You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

298 lines
7.8 KiB

  1. #!/bin/bash
  2. set -eux
  3. ## 0k git remote path
  4. GIT_0K_BASE=${GIT_0K_BASE:-"0k-ro:/var/git"}
  5. ## 0k git remote options
  6. GIT_0K_CLONE_OPTIONS=${GIT_0K_CLONE_OPTIONS:-""}
  7. NO_DOCKER_RESTART=${NO_DOCKER_RESTART:-}
  8. ##
  9. ## Install 0k-manage
  10. ##
  11. mkdir -p /opt/apps
  12. (
  13. if [ -d "/opt/apps/0k-manage" ]; then
  14. cd /opt/apps/0k-manage &&
  15. git pull -r
  16. else
  17. cd /opt/apps &&
  18. git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/0k-manage.git" &&
  19. cd /opt/apps/0k-manage &&
  20. git checkout 0k/prod/master
  21. fi
  22. ## Debian 9 did not have setuptool
  23. if [ "$(python -c 'import setuptools' 2>&1 | tail -n 1)" == "ImportError: No module named setuptools" ]; then
  24. pip install setuptools
  25. fi
  26. pip install sact.epoch ||
  27. pip install sact.epoch --break-system-packages
  28. if [ "$(python -c 'import sact.epoch' 2>&1 | tail -n 1)" == "ImportError: No module named interface" ]; then
  29. echo "Error: conflicting installation of zope.interface detected. Trying workaround."
  30. (
  31. cd /usr/local/lib/python2.7/dist-packages
  32. mv zope zope-bad
  33. ) &&
  34. pip install zope.interface --upgrade &&
  35. pip install zope.component --upgrade
  36. if [ "$(python -c 'import sact.epoch' 2>&1 | tail -n 1)" == "" ]; then
  37. echo "Workaround worked."
  38. else
  39. echo "Failed work around."
  40. exit 1
  41. fi
  42. fi
  43. ln -sf /opt/apps/0k-manage/src/bin/pick2del_backups /usr/local/bin/
  44. # ln -sf /opt/apps/0k-manage/src/bin/* /usr/local/bin/
  45. )
  46. ##
  47. ## Remove possible previous docker-compose related stuff
  48. ##
  49. if [ -f /etc/compose/local.conf ]; then
  50. sed -ri 's%^(. /opt/venv/docker-compose/bin/activate)$%# \1 ## docker-compose not needed anymore%g' \
  51. /etc/compose/local.conf
  52. fi
  53. ##
  54. ## Install 0k-charm
  55. ##
  56. (
  57. apt-get install -y kal-shlib-{common,charm,cache,cmdline,config} </dev/null
  58. if [ -d "/opt/apps/0k-charm" ]; then
  59. cd /opt/apps/0k-charm &&
  60. git checkout master &&
  61. git pull -r
  62. else
  63. cd /opt/apps &&
  64. git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/0k-charm.git"
  65. fi
  66. ln -sfn /opt/apps/0k-charm/bin/charm /usr/local/sbin/charm
  67. )
  68. ##
  69. ## Install 0k-charms
  70. ##
  71. (
  72. if [ -d "/opt/apps/0k-charms" ]; then
  73. cd /opt/apps/0k-charms &&
  74. git checkout master &&
  75. git pull -r
  76. else
  77. cd /opt/apps &&
  78. git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/0k-charms.git"
  79. fi
  80. if [ -d "/srv/charm-store" ]; then
  81. if [ -L "/srv/charm-store" ]; then
  82. echo "Already have a valid /srv/charm-store"
  83. elif [ -L "/srv/charm-store/0k-charms" ]; then
  84. mv /srv/charm-store{,.old} &&
  85. mv /srv/charm-store.old/0k-charms /srv/charm-store &&
  86. rmdir /srv/charm-store.old
  87. else
  88. die "Unexpected layout of '/srv/charm-store'. Bailing out."
  89. fi
  90. else
  91. ln -sfn /opt/apps/0k-charms /srv/charm-store
  92. fi
  93. )
  94. ##
  95. ## Install lxc-scripts
  96. ##
  97. (
  98. if ! [ -d "/opt/apps/lxc-scripts" ]; then
  99. cd /opt/apps &&
  100. git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/lxc-scripts.git"
  101. fi
  102. cd /opt/apps/lxc-scripts &&
  103. git checkout master &&
  104. git pull -r &&
  105. ln -sfn /opt/apps/lxc-scripts/bin/lxc-* /usr/local/sbin/ &&
  106. if [ -f /etc/default/lxc ]; then
  107. if [ -f /etc/default/lxc.pre-install ]; then
  108. cp /etc/default/lxc.pre-install /etc/default/lxc
  109. else
  110. cp /etc/default/lxc /etc/default/lxc.pre-install
  111. fi
  112. [ -d /usr/lib/lxc/templates ] && {
  113. ln -sfn /opt/apps/lxc-scripts/usr/lib/lxc/templates/lxc-0k-ubuntu-cloud /usr/lib/lxc/templates/
  114. echo TEMPLATE_PATH=/usr/lib/lxc/templates >> /etc/default/lxc
  115. }
  116. [ -d /usr/share/lxc/templates ] && {
  117. ln -sfn /opt/apps/lxc-scripts/usr/lib/lxc/templates/lxc-0k-ubuntu-cloud /usr/share/lxc/templates
  118. echo TEMPLATE_PATH=/usr/share/lxc/templates >> /etc/default/lxc
  119. }
  120. fi
  121. )
  122. ##
  123. ## Install 0k-docker
  124. ##
  125. (
  126. apt-get install -y kal-shlib-docker jq </dev/null
  127. if [ -d "/opt/apps/0k-docker" ]; then
  128. cd /opt/apps/0k-docker &&
  129. git checkout master &&
  130. git pull -r
  131. else
  132. cd /opt/apps &&
  133. git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/0k-docker"
  134. fi
  135. ln -sfn /opt/apps/0k-docker/src/bin/* /usr/local/sbin/
  136. ## Probably dangerous for docker only solution that do not
  137. ## rely on the same choices
  138. #ln -sfn /opt/apps/0k-docker/src/bin/docker-clean /etc/cron.daily/docker-clean
  139. ## in update, will remove broken links to binaries that were removed
  140. find -L /usr/local/sbin -maxdepth 1 -type l -ilname /opt/apps/0k-docker/\* -delete
  141. )
  142. ##
  143. ## Install 0k.io certificate authority
  144. ##
  145. ## Note that docker should be installed after (or be restarted).
  146. apt-get install -y curl </dev/null
  147. ## This does not seem to work anymore (docker v1.12, ubutnu 14.04 on gani)
  148. ca=/etc/ssl/ca.0k.io.pem
  149. need_restart=
  150. oldmd5=
  151. if [ -f "$ca" ]; then
  152. oldmd5=$(md5sum "$ca")
  153. fi
  154. echo "Fetching 0k.io CA certificate..."
  155. curl http://docker.0k.io/get/ca.0k.io.pem > "$ca"
  156. if [[ "$(md5sum "$ca")" != "$oldmd5" ]]; then
  157. need_restart=1
  158. cat "$ca" >> /etc/ssl/certs/ca-certificates.crt
  159. fi
  160. ## This is the new way: https://docs.docker.com/engine/security/certificates/
  161. ca_ln="/etc/docker/certs.d/docker.0k.io/ca.crt"
  162. mkdir -p "$(dirname "$ca_ln")"
  163. if ! [ -L "$ca_ln" ] || [ "$(realpath "$ca_ln")" != "$ca" ] ; then
  164. ln -sfn "$ca" "$ca_ln"
  165. need_restart=1
  166. fi
  167. if [ -n "$need_restart" ] && [ -z "$NO_DOCKER_RESTART" ]; then
  168. service docker restart
  169. fi
  170. echo "Login into our server."
  171. docker login -u vm -p iamavm https://docker.0k.io
  172. sed -ri 's/^#(net\.ipv4\.ip_forward=1)$/\1/g' /etc/sysctl.conf
  173. sysctl -w net.ipv4.ip_forward=1
  174. ##
  175. ## Installation of compose
  176. ##
  177. docker pull docker.0k.io/compose
  178. if [ -d "/opt/apps/0k-compose" ]; then
  179. cd "/opt/apps/0k-compose" &&
  180. git pull -r
  181. else
  182. mkdir -p /opt/apps && cd /opt/apps
  183. git clone "$GIT_0K_BASE"/0k/0k-compose.git
  184. fi
  185. [ -e /usr/local/bin/compose ] || ln -sfnv /opt/apps/0k-compose/bin/compose /usr/local/bin/
  186. rm -rf /var/cache/compose
  187. cat <<EOF > /etc/default/datastore
  188. DATASTORE=/srv/datastore
  189. EOF
  190. cat <<EOF > /etc/default/compose
  191. ## if not provided, this will be the default service launched.
  192. export DEFAULT_SERVICES=""
  193. ## In new compose (running in docker) this is not yet really supported,
  194. ## and is it wanted ?
  195. #export DEFAULT_PROJECT_NAME=$(hostname | cut -f 2 -d . )
  196. #DEFAULT_PROJECT_NAME=\${DEFAULT_PROJECT_NAME,,} ## to lowercase
  197. export DOCKER_DATASTORE=\$([ -e /etc/default/datastore ] && . /etc/default/datastore && echo \$DATASTORE)
  198. export DATASTORE=\$DOCKER_DATASTORE/data
  199. export CONFIGSTORE=\$DOCKER_DATASTORE/config
  200. EOF
  201. if ! egrep "^DEFAULT_COMPOSE_FILE=" /etc/compose/local.conf >/dev/null 2>&1; then
  202. mkdir /etc/compose -p
  203. touch /etc/compose/local.conf
  204. echo "DEFAULT_COMPOSE_FILE=/etc/compose/compose.yml" >> /etc/compose/local.conf
  205. fi
  206. ##
  207. ## Install pgm
  208. ##
  209. (
  210. if [ -d "/opt/apps/0k-pgm" ]; then
  211. cd /opt/apps/0k-pgm &&
  212. git pull -r
  213. else
  214. cd /opt/apps &&
  215. git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/0k-pgm.git" &&
  216. cd /opt/apps/0k-pgm &&
  217. git checkout master
  218. fi
  219. ln -sfnv /opt/apps/0k-pgm/bin/* /usr/local/bin/
  220. find -L /usr/local/bin -maxdepth 1 -type l -ilname /opt/apps/0k-pgm/bin/\* -delete
  221. apt-get install -y pv buffer < /dev/null
  222. apt-get install -y postgresql-client </dev/null
  223. )
  224. ##
  225. ## Limit docker log size
  226. ##
  227. ## XXXvlab: if file changed, it would be nice to reload daemon,
  228. ## as a starter, but containers will need to be re-created to
  229. ## take effect
  230. touch /etc/docker/daemon.json &&
  231. yq e -i '
  232. .log-driver = "json-file",
  233. .log-opts = {
  234. "max-size": "10m",
  235. "max-file": "5"
  236. }
  237. ' /etc/docker/daemon.json || exit 1