Added Gitea and Caddy fixes
This commit is contained in:
root
parent
22c30eed0c
commit
39ff883347
@ -3,7 +3,7 @@
|
||||
# Federated Start Script
|
||||
|
||||
usage() {
|
||||
echo "$0: all|dns|postgresql|ldap|mail|collabora|nextcloud|matrix|element|jitsi|listmonk|vaultwarden|panel|proxy|wireguard|connector|baserow|calcom"
|
||||
echo "$0: all|dns|postgresql|ldap|mail|collabora|nextcloud|matrix|element|jitsi|listmonk|vaultwarden|panel|proxy|wireguard|connector|baserow|calcom|gitea|caddy"
|
||||
exit 2
|
||||
}
|
||||
startservice() {
|
||||
@ -11,7 +11,7 @@ startservice() {
|
||||
cd /federated/apps/$SERVICE && docker-compose -f docker-compose.yml -p $SERVICE up -d
|
||||
}
|
||||
startservice_all() {
|
||||
for i in dns postgresql ldap mail collabora nextcloud matrix element jitsi listmonk vaultwarden panel proxy wireguard connector baserow calcom; do
|
||||
for i in dns postgresql ldap mail collabora nextcloud matrix element jitsi listmonk vaultwarden panel proxy wireguard connector baserow calcom gitea caddy; do
|
||||
echo "* Starting $i.."
|
||||
cd /federated/apps/$i && docker-compose -f docker-compose.yml -p $i up -d
|
||||
done
|
||||
@ -22,6 +22,6 @@ SERVICE=$1
|
||||
|
||||
case "$SERVICE" in
|
||||
all) startservice_all;;
|
||||
dns|postgresql|ldap|mail|collabora|nextcloud|matrix|element|jitsi|listmonk|vaultwarden|panel|proxy|wireguard|connector|baserow|calcom) startservice;;
|
||||
dns|postgresql|ldap|mail|collabora|nextcloud|matrix|element|jitsi|listmonk|vaultwarden|panel|proxy|wireguard|connector|baserow|calcom|gitea|caddy) startservice;;
|
||||
*) usage;;
|
||||
esac
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
# Federated Stop Script
|
||||
|
||||
usage() {
|
||||
echo "$0: all|dns|postgresql|ldap|mail|collabora|nextcloud|matrix|element|jitsi|listmonk|vaultwarden|panel|proxy|wireguard|connector|baserow|calcom"
|
||||
echo "$0: all|dns|postgresql|ldap|mail|collabora|nextcloud|matrix|element|jitsi|listmonk|vaultwarden|panel|proxy|wireguard|connector|baserow|calcom|gitea|caddy"
|
||||
exit 2
|
||||
}
|
||||
stopservice() {
|
||||
@ -11,7 +11,7 @@ stopservice() {
|
||||
cd /federated/apps/$SERVICE && docker-compose -f docker-compose.yml -p $SERVICE down
|
||||
}
|
||||
stopservice_all() {
|
||||
for i in dns postgresql ldap mail collabora nextcloud matrix element jitsi listmonk vaultwarden panel proxy wireguard connector baserow calcom; do
|
||||
for i in dns postgresql ldap mail collabora nextcloud matrix element jitsi listmonk vaultwarden panel proxy wireguard connector baserow calcom gitea caddy; do
|
||||
echo "* Stopping $i.."
|
||||
cd /federated/apps/$i && docker-compose -f docker-compose.yml -p $i down
|
||||
done
|
||||
@ -22,6 +22,6 @@ SERVICE=$1
|
||||
|
||||
case "$SERVICE" in
|
||||
all) stopservice_all;;
|
||||
dns|postgresql|ldap|mail|collabora|nextcloud|matrix|element|jitsi|listmonk|vaultwarden|panel|proxy|wireguard|connector|baserow|calcom) stopservice;;
|
||||
dns|postgresql|ldap|mail|collabora|nextcloud|matrix|element|jitsi|listmonk|vaultwarden|panel|proxy|wireguard|connector|baserow|calcom|gitea|caddy) stopservice;;
|
||||
*) usage;;
|
||||
esac
|
||||
|
||||
68
lib/caddy.sh
68
lib/caddy.sh
@ -11,6 +11,7 @@ config_caddy() {
|
||||
|
||||
if [ ! -d "/federated/apps/caddy" ]; then
|
||||
mkdir -p /federated/apps/caddy/data/data
|
||||
mkdir -p /federated/apps/caddy/data/srv
|
||||
mkdir -p /federated/apps/caddy/data/etc/caddy
|
||||
fi
|
||||
|
||||
@ -32,10 +33,11 @@ services:
|
||||
federated:
|
||||
ipv4_address: 172.99.0.31
|
||||
extra_hosts:
|
||||
- "gitea.$DOMAIN:164.92.112.207"
|
||||
- "gitea.$DOMAIN:$EXTERNALIP"
|
||||
env_file:
|
||||
- ./.env
|
||||
volumes:
|
||||
- ./data/srv:/srv
|
||||
- ./data/etc/caddy/Caddyfile:/etc/caddy/Caddyfile
|
||||
- ./data/data:/data
|
||||
|
||||
@ -47,27 +49,57 @@ EOF
|
||||
cat > /federated/apps/caddy/.env <<EOF
|
||||
IMAGE_VERSION="latest"
|
||||
VIRTUAL_PROTO=http
|
||||
VIRTUAL_PORT=2019
|
||||
VIRTUAL_HOST=www.$DOMAIN
|
||||
VIRTUAL_PORT=80
|
||||
VIRTUAL_HOST=www.$DOMAIN,blog.$DOMAIN,documentation.$DOMAIN
|
||||
EOF
|
||||
chmod 600 /federated/apps/caddy/.env
|
||||
|
||||
cat > /federated/apps/caddy/data/etc/caddy/Caddyfile <<EOF
|
||||
:2019
|
||||
file_server
|
||||
root * /srv/blog
|
||||
|
||||
route /webhook {
|
||||
webhook {
|
||||
repo https://gitea.$DOMAIN/gitea/hugowebsite
|
||||
type github
|
||||
secret $WEBHOOK_SECRET
|
||||
submodule
|
||||
token $GITEA_TOKEN_1
|
||||
path blog
|
||||
branch master
|
||||
}
|
||||
www.$DOMAIN:80 {
|
||||
root * /srv/www.$DOMAIN/public
|
||||
file_server
|
||||
route /webhook {
|
||||
webhook {
|
||||
repo https://gitea.$DOMAIN/gitea/www.$DOMAIN
|
||||
type github
|
||||
secret $WEBHOOK_SECRET
|
||||
submodule
|
||||
token $GITEA_TOKEN_1
|
||||
path www.$DOMAIN
|
||||
branch master
|
||||
}
|
||||
}
|
||||
}
|
||||
blog.$DOMAIN:80 {
|
||||
root * /srv/blog.$DOMAIN/public
|
||||
file_server
|
||||
route /webhook {
|
||||
webhook {
|
||||
repo https://gitea.$DOMAIN/gitea/blog.$DOMAIN
|
||||
type github
|
||||
secret $WEBHOOK_SECRET
|
||||
submodule
|
||||
token $GITEA_TOKEN_1
|
||||
path blog.$DOMAIN
|
||||
branch master
|
||||
}
|
||||
}
|
||||
}
|
||||
documentation.$DOMAIN:80 {
|
||||
root * /srv/documentation.$DOMAIN/public
|
||||
file_server
|
||||
route /webhook {
|
||||
webhook {
|
||||
repo https://gitea.$DOMAIN/gitea/documentation.$DOMAIN
|
||||
type github
|
||||
secret $WEBHOOK_SECRET
|
||||
submodule
|
||||
token $GITEA_TOKEN_1
|
||||
path documentation.$DOMAIN
|
||||
branch master
|
||||
}
|
||||
}
|
||||
}
|
||||
EOF
|
||||
|
||||
kill -9 $SPINPID &> /dev/null
|
||||
@ -75,7 +107,7 @@ echo -ne "done."
|
||||
}
|
||||
start_caddy() {
|
||||
# Start service with command to make sure it's up before proceeding
|
||||
start_service "caddy" "nc -z 172.99.0.31 2019 &> /dev/null"
|
||||
start_service "caddy" "nc -z 172.99.0.31 80 &> /dev/null"
|
||||
|
||||
kill -9 $SPINPID &> /dev/null
|
||||
echo -ne "done."
|
||||
|
||||
@ -190,6 +190,8 @@ vpn IN A $EXTERNALIP
|
||||
connector IN A $EXTERNALIP
|
||||
baserow IN A $EXTERNALIP
|
||||
calcom IN A $EXTERNALIP
|
||||
blog IN A $EXTERNALIP
|
||||
documentation IN A $EXTERNALIP
|
||||
$DOMAIN. IN A $EXTERNALIP
|
||||
EOF
|
||||
|
||||
|
||||
@ -130,39 +130,10 @@ EOF
|
||||
kill -9 $SPINPID &> /dev/null
|
||||
echo -ne "done."
|
||||
}
|
||||
|
||||
start_element() {
|
||||
# Start /federated/apps/element with output to /dev/null
|
||||
echo -ne "\n* Starting /federated/apps/element service.."
|
||||
spin &
|
||||
SPINPID=$!
|
||||
# Start service with command to make sure it's up before proceeding
|
||||
start_service "element" "nc -z 172.99.0.18 80 &> /dev/null"
|
||||
|
||||
if [ $DEBUG ]; then
|
||||
# Start /federated/apps/element with output to console for debug
|
||||
docker-compose -f /federated/apps/element/docker-compose.yml -p element up
|
||||
[ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service /federated/apps/element"
|
||||
else
|
||||
docker-compose -f /federated/apps/element/docker-compose.yml -p element up -d &> /dev/null
|
||||
|
||||
# Keep trying element port 80 to make sure it's up
|
||||
# before we proceed
|
||||
RETRY="30"
|
||||
while [ $RETRY -gt 0 ]; do
|
||||
nc -z 172.99.0.18 80 &> /dev/null
|
||||
if [ $? -eq 0 ]; then
|
||||
break
|
||||
else
|
||||
if [ "$RETRY" == 1 ]; then
|
||||
docker-compose -f /federated/apps/element/docker-compose.yml -p element down &> /dev/null
|
||||
kill -9 $SPINPID &> /dev/null
|
||||
fail "There was a problem starting service /federated/apps/element\nCheck the output of 'docker logs element' or turn on\ndebug with -d"
|
||||
fi
|
||||
((RETRY--))
|
||||
sleep 7
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
kill -9 $SPINPID &> /dev/null
|
||||
echo -ne "done."
|
||||
}
|
||||
|
||||
@ -114,7 +114,7 @@ password managers. https://vaultwarden.$DOMAIN
|
||||
|
||||
Baserow: Easy Database. Replacement for Airtable. Build amazing, easy
|
||||
to create on-line databases to be used by your team.
|
||||
https://baserom.$DOMAIN
|
||||
https://baserow.$DOMAIN
|
||||
|
||||
Cal.com: Easy scheduling. Create easy links so that others can easily
|
||||
schedule time on your calendar without the annoying back-and-forth.
|
||||
@ -225,8 +225,8 @@ check_ports() {
|
||||
fi
|
||||
}
|
||||
check_os() {
|
||||
OSRELEASE=`grep "VERSION_ID=" /etc/os-release | awk -F\" '{ print $2 }'`
|
||||
if [ "$OSRELEASE" != "22.04" ]; then
|
||||
VERSIONID=`grep "VERSION_ID=" /etc/os-release | awk -F\" '{ print $2 }'`
|
||||
if [ "$VERSIONID" != "22.04" ]; then
|
||||
echo -ne "\nFederated requires a minimum of 4G of RAM and 25G of storage\n \
|
||||
running Ubuntu 22.04 LTS. Your system is not supported. Please contact\n \
|
||||
Federated @ support@federated.computer for assistance or choose our\n \
|
||||
|
||||
75
lib/gitea.sh
75
lib/gitea.sh
@ -31,7 +31,9 @@ services:
|
||||
federated:
|
||||
ipv4_address: 172.99.0.30
|
||||
extra_hosts:
|
||||
- "www.$DOMAIN:164.92.112.207"
|
||||
- "www.$DOMAIN:$EXTERNALIP"
|
||||
- "blog.$DOMAIN:$EXTERNALIP"
|
||||
- "documentation.$DOMAIN:$EXTERNALIP"
|
||||
ports:
|
||||
- 22:22
|
||||
env_file:
|
||||
@ -46,8 +48,10 @@ networks:
|
||||
external: true
|
||||
EOF
|
||||
|
||||
#GITEA_SECRET="RbzalooGM4BbQug6wvRaklR7NeN0GRSA"
|
||||
|
||||
cat > /federated/apps/gitea/.env <<EOF
|
||||
IMAGE_VERSION="latest"
|
||||
IMAGE_VERSION="1.19.0"
|
||||
VIRTUAL_PROTO=http
|
||||
VIRTUAL_PORT=3000
|
||||
VIRTUAL_HOST=gitea.$DOMAIN
|
||||
@ -69,14 +73,20 @@ cat > /federated/apps/gitea/data/creategitea.sh <<EOF
|
||||
#!/bin/bash
|
||||
|
||||
# Get the Gitea API token
|
||||
GITEA_TOKEN_2=\`curl -H "Content-Type: application/json" -d '{"name":"gitea2"}' -u gitea:$ADMINPASS http://gitea.$DOMAIN:3000/api/v1/users/gitea/tokens 2>/dev/null | awk -F: '{ print \$4 }' | awk -F\" '{ print \$2 }'\`
|
||||
GITEA_TOKEN_2=\`curl -H "Content-Type: application/json" -d '{"name":"gitea2","scopes":["all"]}' -u gitea:$ADMINPASS http://gitea.$DOMAIN:3000/api/v1/users/gitea/tokens 2>/dev/null | awk -F: '{ print \$4 }' | awk -F\" '{ print \$2 }'\`
|
||||
|
||||
# Create the repository hugowebsite
|
||||
curl -k -X POST http://gitea.$DOMAIN:3000/api/v1/user/repos -H "content-type: application/json" -H "Authorization: token \$GITEA_TOKEN_2" --data '{"name":"hugowebsite","auto_init":true,"default_branch":"master"}'
|
||||
# Create the repository website, blog, and documentation
|
||||
#curl -k -X POST http://gitea.$DOMAIN:3000/api/v1/user/repos -H "content-type: application/json" -H "Authorization: token \$GITEA_TOKEN_2" --data '{"name":"www.$DOMAIN","auto_init":true,"default_branch":"master"}'
|
||||
#curl -k -X POST http://gitea.$DOMAIN:3000/api/v1/user/repos -H "content-type: application/json" -H "Authorization: token \$GITEA_TOKEN_2" --data '{"name":"blog.$DOMAIN","auto_init":true,"default_branch":"master"}'
|
||||
#curl -k -X POST http://gitea.$DOMAIN:3000/api/v1/user/repos -H "content-type: application/json" -H "Authorization: token \$GITEA_TOKEN_2" --data '{"name":"documentation.$DOMAIN","auto_init":true,"default_branch":"master"}'
|
||||
|
||||
# Create the webhook inside the hugowebsite repository
|
||||
curl -X 'POST' \
|
||||
'http://gitea.$DOMAIN:3000/api/v1/repos/gitea/hugowebsite/hooks' \
|
||||
# Create the repository and webhooks
|
||||
for i in www blog documentation; do
|
||||
# Create the repository
|
||||
curl -k -X POST http://gitea.$DOMAIN:3000/api/v1/user/repos -H "content-type: application/json" -H "Authorization: token \$GITEA_TOKEN_2" --data '{"name":"$i.$DOMAIN","auto_init":true,"default_branch":"master"}'
|
||||
# Create the webhook
|
||||
curl -X 'POST' \
|
||||
'http://gitea.$DOMAIN:3000/api/v1/repos/gitea/$i.$DOMAIN/hooks' \
|
||||
-H 'accept: application/json' \
|
||||
-H 'Content-Type: application/json' \
|
||||
-H "Authorization: token \$GITEA_TOKEN_2" \
|
||||
@ -91,7 +101,46 @@ curl -X 'POST' \
|
||||
"push"
|
||||
],
|
||||
"type": "gitea"
|
||||
}'
|
||||
}'
|
||||
done
|
||||
|
||||
# Create the webhook inside the blog repository
|
||||
#curl -X 'POST' \
|
||||
# 'http://gitea.$DOMAIN:3000/api/v1/repos/gitea/blog.$DOMAIN/hooks' \
|
||||
# -H 'accept: application/json' \
|
||||
# -H 'Content-Type: application/json' \
|
||||
# -H "Authorization: token \$GITEA_TOKEN_2" \
|
||||
# -d '{
|
||||
# "active": true,
|
||||
# "config": {
|
||||
# "content_type": "json",
|
||||
# "url": "https://blog.$DOMAIN/webhook",
|
||||
# "secret": "$WEBHOOK_SECRET"
|
||||
# },
|
||||
# "events": [
|
||||
# "push"
|
||||
# ],
|
||||
# "type": "gitea"
|
||||
#}'
|
||||
|
||||
# Create the webhook inside the documentation repository
|
||||
#curl -X 'POST' \
|
||||
# 'http://gitea.$DOMAIN:3000/api/v1/repos/gitea/documentation.$DOMAIN/hooks' \
|
||||
# -H 'accept: application/json' \
|
||||
# -H 'Content-Type: application/json' \
|
||||
# -H "Authorization: token \$GITEA_TOKEN_2" \
|
||||
# -d '{
|
||||
# "active": true,
|
||||
# "config": {
|
||||
# "content_type": "json",
|
||||
# "url": "https://documentation.$DOMAIN/webhook",
|
||||
# "secret": "$WEBHOOK_SECRET"
|
||||
# },
|
||||
# "events": [
|
||||
# "push"
|
||||
# ],
|
||||
# "type": "gitea"
|
||||
#}'
|
||||
EOF
|
||||
chmod +x /federated/apps/gitea/data/creategitea.sh
|
||||
|
||||
@ -102,14 +151,20 @@ start_gitea() {
|
||||
# Start service with command to make sure it's up before proceeding
|
||||
start_service "gitea" "nc -z 172.99.0.30 3000 &> /dev/null"
|
||||
|
||||
# Copy creategitea.sh inside gitea container
|
||||
mv /federated/apps/gitea/data/creategitea.sh /federated/apps/gitea/data/data/creategitea.sh
|
||||
[ $? -ne 0 ] && fail "Couldn't mv creategitea.sh inside /federated/apps/gitea container"
|
||||
|
||||
# Create admin user gitea
|
||||
docker exec --user 1000 gitea gitea admin user create --admin --username gitea --password $ADMINPASS --email admin@$DOMAIN
|
||||
[ $? -ne 0 ] && fail "Couldn't run gitea user create inside /federated/apps/gitea container"
|
||||
|
||||
# Run creategitea.sh inside gitea container
|
||||
docker exec -it gitea /data/creategitea.sh
|
||||
[ $? -ne 0 ] && fail "Couldn't run creategitea.sh inside /federated/apps/gitea container"
|
||||
|
||||
GITEA_TOKEN_1=`docker exec -it gitea curl -H "Content-Type: application/json" -d '{"name":"gitea1"}' -u gitea:$ADMINPASS http://gitea.$DOMAIN:3000/api/v1/users/gitea/tokens 2>/dev/null | awk -F: '{ print $4 }' | awk -F\" '{ print $2 }'`
|
||||
# Create token to use for Caddy starting up next
|
||||
GITEA_TOKEN_1=`docker exec -it gitea curl -H "Content-Type: application/json" -d '{"name":"gitea1","scopes":["all"]}' -u gitea:$ADMINPASS http://gitea.$DOMAIN:3000/api/v1/users/gitea/tokens 2>/dev/null | awk -F: '{ print $4 }' | awk -F\" '{ print $2 }'`
|
||||
[ $? -ne 0 ] && fail "Couldn't run gitea curl to get token inside /federated/apps/gitea container"
|
||||
|
||||
kill -9 $SPINPID &> /dev/null
|
||||
|
||||
@ -50,7 +50,6 @@ services:
|
||||
secrets:
|
||||
- federated_psql_password
|
||||
- federated_nextcloud_password
|
||||
command: [ "/root/nextcloud.sh" ]
|
||||
|
||||
secrets:
|
||||
federated_psql_password:
|
||||
@ -83,61 +82,6 @@ POSTGRES_PASSWORD_FILE=/run/secrets/federated_psql_password
|
||||
EOF
|
||||
chmod 600 /federated/apps/nextcloud/.env
|
||||
|
||||
cat > /federated/apps/nextcloud/data/root/supervisord.conf <<'EOF'
|
||||
[supervisord]
|
||||
nodaemon=true
|
||||
logfile=/var/log/supervisord/supervisord.log
|
||||
pidfile=/var/run/supervisord/supervisord.pid
|
||||
childlogdir=/var/log/supervisord/
|
||||
logfile_maxbytes=50MB ; maximum size of logfile before rotation
|
||||
logfile_backups=10 ; number of backed up logfiles
|
||||
loglevel=error
|
||||
|
||||
[program:apache2]
|
||||
stdout_logfile=/dev/stdout
|
||||
stdout_logfile_maxbytes=0
|
||||
stderr_logfile=/dev/stderr
|
||||
stderr_logfile_maxbytes=0
|
||||
command=apache2-foreground
|
||||
|
||||
[program:sshd]
|
||||
stdout_logfile=/dev/stdout
|
||||
stdout_logfile_maxbytes=0
|
||||
stderr_logfile=/dev/stderr
|
||||
stderr_logfile_maxbytes=0
|
||||
command=service ssh start
|
||||
EOF
|
||||
|
||||
cat > /federated/apps/nextcloud/data/root/nextcloud.sh <<'EOF'
|
||||
#!/bin/sh -x
|
||||
|
||||
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
||||
|
||||
if [ ! -e /root/.init ]; then
|
||||
echo "First start and initialization"
|
||||
apt update -y && apt-get install ssh -y
|
||||
apt-get install python3 -y && apt-get install sudo -y
|
||||
|
||||
echo 'ansible ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers \
|
||||
&& useradd -m ansible -s /bin/bash \
|
||||
&& sudo -u ansible mkdir /home/ansible/.ssh \
|
||||
&& mkdir -p /var/run/sshd
|
||||
|
||||
apt-get install -y supervisor \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& mkdir /var/log/supervisord /var/run/supervisord
|
||||
|
||||
touch /root/.init
|
||||
export NEXTCLOUD_UPDATE=1
|
||||
/usr/bin/supervisord -c /root/supervisord.conf
|
||||
else
|
||||
echo "Already Initialized, running supervisord"
|
||||
export NEXTCLOUD_UPDATE=1
|
||||
/usr/bin/supervisord -c /root/supervisord.conf
|
||||
fi
|
||||
EOF
|
||||
chmod +x /federated/apps/nextcloud/data/root/nextcloud.sh
|
||||
|
||||
cat > /federated/apps/nextcloud/data/configs.json <<EOF
|
||||
{
|
||||
"system": {
|
||||
|
||||
65
lib/panel.sh
65
lib/panel.sh
@ -17,31 +17,6 @@ config_panel() {
|
||||
DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
|
||||
DOMAIN_LAST=${DOMAIN_ARRAY[1]}
|
||||
|
||||
cat > /federated/apps/panel/ansible_hosts <<EOF
|
||||
[servers]
|
||||
nextcloud ansible_host=172.99.0.16
|
||||
|
||||
[all:vars]
|
||||
ansible_python_interpreter=/usr/bin/python3
|
||||
ansible_ssh_common_args='-o StrictHostKeyChecking=no'
|
||||
EOF
|
||||
|
||||
cp /federated/lib/files/panel/new_user.php /federated/apps/panel
|
||||
|
||||
cat > /federated/apps/panel/Dockerfile <<EOF
|
||||
FROM wheelybird/ldap-user-manager:latest
|
||||
|
||||
RUN apt update -y && apt-get install ssh -y \
|
||||
&& apt-get install ansible -y && apt-get install sudo -y
|
||||
RUN echo 'www-data ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers \
|
||||
&& useradd -m ansible -s /bin/bash \
|
||||
&& sudo -u ansible mkdir /home/ansible/.ssh && mkdir /etc/ansible
|
||||
RUN sudo -u ansible ssh-keygen -q -t rsa -N '' -f /home/ansible/.ssh/id_rsa
|
||||
|
||||
COPY ansible_hosts /etc/ansible/hosts
|
||||
COPY new_user.php /opt/ldap_user_manager/account_manager/
|
||||
EOF
|
||||
|
||||
cat > /federated/apps/panel/docker-compose.yml <<EOF
|
||||
version: '3.7'
|
||||
|
||||
@ -52,9 +27,6 @@ services:
|
||||
hostname: panel.$DOMAIN
|
||||
domainname: $DOMAIN
|
||||
restart: always
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
networks:
|
||||
federated:
|
||||
ipv4_address: 172.99.0.21
|
||||
@ -95,42 +67,9 @@ chmod 600 /federated/apps/panel/.env
|
||||
kill -9 $SPINPID &> /dev/null
|
||||
echo -ne "done."
|
||||
}
|
||||
|
||||
start_panel() {
|
||||
# Start /federated/apps/panel with output to /dev/null
|
||||
echo -ne "\n* Starting /federated/apps/panel service.."
|
||||
spin &
|
||||
SPINPID=$!
|
||||
|
||||
if [ $DEBUG ]; then
|
||||
# Start /federated/apps/panel with output to console for debug
|
||||
docker-compose -f /federated/apps/panel/docker-compose.yml -p panel up --build
|
||||
[ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service /federated/apps/panel"
|
||||
else
|
||||
docker-compose -f /federated/apps/panel/docker-compose.yml -p panel up --build -d &> /dev/null
|
||||
|
||||
# Keep trying panel port 443 to make sure it's up
|
||||
# before we proceed
|
||||
RETRY="30"
|
||||
while [ $RETRY -gt 0 ]; do
|
||||
nc -z 172.99.0.21 80 &> /dev/null
|
||||
if [ $? -eq 0 ]; then
|
||||
break
|
||||
else
|
||||
if [ "$RETRY" == 1 ]; then
|
||||
docker-compose -f /federated/apps/panel/docker-compose.yml -p panel down &> /dev/null
|
||||
kill -9 $SPINPID &> /dev/null
|
||||
fail "There was a problem starting service /federated/apps/panel\nCheck the output of 'docker logs panel' or turn on\ndebug with -d"
|
||||
fi
|
||||
((RETRY--))
|
||||
sleep 7
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# Insert ansible key into nextcloud
|
||||
KEY=`docker exec -it panel bash -c "cat /home/ansible/.ssh/id_rsa.pub"`
|
||||
docker exec -it nextcloud bash -c "echo $KEY > /home/ansible/.ssh/authorized_keys"
|
||||
# Start service with command to make sure it's up before proceeding
|
||||
start_service "panel" "nc -z 172.99.0.21 80 &> /dev/null"
|
||||
|
||||
kill -9 $SPINPID &> /dev/null
|
||||
echo -ne "done."
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user