脚本说明
输入域名,代理端口,及选择是否强转https生成配置文件
#!/bin/bash
#定义字体颜色
function RedFont(){
echo -e "\033[31mError: $1 \033[0m"
}
function GreenFont(){
echo -e "\033[32m$1 \033[0m"
}
function YellowFont(){
echo -e "\033[33m$1 \033[0m"
}
#判断上一次执行成功
function Status_Judge(){
if [ $? -eq 0 ];then
GreenFont "$1"
else
RedFont "$2"
exit
fi
}
server1='192.168.1.80'
server2='192.168.1.81'
server3='192.168.1.82'
current_dir=`pwd`
read -p 'please input domain name : ' domain_name
if [ -f "$current_dir/${domain_name}.conf" ]; then
RedFont "$current_dir/${domain_name}.conf exist"
exit
fi
read -p 'please input proxy server port : ' server_port
YellowFont '''
please choose a choice:
1. http
2. https
3. http to https
'''
read -p 'please input your choice : ' choice
proxy_agent_name=${domain_name%%.*}
GreenFont """
Domain name: $domain_name
server_port: $server_port
proxy_agent_name: $proxy_agent_name
nginx_file_name: $current_dir/${domain_name}.conf
"""
function add_http(){
cat > $current_dir/${domain_name}.conf << EOF
upstream ${proxy_agent_name} {
server $server1:$server_port weight=1 max_fails=2 fail_timeout=30s;
server $server2:$server_port weight=1 max_fails=2 fail_timeout=30s;
server $server3:$server_port weight=1 max_fails=2 fail_timeout=30s;
}
server {
listen 80;
server_name ${domain_name};
root /usr/local/nginx/html;
index index.html;
charset utf-8;
client_max_body_size 2048m;
error_page 500 502 503 504 /50x.html;
access_log /usr/local/nginx/logs/${domain_name}.access.log main;
error_log /usr/local/nginx/logs/${domain_name}.error.log info;
location = /50x.html {
root /usr/local/nginx/html;
}
location / {
proxy_set_header Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-Proto "http";
proxy_pass http://${proxy_agent_name};
}
}
EOF
}
function add_https(){
cat > $current_dir/${domain_name}.conf << EOF
upstream ${proxy_agent_name} {
server $server1:$server_port weight=1 max_fails=2 fail_timeout=30s;
server $server2:$server_port weight=1 max_fails=2 fail_timeout=30s;
server $server3:$server_port weight=1 max_fails=2 fail_timeout=30s;
}
server {
listen 443 ssl;
server_name ${domain_name};
root /usr/local/nginx/html;
index index.html;
charset utf-8;
client_max_body_size 2048m;
error_page 500 502 503 504 /50x.html;
access_log /usr/local/nginx/logs/${domain_name}.access.log main;
error_log /usr/local/nginx/logs/${domain_name}.error.log info;
location = /50x.html {
root /usr/local/nginx/html;
}
ssl_certificate conf.d/shuan.cn/cert.d/xxxx.pem;
ssl_certificate_key conf.d/shuan.cn/cert.d/xxx.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2; #按照这个协议配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-Proto "http";
proxy_pass http://${proxy_agent_name};
}
}
EOF
}
function add_http_to_https(){
cat > $current_dir/${domain_name}.conf << EOF
upstream ${proxy_agent_name} {
server $server1:$server_port weight=1 max_fails=2 fail_timeout=30s;
server $server2:$server_port weight=1 max_fails=2 fail_timeout=30s;
server $server3:$server_port weight=1 max_fails=2 fail_timeout=30s;
}
server {
listen 80;
server_name ${domain_name};
return 301 https://\${server_name}\${request_uri};
}
server {
listen 443 ssl;
server_name ${domain_name};
root /usr/local/nginx/html;
index index.html;
charset utf-8;
client_max_body_size 2048m;
error_page 500 502 503 504 /50x.html;
access_log /usr/local/nginx/logs/${domain_name}.access.log main;
error_log /usr/local/nginx/logs/${domain_name}.error.log info;
location = /50x.html {
root /usr/local/nginx/html;
}
ssl_certificate conf.d/shuan.cn/cert.d/xxxx.pem;
ssl_certificate_key conf.d/shuan.cn/cert.d/xxx.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2; #按照这个协议配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-Proto "http";
proxy_pass http://${proxy_agent_name};
}
}
EOF
}
case $choice in
1)
YellowFont "your choice is : http"
add_http
;;
2)
YellowFont "your choice is : https"
add_https
;;
3)
YellowFont "your choice is : http_to_https"
add_http_to_https
;;
*)
RedFont 'please input 1~3 ...'
;;
esac