#!/bin/bash # Script to set the USE_SSL variable, presumably to 'yes' or 'no' when currently set to 'auto' and # DNS resolution fails, locking out user from webGUI. In this case, user can use console or # ssh/telnet to login and restore http or self-signed https access. # To set USE_SSL to 'no': # use_ssl no # To set USE_SSL to 'yes': # use_ssl yes USE_SSL=$(awk -F "=" '/USE_SSL/ {print $2}' /usr/local/emhttp/state/var.ini 2>/dev/null | tr -d '"') NGINX_DEFAULTURL=$(awk -F "=" '/NGINX_DEFAULTURL/ {print $2}' /usr/local/emhttp/state/nginx.ini 2>/dev/null | tr -d '"') # use_ssl is "no", nothing to do here if [[ "$USE_SSL" == "no" ]]; then echo "use_ssl is currently set to 'no'." echo "The default url is $NGINX_DEFAULTURL" echo "To enable SSL, visit Settings -> Management Access in the webGUI." exit 1 fi # use_ssl is "yes", allow downgrade to "no" if [[ "$USE_SSL" == "yes" && "$1" != "no" ]]; then echo "use_ssl is currently set to 'yes'" echo "The default url is $NGINX_DEFAULTURL" echo "To disable SSL, execute: $0 no" exit 1 fi # use_ssl is "auto", allow downgrade to "yes" or "no" if [[ "$USE_SSL" == "auto" && "$1" != "yes" && "$1" != "no" ]]; then echo "use_ssl is currently set to 'auto' (which means Strict)" echo "The default url is $NGINX_DEFAULTURL" echo "For less strict SSL, execute: $0 yes" echo "To disable SSL, execute: $0 no" exit 1 fi # final test if USE_SSL is unexpected value, should never happen. at least ensure the values of $1 are correct if [[ "$1" != "yes" && "$1" != "no" ]]; then echo "use_ssl is currently set to '$USE_SSL'" echo "The default url is $NGINX_DEFAULTURL" echo "Usage: $0 [no|yes]" exit 1 fi emcmd "USE_SSL=$1&server_name=localhost&server_addr=127.0.0.1&changePorts=Apply" [[ $? -ne 0 ]] && echo "unable to change use_ssl from '${USE_SSL}' to '$1'" && exit 1 NGINX_DEFAULTURL=$(awk -F "=" '/NGINX_DEFAULTURL/ {print $2}' /usr/local/emhttp/state/nginx.ini 2>/dev/null | tr -d '"') echo "use_ssl changed from '${USE_SSL}' to '$1'" echo "The default url is now $NGINX_DEFAULTURL" exit 0