#!/usr/bin/env bash # Create NPMplus proxy hosts for rpc.d-bis.org, rpc2.d-bis.org and WS variants if they don't exist. # Uses .env for NPM_URL, NPM_EMAIL, NPM_PASSWORD. Run from repo root or script dir. # Backend: VMID 2201 (192.168.11.221:8545 HTTP, :8546 WebSocket, besu-rpc-public-1). set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" # Preserve NPM credentials from environment so "export NPM_PASSWORD=...; ./script" works _orig_npm_url="${NPM_URL:-}" _orig_npm_email="${NPM_EMAIL:-}" _orig_npm_password="${NPM_PASSWORD:-}" if [ -f "$PROJECT_ROOT/.env" ]; then set +u set -a # shellcheck source=/dev/null source "$PROJECT_ROOT/.env" set +a set -u [ -n "$_orig_npm_url" ] && NPM_URL="$_orig_npm_url" [ -n "$_orig_npm_email" ] && NPM_EMAIL="$_orig_npm_email" [ -n "$_orig_npm_password" ] && NPM_PASSWORD="$_orig_npm_password" fi # Default .167: NPMplus (VMID 10233) reachable on 192.168.11.167:81; set NPM_URL in .env to override NPM_URL="${NPM_URL:-https://192.168.11.167:81}" NPM_EMAIL="${NPM_EMAIL:-admin@example.org}" NPM_PASSWORD="${NPM_PASSWORD:-}" if [ -z "$NPM_PASSWORD" ]; then echo "❌ NPM_PASSWORD is required. Set it in .env" echo " Example: NPM_PASSWORD=your-password in $PROJECT_ROOT/.env" exit 1 fi # Authenticate (use jq to build JSON so password is safely escaped) AUTH_JSON=$(jq -n --arg identity "$NPM_EMAIL" --arg secret "$NPM_PASSWORD" '{identity:$identity,secret:$secret}') TOKEN_RESPONSE=$(curl -s -k -X POST "$NPM_URL/api/tokens" \ -H "Content-Type: application/json" \ -d "$AUTH_JSON") TOKEN=$(echo "$TOKEN_RESPONSE" | jq -r '.token // empty' 2>/dev/null || true) if [ -z "$TOKEN" ] || [ "$TOKEN" = "null" ]; then echo "❌ NPMplus authentication failed. Check NPM_URL, NPM_EMAIL, NPM_PASSWORD in .env" exit 1 fi PROXY_HOSTS_JSON=$(curl -s -k -X GET "$NPM_URL/api/nginx/proxy-hosts" \ -H "Authorization: Bearer $TOKEN") # NPMplus API uses forward_host (IP string) for proxy host create/update create_if_missing() { local domain=$1 local forward_host=$2 local forward_port=$3 local scheme=$4 local websocket=$5 HOST_ID=$(echo "$PROXY_HOSTS_JSON" | jq -r ".[] | select(.domain_names | type == \"array\") | select(.domain_names[] == \"$domain\") | .id" 2>/dev/null | head -n1 || true) if [ -n "$HOST_ID" ] && [ "$HOST_ID" != "null" ]; then echo " ✓ $domain already exists (ID: $HOST_ID)" return 0 fi echo " ➕ Creating proxy host: $domain → $scheme://$forward_host:$forward_port (WebSocket: $websocket)" CREATE_PAYLOAD=$(jq -n \ --arg domain "$domain" \ --arg scheme "$scheme" \ --arg forward_host "$forward_host" \ --argjson forward_port "$forward_port" \ --argjson websocket "$([ "$websocket" = "true" ] && echo true || echo false)" \ '{ domain_names: [$domain], forward_scheme: $scheme, forward_host: $forward_host, forward_port: $forward_port, allow_websocket_upgrade: $websocket }') RESPONSE=$(curl -s -k -X POST "$NPM_URL/api/nginx/proxy-hosts" \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d "$CREATE_PAYLOAD") NEW_ID=$(echo "$RESPONSE" | jq -r '.id // empty' 2>/dev/null || true) if [ -n "$NEW_ID" ] && [ "$NEW_ID" != "null" ]; then echo " ✓ Created $domain (ID: $NEW_ID). Request SSL in NPMplus UI or run request-npmplus-certificates.sh for this host." return 0 fi ERROR=$(echo "$RESPONSE" | jq -r '.message // .error // "Unknown error"' 2>/dev/null || echo "$RESPONSE") echo " ❌ Failed to create $domain: $ERROR" return 1 } echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "🔧 Create NPMplus rpc.d-bis.org / rpc2.d-bis.org proxy hosts (from .env)" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" # rpc.d-bis.org / rpc2.d-bis.org and WS variants → VMID 2201 @ 192.168.11.221 create_if_missing "rpc.d-bis.org" "192.168.11.221" "8545" "http" "true" || true create_if_missing "rpc2.d-bis.org" "192.168.11.221" "8545" "http" "true" || true create_if_missing "ws.rpc.d-bis.org" "192.168.11.221" "8546" "http" "true" || true create_if_missing "ws.rpc2.d-bis.org" "192.168.11.221" "8546" "http" "true" || true echo "" echo "Done. Run update-npmplus-proxy-hosts-api.sh to sync forward_host/port, then request SSL in NPMplus for new hosts if needed." echo ""