-
Notifications
You must be signed in to change notification settings - Fork 0
/
a2_add_vhost
executable file
·156 lines (138 loc) · 4.4 KB
/
a2_add_vhost
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
#!/bin/sh
# 03/03/17 - Created by Andrew Puckett
# 06/06/17 - Add redirect for www subdomain
if [ $# -lt 2 ]; then
echo "NAME"
echo " $(basename $0) options"
echo
echo "DESCRIPTION"
echo " $(basename $0) is used to add a vhost to apache."
echo
echo "OPTIONS"
echo " -c"
echo " Use certificates."
echo " -d"
echo " Domain. Required."
echo " -i"
echo " Install directory. Optional. If -c is used the key and pem files should be here. The conf file will be copied here as well."
echo " -n"
echo " Name of host (abbreviation). Required."
echo " -r"
echo " Redirect to this domain."
echo
echo "AUTHOR"
echo " Andrew Puckett"
echo
exit 1
fi
[ $(id -u) != "0" ] && echo "ERROR: You must be the superuser to run this script" >&2 && exit 1
CERT=0
REDIRECT=
INSTALL_DIR=.
CERT_DIR=/etc/ssl/certs
KEY_DIR=/etc/ssl/private
ETC_DIR=/etc/apache2/sites-available
VHOST_DIR=/var/www
while getopts cd:i:n:r: opt
do
case "$opt" in
c) CERT=1;;
d) DOMAIN=$OPTARG;;
i) INSTALL_DIR=$OPTARG;;
n) SHORT_NAME=$OPTARG;;
r) REDIRECT=$OPTARG;;
esac
done
[ -z "$REDIRECT" ] && REDIRECT=$DOMAIN
[ -z "$DOMAIN" ] && echo "ERROR: Domain is required." >&2 && exit 1
[ -z "$SHORT_NAME" ] && echo "ERROR: Name is required." >&2 && exit 1
if [ $CERT -eq 1 ]; then
cp --backup=numbered $INSTALL_DIR/$SHORT_NAME.pem $CERT_DIR/$SHORT_NAME.pem
cp --backup=numbered $INSTALL_DIR/$SHORT_NAME.key $KEY_DIR/$SHORT_NAME.key
chmod 600 $KEY_DIR/$SHORT_NAME.key
else
cp --backup=numbered $CERT_DIR/ssl-cert-snakeoil.pem $CERT_DIR/$SHORT_NAME.pem
cp --backup=numbered $KEY_DIR/ssl-cert-snakeoil.key $KEY_DIR/$SHORT_NAME.key
fi
cat > $INSTALL_DIR/$SHORT_NAME.conf <<- EOM
<VirtualHost *:80>
ServerName $DOMAIN
ServerAlias www.$DOMAIN
Redirect permanent / https://$REDIRECT/
SetEnvIf Request_URI "^/$" dontlog
CustomLog \${APACHE_LOG_DIR}/${SHORT_NAME}_redirect.log combined env=!dontlog
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile $CERT_DIR/$SHORT_NAME.pem
SSLCertificateKeyFile $KEY_DIR/$SHORT_NAME.key
SetEnvIf Request_URI "^/$" dontlog
CustomLog \${APACHE_LOG_DIR}/${SHORT_NAME}_redirect.log combined env=!dontlog
EOM
if [ "$REDIRECT" = "$DOMAIN" ]; then
mkdir -p $VHOST_DIR/$SHORT_NAME
cat >> $INSTALL_DIR/$SHORT_NAME.conf <<- EOM
ServerName www.$DOMAIN
Redirect permanent / https://$REDIRECT/
</VirtualHost>
<VirtualHost *:443>
ServerName $DOMAIN
UseCanonicalName On
SSLEngine on
SSLCertificateFile $CERT_DIR/$SHORT_NAME.pem
SSLCertificateKeyFile $KEY_DIR/$SHORT_NAME.key
ServerAdmin admin@$DOMAIN
DocumentRoot $VHOST_DIR/$SHORT_NAME
LogFormat "%t %D %h \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" $SHORT_NAME
ErrorLog \${APACHE_LOG_DIR}/${SHORT_NAME}_error.log
CustomLog \${APACHE_LOG_DIR}/${SHORT_NAME}_access.log $SHORT_NAME
FileETag -INode
TraceEnable Off
<Directory $VHOST_DIR/$SHORT_NAME>
Options -Indexes
#RewriteEngine on
#RewriteCond %{REQUEST_FILENAME}\.html -f
#RewriteRule !.*\.html$ %{REQUEST_FILENAME}.html [QSA,L]
</Directory>
#RedirectMatch 404 ^/inc|^/core|^/lib|^/conf|^/vendor
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/ext/%{REQUEST_URI} -f
RewriteRule ^(.+) %{DOCUMENT_ROOT}/ext/\$1 [L]
RewriteCond %{REQUEST_URI} !^/ext/
RewriteRule .* $VHOST_DIR/$SHORT_NAME/lib/_8n/frontcontroller.php [QSA,L]
ErrorDocument 400 /400.html
ErrorDocument 401 /401.html
ErrorDocument 403 /403.html
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 5 second"
<Directory $VHOST_DIR/$SHORT_NAME/ext>
ExpiresDefault "access plus 1 month"
</Directory>
</IfModule>
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>
EOM
else
cat >> $INSTALL_DIR/$SHORT_NAME.conf <<- EOM
ServerName $DOMAIN
ServerAlias www.$DOMAIN
Redirect permanent / https://$REDIRECT/
</VirtualHost>
</IfModule>
EOM
fi
cp --backup=numbered $INSTALL_DIR/$SHORT_NAME.conf $ETC_DIR/$SHORT_NAME.conf
a2ensite $SHORT_NAME
apachectl configtest