Table of Contents

,

Запуск предопределенных shell-команд через nginx fastcgi

bash скрипт

#!/usr/bin/env bash
set -e

LANG=C
PATH="/bin:/usr/sbin:/usr/bin:/sbin:/usr/local/bin:/usr/local/sbin"

# print header
echo -e "Content-type: text/html\n\n";

# print body/command
echo "<html><body>";

# print error
print_error() { echo "$@"; exit 1;}

# run cmd
runcmd() {
  [[ "$@" ]] || print_error "No args passed to runcmd()" # exit if no args
  bash -c "$@" 2>&1                                      # run cmd with stderr -> stdout redirection
}

##### USER MAPPING #####

# new array to store all users
declare -a users

mysqld='ps auxww | grep [m]ysqld'                            # cmd to run
users+=(${!mysqld*})                                         # push to users array

redis='ps auxww | grep [r]edis'
users+=(${!redis*})

# check for authenticated user
[[ $REMOTE_USER ]] || print_error "REMOTE_USER value not found"

# loop over users array then run cmd if known user found
for user in ${users[@]}
do
  [[ $REMOTE_USER == $user ]] && { runcmd "${!user}"; break; }
done

echo "</body></html>";

конфиг nginx

    location / {
      gzip off;

      auth_basic              "auth";
      auth_basic_user_file    /etc/nginx/conf.d/mydomain.tld.htpasswd;

      root /home/http/mydomain.tld/html;

      fastcgi_param DOCUMENT_ROOT /home/http/mydomain.tld/html;
      fastcgi_param SCRIPT_NAME   runme.sh;
      fastcgi_param REMOTE_USER $remote_user;

      fastcgi_pass  unix:/var/run/fcgiwrap.socket;

      include /etc/nginx/fastcgi_params;

      fastcgi_param SCRIPT_FILENAME  /home/http/mydomain.tld/html$fastcgi_script_name;
    }