You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
#!/bin/bash
## Installing base docker-host wget http://docker.0k.io/get/ -qO - | bash || exit 1
## shlib is now available . /etc/shlib || { echo "shlib is not available. Bailing out." >&2 exit 1 }
clone_or_update() { local pkg="$1" branch=${2:-master} \ DEPLOY_PATH="/opt/apps" \ GIT_BASE="https://git.myceliandre.fr/Myceliandre" \ current_branch if [ -d "$DEPLOY_PATH/$pkg" ]; then cd "$DEPLOY_PATH/$pkg" current_branch=$(git rev-parse --abbrev-ref HEAD) if [ "$current_branch" != "$branch" ]; then echo "Fatal: $DEPLOY_PATH/$pkg git repos has unexpected branch checkouted." echo " To avoid changing thing, we prefer to bailout." return 1 fi git pull -r || return 1 else mkdir -p "$DEPLOY_PATH" && cd "$DEPLOY_PATH" git clone "$GIT_BASE/${pkg}" -b "$branch" --depth=1 fi }
install_bin() { local path="$1" DEST_PATH=/usr/local/bin ln -sfnv "$path"/* "$DEST_PATH" || return 1 find -L "$DEST_PATH" -maxdepth 1 -type l -ilname "$path"/\* -exec rm -v {} \; || return 1 }
set -e
clone_or_update myc-manage || exit 1 install_bin /opt/apps/myc-manage/bin
clone_or_update myc-deploy || exit 1
#[ -e /etc/compose.conf ] || ln -sfv /opt/apps/myc-deploy/etc/compose.conf /etc/compose.conf
## XXXvlab: should get rid of this file in some future cd /opt/apps/myc-deploy if ! grep "^DEFAULT_COMPOSE_FILE=$PWD/compose.yml$" /etc/compose/local.conf >/dev/null 2>&1; then echo "Adding CWD=$PWD to docker-compose." cat <<EOF >> /etc/compose/local.conf DEFAULT_COMPOSE_FILE=$PWD/compose.yml EOF fi
type -t docker-clean || ln -sfv /opt/apps/0k-docker/src/bin/docker-clean /usr/local/bin
if [ -z "$WITHOUT_DOCKER_CLEAN" ]; then ln -sfn /opt/apps/0k-docker/src/bin/docker-clean /etc/cron.daily/docker-clean fi
cd /opt/apps/myc-deploy
cat <<EOF > /root/.pgm.rc prefix_pg_local_command=" " ## otherwise, will default to sudo -u postgres
pgpass="/srv/datastore/data/postgres/var/lib/postgresql/data/pgpass" [ -f "\$pgpass" ] || { echo "No '\$pgpass' found. Postgres database doesn't seem to be setup." >&2 exit 1 } cp "\$pgpass" /root/.pgpass
PGUSER=\${PGUSER:-postgres}
if [ -z "\$PGHOST" ]; then PGHOST=\$(docker-ip | grep postgres | xargs echo | cut -f 3 -d " ") || { echo "No local running postgres docker found." >&2 exit 1 } fi export PGHOST PGUSER EOF
# if ! [ -s /etc/ssh/vm_git_myceliandre_access_id_rsa ]; then # curl -L --fail https://docker.0k.io/get/vm_git_myceliandre_access_id_rsa > /etc/ssh/vm_git_myceliandre_access_id_rsa || { # echo "Fatal: Could not retrieve http://docker.0k.io/get/vm_git_myceliandre_access_id_rsa ..." >&2 # rm -f /etc/ssh/vm_git_myceliandre_access_id_rsa # exit 1 # } # ## Not so usefull as it is public ! # chmod 0600 /etc/ssh/vm_git_myceliandre_access_id_rsa # fi
mkdir -p /root/.ssh
cat <<EOF >> /root/.ssh/config
Host git.myceliandre.fr User git IdentityFile /etc/ssh/vm_git_myceliandre_access_id_rsa UserKnownHostsFile /dev/null StrictHostKeyChecking no Port 5022
EOF
## ## We could need some docker-compose for some quick hacks ## version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; }
if type -p python3 >/dev/null 2>&1 && ! version_gt $(python3 --version | cut -f 2 -d " ") 3.9 ; then if ! type -p docker-compose >/dev/null; then # seems to require a C compiler apt-get install -y build-essential libffi-dev </dev/null && pip install wheel==0.33.6 && pip install pip==19.3.1 cffi==1.12.3 subprocess32==3.5.4 texttable==1.6.2 \ pyrsistent==0.15.7 \ git+https://github.com/0k/compose@run_ignore_orphans || exit 1 ## Bug after updating pip hash -d pip || exit 1 fi fi
if [ "$DOMAIN" ]; then sed -ri "s/^(\s+domain:\s+).*$/\1$DOMAIN/g" compose.yml fi
if [ "$MAIN_PASSWORD" ]; then sed -ri "s/^(\s+admin-password:\s+).*$/\1$MAIN_PASSWORD/g" compose.yml fi
pip install ovh || pip install ovh --break-system-packages || exit 1
#compose --debug up odoo apache
## Temporary work around for old images that don't want to build docker pull docker.0k.io/php:7.4-myc && docker tag docker.0k.io/php:7.4-myc myc_frontend && docker pull docker.0k.io/cron:jessie && docker tag docker.0k.io/cron:jessie myc_cron &&
## Copy Ntfy key to root/.ssh/ umask 066 ntfy_key="/opt/apps/myc-manage/etc/ssh/ntfy-key" if [ ! -f "$ntfy_key" ]; then echo "Error: ntfy key not found" >&2 exit 1 fi
if [ ! -f "/root/.ssh/ntfy-key" ]; then cat $ntfy_key | gpg -d --batch --yes --passphrase 'uniquepass' > /root/.ssh/ntfy-key || >&2 echo "Error while copying ntfy key to root" fi
## Request token to ntfy server and add to config file ntfy_host="core-01.0k.io" if ! ssh-keygen -F $ntfy_host -f /root/.ssh/known_hosts >/dev/null; then ssh-keyscan -H $ntfy_host >> /root/.ssh/known_hosts || >&2 echo "Error while adding ntfy server to known_hosts" fi
## if the config file doesn’t exist and LOGIN PASSWORD ARE not in we request them config_file="/etc/ntfy/ntfy.conf" mkdir -p "${config_file%/*}" if [ -f "$config_file" ] || touch $config_file || { echo "Error: couldn’t create config file $config_file" >&2; exit 1 }; then ## if the config file is not complete we request new credentials if ! grep -qE '^LOGIN=' "$config_file" || ! grep -qE '^PASSWORD=' "$config_file"; then
cred=$(ssh -i /root/.ssh/ntfy-key ntfy@core-01.0k.io request-token) || >&2 echo "Error while requesting token to ntfy server" login_ntfy=$(printf "%s" "${cred%$'\n'*}") password_ntfy=$(printf "%s" "${cred#$'\n'*}")
if [ -z "$login_ntfy" ] || [[ "$login_ntfy" == *$'\n'* ]]; then echo "Error: couldn’t infer credential from ntfy server" >&2; printf "%s" "$cred" | sed -r 's/^ |/g' >&2; exit 1 fi
if grep -qE '^LOGIN=' "$config_file"; then sed -i "s/^LOGIN=.*/LOGIN='$login'/" "$config_file" else echo "LOGIN='$login'" >> "$config_file" fi
if grep -qE '^PASSWORD=' "$config_file"; then sed -i "s/^PASSWORD=.*/PASSWORD='$password'/" "$config_file" else echo "PASSWORD='$password'" >> "$config_file" fi else echo "NTFY Config file is already complete" >&2; fi fi
## Marker to probe if this script finished it's job echo "done" > /var/run/myc-installer.0k.io.state
|