forked from tcisme/lnmp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathupgrade1.x-1.5.sh
315 lines (286 loc) · 13.2 KB
/
upgrade1.x-1.5.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
# Check if user is root
if [ $(id -u) != "0" ]; then
echo "Error: You must be root to run this script"
exit 1
fi
cur_dir=$(pwd)
isSSL=$1
. lnmp.conf
. include/main.sh
Get_Dist_Name
Check_Stack
Check_DB
if [ "${isSSL}" == "ssl" ]; then
echo "+--------------------------------------------------+"
echo "| A tool to upgrade lnmp 1.4 certbot to acme.sh |"
echo "+--------------------------------------------------+"
echo "|For more information please visit https://lnmp.org|"
echo "+--------------------------------------------------+"
if [[ "${Get_Stack}" =~ "lnmp" ]]; then
domain=""
while :;do
Echo_Yellow "Please enter domain(example: www.lnmp.org): "
read domain
if [ "${domain}" != "" ]; then
if [ ! -f "/usr/local/nginx/conf/vhost/${domain}.conf" ]; then
Echo_Red "${domain} is not exist,please check!"
exit 1
else
echo " Your domain: ${domain}"
if ! grep -q "/etc/letsencrypt/live/${domain}/fullchain.pem" "/usr/local/nginx/conf/vhost/${domain}.conf"; then
Echo_Red "SSL configuration NOT found in the ${domain} config file!"
exit 1
fi
break
fi
else
Echo_Red "Domain name can't be empty!"
fi
done
Echo_Yellow "Enter more domain name(example: lnmp.org *.lnmp.org): "
read moredomain
if [ "${moredomain}" != "" ]; then
echo " domain list: ${moredomain}"
fi
vhostdir="/home/wwwroot/${domain}"
echo "Please enter the directory for the domain: $domain"
Echo_Yellow "Default directory: /home/wwwroot/${domain}: "
read vhostdir
if [ "${vhostdir}" == "" ]; then
vhostdir="/home/wwwroot/${domain}"
fi
echo "Virtual Host Directory: ${vhostdir}"
if [ ! -d "${vhostdir}" ]; then
Echo_Red "${vhostdir} does not exist or is not a directory!"
exit 1
fi
letsdomain=""
if [ "${moredomain}" != "" ]; then
letsdomain="-d ${domain}"
for i in ${moredomain};do
letsdomain=${letsdomain}" -d ${i}"
done
else
letsdomain="-d ${domain}"
fi
if [ -s /usr/local/acme.sh/acme.sh ]; then
echo "/usr/local/acme.sh/acme.sh [found]"
else
cd /tmp
[[ -f latest.tar.gz ]] && rm -f latest.tar.gz
wget https://soft.vpser.net/lib/acme.sh/latest.tar.gz --prefer-family=IPv4 --no-check-certificate
tar zxf latest.tar.gz
cd acme.sh-*
./acme.sh --install --log --home /usr/local/acme.sh --certhome /usr/local/nginx/conf/ssl
cd ..
rm -f latest.tar.gz
rm -rf acme.sh-*
sed -i 's/cat "\$CERT_PATH"$/#cat "\$CERT_PATH"/g' /usr/local/acme.sh/acme.sh
fi
. "/usr/local/acme.sh/acme.sh.env"
if [ -s /usr/local/nginx/conf/ssl/${domain}/fullchain.cer ]; then
echo "Removing exist domain certificate..."
rm -rf /usr/local/nginx/conf/ssl/${domain}
fi
echo "Starting create SSL Certificate use Let's Encrypt..."
/usr/local/acme.sh/acme.sh --issue ${letsdomain} -w ${vhostdir} --reloadcmd "/etc/init.d/nginx reload"
lets_status=$?
if [ "${lets_status}" = 0 ]; then
Echo_Green "Let's Encrypt SSL Certificate create successfully."
echo "Modify ${domain} configure..."
sed -i "s@/etc/letsencrypt/live/${domain}/fullchain.pem@/usr/local/nginx/conf/ssl/${domain}/fullchain.cer@g" "/usr/local/nginx/conf/vhost/${domain}.conf"
sed -i "s@/etc/letsencrypt/live/${domain}/privkey.pem@/usr/local/nginx/conf/ssl/${domain}/${domain}.key@g" "/usr/local/nginx/conf/vhost/${domain}.conf"
echo "done."
if crontab -l|grep -q "/bin/certbot renew"; then
(crontab -l | grep -v "/bin/certbot renew") | crontab -
fi
/etc/init.d/nginx reload
sleep 1
Echo_Green "upgrade ${domain} successfully."
else
Echo_Red "Let's Encrypt SSL Certificate create failed!"
Echo_Red "upgrade ${domain} fialed."
fi
elif [ "${Get_Stack}" == "lamp" ]; then
domain=""
while :;do
Echo_Yellow "Please enter domain(example: www.lnmp.org): "
read domain
if [ "${domain}" != "" ]; then
if [ ! -f "/usr/local/apache/conf/vhost/${domain}.conf" ]; then
Echo_Red "${domain} is not exist,please check!"
exit 1
else
echo " Your domain: ${domain}"
if ! grep -q "/etc/letsencrypt/live/${domain}/privkey.pem" "/usr/local/apache/conf/vhost/${domain}.conf"; then
Echo_Red "SSL configuration NOT found in the ${domain} config file!"
exit 1
fi
break
fi
else
Echo_Red "Domain name can't be empty!"
fi
done
Echo_Yellow "Enter more domain name(example: lnmp.org *.lnmp.org): "
read moredomain
if [ "${moredomain}" != "" ]; then
echo " domain list: ${moredomain}"
fi
vhostdir="/home/wwwroot/${domain}"
echo "Please enter the directory for the domain: $domain"
Echo_Yellow "Default directory: /home/wwwroot/${domain}: "
read vhostdir
if [ "${vhostdir}" == "" ]; then
vhostdir="/home/wwwroot/${domain}"
fi
echo "Virtual Host Directory: ${vhostdir}"
if [ ! -d "${vhostdir}" ]; then
Echo_Red "${vhostdir} does not exist or is not a directory!"
exit 1
fi
letsdomain=""
if [ "${moredomain}" != "" ]; then
letsdomain="-d ${domain}"
for i in ${moredomain};do
letsdomain=${letsdomain}" -d ${i}"
done
else
letsdomain="-d ${domain}"
fi
if [ -s /usr/local/acme.sh/acme.sh ]; then
echo "/usr/local/acme.sh/acme.sh [found]"
else
cd /tmp
[[ -s latest.tar.gz ]] && rm -f latest.tar.gz
wget https://soft.vpser.net/lib/acme.sh/latest.tar.gz --prefer-family=IPv4 --no-check-certificate
tar zxf latest.tar.gz
cd acme.sh-*
./acme.sh --install --log --home /usr/local/acme.sh --certhome /usr/local/apache/conf/ssl
cd ..
rm -f latest.tar.gz
rm -rf acme.sh-*
sed -i 's/cat "\$CERT_PATH"$/#cat "\$CERT_PATH"/g' /usr/local/acme.sh/acme.sh
fi
. "/usr/local/acme.sh/acme.sh.env"
if [ -s /usr/local/apache/conf/ssl/${domain}/fullchain.cer ]; then
echo "Removing exist domain certificate..."
rm -rf /usr/local/apache/conf/ssl/${domain}
fi
echo "Starting create SSL Certificate use Let's Encrypt..."
/usr/local/acme.sh/acme.sh --issue ${letsdomain} -w ${vhostdir} --reloadcmd "/etc/init.d/httpd graceful"
lets_status=$?
if [ "${lets_status}" = 0 ]; then
Echo_Green "Let's Encrypt SSL Certificate create successfully."
echo "Modify ${domain} configure..."
sed -i "s@/etc/letsencrypt/live/${domain}/fullchain.pem@/usr/local/apache/conf/ssl/${domain}/${domain}.cer@g" "/usr/local/apache/conf/vhost/${domain}.conf"
sed -i "s@/etc/letsencrypt/live/${domain}/privkey.pem@/usr/local/apache/conf/ssl/${domain}/${domain}.key@g" "/usr/local/apache/conf/vhost/${domain}.conf"
sed -i "/\/usr\/local\/apache\/conf\/ssl\/${domain}\/${domain}.key/a\SSLCertificateChainFile \/usr\/local\/apache\/conf\/ssl\/${domain}\/ca.cer" "/usr/local/apache/conf/vhost/${domain}.conf"
echo "done."
if crontab -l|grep -q "/bin/certbot renew"; then
(crontab -l | grep -v "/bin/certbot renew") | crontab -
fi
/etc/init.d/httpd graceful
sleep 1
Echo_Green "upgrade ${domain} successfully."
else
Echo_Red "Let's Encrypt SSL Certificate create failed!"
Echo_Red "upgrade ${domain} fialed."
fi
else
Echo_Red "Can't get stack info and will not be able to upgrade."
fi
else
echo "+--------------------------------------------------+"
echo "| A tool to upgrade lnmp manager from 1.x to 1.5 |"
echo "+--------------------------------------------------+"
echo "|For more information please visit https://lnmp.org|"
echo "+--------------------------------------------------+"
Press_Start
if [ "${Get_Stack}" == "unknow" ]; then
Echo_Red "Can't get stack info."
exit
elif [ "${Get_Stack}" == "lnmp" ]; then
if [ "$PM" = "yum" ]; then
Echo_Blue "[+] Yum installing dependent packages..."
for packages in patch wget crontabs unzip tar ca-certificates net-tools libc-client-devel psmisc libXpm-devel git-core c-ares-devel libicu-devel libxslt libxslt-devel xz expat-devel bzip2 bzip2-devel libaio-devel;
do yum -y install $packages; done
elif [ "$PM" = "apt" ]; then
apt-get update -y
for packages in debian-keyring debian-archive-keyring build-essential bison libkrb5-dev libcurl3-gnutls libcurl4-gnutls-dev libcurl4-openssl-dev libcap-dev ca-certificates libc-client2007e-dev psmisc patch git libc-ares-dev libicu-dev e2fsprogs libxslt libxslt1-dev libc-client-dev xz-utils libexpat1-dev bzip2 libbz2-dev libaio-dev;
do apt-get --no-install-recommends install -y $packages; done
fi
echo "Copy lnmp manager..."
sleep 1
\cp ${cur_dir}/conf/lnmp /bin/lnmp
chmod +x /bin/lnmp
echo "Copy configure files..."
sleep 1
if [ ! -s /usr/local/nginx/conf/enable-php.conf ]; then
\cp ${cur_dir}/conf/enable-php.conf /usr/local/nginx/conf/enable-php.conf
fi
if [ ! -s /usr/local/nginx/conf/pathinfo.conf ]; then
\cp ${cur_dir}/conf/pathinfo.conf /usr/local/nginx/conf/pathinfo.conf
fi
if [ ! -s /usr/local/nginx/conf/enable-php-pathinfo.conf ]; then
\cp ${cur_dir}/conf/enable-php-pathinfo.conf /usr/local/nginx/conf/enable-php-pathinfo.conf
fi
if [ ! -d /usr/local/nginx/conf/rewrite ]; then
\cp -ra ${cur_dir}/conf/rewrite /usr/local/nginx/conf/
fi
if [ ! -d /usr/local/nginx/conf/vhost ]; then
mkdir /usr/local/nginx/conf/vhost
fi
elif [ "${Get_Stack}" == "lnmpa" ]; then
echo "Copy lnmp manager..."
sleep 1
\cp ${cur_dir}/conf/lnmpa /bin/lnmp
chmod +x /bin/lnmp
echo "Copy configure files..."
sleep 1
\cp ${cur_dir}/conf/proxy.conf /usr/local/nginx/conf/proxy.conf
if [ ! -s /usr/local/nginx/conf/proxy-pass-php.conf ]; then
\cp ${cur_dir}/conf/proxy-pass-php.conf /usr/local/nginx/conf/proxy-pass-php.conf
fi
if ! grep -q "SetEnvIf X-Forwarded-Proto https HTTPS=on" /usr/local/apache/conf/httpd.conf; then
if /usr/local/apache/bin/httpd -v|grep -Eqi "Apache/2.2."; then
sed -i "/Include conf\/vhost\/\*.conf/i\SetEnvIf X-Forwarded-Proto https HTTPS=on\n" /usr/local/apache/conf/httpd.conf
elif /usr/local/apache/bin/httpd -v|grep -Eqi "Apache/2.4."; then
sed -i "/IncludeOptional conf\/vhost\/\*.conf/i\SetEnvIf X-Forwarded-Proto https HTTPS=on\n" /usr/local/apache/conf/httpd.conf
fi
fi
if [ ! -d /usr/local/nginx/conf/vhost ]; then
mkdir /usr/local/nginx/conf/vhost
fi
elif [ "${Get_Stack}" == "lamp" ]; then
echo "Copy configure files..."
sleep 1
\cp ${cur_dir}/conf/lamp /bin/lnmp
chmod +x /bin/lnmp
echo "Copy configure files..."
sleep 1
if /usr/local/apache/bin/httpd -v|grep -Eqi "Apache/2.2."; then
\cp ${cur_dir}/conf/httpd22-ssl.conf /usr/local/apache/conf/extra/httpd-ssl.conf
elif /usr/local/apache/bin/httpd -v|grep -Eqi "Apache/2.4."; then
\cp ${cur_dir}/conf/httpd24-ssl.conf /usr/local/apache/conf/extra/httpd-ssl.conf
sed -i 's/^#LoadModule socache_shmcb_module/LoadModule socache_shmcb_module/g' /usr/local/apache/conf/httpd.conf
sed -i 's/^LoadModule lbmethod_heartbeat_module/#LoadModule lbmethod_heartbeat_module/g' /usr/local/apache/conf/httpd.conf
fi
if [ ! -d /usr/local/apache/conf/vhost ]; then
mkdir /usr/local/apache/conf/vhost
fi
fi
if [ "${DB_Name}" = "mariadb" ]; then
sed -i 's#/etc/init.d/mysql#/etc/init.d/mariadb#' /bin/lnmp
elif [ "${DB_Name}" = "None" ]; then
sed -i 's#/etc/init.d/mysql.*##' /bin/lnmp
fi
if [ -s /usr/local/acme.sh/acme.sh ]; then
/usr/local/acme.sh/acme.sh --upgrade
sed -i 's/cat "\$CERT_PATH"$/#cat "\$CERT_PATH"/g' /usr/local/acme.sh/acme.sh
fi
Echo_Green "upgrade lnmp manager complete."
fi