adrian/jean-cloud-services
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
f7ed1c51eb
jean-cloud-services/provisioning/roles/deploy_all/files/bin/deployall.sh
Adrian Amaglio f7ed1c51eb what a piece of commit…
2023-09-07 19:50:05 +02:00

98 lines
3.0 KiB
Bash
Executable File
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
driglibash_run_retry=true
. driglibash-base
set -euo pipefail
# Already done at upload time ?
#run gen_env.sh
###############################################################################
# Variables
###############################################################################
export proxy_dir="/etc/nginx"
export nginx_conf_path="$proxy_dir/sites-enabled"
export new_nginx_conf_path="$proxy_dir/new-sites-enabled"
export certs_path="/etc/letsencrypt/live"
export dummy_cert_path="$certs_path/dummy"
###############################################################################
# Helpers
###############################################################################
# Path to this directory
here="$(where 'follow_links')"
###############################################################################
# Test system requirements
###############################################################################
[ ! -f /data/mounted ] && die "/data is not mounted"
###############################################################################
# Nginx preparation
###############################################################################
driglibash_section_prefix="[Prepare nginx] "
section "Delete new conf directory (to start from scratch)"
run rm -rf "$new_nginx_conf_path"
section "Create new conf file (for tests purposes)"
sed "s#$nginx_conf_path#$new_nginx_conf_path#" "/docker/_proxy/nginx.conf" > "$proxy_dir/new_nginx.conf"
section "Create proxy dir"
run mkdir -p "$proxy_dir" /docker /data
run chown root:root /docker
run chown root:root /data
run chmod 755 /docker
run chmod 755 /data
section "Check dummy cert exists "
#TODO check if expired
if [ ! -f "$dummy_cert_path/privkey.pem" ] ; then
echo "Dummy cert generation"
run mkdir -p "$dummy_cert_path"
run openssl req -x509 -newkey rsa:2048 -keyout /etc/letsencrypt/live/dummy/privkey.pem -out /etc/letsencrypt/live/dummy/fullchain.pem -days 365 -nodes -subj "/C=FR/ST=France/O=IT/CN=jean-cloud.net"
fi
section "Create new conf directory"
run mkdir -p "$new_nginx_conf_path"
###############################################################################
# Deploy services
###############################################################################
if [ -f "/data/unmounted" ] || [ ! -f "/data/mounted" ] ; then
die "Error: /data is not mounted."
fi
section "Start docker"
run systemctl start docker docker.socket
section "Deploy mandatory services"
deploy_service.sh deployer.jean-cloud.org noreload
while read line ; do
read -r service target <<<$(echo "$line")
# Ignore _ prefixed directories
[ "${service::1}" == '_' ] && continue
echo -n "$service -> "
[ ! -d "/docker/$service" ] && die "/docker/$service directory not found"
# Check if service target is localhost
[[ "$(getent hosts $target)" != "::1 "* ]] && echo 'Not here' && continue
echo "Deploying"
deploy_service.sh "$service" "noreload"
done < /docker/services.txt
restart_nginx.sh
clean
Reference in New Issue View Git Blame Copy Permalink