added script to allow hosts in iptables by domain name. added script to provision node user and nvm.

literalsands · literalsands · commit 82547a0342bd · 2017-04-19T14:45:45.000-04:00
diff --git a/allow_host.sh b/allow_host.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+DYNHOST=$1
+DYNHOST=${DYNHOST:0:28}
+DYNIP=$(host $DYNHOST | grep -iE "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+" |cut -f4 -d' '|head -n 1)
+
+# Exit if invalid IP address is returned
+case $DYNIP in
+  0.0.0.0 )
+    exit 1 ;;
+  255.255.255.255 )
+    exit 1 ;;
+esac
+
+# Exit if IP address not in proper format
+if ! [[ $DYNIP =~ (([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]) ]]; then
+  exit 1
+fi
+
+# If chain for remote doesn't exist, create it
+if ! /sbin/iptables -L $DYNHOST -n >/dev/null 2>&1 ; then
+  /sbin/iptables -N $DYNHOST >/dev/null 2>&1
+fi
+
+# Check IP address to see if the chain matches first; skip rest of script if update is not needed
+if ! /sbin/iptables -n -L $DYNHOST | grep -iE " $DYNIP " >/dev/null 2>&1 ; then
+
+  # Flush old rules, and add new
+  /sbin/iptables -F $DYNHOST >/dev/null 2>&1
+  /sbin/iptables -I $DYNHOST -s $DYNIP -j ACCEPT
+
+  # Add chain to INPUT filter if it doesn't exist
+  if ! /sbin/iptables -C INPUT -t filter -j $DYNHOST >/dev/null 2>&1 ; then
+    /sbin/iptables -t filter -I INPUT -j $DYNHOST
+  fi
+
+fi
diff --git a/provision_node_user.sh b/provision_node_user.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+# Make a new user and group, node.
+getent group node || groupadd node
+id -u node &>/dev/null || useradd node -g node
+# Put the current user in the node group.
+usermod -aG node austin
+# Own node application folder.
+mkdir -p /var/opt/node
+chown -R node:node /var/opt/node
+chmod -R 775 /var/opt/
+# Own global NPM modules.
+mkdir -p /var/local/lib/node_modules
+chown -R node:node /usr/local/lib/node_modules
+chmod -R 775 /usr/local/lib/node_modules
+# Own NVM folder.
+mkdir -p /usr/local/nvm
+chown -R node:node /usr/local/nvm
+chmod -R 775 /usr/local/nvm
diff --git a/provision_nvm.sh b/provision_nvm.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+# Install NVM
+NVM_VERSION=0.33.1
+NODE_VERSION=6.10.2
+NVM_DIR=/usr/local/nvm
+touch $HOME/.profile
+curl -o- https://raw.githubusercontent.com/creationix/nvm/v$NVM_VERSION/install.sh | bash
+npm install pm2
