From 7a99f9108b80e3178941a5d7feb8a4fecf16a414 Mon Sep 17 00:00:00 2001 From: Emerson Rocha Luiz Date: Fri, 31 May 2019 23:48:46 -0300 Subject: [PATCH] aguia-pescadora-bravo (#16), https-para-portas-localhost (#57): criado HTTP/HTTPS para 2000, 3000, 4000, 5000, 6000, 7000, 8000, 8080, 9000 --- logbook/aguia-pescadora-bravo.sh | 54 +++++- .../PORTAS-INTERNAS.apb.etica.ai.conf | 170 ++++++++++++++++++ 2 files changed, 219 insertions(+), 5 deletions(-) create mode 100644 logbook/aguia-pescadora-bravo/etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf diff --git a/logbook/aguia-pescadora-bravo.sh b/logbook/aguia-pescadora-bravo.sh index 4ba913d..46e5843 100644 --- a/logbook/aguia-pescadora-bravo.sh +++ b/logbook/aguia-pescadora-bravo.sh @@ -53,6 +53,11 @@ exit # Send e-mail to Emerson Rocha: rocha(at)ieee.org. ################################################################################ +#------------------------------------------------------------------------------# +sudo netstat -ntulp # Portas usadas +sudo lsof -i -P -n | grep LISTEN # Portas usadas (processo & usuário) +#------------------------------------------------------------------------------# + #------------------------------------------------------------------------------# # SEÇÃO 0.1: Configuração inicial # # TL;DR: Isso é feito ao receber uma VPS do zero # @@ -348,11 +353,6 @@ sudo adduser fcomarcosmabreu sudo passwd -e fcomarcosmabreu ### fititnt -------------------------------------------------------------------- -sudo adduser fititnt -sudo passwd -e fititnt -sudo chsh -s /usr/bin/fish fititnt -sudo usermod -aG sudo fititnt - ## Dominios customizados de fititnt (já adicionados na CloudFlare) curl http://fititnt.apb.etica.ai curl http://fititnt.lb-ap.etica.ai @@ -360,6 +360,19 @@ curl http://php.fititnt.apb.etica.ai curl http://php.fititnt.lb-ap.etica.ai curl http://go.fititnt.apb.etica.ai curl http://go.fititnt.lb-ap.etica.ai +curl http://js.fititnt.apb.etica.ai +curl http://js.fititnt.lb-ap.etica.ai +## Portas (Nota: apenas portas de aplicações 'mais permanentes') +# - 0.0.0.0:62000 +# - 127.0.0.1:62001 +#------------------------------------------------------------------------------# +sudo adduser fititnt +sudo passwd -e fititnt +sudo chsh -s /usr/bin/fish fititnt +sudo usermod -aG sudo fititnt + +## Portas usadas +sudo lsof -i -P -n | grep LISTEN | grep fititnt # Aviso: descrição da razão dessaes passos esta em usuariodeteste sudo mkdir /home2/fititnt @@ -372,10 +385,14 @@ sudo -u fititnt mkdir /home2/fititnt/web sudo -u fititnt mkdir /home2/fititnt/web/public_html sudo -u fititnt mkdir /home2/fititnt/web/public_api sudo -u fititnt mkdir /home2/fititnt/web/php +sudo -u fititnt mkdir /home2/fititnt/web/js sudo -u fititnt echo "fititnt
Servidor comunitario: http://aguia-pescadora-bravo.etica.ai
Arquivo: /home2/fititnt/web/public_html/index.html" > /home2/fititnt/web/public_html/index.html sudo -u fititnt echo "fititnt
Servidor comunitario: http://aguia-pescadora-bravo.etica.ai
Arquivo: /home2/fititnt/web/php/index.php
" > /home2/fititnt/web/php/index.php +sudo -u fititnt vim /home2/fititnt/web/js/app.js +# Adicione conteudo de https://nodejs.org/en/docs/guides/getting-started-guide/ + sudo cp /etc/nginx/sites-available/EXEMPLO-USUARIO.abp.etica.ai.conf /etc/nginx/sites-available/fititnt.apb.etica.ai.conf sudo vim /etc/nginx/sites-available/fititnt.apb.etica.ai.conf @@ -647,6 +664,9 @@ sudo chown compilebot:compilebot -R /home2/compilebot #### botpress ------------------------------------------------------------------ # ISSUE: Botpress #55 https://github.com/fititnt/cplp-aiops/issues/54 # ISSUE: Chatbots / Chatops (discussão geral) #54 https://github.com/fititnt/cplp-aiops/issues/54 +# DOMINIOS: +# - botpress.apb.etica.ai +# - botpress.lb-ap.etica.ai sudo adduser botpress sudo chsh -s /usr/bin/fish botpress @@ -704,6 +724,8 @@ curl http://go.usuariodeteste.apb.etica.ai curl http://go.usuariodeteste.lb-ap.etica.ai curl http://python.usuariodeteste.apb.etica.ai curl http://python.usuariodeteste.lb-ap.etica.ai +curl http://js.usuariodeteste.apb.etica.ai +curl http://js.usuariodeteste.lb-ap.etica.ai ## Certificado HTTPS para usuariodeteste # Linha de comando para obter certificados. Automaticamente já edita configurações do NGinx @@ -1485,6 +1507,28 @@ sudo systemctl reload nginx # Em geral o principal motivo de erro serão permissões de arquivo e de # diretório até o respectivo arquivo +### Portas internas ____________________________________________________________ +# Subdomínios padronizados com HTTP/HTTPS para portas comuns +# ISSUE: https://github.com/fititnt/cplp-aiops/issues/57 + +vim /etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf +# Adicione as configurações desejadas neste servidor no arquivo acima... +sudo ln -s /etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf /etc/nginx/sites-enabled/ +sudo nginx -t +sudo systemctl reload nginx + +sudo certbot --nginx \ + -d 2000.apb.etica.ai \ + -d 3000.apb.etica.ai \ + -d 4000.apb.etica.ai \ + -d 5000.apb.etica.ai \ + -d 6000.apb.etica.ai \ + -d 7000.apb.etica.ai \ + -d 8000.apb.etica.ai \ + -d 8080.apb.etica.ai \ + -d 8888.apb.etica.ai \ + -d 9000.apb.etica.ai + #------------------------------------------------------------------------------# # SEÇÃO: ADMINISTRAÇÃO DO DIA A DIA # # TL;DR: Atalhos para algumas rotinas comuns do dia a dia de administrador de # diff --git a/logbook/aguia-pescadora-bravo/etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf b/logbook/aguia-pescadora-bravo/etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf new file mode 100644 index 0000000..052a41d --- /dev/null +++ b/logbook/aguia-pescadora-bravo/etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf @@ -0,0 +1,170 @@ +server { + listen 80; + listen [::]:80; + server_name 2000.apb.etica.ai 2000.lb-ap.etica.ai; + location / { + proxy_ignore_client_abort on; + proxy_pass http://127.0.0.1:2000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apb.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apb.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 3000.apb.etica.ai 3000.lb-ap.etica.ai; + location / { + proxy_ignore_client_abort on; + proxy_pass http://127.0.0.1:3000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apb.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apb.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 4000.apb.etica.ai 4000.lb-ap.etica.ai; + location / { + proxy_ignore_client_abort on; + proxy_pass http://127.0.0.1:4000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apb.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apb.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 5000.apb.etica.ai 5000.lb-ap.etica.ai; + location / { + proxy_ignore_client_abort on; + proxy_pass http://127.0.0.1:5000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apb.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apb.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 6000.apb.etica.ai 6000.lb-ap.etica.ai; + location / { + proxy_ignore_client_abort on; + proxy_pass http://127.0.0.1:6000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apb.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apb.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 7000.apb.etica.ai 7000.lb-ap.etica.ai; + location / { + proxy_ignore_client_abort on; + proxy_pass http://127.0.0.1:7000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apb.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apb.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 8000.apb.etica.ai 8000.lb-ap.etica.ai; + location / { + proxy_ignore_client_abort on; + proxy_pass http://127.0.0.1:8000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apb.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apb.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 8080.apb.etica.ai 8080.lb-ap.etica.ai; + location / { + proxy_ignore_client_abort on; + proxy_pass http://127.0.0.1:8080; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apb.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apb.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 8888.apb.etica.ai 8888.lb-ap.etica.ai; + location / { + proxy_ignore_client_abort on; + proxy_pass http://127.0.0.1:8888; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apb.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apb.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 9000.apb.etica.ai 9000.lb-ap.etica.ai; + location / { + proxy_ignore_client_abort on; + proxy_pass http://127.0.0.1:9000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apb.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apb.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} \ No newline at end of file