#!/bin/bash
######
###
### Script de creation auto de virtualhost pour apache2 sous debian 6 et 7
###
### Version : 0.6
###
### Date : 19/03/2014
###
### Jean-Francois GUILLAUME alias MrBear
###
### See bottom of file for changelog
###
######
prefligh_check() {
# Verifier si le script est lance par root
if [ "$(id -u)" != "0" ]; then
echo "Ce script doit etre lance avec les droits root" 1>&2
exit 1
fi
# Verifier si le script est lance sur debian
if [ $(lsb_release -si) != 'Debian' ]
then
echo "Ce script ne fonctionne qu'avec Debian et apache installe depuis les depots"
exit 1
fi
}
setup() {
ANS=""
SITENAME=""
PASSWORD=""
FQDN=`dnsdomainname`
HTTP_PORT=80
HTTPS_PORT=443
PROXY_PORT=0
PASSMYSQL=""
MYSQL="n"
TYPE="HTTP"
}
promt_info() {
INFO="USER : $SITENAME PASSWORD : $PASSWORD\n"
case $TYPE in
"HTTP_ONLY")
INFO=$INFO"
PORT HTTP : $HTTP_PORT\n
Adresse : http://$SITENAME.$FQDN\n
"
;;
"HTTPS_ONLY")
INFO=$INFO"
PORT HTTPS : $HTTPS_PORT\n
Adresse : https://$SITENAME.$FQDN\n
"
;;
"HTTP_HTTPS")
INFO=$INFO"
PORT HTTP : $HTTP_PORT\n
PORT HTTPS : $HTTPS_PORT\n
Adresse : http://$SITENAME.$FQDN\n
Adresse : https://$SITENAME.$FQDN\n
"
;;
"HTTP_PROXY")
INFO=$INFO"
PORT HTTP : $HTTP_PORT\n
Adresse : http://$SITENAME.$FQDN\n
PORT DESTINATION : $PROXY_PORT\n
"
;;
"HTTPS_PROXY")
INFO=$INFO"
PORT HTTP : $HTTP_PORT\n
Adresse : http://$SITENAME.$FQDN\n
PORT DESTINATION : $PROXY_PORT\n
"
;;
"HTTP_HTTPS_PROXY")
INFO=$INFO"
PORT HTTP : $HTTP_PORT\n
PORT HTTPS : $HTTPS_PORT\n
Adresse : http://$SITENAME.$FQDN\n
Adresse : https://$SITENAME.$FQDN\n
PORT DESTINATION : $PROXY_PORT\n
"
;;
esac
if [ _$MYSQL = _o -a _$MYSQL = _O ]
then
INFO=$INFO"
Mysql :\n
Host : localhost\n
Database : $SITENAME\n
Password : $PASSWORD\n
"
fi
echo -e $INFO
}
promt_check_site() {
echo
echo "Le site sera accessible a l'adresse : http://$SITENAME.$FQDN"
echo
echo -n "Est-ce correct ?(o/[n]) "
read ANS
if [ _$ANS != _o -a _$ANS != _O ]
then
echo -n "Que doit on mettre apres $SITENAME. ?"
read FQDN
promt_check_site
fi
create_user
}
read_SITENAME() {
echo "Bienvenue sur le script de creation automatique de site pour apache.
Chaque site est lie à un compte linux.
Nous allon maintenant proceder a la creation d'un nouveau site.
"
echo -n "Entrez le nom du compte a creer : "
read SITENAME;
echo -n "Entrez son mot de passe : "
read PASSWORD
PASSMYSQL=$PASSWORD
promt_check_site
}
create_user() {
echo "Creating User..."
adduser --group --system --disabled-login --gecos 'User for $SITENAME.$FQDN' $SITENAME
echo " + User cree"
echo $SITENAME:$PASSWORD | chpasswd
echo " + Mot de passe cree"
mkdir -p /home/$SITENAME/web/ /home/$SITENAME/logs/ /home/$SITENAME/ssl/ /home/$SITENAME/cgi-bin
echo " + Repertoires crees"
chmod -R u+rwx,g+rx-w,o-rwx /home/$SITENAME
chown -R $SITENAME:www-data /home/$SITENAME
chmod ug+rwx,o-rwx /home/$SITENAME/web
chmod ug+rwx,o-rwx /home/$SITENAME/logs
chmod ug+rwx,o-rwx /home/$SITENAME/ssl
chmod u+rwx,g+rx,o-rwx /home/$SITENAME/cgi-bin
echo " + Droits accordes"
echo "==== Utilisateur cree ===="
type_vhost
}
type_vhost() {
echo "
Quel type de site devons nous creer ?
Type disponibles :
* HTTP_ONLY
* HTTPS_ONLY
* HTTP_HTTPS
* HTTP_PROXY
* HTTPS_PROXY
* HTTP_HTTPS_PROXY"
set_type
}
set_type() {
echo -n "Type de site ? : "
read ANS
case $ANS in
"HTTP_ONLY" | "HTTPS_ONLY" | "HTTP_HTTPS" | "HTTP_PROXY" | "HTTPS_PROXY" | "HTTP_HTTPS_PROXY")
TYPE=$ANS
check_type
;;
*)
echo "Type non valide."
set_type
;;
esac
}
check_type() {
echo "Nous allons creer un site de type $TYPE"
echo -n "Est-ce correct ?(o/[n]) "
read ANS
if [ _$ANS != _o -a _$ANS != _O ]
then
set_type
else
if [ TYPE = "HTTPS_ONLY" ] || [ TYPE = "HTTP_HTTPS" ] || [ TYPE = "HTTPS_PROXY" ] || [ "HTTP_HTTPS_PROXY" ]
then
echo "Merci de bien vouloir deposer votre certificat sous la forme d'un fichier ssl.pem dans le dossier /ssl"
fi
check_port
fi
}
create_vhost() {
case $TYPE in
"HTTP_ONLY" | "HTTP_PROXY")
VHOST="<virtualhost *:$HTTP_PORT>\n"
build_vhost ""
;;
"HTTPS_ONLY" | "HTTPS_PROXY")
VHOST="<virtualhost *:$HTTPS_PORT>\n"
build_vhost "HTTPS"
;;
"HTTP_HTTPS" | "HTTP_HTTPS_PROXY")
VHOST="<virtualhost *:$HTTP_PORT>\n"
build_vhost ""
VHOST=$VHOST"<virtualhost *:$HTTPS_PORT>\n"
build_vhost "HTTPS"
;;
esac
write_vhost
}
check_port() {
case $TYPE in
"HTTP_ONLY")
read_http_port
;;
"HTTPS_ONLY")
read_https_port
;;
"HTTP_HTTPS")
read_http_port
read_https_port
;;
"HTTP_PROXY")
read_http_port
read_proxy_port
;;
"HTTPS_PROXY")
read_https_port
read_proxy_port
;;
"HTTP_HTTPS_PROXY")
read_http_port
read_https_port
read_proxy_port
;;
esac
create_vhost
}
read_http_port() {
echo "Port actuel : $HTTP_PORT"
echo -n "Est-ce correct ?(o/[n]) "
read ANS
if [ _$ANS != _o -a _$ANS != _O ]
then
echo -n "Nouveau port : "
read HTTP_PORT
check_port
fi
check_listen
}
read_https_port() {
echo "Port actuel : $HTTPS_PORT"
echo -n "Est-ce correct ?(o/[n]) "
read ANS
if [ _$ANS != _o -a _$ANS != _O ]
then
echo -n "Nouveau port : "
read HTTP_PORT
check_port
fi
check_listen
}
read_proxy_port() {
echo "Port actuel : $PROXY_PORT"
echo -n "Est-ce correct ?(o/[n]) "
read ANS
if [ _$ANS != _o -a _$ANS != _O ]
then
echo -n "Nouveau port : "
read PROXY_PORT
check_port
fi
check_listen
}
check_listen() {
if grep -q "Listen $1" "/etc/apache2/ports.conf"
then
if grep -q "NameVirtualHost *:$1" "/etc/apache2/ports.conf"
then
echo "Rien a faire" > "/dev/null"
else
sed -i".bak" '/Listen $1/d' "/etc/apache2/ports.conf"
echo -e "NameVirtualHost *:$1\nListen $1" >> "/etc/apache2/ports.conf"
fi
else
echo -e "NameVirtualHost *:$1\nListen $1"
fi
}
build_vhost() {
VHOST=$VHOST"
ServerAdmin admin@$SITENAME.$FQDN\n
ServerName $SITENAME.$FQDN\n
ServerAlias $SITENAME.$FQDN\n
\n
# Logfiles\n
ErrorLog /home/$SITENAME/logs/error.log\n
CustomLog /home/$SITENAME/logs/access.log combined\n
\n"
if [ "$1" = "HTTPS" ]
then
if [ $TYPE = "HTTPS_ONLY" ] || [ $TYPE = "HTTP_HTTPS" ] || [ $TYPE = "HTTPS_PROXY" ] || [ "HTTP_HTTPS_PROXY" ]
then
VHOST=$VHOST"\n
SSLEngine on\n
SSLProtocol all -SSLv2\n
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM\n
\n
SSLCertificateFile /home/$SITENAME/ssl/ssl.pem\n
\n"
fi
fi
if [ $TYPE = "HTTP_PROXY" ] || [ $TYPE = "HTTPS_PROXY" ] || [ $TYPE = "HTTP_HTTPS_PROXY" ]
then
VHOST=$VHOST"\n
#Proxy port\n
ProxyPass / http://$SITENAME.$FQDN:$PROXY_PORT/\n
ProxyPassReverse / http://$SITENAME.$FQDN:$PROXY_PORT/\n
ProxyPreserveHost On\n
\n"
else
VHOST=$VHOST"\n
# Directory root + Indexes\n
DocumentRoot /home/$SITENAME/web/\n
DirectoryIndex index.html index.php\n
\n
# CGI directory\n
ScriptAlias /cgi-bin/ /home/$SITENAME/cgi-bin/\n
<directory /home/$SITENAME/web/>\n
AllowOverride All\n
Options -Indexes +ExecCGI\n
Order Deny,Allow\n
Allow from all\n
</directory>\n"
fi
VHOST=$VHOST"\n
</virtualhost>\n
\n"
}
write_vhost() {
echo -e $VHOST >> "/etc/apache2/sites-available/$SITENAME.$FQDN"
echo " + VirtualHost cree"
enable_vhost
}
enable_vhost() {
a2ensite $SITENAME.$FQDN
/etc/init.d/apache2 restart
ask_mysql
}
ask_mysql() {
echo -n "Faut-il installer une base de donnees MySQL ?(o/[n]) "
read ANS
if [ _$ANS = _o -o _$ANS = _O ]
then
echo -n "Faut-il que la base soit accessible depuis n'importe ou ?(o/[n]) "
read ANS
if [ _$ANS != _o -o _$ANS != _O ]
then
echo " Veuillez entrer le password Root MySQL"
mysql -u root -p <<END_COMMANDS
CREATE DATABASE $SITENAME;
CREATE USER `$SITENAME`@`localhost` IDENTIFIED BY '$PASSMYSQL';
GRANT ALL PRIVILEGES ON `$SITENAME`.* TO `$SITENAME`@`localhost` ;
FLUSH PRIVILEGES;
END_COMMANDS
else
echo " Veuillez entrer le password Root MySQL"
mysql -u root -p <<END_COMMANDS
CREATE DATABASE $SITENAME;
CREATE USER `$SITENAME`@`localhost` IDENTIFIED BY '$PASSMYSQL';
CREATE USER `$SITENAME`@`%` IDENTIFIED BY '$PASSMYSQL';
GRANT ALL PRIVILEGES ON `$SITENAME`.* TO `$SITENAME`@`localhost`;
GRANT ALL PRIVILEGES ON `$SITENAME`.* TO `$SITENAME`@`%`;
FLUSH PRIVILEGES;
END_COMMANDS
fi
echo "Base MySQL \"$SITENAME\" creee"
/etc/init.d/mysql restart
else
echo "Pas de base SQL ? OK !"
fi
promt_info
}
prefligh_check
setup
read_sitename
######
###
### Full Changelog
###
######
##
## v0.6
## + Refactoring some switch case
##
## v0.5
## + Redoing script from scratch