#!/bin/bash # info: delete system IP # options: IP # # example: v-delete-sys-ip 203.0.113.1 # # This function for deleting a system IP. It does not allow to delete first IP # on interface and do not allow to delete IP which is used by a web domain. #----------------------------------------------------------# # Variables & Functions # #----------------------------------------------------------# # Argument definition ip="$1" # Includes # shellcheck source=/etc/hestiacp/hestia.conf source /etc/hestiacp/hestia.conf # shellcheck source=/usr/local/hestia/func/main.sh source $HESTIA/func/main.sh # shellcheck source=/usr/local/hestia/func/ip.sh source $HESTIA/func/ip.sh # shellcheck source=/usr/local/hestia/func/domain.sh source $HESTIA/func/domain.sh # load config file source_conf "$HESTIA/conf/hestia.conf" #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '1' "$#" 'IP' is_format_valid 'ip' is_ip_valid "$ip" is_ip_key_empty '$U_WEB_DOMAINS' is_ip_key_empty '$U_SYS_USERS' # Perform verification if read-only mode is enabled check_hestia_demo_mode #----------------------------------------------------------# # Action # #----------------------------------------------------------# # Import IP variables source "$HESTIA/data/ips/$ip" cidr="$(convert_netmask "$NETMASK")" # Get primary IP default_nic="$(ip -d -j route show | jq -r '.[] | if .dst == "default" then .dev else empty end')" primary_ipv4="$(ip -4 -d -j addr show "$default_nic" | jq -r '.[].addr_info[] | if .scope == "global" then .local else empty end' | head -n1)" # Checking primary IP on the interface interface="$(ip -d -j addr show | jq --arg IP "$ip" -r '.[] | if .addr_info[].local == $IP then .ifname else empty end')" if [ -n "$interface" ] && [ "$ip" = "$primary_ipv4" ]; then echo "Error: can't delete primary IP address" log_event "$E_FORBIDEN" "$ARGUMENTS" exit "$E_FORBIDEN" fi # Deleting system IP if [ -n "$interface" ]; then ip addr del "$ip/$cidr" dev "$interface" 2> /dev/null if [ "$?" -ne "0" ]; then echo "Error: can't delete system IP address" log_event "$E_FORBIDEN" "$ARGUMENTS" exit "$E_FORBIDEN" fi fi # Deleting startup conf on RHEL/CentOS/Fedora # Need RHEL experts to fix me if [ -e "/etc/sysconfig/network-scripts/ifcfg-$interface" ]; then rm -f /etc/sysconfig/network-scripts/ifcfg-$interface fi # Deleting startup conf on Debian/Ubuntu if [ -f "/etc/netplan/60-hestia.yaml" ]; then sed -i "/$ip/d" /etc/netplan/60-hestia.yaml if ! grep -q '-' /etc/netplan/60-hestia.yaml; then rm /etc/netplan/60-hestia.yaml fi elif [ -e "/etc/network/interfaces" ]; then ip_str="$(grep -n "$ip$" /etc/network/interfaces | cut -f1 -d:)" if [ -n "$ip_str" ]; then first_str="$((ip_str - 3))" last_str="$((ip_str + 1))" sed -i "$first_str,$last_str d" /etc/network/interfaces fi fi # Deleting Hestia IP rm -f $HESTIA/data/ips/$ip confd=$(get_conf_d_name "$WEB_SYSTEM") pconfd=$(get_conf_d_name "$PROXY_SYSTEM") # Deleting web config if [ -n "$WEB_SYSTEM" ]; then rm -f /etc/$WEB_SYSTEM/$confd/$ip.conf fi # Deleting proxy config if [ -n "$PROXY_SYSTEM" ]; then rm -f /etc/$PROXY_SYSTEM/$pconfd/$ip.conf # mod_extract_forwarded fw_conf="/etc/$WEB_SYSTEM/$pconfd/mod_extract_forwarded.conf" if [ -e "$fw_conf" ]; then ips="$(grep 'MEFaccept 127.0.0.1' "$fw_conf")" new_ips="$(echo "$ips" | sed "s/$ip//")" sed -i "s/$ips/$new_ips/g" "$fw_conf" fi # mod_rpaf rpaf_conf="/etc/$WEB_SYSTEM/mods-enabled/rpaf.conf" if [ -e "$rpaf_conf" ]; then ips="$(grep RPAFproxy_ips "$rpaf_conf")" new_ips="$(echo "$ips" | sed "s/ $ip//")" sed -i "s/$ips/$new_ips/g" "$rpaf_conf" # Remove RPAFproxy_ips line when ip list is empty [ "$(grep RPAFproxy_ips "$rpaf_conf" | sed 's/^[[:space:]]*//g')" = "RPAFproxy_ips" ] && sed -i "/RPAFproxy_ips/d" "$rpaf_conf" fi # mod_remoteip remoteip_conf="/etc/$WEB_SYSTEM/mods-enabled/remoteip.conf" if [ -e "$remoteip_conf" ]; then sed -i "/RemoteIPInternalProxy $ip\$/d" "$remoteip_conf" fi fi #----------------------------------------------------------# # Hestia # #----------------------------------------------------------# # Updating user conf if [ -n "$OWNER" ]; then decrease_user_value "$OWNER" '$IP_OWNED' fi if [ "$OWNER" = 'admin' ]; then if [ "$STATUS" = 'shared' ]; then for hestia_user in $($BIN/v-list-sys-users plain); do decrease_user_value "$hestia_user" '$IP_AVAIL' done else decrease_user_value "$OWNER" '$IP_AVAIL' fi else decrease_user_value "$OWNER" '$IP_AVAIL' fi # Restarting web server $BIN/v-restart-web check_result $? "Web restart failed" > /dev/null # Restarting proxy server if [ -n "$PROXY_SYSTEM" ]; then $BIN/v-restart-proxy check_result $? "Proxy restart failed" > /dev/null fi # Restarting firewall if [ -n "$FIREWALL_SYSTEM" ]; then $BIN/v-update-firewall fi # Logging $BIN/v-log-action "system" "Info" "System" "IP address deleted (IP: $ip)." log_event "$OK" "$ARGUMENTS" exit