#!/bin/sh # First, let us define some global variables, about where are the Apache # config files located in the directory structure VIRTUAL_HOSTS_FILE=/etc/apache/virtual.hosts2 # Make sure this one ends with an '/' WWW_ROOT_DIRECTORY=/usr/local/apache/hosts/ SERVER_ADMIN=joe@localhost.com # And now defining some routines... Ask () { echo -n >&1 "$@: " } Ok () { echo >&1 "$@: " } Warn () { echo >&1 "$@! " } File () { echo "$@" >> $VIRTUAL_HOSTS_FILE } ######################################################### # I am starting with the questions that I cannot figure out # by myself, and then I just print the defaults, and the admin # can modify them if he wants ######################################################### echo Ask "Name of the new domain (without 'www')" read domain Ask "Root directory [$WWW_ROOT_DIRECTORY$domain]" read root_directory if [ -z $root_directory ] then # The user just accepted the default path root_directory=$WWW_ROOT_DIRECTORY$domain fi # Let's verify the directory if [ ! -d $root_directory ] then Ask "Directory does not exist. Create it [Y/n]" read create_root_dir if [ ! -z $create_root_dir ] then # the user hit a key. If it's not 'n', it's by default 'y' if [ "$create_root_dir" != "n" -o "$create_root_dir" = "N" ] then create_root_dir=y fi fi fi # Now the rights section! :) Who can see this site? # The possibilities in case of restriction are: # - authentification by Auth* # - authentification by referals # - authentification by the IP/domain the user comes from echo Ok "Now some questions about who can see this site" Ask "Do you want AuthName restriction? [y/N]" read auth_restriction if [ ! -z $auth_restriction ] then # the user hit a key. If it's not 'y', it's by default 'n' if [ "$auth_restriction" = "y" -o "$auth_restriction" = "Y" ] then auth_restriction=y else auth_restriction=n fi fi # If the user wants Auth restrictioning, it must give us some infos if [ "$auth_restriction" = "y" -o "$auth_restriction" = "Y" ] then Ask "AuthName? [Password for $domain]" read AuthName if [ -z "$AuthName" ] then AuthName="Password for $domain" fi Ask "AuthUserFile? [$root_directory/.htaccess]" read AuthUserFile if [ -z "$AuthUserFile" ] then AuthUserFile="$root_directory/.htaccess" fi fi Ask "Do you want to allow Referal access? [y/N]" read referal_access if [ ! -z $referal_access ] then # the user hit a key. If it's not 'y', it's by default 'n' if [ "$referal_access" = "y" -o "$referal_access" = "Y" ] then referal_access=y else referal_access=n fi fi # If the user wants Referal access, he should give us some addresses if [ "$referal_access" = "y" -o "$referal_access" = "Y" ] then i=0 while [ "$aux" != "" -o $i -eq "0" ] do i=`expr $i + 1` Ask "Address $i (end the list with a plain 'Return')" read address$i aux="" eval aux=\$address$i done fi # Now, the third possibility, to accept a surfer because of it's IP Ask "Do you want to allow some access based on the surfer's IP or domain? [y/N]" read ip_access if [ ! -z $ip_access ] then # the user hit a key. If it's not 'y', it's by default 'n' if [ "$ip_access" = "y" -o "$ip_access" = "Y" ] then ip_access=y else ip_access=n fi fi # If the user wants IP-based access, he should give us some addresses if [ "$ip_access" = "y" -o "$ip_access" = "Y" ] then i=0 while [ "$aux" != "" -o $i -eq "0" ] do i=`expr $i + 1` Ask "Address/domain $i (end the list with a plain 'Return')" read ip$i aux="" eval aux=\$ip$i done fi # We offer to create an entry for www.$domain as well Ask "Would you also like an entry for www.$domain, with the same infos? [Y/n]" read www_entry if [ -z $www_entry ] then www_entry=y fi ##################################################################### # # Now it's time for the questions for which the user usually will # just accept the default # ##################################################################### # Server name -- for the moment, I think this is redundant, so I have commented it #Ask "Server Name [$domain]" #read server_name # #if [ -z $server_name ] # then # server_name=$domain #fi # Email of the server admin Ask "Email of server admin [$SERVER_ADMIN]" read email_admin if [ -z $email_admin ] then email_admin=$SERVER_ADMIN fi # First, ask if we need error logs or not Ask "Do you want to keep error logs? [Y/n]" read keep_error_log if [ ! -z $keep_error_log ] then # the user hit a key. If it's not 'n', it's by default 'y' if [ "$keep_error_log" = "n" -o "$keep_error_log" = "N" ] then keep_error_log=n else keep_error_log=y fi fi if [ "$keep_error_log" = "y" -o "$keep_error_log" = "Y" ] then # Error log & Custom log Ask "Error log [logs/$domain-error_log]" read error_log if [ -z $error_log ] then error_log=logs/$domain-error_log fi Ask "Custom log [logs/$domain-access_log]" read custom_log if [ -z $custom_log ] then custom_log=logs/$domain-acces_log fi fi ############################################################# # # And NOW doing the GREAT thing. Checking the directory # and making the entries in the configuration # ############################################################# # Make the root directory if [ "$create_root_dir" = "Y" -o "$create_root_dir" = "y" ] then mkdir $root_directory # verify if the directory was made. # If not, it means that mkdir was not succesfull if [ ! -d $root_directory ] then Warn "There was an error with 'mkdir'!" fi fi File "" # Starting to write in the files File "" # The 'satisfy_any' variable should be set to 1 if we need a 'Satisfy Any' # statement in the apache block. We need that if we want to # permit Auth authentification --OR-- IP-based access --OR-- Referals-access satisfy_any=0 if [ "$referal_access" = "Y" -o "$referal_access" = "y" ] then i=1 eval aux=\$address$i while [ "$aux" != "" -o "$i" -eq "0" ] do eval aux=\$address$i File " SetEnvIf Referer $aux all_right_client" i=`expr $i + 1` eval aux=\$address$i done File " SetEnvIf Referer $domain all_right_client" satisfy_any=1 fi if [ "$auth_restriction" = "y" -o "$auth_restriction" = "Y" ] then File " AuthName \"$AuthName\"" File " AuthUserFile \"$AuthUserFile\"" File " AuthGroupFile /dev/null" File " AuthType Basic" File " require valid-user" satisfy_any=1 fi if [ "$ip_access" = "y" -o "$ip_access" = "Y" ] then satisfy_any=1 fi # If $satisfy_any is set to '1', it means that we should put that line # into the apache config file if [ "$satisfy_any" = "1" ] then File " Satisfy Any" fi # If $referal_access or $ip_access is set, we should order deny,allow and # by default deny from all if [ "$referal_access" = "y" -o "$referal_access" = "Y" -o "$ip_access" = "y" -o "$ip_access" = "Y" ] then File " order deny,allow" File " deny from all" if [ "$referal_access" = "y" -o "$referal_access" = "Y" ] then File " allow from env=all_right_client" fi else File " order allow,deny" File " allow from all" fi # Things are pretty tricky here, because we have a nested structure. # First, we treat the $ip_access case, and then the case with $referal_access if [ "$ip_access" = "y" -o "$ip_access" = "Y" ] then i=1 eval aux=\$ip$i while [ "$aux" != "" -o "$i" -eq "0" ] do eval aux=\$ip$i File " allow from $aux" i=`expr $i + 1` eval aux=\$ip$i done fi File "" File "" # Now we start the structure # We can make one for $domain, and if the user agrees, one for www.$domain File "" File " ServerAdmin $email_admin" File " DocumentRoot $root_directory" File " ServerName $domain" if [ "$keep_error_log" = "y" -o "$keep_error_log" = "Y" ] then File " ErrorLog $error_log" File " CustomLog $custom_log common" fi File "" if [ "$www_entry" = "y" -o "$www_entry" = "Y" ] then File "" File "" File " ServerAdmin $email_admin" File " DocumentRoot $root_directory" File " ServerName www.$domain" if [ "$keep_error_log" = "y" -o "$keep_error_log" = "Y" ] then File " ErrorLog $error_log" File " CustomLog $custom_log common" fi File "" fi Ok "Done."