From 1bdca5a2d87d5deca67b0b699c93a684ec199d8a Mon Sep 17 00:00:00 2001 From: Derek Crudgington Date: Fri, 3 Mar 2023 14:14:47 +0000 Subject: [PATCH] Merged checks into functions, switched services over to start_service, added os and memory check, other random fixes --- bin/install-federated.sh | 5 +- lib/checks.sh | 107 ------------------------------------ lib/functions.sh | 113 ++++++++++++++++++++++++++++++++++++++- lib/listmonk.sh | 33 +----------- lib/vaultwarden.sh | 33 +----------- lib/wireguard.sh | 33 +----------- 6 files changed, 119 insertions(+), 205 deletions(-) delete mode 100644 lib/checks.sh diff --git a/bin/install-federated.sh b/bin/install-federated.sh index 91b6169..5a64157 100755 --- a/bin/install-federated.sh +++ b/bin/install-federated.sh @@ -18,7 +18,6 @@ get_config() { # fi # done - . /federated/lib/checks.sh . /federated/lib/network.sh . /federated/lib/dns.sh . /federated/lib/postgresql.sh @@ -72,6 +71,7 @@ echo -ne "\n\nStarting Federated install for $DOMAIN\n" # we have all ports available and not in use check_docker check_os +check_memory check_ports # Configure docker private network @@ -86,6 +86,3 @@ done # Print out federated environment details print_details echo -ne "\n\n" - - - diff --git a/lib/checks.sh b/lib/checks.sh deleted file mode 100644 index 7c3c228..0000000 --- a/lib/checks.sh +++ /dev/null @@ -1,107 +0,0 @@ -#!/bin/bash -# -# Federated Checks - -PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - -check_docker() { - OSRELEASE=`lsb_release -a 2>/dev/null | grep ID | awk -F: '{ print $2 }' | xargs` - - if ! command -v docker &> /dev/null; then - echo -ne "\n* Couldn't find docker, installing.." - spin & - SPINPID=$! - - # Install Docker on Ubuntu - if [ $OSRELEASE == "Ubuntu" ]; then - # Update list of packages - sudo apt-get update -y &> /dev/null - [ $? -ne 0 ] && failcheck "Couldn't run sudo apt-get update" - - # Install packages which let apt use packages over HTTPS - sudo apt install apt-transport-https ca-certificates curl software-properties-common -y &> /dev/null - [ $? -ne 0 ] && failcheck "Couldn't run sudo apt install for https packages" - - # Add GPG key for the official Docker repository to this system - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - &> /dev/null - [ $? -ne 0 ] && failcheck "Couldn't run curl to add Docker GPG key" - - # Add the docker repository to our APT sources list - sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu jammy stable" -y &> /dev/null - [ $? -ne 0 ] && failcheck "Couldn't run sudo add-apt-repository" - - # Install docker packages - sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-compose -y &> /dev/null - [ $? -ne 0 ] && failcheck "Couldn't run sudo apt install docker packages" - fi - kill -9 $SPINPID &> /dev/null - echo -ne "done." - fi - - if ! command -v docker-compose &> /dev/null; then - echo -ne "\n* Couldn't find docker-compose, installing.." - spin & - SPINPID=$! - - # Install Docker compose on Ubuntu - if [ $OSRELEASE == "Ubuntu" ]; then - sudo apt-get install docker-compose -y &> /dev/null - fi - - kill -9 $SPINPID &> /dev/null - echo -ne "done." - fi -} -check_ports() { - EXTERNALIP=`dig @resolver4.opendns.com myip.opendns.com +short 2> /dev/null` - [ $? -ne 0 ] && failcheck "Couldn't run dig, dns is not working" - - # Check if ss command exists - if command -v ss &> /dev/null; then - # Check every port we need if it's in use - for i in 25 53 80 143 389 587 993 8000; do - SS=`ss -tulwn | grep LISTEN | awk '{ print $5 }' | awk -F: '{ print $NF }' | grep "^$i$" | head -1` - # If port 53 (dns) in use by system-resolvd (Ubuntu) then auto fix - if [ "$SS" == 53 ]; then - if [ $OSRELEASE == "Ubuntu" ]; then - if [ `pgrep -x systemd-resolve` ]; then - echo -ne "\n* Port 53 in use by systemd-resolved, fixing.." - spin & - SPINPID=$! - - # Install resolvconf to fix - sudo apt install resolvconf -y &> /dev/null - [ $? -eq 0 ] && echo -ne "." || failcheck "Failed running sudo apt install resolvconf" - - # Shut down systemd-resolved - systemctl stop systemd-resolved &> /dev/null - [ $? -ne 0 ] && failcheck "Failed running systemctl stop systemd-resolved" - systemctl disable systemd-resolved &> /dev/null - [ $? -ne 0 ] && failcheck "Failed running systemctl stop systemd-resolved" - - # Put nameserver entries so will exist on reboot - echo "nameserver 8.8.8.8" > /etc/resolvconf/resolv.conf.d/tail - echo "nameserver 8.8.8.8" > /run/resolvconf/resolv.conf - - kill -9 $SPINPID &> /dev/null - echo -ne "done." - else - echo -ne "\nFAILED - Port 53 (dns) is already in use\n\n" && exit 2 - fi - fi - elif [ "$SS" == "$i" ]; then - failcheck "FAILED - Port $i is already in use" - fi - done - fi -} -check_os() { - OSRELEASE=`grep "VERSION=" /etc/os-release | awk -F\" '{ print $2 }'` - if [ "$OSRELEASE" != "22.04 LTS (Jammy Jellyfish)" ]; then - echo -ne "\nFederated requires a minimum of 1G of RAM and 25G of storage\n \ - running Ubuntu 22.04 LTS. Your system is not supported. Please contact\n \ - Federated @ support@federated.computer for assistance or choose our\n \ - cloud offerings at https://cloud.federated.computer.\n\n" - fi -} - diff --git a/lib/functions.sh b/lib/functions.sh index cd0bd22..a9c9e7b 100644 --- a/lib/functions.sh +++ b/lib/functions.sh @@ -129,6 +129,117 @@ https://documentation.federated.computer/users. EOF # Send out e-mail from mail container with details -docker exec -it mail bash -c "mail -r admin@$DOMAIN -s \"Welcome to Feded\" admin@$DOMAIN < /root/certs/mailfile" +docker exec -it mail bash -c "mail -r admin@$DOMAIN -s \"Welcome to Federated\" admin@$DOMAIN < /root/certs/mailfile" cat /federated/apps/mail/data/root/certs/mailfile rm /federated/apps/mail/data/root/certs/mailfile +} +check_docker() { + OSRELEASE=`lsb_release -a 2>/dev/null | grep ID | awk -F: '{ print $2 }' | xargs` + + if ! command -v docker &> /dev/null; then + echo -ne "\n* Couldn't find docker, installing.." + spin & + SPINPID=$! + + # Install Docker on Ubuntu + if [ $OSRELEASE == "Ubuntu" ]; then + # Update list of packages + sudo apt-get update -y &> /dev/null + [ $? -ne 0 ] && failcheck "Couldn't run sudo apt-get update" + + # Install packages which let apt use packages over HTTPS + sudo apt install apt-transport-https ca-certificates curl software-properties-common -y &> /dev/null + [ $? -ne 0 ] && failcheck "Couldn't run sudo apt install for https packages" + + # Add GPG key for the official Docker repository to this system + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - &> /dev/null + [ $? -ne 0 ] && failcheck "Couldn't run curl to add Docker GPG key" + + # Add the docker repository to our APT sources list + sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu jammy stable" -y &> /dev/null + [ $? -ne 0 ] && failcheck "Couldn't run sudo add-apt-repository" + + # Install docker packages + sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-compose -y &> /dev/null + [ $? -ne 0 ] && failcheck "Couldn't run sudo apt install docker packages" + fi + kill -9 $SPINPID &> /dev/null + echo -ne "done." + fi + + if ! command -v docker-compose &> /dev/null; then + echo -ne "\n* Couldn't find docker-compose, installing.." + spin & + SPINPID=$! + + # Install Docker compose on Ubuntu + if [ $OSRELEASE == "Ubuntu" ]; then + sudo apt-get install docker-compose -y &> /dev/null + fi + + kill -9 $SPINPID &> /dev/null + echo -ne "done." + fi +} +check_ports() { + EXTERNALIP=`dig @resolver4.opendns.com myip.opendns.com +short 2> /dev/null` + [ $? -ne 0 ] && failcheck "Couldn't run dig, dns is not working" + + # Check if ss command exists + if command -v ss &> /dev/null; then + # Check every port we need if it's in use + #for i in 25 53 80 143 389 587 993 8000; do + for i in 8734; do + SS=`ss -tulwn | grep LISTEN | awk '{ print $5 }' | awk -F: '{ print $NF }' | grep "^$i$" | head -1` + # If port 53 (dns) in use by system-resolvd (Ubuntu) then auto fix + if [ "$SS" == 53 ]; then + if [ $OSRELEASE == "Ubuntu" ]; then + if [ `pgrep -x systemd-resolve` ]; then + echo -ne "\n* Port 53 in use by systemd-resolved, fixing.." + spin & + SPINPID=$! + + # Install resolvconf to fix + sudo apt install resolvconf -y &> /dev/null + [ $? -eq 0 ] && echo -ne "." || failcheck "Failed running sudo apt install resolvconf" + + # Shut down systemd-resolved + systemctl stop systemd-resolved &> /dev/null + [ $? -ne 0 ] && failcheck "Failed running systemctl stop systemd-resolved" + systemctl disable systemd-resolved &> /dev/null + [ $? -ne 0 ] && failcheck "Failed running systemctl stop systemd-resolved" + + # Put nameserver entries so will exist on reboot + echo "nameserver 8.8.8.8" > /etc/resolvconf/resolv.conf.d/tail + echo "nameserver 8.8.8.8" > /run/resolvconf/resolv.conf + + kill -9 $SPINPID &> /dev/null + echo -ne "done." + else + echo -ne "\nFAILED - Port 53 (dns) is already in use\n\n" && exit 2 + fi + fi + elif [ "$SS" == "$i" ]; then + failcheck "FAILED - Port $i is already in use" + fi + done + fi +} +check_os() { + OSRELEASE=`grep "VERSION=" /etc/os-release | awk -F\" '{ print $2 }'` + if [ "$OSRELEASE" != "22.04 LTS (Jammy Jellyfish)" ]; then + echo -ne "\nFederated requires a minimum of 4G of RAM and 25G of storage\n \ + running Ubuntu 22.04 LTS. Your system is not supported. Please contact\n \ + Federated @ support@federated.computer for assistance or choose our\n \ + cloud offerings at https://cloud.federated.computer.\n\n" + fi +} +check_memory() { + MEMTOTAL=`awk '/MemTotal/ { printf "%.3d \n", $2/1024 }' /proc/meminfo` + if [ "$MEMTOTAL" -lt "3900" ]; then + echo -ne "\nFederated requires a minimum of 4G of RAM and 25G of storage\n \ + running Ubuntu 22.04 LTS. Your system is not supported. Please contact\n \ + Federated @ support@federated.computer for assistance or choose our\n \ + cloud offerings at https://cloud.federated.computer.\n\n" + fi +} diff --git a/lib/listmonk.sh b/lib/listmonk.sh index 255d3f9..374251d 100644 --- a/lib/listmonk.sh +++ b/lib/listmonk.sh @@ -73,38 +73,9 @@ chmod 600 /federated/apps/listmonk/data/listmonk/config.toml /federated/apps/lis kill -9 $SPINPID &> /dev/null echo -ne "done." } - start_listmonk() { - # Start /federated/apps/listmonk with output to /dev/null - echo -ne "\n* Starting /federated/apps/listmonk service.." - spin & - SPINPID=$! - - if [ $DEBUG ]; then - # Start /federated/apps/listmonk with output to console for debug - docker-compose -f /federated/apps/listmonk/docker-compose.yml -p listmonk up - [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service /federated/apps/listmonk" - else - docker-compose -f /federated/apps/listmonk/docker-compose.yml -p listmonk up -d &> /dev/null - - # Keep trying listmonk port 9000 to make sure it's up - # before we proceed - RETRY="30" - while [ $RETRY -gt 0 ]; do - nc -z 172.99.0.19 9000 &> /dev/null - if [ $? -eq 0 ]; then - break - else - if [ "$RETRY" == 1 ]; then - docker-compose -f /federated/apps/listmonk/docker-compose.yml -p listmonk down &> /dev/null - kill -9 $SPINPID &> /dev/null - fail "There was a problem starting service /federated/apps/listmonk\nCheck the output of 'docker logs listmonk' or turn on\ndebug with -d" - fi - ((RETRY--)) - sleep 7 - fi - done - fi + # Start service with command to make sure it's up before proceeding + start_service "listmonk" "nc -z 172.99.0.19 9000 &> /dev/null" kill -9 $SPINPID &> /dev/null echo -ne "done." diff --git a/lib/vaultwarden.sh b/lib/vaultwarden.sh index eea53f9..f95576a 100644 --- a/lib/vaultwarden.sh +++ b/lib/vaultwarden.sh @@ -61,38 +61,9 @@ chmod 600 /federated/apps/vaultwarden/.env kill -9 $SPINPID &> /dev/null echo -ne "done." } - start_vaultwarden() { - # Start /federated/apps/vaultwarden with output to /dev/null - echo -ne "\n* Starting /federated/apps/vaultwarden service.." - spin & - SPINPID=$! - - if [ $DEBUG ]; then - # Start /federated/apps/vaultwarden with output to console for debug - docker-compose -f /federated/apps/vaultwarden/docker-compose.yml -p vaultwarden up - [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service /federated/apps/vaultwarden" - else - docker-compose -f /federated/apps/vaultwarden/docker-compose.yml -p vaultwarden up -d &> /dev/null - - # Keep trying vaultwarden port 80 to make sure it's up - # before we proceed - RETRY="30" - while [ $RETRY -gt 0 ]; do - nc -z 172.99.0.20 80 &> /dev/null - if [ $? -eq 0 ]; then - break - else - if [ "$RETRY" == 1 ]; then - docker-compose -f /federated/apps/vaultwarden/docker-compose.yml -p vaultwarden down &> /dev/null - kill -9 $SPINPID &> /dev/null - fail "There was a problem starting service /federated/apps/vaultwarden\nCheck the output of 'docker logs vaultwarden' or turn on\ndebug with -d" - fi - ((RETRY--)) - sleep 7 - fi - done - fi + # Start service with command to make sure it's up before proceeding + start_service "vaultwarden" "nc -z 172.99.0.20 80 &> /dev/null" kill -9 $SPINPID &> /dev/null echo -ne "done." diff --git a/lib/wireguard.sh b/lib/wireguard.sh index e0fdb44..5a1af40 100644 --- a/lib/wireguard.sh +++ b/lib/wireguard.sh @@ -63,38 +63,9 @@ chmod 600 /federated/apps/wireguard/.env kill -9 $SPINPID &> /dev/null echo -ne "done." } - start_wireguard() { - # Start /federated/apps/wireguard with output to /dev/null - echo -ne "\n* Starting /federated/apps/wireguard service.." - spin & - SPINPID=$! - - if [ $DEBUG ]; then - # Start /federated/apps/wireguard with output to console for debug - docker-compose -f /federated/apps/wireguard/docker-compose.yml -p wireguard up - [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service /federated/apps/wireguard" - else - docker-compose -f /federated/apps/wireguard/docker-compose.yml -p wireguard up -d &> /dev/null - - # Keep trying wireguard port 80 to make sure it's up - # before we proceed - RETRY="30" - while [ $RETRY -gt 0 ]; do - nc -uvz 172.99.0.22 51820 &> /dev/null - if [ $? -eq 0 ]; then - break - else - if [ "$RETRY" == 1 ]; then - docker-compose -f /federated/apps/wireguard/docker-compose.yml -p wireguard down &> /dev/null - kill -9 $SPINPID &> /dev/null - fail "There was a problem starting service /federated/apps/wireguard\nCheck the output of 'docker logs wireguard' or turn on\ndebug with -d" - fi - ((RETRY--)) - sleep 7 - fi - done - fi + # Start service with command to make sure it's up before proceeding + start_service "wireguard" "nc -uvz 172.99.0.22 51820 &> /dev/null" kill -9 $SPINPID &> /dev/null echo -ne "done."