You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

178 lines
6.3 KiB

#!/bin/bash
. /etc/shlib
include parse
include common
include pretty
MIN_DISK_SPACE="${MIN_DISK_SPACE:-300M}"
## convert human size to bytes using numfmt
## Check remaining disk space
if [ -n "$MIN_DISK_SPACE" ]; then
min_disk_space_kbytes=$(numfmt --from=iec --to-unit=1024 "$MIN_DISK_SPACE") || {
err "Invalid format for '\$MIN_DISK_SPACE'."
exit 1
}
if ! remaining_kbytes=$(df / | awk 'NR==2 {print $4}'); then
err "Failed to get remaining disk space."
exit 1
fi
if [ "$remaining_kbytes" -lt "$min_disk_space_kbytes" ]; then
err "Not enough disk space."
human_min_dist_space=$(numfmt --to=iec --format="%.2f" --from-unit=1024 "$min_disk_space_kbytes") || {
err "Failed to convert '\$MIN_DISK_SPACE' to human readable format."
exit 1
}
human_remaining_kbytes=$(numfmt --to=iec --format="%.2f" --from-unit=1024 "$remaining_kbytes") || {
err "Failed to convert '\$remaining_kbytes' to human readable format."
exit 1
}
echo " - At least $human_min_dist_space are required." >&2
echo " - Only $human_remaining_kbytes are available." >&2
exit 1
fi
fi
start=$SECONDS
if [ -z "$NO_UPDATE" -a -d "/opt/apps/myc-manage" ]; then
MYC_UPDATE_VERSION="${MYC_UPDATE_VERSION:-master}"
Elt "Checking if myc-manage requires update..."
cd /opt/apps/myc-manage
REMOTE_HEAD="$(git ls-remote origin "refs/heads/${MYC_UPDATE_VERSION}" 2>/dev/null | cut -f 1)"
if [ -z "$REMOTE_HEAD" ]; then
err "Can't find remote branch '$MYC_UPDATE_VERSION'."
echo " - Either this branch is not available on 'origin' remote." >&2
echo " - Either 'origin' remote is not correctly set." >&2
exit 1
fi
HEAD="$(git rev-parse HEAD)"
if [ "$REMOTE_HEAD" != "$HEAD" ]; then
print_info "new version available"
Wrap -d "Update myc-manage" <<EOF || exit 1
if ! [ -d "/opt/apps/myc-manage" ]; then
mkdir -p /opt/apps && cd /opt/apps
git clone https://git.myceliandre.fr/Myceliandre/myc-manage.git -b "$MYC_UPDATE_VERSION"
else
cd /opt/apps/myc-manage &&
git checkout "$MYC_UPDATE_VERSION" &&
git pull -r || exit 1
fi
ln -sfn /opt/apps/myc-manage/bin/* /usr/local/sbin/
find -L /usr/local/sbin -maxdepth 1 -type l -ilname /opt/apps/myc-manage/bin/\* -delete
EOF
Feed || exit 1
export NO_UPDATE=1
exec myc-update
exit 0
else
print_info "up to date"
Feedback noop
fi
fi
Wrap -d "Updating 0k-charms" <<EOF || exit 1
cd /opt/apps/0k-charms
git pull -r
EOF
charm --debug apply docker-host || exit 1
## there seem to be an error now within compose when trying to download let's encrypt image.
Wrap -d "Updating some docker images" <<EOF || exit 1
docker pull docker.0k.io/letsencrypt
EOF
Wrap -d "Updating cron scripts" <<EOF || exit 1
for d in /etc/cron.{d,daily,hourly,monthly,weekly}; do
ln -sfn "/opt/apps/myc-manage\$d/"* "\$d/" &&
find -L "\$d" -maxdepth 1 -type l -ilname "/opt/apps/myc-manage\$d/"\* -delete
done
EOF
Wrap -d "Updating sysctl scripts" <<EOF || exit 1
for d in /etc/sysctl.d; do
ln -sfn "/opt/apps/myc-manage\$d/"* "\$d/" &&
find -L "\$d" -maxdepth 1 -type l -ilname "/opt/apps/myc-manage\$d/"\* -delete
done
EOF
if [ -f "/root/.bashrc" ]; then
Wrap -d "Enable colors in bash" <<'EOF' || exit 1
sed -ri 's/^# (export LS_OPTIONS=.--color=auto.)/\1/;
s/^# (eval "`dircolors`")/\1/;
s/^# (alias ls='"'ls \\\$LS_OPTIONS'"')/\1/' /root/.bashrc
EOF
fi
Wrap -d "Update authorization to send to ntfy server " <<'EOF' || exit 1
mkdir -p /root/.ssh
## Copy Ntfy key to root/.ssh/
umask 066
ntfy_key="/opt/apps/myc-manage/etc/ssh/ntfy-key"
if [ ! -f "$ntfy_key" ]; then
echo "Error: ntfy key not found" >&2
exit 1
fi
if [ ! -f "/root/.ssh/ntfy-key" ]; then
cat $ntfy_key | gpg -d --batch --yes --passphrase 'uniquepass' > /root/.ssh/ntfy-key || >&2 echo "Error while copying ntfy key to root"
fi
## Request token to ntfy server and add to config file
ntfy_host="core-01.0k.io"
if ! ssh-keygen -F $ntfy_host -f /root/.ssh/known_hosts >/dev/null; then
ssh-keyscan -H $ntfy_host >> /root/.ssh/known_hosts || >&2 echo "Error while adding ntfy server to known_hosts"
fi
## if the config file doesn’t exist and LOGIN PASSWORD ARE not in we request them
config_file="/etc/ntfy/ntfy.conf"
mkdir -p "${config_file%/*}"
if [ -f "$config_file" ] || touch $config_file || {
echo "Error: couldn’t create config file $config_file" >&2;
exit 1
}; then
## if the config file is not complete we request new credentials
if ! grep -qE '^LOGIN=' "$config_file" || ! grep -qE '^PASSWORD=' "$config_file"; then
cred=$(ssh -i /root/.ssh/ntfy-key ntfy@core-01.0k.io request-token) || >&2 echo "Error while requesting token to ntfy server"
login_ntfy=$(printf "%s" "${cred%$'\n'*}")
password_ntfy=$(printf "%s" "${cred#$'\n'*}")
if [ -z "$login_ntfy" ] || [[ "$login_ntfy" == *$'\n'* ]]; then
echo "Error: couldn’t infer credential from ntfy server" >&2;
printf "%s" "$cred" | sed -r 's/^ |/g' >&2;
exit 1
fi
if grep -qE '^LOGIN=' "$config_file"; then
sed -i "s/^LOGIN=.*/LOGIN='$login'/" "$config_file"
else
echo "LOGIN='$login'" >> "$config_file"
fi
if grep -qE '^PASSWORD=' "$config_file"; then
sed -i "s/^PASSWORD=.*/PASSWORD='$password'/" "$config_file"
else
echo "PASSWORD='$password'" >> "$config_file"
fi
else
echo "NTFY Config file is already complete" >&2;
fi
fi
EOF
for keyfile in {/root,/home/debian}/.ssh/authorized_keys; do
[ -e "$keyfile" ] || continue
sed -ri 's%^ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDri3GHzDt0Il0jv6zLjwkge48dN9tv11sqVNnKoDeUxzk4kn7Ng5ldd3p6dYL6Pa5NDqJUAhO/d/q08IWuwfEbtj8Yc/EkahcRwVD2imPceUeDgyCaOJhq7WO4c9d9yG8PnRO2\+Zk92a9L5vuELVLr4UHIQOs2/eFRY2/ODV8ebf5L1issGzfLd/IPhX5oJwMwKfqIFOP7KPQ26duHNRq4bYOD9ePW4shfxmyQDk6dSImFat05ErT\+X7703PcPx/PX2AIqqz95zqM6M26BywAohuaD5joxKgkd/mMIJylvT8GEYDlcLMHwnM7LtwtyJ1O9dkVpsibIqGy20KlAOGPf admin@0k$%ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMV3USt/BLnXnUk7rk8v42mISZaXBZuULbh2vx2Amk7k admin@old0kreplacement%g' "$keyfile"
done
printf "Update finished ${GREEN}successfully${NORMAL} ${GRAY}(in %.2fs)${NORMAL}.\n" "$((SECONDS - start))"