Added proxy.sh

fstack/lib/nextcloud.sh

@@ -41,6 +41,10 @@ services:
       - ./data/etc/apache2/sites-enabled:/etc/apache2/sites-enabled
       - ./data/var/www/html:/var/www/html
     environment:
+      - CERT_NAME=$DOMAIN
+      - VIRTUAL_PROTO=https
+      - VIRTUAL_PORT=443
+      - VIRTUAL_HOST=nextcloud.$DOMAIN
       - SQLITE_DATABASE=db1
       - NEXTCLOUD_ADMIN_USER=nextcloud
       - NEXTCLOUD_ADMIN_PASSWORD=$ADMINPASS

fstack/lib/panel.sh

@@ -36,6 +36,10 @@ services:
     volumes:
       - ./data/root/certs:/opt/ssl
     environment:
+      - CERT_NAME=$DOMAIN
+      - VIRTUAL_PROTO=https
+      - VIRTUAL_PORT=443
+      - VIRTUAL_HOST=panel.$DOMAIN
       - SERVER_HOSTNAME=panel.$DOMAIN
       - LDAP_URI=ldap://ldap.$DOMAIN
       - LDAP_BASE_DN=dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST

fstack/lib/proxy.sh

@@ -0,0 +1,84 @@
+#!/bin/bash
+#
+# Federated Computer Proxy Service
+
+PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+config_proxy() {
+  echo -ne "\n* Configuring fstack/proxy container.."
+  spin &
+  SPINPID=$!
+
+  if [ ! -d "fstack/proxy" ]; then
+    mkdir -p fstack/proxy/data/root/certs &> /dev/null
+    cp fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/fullchain1.pem fstack/proxy/data/root/certs/$DOMAIN.crt
+    cp fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/privkey1.pem fstack/proxy/data/root/certs/$DOMAIN.key
+  fi
+
+  DOMAIN_ARRAY=(${DOMAIN//./ })
+  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
+  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
+
+cat > fstack/proxy/docker-compose.yml <<EOF
+version: '3.8'
+services:
+  proxy:
+    image: jwilder/nginx-proxy
+    container_name: proxy
+    hostname: proxy.$DOMAIN
+    domainname: $DOMAIN
+    restart: always
+    networks:
+      fstack:
+        ipv4_address: 172.99.0.16
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - ./data/root/certs:/etc/nginx/certs
+
+networks:
+  fstack:
+    external: true
+EOF
+ 
+kill -9 $SPINPID &> /dev/null
+echo -ne "done."
+}
+
+start_proxy() {
+  # Start fstack/proxy with output to /dev/null
+  echo -ne "\n* Starting fstack/proxy service.."
+  spin &
+  SPINPID=$!
+
+  if [ $DEBUG ]; then
+    # Start fstack/proxy with output to console for debug
+    docker-compose -f fstack/proxy/docker-compose.yml -p proxy up
+    [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/proxy"
+  else
+    docker-compose -f fstack/proxy/docker-compose.yml -p proxy up -d &> /dev/null
+
+    # Keep trying proxy port 443 to make sure it's up
+    # before we proceed
+    RETRY="23"
+    while [ $RETRY -gt 0 ]; do
+      nc -z 172.99.0.16 443 &> /dev/null
+      if [ $? -eq 0 ]; then
+        break
+      else
+        if [ "$RETRY" == 1 ]; then
+          docker-compose -f fstack/proxy/docker-compose.yml -p proxy down &> /dev/null
+          kill -9 $SPINPID &> /dev/null
+          fail "There was a problem starting service fstack/proxy\nCheck the output of 'docker logs proxy' or turn on\ndebug with -d"
+        fi
+        ((RETRY--))
+        sleep 7
+      fi
+    done
+  fi
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done."
+}

install-federated.sh

@@ -51,6 +51,7 @@ get_config() {
   . fstack/lib/mail.sh
   . fstack/lib/nextcloud.sh
   . fstack/lib/panel.sh
+  . fstack/lib/proxy.sh
 
   echo -ne "\nFederated Stack install script\n\n"
   read -p '* Enter domain name (domain.com): ' DOMAIN
@@ -100,6 +101,10 @@ start_nextcloud
 config_panel
 start_panel
 
+# Configure fstack/proxy container and start it
+config_proxy
+start_proxy
+
 # Print out fstack environment details
 echo -ne "\n\nInstall completed successfully.\n\n" 
 echo -ne "Certificates at fstack/dns/data/etc/letsencrypt/archive/$DOMAIN\n"