Bash script to retrieving virtual hosts info from httpd.conf
ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Bash script to retrieving virtual hosts info from httpd.conf
Hello,
I am trying to make a bash script for my nginx server because i use cPanel and they do not include nginx and it is a plugin. So i am trying to make a bash script so it looks in to the httpd.conf file for every virtual hosts that have SSL installed and to build the nginx ssl conf file and copy the cert, key and caboundle files to a ssl folder in nginx. my script is working but need fine tuning on the coding because right now it loops ever virtual hosts and i only need it to loop only the virtual hosts that use port 443 and have no idea how to do it.
I also notice that in my httpd.conf file there is virtual hosts that are the domain mail that are using mail.domain.com and my script is not including them.
I know my script not pretty but it works and i am not a programmer and did a lot of googling. is there a way to change the awk to only look for all <VirtualHost*:443> ?
Code:
#!/bin/bash
## Setting the variables for the Folder paths ##
CHAINPATH='/etc/nginx/ssl/caboundles';
CUSTOMCERTSPATH='/etc/nginx/ssl/certs';
CUSTOMKEYPATH='/etc/nginx/ssl/keys';
VHOSTPATH='/etc/nginx/ssl/vhosts';
echo "|--Searching the cPanel httpd.conf file for all domains that have SSL installed.....";
echo "|---------------------------------------------------------------";
while read ServerName SSLCertificateFile SSLCertificateKeyFile SSLCACertificateFile
do
## Making sure the SSL cert and key was found before creating the conf file ##
if [[ -n $SSLCertificateFile ]] || [[ -n $SSLCertificateKeyFile ]]
then
## Removing the . and - from the domain and replacing it with _ ##
fqdn=${ServerName//./_};
fqdnServerName=${fqdn//-/_};
echo "|--|--Installing $ServerName nginx SSL conf file.........";
echo "|--|--|--The SSL cert file was found and was copied to the $CUSTOMCERTSPATH folder.";
cp $SSLCertificateFile $CUSTOMCERTSPATH/$fqdnServerName.crt;
echo "|--|--|--|--SSL cert file: $CUSTOMCERTSPATH/$fqdnServerName.crt";
echo "|--|--|--The SSL key file was found and was copied to the $CUSTOMKEYPATH folder.";
cp $SSLCertificateKeyFile $CUSTOMKEYPATH/$fqdnServerName.key;
echo "|--|--|--|--SSL key file: $CUSTOMKEYPATH/$fqdnServerName.key";
## checking to see if the CAboundle was found ##
if [[ -n $SSLCACertificateFile ]]
then
echo "|--|--|--The SSL CAboundle file was found and was copied to the $CHAINPATH folder.";
cp $SSLCACertificateFile $CHAINPATH/$fqdnServerName.pem;
echo "|--|--|--|--SSL CAboundle file: $CHAINPATH/$fqdnServerName.pem";
CABOUNDLEDATA=$"# ============ Start OCSP stapling protection ============
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate $CHAINPATH/$ServerName.pem;
# ============ End OCSP stapling protection ============
";
else
## Displaying a error that the CAboundle was not found ##
echo "|--|--|--ERROR!";
echo "|--|--|--|--The SSL CAboundle file could not be found for this domain $ServerName";
echo "|--|--|--|--Could not add the OCSP stapling protection to the $fqdnServerName.conf file because the SSL CAboundle file is missing.";
fi
## SSL domain_com.conf template ##
FILEDATA=$"# /**
# * @version 1.7.2
# * @package Engintron for cPanel/WHM
# * @author Fotis Evangelou
# * @url https://engintron.com
# * @copyright Copyright (c) 2010 - 2016 Nuevvo Webware P.C. All rights reserved.
# * @license GNU/GPL license: http://www.gnu.org/copyleft/gpl.html
# */
server {
listen 443 ssl http2;
server_name $ServerName www.$ServerName;
ssl_certificate $CUSTOMCERTSPATH/$fqdnServerName.crt;
ssl_certificate_key $CUSTOMKEYPATH/$fqdnServerName.key;
$CABOUNDLEDATA
include ssl_proxy_params_common;
}";
## Empty the CABOUNDLEDATA variables each time it loops so that we don't ##
## add the wrong CAboundle info in to the vhost that is being created ##
CABOUNDLEDATA="";
echo "$FILEDATA" > $VHOSTPATH/$fqdnServerName.conf;
echo "|--|--The SSL $fqdnServerName.conf file was successfully created";
echo "|--|--|-- SSL conf file: $VHOSTSPATH/$fqdnServerName.conf";
echo "|---------------------------------------------------------------";
fi
done< <(awk '/^<VirtualHost*/,/^<\/VirtualHost>/{if(/^<\/VirtualHost>/)p=1;if(/ServerName|SSLCertificateFile|SSLCertificateKeyFile|SSLCACertificateFile|## ServerName/)out = out (out?OFS:"") (/User/?$3:$2)}p{print out;p=0;out=""}' /usr/local/apache/conf/httpd.conf)
echo "|--Reloading nginx";
service nginx reload;
echo "|--Restarting nginx"
service nginx restart;
As the main concern is the awk I will keep my focus there. If you only wish to return those using 443 then make that an item you look for so that when you enter the 'p' portion of your script you can test
to see if that was found.
Yes Habitual part of the code was from that post because i am not a programmer and when i google to see how to look in the httpd.conf file that post came up and was what i was looking for.
I changed my awk to use this
Code:
p{if(443 was found)print out;p=0;out=""}
and not this
Code:
p{print out;p=0;out=""}
===Updated====
I forgot to ask is there a way to search for 2 different ports 443 and 444 because with my nginx plugin the apache SSL port is changed to 444 and it's also changed in the httpd.conf file.
ummm ... not exactly that?? Sorry if I assumed too much, but you will need to set a variable which is looking for the presence of the string '443' and if it is found you set the variable to true (a 1 will suffice) and then use the 'if' to see if the variable is set to 1.
ummm ... not exactly that?? Sorry if I assumed too much, but you will need to set a variable which is looking for the presence of the string '443' and if it is found you set the variable to true (a 1 will suffice) and then use the 'if' to see if the variable is set to 1.
Let me know if that clears that up?
Hello i am not sure what you mean i am not a programmer and trying to learn can you give me a example what you mean? I mostly do PHP scripting so i am not use to doing programming coding and have no idea how to put the 443 in to a variable so it can be checked in awk.
The same way you set the variables p and out. So if you called it 'port_found', you would need to check the line contains '443', like you did for 'ServerName' and once found it is simply:
Code:
port_found = 1
Then you would place 'port_found' in the 'if' I first showed you. You would also need to set it back to zero inside the same 'if' so you wait until it gets set again.
If you can code in php, this shouldn't seem to foreign
The same way you set the variables p and out. So if you called it 'port_found', you would need to check the line contains '443', like you did for 'ServerName' and once found it is simply:
Code:
port_found = 1
Then you would place 'port_found' in the 'if' I first showed you. You would also need to set it back to zero inside the same 'if' so you wait until it gets set again.
If you can code in php, this shouldn't seem to foreign
I am not sure how to do that because the port is in the <VirtualHost as <VirtualHost IP:443> unlike ServerName is after the <VirtualHost IP:443> was loaded.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.