From e98f392fe29006e93455efb16bbb67815246a364 Mon Sep 17 00:00:00 2001 From: Derek Crudgington Date: Thu, 15 Sep 2022 14:52:15 +0000 Subject: [PATCH] Separated ldapadmin into panel.domain --- fstack/lib/ldap.sh | 31 +------------ fstack/lib/panel.sh | 104 +++++++++++++++++++++++++++++++++++++++++++ install-federated.sh | 21 +++++---- 3 files changed, 118 insertions(+), 38 deletions(-) create mode 100644 fstack/lib/panel.sh diff --git a/fstack/lib/ldap.sh b/fstack/lib/ldap.sh index 92b5ecc..3a1c9fb 100644 --- a/fstack/lib/ldap.sh +++ b/fstack/lib/ldap.sh @@ -53,35 +53,6 @@ services: - LDAP_TLS_CA_CRT_FILENAME=chain1.pem - LDAP_TLS_VERIFY_CLIENT=try - ldapadmin: - image: wheelybird/ldap-user-manager:latest - container_name: ldapadmin - hostname: ldapadmin.$DOMAIN - domainname: $DOMAIN - restart: always - networks: - fstack: - ipv4_address: 172.99.0.12 - ports: - - 8080:80 - - 8443:443 - volumes: - - ./data/certs:/opt/ssl - environment: - - SERVER_HOSTNAME=ldapadmin.$DOMAIN - - LDAP_URI=ldap://ldap.$DOMAIN - - LDAP_BASE_DN=dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST - - LDAP_REQUIRE_STARTTLS=true - - LDAP_ADMINS_GROUP=admins - - LDAP_ADMIN_BIND_DN=cn=admin,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST - - LDAP_ADMIN_BIND_PWD=$ADMINPASS - - NO_HTTPS=false - - SERVER_CERT_FILENAME=fullchain1.pem - - SERVER_KEY_FILENAME=privkey1.pem - - CA_CERT_FILENAME=chain1.pem - depends_on: - - ldap - networks: fstack: external: true @@ -183,7 +154,7 @@ start_ldap() { if [ $DEBUG ]; then # Start fstack/ldap with output to console for debug docker-compose -f fstack/ldap/docker-compose.yml -p ldap up - [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/dns" + [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/ldap" else docker-compose -f fstack/ldap/docker-compose.yml -p ldap up -d &> /dev/null diff --git a/fstack/lib/panel.sh b/fstack/lib/panel.sh new file mode 100644 index 0000000..3b55554 --- /dev/null +++ b/fstack/lib/panel.sh @@ -0,0 +1,104 @@ +#!/bin/bash +# +# Federated Stack Control Panel + +PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +config_panel() { + echo -ne "\n* Configuring fstack/panel container.." + spin & + SPINPID=$! + + if [ ! -d "fstack/panel" ]; then + mkdir -p fstack/panel/data/root/certs &> /dev/null + cp -rf fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/*.pem fstack/panel/data/root/certs/ + fi + + DOMAIN_ARRAY=(${DOMAIN//./ }) + DOMAIN_FIRST=${DOMAIN_ARRAY[0]} + DOMAIN_LAST=${DOMAIN_ARRAY[1]} + +cat > fstack/panel/docker-compose.yml < /dev/null +echo -ne "done." +} + +start_panel() { + # Start fstack/panel with output to /dev/null + echo -ne "\n* Starting fstack/panel service.." + spin & + SPINPID=$! + + if [ $DEBUG ]; then + # Start fstack/panel with output to console for debug + docker-compose -f fstack/panel/docker-compose.yml -p panel up + [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/panel" + else + docker-compose -f fstack/panel/docker-compose.yml -p panel up -d &> /dev/null + + # Keep trying panel port 443 to make sure it's up + # before we proceed + RETRY="23" + while [ $RETRY -gt 0 ]; do + nc -z 172.99.0.12 443 &> /dev/null + if [ $? -eq 0 ]; then + break + else + if [ "$RETRY" == 1 ]; then + docker-compose -f fstack/panel/docker-compose.yml -p panel down &> /dev/null + kill -9 $SPINPID &> /dev/null + fail "There was a problem starting service fstack/panel\nCheck the output of 'docker logs panel' or turn on\ndebug with -d" + fi + ((RETRY--)) + sleep 7 + fi + done + fi + + kill -9 $SPINPID &> /dev/null + echo -ne "done." +} diff --git a/install-federated.sh b/install-federated.sh index 17e8363..1030053 100755 --- a/install-federated.sh +++ b/install-federated.sh @@ -33,16 +33,16 @@ failcheck() { exit 2; } get_config() { -# FSTACKURL="http://137.184.95.3:8000" -# [ ! -d "fstack/lib" ] && mkdir -p fstack/lib + FSTACKURL="http://137.184.95.3:8000" + [ ! -d "fstack/lib" ] && mkdir -p fstack/lib # Download each library file -# for i in checks network dns ldap mail; do -# if [ ! -f "fstack/lib/$i.sh" ]; then -# curl $FSTACKURL/$i.sh -o fstack/lib/$i.sh -s -f &> /dev/null -# [ $? -ne 0 ] && failcheck "Couldn't download $i.sh" -# fi -# done + for i in checks network dns ldap mail; do + if [ ! -f "fstack/lib/$i.sh" ]; then + curl $FSTACKURL/$i.sh -o fstack/lib/$i.sh -s -f &> /dev/null + [ $? -ne 0 ] && failcheck "Couldn't download $i.sh" + fi + done . fstack/lib/checks.sh . fstack/lib/network.sh @@ -50,6 +50,7 @@ get_config() { . fstack/lib/ldap.sh . fstack/lib/mail.sh . fstack/lib/nextcloud.sh + . fstack/lib/panel.sh echo -ne "\nFederated Stack install script\n\n" read -p '* Enter domain name (domain.com): ' DOMAIN @@ -95,6 +96,10 @@ start_mail config_nextcloud start_nextcloud +# Configure fstack/panel container and start it +config_panel +start_panel + # Print out fstack environment details echo -ne "\n\nInstall completed successfully.\n\n" echo -ne "Certificates at fstack/dns/data/etc/letsencrypt/archive/$DOMAIN\n"