lukechilds
/
easyengine
mirror of https://github.com/lukechilds/easyengine.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch 'refactor' of github.com:rtCamp/easyengine into refactor

old-stable
harshadyeola 11 years ago
parent
82153e7930 1d81e1d3ed
commit
d611ffd21f
6 changed files with 46 additions and 11 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      bin/easyengine
  2. 2
      bin/update
  3. 2
      config/bash_completion.d/ee
  4. 2
      src/lib/ee_lib_variables.sh
  5. 31
      src/modules/secure/ee_mod_secure_ip.sh
  6. 17
      src/modules/stack/install/ee_mod_setup_nginx.sh

3
bin/easyengine
View File

@ -571,13 +571,14 @@ elif [ "$EE_FIRST" = "debug" ]; then
# EasyEngine secure
elif [ "$EE_FIRST" = "secure" ]; then
if [ "$EE_SECOND" = "--auth" ] || [ "$EE_SECOND" = "--port" ]; then
if [ "$EE_SECOND" = "--auth" ] || [ "$EE_SECOND" = "--port" ] || [ "$EE_SECOND" = "--ip" ]; then
ee_mod_secure_$(echo $EE_SECOND | sed 's/--//')
ee_lib_service nginx reload
else
ee_lib_echo "ee secure commands:"
ee_lib_echo_escape "\t--auth\tUpdate credential of HTTP authentication"
ee_lib_echo_escape "\t--port\tChange EasyEngine admin port 22222"
ee_lib_echo_escape "\t--ip\tUpdate whitelist IP address"
fi
# EasyEngine update

2
bin/update
View File

@ -106,7 +106,7 @@ if [[ $EE_CURRENT_VERSION < $EE_LATEST_VERSION ]]; then
|| ee_lib_error "Unable to copy NGINX sample files, exit status = " $?
# NGINX Setup
sed -i "s/X-Powered-By EasyEngine/X-Powered-By EasyEngine $EE_LATEST_VERSION/" /etc/nginx/nginx.conf
sed -i "s/X-Powered-By.*/X-Powered-By \"EasyEngine $EE_LATEST_VERSION\";/" /etc/nginx/nginx.conf
rsync -avz --exclude acl.conf /usr/share/easyengine/nginx/common/* /etc/nginx/common/ &>> $EE_UPDATE_LOG \
|| ee_lib_error "Unable to rsync NGINX common files, exit status = " $?

2
config/bash_completion.d/ee
View File

@ -15,7 +15,7 @@ function EE_AUTO()
# List of suggested words
easyengine|ee)
COMPREPLY=( $(compgen -W '$(echo version help info; command find /usr/local/lib/easyengine/modules/ -maxdepth 1 -type d -printf "%P " 2> /dev/null)' -- $CURRENT) )
COMPREPLY=( $(compgen -W '$(echo version help info update; command find /usr/local/lib/easyengine/modules/ -maxdepth 1 -type d -printf "%P " 2> /dev/null)' -- $CURRENT) )
return 0
;;

2
src/lib/ee_lib_variables.sh
View File

@ -15,8 +15,8 @@ readonly EE_ERROR_LOG=/var/log/easyengine/error.log
readonly EE_LINUX_DISTRO=$(lsb_release -i |awk '{print $3}')
readonly EE_CONFIG_GET=$(echo "git config --file /etc/easyengine/ee.conf")
readonly EE_CONFIG_SET=$(echo "git config --file /etc/easyengine/ee.conf" --replace-all)
readonly EE_IP_ADDRESS=$($EE_CONFIG_GET stack.ip-address | cut -d'=' -f2 | sed 's/ //g' | tr ',' '\n')
readonly EE_APT_GET=$($EE_CONFIG_GET stack.apt-get-assume-yes | grep -i true &> /dev/null && echo apt-get -y || echo apt-get)
EE_IP_ADDRESS=$($EE_CONFIG_GET stack.ip-address | cut -d'=' -f2 | sed 's/ //g' | tr ',' '\n')
# Distribution specific variable
if [ "$EE_LINUX_DISTRO" == "Ubuntu" ]; then

31
src/modules/secure/ee_mod_secure_ip.sh
View File

@ -0,0 +1,31 @@
# White list IP address
function ee_mod_secure_ip()
{
read -p "Enter the comma separated IP addresses to white list [127.0.0.1]: " ee_ip
# If enter is pressed, set 127.0.0.1
if [[ $ee_ip = "" ]]; then
ee_ip=127.0.0.1
fi
# Check weather IP address already present or not
for ee_check_ip in $(echo $ee_ip | cut -d'=' -f2 | sed 's/ //g' | tr ',' '\n'); do
grep $ee_check_ip /etc/easyengine/ee.conf &>> /dev/null
if [ $? -ne 0 ]; then
ee_update_ip="$ee_update_ip $ee_check_ip"
fi
done
# Update ee.conf
$EE_CONFIG_SET stack.ip-address "$($EE_CONFIG_GET stack.ip-address),$(echo $ee_update_ip | tr ' ' ',')"
# White list IP address
EE_IP_ADDRESS=$($EE_CONFIG_GET stack.ip-address | cut -d'=' -f2 | sed 's/ //g' | tr ',' '\n')
if [ -n "$EE_IP_ADDRESS" ]; then
sed -i "/allow.*/d" /etc/nginx/common/acl.conf
for ee_whitelist_ip_address in $(echo $EE_IP_ADDRESS);do
sed -i "/deny/i $(echo allow $ee_whitelist_ip_address\;)" /etc/nginx/common/acl.conf
done
fi
}

17
src/modules/stack/install/ee_mod_setup_nginx.sh
View File

@ -6,7 +6,7 @@ function ee_mod_setup_nginx()
ee_lib_echo "Setting up NGINX, please wait..."
grep "EasyEngine" /etc/nginx/nginx.conf &> /dev/null
grep "EasyEngine" /etc/nginx/nginx.conf &>> /dev/null
if [ $? -ne 0 ]; then
# Adjust nginx worker_processes and worker_rlimit_nofile value
@ -14,13 +14,13 @@ function ee_mod_setup_nginx()
sed -i "/worker_processes/a \worker_rlimit_nofile 100000;" /etc/nginx/nginx.conf
# Adjust nginx worker_connections and multi_accept
sed -i "s/worker_connections.*/worker_connections 1024;/" /etc/nginx/nginx.conf
sed -i "s/worker_connections.*/worker_connections 4096;/" /etc/nginx/nginx.conf
sed -i "s/# multi_accept/multi_accept/" /etc/nginx/nginx.conf
# Disable nginx version
# Set custom header
# SSL Settings
sed -i "s/http {/http {\n\t##\n\t# EasyEngine Settings\n\t##\n\n\tserver_tokens off;\n\treset_timedout_connection on;\n\tadd_header X-Powered-By "EasyEngine $EE_VERSION";\n\tadd_header rt-Fastcgi-Cache \$upstream_cache_status;\n\n\t# Limit Request\n\tlimit_req_status 403;\n\tlimit_req_zone \$binary_remote_addr zone=one:10m rate=1r\/s;\n\n\t# Proxy Settings\n\t# set_real_ip_from\tproxy-server-ip;\n\t# real_ip_header\tX-Forwarded-For;\n\n\tfastcgi_read_timeout 300;\n\tclient_max_body_size 100m;\n\n\t# SSL Settings\n\tssl_session_cache shared:SSL:20m;\n\tssl_session_timeout 10m;\n\tssl_prefer_server_ciphers on;\n\tssl_ciphers HIGH:\!aNULL:\!MD5:\!kEDH;\n\n/" /etc/nginx/nginx.conf
sed -i "s/http {/http {\n\t##\n\t# EasyEngine Settings\n\t##\n\n\tserver_tokens off;\n\treset_timedout_connection on;\n\tadd_header X-Powered-By \"EasyEngine $EE_VERSION\";\n\tadd_header rt-Fastcgi-Cache \$upstream_cache_status;\n\n\t# Limit Request\n\tlimit_req_status 403;\n\tlimit_req_zone \$binary_remote_addr zone=one:10m rate=1r\/s;\n\n\t# Proxy Settings\n\t# set_real_ip_from\tproxy-server-ip;\n\t# real_ip_header\tX-Forwarded-For;\n\n\tfastcgi_read_timeout 300;\n\tclient_max_body_size 100m;\n\n\t# SSL Settings\n\tssl_session_cache shared:SSL:20m;\n\tssl_session_timeout 10m;\n\tssl_prefer_server_ciphers on;\n\tssl_ciphers HIGH:\!aNULL:\!MD5:\!kEDH;\n\n/" /etc/nginx/nginx.conf
# Adjust nginx keepalive_timeout
sed -i "s/keepalive_timeout.*/keepalive_timeout 30;/" /etc/nginx/nginx.conf
@ -30,9 +30,13 @@ function ee_mod_setup_nginx()
# Enable Gun-zip
sed -i "s/# gzip/gzip/" /etc/nginx/nginx.conf
fi
# Update EasyEngine version
# Launchpad PPA already have above settings
# On Ubuntu above block never executed
sed -i "s/X-Powered-By.*/X-Powered-By \"EasyEngine $EE_VERSION\";/" /etc/nginx/nginx.conf
# Create directory if not exist
if [ ! -d /etc/nginx/conf.d ]; then
mkdir /etc/nginx/conf.d || ee_lib_error "Unable to create /etc/nginx/conf.d, exit status = " $?
@ -86,9 +90,8 @@ function ee_mod_setup_nginx()
# White list IP address
if [ -n "$EE_IP_ADDRESS" ]; then
for ee_whitelist_ip_address in $(echo $EE_IP_ADDRESS)
do
sed -i "/deny/i $(echo allow $ee_whitelist_ip_address\;)" /etc/nginx/common/acl.conf
for ee_whitelist_ip_address in $(echo $EE_IP_ADDRESS);do
sed -i "/deny/i $(echo allow $ee_whitelist_ip_address\;)" /etc/nginx/common/acl.conf
done
fi

Write Preview
Loading…
Cancel
Save