diff --git a/nginx.conf b/nginx.conf index aa74bb1..8d0e097 100644 --- a/nginx.conf +++ b/nginx.conf @@ -19,7 +19,7 @@ http { error_log /var/log/nginx/error.log; server_names_hash_bucket_size 128; include /etc/nginx/conf.d/*.conf; - + client_max_body_size 64M; # HIER EINFÜGEN: include /etc/nginx/conf.d/proxy_generated/*.conf; diff --git a/sync-ispconfig-proxy.sh b/sync-ispconfig-proxy.sh index cc5f46b..4ede6c1 100755 --- a/sync-ispconfig-proxy.sh +++ b/sync-ispconfig-proxy.sh @@ -1,7 +1,7 @@ #!/bin/bash # ============================================================================== -# ISPConfig Proxy Sync Script - Version 3.4 (Safe Lock & Auto-Subdomain) +# ISPConfig Proxy Sync Script - Version 3.5 (Safe Lock, Auto-Subdomain & Template) # ============================================================================== LOCKFILE="/tmp/restart.syncproxy.lock" @@ -16,6 +16,7 @@ trap 'rm -f "$LOCKFILE"' EXIT CONF_FILE="/usr/local/bin/sync-ispconfig-proxy.conf" SERVER_LIST="/usr/local/bin/proxy_based_server.conf" LAST_ID_FILE="/var/local/sync-ispconfig-last-id" +TEMPLATE_FILE="/usr/local/bin/sync-ispconfig-nginx.tpl" # --- GLOBALE VARIABLEN --- TARGET_DOMAIN="" @@ -73,38 +74,16 @@ write_nginx_config() { ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;" fi - local proxy_settings=" - proxy_set_header Host \$host; - proxy_set_header X-Real-IP \$remote_addr; - proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto \$scheme; - proxy_hide_header Upgrade; - proxy_buffer_size 128k; - proxy_buffers 4 256k; - proxy_busy_buffers_size 256k; - proxy_read_timeout 90;" - local local_root="" [ -d "/var/www/${domain}/web" ] && local_root="root /var/www/${domain}/web/; index index.php index.html;" - local path_block="" -[[ "$redirect_path" == /* && "$redirect_path" != "/urldummy/" ]] && path_block="location ${redirect_path} { $if_ssl proxy_pass http://[$target_ip]:80${redirect_path}; $proxy_settings proxy_http_version 1.1;}" - cat < "$config_path" -server { - $ssl_block - listen 80; listen [::]:80; - server_name $s_names; - $local_root - location /.well-known/acme-challenge/ { root /var/www/html; } - $if_ssl - $path_block - location / { - $( [ -n "$local_root" ] && echo "try_files \$uri \$uri/ @proxy;" || echo "proxy_pass http://[$target_ip]:80;" ) - $( [ -n "$local_root" ] || echo "$proxy_settings" ) - } - $( [ -n "$local_root" ] && echo "location @proxy { proxy_pass http://[$target_ip]:80; $proxy_settings }") -} -EOF + # Template einbinden + if [ -f "$TEMPLATE_FILE" ]; then + source "$TEMPLATE_FILE" + else + echo "Fehler: Template $TEMPLATE_FILE fehlt. Abbruch." >&2 + exit 1 + fi } main() { @@ -133,8 +112,8 @@ main() { for CURRENT_SERVER in $servers; do echo "=== Server: $CURRENT_SERVER ===" local sql_query="SELECT CONCAT_WS('|', wd.domain, IF(wd.ipv6_address != '', wd.ipv6_address, parent.ipv6_address), IFNULL(wd.redirect_path, ''), IFNULL(wd.subdomain, ''), wd.active) - FROM web_domain wd JOIN server s ON wd.server_id = s.server_id LEFT JOIN web_domain parent ON wd.parent_domain_id = parent.domain_id - WHERE TRIM(s.server_name) = TRIM('$CURRENT_SERVER') AND wd.type IN ('vhost', 'alias', 'vhostalias', 'subdomain', 'vhostsubdomain') $global_filter ORDER BY wd.domain_id ASC;" + FROM web_domain wd JOIN server s ON wd.server_id = s.server_id LEFT JOIN web_domain parent ON wd.parent_domain_id = parent.domain_id + WHERE TRIM(s.server_name) = TRIM('$CURRENT_SERVER') AND wd.type IN ('vhost', 'alias', 'vhostalias', 'subdomain', 'vhostsubdomain') $global_filter ORDER BY wd.domain_id ASC;" [ "$DEBUG_MODE" = true ] && echo "[DEBUG] Query: $sql_query" local sql_result=$(mysql -h "$DB_HOST" -u "$DB_USER" -p"$DB_PASS" "$DB_NAME" -N -B -e "$sql_query")