MediaMetz/customer-installer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Neue Option --opnsense-port für Flexibilität

Browse Source
This commit is contained in:
wm
2026-01-18 17:28:42 +01:00
parent 8a94b6b183
commit c5d376d3ac
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
setup_nginx_proxy.sh
+10 -6
View File
@@ -29,7 +29,9 @@ die() {
# Default Configuration # Default Configuration
# ============================================================================= # =============================================================================
# OPNsense kann über Hostname ODER IP angesprochen werden # OPNsense kann über Hostname ODER IP angesprochen werden
# Port 4444 ist der Standard-Port für die OPNsense WebUI/API
OPNSENSE_HOST="${OPNSENSE_HOST:-192.168.45.1}" OPNSENSE_HOST="${OPNSENSE_HOST:-192.168.45.1}"
OPNSENSE_PORT="${OPNSENSE_PORT:-4444}"
OPNSENSE_API_KEY="${OPNSENSE_API_KEY:-cUUs80IDkQelMJVgAVK2oUoDHrQf+cQPwXoPKNd3KDIgiCiEyEfMq38UTXeY5/VO/yWtCC7k9Y9kJ0Pn}" OPNSENSE_API_KEY="${OPNSENSE_API_KEY:-cUUs80IDkQelMJVgAVK2oUoDHrQf+cQPwXoPKNd3KDIgiCiEyEfMq38UTXeY5/VO/yWtCC7k9Y9kJ0Pn}"
OPNSENSE_API_SECRET="${OPNSENSE_API_SECRET:-2egxxFYCAUjBDp0OrgbJO3NBZmR4jpDm028jeS8Nq8OtCGu/0lAxt4YXWXbdZjcFVMS0Nrhru1I2R1si}" OPNSENSE_API_SECRET="${OPNSENSE_API_SECRET:-2egxxFYCAUjBDp0OrgbJO3NBZmR4jpDm028jeS8Nq8OtCGu/0lAxt4YXWXbdZjcFVMS0Nrhru1I2R1si}"
@@ -54,6 +56,7 @@ Required options (for proxy setup):
Optional: Optional:
--opnsense-host <ip> OPNsense IP or hostname (default: 192.168.45.1) --opnsense-host <ip> OPNsense IP or hostname (default: 192.168.45.1)
--opnsense-port <port> OPNsense WebUI/API port (default: 4444)
--certificate-uuid <uuid> UUID of the SSL certificate in OPNsense --certificate-uuid <uuid> UUID of the SSL certificate in OPNsense
--list-certificates List available certificates and exit --list-certificates List available certificates and exit
--test-connection Test API connection and exit --test-connection Test API connection and exit
@@ -98,6 +101,7 @@ while [[ $# -gt 0 ]]; do
--backend-ip) BACKEND_IP="${2:-}"; shift 2 ;; --backend-ip) BACKEND_IP="${2:-}"; shift 2 ;;
--backend-port) BACKEND_PORT="${2:-}"; shift 2 ;; --backend-port) BACKEND_PORT="${2:-}"; shift 2 ;;
--opnsense-host) OPNSENSE_HOST="${2:-}"; shift 2 ;; --opnsense-host) OPNSENSE_HOST="${2:-}"; shift 2 ;;
--opnsense-port) OPNSENSE_PORT="${2:-}"; shift 2 ;;
--certificate-uuid) CERTIFICATE_UUID="${2:-}"; shift 2 ;; --certificate-uuid) CERTIFICATE_UUID="${2:-}"; shift 2 ;;
--list-certificates) LIST_CERTIFICATES="1"; shift 1 ;; --list-certificates) LIST_CERTIFICATES="1"; shift 1 ;;
--test-connection) TEST_CONNECTION="1"; shift 1 ;; --test-connection) TEST_CONNECTION="1"; shift 1 ;;
@@ -110,7 +114,7 @@ done
# ============================================================================= # =============================================================================
# API Base URL (nach Argument-Parsing setzen!) # API Base URL (nach Argument-Parsing setzen!)
# ============================================================================= # =============================================================================
API_BASE="https://${OPNSENSE_HOST}/api" API_BASE="https://${OPNSENSE_HOST}:${OPNSENSE_PORT}/api"
# ============================================================================= # =============================================================================
# API Helper Functions (MÜSSEN VOR list_certificates definiert werden!) # API Helper Functions (MÜSSEN VOR list_certificates definiert werden!)
@@ -202,17 +206,17 @@ except:
# Test API connection # Test API connection
test_connection() { test_connection() {
info "Testing API connection to OPNsense at ${OPNSENSE_HOST}..." info "Testing API connection to OPNsense at ${OPNSENSE_HOST}:${OPNSENSE_PORT}..."
local response local response
response=$(api_request "GET" "/core/firmware/status") response=$(api_request "GET" "/core/firmware/status")
if echo "$response" | python3 -c "import json,sys; d=json.load(sys.stdin); print('OK' if 'product' in d or 'status' in d else 'FAIL')" 2>/dev/null | grep -q "OK"; then if echo "$response" | python3 -c "import json,sys; d=json.load(sys.stdin); print('OK' if 'product' in d or 'status' in d else 'FAIL')" 2>/dev/null | grep -q "OK"; then
echo "✓ API connection successful to ${OPNSENSE_HOST}" echo "✓ API connection successful to ${OPNSENSE_HOST}:${OPNSENSE_PORT}"
echo "Response: $(echo "$response" | python3 -c "import json,sys; d=json.load(sys.stdin); print(json.dumps(d, indent=2)[:500])" 2>/dev/null || echo "$response")" echo "Response: $(echo "$response" | python3 -c "import json,sys; d=json.load(sys.stdin); print(json.dumps(d, indent=2)[:500])" 2>/dev/null || echo "$response")"
return 0 return 0
else else
echo "✗ API connection failed to ${OPNSENSE_HOST}" echo "✗ API connection failed to ${OPNSENSE_HOST}:${OPNSENSE_PORT}"
echo "Response: $response" echo "Response: $response"
return 1 return 1
fi fi
@@ -220,12 +224,12 @@ test_connection() {
# List available certificates # List available certificates
list_certificates() { list_certificates() {
info "Fetching available certificates from OPNsense at ${OPNSENSE_HOST}..." info "Fetching available certificates from OPNsense at ${OPNSENSE_HOST}:${OPNSENSE_PORT}..."
local response local response
response=$(api_request "GET" "/trust/cert/search") response=$(api_request "GET" "/trust/cert/search")
echo "Available SSL Certificates in OPNsense (${OPNSENSE_HOST}):" echo "Available SSL Certificates in OPNsense (${OPNSENSE_HOST}:${OPNSENSE_PORT}):"
echo "============================================================" echo "============================================================"
echo "$response" | python3 -c " echo "$response" | python3 -c "
import json, sys import json, sys