2023-04-24 10:11:09 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
driglibash_run_retry=true
|
|
|
|
|
. driglibash-base
|
|
|
|
|
set -euo pipefail
|
|
|
|
|
|
2023-08-28 18:25:32 +00:00
|
|
|
run gen_env.sh
|
|
|
|
|
|
2023-04-24 10:11:09 +00:00
|
|
|
###############################################################################
|
|
|
|
|
# Variables
|
|
|
|
|
###############################################################################
|
|
|
|
|
|
2023-08-28 18:25:32 +00:00
|
|
|
export proxy_dir="/etc/nginx"
|
|
|
|
|
export nginx_conf_path="$proxy_dir/sites-enabled"
|
|
|
|
|
export new_nginx_conf_path="$proxy_dir/new-sites-enabled"
|
2023-04-24 10:11:09 +00:00
|
|
|
|
2023-08-28 18:25:32 +00:00
|
|
|
export certs_path="/etc/letsencrypt/live"
|
|
|
|
|
export dummy_cert_path="$certs_path/dummy"
|
2023-04-24 10:11:09 +00:00
|
|
|
|
|
|
|
|
###############################################################################
|
|
|
|
|
# Helpers
|
|
|
|
|
###############################################################################
|
|
|
|
|
|
|
|
|
|
# Path to this directory
|
|
|
|
|
here="$(where 'follow_links')"
|
|
|
|
|
|
|
|
|
|
# Ip4 address
|
2023-08-28 18:25:32 +00:00
|
|
|
#my_ip="$(resolv.sh "$(cat /etc/hostname)")"
|
|
|
|
|
my_ip="$(curl -4 ifconfig.me 2>/dev/null)"
|
2023-04-24 10:11:09 +00:00
|
|
|
[ -z "$my_ip" ] && yell "Unable to find my IP" && exit 1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
###############################################################################
|
|
|
|
|
# Nginx preparation
|
|
|
|
|
###############################################################################
|
|
|
|
|
|
|
|
|
|
driglibash_section_prefix="[Prepare nginx] "
|
2023-08-28 18:25:32 +00:00
|
|
|
section "Delete new conf directory (to start from scratch)"
|
2023-04-24 10:11:09 +00:00
|
|
|
run rm -rf "$new_nginx_conf_path"
|
|
|
|
|
|
|
|
|
|
section "Create new conf file (for tests purposes)"
|
|
|
|
|
sed "s#$nginx_conf_path#$new_nginx_conf_path#" "/docker/_proxy/nginx.conf" > "$proxy_dir/new_nginx.conf"
|
|
|
|
|
|
|
|
|
|
section "Create proxy dir"
|
|
|
|
|
run mkdir -p "$proxy_dir" /docker /data
|
|
|
|
|
run chown root:root /docker
|
|
|
|
|
run chown root:root /data
|
|
|
|
|
run chmod 755 /docker
|
|
|
|
|
run chmod 755 /data
|
|
|
|
|
|
|
|
|
|
section "Check dummy cert exists "
|
|
|
|
|
#TODO check if expired
|
|
|
|
|
if [ ! -f "$dummy_cert_path/privkey.pem" ] ; then
|
|
|
|
|
echo "Dummy cert generation"
|
|
|
|
|
run mkdir -p "$dummy_cert_path"
|
|
|
|
|
run openssl req -x509 -newkey rsa:2048 -keyout /etc/letsencrypt/live/dummy/privkey.pem -out /etc/letsencrypt/live/dummy/fullchain.pem -days 365 -nodes -subj "/C=FR/ST=France/O=IT/CN=jean-cloud.net"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
section "Create new conf directory"
|
|
|
|
|
run mkdir -p "$new_nginx_conf_path"
|
|
|
|
|
|
|
|
|
|
###############################################################################
|
|
|
|
|
# Deploy services
|
|
|
|
|
###############################################################################
|
|
|
|
|
|
2023-08-28 18:25:32 +00:00
|
|
|
section "Start docker"
|
|
|
|
|
run systemctl start docker docker.socket
|
|
|
|
|
|
|
|
|
|
section "Deploy mandatory services"
|
|
|
|
|
deploy_service.sh deployer.jean-cloud.org noreload
|
|
|
|
|
|
2023-04-24 10:11:09 +00:00
|
|
|
for dir in /docker/* ; do
|
|
|
|
|
service="$(basename "$dir")"
|
|
|
|
|
# Ignore _ prefixed directories
|
|
|
|
|
[ "${service::1}" == '_' ] && continue
|
2023-05-02 08:59:13 +00:00
|
|
|
[ ! -d "$dir" ] && continue
|
2023-08-28 18:25:32 +00:00
|
|
|
[[ "$(resolv.sh $service)" != *$my_ip* ]] && continue
|
|
|
|
|
deploy_service.sh "$service" "noreload"
|
2023-04-24 10:11:09 +00:00
|
|
|
|
|
|
|
|
done
|
|
|
|
|
|
2023-08-28 18:25:32 +00:00
|
|
|
restart_nginx.sh
|
2023-04-24 10:11:09 +00:00
|
|
|
|
|
|
|
|
clean
|
