Skip to content

Instantly share code, notes, and snippets.

@Eihen

Eihen/site-manager

Last active July 4, 2019 13:20
Show Gist options
  • Save Eihen/baaff0e7d7b419f30c3946d81f620954 to your computer and use it in GitHub Desktop.
Save Eihen/baaff0e7d7b419f30c3946d81f620954 to your computer and use it in GitHub Desktop.
Download ZIP
Configurable script to setup a new deployment point for an application
Raw
site-manager
#!/bin/bash
# Configurable script to setup a new deployment point for an application
# It helps you create databases, apache configuration files, pushable git bare repositories, diretory creation and file permissions
# This program is free software. It comes without any warranty, to the extent permitted by applicable law.
# You can redistribute it and/or modify it under the terms of the Do What The Fuck You Want To Public License, Version 2,
# as published by Sam Hocevar. See http://www.wtfpl.net/ for more details.
set -e
set -o pipefail
# Usuário padrão
USER="user"
# Grupo padrão
GROUP="www-data"
# Diretório web do apache
WWW="/var/www"
# Configurações de sites do apache
SITES="/etc/apache2/sites-available"
# Domínio padrão para configuração do apache
DOMAIN="mydomain.com"
# ToDo Ask in a secure way
PASS=""
STORAGES=()
ALIASES=()
while getopts "r:n:p:gi:mt:hsoa:db" opt; do
case ${opt} in
\?) # help
echo 'Directory Creation:'
echo " -r <path>: Root directory (default: /home/${USER})"
echo ' -n <name>: Site name [required]'
echo ' -p <path>: Public directory relative to <root>/<name>'
echo ''
echo 'GIT Repository:'
echo ' -g: Create git repository and directories'
echo ' -i <branch>: Create initial empty commit in the specified branch'
echo ''
echo 'Permissions:'
echo ' -m: Adjust the directories and files permissions'
echo ' -t <path>: Directories that the webserver should have write access (can be used multiple times)'
echo ''
echo 'Apache:'
echo ' -h: Generate HTTP apache configuration'
echo ' -s: Generate HTTPS apache configuration'
echo " -o <domain>: Domain to use in configuration (default: ${DOMAIN})"
echo ' -a <alias>: Alias domains to be added in the configuration, the aliases will be added and not replaced (can be used multiple times)'
echo ''
echo 'Database:'
echo ' -d: Create database for application'
echo ' -b: Enable backups of application database'
exit 1;
;;
r)
ROOT="${OPTARG}"
;;
n)
NAME="${OPTARG}"
;;
p)
PUBLIC="/${OPTARG}"
;;
g)
DIR=1
;;
i)
BRANCH="${OPTARG}"
;;
m)
PERMS=1
;;
t)
STORAGES+=("/${OPTARG}")
;;
h)
HTTP=1
;;
s)
HTTPS=1
;;
o)
DOMAIN="${OPTARG}"
;;
a)
ALIASES+=("${OPTARG}")
;;
d)
DATABASE=1
;;
b)
BACKUP=1
;;
:)
echo "Invalid option: ${OPTARG} required an argument" 1>&2
exit 1
;;
esac
done
if [ ! "${NAME}" ]; then
echo "The -n option is required."
exit 1
fi
if [ ! "${ROOT}" ]; then
# Diretório base
ROOT="/home/${USER}"
fi
# Repositório
GIT="${ROOT}/${NAME}"
# Worktree
WORKTREE="${GIT}/worktree"
# Exemplos
SAMPLES="${ROOT}/exemplos"
if [ "${DIR}" ]; then
echo "Creating directories..."
mkdir "${GIT}"
mkdir "${WORKTREE}"
# Se public for vazio nada acontecerá
mkdir -p "${WORKTREE}${PUBLIC}"
for STORAGE in "${STORAGES[@]}"; do
mkdir -p "${WORKTREE}${STORAGE}"
done
# Inicia o repositório bare
echo "Initializing git repo..."
pushd "${GIT}" > /dev/null
git init --bare > /dev/null
popd > /dev/null
# Copia o hook post-receive e o altera com o nome do repositório
echo "Adding post-receive hook..."
cp "${SAMPLES}/post-receive-simple.sample" "${GIT}/hooks/post-receive"
sed -i "s|repositorio|${NAME}|g" "${GIT}/hooks/post-receive"
fi
if [ "${BRANCH}" ]; then
echo "Creating initial empty commit..."
# Define o email do usuário no git se não existir
if ! git config --global user.email > /dev/null; then
git config --global user.email "$(whoami)@$(hostname)" > /dev/null
fi
# Define o nome do usuário no git se não existir
if ! git config --global user.name > /dev/null; then
git config --global user.name "$(whoami)@$(hostname)" > /dev/null
fi
# Cria commit vazio
git --git-dir="${GIT}" --work-tree="${WORKTREE}" checkout -b "${BRANCH}" > /dev/null
git --git-dir="${GIT}" --work-tree="${WORKTREE}" commit -m "Init" --allow-empty > /dev/null
fi
if [ "${PERMS}" ]; then
echo "Adjusting files permissions..."
# Permissões iniciais ($USER:$USER 750)
# Usuário e grupo proprietários de $GIT e seu conteúdo
chown -R "${USER}":"${USER}" "${GIT}"
# Padrão para novos arquivos e diretórios
setfacl -R -d -m u::7,g::5,o::0 "${GIT}"
# Remove permissões atuais para usuário e grupo para evitar restos
chmod -R ug-rw "${GIT}"
# Permissões do usuário
chmod -R u+rw "${GIT}"
# Permissões do grupo
chmod -R g+r "${GIT}"
# Permissões de outros
chmod -R o-rwx "${GIT}"
# Garante que os diretórios são acessíveis
# Não toca no bit "x" de arquivos para preservar arquivos executáveis
find "${GIT}" -type d -exec chmod ug+x {} \;
# Outros podem abrir o diretório $GIT para acessar a $WORKTREE
# Necessário pois esse diretório pertence ao grupo $USER e não $GROUP
chmod o+x "${GIT}"
# Permissões especificas para $WORKTREE ($USER:$GROUP 750 g+s)
# Usuário e grupo proprietários de $WORKTREE e seu conteúdo
chown -R "${USER}":"${GROUP}" "${WORKTREE}"
# Remove g+s para garantir que nenhum arquivo o possua
chmod -R g-s "${WORKTREE}"
# Adiciona g+s aos diretórios para que os novos arquivos e diretórios herdem o grupo
find "${WORKTREE}" -type d -exec chmod g+s {} \;
# Permissões especificas para $STORAGES (770)
for STORAGE in "${STORAGES[@]}"; do
# Padrão para novos arquivos e diretórios
setfacl -R -d -m g::7 "${WORKTREE}${STORAGE}"
# Permissão de escrita para o grupo
chmod -R g+w "${WORKTREE}${STORAGE}"
done
fi
if [ "${HTTP}" ] || [ "${HTTPS}" ]; then
# Symlink
ln -sf "${WORKTREE}" "${WWW}/${NAME}"
# Replaces on Apache Config
REP_ROOT="s|${WWW}/subdominio|${WWW}/${NAME}${PUBLIC}|g"
REP_SUBDOM="s|subdominio|${NAME}|g"
REP_DOM="s|dominio|${DOMAIN}|g"
fi
# HTTP
if [ "${HTTP}" ]; then
echo "Creating HTTP configuration..."
cp "${SAMPLES}/site-nossl.conf.sample" "${SITES}/${NAME}-nossl.conf"
sed -i "${REP_ROOT}" "${SITES}/${NAME}-nossl.conf"
sed -i "${REP_SUBDOM}" "${SITES}/${NAME}-nossl.conf"
sed -i "${REP_DOM}" "${SITES}/${NAME}-nossl.conf"
fi
# HTTPS
if [ "${HTTPS}" ]; then
echo "Creating HTTPS configuration..."
cp "${ROOT}/exemplos/site.conf.sample" "${SITES}/${NAME}.conf"
sed -i "${REP_ROOT}" "${SITES}/${NAME}.conf"
sed -i "${REP_SUBDOM}" "${SITES}/${NAME}.conf"
sed -i "${REP_DOM}" "${SITES}/${NAME}.conf"
fi
# Aliases
if [ "${#ALIASES[@]}" ]; then
echo "Adding domain aliases to configurations..."
FILES=(
"${SITES}/${NAME}-nossl.conf"
"${SITES}/${NAME}.conf"
)
for FILE in "${FILES[@]}"; do
if [ -f "$FILE" ]; then
for ALIAS in "${ALIASES[@]}"; do
sed -i -E "s|(\s*)(ServerName .+?$)|\1\2\n\1ServerAlias ${ALIAS}|" "${FILE}"
done
fi
done
fi
# Database
if [ "${DATABASE}" ]; then
echo "Creating database..."
mysql --defaults-group-suffix="_${USER}" --execute="
CREATE DATABASE \`${NAME}\`;
CREATE USER \`${NAME}\`@\`localhost\` IDENTIFIED BY '${PASSWORD}';
GRANT ALL PRIVILEGES ON \`${NAME}\`.* TO \`${NAME}\`@\`localhost\`;
GRANT SELECT ON \`common\`.* TO \`${NAME}\`@\`localhost\`;";
fi
# Backup
if [ "${BACKUP}" ]; then
echo "Adding database to backups..."
mysql --defaults-group-suffix="_${USER}" --execute="
GRANT SELECT, LOCK TABLES, SHOW VIEW, EVENT, TRIGGER ON \`${NAME}\`.* TO \`backup\`@\`localhost\`;";
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment