From d86043190d19de2c60745f91968027627ffbe233 Mon Sep 17 00:00:00 2001
From: gauthiier <d@gauthiier.info>
Date: Sat, 19 Mar 2022 13:23:29 +0100
Subject: [PATCH] nginx+

---
 certbot-apache2/certbot_install               |   5 -
 certbot/.DS_Store                             | Bin 0 -> 6148 bytes
 {certbot-apache2 => certbot}/cert.py          |   0
 {vhost-apache2 => vhost}/apache2_set          |   0
 {vhost-apache2 => vhost}/c.txt                |   0
 {vhost-apache2 => vhost}/vhost.py             | 129 +++++++++++++-----
 .../vhost_tmpl => vhost/vhost_tmpl_apache2    |   0
 vhost/vhost_tmpl_nginx                        |  25 ++++
 8 files changed, 119 insertions(+), 40 deletions(-)
 delete mode 100755 certbot-apache2/certbot_install
 create mode 100644 certbot/.DS_Store
 rename {certbot-apache2 => certbot}/cert.py (100%)
 rename {vhost-apache2 => vhost}/apache2_set (100%)
 rename {vhost-apache2 => vhost}/c.txt (100%)
 rename {vhost-apache2 => vhost}/vhost.py (52%)
 rename vhost-apache2/vhost_tmpl => vhost/vhost_tmpl_apache2 (100%)
 create mode 100644 vhost/vhost_tmpl_nginx

diff --git a/certbot-apache2/certbot_install b/certbot-apache2/certbot_install
deleted file mode 100755
index b5f1442..0000000
--- a/certbot-apache2/certbot_install
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-sudo add-apt-repository ppa:certbot/certbot
-sudo apt-get update
-sudo apt-get install python-certbot-apache
\ No newline at end of file
diff --git a/certbot/.DS_Store b/certbot/.DS_Store
new file mode 100644
index 0000000000000000000000000000000000000000..5008ddfcf53c02e82d7eee2e57c38e5672ef89f6
GIT binary patch
literal 6148
zcmeH~Jr2S!425mzP>H1@V-^m;4Wg<&0T*E43hX&L&p$$qDprKhvt+--jT7}7np#A3
zem<@ulZcFPQ@L2!n>{z**<q8>++&mCkOWA81W14cNZ<zv;LbK1Poaz?KmsK2CSc!(
z0ynLxE!0092;Krf2c+FF_Fe*7ECH>lEfg7;MkzE(HCqgga^y>{tEnwC%0;vJ&^%eQ
zLs35+`xjp>T0<F0fCPF1$Cyrb|F7^5{eNG?83~ZUUlGt@xh*qZDeu<Z%US-OSsOPv
j)R!Z4KLME7ReXlK;d!wEw5GODWMKRea10D2@KpjYNUI8I

literal 0
HcmV?d00001

diff --git a/certbot-apache2/cert.py b/certbot/cert.py
similarity index 100%
rename from certbot-apache2/cert.py
rename to certbot/cert.py
diff --git a/vhost-apache2/apache2_set b/vhost/apache2_set
similarity index 100%
rename from vhost-apache2/apache2_set
rename to vhost/apache2_set
diff --git a/vhost-apache2/c.txt b/vhost/c.txt
similarity index 100%
rename from vhost-apache2/c.txt
rename to vhost/c.txt
diff --git a/vhost-apache2/vhost.py b/vhost/vhost.py
similarity index 52%
rename from vhost-apache2/vhost.py
rename to vhost/vhost.py
index f5b285c..3f0fc26 100755
--- a/vhost-apache2/vhost.py
+++ b/vhost/vhost.py
@@ -2,15 +2,19 @@
 
 import sys, os, shutil, platform, subprocess, re, argparse
 
-# only support linux
-platform_support = ['Linux']
+# only support linux / Debian, Ubuntu / nginx, apache2
+platform_system_support = ['Linux']
+platform_version_support = ['DEBIAN', 'UBUNTU']
+server_support = ['NGINX', "APACHE2"]
+
+server_kind = None
 
 html_dir_path = ""
 logs_dir_path = ""
 
 re_domain = r'^(?=.{1,253}$)(?!.*\.\..*)(?!\..*)([a-zA-Z0-9-]{,63}\.){,127}[a-zA-Z0-9-]{1,63}$'
 
-def y_n_question(question_str):
+def y_n_question(question_str: str) -> bool:
 
 	yes = {'yes','y', 'ye', ''}
 	no = {'no','n'}
@@ -24,24 +28,62 @@ def y_n_question(question_str):
 		   return False
 		else:
 		   sys.stdout.write("\nPlease respond with 'yes' or 'no'\n")
-		   continue		
+		   continue
+
+def check_server_version() -> str:
+
+	a = subprocess.call("sudo apache2 -v", shell=True)
+	if not a:
+		return "APACHE2"
+
+	n = subprocess.call("sudo nginx -v", shell=True)
+	if not n:
+		return "NGINX"
+
+	return None
+
+def check_distribution_version() -> str:
+
+	dist = platform.version().lower()
+
+	if 'debian' in dist:
+		return "DEBIAN"
+
+	if 'ubuntu' in dist:
+		return "UBUNTU"
+
+	return None
 
 def sanity_check_system():
 
 	# check platform
-	if platform.system() not in platform_support:
-		sys.exit("Platform " + platform.system() + " not supported. Aborting...")
+	if platform.system() not in platform_system_support:
+		sys.exit(f"Platform {platform.system()} not supported. Aborting...")
 
-	# check apache2
-	r = subprocess.call("apache2 -v", shell=True) == 0
+	dist = check_distribution_version()
+	if not dist:
+		sys.exit("OS distribution not supported. Aborting...")
 
-	# check apache2 (ubuntu)
-	u = os.path.exists('/etc/apache2/sites-available/')
+	sv = check_server_version()
+	if not sv:
+		sys.exit("Server distribution not supported. Aborting...")
 
-	if not r and u:
-		sys.exit("Apache2 (ubuntu) not installed on your system. Aborting...")
+	if dist in platform_version_support and sv == "APACHE2":
+		# check apache2 (ubuntu or debian)
+		u = os.path.exists('/etc/apache2/sites-available/')
+		if not u:
+			sys.exit(f"Apache2 ({dist}) not installed on your system. Aborting...")
 
-def sanity_chek_platform():
+	if dist in platform_version_support and sv in server_support:
+		# check apache2 (ubuntu or debian)
+		u = os.path.exists(f'/etc/{sv.lower()}/sites-available/')
+		if not u:
+			sys.exit(f"{sv} ({dist}) not installed on your system. Aborting...")
+
+	return sv, dist
+
+
+def sanity_check_platform():
 
 	global html_dir_path, logs_dir_path
 
@@ -62,7 +104,7 @@ def sanity_chek_platform():
 		else:
 			sys.exit("Can not configure platform. Aborting...")
 
-def vhost_add(domain):
+def vhost_add(domain: str, sv: str, dist: str):
 
 	global html_dir_path, logs_dir_path, re_domain
 
@@ -78,8 +120,16 @@ def vhost_add(domain):
 	os.makedirs(logs, exist_ok=True)
 
 	# debug: this file might not be here...........
-	with open('vhost_tmpl') as vhost_tmpl_fp:
-		vhost_tmpl = vhost_tmpl_fp.read()
+	if sv == "APACHE2":
+		with open('vhost_tmpl_apache2') as vhost_tmpl_fp:
+			vhost_tmpl = vhost_tmpl_fp.read()
+
+	elif sv == "NGINX":
+		with open('vhost_tmpl_nginx') as vhost_tmpl_fp:
+			vhost_tmpl = vhost_tmpl_fp.read()
+
+	else:
+		sys.exit(f"{sv} not recognised. Aborting...")
 
 	usr = os.getlogin()
 
@@ -94,9 +144,6 @@ def vhost_add(domain):
 	# debug: this file might not be here...........
 	shutil.copyfile('c.txt', os.path.join(www, 'c.txt'))
 
-	# bla = os.path.join(www, 'itworks.txt')
-	# with open(bla, 'w+') as bla_fp:
-	# 	bla_fp.write("it does.")
 
 	# check is ssl cert exists
 	cert = os.path.join('/etc/letsencrypt/live', domain)
@@ -105,22 +152,34 @@ def vhost_add(domain):
 		print("	warning: Please make sure to place them in " + cert + " to allow secure https connection to your site.")
 
 	# mv conf file to apache?
-	if y_n_question("Move " + vhost_file + " to /etc/apache2/sites-available/ ?"):
-		vhost_conf_file = os.path.join('/etc/apache2/sites-available/', domain + '.conf')
-		subprocess.call(['sudo', 'mv', vhost_file, vhost_conf_file])
+	if dist in platform_version_support:
+		if y_n_question(f"Move {vhost_file} to /etc/{sv.lower()}/sites-available/ ?"):
+			vhost_conf_file = os.path.join(f'/etc/{sv.lower()}/sites-available/', f'{domain}.conf')
+			subprocess.call(['sudo', 'mv', vhost_file, vhost_conf_file])
+			
+			# enable site?
+			if y_n_question(f"Enable {domain}?"):
+				if sv == "APACHE2":
+					subprocess.call(['sudo', 'a2ensite', f'{domain}.conf'])
 
-		# enable site?
-		if y_n_question("Enable " + domain + "?"):
-			subprocess.call(['sudo', 'a2ensite', domain + '.conf'])
+				if sv == "NGINX":
+					vhost_conf_file_enabled = os.path.join(f'/etc/nginx/sites-enabled/', f'{domain}.conf')
+					subprocess.call(['sudo', 'ln', '-s', vhost_conf_file, vhost_conf_file_enabled])
 
-def vhost_remove(domain):
+
+def vhost_remove(domain: str, sv: str, dist: str):
 	print("	removing domain — " + domain)
 
-	vhost_conf_file = os.path.join('/etc/apache2/sites-available/', domain + '.conf')
+	vhost_conf_file = os.path.join(f'/etc/{sv.lower()}/sites-available/{domain}.conf')
 	if os.path.exists(vhost_conf_file):
 		if y_n_question("Delete " + vhost_conf_file + " ?"):
 			subprocess.call(['sudo', 'rm', vhost_conf_file])
-			subprocess.call(['sudo', 'a2dissite', vhost_conf_file])
+			if sv == "APACHE2":
+				subprocess.call(['sudo', 'a2dissite', vhost_conf_file])
+			if sv == "NGINX":
+				vhost_conf_file_enabled = os.path.join(f'/etc/nginx/sites-enabled/', f'{domain}.conf')
+				subprocess.call(['sudo', 'rm', vhost_conf_file_enabled])
+
 
 	www = os.path.join(html_dir_path, domain)
 	if os.path.exists(www):
@@ -145,20 +204,20 @@ if __name__ == "__main__":
 
     print('1. sanity checks')
 
-    sanity_check_system()
-    sanity_chek_platform()
+    sv, dist = sanity_check_system()
+    sanity_check_platform()
 
     print('2. vhosting')
 
     for d in args.domain:
     	if args.add:
-    		vhost_add(d)
+    		vhost_add(d, sv, dist)
     	elif args.remove:
-    		vhost_remove(d)
-
-    if y_n_question("Reload apache2?"):
-    	subprocess.call(['sudo', 'service', 'apache2', 'reload'])
+    		vhost_remove(d, sv, dist)
 
+    if y_n_question(f"Reload {sv}?"):    	
+		subprocess.call(['sudo', 'service', sv.lower(), 'reload'])
+    	
     print('done.')
 
 
diff --git a/vhost-apache2/vhost_tmpl b/vhost/vhost_tmpl_apache2
similarity index 100%
rename from vhost-apache2/vhost_tmpl
rename to vhost/vhost_tmpl_apache2
diff --git a/vhost/vhost_tmpl_nginx b/vhost/vhost_tmpl_nginx
new file mode 100644
index 0000000..d8ea290
--- /dev/null
+++ b/vhost/vhost_tmpl_nginx
@@ -0,0 +1,25 @@
+server {
+    listen 80;
+    server_name %domain?;
+    rewrite ^ https://%domain?$request_uri? permanent;
+}
+
+server {
+    listen 443 ssl http2;
+
+    ssl_certificate /etc/letsencrypt/live/%domain?/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/%domain?/privkey.pem;
+    ssl_stapling on;
+
+    server_name %domain?;
+
+    location / {
+        root /home/%user?/html/%domain?;
+        index index.html;
+    }
+    
+
+    gzip on;
+    error_log /home/%user?/logs/%domain?/error.log;
+    access_log /home/%user?/logs/%domain?/access.log;
+}
\ No newline at end of file