ab-nginx/ab-nginx.sh

#!/bin/sh

#
### start ab-nginx container using params file variables
#

# text formatting presets
if command -v tput >/dev/null; then
  cyan=$(tput bold)$(tput setaf 6)
  err=$(tput bold)$(tput setaf 1)
  magenta=$(tput sgr0)$(tput setaf 5)
  norm=$(tput sgr0)
  yellow=$(tput sgr0)$(tput setaf 3)
  width=$(tput cols)
else
  cyan=''
  err=''
  magenta=''
  norm=''
  yellow=''
  width=80
fi

### parameter defaults
shell=false
container_name="ab-nginx"
NETWORK='nginx_network'
SUBNET='172.31.254.0/24'
HTTP_PORT=80
HTTPS_PORT=443
unset CONFIG_DIR
unset SERVERS_DIR
unset WEBROOT_DIR
unset vmount

### functions

checkExist() {
  if [ "$1" = 'file' ]; then
    if [ ! -f "$2" ]; then
      printf "%s\nCannot find file: '$2'. Exiting.\n%s" "$err" "$norm"
      exit 3
    fi
  elif [ "$1" = 'dir' ]; then
    if [ ! -d "$2" ]; then
      printf "%s\nCannot find directory: '$2'. Exiting.\n$%s" "$err" "$norm"
      exit 3
    fi
  fi
  return 0
}

scriptHelp() {
  printf "\n%s%1000s\n" "$magenta" | tr " " "-" | cut -c -$width
  printf "%s" "$norm"
  textblock "This is a simple helper script so you can avoid lengthy typing when working with the nginx container. The script reads the contents of 'ab-nginx.params' and constructs various 'docker run' commands based on that file. The biggest time-saver is working with certificates. If they are specified in the params file, the script will automatically bind-mount them so nginx serves content via SSL by default."
  newline
  textblock "If you run the script with no parameters, it will execute the container 'normally': Run in detached mode with nginx automatically launched and logging to stdout.  If you specified certificates, nginx will serve over SSL by default."
  newline
  textblock "Note: Containers (except shell) are always set to restart 'unless-stopped'. You must remove them manually if desired."
  printf "%s" "$magenta"
  newline
  textblock "The script has the following parameters:"
  textblockParam 'parameter in cyan' 'default in yellow'
  newline
  textblockParam '-n|--name' 'ab-nginx'
  textblock "Change the name of the container. This is cosmetic and does not affect operation in any way."
  newline
  textblockParam '-s|--shell' 'off: run in detached mode'
  textblock "Enter the container using an interactive POSIX shell. This happens after startup operations but *before* nginx is actually started. This is a great way to see configuration changes possibly stopping nginx from starting normally."
  printf "%s" "$yellow"
  newline
  textblock "More information can be found at: https://git.asifbacchus.app/ab-docker/ab-nginx/wiki"
  printf "%s%1000s\n" "$magenta" | tr " " "-" | cut -c -$width
  exit 0
}

newline() {
  printf "\n"
}

textblock() {
  printf "%s\n" "$1" | fold -w "$width" -s
}

textblockParam() {
  if [ -z "$2" ]; then
    # no default
    printf "%s%s%s\n" "$cyan" "$1" "$norm"
  else
    # default param provided
    printf "%s%s %s(%s)%s\n" "$cyan" "$1" "$yellow" "$2" "$norm"
  fi
}

### pre-requisite checks

# is docker installed?
if ! command -v docker > /dev/null; then
  printf "%s\nCannot find docker... is it installed?\n%s" "$err" "$norm"
  exit 2
fi

# is user root or in the docker group?
if [ ! "$(id -u)" -eq 0 ]; then
  if ! id -Gn | grep docker >/dev/null; then
    printf "%s\nYou must either be root or in the 'docker' group to run this script since you must be able to actually start the container! Exiting.\n$%s" "$err" "$norm"
    exit 2
  fi
fi

# does the params file exist?
checkExist 'file' './ab-nginx.params'

# read .params file
. "./ab-nginx.params"

# fix case of TLS13_ONLY var
if [ "$TLS13_ONLY" ]; then
  TLS13_ONLY=$(printf "%s" "$TLS13_ONLY" | tr "[:lower:]" "[:upper:]")
fi

# check for certs if using SSL
if [ "$SSL_CERT" ]; then checkExist 'file' "$SSL_CERT"; fi
if [ "$SSL_KEY" ]; then checkExist 'file' "$SSL_KEY"; fi
if [ "$SSL_CHAIN" ]; then checkExist 'file' "$SSL_CHAIN"; fi

# check for DHparam if using TLS1.2
if [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = 'FALSE' ]; then
  if [ -z "$DH" ]; then
    printf "%s\nA DHparam file must be specified when using TLS 1.2. Exiting.%s\n" "$err" "$norm"
    exit 5
  else
    checkExist 'file' "$DH"
  fi
fi

# check if specified config directory exists
if [ "$CONFIG_DIR" ]; then
  checkExist 'dir' "$CONFIG_DIR"
fi

# check if specified server-block directory exists
if [ "$SERVERS_DIR" ]; then
  checkExist 'dir' "$SERVERS_DIR"
fi

# check if specified webroot directory exists
if [ "$WEBROOT_DIR" ]; then
  checkExist 'dir' "$WEBROOT_DIR"
fi

# set up volume mounts
if [ "$CONFIG_DIR" ]; then
  vmount="$vmount -v $CONFIG_DIR:/etc/nginx/config"
fi
if [ "$SERVERS_DIR" ]; then
  vmount="$vmount -v $SERVERS_DIR:/etc/nginx/sites"
fi
if [ "$SNIPPETS_DIR" ]; then
  vmount="$vmount -v $SNIPPETS_DIR:/etc/nginx/snippets"
fi
if [ "$WEBROOT_DIR" ]; then
  vmount="$vmount -v $WEBROOT_DIR:/usr/share/nginx/html"
fi
# trim leading whitespace
vmount=${vmount##[[:space:]]}

# handle null HOSTNAMES
if [ -z "$HOSTNAMES" ]; then HOSTNAMES="_"; fi

# process startup parameters
while [ $# -gt 0 ]; do
  case "$1" in
  -h | -\? | --help)
    # display help
    scriptHelp
    exit 0
    ;;
  -s | --shell)
    # start shell instead of default CMD
    shell=true
    ;;
  -n | --name)
    # container name
    if [ -z "$2" ]; then
      printf "%s\nNo container name specified. Exiting.\n%s" "$err" "$norm"
      exit 1
    fi
    container_name="$2"
    shift
    ;;
  *)
    printf "%s\nUnknown option: %s\n" "$err" "$1"
    printf "Use '--help' for valid options.\n\n%s" "$norm"
    exit 1
    ;;
  esac
  shift
done

# create network if it doesn't already exist
docker network inspect ${NETWORK} >/dev/null 2>&1 ||
  docker network create \
    --attachable \
    --driver=bridge \
    --subnet=${SUBNET} \
    ${NETWORK}

# run without TLS
if [ -z "$SSL_CERT" ]; then
  if [ $shell = 'true' ]; then
    # exec shell
    printf "%s\nRunning SHELL on %s...%s\n" "$cyan" "$container_name" "$norm"
    docker run --rm -it --name "${container_name}" \
      --env-file ab-nginx.params \
      -e SERVER_NAMES="$HOSTNAMES" \
      $vmount \
      --network=${NETWORK} \
      -p ${HTTP_PORT}:80 \
      docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh
  else
    # exec normally
    printf "%s\nRunning NGINX on %s...%s\n" "$cyan" "$container_name" "$norm"
    docker run -d --name "${container_name}" \
      --env-file ab-nginx.params \
      -e SERVER_NAMES="$HOSTNAMES" \
      $vmount \
      --network=${NETWORK} \
      -p ${HTTP_PORT}:80 \
      --restart unless-stopped \
      docker.asifbacchus.app/nginx/ab-nginx:latest
  fi
# run with TLS1.2
elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = 'FALSE' ]; then
  if [ $shell = 'true' ]; then
    # exec shell
    printf "%s\nRunning SHELL on %s (TLS 1.2)...%s\n" "$cyan" "$container_name" "$norm"
    docker run --rm -it --name "${container_name}" \
      --env-file ab-nginx.params \
      -e SERVER_NAMES="$HOSTNAMES" \
      $vmount \
      --network=${NETWORK} \
      -v "$SSL_CERT":/certs/fullchain.pem:ro \
      -v "$SSL_KEY":/certs/privkey.pem:ro \
      -v "$SSL_CHAIN":/certs/chain.pem:ro \
      -v "$DH":/certs/dhparam.pem:ro \
      -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
      docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh
  else
    # exec normally
    printf "%s\nRunning NGINX on %s (TLS 1.2)...%s\n" "$cyan" "$container_name" "$norm"
    docker run -d --name "${container_name}" \
      --env-file ab-nginx.params \
      -e SERVER_NAMES="$HOSTNAMES" \
      $vmount \
      --network=${NETWORK} \
      -v "$SSL_CERT":/certs/fullchain.pem:ro \
      -v "$SSL_KEY":/certs/privkey.pem:ro \
      -v "$SSL_CHAIN":/certs/chain.pem:ro \
      -v "$DH":/certs/dhparam.pem:ro \
      -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
      --restart unless-stopped \
      docker.asifbacchus.app/nginx/ab-nginx:latest
  fi
# run with TLS1.3
elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = 'TRUE' ]; then
  if [ $shell = 'true' ]; then
    # exec shell
    printf "%s\nRunning SHELL on %s (TLS 1.3)...%s\n" "$cyan" "$container_name" "$norm"
    docker run --rm -it --name "${container_name}" \
      --env-file ab-nginx.params \
      -e SERVER_NAMES="$HOSTNAMES" \
      $vmount \
      --network=${NETWORK} \
      -v "$SSL_CERT":/certs/fullchain.pem:ro \
      -v "$SSL_KEY":/certs/privkey.pem:ro \
      -v "$SSL_CHAIN":/certs/chain.pem:ro \
      -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
      docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh
  else
    # exec normally
    printf "%s\nRunning NGINX on %s (TLS 1.3)...%s\n" "$cyan" "$container_name" "$norm"
    docker run -d --name "${container_name}" \
      --env-file ab-nginx.params \
      -e SERVER_NAMES="$HOSTNAMES" \
      $vmount \
      --network=${NETWORK} \
      -v "$SSL_CERT":/certs/fullchain.pem:ro \
      -v "$SSL_KEY":/certs/privkey.pem:ro \
      -v "$SSL_CHAIN":/certs/chain.pem:ro \
      -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
      --restart unless-stopped \
      docker.asifbacchus.app/nginx/ab-nginx:latest
  fi
fi

### exit gracefully
exit 0
start-up helper script 2019-10-17 17:13:57 -06:00			`#!/bin/sh`

			`#`
remove remaining references to openldap 2019-10-17 17:17:04 -06:00			`### start ab-nginx container using params file variables`
start-up helper script 2019-10-17 17:13:57 -06:00			`#`

			`# text formatting presets`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`if command -v tput >/dev/null; then`
refactor(SCRIPT): new formatting - check for tput, set formatting to null if not installed - collapse scriptHelp according to screen width 2021-01-06 00:19:54 -07:00			`cyan=$(tput bold)$(tput setaf 6)`
			`err=$(tput bold)$(tput setaf 1)`
			`magenta=$(tput sgr0)$(tput setaf 5)`
			`norm=$(tput sgr0)`
			`yellow=$(tput sgr0)$(tput setaf 3)`
			`width=$(tput cols)`
			`else`
			`cyan=''`
			`err=''`
			`magenta=''`
			`norm=''`
			`yellow=''`
			`width=80`
			`fi`
start-up helper script 2019-10-17 17:13:57 -06:00
			`### parameter defaults`
			`shell=false`
add manually created network 2019-11-16 15:36:13 -07:00			`container_name="ab-nginx"`
			`NETWORK='nginx_network'`
			`SUBNET='172.31.254.0/24'`
allow custom ports from params file 2019-10-17 21:43:28 -06:00			`HTTP_PORT=80`
			`HTTPS_PORT=443`
check webroot and config dirs 2019-10-17 18:23:07 -06:00			`unset CONFIG_DIR`
add server-block binding option 2019-10-18 00:16:12 -06:00			`unset SERVERS_DIR`
check webroot and config dirs 2019-10-17 18:23:07 -06:00			`unset WEBROOT_DIR`
mount config and webroot from params file 2019-10-17 18:53:22 -06:00			`unset vmount`
start-up helper script 2019-10-17 17:13:57 -06:00
replace existence checks with function 2019-11-16 16:10:55 -07:00			`### functions`

refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`checkExist() {`
			`if [ "$1" = 'file' ]; then`
			`if [ ! -f "$2" ]; then`
			`printf "%s\nCannot find file: '$2'. Exiting.\n%s" "$err" "$norm"`
			`exit 3`
replace existence checks with function 2019-11-16 16:10:55 -07:00			`fi`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`elif [ "$1" = 'dir' ]; then`
			`if [ ! -d "$2" ]; then`
			`printf "%s\nCannot find directory: '$2'. Exiting.\n$%s" "$err" "$norm"`
			`exit 3`
			`fi`
			`fi`
			`return 0`
replace existence checks with function 2019-11-16 16:10:55 -07:00			`}`

refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`scriptHelp() {`
			`printf "\n%s%1000s\n" "$magenta" \| tr " " "-" \| cut -c -$width`
			`printf "%s" "$norm"`
			`textblock "This is a simple helper script so you can avoid lengthy typing when working with the nginx container. The script reads the contents of 'ab-nginx.params' and constructs various 'docker run' commands based on that file. The biggest time-saver is working with certificates. If they are specified in the params file, the script will automatically bind-mount them so nginx serves content via SSL by default."`
			`newline`
			`textblock "If you run the script with no parameters, it will execute the container 'normally': Run in detached mode with nginx automatically launched and logging to stdout. If you specified certificates, nginx will serve over SSL by default."`
			`newline`
			`textblock "Note: Containers (except shell) are always set to restart 'unless-stopped'. You must remove them manually if desired."`
			`printf "%s" "$magenta"`
			`newline`
			`textblock "The script has the following parameters:"`
			`textblockParam 'parameter in cyan' 'default in yellow'`
			`newline`
			`textblockParam '-n\|--name' 'ab-nginx'`
			`textblock "Change the name of the container. This is cosmetic and does not affect operation in any way."`
			`newline`
			`textblockParam '-s\|--shell' 'off: run in detached mode'`
			`textblock "Enter the container using an interactive POSIX shell. This happens after startup operations but before nginx is actually started. This is a great way to see configuration changes possibly stopping nginx from starting normally."`
			`printf "%s" "$yellow"`
			`newline`
			`textblock "More information can be found at: https://git.asifbacchus.app/ab-docker/ab-nginx/wiki"`
			`printf "%s%1000s\n" "$magenta" \| tr " " "-" \| cut -c -$width`
			`exit 0`
start-up helper script 2019-10-17 17:13:57 -06:00			`}`

refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`newline() {`
refactor(SCRIPT): new formatting - check for tput, set formatting to null if not installed - collapse scriptHelp according to screen width 2021-01-06 00:19:54 -07:00			`printf "\n"`
			`}`

refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`textblock() {`
refactor(SCRIPT): new formatting - check for tput, set formatting to null if not installed - collapse scriptHelp according to screen width 2021-01-06 00:19:54 -07:00			`printf "%s\n" "$1" \| fold -w "$width" -s`
			`}`

			`textblockParam() {`
			`if [ -z "$2" ]; then`
			`# no default`
			`printf "%s%s%s\n" "$cyan" "$1" "$norm"`
			`else`
			`# default param provided`
			`printf "%s%s %s(%s)%s\n" "$cyan" "$1" "$yellow" "$2" "$norm"`
			`fi`
			`}`

start-up helper script 2019-10-17 17:13:57 -06:00			`### pre-requisite checks`

fix(SCRIPT): verify docker installed 2021-01-06 02:35:29 -07:00			`# is docker installed?`
			`if ! command -v docker > /dev/null; then`
			`printf "%s\nCannot find docker... is it installed?\n%s" "$err" "$norm"`
			`exit 2`
			`fi`

start-up helper script 2019-10-17 17:13:57 -06:00			`# is user root or in the docker group?`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`if [ ! "$(id -u)" -eq 0 ]; then`
			`if ! id -Gn \| grep docker >/dev/null; then`
			`printf "%s\nYou must either be root or in the 'docker' group to run this script since you must be able to actually start the container! Exiting.\n$%s" "$err" "$norm"`
			`exit 2`
			`fi`
start-up helper script 2019-10-17 17:13:57 -06:00			`fi`

			`# does the params file exist?`
replace existence checks with function 2019-11-16 16:10:55 -07:00			`checkExist 'file' './ab-nginx.params'`
start-up helper script 2019-10-17 17:13:57 -06:00
read params file early for cert existance checks 2019-10-17 17:57:03 -06:00			`# read .params file`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`. "./ab-nginx.params"`
read params file early for cert existance checks 2019-10-17 17:57:03 -06:00
move TLS var case-correction after reading params 2019-11-16 17:22:16 -07:00			`# fix case of TLS13_ONLY var`
			`if [ "$TLS13_ONLY" ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`TLS13_ONLY=$(printf "%s" "$TLS13_ONLY" \| tr "[:lower:]" "[:upper:]")`
move TLS var case-correction after reading params 2019-11-16 17:22:16 -07:00			`fi`

start-up helper script 2019-10-17 17:13:57 -06:00			`# check for certs if using SSL`
fix missing existence check on TLS params 2019-11-18 05:20:04 -07:00			`if [ "$SSL_CERT" ]; then checkExist 'file' "$SSL_CERT"; fi`
			`if [ "$SSL_KEY" ]; then checkExist 'file' "$SSL_KEY"; fi`
			`if [ "$SSL_CHAIN" ]; then checkExist 'file' "$SSL_CHAIN"; fi`
start-up helper script 2019-10-17 17:13:57 -06:00
			`# check for DHparam if using TLS1.2`
fix(SCRIPT): fix erroneous DHparam check when not using SSL 2021-01-06 00:59:52 -07:00			`if [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = 'FALSE' ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`if [ -z "$DH" ]; then`
			`printf "%s\nA DHparam file must be specified when using TLS 1.2. Exiting.%s\n" "$err" "$norm"`
			`exit 5`
			`else`
			`checkExist 'file' "$DH"`
			`fi`
start-up helper script 2019-10-17 17:13:57 -06:00			`fi`

check webroot and config dirs 2019-10-17 18:23:07 -06:00			`# check if specified config directory exists`
replace existence checks with function 2019-11-16 16:10:55 -07:00			`if [ "$CONFIG_DIR" ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`checkExist 'dir' "$CONFIG_DIR"`
check webroot and config dirs 2019-10-17 18:23:07 -06:00			`fi`

add server-block binding option 2019-10-18 00:16:12 -06:00			`# check if specified server-block directory exists`
replace existence checks with function 2019-11-16 16:10:55 -07:00			`if [ "$SERVERS_DIR" ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`checkExist 'dir' "$SERVERS_DIR"`
add server-block binding option 2019-10-18 00:16:12 -06:00			`fi`

check webroot and config dirs 2019-10-17 18:23:07 -06:00			`# check if specified webroot directory exists`
replace existence checks with function 2019-11-16 16:10:55 -07:00			`if [ "$WEBROOT_DIR" ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`checkExist 'dir' "$WEBROOT_DIR"`
check webroot and config dirs 2019-10-17 18:23:07 -06:00			`fi`
start-up helper script 2019-10-17 17:13:57 -06:00
process volume mounts more efficiently 2019-11-16 16:52:44 -07:00			`# set up volume mounts`
			`if [ "$CONFIG_DIR" ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`vmount="$vmount -v $CONFIG_DIR:/etc/nginx/config"`
process volume mounts more efficiently 2019-11-16 16:52:44 -07:00			`fi`
			`if [ "$SERVERS_DIR" ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`vmount="$vmount -v $SERVERS_DIR:/etc/nginx/sites"`
process volume mounts more efficiently 2019-11-16 16:52:44 -07:00			`fi`
mount snippets directory if defined 2019-11-16 17:18:24 -07:00			`if [ "$SNIPPETS_DIR" ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`vmount="$vmount -v $SNIPPETS_DIR:/etc/nginx/snippets"`
mount snippets directory if defined 2019-11-16 17:18:24 -07:00			`fi`
process volume mounts more efficiently 2019-11-16 16:52:44 -07:00			`if [ "$WEBROOT_DIR" ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`vmount="$vmount -v $WEBROOT_DIR:/usr/share/nginx/html"`
mount config and webroot from params file 2019-10-17 18:53:22 -06:00			`fi`
process volume mounts more efficiently 2019-11-16 16:52:44 -07:00			`# trim leading whitespace`
			`vmount=${vmount##[[:space:]]}`
mount config and webroot from params file 2019-10-17 18:53:22 -06:00
fix(SCRIPT): fix null hostname error 2021-01-06 01:19:37 -07:00			`# handle null HOSTNAMES`
			`if [ -z "$HOSTNAMES" ]; then HOSTNAMES="_"; fi`

start-up helper script 2019-10-17 17:13:57 -06:00			`# process startup parameters`
			`while [ $# -gt 0 ]; do`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`case "$1" in`
			`-h \| -\? \| --help)`
			`# display help`
			`scriptHelp`
			`exit 0`
			`;;`
			`-s \| --shell)`
			`# start shell instead of default CMD`
			`shell=true`
			`;;`
			`-n \| --name)`
			`# container name`
			`if [ -z "$2" ]; then`
			`printf "%s\nNo container name specified. Exiting.\n%s" "$err" "$norm"`
			`exit 1`
			`fi`
			`container_name="$2"`
start-up helper script 2019-10-17 17:13:57 -06:00			`shift`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`;;`
			`*)`
			`printf "%s\nUnknown option: %s\n" "$err" "$1"`
			`printf "Use '--help' for valid options.\n\n%s" "$norm"`
			`exit 1`
			`;;`
			`esac`
			`shift`
start-up helper script 2019-10-17 17:13:57 -06:00			`done`

add manually created network 2019-11-16 15:36:13 -07:00			`# create network if it doesn't already exist`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`docker network inspect ${NETWORK} >/dev/null 2>&1 \|\|`
			`docker network create \`
			`--attachable \`
			`--driver=bridge \`
			`--subnet=${SUBNET} \`
			`${NETWORK}`
start-up helper script 2019-10-17 17:13:57 -06:00
			`# run without TLS`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`if [ -z "$SSL_CERT" ]; then`
			`if [ $shell = 'true' ]; then`
			`# exec shell`
			`printf "%s\nRunning SHELL on %s...%s\n" "$cyan" "$container_name" "$norm"`
			`docker run --rm -it --name "${container_name}" \`
			`--env-file ab-nginx.params \`
			`-e SERVER_NAMES="$HOSTNAMES" \`
fix(SCRIPT): revert quoting vmount var - this variable relies on being globbed 2021-01-06 01:03:14 -07:00			`$vmount \`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`--network=${NETWORK} \`
			`-p ${HTTP_PORT}:80 \`
			`docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh`
			`else`
			`# exec normally`
			`printf "%s\nRunning NGINX on %s...%s\n" "$cyan" "$container_name" "$norm"`
			`docker run -d --name "${container_name}" \`
			`--env-file ab-nginx.params \`
			`-e SERVER_NAMES="$HOSTNAMES" \`
fix(SCRIPT): revert quoting vmount var - this variable relies on being globbed 2021-01-06 01:03:14 -07:00			`$vmount \`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`--network=${NETWORK} \`
			`-p ${HTTP_PORT}:80 \`
			`--restart unless-stopped \`
			`docker.asifbacchus.app/nginx/ab-nginx:latest`
			`fi`
start-up helper script 2019-10-17 17:13:57 -06:00			`# run with TLS1.2`
quote true/false checks 2019-11-16 17:11:07 -07:00			`elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = 'FALSE' ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`if [ $shell = 'true' ]; then`
			`# exec shell`
			`printf "%s\nRunning SHELL on %s (TLS 1.2)...%s\n" "$cyan" "$container_name" "$norm"`
			`docker run --rm -it --name "${container_name}" \`
			`--env-file ab-nginx.params \`
			`-e SERVER_NAMES="$HOSTNAMES" \`
fix(SCRIPT): revert quoting vmount var - this variable relies on being globbed 2021-01-06 01:03:14 -07:00			`$vmount \`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`--network=${NETWORK} \`
			`-v "$SSL_CERT":/certs/fullchain.pem:ro \`
			`-v "$SSL_KEY":/certs/privkey.pem:ro \`
			`-v "$SSL_CHAIN":/certs/chain.pem:ro \`
			`-v "$DH":/certs/dhparam.pem:ro \`
			`-p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \`
			`docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh`
			`else`
			`# exec normally`
			`printf "%s\nRunning NGINX on %s (TLS 1.2)...%s\n" "$cyan" "$container_name" "$norm"`
			`docker run -d --name "${container_name}" \`
			`--env-file ab-nginx.params \`
			`-e SERVER_NAMES="$HOSTNAMES" \`
fix(SCRIPT): revert quoting vmount var - this variable relies on being globbed 2021-01-06 01:03:14 -07:00			`$vmount \`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`--network=${NETWORK} \`
			`-v "$SSL_CERT":/certs/fullchain.pem:ro \`
			`-v "$SSL_KEY":/certs/privkey.pem:ro \`
			`-v "$SSL_CHAIN":/certs/chain.pem:ro \`
			`-v "$DH":/certs/dhparam.pem:ro \`
			`-p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \`
			`--restart unless-stopped \`
			`docker.asifbacchus.app/nginx/ab-nginx:latest`
			`fi`
start-up helper script 2019-10-17 17:13:57 -06:00			`# run with TLS1.3`
quote true/false checks 2019-11-16 17:11:07 -07:00			`elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = 'TRUE' ]; then`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`if [ $shell = 'true' ]; then`
			`# exec shell`
			`printf "%s\nRunning SHELL on %s (TLS 1.3)...%s\n" "$cyan" "$container_name" "$norm"`
			`docker run --rm -it --name "${container_name}" \`
			`--env-file ab-nginx.params \`
			`-e SERVER_NAMES="$HOSTNAMES" \`
fix(SCRIPT): revert quoting vmount var - this variable relies on being globbed 2021-01-06 01:03:14 -07:00			`$vmount \`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`--network=${NETWORK} \`
			`-v "$SSL_CERT":/certs/fullchain.pem:ro \`
			`-v "$SSL_KEY":/certs/privkey.pem:ro \`
			`-v "$SSL_CHAIN":/certs/chain.pem:ro \`
			`-p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \`
			`docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh`
			`else`
			`# exec normally`
			`printf "%s\nRunning NGINX on %s (TLS 1.3)...%s\n" "$cyan" "$container_name" "$norm"`
			`docker run -d --name "${container_name}" \`
			`--env-file ab-nginx.params \`
			`-e SERVER_NAMES="$HOSTNAMES" \`
fix(SCRIPT): revert quoting vmount var - this variable relies on being globbed 2021-01-06 01:03:14 -07:00			`$vmount \`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`--network=${NETWORK} \`
			`-v "$SSL_CERT":/certs/fullchain.pem:ro \`
			`-v "$SSL_KEY":/certs/privkey.pem:ro \`
			`-v "$SSL_CHAIN":/certs/chain.pem:ro \`
			`-p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \`
			`--restart unless-stopped \`
			`docker.asifbacchus.app/nginx/ab-nginx:latest`
			`fi`
start-up helper script 2019-10-17 17:13:57 -06:00			`fi`

			`### exit gracefully`
refactor(SCRIPT): replace in-line printf styles 2021-01-06 00:57:00 -07:00			`exit 0`