx/sites-enabled/system.conf # Disable Virtual Host For Hostname else subheader "Disabling Virtual Host For Hostname..." - mv /etc/nginx/sites-available/system.conf /etc/nginx/sites-available/system.conf.disabled + rm /etc/nginx/sites-enabled/system.conf fi # Enable Proxy Cache -if question --default yes "Do you want to enable proxy cache support and create a cache directory? (Y/n)" || [ $(read_variable_module proxy_cache) = 1 ]; then +if question --default yes "Do you want to enable proxy cache support and create a cache directory? (Y/n)" || [[ $(read_variable_module proxy_cache) = 1 ]]; then subheader "Enabling Proxy Cache Support..." cp -r $MODULEPATH/install-http-nginx/etc/nginx/nginx.d/proxy_cache.conf /etc/nginx/nginx.d/ mkdir -p /var/lib/nginx/cache @@ -38,7 +38,7 @@ else fi # Enable SSL Session Cache -if question --default yes "Do you want to enable caching of SSL sessions (can increase responsiveness over SSL)? (Y/n)" || [ $(read_variable_module ssl_session_cache) = 1 ]; then +if question --default yes "Do you want to enable caching of SSL sessions (can increase responsiveness over SSL)? (Y/n)" || [[ $(read_variable_module ssl_session_cache) = 1 ]]; then subheader "Enabling SSL Session Cache..." cp -r $MODULEPATH/install-http-nginx/etc/nginx/nginx.d/ssl_session_cache.conf /etc/nginx/nginx.d/ # Disable SSL Session Cache @@ -48,15 +48,24 @@ else fi # Enable Default Host Protection -if question --default no "Do you want to protect the default host by denying unmatched requests (this will override your default virtual host if you have assigned one)? (y/N)" || [ $(read_variable_module protect_default) = 1 ]; then +if question --default no "Do you want to protect the default host by denying unmatched requests (this will override your default virtual host if you have assigned one)? (y/N)" || [[ $(read_variable_module protect_default) = 1 ]]; then subheader "Enabling Default Host Protection..." cp $MODULEPATH/$MODULE/etc/nginx/sites-available/default.conf /etc/nginx/sites-available/ # Disable Default Host Protection else # Default Host Reset - if question --default no "Do you want to reset the default host to the script default (this will override your default virtual host if you have assigned one)? (y/N)" || [ $(read_variable_module default_host_reset) = 1 ]; then + if question --default no "Do you want to reset the default host to the script default (this will override your default virtual host if you have assigned one)? (y/N)" || [[ $(read_variable_module default_host_reset) = 1 ]]; then subheader "Resetting Default Host..." cp $MODULEPATH/install-http-nginx/etc/nginx/sites-available/default.conf /etc/nginx/sites-available/ + + # Set Distribution Specific Variables + if [[ $DISTRIBUTION = "debian" ]]; then + string_replace_file /etc/nginx/sites-available/default.conf "root path" "root /usr/share/nginx/html" + string_replace_file /etc/nginx/sites-available/system.conf "root path" "root /usr/share/nginx/html" + elif [[ $DISTRIBUTION = "ubuntu" ]]; then + string_replace_file /etc/nginx/sites-available/default.conf "root path" "root /usr/share/nginx/www" + string_replace_file /etc/nginx/sites-available/system.conf "root path" "root /usr/share/nginx/www" + fi fi fi diff --git a/modules/configure-terminal-ssh/init.sh b/modules/configure-terminal-ssh/init.sh index 93334ed..7d2d653 100755 --- a/modules/configure-terminal-ssh/init.sh +++ b/modules/configure-terminal-ssh/init.sh @@ -2,7 +2,7 @@ # Configure (Terminal): SSH Configuration # Enable Root SSH Login -if question --default yes "Do you want to enable root SSH login? (Y/n)" || [ $(read_variable_module root_login) = 1 ]; then +if question --default yes "Do you want to enable root SSH login? (Y/n)" || [[ $(read_variable_module root_login) = 1 ]]; then subheader "Enabling Root SSH Login..." # Enable Root SSH Login For Dropbear if check_package "dropbear"; then @@ -31,7 +31,7 @@ else fi # Enable SFTP Umask Privacy -if question --default yes "Do you want to enable private SFTP umask settings (umask 0007 on SFTP file uploads/folder creation)? (Y/n)" || [ $(read_variable_module sftp_umask) = 1 ]; then +if question --default yes "Do you want to enable private SFTP umask settings (umask 0007 on SFTP file uploads/folder creation)? (Y/n)" || [[ $(read_variable_module sftp_umask) = 1 ]]; then subheader "Enabling SFTP Umask Privacy..." if check_package "openssh-server"; then sed -i "s/sftp-serve.*/sftp-server -u 0007/g" /etc/ssh/sshd_config diff --git a/modules/install-database-mariadb/init.sh b/modules/install-database-mariadb/init.sh index bcd1ae3..0ab03b9 100755 --- a/modules/install-database-mariadb/init.sh +++ b/modules/install-database-mariadb/init.sh @@ -19,7 +19,7 @@ fi # Set Password subheader "Setting Password..." -if [ $UNATTENDED = 1 ]; then +if [[ $UNATTENDED = 1 ]]; then # Stop Daemon daemon_manage mysql stop diff --git a/modules/install-database-mysql/init.sh b/modules/install-database-mysql/init.sh index 1f180a2..6e0153a 100755 --- a/modules/install-database-mysql/init.sh +++ b/modules/install-database-mysql/init.sh @@ -19,7 +19,7 @@ fi # Set Password subheader "Setting Password..." -if [ $UNATTENDED = 1 ]; then +if [[ $UNATTENDED = 1 ]]; then # Stop Daemon daemon_manage mysql stop diff --git a/modules/install-extra-repositories/init.sh b/modules/install-extra-repositories/init.sh index ce40c84..a0b24d1 100755 --- a/modules/install-extra-repositories/init.sh +++ b/modules/install-extra-repositories/init.sh @@ -5,7 +5,7 @@ subheader "Installing Extra Repositories..." # Attended Mode -if [ $UNATTENDED = 0 ]; then +if [[ $UNATTENDED = 0 ]]; then # Loop Through Available Repositories for file in $MODULEPATH/$MODULE/$DISTRIBUTION-$VERSION/*.sh; do # Source Scripts diff --git a/modules/install-http-nginx/init.sh b/modules/install-http-nginx/init.sh index 15a973c..f73a656 100755 --- a/modules/install-http-nginx/init.sh +++ b/modules/install-http-nginx/init.sh @@ -2,7 +2,7 @@ # Install (HTTP): Nginx # Distribution Checks -check_repository_message "debian" "dotdeb" "DotDeb" +check_repository_message "debian" "nginx" check_repository_message "ubuntu" "nginx" # Package List Update Question @@ -21,6 +21,7 @@ package_install nginx # Copy Configuration subheader "Copying Configuration..." cp -rf $MODULEPATH/$MODULE/etc/* /etc/ +mkdir /etc/nginx/sites-enabled/ # Create Caching Directory subheader "Creating Caching Directory..." @@ -35,14 +36,19 @@ chown -R www-data:www-data /etc/nginx/ssl.d chmod -R o= /etc/nginx/ssl.d # Set Distribution Specific Variables -if [ $DISTRIBUTION = "debian" ]; then +if [[ $DISTRIBUTION = "debian" ]]; then string_replace_file /etc/nginx/sites-available/default.conf "root path" "root /usr/share/nginx/html" string_replace_file /etc/nginx/sites-available/system.conf "root path" "root /usr/share/nginx/html" -elif [ $DISTRIBUTION = "ubuntu" ]; then +elif [[ $DISTRIBUTION = "ubuntu" ]]; then string_replace_file /etc/nginx/sites-available/default.conf "root path" "root /usr/share/nginx/www" string_replace_file /etc/nginx/sites-available/system.conf "root path" "root /usr/share/nginx/www" fi +# Enable Default Hosts +subheader "Enabling Default Hosts..." +ln -s /etc/nginx/sites-available/default.conf /etc/nginx/sites-enabled/default.conf +ln -s /etc/nginx/sites-available/system.conf /etc/nginx/sites-enabled/system.conf + # Common Clean common-clean diff --git a/modules/install-terminal-dropbear/init.sh b/modules/install-terminal-dropbear/init.sh index ef22ebc..59d16ee 100755 --- a/modules/install-terminal-dropbear/init.sh +++ b/modules/install-terminal-dropbear/init.sh @@ -6,7 +6,7 @@ package_update_question # Module Warning warning "This package will install the Dropbear SSH Server. If you want the OpenSSH server (they are functionally identical) cancel and run its module instead." -if ! (question --default yes "Do you still want to run this module? (Y/n)" || [ $UNATTENDED = 1 ]); then +if ! (question --default yes "Do you still want to run this module? (Y/n)" || [[ $UNATTENDED = 1 ]]); then # Skipped Message subheader "Skipping Module..." diff --git a/modules/install-terminal-openssh/init.sh b/modules/install-terminal-openssh/init.sh index 4ab6860..6aceff9 100755 --- a/modules/install-terminal-openssh/init.sh +++ b/modules/install-terminal-openssh/init.sh @@ -5,9 +5,9 @@ package_update_question # Module Warning -if [ $MODULE != "install-terminal-dropbear" ]; then +if [[ $MODULE != "install-terminal-dropbear" ]]; then warning "This package will install the OpenSSH Server. If you want the Dropbear SSH server (they are functionally identical) cancel and run its module instead." - if ! (question --default yes "Do you still want to run this module? (Y/n)" || [ $UNATTENDED = 1 ]); then + if ! (question --default yes "Do you still want to run this module? (Y/n)" || [[ $UNATTENDED = 1 ]]); then # Skipped Message subheader "Skipping Module..." diff --git a/modules/manage-host-add/config.ini b/modules/manage-host-add/config.ini new file mode 100644 index 0000000..7217ef3 --- /dev/null +++ b/modules/manage-host-add/config.ini @@ -0,0 +1,16 @@ +; Manage: Host Add +[manage_host_add] +; Users (Comma Separated) +user="main" +; Hosts (Comma Separated) +host="localhost" +; Enable Host? (Comma Separated, Accepted Values: 0 1) +enable="0" +; Enable Caching? (Comma Separated, Accepted Values: 0 1) +cache="1" +; Deny Access to Hidden Files? (Comma Separated, Accepted Values: 0 1) +deny="1" +; Enable PHP? (Comma Separated, Accepted Values: 0 1) +php="1" +; Enable SSL? (Comma Separated, Accepted Values: 0 1) +ssl="1" diff --git a/modules/manage-host-add/etc/nginx/sites-available/template.conf b/modules/manage-host-add/etc/nginx/sites-available/template.conf new file mode 100644 index 0000000..a37f77c --- /dev/null +++ b/modules/manage-host-add/etc/nginx/sites-available/template.conf @@ -0,0 +1,16 @@ +server { + listen 80; listen [::]:80; + listen 443 ssl; listen [::]:443 ssl; + server_name $HOST; + ssl_certificate /etc/nginx/ssl.d/self.pem; ssl_certificate_key /etc/nginx/ssl.d/self.key; + + access_log off; + error_log /home/$USER/http/logs/$HOST.log; + index index.html index.php; + root /home/$USER/http/hosts/$HOST; + + include /etc/nginx/conf.d/cache.conf; + include /etc/nginx/conf.d/deny.conf; + include /etc/nginx/custom.d/$USER-$HOST.conf; + include /etc/nginx/php.d/$USER.conf; +} \ No newline at end of file diff --git a/modules/manage-host-add/init.sh b/modules/manage-host-add/init.sh new file mode 100644 index 0000000..1d29f97 --- /dev/null +++ b/modules/manage-host-add/init.sh @@ -0,0 +1,132 @@ +#!/bin/bash +# Manage: Host Add + +# Check Package +check_package_message "" "nginx" "install-http-nginx" + +# Manage User +manage-user + +# Manage Host +manage-host + +# Module Function +module() { + # Check User + manage-user-check-user $USER + + # Add Host + manage-host-manage-add $USER $HOST + + # Check Host + manage-host-check-host $USER $HOST + + # Enable Host Question + if question --default yes "Do you want to enable this host? (Y/n)" || [[ $ENABLE = 1 ]]; then + manage-host-enable-host $USER $HOST + else + manage-host-disable-host $USER $HOST + fi + + # Host Cache Question + if question --default yes "Do you want to enable caching for static resources? (Y/n)" || [[ $CACHE = 1 ]]; then + manage-host-enable-cache $USER $HOST + else + manage-host-disable-cache $USER $HOST + fi + + # Host Hidden File Deny Question + if question --default yes "Do you want to deny all access to hidden files? (Y/n)" || [[ $DENY = 1 ]]; then + manage-host-enable-deny $USER $HOST + else + manage-host-disable-deny $USER $HOST + fi + + # Host PHP Question + if question --default yes "Do you want to enable PHP for this host? (Y/n)" || [[ $PHP = 1 ]]; then + manage-host-enable-php $USER $HOST + else + manage-host-disable-php $USER $HOST + fi + + # Host SSL Question + if question --default yes "Do you want to enable SSL for this host? (Y/n)" || [[ $SSL = 1 ]]; then + manage-host-enable-ssl $USER $HOST + else + manage-host-disable-ssl $USER $HOST + fi + + # Restart Daemon + subheader "Restarting Daemon..." + daemon_manage nginx restart +} + +# Attended Mode +if [[ $UNATTENDED = 0 ]]; then + # User Check + manage-user-input-check + + # Host Input + manage-host-input-host + + # Module Function + module +# Unattended Mode +else + # Define Arrays + USERLIST=$(read_variable_module user), + HOSTLIST=$(read_variable_module host), + ENABLELIST=$(read_variable_module enable), + CACHELIST=$(read_variable_module cache), + DENYLIST=$(read_variable_module deny), + PHPLIST=$(read_variable_module php), + SSLLIST=$(read_variable_module ssl), + + # Loop Through Users + while echo $USERLIST | grep -q \,; do + # Define Variables + USER=${USERLIST%%\,*} + HOST=${HOSTLIST%%\,*} + ENABLE=${ENABLELIST%%\,*} + CACHE=${CACHELIST%%\,*} + DENY=${DENYLIST%%\,*} + PHP=${PHPLIST%%\,*} + SSL=${SSLLIST%%\,*} + + # Remove Current From List + USERLIST=${USERLIST#*\,} + PASSLIST=${PASSLIST#*\,} + ENABLELIST=${ENABLELIST#*\,} + CACHELIST=${CACHELIST#*\,} + DENYLIST=${DENYLIST#*\,} + PHPLIST=${PHPLIST#*\,} + SSLLIST=${SSLLIST#*\,} + + # Check User Array State + manage-host-check-array $HOSTLIST + + # Module Function + module + done + + # Unset Arrays + unset USERLIST + unset HOSTLIST + unset ENABLELIST + unset CACHELIST + unset DENYLIST + unset PHPLIST + unset SSLLIST + + # Unset Variables + unset USER + unset HOST + unset ENABLE + unset CACHE + unset DENY + unset PHP + unset SSL +fi + +# Unset Init +unset -f init \ No newline at end of file diff --git a/modules/manage-host-manage/config.ini b/modules/manage-host-manage/config.ini new file mode 100644 index 0000000..d6dda13 --- /dev/null +++ b/modules/manage-host-manage/config.ini @@ -0,0 +1,16 @@ +; Manage: Host Manage +[manage_host_manage] +; Users (Comma Separated) +user="main" +; Hosts (Comma Separated) +host="localhost" +; Enable Host? (Comma Separated, Accepted Values: 0 1) +enable="0" +; Enable Caching? (Comma Separated, Accepted Values: 0 1) +cache="1" +; Deny Access to Hidden Files? (Comma Separated, Accepted Values: 0 1) +deny="1" +; Enable PHP? (Comma Separated, Accepted Values: 0 1) +php="1" +; Enable SSL? (Comma Separated, Accepted Values: 0 1) +ssl="1" diff --git a/modules/manage-host-manage/init.sh b/modules/manage-host-manage/init.sh new file mode 100644 index 0000000..d88a4e4 --- /dev/null +++ b/modules/manage-host-manage/init.sh @@ -0,0 +1,129 @@ +#!/bin/bash +# Manage: Host Manage + +# Check Package +check_package_message "" "nginx" "install-http-nginx" + +# Manage User +manage-user + +# Manage Host +manage-host + +# Module Function +module() { + # Check User + manage-user-check-user $USER + + # Check Host + manage-host-check-host $USER $HOST + + # Enable Host Question + if question --default yes "Do you want to enable this host? (Y/n)" || [[ $ENABLE = 1 ]]; then + manage-host-enable-host $USER $HOST + else + manage-host-disable-host $USER $HOST + fi + + # Host Cache Question + if question --default yes "Do you want to enable caching for static resources? (Y/n)" || [[ $CACHE = 1 ]]; then + manage-host-enable-cache $USER $HOST + else + manage-host-disable-cache $USER $HOST + fi + + # Host Hidden File Deny Question + if question --default yes "Do you want to deny all access to hidden files? (Y/n)" || [[ $DENY = 1 ]]; then + manage-host-enable-deny $USER $HOST + else + manage-host-disable-deny $USER $HOST + fi + + # Host PHP Question + if question --default yes "Do you want to enable PHP for this host? (Y/n)" || [[ $PHP = 1 ]]; then + manage-host-enable-php $USER $HOST + else + manage-host-disable-php $USER $HOST + fi + + # Host SSL Question + if question --default yes "Do you want to enable SSL for this host? (Y/n)" || [[ $SSL = 1 ]]; then + manage-host-enable-ssl $USER $HOST + else + manage-host-disable-ssl $USER $HOST + fi + + # Restart Daemon + subheader "Restarting Daemon..." + daemon_manage nginx restart +} + +# Attended Mode +if [[ $UNATTENDED = 0 ]]; then + # User Check + manage-user-input-check + + # Host Input + manage-host-input-check $USER + + # Module Function + module +# Unattended Mode +else + # Define Arrays + USERLIST=$(read_variable_module user), + HOSTLIST=$(read_variable_module host), + ENABLELIST=$(read_variable_module enable), + CACHELIST=$(read_variable_module cache), + DENYLIST=$(read_variable_module deny), + PHPLIST=$(read_variable_module php), + SSLLIST=$(read_variable_module ssl), + + # Loop Through Users + while echo $USERLIST | grep -q \,; do + # Define Variables + USER=${USERLIST%%\,*} + HOST=${HOSTLIST%%\,*} + ENABLE=${ENABLELIST%%\,*} + CACHE=${CACHELIST%%\,*} + DENY=${DENYLIST%%\,*} + PHP=${PHPLIST%%\,*} + SSL=${SSLLIST%%\,*} + + # Remove Current From List + USERLIST=${USERLIST#*\,} + PASSLIST=${PASSLIST#*\,} + ENABLELIST=${ENABLELIST#*\,} + CACHELIST=${CACHELIST#*\,} + DENYLIST=${DENYLIST#*\,} + PHPLIST=${PHPLIST#*\,} + SSLLIST=${SSLLIST#*\,} + + # Check User Array State + manage-host-check-array $HOSTLIST + + # Module Function + module + done + + # Unset Arrays + unset USERLIST + unset HOSTLIST + unset ENABLELIST + unset CACHELIST + unset DENYLIST + unset PHPLIST + unset SSLLIST + + # Unset Variables + unset USER + unset HOST + unset ENABLE + unset CACHE + unset DENY + unset PHP + unset SSL +fi + +# Unset Init +unset -f init \ No newline at end of file diff --git a/modules/manage-host-remove/config.ini b/modules/manage-host-remove/config.ini new file mode 100644 index 0000000..045c496 --- /dev/null +++ b/modules/manage-host-remove/config.ini @@ -0,0 +1,6 @@ +; Manage: Host Remove +[manage_host_remove] +; Users (Comma Separated) +user="main" +; Hosts (Comma Separated) +host="localhost" diff --git a/modules/manage-host-remove/init.sh b/modules/manage-host-remove/init.sh new file mode 100644 index 0000000..76f9dac --- /dev/null +++ b/modules/manage-host-remove/init.sh @@ -0,0 +1,64 @@ +#!/bin/bash +# Manage: Host Remove + +# Manage User +manage-user + +# Manage Host +manage-host + +# Module Function +module() { + # Check User + manage-user-check-user $USER + + # Check Host + manage-host-check-host $USER $HOST + + # Remove User + manage-host-manage-remove $USER $HOST +} + +# Attended Mode +if [[ $UNATTENDED = 0 ]]; then + # User Check + manage-user-input-check + + # Host Input + manage-host-input-check $USER + + # Module Function + module +# Unattended Mode +else + # Define Arrays + USERLIST=$(read_variable_module user), + HOSTLIST=$(read_variable_module host), + + # Loop Through Users + while echo $USERLIST | grep -q \,; do + # Define Variables + USER=${USERLIST%%\,*} + HOST=${HOSTLIST%%\,*} + # Remove Current From List + USERLIST=${USERLIST#*\,} + PASSLIST=${PASSLIST#*\,} + + # Check User Array State + manage-host-check-array $HOSTLIST + + # Module Function + module + done + + # Unset Arrays + unset USERLIST + unset HOSTLIST + + # Unset Variables + unset USER + unset HOST +fi + +# Unset Init +unset -f init \ No newline at end of file diff --git a/modules/manage-user-add/config.ini b/modules/manage-user-add/config.ini index 38c20c5..90d8c11 100644 --- a/modules/manage-user-add/config.ini +++ b/modules/manage-user-add/config.ini @@ -12,3 +12,5 @@ perm="1" ssh="1" ; Allow User SFTP Access? (Comma Separated, Accepted Values: 0 1) sftp="1" +; Allow User PHP Access? (Comma Separated, Accepted Values: 0 1) +php="1" diff --git a/modules/manage-user-add/etc/nginx/php.d/template.conf b/modules/manage-user-add/etc/nginx/php.d/template.conf new file mode 100644 index 0000000..76d6bf0 --- /dev/null +++ b/modules/manage-user-add/etc/nginx/php.d/template.conf @@ -0,0 +1,6 @@ +location ~ \.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass unix:/home/$USER/http/common/php.socket; + include fastcgi_params; + try_files $uri =404; +} \ No newline at end of file diff --git a/modules/manage-user-add/etc/php5/fpm/pool.d/template.conf b/modules/manage-user-add/etc/php5/fpm/pool.d/template.conf new file mode 100644 index 0000000..86c7515 --- /dev/null +++ b/modules/manage-user-add/etc/php5/fpm/pool.d/template.conf @@ -0,0 +1,10 @@ +[$USER] +listen = /home/$USER/http/common/php.socket +user = $USER +group = $USER +pm = ondemand +pm.max_children = 4 +pm.max_requests = 500 +php_flag[expose_php] = off +php_value[max_execution_time] = 120 +php_value[memory_limit] = 64M \ No newline at end of file diff --git a/modules/manage-user-add/init.sh b/modules/manage-user-add/init.sh index 52cc6a5..67a4e74 100755 --- a/modules/manage-user-add/init.sh +++ b/modules/manage-user-add/init.sh @@ -27,32 +27,39 @@ module() { # Check Package if check_package "nginx"; then # User HTTP Directory Question - if question --default yes "Do you want to add a HTTP directory for this user? (Y/n)" || [ $HTTP = 1 ]; then + if question --default yes "Do you want to add a HTTP directory for this user? (Y/n)" || [[ $HTTP = 1 ]]; then manage-user-http-directory $USER fi fi # User Set Permissions Question - if question --default yes "Do you want to set permissions for this user to enable enhanced privacy? (Y/n)" || [ $PERM = 1 ]; then + if question --default yes "Do you want to set permissions for this user to enable enhanced privacy? (Y/n)" || [[ $PERM = 1 ]]; then manage-user-set-permissions $USER fi # User Add to SSH Question - if question --default yes "Do you want to allow this user access to SSH? (Y/n)" || [ $SSH = 1 ]; then + if question --default yes "Do you want to allow this user access to SSH? (Y/n)" || [[ $SSH = 1 ]]; then manage-user-add-group $USER "ssh" else manage-user-remove-group $USER "ssh" - if question --default yes "Do you want to allow this user access to SFTP? (Y/n)" || [ $SFTP = 1 ]; then + if question --default yes "Do you want to allow this user access to SFTP? (Y/n)" || [[ $SFTP = 1 ]]; then manage-user-add-group $USER "sftp" else manage-user-remove-group $USER "sftp" fi fi + + # User PHP Question + if question --default yes "Do you want to allow this user to use PHP? (Y/n)" || [[ $PHP = 1 ]]; then + manage-user-enable-php $USER + else + manage-user-disable-php $USER + fi } # Attended Mode -if [ $UNATTENDED = 0 ]; then +if [[ $UNATTENDED = 0 ]]; then # User Input manage-user-input-user @@ -67,6 +74,7 @@ else PERMLIST=$(read_variable_module perm), SSHLIST=$(read_variable_module ssh), SFTPLIST=$(read_variable_module sftp), + PHPLIST=$(read_variable_module php), # Loop Through Users while echo $USERLIST | grep -q \,; do @@ -77,6 +85,7 @@ else PERM=${PERMLIST%%\,*} SSH=${SSHLIST%%\,*} SFTP=${SFTPLIST%%\,*} + PHP=${PHPLIST%%\,*} # Remove Current From List USERLIST=${USERLIST#*\,} @@ -85,6 +94,7 @@ else PERMLIST=${PERMLIST#*\,} SSHLIST=${SSHLIST#*\,} SFTPLIST=${SFTPLIST#*\,} + PHPLIST=${PHPLIST#*\,} # Check User Array State manage-user-check-array $USERLIST @@ -100,6 +110,7 @@ else unset PERMLIST unset SSHLIST unset SFTPLIST + unset PHPLIST # Unset Variables unset USER @@ -108,6 +119,7 @@ else unset PERM unset SSH unset SFTP + unset PHP fi # Unset Init diff --git a/modules/manage-user-manage/config.ini b/modules/manage-user-manage/config.ini index 34868fd..dac8d94 100644 --- a/modules/manage-user-manage/config.ini +++ b/modules/manage-user-manage/config.ini @@ -12,3 +12,5 @@ perm="1" ssh="1" ; Allow User SFTP Access? (Comma Separated, Accepted Values: 0 1) sftp="1" +; Allow User PHP Access? (Comma Separated, Accepted Values: 0 1) +php="1" diff --git a/modules/manage-user-manage/init.sh b/modules/manage-user-manage/init.sh index 44c2022..8c1daed 100755 --- a/modules/manage-user-manage/init.sh +++ b/modules/manage-user-manage/init.sh @@ -24,32 +24,39 @@ module() { # Check Package if check_package "nginx"; then # User HTTP Directory Question - if question --default yes "Do you want to add a HTTP directory for this user? (Y/n)" || [ $HTTP = 1 ]; then + if question --default yes "Do you want to add a HTTP directory for this user? (Y/n)" || [[ $HTTP = 1 ]]; then manage-user-http-directory $USER fi fi # User Set Permissions Question - if question --default yes "Do you want to set permissions for this user to enable enhanced privacy? (Y/n)" || [ $PERM = 1 ]; then + if question --default yes "Do you want to set permissions for this user to enable enhanced privacy? (Y/n)" || [[ $PERM = 1 ]]; then manage-user-set-permissions $USER fi # User Add to SSH Question - if question --default yes "Do you want to allow this user access to SSH? (Y/n)" || [ $SSH = 1 ]; then + if question --default yes "Do you want to allow this user access to SSH? (Y/n)" || [[ $SSH = 1 ]]; then manage-user-add-group $USER "ssh" else manage-user-remove-group $USER "ssh" - if question --default yes "Do you want to allow this user access to SFTP? (Y/n)" || [ $SFTP = 1 ]; then + if question --default yes "Do you want to allow this user access to SFTP? (Y/n)" || [[ $SFTP = 1 ]]; then manage-user-add-group $USER "sftp" else manage-user-remove-group $USER "sftp" fi fi + + # User PHP Question + if question --default yes "Do you want to allow this user to use PHP? (Y/n)" || [[ $PHP = 1 ]]; then + manage-user-enable-php $USER + else + manage-user-disable-php $USER + fi } # Attended Mode -if [ $UNATTENDED = 0 ]; then +if [[ $UNATTENDED = 0 ]]; then # User Check manage-user-input-check @@ -64,6 +71,7 @@ else PERMLIST=$(read_variable_module perm), SSHLIST=$(read_variable_module ssh), SFTPLIST=$(read_variable_module sftp), + PHPLIST=$(read_variable_module php), # Loop Through Users while echo $USERLIST | grep -q \,; do @@ -74,6 +82,7 @@ else PERM=${PERMLIST%%\,*} SSH=${SSHLIST%%\,*} SFTP=${SFTPLIST%%\,*} + PHP=${PHPLIST%%\,*} # Remove Current From List USERLIST=${USERLIST#*\,} @@ -82,6 +91,7 @@ else PERMLIST=${PERMLIST#*\,} SSHLIST=${SSHLIST#*\,} SFTPLIST=${SFTPLIST#*\,} + PHPLIST=${PHPLIST#*\,} # Check User Array State manage-user-check-array $USERLIST @@ -97,6 +107,7 @@ else unset PERMLIST unset SSHLIST unset SFTPLIST + unset PHPLIST # Unset Variables unset USER @@ -105,6 +116,7 @@ else unset PERM unset SSH unset SFTP + unset PHP fi # Unset Init diff --git a/modules/manage-user-remove/config.ini b/modules/manage-user-remove/config.ini index 44bce4c..311c76c 100644 --- a/modules/manage-user-remove/config.ini +++ b/modules/manage-user-remove/config.ini @@ -1,4 +1,4 @@ ; Manage: User Remove -[manage_user_manage] +[manage_user_remove] ; Usernames (Comma Separated) user="main" diff --git a/modules/manage-user-remove/init.sh b/modules/manage-user-remove/init.sh index 29b0d16..f5a6cd9 100755 --- a/modules/manage-user-remove/init.sh +++ b/modules/manage-user-remove/init.sh @@ -14,7 +14,7 @@ module() { } # Attended Mode -if [ $UNATTENDED = 0 ]; then +if [[ $UNATTENDED = 0 ]]; then # User Check manage-user-input-check