ab-docker
/
ab-nginx
1
0
Fork 0
Code Issues Pull Requests Releases 7 Wiki Activity

refactor(SCRIPT): replace in-line printf styles

This commit is contained in:
Asif Bacchus 2021-01-06 00:57:00 -07:00
parent b617b7e633
commit 5a313ea778
1 changed files with 171 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

348
ab-nginx.sh
View File

@ -5,7 +5,7 @@
# #
# text formatting presets # text formatting presets
if command -v tput > /dev/null; then if command -v tput >/dev/null; then
cyan=$(tput bold)$(tput setaf 6) cyan=$(tput bold)$(tput setaf 6)
err=$(tput bold)$(tput setaf 1) err=$(tput bold)$(tput setaf 1)
magenta=$(tput sgr0)$(tput setaf 5) magenta=$(tput sgr0)$(tput setaf 5)
@ -21,7 +21,6 @@ else
width=80 width=80
fi fi
### parameter defaults ### parameter defaults
shell=false shell=false
container_name="ab-nginx" container_name="ab-nginx"
@ -34,54 +33,53 @@ unset SERVERS_DIR
unset WEBROOT_DIR unset WEBROOT_DIR
unset vmount unset vmount
### functions ### functions
checkExist () { checkExist() {
if [ "$1" = 'file' ]; then if [ "$1" = 'file' ]; then
if [ ! -f "$2" ]; then if [ ! -f "$2" ]; then
printf "${err}\nCannot find file: '$2'. Exiting.\n${norm}" printf "%s\nCannot find file: '$2'. Exiting.\n%s" "$err" "$norm"
exit 3 exit 3
fi
elif [ "$1" = 'dir' ]; then
if [ ! -d "$2" ]; then
printf "${err}\nCannot find directory: '$2'. Exiting.\n${norm}"
exit 3
fi
fi fi
return 0 elif [ "$1" = 'dir' ]; then
if [ ! -d "$2" ]; then
printf "%s\nCannot find directory: '$2'. Exiting.\n$%s" "$err" "$norm"
exit 3
fi
fi
return 0
} }
scriptHelp () { scriptHelp() {
printf "\n%s%1000s\n" "$magenta" | tr " " "-" | cut -c -$width printf "\n%s%1000s\n" "$magenta" | tr " " "-" | cut -c -$width
printf "%s" "$norm" printf "%s" "$norm"
textblock "This is a simple helper script so you can avoid lengthy typing when working with the nginx container. The script reads the contents of 'ab-nginx.params' and constructs various 'docker run' commands based on that file. The biggest time-saver is working with certificates. If they are specified in the params file, the script will automatically bind-mount them so nginx serves content via SSL by default." textblock "This is a simple helper script so you can avoid lengthy typing when working with the nginx container. The script reads the contents of 'ab-nginx.params' and constructs various 'docker run' commands based on that file. The biggest time-saver is working with certificates. If they are specified in the params file, the script will automatically bind-mount them so nginx serves content via SSL by default."
newline newline
textblock "If you run the script with no parameters, it will execute the container 'normally': Run in detached mode with nginx automatically launched and logging to stdout. If you specified certificates, nginx will serve over SSL by default." textblock "If you run the script with no parameters, it will execute the container 'normally': Run in detached mode with nginx automatically launched and logging to stdout. If you specified certificates, nginx will serve over SSL by default."
newline newline
textblock "Note: Containers (except shell) are always set to restart 'unless-stopped'. You must remove them manually if desired." textblock "Note: Containers (except shell) are always set to restart 'unless-stopped'. You must remove them manually if desired."
printf "%s" "$magenta" printf "%s" "$magenta"
newline newline
textblock "The script has the following parameters:" textblock "The script has the following parameters:"
textblockParam 'parameter in cyan' 'default in yellow' textblockParam 'parameter in cyan' 'default in yellow'
newline newline
textblockParam '-n|--name' 'ab-nginx' textblockParam '-n|--name' 'ab-nginx'
textblock "Change the name of the container. This is cosmetic and does not affect operation in any way." textblock "Change the name of the container. This is cosmetic and does not affect operation in any way."
newline newline
textblockParam '-s|--shell' 'off: run in detached mode' textblockParam '-s|--shell' 'off: run in detached mode'
textblock "Enter the container using an interactive POSIX shell. This happens after startup operations but *before* nginx is actually started. This is a great way to see configuration changes possibly stopping nginx from starting normally." textblock "Enter the container using an interactive POSIX shell. This happens after startup operations but *before* nginx is actually started. This is a great way to see configuration changes possibly stopping nginx from starting normally."
printf "%s" "$yellow" printf "%s" "$yellow"
newline newline
textblock "More information can be found at: https://git.asifbacchus.app/ab-docker/ab-nginx/wiki" textblock "More information can be found at: https://git.asifbacchus.app/ab-docker/ab-nginx/wiki"
printf "%s%1000s\n" "$magenta" | tr " " "-" | cut -c -$width printf "%s%1000s\n" "$magenta" | tr " " "-" | cut -c -$width
exit 0 exit 0
} }
newline () { newline() {
printf "\n" printf "\n"
} }
textblock () { textblock() {
printf "%s\n" "$1" | fold -w "$width" -s printf "%s\n" "$1" | fold -w "$width" -s
} }
@ -95,26 +93,25 @@ textblockParam() {
fi fi
} }
### pre-requisite checks ### pre-requisite checks
# is user root or in the docker group? # is user root or in the docker group?
if [ ! "$( id -u )" -eq 0 ]; then if [ ! "$(id -u)" -eq 0 ]; then
if ! id -Gn | grep docker > /dev/null; then if ! id -Gn | grep docker >/dev/null; then
printf "${err}\nYou must either be root or in the 'docker' group to run this script since you must be able to actually start the container! Exiting.\n${norm}" printf "%s\nYou must either be root or in the 'docker' group to run this script since you must be able to actually start the container! Exiting.\n$%s" "$err" "$norm"
exit 2 exit 2
fi fi
fi fi
# does the params file exist? # does the params file exist?
checkExist 'file' './ab-nginx.params' checkExist 'file' './ab-nginx.params'
# read .params file # read .params file
. ./ab-nginx.params . "./ab-nginx.params"
# fix case of TLS13_ONLY var # fix case of TLS13_ONLY var
if [ "$TLS13_ONLY" ]; then if [ "$TLS13_ONLY" ]; then
TLS13_ONLY=$( printf "%s" "$TLS13_ONLY" | tr "[:lower:]" "[:upper:]" ) TLS13_ONLY=$(printf "%s" "$TLS13_ONLY" | tr "[:lower:]" "[:upper:]")
fi fi
# check for certs if using SSL # check for certs if using SSL
@ -124,173 +121,170 @@ if [ "$SSL_CHAIN" ]; then checkExist 'file' "$SSL_CHAIN"; fi
# check for DHparam if using TLS1.2 # check for DHparam if using TLS1.2
if [ "$TLS13_ONLY" = 'FALSE' ]; then if [ "$TLS13_ONLY" = 'FALSE' ]; then
if [ -z "$DH" ]; then if [ -z "$DH" ]; then
printf "${err}\nA DHparam file must be specified when using TLS 1.2. Exiting.${norm}\n" printf "%s\nA DHparam file must be specified when using TLS 1.2. Exiting.%s\n" "$err" "$norm"
exit 5 exit 5
else else
checkExist 'file' "$DH" checkExist 'file' "$DH"
fi fi
fi fi
# check if specified config directory exists # check if specified config directory exists
if [ "$CONFIG_DIR" ]; then if [ "$CONFIG_DIR" ]; then
checkExist 'dir' "$CONFIG_DIR" checkExist 'dir' "$CONFIG_DIR"
fi fi
# check if specified server-block directory exists # check if specified server-block directory exists
if [ "$SERVERS_DIR" ]; then if [ "$SERVERS_DIR" ]; then
checkExist 'dir' "$SERVERS_DIR" checkExist 'dir' "$SERVERS_DIR"
fi fi
# check if specified webroot directory exists # check if specified webroot directory exists
if [ "$WEBROOT_DIR" ]; then if [ "$WEBROOT_DIR" ]; then
checkExist 'dir' "$WEBROOT_DIR" checkExist 'dir' "$WEBROOT_DIR"
fi fi
# set up volume mounts # set up volume mounts
if [ "$CONFIG_DIR" ]; then if [ "$CONFIG_DIR" ]; then
vmount="$vmount -v $CONFIG_DIR:/etc/nginx/config" vmount="$vmount -v $CONFIG_DIR:/etc/nginx/config"
fi fi
if [ "$SERVERS_DIR" ]; then if [ "$SERVERS_DIR" ]; then
vmount="$vmount -v $SERVERS_DIR:/etc/nginx/sites" vmount="$vmount -v $SERVERS_DIR:/etc/nginx/sites"
fi fi
if [ "$SNIPPETS_DIR" ]; then if [ "$SNIPPETS_DIR" ]; then
vmount="$vmount -v $SNIPPETS_DIR:/etc/nginx/snippets" vmount="$vmount -v $SNIPPETS_DIR:/etc/nginx/snippets"
fi fi
if [ "$WEBROOT_DIR" ]; then if [ "$WEBROOT_DIR" ]; then
vmount="$vmount -v $WEBROOT_DIR:/usr/share/nginx/html" vmount="$vmount -v $WEBROOT_DIR:/usr/share/nginx/html"
fi fi
# trim leading whitespace # trim leading whitespace
vmount=${vmount##[[:space:]]} vmount=${vmount##[[:space:]]}
# process startup parameters # process startup parameters
while [ $# -gt 0 ]; do while [ $# -gt 0 ]; do
case "$1" in case "$1" in
-h|-\?|--help) -h | -\? | --help)
# display help # display help
scriptHelp scriptHelp
exit 0 exit 0
;; ;;
-s|--shell) -s | --shell)
# start shell instead of default CMD # start shell instead of default CMD
shell=true shell=true
;; ;;
-n|--name) -n | --name)
# container name # container name
if [ -z "$2" ]; then if [ -z "$2" ]; then
printf "${err}\nNo container name specified. Exiting.\n${norm}" printf "%s\nNo container name specified. Exiting.\n%s" "$err" "$norm"
exit 1 exit 1
fi fi
container_name="$2" container_name="$2"
shift
;;
*)
printf "${err}\nUnknown option: %s\n" "$1"
printf "Use '--help' for valid options.\n\n${norm}"
exit 1
;;
esac
shift shift
;;
*)
printf "%s\nUnknown option: %s\n" "$err" "$1"
printf "Use '--help' for valid options.\n\n%s" "$norm"
exit 1
;;
esac
shift
done done
# create network if it doesn't already exist # create network if it doesn't already exist
docker network inspect ${NETWORK} > /dev/null 2>&1 || \ docker network inspect ${NETWORK} >/dev/null 2>&1 ||
docker network create \ docker network create \
--attachable \ --attachable \
--driver=bridge \ --driver=bridge \
--subnet=${SUBNET} \ --subnet=${SUBNET} \
${NETWORK} ${NETWORK}
# run without TLS # run without TLS
if [ -z "$SSL_CERT" ]; then if [ -z "$SSL_CERT" ]; then
if [ $shell = 'true' ]; then if [ $shell = 'true' ]; then
# exec shell # exec shell
printf "${cyan}\nRunning SHELL on %s...${norm}\n" "$container_name" printf "%s\nRunning SHELL on %s...%s\n" "$cyan" "$container_name" "$norm"
docker run --rm -it --name ${container_name} \ docker run --rm -it --name "${container_name}" \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \ -e SERVER_NAMES="$HOSTNAMES" \
$vmount \ "${vmount}" \
--network=${NETWORK} \ --network=${NETWORK} \
-p ${HTTP_PORT}:80 \ -p ${HTTP_PORT}:80 \
docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh
else else
# exec normally # exec normally
printf "${cyan}\nRunning NGINX on %s...${norm}\n" "$container_name" printf "%s\nRunning NGINX on %s...%s\n" "$cyan" "$container_name" "$norm"
docker run -d --name ${container_name} \ docker run -d --name "${container_name}" \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \ -e SERVER_NAMES="$HOSTNAMES" \
$vmount \ "${vmount}" \
--network=${NETWORK} \ --network=${NETWORK} \
-p ${HTTP_PORT}:80 \ -p ${HTTP_PORT}:80 \
--restart unless-stopped \ --restart unless-stopped \
docker.asifbacchus.app/nginx/ab-nginx:latest docker.asifbacchus.app/nginx/ab-nginx:latest
fi fi
# run with TLS1.2 # run with TLS1.2
elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = 'FALSE' ]; then elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = 'FALSE' ]; then
if [ $shell = 'true' ]; then if [ $shell = 'true' ]; then
# exec shell # exec shell
printf "${cyan}\nRunning SHELL on %s (TLS 1.2)...${norm}\n" "$container_name" printf "%s\nRunning SHELL on %s (TLS 1.2)...%s\n" "$cyan" "$container_name" "$norm"
docker run --rm -it --name ${container_name} \ docker run --rm -it --name "${container_name}" \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \ -e SERVER_NAMES="$HOSTNAMES" \
$vmount \ "${vmount}" \
--network=${NETWORK} \ --network=${NETWORK} \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \
-v "$SSL_CHAIN":/certs/chain.pem:ro \ -v "$SSL_CHAIN":/certs/chain.pem:ro \
-v "$DH":/certs/dhparam.pem:ro \ -v "$DH":/certs/dhparam.pem:ro \
-p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \ -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh
else else
# exec normally # exec normally
printf "${cyan}\nRunning NGINX on %s (TLS 1.2)...${norm}\n" "$container_name" printf "%s\nRunning NGINX on %s (TLS 1.2)...%s\n" "$cyan" "$container_name" "$norm"
docker run -d --name ${container_name} \ docker run -d --name "${container_name}" \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \ -e SERVER_NAMES="$HOSTNAMES" \
$vmount \ "${vmount}" \
--network=${NETWORK} \ --network=${NETWORK} \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \
-v "$SSL_CHAIN":/certs/chain.pem:ro \ -v "$SSL_CHAIN":/certs/chain.pem:ro \
-v "$DH":/certs/dhparam.pem:ro \ -v "$DH":/certs/dhparam.pem:ro \
-p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \ -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
--restart unless-stopped \ --restart unless-stopped \
docker.asifbacchus.app/nginx/ab-nginx:latest docker.asifbacchus.app/nginx/ab-nginx:latest
fi fi
# run with TLS1.3 # run with TLS1.3
elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = 'TRUE' ]; then elif [ "$SSL_CERT" ] && [ "$TLS13_ONLY" = 'TRUE' ]; then
if [ $shell = 'true' ]; then if [ $shell = 'true' ]; then
# exec shell # exec shell
printf "${cyan}\nRunning SHELL on %s (TLS 1.3)...${norm}\n" "$container_name" printf "%s\nRunning SHELL on %s (TLS 1.3)...%s\n" "$cyan" "$container_name" "$norm"
docker run --rm -it --name ${container_name} \ docker run --rm -it --name "${container_name}" \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \ -e SERVER_NAMES="$HOSTNAMES" \
$vmount \ "${vmount}" \
--network=${NETWORK} \ --network=${NETWORK} \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \
-v "$SSL_CHAIN":/certs/chain.pem:ro \ -v "$SSL_CHAIN":/certs/chain.pem:ro \
-p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \ -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh docker.asifbacchus.app/nginx/ab-nginx:latest /bin/sh
else else
# exec normally # exec normally
printf "${cyan}\nRunning NGINX on %s (TLS 1.3)...${norm}\n" "$container_name" printf "%s\nRunning NGINX on %s (TLS 1.3)...%s\n" "$cyan" "$container_name" "$norm"
docker run -d --name ${container_name} \ docker run -d --name "${container_name}" \
--env-file ab-nginx.params \ --env-file ab-nginx.params \
-e SERVER_NAMES="$HOSTNAMES" \ -e SERVER_NAMES="$HOSTNAMES" \
$vmount \ "${vmount}" \
--network=${NETWORK} \ --network=${NETWORK} \
-v "$SSL_CERT":/certs/fullchain.pem:ro \ -v "$SSL_CERT":/certs/fullchain.pem:ro \
-v "$SSL_KEY":/certs/privkey.pem:ro \ -v "$SSL_KEY":/certs/privkey.pem:ro \
-v "$SSL_CHAIN":/certs/chain.pem:ro \ -v "$SSL_CHAIN":/certs/chain.pem:ro \
-p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \ -p ${HTTP_PORT}:80 -p ${HTTPS_PORT}:443 \
--restart unless-stopped \ --restart unless-stopped \
docker.asifbacchus.app/nginx/ab-nginx:latest docker.asifbacchus.app/nginx/ab-nginx:latest
fi fi
fi fi
### exit gracefully ### exit gracefully
exit 0 exit 0