update

2023-06-08 09:34:51 +02:00 · 2023-06-08 09:34:51 +02:00 · 48a27ddf71
commit 48a27ddf71
parent be32063fdc
12 changed files with 198 additions and 49 deletions
--- a/provisioning/roles/deploy_all/files/bin/deployer.sh
+++ b/provisioning/roles/deploy_all/files/bin/deployer.sh
@ -24,6 +24,26 @@ function ipof {
 	resolv.sh "$1"
 }

+function jcservice {
+	if [ "$#" -ne 2 ] ; then
+		echo "usage: $0 <action> <service>"
+		echo "action is start/stop/reload/restart"
+		echo "service is a jc service name"
+		exit 1
+	fi
+	action="$1"
+	service="$2"
+	if [ -f "/docker/$service/install.sh" ] ; then
+	    section "Running install script"
+		. "/docker/$service/install.sh"
+		# Is $action a bash function?
+		if [ -n "$(LC_ALL=C type "$action" | head -n 1 | grep 'function')" ] ; then
+			"$action"
+		fi
+		unset -f start stop reload restart "$action"
+	fi
+}
+
 # Path to this directory
 here="$(where 'follow_links')"

@ -93,14 +113,8 @@ for dir in /docker/* ; do
            docker-compose down --rmi all --remove-orphans
 			[ -d "$HTTP_DIR" ] && rm -r "$HTTP_DIR"
        fi
-
-		# If there is an install script?
-		if [ -x "/docker/$service/install.sh" ] ; then
-    	    section "Running install script"
-			. "/docker/$service/install.sh"
-			stop
-			unset -f start stop reload restart
-		fi
+		
+		jcservice stop "$service"

 		# TODO check for leftover wg interfaces
        continue
@ -123,14 +137,7 @@ for dir in /docker/* ; do
        run docker-compose up -d --remove-orphans
    fi

-
-	# If there is an install script
-	if [ -f "/docker/$service/install.sh" ] ; then
-        section "Running install script"
-		. "/docker/$service/install.sh"
-		start
-		unset -f start stop reload restart
-	fi
+	jcservice start "$service"


 	# If there is a wireguard vpn script
--- a/provisioning/roles/deploy_all/files/bin/startwg.sh
+++ b/provisioning/roles/deploy_all/files/bin/startwg.sh
@ -0,0 +1,17 @@
+#!/bin/bash
+
+set -euo pipefail
+
+if [ "$#" -ne 1 ] ; then
+	echo "Usage: $0 <wgif>"
+	exit 1
+fi
+
+wgif="$1"
+
+if [ -z "$(ip a | grep "$wgif")" ] ; then
+	wg-quick up "$wgif"
+else
+	wg syncconf "$wgif" <(wg-quick strip "$wgif")
+fi
+
--- a/provisioning/roles/deploy_all/files/bind/db.jean-cloud.org
+++ b/provisioning/roles/deploy_all/files/bind/db.jean-cloud.org
@ -33,7 +33,7 @@ gm3._domainkey 10800 IN CNAME gm3.gandimail.net.

 ; Website classics
 webmail 10800 IN CNAME webmail.gandi.net.
-www 10800 IN CNAME jean-cloud.org.
+www 10800 IN CNAME jean-cloud.net.

 ; Machines
 vandamme                        IN      A       51.255.33.248
--- a/provisioning/roles/deploy_all/files/bind/db.karnaval.fr
+++ b/provisioning/roles/deploy_all/files/bind/db.karnaval.fr
@ -15,7 +15,8 @@ $TTL    604800
@                       IN      NS      ns4.he.net.
@                       IN      NS      ns5.he.net.

-@                       IN      A       51.178.80.171
+@                       IN      A       51.195.40.128
+@						IN		AAAA	2001:41d0:701:1100::31f


 ; Resolving nameserver
--- a/provisioning/roles/deploy_all/files/bind/db.oma-radio.fr
+++ b/provisioning/roles/deploy_all/files/bind/db.oma-radio.fr
@ -1,6 +1,6 @@
 $TTL    604800
@       IN      SOA     max.jean-cloud.org. contact.jean-cloud.org. (
-                     2023052300         ; Serial
+                     2023060100         ; Serial
                         604800         ; Refresh
                           7200         ; Retry
                        2419200         ; Expire
@ -27,18 +27,17 @@ _submission._tcp        IN      SRV     0 0 465 ssl0.ovh.net.

 ; web
@                       IN      A       51.255.33.248
-www                     IN      CNAME   vandamme.jean-cloud.net.
+www                     IN      CNAME   vandamme.jean-cloud.org.

-www.registry            IN      CNAME   nougaro.jean-cloud.net.
-registry                IN      CNAME   nougaro.jean-cloud.net.
-services                IN      CNAME   nougaro.jean-cloud.net.
+registry                IN      CNAME   montbonnot.jean-cloud.org.
+
+radionimaitre           IN      CNAME   tetede.jean-cloud.org.
+www.radionimaitre       IN      CNAME   tetede.jean-cloud.org.
+paj                     IN      CNAME   nougaro.jean-cloud.org.
+www.paj                 IN      CNAME   nougaro.jean-cloud.org.
+radiodemo               IN      CNAME   tetede.jean-cloud.org.
+radiodemo-back          IN      CNAME   montbonnot.jean-cloud.org.

-radionimaitre           IN      CNAME   tetede.jean-cloud.net.
-www.radionimaitre       IN      CNAME   tetede.jean-cloud.net.
-paj                     IN      CNAME   nougaro.jean-cloud.net.
-www.paj                 IN      CNAME   nougaro.jean-cloud.net.
-radiodemo               IN      CNAME   tetede.jean-cloud.net.
-radiodemo-back          IN      CNAME   montbonnot.jean-cloud.net.


 ;autoconfig             IN      SRV     mailconfig.ovh.net.
@ -50,15 +49,15 @@ pop3                    IN      CNAME   ssl0.ovh.net.
 stream.paj._ports       IN      TXT     9002
 control.paj._ports      IN      TXT     9492

-pa1.studios             IN      CNAME   tetede.jean-cloud.net.
-montpellier1.studios    IN      CNAME   tetede.jean-cloud.net.
+pa1.studios             IN      CNAME   tetede.jean-cloud.org.
+montpellier1.studios    IN      CNAME   tetede.jean-cloud.org.

-npm                     IN      CNAME   vandamme.jean-cloud.net.
-www.npm                 IN      CNAME   vandamme.jean-cloud.net.
+npm                     IN      CNAME   vandamme.jean-cloud.org.
+www.npm                 IN      CNAME   vandamme.jean-cloud.org.

-static                  IN      CNAME   vandamme.jean-cloud.net.
-www.static              IN      CNAME   vandamme.jean-cloud.net.
+static                  IN      CNAME   vandamme.jean-cloud.org.
+www.static              IN      CNAME   vandamme.jean-cloud.org.

-discordbot              IN      CNAME   vandamme.jean-cloud.net.
-www.discordbot          IN      CNAME   vandamme.jean-cloud.net.
+discordbot              IN      CNAME   vandamme.jean-cloud.org.
+www.discordbot          IN      CNAME   vandamme.jean-cloud.org.

--- a/services/benevoles31.karnaval.fr/.env
+++ b/services/benevoles31.karnaval.fr/.env
--- a/services/benevoles31.karnaval.fr/docker-compose.yml
+++ b/services/benevoles31.karnaval.fr/docker-compose.yml
@ -0,0 +1,62 @@
+version: '3'
+services:
+  app:
+    image: jeancloud/site-benevole:dev-karna-debian
+    environment:
+      UID: 33
+      MOUNT: /
+    volumes:
+      - /tmp/uwsgi/$JC_SERVICE:/tmp/uwsgi
+      - $DATA_DIR/assets:/usr/src/app/assets
+      - $DATA_DIR/media:/usr/src/app/media
+      - $DATA_DIR/local_settings.py:/usr/src/app/site_benevole/local_settings.py
+    restart: unless-stopped
+    networks:
+      default:
+        ipv4_address: 172.16.17.100
+
+  redis:
+    image: redis
+  db:
+    image: postgres:9.6-alpine
+    env_file: $DATA_DIR/postgres.env
+    environment:
+        POSTGRES_USER: benevoles
+        POSTGRES_DB: benevoles
+    volumes:
+      - $DATA_DIR/db:/var/lib/postgresql/data
+    networks:
+      default:
+        ipv4_address: 172.16.17.101
+          #  app2:
+          #    image: jeancloud/site-benevole:dev-karna-debian
+          #    environment:
+          #      UID: 33
+          #      MOUNT: /
+          #    volumes:
+          #      - /tmp/uwsgi/app2/$JC_SERVICE:/tmp/uwsgi
+          #      - $DATA_DIR/app2/assets:/usr/src/app/assets
+          #      - $DATA_DIR/app2/media:/usr/src/app/media
+          #      - $DATA_DIR/app2/local_settings.py:/usr/src/app/site_benevole/local_settings.py
+          #    restart: unless-stopped
+          #    networks:
+          #      default:
+          #        ipv4_address: 172.29.17.110
+          #
+          #  db2:
+          #    image: postgres:9.6-alpine
+          #    env_file: $DATA_DIR/postgres.env
+          #    environment:
+          #        POSTGRES_USER: benevoles
+          #        POSTGRES_DB: benevoles
+          #    volumes:
+          #      - $DATA_DIR/db2:/var/lib/postgresql/data
+          #    networks:
+          #      default:
+          #        ipv4_address: 172.29.17.111
+
+networks:
+  default:
+    ipam:
+      config:
+        - subnet: 172.16.17.0/24
--- a/services/benevoles31.karnaval.fr/nginx_server.conf
+++ b/services/benevoles31.karnaval.fr/nginx_server.conf
@ -0,0 +1,55 @@
+server {
+  listen 443 ssl http2;
+  listen [::]:443 ssl http2;
+  ssl_certificate /etc/letsencrypt/live/$JC_SERVICE/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/$JC_SERVICE/privkey.pem;
+  server_name $JC_SERVICE benevoles.karnaval.fr;
+
+  root $DATA_DIR/assets;
+
+  gzip on;
+  gzip_static on;
+  gzip_types application/javascript image/* text/css application/font-woff application/font-woff2;
+  gunzip on;
+
+  ssl_session_tickets off;
+  ssl_protocols TLSv1.2 TLSv1.3;
+  ssl_buffer_size 4k;
+  client_max_body_size 4M;
+
+  location / {
+    include uwsgi_params;
+    uwsgi_pass unix:/tmp/uwsgi/$JC_SERVICE/uwsgi.sock;
+  }
+
+  location = /favicon.ico {
+    root $DATA_DIR/assets/;
+  }
+  location = /favicon-admin.ico {
+    root $DATA_DIR/assets/;
+  }
+
+  location /assets/ {
+    alias $DATA_DIR/assets/;
+    access_log off;
+    sendfile   on;
+    tcp_nopush on;
+    sendfile_max_chunk 1m;
+    keepalive_timeout 65;
+    location ~* \.(jpg|jpeg|png|gif|ico|woff|woff2)$ {
+      access_log off;
+      expires 5d;
+    }
+  }
+
+  location /media/ {
+    alias $DATA_DIR/media/;
+    access_log off;
+    sendfile on;
+    tcp_nopush on;
+    sendfile_max_chunk 1m;
+    keepalive_timeout 65;
+  }
+
+
+}
--- a/services/jean-cloud.net/install.sh
+++ b/services/jean-cloud.net/install.sh
@ -9,3 +9,7 @@ start() {
 restart () {
 	start
 }
+
+stop () {
+	:
+}
--- a/services/lexicographe.jean-cloud.net/install.sh
+++ b/services/lexicographe.jean-cloud.net/install.sh
@ -10,3 +10,7 @@ start() {
 restart () {
 	start
 }
+
+stop () {
+	:
+}
--- a/services/radiodemo-back.oma-radio.fr/docker-compose.yml
+++ b/services/radiodemo-back.oma-radio.fr/docker-compose.yml
@ -1,7 +1,7 @@
 version: '3'
 services:
  ambre_mux:
-    image: registry.oma-radio.fr/mux:$OMA_DOCKER_VERSION
+    image: jeancloud/mux:$OMA_DOCKER_VERSION
    env_file: .env
    environment:
      OMA_CONFIG_Client1Host: $NET.108
@ -22,7 +22,7 @@ services:


  saphir_telecom_server:
-    image: registry.oma-radio.fr/telecom-server:$OMA_DOCKER_VERSION
+    image: jeancloud/telecom-server:$OMA_DOCKER_VERSION
    env_file: .env
    ports:
      - $TELECOM_SERVER_PORT:3490
@ -37,7 +37,7 @@ services:
          memory: 100M

  anthracite_jukebox:
-    image: registry.oma-radio.fr/jukebox:$OMA_DOCKER_VERSION
+    image: jeancloud/jukebox:$OMA_DOCKER_VERSION
    env_file: .env
    environment:
      OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -56,7 +56,7 @@ services:
          memory: 100M

  azurite_jukebox_simulator:
-    image: registry.oma-radio.fr/jukebox-simulator:$OMA_DOCKER_VERSION
+    image: jeancloud/jukebox-simulator:$OMA_DOCKER_VERSION
    env_file: .env
    environment:
      OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -73,13 +73,13 @@ services:
          memory: 100M

    #  aventurine_transcode:
-    #    image: registry.oma-radio.fr/transcode:$OMA_DOCKER_VERSION
+    #    image: jeancloud/transcode:$OMA_DOCKER_VERSION
    #    env_file: .env
    #    restart: unless-stopped


  agate_importer:
-    image: registry.oma-radio.fr/baseimport:$OMA_DOCKER_VERSION
+    image: jeancloud/baseimport:$OMA_DOCKER_VERSION
    env_file: .env
    environment:
      OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -96,7 +96,7 @@ services:
          memory: 500M

  amarante_webserver:
-    image: registry.oma-radio.fr/webserver:$OMA_DOCKER_VERSION
+    image: jeancloud/webserver:$OMA_DOCKER_VERSION
    env_file: .env
    environment:
      OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -114,7 +114,7 @@ services:
          memory: 100M

  rubis_base_mg:
-    image: registry.oma-radio.fr/base-mg:$OMA_DOCKER_VERSION
+    image: jeancloud/base-mg:$OMA_DOCKER_VERSION
    env_file: .env
    environment:
      OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -132,7 +132,7 @@ services:


  system_api:
-    image: registry.oma-radio.fr/system-api:dev
+    image: jeancloud/system-api:dev
    env_file: .env
    environment:
      OMA_CONFIG_TelecommandeHost: $NET$TELECOM
@ -167,7 +167,7 @@ services:
        ipv4_address: $NET.108

          #radioking:
-          #  image: registry.oma-radio.fr/liquidsoap:1.3.7
+          #  image: jeancloud/liquidsoap:1.3.7
          #  env_file: .env
          #  volumes:
          #    - ./radioking.liq:/radioking.liq
@ -178,7 +178,7 @@ services:
          #      ipv4_address: $NET.111

          #ammolite_mp3_addon:
-          #  image: registry.oma-radio.fr/mp3addon:$OMA_DOCKER_VERSION
+          #  image: jeancloud/mp3addon:$OMA_DOCKER_VERSION
          #  env_file: .env
          #  environment:
          #    OMA_CONFIG_TelecommandeHost: $NET.101
--- a/services/radiodemo-back.oma-radio.fr/wg-radiodemo.sh
+++ b/services/radiodemo-back.oma-radio.fr/wg-radiodemo.sh
@ -4,7 +4,7 @@ set -euo pipefail

 . .env

-[ -f "$DATA_DIR/privatekey" ] || echo 'No privatekey found' && exit 1
+[ -f "$DATA_DIR/privatekey" ] || { echo 'No privatekey found' && exit 1 ; }

 echo "
 [Interface]