You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

211 lines
7.7 KiB

#!/bin/bash
## Installing base docker-host
wget http://docker.0k.io/get/ -qO - | bash || exit 1
## shlib is now available
. /etc/shlib || {
echo "shlib is not available. Bailing out." >&2
exit 1
}
clone_or_update() {
local pkg="$1" branch=${2:-master} \
DEPLOY_PATH="/opt/apps" \
GIT_BASE="https://git.myceliandre.fr/Myceliandre" \
current_branch
if [ -d "$DEPLOY_PATH/$pkg" ]; then
cd "$DEPLOY_PATH/$pkg"
current_branch=$(git rev-parse --abbrev-ref HEAD)
if [ "$current_branch" != "$branch" ]; then
echo "Fatal: $DEPLOY_PATH/$pkg git repos has unexpected branch checkouted."
echo " To avoid changing thing, we prefer to bailout."
return 1
fi
git pull -r || return 1
else
mkdir -p "$DEPLOY_PATH" && cd "$DEPLOY_PATH"
git clone "$GIT_BASE/${pkg}" -b "$branch" --depth=1
fi
}
install_bin() {
local path="$1" DEST_PATH=/usr/local/bin
ln -sfnv "$path"/* "$DEST_PATH" || return 1
find -L "$DEST_PATH" -maxdepth 1 -type l -ilname "$path"/\* -exec rm -v {} \; || return 1
}
set -e
clone_or_update myc-manage || exit 1
install_bin /opt/apps/myc-manage/bin
clone_or_update myc-deploy || exit 1
#[ -e /etc/compose.conf ] || ln -sfv /opt/apps/myc-deploy/etc/compose.conf /etc/compose.conf
## XXXvlab: should get rid of this file in some future
cd /opt/apps/myc-deploy
if ! grep "^DEFAULT_COMPOSE_FILE=$PWD/compose.yml$" /etc/compose/local.conf >/dev/null 2>&1; then
echo "Adding CWD=$PWD to docker-compose."
cat <<EOF >> /etc/compose/local.conf
DEFAULT_COMPOSE_FILE=$PWD/compose.yml
EOF
fi
type -t docker-clean || ln -sfv /opt/apps/0k-docker/src/bin/docker-clean /usr/local/bin
if [ -z "$WITHOUT_DOCKER_CLEAN" ]; then
ln -sfn /opt/apps/0k-docker/src/bin/docker-clean /etc/cron.daily/docker-clean
fi
cd /opt/apps/myc-deploy
cat <<EOF > /root/.pgm.rc
prefix_pg_local_command=" " ## otherwise, will default to sudo -u postgres
pgpass="/srv/datastore/data/postgres/var/lib/postgresql/data/pgpass"
[ -f "\$pgpass" ] || {
echo "No '\$pgpass' found. Postgres database doesn't seem to be setup." >&2
exit 1
}
cp "\$pgpass" /root/.pgpass
PGUSER=\${PGUSER:-postgres}
if [ -z "\$PGHOST" ]; then
PGHOST=\$(docker-ip | grep postgres | xargs echo | cut -f 3 -d " ") || {
echo "No local running postgres docker found." >&2
exit 1
}
fi
export PGHOST PGUSER
EOF
# if ! [ -s /etc/ssh/vm_git_myceliandre_access_id_rsa ]; then
# curl -L --fail https://docker.0k.io/get/vm_git_myceliandre_access_id_rsa > /etc/ssh/vm_git_myceliandre_access_id_rsa || {
# echo "Fatal: Could not retrieve http://docker.0k.io/get/vm_git_myceliandre_access_id_rsa ..." >&2
# rm -f /etc/ssh/vm_git_myceliandre_access_id_rsa
# exit 1
# }
# ## Not so usefull as it is public !
# chmod 0600 /etc/ssh/vm_git_myceliandre_access_id_rsa
# fi
mkdir -p /root/.ssh
cat <<EOF >> /root/.ssh/config
Host git.myceliandre.fr
User git
IdentityFile /etc/ssh/vm_git_myceliandre_access_id_rsa
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
Port 5022
EOF
##
## We could need some docker-compose for some quick hacks
##
version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
if type -p python3 >/dev/null 2>&1 &&
! version_gt $(python3 --version | cut -f 2 -d " ") 3.9 ; then
if ! type -p docker-compose >/dev/null; then
# seems to require a C compiler
apt-get install -y build-essential libffi-dev </dev/null &&
pip install wheel==0.33.6 &&
pip install pip==19.3.1 cffi==1.12.3 subprocess32==3.5.4 texttable==1.6.2 \
pyrsistent==0.15.7 \
git+https://github.com/0k/compose@run_ignore_orphans || exit 1
## Bug after updating pip
hash -d pip || exit 1
fi
fi
if [ "$DOMAIN" ]; then
sed -ri "s/^(\s+domain:\s+).*$/\1$DOMAIN/g" compose.yml
fi
if [ "$MAIN_PASSWORD" ]; then
sed -ri "s/^(\s+admin-password:\s+).*$/\1$MAIN_PASSWORD/g" compose.yml
fi
pip install ovh ||
pip install ovh --break-system-packages || exit 1
#compose --debug up odoo apache
## Temporary work around for old images that don't want to build
docker pull docker.0k.io/php:7.4-myc && docker tag docker.0k.io/php:7.4-myc myc_frontend &&
docker pull docker.0k.io/cron:jessie && docker tag docker.0k.io/cron:jessie myc_cron &&
## Creation of an account to send notification to ntfy server
echo "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
NhAAAAAwEAAQAAAQEApGXqKYEJbv0xu/wKl1mXtiz90kZbqq7FALTZYyYqWZfsp4RtiHXi
NC7WKFiabQ1j1s8WuE0I2xJNSpzjHuWouduLQ5WtTl0PIWausMYaHam5T1I3KLVBg1QNi8
0wL5LVMD3mMoxVstQmlvYOuODZSaCS6j6ND33IS5IG11M9xwR6IcUKLKnfF5h5OQbTSiQ0
ANgw5KmYdGBQ8PUIQO0ELz0rhjJVZLADZspXLoWikNURmlYozfcSFcfOVA7AkqeMKMZd64
72WDGTd9NrAOq+hmLMKDfJXuHlKrNuqmK1jVGs/5YcSArrFyuvKOabT8AJfjBDEVtbsSeu
mN44MoH1bwAAA8hI4f+cSOH/nAAAAAdzc2gtcnNhAAABAQCkZeopgQlu/TG7/AqXWZe2LP
3SRluqrsUAtNljJipZl+ynhG2IdeI0LtYoWJptDWPWzxa4TQjbEk1KnOMe5ai524tDla1O
XQ8hZq6wxhodqblPUjcotUGDVA2LzTAvktUwPeYyjFWy1CaW9g644NlJoJLqPo0PfchLkg
bXUz3HBHohxQosqd8XmHk5BtNKJDQA2DDkqZh0YFDw9QhA7QQvPSuGMlVksANmylcuhaKQ
1RGaVijN9xIVx85UDsCSp4woxl3rjvZYMZN302sA6r6GYswoN8le4eUqs26qYrWNUaz/lh
xICusXK68o5ptPwAl+MEMRW1uxJ66Y3jgygfVvAAAAAwEAAQAAAQEAnzpm1tQ4QtvRc/Xm
fDk2jCh/n06uMl8cSFbhxvqMQkK34HiPboBfG5PRsTpAOCej78acht12Gllbq0zRXneqOH
nAJTGvrhrMMNm3kVgOq3RcG8vRyQfl8EFU7XdLmIhrHFKXx5XM22xIBCdGkyKU0o9IPMFg
9wQpH6jMH3psd3j9M7x9QwPZKujv5XMF7DrMdtwAsU/XPTHrOedxdmnVpy9hwTpygTP6Xs
TRL9CgdoIo1arZAu8M5/h8xS37IKEe4lUNr/j5tJe3d0HQ+aXCtVrD1WDyZnslPnrDr0MQ
XCbx957Kh6VJ11t8el7x21Yr0iuF+S/RSKxsiyqC3J4EAQAAAIAQabySOpcNGk/kR3A7KH
Szz3uft+c9qmt9+b5Sth+GmRKEoOO51hi3K+WrzArMJ3AyO8QGodjBAStcbFMDW5DkWxFH
0BuuXL2JTNJdn/2iBQH2bjLI68zTCrqHapI4l3kwTFUDybZP9hcdN9QrsY10rh+WiUILt7
gIB69cxQKeuAAAAIEAz7W5MrUL50A5wi7EMalR9+dIVDTvpyub7Ip6dczRyXt9Xz35mv4S
pBaK0mabJPgNP23fGoDhsXhZoDxJpGaBMCciLujVt/wJCX+vXbXwBXwMi0DC9AF/W6FGYb
GAusBeJzziXuEmQlirbKFTwkBMVOpMWvsX/DQgDjsTVKjm9u8AAACBAMqeZ17+r7602t9P
8Gie1YXde/T1vMeQAHNCOCBoiuERdM/xDyQE3EXk9Pj2LOvhEu9CskQUCkuZS4JcMO+GQz
zfqty7nmi/sAQTwPe+Gl9dnvS+dixeDmS3g+rP+hEAYhVPQgQhm0zzMvzlYk437WB+9BYk
JUr3Zp+T2t4WoOmBAAAAEm50ZnlAY29yZS0wMS4way5pbw==
-----END OPENSSH PRIVATE KEY-----" > /root/.ssh/ntfy-key
echo "|1|e3yYRMYJg0EpbOeTplTgtI+KbY4=|PotgCF8Rwt2OZFKr1CGYWpJ6FRA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH8axkuXlI2zowRvL3Vyg/qgkKK57cqX7+9WRaLm9ECWkLvaVPGunR1zVJUZdTO3gjlSkqtblTcI00BBLt+zQvE=" \
>> /root/.ssh/known_hosts
chmod 600 /root/.ssh/ntfy-key
## Request token to ntfy server and add to config file
cred=$(ssh -i /root/.ssh/ntfy-key ntfy@core-01.0k.io request-token) || >&2 echo "Error while requesting token to ntfy server"
login_ntfy=$(printf "%s" "${cred%$'\n'*}")
password_ntfy=$(printf "%s" "${cred#$'\n'*}")
## if the config file exist and LOGIN PASSWORD ARE already in we do nothing
if [ -z "$login_ntfy"] || [[ "$login_ntfy" == *$'\n'*]]; then
echo "Error: couldn’t infer credential from ntfy server" >&2;
printf "%s" "$cred" | sed -r 's/^ |/g' >&2;
exit
fi
config_file="/etc/ntfy/ntfy.conf"
mkdir -p "${config_file%/*}"
if [ -f "$config_file" ] || touch $config_file || {
echo "Error: couldn’t create config file $config_file" >&2;
exit 1
}; then
if grep -qE '^LOGIN=' "$config_file"; then
sed -i "s/^LOGIN=.*/LOGIN='$login'/" "$config_file"
else
echo "LOGIN='$login'" >> "$config_file"
fi
if grep -qE '^PASSWORD=' "$config_file"; then
sed -i "s/^PASSWORD=.*/PASSWORD='$password'/" "$config_file"
else
echo "PASSWORD='$password'" >> "$config_file"
fi
fi
## Marker to probe if this script finished it's job
echo "done" > /var/run/myc-installer.0k.io.state