You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
#!/bin/bash
. /etc/shlib
include parse include common include pretty
MIN_DISK_SPACE="${MIN_DISK_SPACE:-300M}" ## convert human size to bytes using numfmt
## Check remaining disk space if [ -n "$MIN_DISK_SPACE" ]; then min_disk_space_kbytes=$(numfmt --from=iec --to-unit=1024 "$MIN_DISK_SPACE") || { err "Invalid format for '\$MIN_DISK_SPACE'." exit 1 } if ! remaining_kbytes=$(df / | awk 'NR==2 {print $4}'); then err "Failed to get remaining disk space." exit 1 fi
if [ "$remaining_kbytes" -lt "$min_disk_space_kbytes" ]; then err "Not enough disk space." human_min_dist_space=$(numfmt --to=iec --format="%.2f" --from-unit=1024 "$min_disk_space_kbytes") || { err "Failed to convert '\$MIN_DISK_SPACE' to human readable format." exit 1 } human_remaining_kbytes=$(numfmt --to=iec --format="%.2f" --from-unit=1024 "$remaining_kbytes") || { err "Failed to convert '\$remaining_kbytes' to human readable format." exit 1 } echo " - At least $human_min_dist_space are required." >&2 echo " - Only $human_remaining_kbytes are available." >&2 exit 1 fi fi
start=$SECONDS
if [ -z "$NO_UPDATE" -a -d "/opt/apps/myc-manage" ]; then MYC_UPDATE_VERSION="${MYC_UPDATE_VERSION:-master}" Elt "Checking if myc-manage requires update..." cd /opt/apps/myc-manage REMOTE_HEAD="$(git ls-remote origin "refs/heads/${MYC_UPDATE_VERSION}" 2>/dev/null | cut -f 1)" if [ -z "$REMOTE_HEAD" ]; then err "Can't find remote branch '$MYC_UPDATE_VERSION'." echo " - Either this branch is not available on 'origin' remote." >&2 echo " - Either 'origin' remote is not correctly set." >&2 exit 1 fi HEAD="$(git rev-parse HEAD)" if [ "$REMOTE_HEAD" != "$HEAD" ]; then print_info "new version available" Wrap -d "Update myc-manage" <<EOF || exit 1 if ! [ -d "/opt/apps/myc-manage" ]; then mkdir -p /opt/apps && cd /opt/apps git clone https://git.myceliandre.fr/Myceliandre/myc-manage.git -b "$MYC_UPDATE_VERSION" else cd /opt/apps/myc-manage && git checkout "$MYC_UPDATE_VERSION" && git pull -r || exit 1 fi
ln -sfn /opt/apps/myc-manage/bin/* /usr/local/sbin/ find -L /usr/local/sbin -maxdepth 1 -type l -ilname /opt/apps/myc-manage/bin/\* -delete EOF
Feed || exit 1 export NO_UPDATE=1 exec myc-update exit 0 else print_info "up to date" Feedback noop fi fi
Wrap -d "Updating 0k-charms" <<EOF || exit 1 cd /opt/apps/0k-charms git pull -r EOF
charm --debug apply docker-host || exit 1
## there seem to be an error now within compose when trying to download let's encrypt image. Wrap -d "Updating some docker images" <<EOF || exit 1 docker pull docker.0k.io/letsencrypt EOF
Wrap -d "Updating cron scripts" <<EOF || exit 1 for d in /etc/cron.{d,daily,hourly,monthly,weekly}; do ln -sfn "/opt/apps/myc-manage\$d/"* "\$d/" && find -L "\$d" -maxdepth 1 -type l -ilname "/opt/apps/myc-manage\$d/"\* -delete done EOF
Wrap -d "Updating sysctl scripts" <<EOF || exit 1 for d in /etc/sysctl.d; do ln -sfn "/opt/apps/myc-manage\$d/"* "\$d/" && find -L "\$d" -maxdepth 1 -type l -ilname "/opt/apps/myc-manage\$d/"\* -delete done EOF
## TODO GPG decript the keys and place them # Wrap -d "Updating ssh keys" <<EOF || exit 1 # for d in /etc/ssh; do # ln -sfn "/opt/apps/myc-manage\$d/"* "\$d/" && # find -L "\$d" -maxdepth 1 -type l -ilname "/opt/apps/myc-manage\$d/"\* -delete # done # EOF
if [ -f "/root/.bashrc" ]; then Wrap -d "Enable colors in bash" <<'EOF' || exit 1 sed -ri 's/^# (export LS_OPTIONS=.--color=auto.)/\1/; s/^# (eval "`dircolors`")/\1/; s/^# (alias ls='"'ls \\\$LS_OPTIONS'"')/\1/' /root/.bashrc EOF fi
Wrap -d "Update authorization to send to ntfy server " <<'EOF' || exit 1 mkdir -p /root/.ssh ## if file /root/.ssh/ntfy-key doesn’t exist we we create the key i if [ ! -f /root/.ssh/ntfy-key ]; then echo "-----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn NhAAAAAwEAAQAAAQEApGXqKYEJbv0xu/wKl1mXtiz90kZbqq7FALTZYyYqWZfsp4RtiHXi NC7WKFiabQ1j1s8WuE0I2xJNSpzjHuWouduLQ5WtTl0PIWausMYaHam5T1I3KLVBg1QNi8 0wL5LVMD3mMoxVstQmlvYOuODZSaCS6j6ND33IS5IG11M9xwR6IcUKLKnfF5h5OQbTSiQ0 ANgw5KmYdGBQ8PUIQO0ELz0rhjJVZLADZspXLoWikNURmlYozfcSFcfOVA7AkqeMKMZd64 72WDGTd9NrAOq+hmLMKDfJXuHlKrNuqmK1jVGs/5YcSArrFyuvKOabT8AJfjBDEVtbsSeu mN44MoH1bwAAA8hI4f+cSOH/nAAAAAdzc2gtcnNhAAABAQCkZeopgQlu/TG7/AqXWZe2LP 3SRluqrsUAtNljJipZl+ynhG2IdeI0LtYoWJptDWPWzxa4TQjbEk1KnOMe5ai524tDla1O XQ8hZq6wxhodqblPUjcotUGDVA2LzTAvktUwPeYyjFWy1CaW9g644NlJoJLqPo0PfchLkg bXUz3HBHohxQosqd8XmHk5BtNKJDQA2DDkqZh0YFDw9QhA7QQvPSuGMlVksANmylcuhaKQ 1RGaVijN9xIVx85UDsCSp4woxl3rjvZYMZN302sA6r6GYswoN8le4eUqs26qYrWNUaz/lh xICusXK68o5ptPwAl+MEMRW1uxJ66Y3jgygfVvAAAAAwEAAQAAAQEAnzpm1tQ4QtvRc/Xm fDk2jCh/n06uMl8cSFbhxvqMQkK34HiPboBfG5PRsTpAOCej78acht12Gllbq0zRXneqOH nAJTGvrhrMMNm3kVgOq3RcG8vRyQfl8EFU7XdLmIhrHFKXx5XM22xIBCdGkyKU0o9IPMFg 9wQpH6jMH3psd3j9M7x9QwPZKujv5XMF7DrMdtwAsU/XPTHrOedxdmnVpy9hwTpygTP6Xs TRL9CgdoIo1arZAu8M5/h8xS37IKEe4lUNr/j5tJe3d0HQ+aXCtVrD1WDyZnslPnrDr0MQ XCbx957Kh6VJ11t8el7x21Yr0iuF+S/RSKxsiyqC3J4EAQAAAIAQabySOpcNGk/kR3A7KH Szz3uft+c9qmt9+b5Sth+GmRKEoOO51hi3K+WrzArMJ3AyO8QGodjBAStcbFMDW5DkWxFH 0BuuXL2JTNJdn/2iBQH2bjLI68zTCrqHapI4l3kwTFUDybZP9hcdN9QrsY10rh+WiUILt7 gIB69cxQKeuAAAAIEAz7W5MrUL50A5wi7EMalR9+dIVDTvpyub7Ip6dczRyXt9Xz35mv4S pBaK0mabJPgNP23fGoDhsXhZoDxJpGaBMCciLujVt/wJCX+vXbXwBXwMi0DC9AF/W6FGYb GAusBeJzziXuEmQlirbKFTwkBMVOpMWvsX/DQgDjsTVKjm9u8AAACBAMqeZ17+r7602t9P 8Gie1YXde/T1vMeQAHNCOCBoiuERdM/xDyQE3EXk9Pj2LOvhEu9CskQUCkuZS4JcMO+GQz zfqty7nmi/sAQTwPe+Gl9dnvS+dixeDmS3g+rP+hEAYhVPQgQhm0zzMvzlYk437WB+9BYk JUr3Zp+T2t4WoOmBAAAAEm50ZnlAY29yZS0wMS4way5pbw== -----END OPENSSH PRIVATE KEY-----" > /root/.ssh/ntfy-key chmod 600 /root/.ssh/ntfy-key fi if ! ssh-keygen -F core-01.0k.io &> /dev/null; then echo "|1|e3yYRMYJg0EpbOeTplTgtI+KbY4=|PotgCF8Rwt2OZFKr1CGYWpJ6FRA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH8axkuXlI2zowRvL3Vyg/qgkKK57cqX7+9WRaLm9ECWkLvaVPGunR1zVJUZdTO3gjlSkqtblTcI00BBLt+zQvE=" \ >> /root/.ssh/known_hosts fi config_file="/etc/ntfy/ntfy.conf" mkdir -p "${config_file%/*}" ## if the config file exist and LOGIN PASSWORD ARE already in we do nothing if [ -f "$config_file" ] && grep -qE '^LOGIN=|^PASSWORD=' "$config_file"; then echo "We found a configuration for ntfy server authentification located at $config_file" else cred=$(ssh -i /root/.ssh/ntfy-key ntfy@core-01.0k.io request-token) login_ntfy=$(echo $cred | awk '/^h_/{print $1; exit}') password_ntfy=$(echo $cred | awk '{print $2; exit}') if [ -f "$config_file" ]; then echo "LOGIN='$login_ntfy'" >> "$config_file" echo "PASSWORD='$password_ntfy'" >> "$config_file" else echo "LOGIN='$login_ntfy'" >> "$config_file" echo "PASSWORD='$password_ntfy'" >> "$config_file" fi fi EOF
for keyfile in {/root,/home/debian}/.ssh/authorized_keys; do [ -e "$keyfile" ] || continue sed -ri 's%^ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDri3GHzDt0Il0jv6zLjwkge48dN9tv11sqVNnKoDeUxzk4kn7Ng5ldd3p6dYL6Pa5NDqJUAhO/d/q08IWuwfEbtj8Yc/EkahcRwVD2imPceUeDgyCaOJhq7WO4c9d9yG8PnRO2\+Zk92a9L5vuELVLr4UHIQOs2/eFRY2/ODV8ebf5L1issGzfLd/IPhX5oJwMwKfqIFOP7KPQ26duHNRq4bYOD9ePW4shfxmyQDk6dSImFat05ErT\+X7703PcPx/PX2AIqqz95zqM6M26BywAohuaD5joxKgkd/mMIJylvT8GEYDlcLMHwnM7LtwtyJ1O9dkVpsibIqGy20KlAOGPf admin@0k$%ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMV3USt/BLnXnUk7rk8v42mISZaXBZuULbh2vx2Amk7k admin@old0kreplacement%g' "$keyfile" done
printf "Update finished ${GREEN}successfully${NORMAL} ${GRAY}(in %.2fs)${NORMAL}.\n" "$((SECONDS - start))"
|