You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

298 lines
7.8 KiB

#!/bin/bash
set -eux
## 0k git remote path
GIT_0K_BASE=${GIT_0K_BASE:-"0k-ro:/var/git"}
## 0k git remote options
GIT_0K_CLONE_OPTIONS=${GIT_0K_CLONE_OPTIONS:-""}
NO_DOCKER_RESTART=${NO_DOCKER_RESTART:-}
##
## Install 0k-manage
##
mkdir -p /opt/apps
(
if [ -d "/opt/apps/0k-manage" ]; then
cd /opt/apps/0k-manage &&
git pull -r
else
cd /opt/apps &&
git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/0k-manage.git" &&
cd /opt/apps/0k-manage &&
git checkout 0k/prod/master
fi
## Debian 9 did not have setuptool
if [ "$(python -c 'import setuptools' 2>&1 | tail -n 1)" == "ImportError: No module named setuptools" ]; then
pip install setuptools
fi
pip install sact.epoch ||
pip install sact.epoch --break-system-packages
if [ "$(python -c 'import sact.epoch' 2>&1 | tail -n 1)" == "ImportError: No module named interface" ]; then
echo "Error: conflicting installation of zope.interface detected. Trying workaround."
(
cd /usr/local/lib/python2.7/dist-packages
mv zope zope-bad
) &&
pip install zope.interface --upgrade &&
pip install zope.component --upgrade
if [ "$(python -c 'import sact.epoch' 2>&1 | tail -n 1)" == "" ]; then
echo "Workaround worked."
else
echo "Failed work around."
exit 1
fi
fi
ln -sf /opt/apps/0k-manage/src/bin/pick2del_backups /usr/local/bin/
# ln -sf /opt/apps/0k-manage/src/bin/* /usr/local/bin/
)
##
## Remove possible previous docker-compose related stuff
##
if [ -f /etc/compose/local.conf ]; then
sed -ri 's%^(. /opt/venv/docker-compose/bin/activate)$%# \1 ## docker-compose not needed anymore%g' \
/etc/compose/local.conf
fi
##
## Install 0k-charm
##
(
apt-get install -y kal-shlib-{common,charm,cache,cmdline,config} </dev/null
if [ -d "/opt/apps/0k-charm" ]; then
cd /opt/apps/0k-charm &&
git checkout master &&
git pull -r
else
cd /opt/apps &&
git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/0k-charm.git"
fi
ln -sfn /opt/apps/0k-charm/bin/charm /usr/local/sbin/charm
)
##
## Install 0k-charms
##
(
if [ -d "/opt/apps/0k-charms" ]; then
cd /opt/apps/0k-charms &&
git checkout master &&
git pull -r
else
cd /opt/apps &&
git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/0k-charms.git"
fi
if [ -d "/srv/charm-store" ]; then
if [ -L "/srv/charm-store" ]; then
echo "Already have a valid /srv/charm-store"
elif [ -L "/srv/charm-store/0k-charms" ]; then
mv /srv/charm-store{,.old} &&
mv /srv/charm-store.old/0k-charms /srv/charm-store &&
rmdir /srv/charm-store.old
else
die "Unexpected layout of '/srv/charm-store'. Bailing out."
fi
else
ln -sfn /opt/apps/0k-charms /srv/charm-store
fi
)
##
## Install lxc-scripts
##
(
if ! [ -d "/opt/apps/lxc-scripts" ]; then
cd /opt/apps &&
git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/lxc-scripts.git"
fi
cd /opt/apps/lxc-scripts &&
git checkout master &&
git pull -r &&
ln -sfn /opt/apps/lxc-scripts/bin/lxc-* /usr/local/sbin/ &&
if [ -f /etc/default/lxc ]; then
if [ -f /etc/default/lxc.pre-install ]; then
cp /etc/default/lxc.pre-install /etc/default/lxc
else
cp /etc/default/lxc /etc/default/lxc.pre-install
fi
[ -d /usr/lib/lxc/templates ] && {
ln -sfn /opt/apps/lxc-scripts/usr/lib/lxc/templates/lxc-0k-ubuntu-cloud /usr/lib/lxc/templates/
echo TEMPLATE_PATH=/usr/lib/lxc/templates >> /etc/default/lxc
}
[ -d /usr/share/lxc/templates ] && {
ln -sfn /opt/apps/lxc-scripts/usr/lib/lxc/templates/lxc-0k-ubuntu-cloud /usr/share/lxc/templates
echo TEMPLATE_PATH=/usr/share/lxc/templates >> /etc/default/lxc
}
fi
)
##
## Install 0k-docker
##
(
apt-get install -y kal-shlib-docker jq </dev/null
if [ -d "/opt/apps/0k-docker" ]; then
cd /opt/apps/0k-docker &&
git checkout master &&
git pull -r
else
cd /opt/apps &&
git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/0k-docker"
fi
ln -sfn /opt/apps/0k-docker/src/bin/* /usr/local/sbin/
## Probably dangerous for docker only solution that do not
## rely on the same choices
#ln -sfn /opt/apps/0k-docker/src/bin/docker-clean /etc/cron.daily/docker-clean
## in update, will remove broken links to binaries that were removed
find -L /usr/local/sbin -maxdepth 1 -type l -ilname /opt/apps/0k-docker/\* -delete
)
##
## Install 0k.io certificate authority
##
## Note that docker should be installed after (or be restarted).
apt-get install -y curl </dev/null
## This does not seem to work anymore (docker v1.12, ubutnu 14.04 on gani)
ca=/etc/ssl/ca.0k.io.pem
need_restart=
oldmd5=
if [ -f "$ca" ]; then
oldmd5=$(md5sum "$ca")
fi
echo "Fetching 0k.io CA certificate..."
curl http://docker.0k.io/get/ca.0k.io.pem > "$ca"
if [[ "$(md5sum "$ca")" != "$oldmd5" ]]; then
need_restart=1
cat "$ca" >> /etc/ssl/certs/ca-certificates.crt
fi
## This is the new way: https://docs.docker.com/engine/security/certificates/
ca_ln="/etc/docker/certs.d/docker.0k.io/ca.crt"
mkdir -p "$(dirname "$ca_ln")"
if ! [ -L "$ca_ln" ] || [ "$(realpath "$ca_ln")" != "$ca" ] ; then
ln -sfn "$ca" "$ca_ln"
need_restart=1
fi
if [ -n "$need_restart" ] && [ -z "$NO_DOCKER_RESTART" ]; then
service docker restart
fi
echo "Login into our server."
docker login -u vm -p iamavm https://docker.0k.io
sed -ri 's/^#(net\.ipv4\.ip_forward=1)$/\1/g' /etc/sysctl.conf
sysctl -w net.ipv4.ip_forward=1
##
## Installation of compose
##
docker pull docker.0k.io/compose
if [ -d "/opt/apps/0k-compose" ]; then
cd "/opt/apps/0k-compose" &&
git pull -r
else
mkdir -p /opt/apps && cd /opt/apps
git clone "$GIT_0K_BASE"/0k/0k-compose.git
fi
[ -e /usr/local/bin/compose ] || ln -sfnv /opt/apps/0k-compose/bin/compose /usr/local/bin/
rm -rf /var/cache/compose
cat <<EOF > /etc/default/datastore
DATASTORE=/srv/datastore
EOF
cat <<EOF > /etc/default/compose
## if not provided, this will be the default service launched.
export DEFAULT_SERVICES=""
## In new compose (running in docker) this is not yet really supported,
## and is it wanted ?
#export DEFAULT_PROJECT_NAME=$(hostname | cut -f 2 -d . )
#DEFAULT_PROJECT_NAME=\${DEFAULT_PROJECT_NAME,,} ## to lowercase
export DOCKER_DATASTORE=\$([ -e /etc/default/datastore ] && . /etc/default/datastore && echo \$DATASTORE)
export DATASTORE=\$DOCKER_DATASTORE/data
export CONFIGSTORE=\$DOCKER_DATASTORE/config
EOF
if ! egrep "^DEFAULT_COMPOSE_FILE=" /etc/compose/local.conf >/dev/null 2>&1; then
mkdir /etc/compose -p
touch /etc/compose/local.conf
echo "DEFAULT_COMPOSE_FILE=/etc/compose/compose.yml" >> /etc/compose/local.conf
fi
##
## Install pgm
##
(
if [ -d "/opt/apps/0k-pgm" ]; then
cd /opt/apps/0k-pgm &&
git pull -r
else
cd /opt/apps &&
git clone $GIT_0K_CLONE_OPTIONS "$GIT_0K_BASE/0k/0k-pgm.git" &&
cd /opt/apps/0k-pgm &&
git checkout master
fi
ln -sfnv /opt/apps/0k-pgm/bin/* /usr/local/bin/
find -L /usr/local/bin -maxdepth 1 -type l -ilname /opt/apps/0k-pgm/bin/\* -delete
apt-get install -y pv buffer < /dev/null
apt-get install -y postgresql-client </dev/null
)
##
## Limit docker log size
##
## XXXvlab: if file changed, it would be nice to reload daemon,
## as a starter, but containers will need to be re-created to
## take effect
touch /etc/docker/daemon.json &&
yq e -i '
.log-driver = "json-file",
.log-opts = {
"max-size": "10m",
"max-file": "5"
}
' /etc/docker/daemon.json || exit 1