diff --git a/install.sh b/install.sh index 6b89a56..d25210e 100755 --- a/install.sh +++ b/install.sh @@ -111,6 +111,53 @@ if [ -f "${SCRIPT_DIR}/Dockerfile" ]; then BUILD_FROM_SOURCE="true" fi +# When a domain is set, check if ports 80/443 are available +PROXY_MODE="direct" # direct = Caddy handles TLS on 80/443, external = user's proxy handles TLS +if [ -n "$DOMAIN_NAME" ]; then + PORT_80_FREE=true + PORT_443_FREE=true + if ss -tlnp 2>/dev/null | grep -q ':80 ' || netstat -tlnp 2>/dev/null | grep -q ':80 '; then + PORT_80_FREE=false + fi + if ss -tlnp 2>/dev/null | grep -q ':443 ' || netstat -tlnp 2>/dev/null | grep -q ':443 '; then + PORT_443_FREE=false + fi + + if [ "$PORT_80_FREE" = "false" ] || [ "$PORT_443_FREE" = "false" ]; then + echo "" + echo -e "${YELLOW}Port 80 and/or 443 are already in use.${NC}" + echo -e "Another service (nginx, Traefik, Apache, etc.) is using these ports." + echo "" + + if [ "$NON_INTERACTIVE" = "true" ]; then + PROXY_MODE="external" + else + echo -e "Choose how to handle HTTPS for ${GREEN}${DOMAIN_NAME}${NC}:" + echo "" + echo -e " ${GREEN}1)${NC} External proxy mode (recommended)" + echo -e " Multi-PB stays on port ${MULTIPB_PORT} (HTTP only)." + echo -e " Configure your existing proxy to forward ${DOMAIN_NAME} → localhost:${MULTIPB_PORT}" + echo "" + echo -e " ${GREEN}2)${NC} Free ports 80/443 and let Multi-PB handle TLS" + echo -e " You'll need to stop the service using these ports first." + echo "" + read -p "Choice [1]: " PROXY_CHOICE + PROXY_CHOICE="${PROXY_CHOICE:-1}" + if [ "$PROXY_CHOICE" = "2" ]; then + echo "" + echo -e "${YELLOW}Please free ports 80 and 443, then re-run the installer.${NC}" + exit 0 + fi + PROXY_MODE="external" + fi + + if [ "$PROXY_MODE" = "external" ]; then + echo -e "${GREEN}Using external proxy mode.${NC}" + echo -e "Multi-PB will run on port ${MULTIPB_PORT} (HTTP). Your existing proxy handles TLS." + fi + fi +fi + echo "" echo -e "${YELLOW}Creating configuration...${NC}" @@ -147,8 +194,8 @@ cat >> "$INSTALL_DIR/docker-compose.yml" << EOF - "${MULTIPB_PORT}:25983" EOF -# Add optional ports and env vars -if [ -n "$DOMAIN_NAME" ]; then +# Only expose 80/443 if domain is set AND we're in direct mode (Caddy handles TLS) +if [ -n "$DOMAIN_NAME" ] && [ "$PROXY_MODE" = "direct" ]; then cat >> "$INSTALL_DIR/docker-compose.yml" << EOF - "80:80" - "443:443" @@ -163,8 +210,9 @@ cat >> "$INSTALL_DIR/docker-compose.yml" << EOF - MULTIPB_DATA_DIR=/var/multipb/data EOF -# Add domain env var only if set -if [ -n "$DOMAIN_NAME" ]; then +# Set MULTIPB_DOMAIN only in direct mode (Caddy handles TLS) +# In external proxy mode, Caddy stays HTTP-only on :25983 +if [ -n "$DOMAIN_NAME" ] && [ "$PROXY_MODE" = "direct" ]; then cat >> "$INSTALL_DIR/docker-compose.yml" << EOF - MULTIPB_DOMAIN=${DOMAIN_NAME} EOF @@ -188,6 +236,14 @@ echo "━━━━━━━━━━━━━━━━━━━━━━━━ echo -e " Container: ${GREEN}${CONTAINER_NAME}${NC}" echo -e " Port: ${GREEN}http://localhost:${MULTIPB_PORT}${NC}" echo -e " Data Dir: ${GREEN}${DATA_DIR}${NC}" +if [ -n "$DOMAIN_NAME" ]; then + echo -e " Domain: ${GREEN}${DOMAIN_NAME}${NC}" + if [ "$PROXY_MODE" = "external" ]; then + echo -e " TLS: ${YELLOW}External proxy (configure your proxy → localhost:${MULTIPB_PORT})${NC}" + else + echo -e " TLS: ${GREEN}Caddy (automatic HTTPS on ports 80/443)${NC}" + fi +fi if [ "$CLI_ONLY" = "true" ]; then echo -e " Mode: ${YELLOW}CLI-only (no dashboard)${NC}" fi @@ -246,6 +302,42 @@ if [[ ! "$START_NOW" =~ ^[Nn]$ ]]; then echo -e " ${BLUE}docker exec ${CONTAINER_NAME} remove-instance.sh myapp${NC}" echo "" + # Show external proxy instructions if applicable + if [ -n "$DOMAIN_NAME" ] && [ "$PROXY_MODE" = "external" ]; then + echo "" + echo -e "${YELLOW}━━━ External Proxy Setup ━━━${NC}" + echo -e "Configure your reverse proxy to forward ${GREEN}${DOMAIN_NAME}${NC} to ${GREEN}localhost:${MULTIPB_PORT}${NC}" + echo "" + echo -e "${BLUE}Nginx example:${NC}" + echo " server {" + echo " listen 80;" + echo " server_name ${DOMAIN_NAME};" + echo " location / {" + echo " proxy_pass http://127.0.0.1:${MULTIPB_PORT};" + echo " proxy_set_header Host \$host;" + echo " proxy_set_header X-Real-IP \$remote_addr;" + echo " proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;" + echo " proxy_set_header X-Forwarded-Proto \$scheme;" + echo " }" + echo " }" + echo "" + echo -e "${BLUE}Caddy example:${NC}" + echo " ${DOMAIN_NAME} {" + echo " reverse_proxy localhost:${MULTIPB_PORT}" + echo " }" + echo "" + echo -e "${BLUE}Traefik (docker labels):${NC}" + echo " Add to your docker-compose.yml under ${CONTAINER_NAME}:" + echo " labels:" + echo " - traefik.enable=true" + echo " - traefik.http.routers.multipb.rule=Host(\`${DOMAIN_NAME}\`)" + echo " - traefik.http.services.multipb.loadbalancer.server.port=25983" + echo "" + echo -e "After configuring your proxy, ${GREEN}${DOMAIN_NAME}${NC} will serve Multi-PB." + echo -e "Your proxy handles TLS — add HTTPS there (e.g. certbot for nginx, automatic for Caddy/Traefik)." + echo "" + fi + # Try to open browser (skip dashboard in CLI-only mode) if [ "$CLI_ONLY" != "true" ]; then if command -v xdg-open &> /dev/null; then