This repository has been archived by the owner on May 13, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvhost.sh
187 lines (150 loc) · 4.67 KB
/
vhost.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
#!/usr/bin/env bash
# Run this as sudo!
# I move this file to /usr/local/bin/vhost and run command 'vhost' from anywhere, using sudo.
#
# Show Usage, Output to STDERR
#
function show_usage {
cat <<- _EOF_
Create a new vHost in Ubuntu Server
Assumes /etc/apache2/sites-available and /etc/apache2/sites-enabled setup used
-d DocumentRoot - i.e. /var/www/yoursite
-h Help - Show this menu.
-s ServerName - i.e. example.com or sub.example.com
-a ServerAlias - i.e. *.example.com or another domain altogether
-p File path to the SSL certificate. Directories only, no file name.
If using an SSL Certificate, also creates a port :443 vhost as well.
This *ASSUMES* a .crt and a .key file exists
at file path /provided-file-path/your-server-or-cert-name.[crt|key].
Otherwise you can except Apache errors when you reload Apache.
Ensure Apache's mod_ssl is enabled via "sudo a2enmod ssl".
-c Certificate filename. "xip.io" becomes "xip.io.key" and "xip.io.crt".
Example Usage. Serve files from /var/www/xip.io at http(s)://192.168.33.10.xip.io
using ssl files from /etc/ssl/xip.io/xip.io.[key|crt]
sudo vhost -d /var/www/xip.io -s 192.168.33.10.xip.io -p /etc/ssl/xip.io -c xip.io
_EOF_
exit 1
}
#
# Output vHost skeleton, fill with userinput
# To be outputted into new file
#
function create_vhost {
cat <<- _EOF_
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName $ServerName
$ServerAlias
DocumentRoot $DocumentRoot
<Directory $DocumentRoot>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
<FilesMatch \.php$>
# Change this "proxy:unix:/path/to/fpm.socket"
# if using a Unix socket
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
</Directory>
ErrorLog \${APACHE_LOG_DIR}/$ServerName-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog \${APACHE_LOG_DIR}/$ServerName-access.log combined
</VirtualHost>
_EOF_
}
function create_ssl_vhost {
cat <<- _EOF_
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName $ServerName
$ServerAlias
DocumentRoot $DocumentRoot
<Directory $DocumentRoot>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
<FilesMatch \.php$>
# Change this "proxy:unix:/path/to/fpm.socket"
# if using a Unix socket
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
</Directory>
ErrorLog \${APACHE_LOG_DIR}/$ServerName-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog \${APACHE_LOG_DIR}/$ServerName-access.log combined
SSLEngine on
SSLCertificateFile $CertPath/$CertName.crt
SSLCertificateKeyFile $CertPath/$CertName.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
BrowserMatch "MSIE [2-6]" \\
nokeepalive ssl-unclean-shutdown \\
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
_EOF_
}
#Sanity Check - are there two arguments with 2 values?
if [ "$#" -lt 4 ]; then
show_usage
fi
CertPath=""
#Parse flags
while getopts "d:s:a:p:c:h" OPTION; do
case $OPTION in
h)
show_usage
;;
d)
DocumentRoot=$OPTARG
;;
s)
ServerName=$OPTARG
;;
a)
Alias=$OPTARG
;;
p)
CertPath=$OPTARG
;;
c)
CertName=$OPTARG
;;
*)
show_usage
;;
esac
done
# If alias is set:
if [ "$Alias" != "" ]; then
ServerAlias="ServerAlias "$Alias
else
ServerAlias=""
fi
# If CertName doesn't get set, set it to ServerName
if [ "$CertName" == "" ]; then
CertName=$ServerName
fi
if [ ! -d $DocumentRoot ]; then
mkdir -p $DocumentRoot
#chown USER:USER $DocumentRoot #POSSIBLE IMPLEMENTATION, new flag -u ?
fi
if [ -f "$DocumentRoot/$ServerName.conf" ]; then
echo 'vHost already exists. Aborting'
show_usage
else
create_vhost > /etc/apache2/sites-available/${ServerName}.conf
# Add :443 handling
if [ "$CertPath" != "" ]; then
create_ssl_vhost >> /etc/apache2/sites-available/${ServerName}.conf
fi
# Enable Site
cd /etc/apache2/sites-available/ && a2ensite ${ServerName}.conf
service apache2 reload
fi