d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
cc8dcaf3569561c39306964b3ed5064d92748133
proxmox/scripts/pre-check-jwt-setup.sh

146 lines
4.8 KiB
Bash
Raw Normal View History

Complete markdown files cleanup and organization - Organized 252 files across project - Root directory: 187 → 2 files (98.9% reduction) - Moved configuration guides to docs/04-configuration/ - Moved troubleshooting guides to docs/09-troubleshooting/ - Moved quick start guides to docs/01-getting-started/ - Moved reports to reports/ directory - Archived temporary files - Generated comprehensive reports and documentation - Created maintenance scripts and guides All files organized according to established standards.
2026-01-06 01:46:25 -08:00
#!/usr/bin/env bash
# Pre-flight check before running JWT authentication setup
# Verifies current state and identifies any issues
set -euo pipefail
PROXMOX_HOST="${PROXMOX_HOST:-192.168.11.10}"
VMID=2501
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
info() { echo -e "${GREEN}[✓]${NC} $1"; }
warn() { echo -e "${YELLOW}[⚠]${NC} $1"; }
error() { echo -e "${RED}[✗]${NC} $1"; }
check() { echo -e "${BLUE}[?]${NC} $1"; }
echo "=========================================="
echo "Pre-Flight Check for JWT Setup"
echo "=========================================="
echo ""
ISSUES=0
WARNINGS=0
# Check 1: Container status
check "Checking VMID $VMID status..."
STATUS=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@${PROXMOX_HOST} \
"pct status $VMID 2>/dev/null | awk '{print \$2}'" 2>/dev/null || echo "unknown")
if [[ "$STATUS" == "running" ]]; then
info "VMID $VMID is running"
else
error "VMID $VMID is not running (status: $STATUS)"
ISSUES=$((ISSUES + 1))
fi
echo ""
# Check 2: Nginx installation
check "Checking Nginx installation..."
NGINX_INSTALLED=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@${PROXMOX_HOST} \
"pct exec $VMID -- command -v nginx >/dev/null 2>&1 && echo yes || echo no" 2>/dev/null || echo "no")
if [[ "$NGINX_INSTALLED" == "yes" ]]; then
info "Nginx is installed"
else
warn "Nginx is not installed (will be installed by script)"
WARNINGS=$((WARNINGS + 1))
fi
echo ""
# Check 3: Existing Nginx config
check "Checking existing Nginx configuration..."
EXISTING_CONFIG=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@${PROXMOX_HOST} \
"pct exec $VMID -- test -f /etc/nginx/sites-available/rpc && echo yes || echo no" 2>/dev/null || echo "no")
if [[ "$EXISTING_CONFIG" == "yes" ]]; then
warn "Existing Nginx config found (/etc/nginx/sites-available/rpc)"
check "Checking domain mappings in existing config..."
DOMAINS=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@${PROXMOX_HOST} \
"pct exec $VMID -- grep -E 'server_name.*rpc-' /etc/nginx/sites-available/rpc 2>/dev/null | head -3" || echo "")
if echo "$DOMAINS" | grep -q "rpc-http-pub\|rpc-ws-pub"; then
warn "Existing config uses rpc-http-pub/rpc-ws-pub (should be on VMID 2502)"
warn "Script will create new config 'rpc-perm' for rpc-http-prv/rpc-ws-prv"
warn "Old config will be disabled but not deleted"
fi
else
info "No existing Nginx config found (clean setup)"
fi
echo ""
# Check 4: Besu configuration
check "Checking Besu configuration..."
BESU_CONFIG=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@${PROXMOX_HOST} \
"pct exec $VMID -- test -f /etc/besu/config-rpc-perm.toml && echo yes || echo no" 2>/dev/null || echo "no")
if [[ "$BESU_CONFIG" == "yes" ]]; then
info "Besu permissioned config exists (config-rpc-perm.toml)"
else
error "Besu permissioned config not found (config-rpc-perm.toml)"
ISSUES=$((ISSUES + 1))
fi
echo ""
# Check 5: SSL certificates
check "Checking SSL certificates..."
SSL_EXISTS=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@${PROXMOX_HOST} \
"pct exec $VMID -- test -f /etc/nginx/ssl/rpc.crt && echo yes || echo no" 2>/dev/null || echo "no")
if [[ "$SSL_EXISTS" == "yes" ]]; then
info "SSL certificates exist"
else
warn "SSL certificates not found (will be generated by script if needed)"
WARNINGS=$((WARNINGS + 1))
fi
echo ""
# Check 6: JWT secret (should not exist yet)
check "Checking for existing JWT secret..."
JWT_EXISTS=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@${PROXMOX_HOST} \
"pct exec $VMID -- test -f /etc/nginx/jwt_secret && echo yes || echo no" 2>/dev/null || echo "no")
if [[ "$JWT_EXISTS" == "yes" ]]; then
warn "JWT secret already exists (will be reused, not regenerated)"
WARNINGS=$((WARNINGS + 1))
else
info "No existing JWT secret (will be generated)"
fi
echo ""
# Check 7: Network connectivity
check "Checking network connectivity to Proxmox host..."
if ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@${PROXMOX_HOST} "echo test" >/dev/null 2>&1; then
info "Can connect to Proxmox host ($PROXMOX_HOST)"
else
error "Cannot connect to Proxmox host ($PROXMOX_HOST)"
ISSUES=$((ISSUES + 1))
fi
echo ""
# Summary
echo "=========================================="
echo "Summary"
echo "=========================================="
if [ $ISSUES -eq 0 ] && [ $WARNINGS -eq 0 ]; then
info "All checks passed! Ready to run configure-nginx-jwt-auth.sh"
exit 0
elif [ $ISSUES -eq 0 ]; then
warn "$WARNINGS warning(s) found, but setup can proceed"
echo ""
info "Ready to run configure-nginx-jwt-auth.sh"
exit 0
else
error "$ISSUES issue(s) found that must be resolved first"
echo ""
error "Please fix the issues above before running configure-nginx-jwt-auth.sh"
exit 1
fi
Reference in New Issue Copy Permalink