Various software updates and control updates.

Signed-off-by: Derek Smith <derek@farscapian.com>
This commit is contained in:
Derek Smith 2022-04-22 15:51:02 -04:00
parent 4c4a2304ac
commit 1e338fb603
Signed by: farscapian
GPG Key ID: 8F1CD799CCA516CC
10 changed files with 47 additions and 30 deletions

View File

@ -2,7 +2,7 @@
set -eu
export DEPLOY_WWW_SERVER=true
export DEPLOY_WWW_SERVER=false
export DEPLOY_BTCPPAY_SERVER=false
export DEPLOY_UMBREL_VPS=false
@ -44,8 +44,8 @@ export SMTP_PORT="587"
export AWS_REGION="us-east-1"
# AMI NAME:
# ubuntu-minimal/images/hvm-ssd/ubuntu-hirsute-21.04-amd64-minimal-20211130-907a40d2-dca2-4750-b073-b3254c031ab6
export AWS_AMI_ID="ami-080435381cbbb5b9b"
# ubuntu-minimal/images/hvm-ssd/ubuntu-impish-21.10-amd64-minimal-20220308-f7c42f71-5c9c-40c0-b808-ada8557fe9a2
export AWS_AMI_ID="ami-0ab880898e027d4c1"
WWW_INSTANCE_TYPE="t2.micro"
BTCPAY_INSTANCE_TYPE="t2.medium"
@ -120,7 +120,6 @@ fi
export SITE_PATH="$SITE_PATH"
export BTC_CHAIN="$BTC_CHAIN"
export DEPLOY_BTCPAY_SERVER=false
# if we're running aws/public, we enable nginx caching since it's a public site.
if [ "$VPS_HOSTING_TARGET" = aws ]; then
@ -132,12 +131,12 @@ DEFAULT_DB_IMAGE="mariadb:10.6.5"
export ENABLE_NGINX_CACHING="$ENABLE_NGINX_CACHING"
# run the docker stack.
export GHOST_IMAGE="ghost:4.32.0"
export GHOST_IMAGE="ghost:4.44.0"
export GHOST_DB_IMAGE="$DEFAULT_DB_IMAGE"
export NGINX_IMAGE="nginx:1.21.4"
export NEXTCLOUD_IMAGE="nextcloud:23.0.0"
export NGINX_IMAGE="nginx:1.21.6"
export NEXTCLOUD_IMAGE="nextcloud:23.0.2"
export NEXTCLOUD_DB_IMAGE="$DEFAULT_DB_IMAGE"
export MATRIX_IMAGE="matrixdotorg/synapse:v1.49.0"
export MATRIX_DB_IMAGE="postgres:13.4"
export MATRIX_IMAGE="matrixdotorg/synapse:v1.52.0"
export MATRIX_DB_IMAGE="postgres:13.6"
export GITEA_IMAGE="gitea/gitea:latest"
export GITEA_DB_IMAGE="$DEFAULT_DB_IMAGE"

View File

@ -3,7 +3,7 @@
set -exuo nounset
cd "$(dirname "$0")"
USER_DELETE_MACHINE=false
MIGRATE_VPS=false
DOMAIN_NAME=
VPS_HOSTING_TARGET=lxd
RUN_CERT_RENEWAL=true
@ -15,7 +15,10 @@ MIGRATE_BTCPAY_SERVER=false
RECONFIGURE_BTCPAY_SERVER=false
BTCPAY_ADDITIONAL_HOSTNAMES=
LXD_DISK_TO_USE=
DEV_BTCPAY_MAC_ADDRESS=
DEPLOY_BTCPAY_SERVER=false
REDEPLOY_STACK=false
MACVLAN_INTERFACE=
for i in "$@"; do
case $i in
@ -39,8 +42,8 @@ for i in "$@"; do
USER_NO_BACKUP=true
shift
;;
--delete)
USER_DELETE_MACHINE=true
--migrate)
MIGRATE_VPS=true
shift
;;
--storage-backend=*)
@ -79,6 +82,7 @@ export BTC_CHAIN="$BTC_CHAIN"
export UPDATE_BTCPAY="$UPDATE_BTCPAY"
export MIGRATE_BTCPAY_SERVER="$MIGRATE_BTCPAY_SERVER"
export RECONFIGURE_BTCPAY_SERVER="$RECONFIGURE_BTCPAY_SERVER"
export MACVLAN_INTERFACE="$MACVLAN_INTERFACE"
# # first of all, if there are uncommited changes, we quit. You better stash your work yo!
# if git update-index --refresh| grep -q "needs update"; then
@ -108,7 +112,8 @@ for APP_TO_DEPLOY in btcpay www umbrel; do
# skip if the server config is set to not deploy.
if [ "$APP_TO_DEPLOY" = www ]; then
FQDN="$WWW_HOSTNAME.$DOMAIN_NAME"
VPS_HOSTNAME="$WWW_HOSTNAME"
MAC_ADDRESS_TO_PROVISION="$WWW_MAC_ADDRESS"
if [ "$DEPLOY_WWW_SERVER" = false ]; then
continue
fi
@ -123,6 +128,9 @@ for APP_TO_DEPLOY in btcpay www umbrel; do
fi
fi
export MAC_ADDRESS_TO_PROVISION="$MAC_ADDRESS_TO_PROVISION"
export VPS_HOSTNAME="$VPS_HOSTNAME"
export FQDN="$VPS_HOSTNAME.$DOMAIN_NAME"
# generate the docker yaml and nginx configs.
./stub_docker_yml.sh
@ -143,7 +151,9 @@ for APP_TO_DEPLOY in btcpay www umbrel; do
if [ "$MACHINE_EXISTS" = true ]; then
# we delete the machine if the user has directed us to
if [ "$USER_DELETE_MACHINE" = true ]; then
if [ "$MIGRATE_VPS" = true ]; then
# run the domain_init based on user input.
if [ "$USER_NO_BACKUP" = true ]; then
echo "Machine exists. We don't need to back it up because the user has directed --no-backup."
@ -160,6 +170,7 @@ for APP_TO_DEPLOY in btcpay www umbrel; do
fi
elif [ "$VPS_HOSTING_TARGET" = lxd ]; then
lxc delete --force "$LXD_VM_NAME"
USER_RUN_RESTORE=true
fi
# Then we run the script again to re-instantiate a new VPS, restoring all user data
@ -178,7 +189,7 @@ for APP_TO_DEPLOY in btcpay www umbrel; do
RUN_RESTORE="$USER_RUN_RESTORE" RUN_BACKUP="$RUN_BACKUP" RUN_SERVICES=true ./domain_init.sh
fi
else
if [ "$USER_DELETE_MACHINE" = true ]; then
if [ "$MIGRATE_VPS" = true ]; then
echo "INFO: User has indicated to delete the machine, but it doesn't exist. Going to create it anyway."
fi

View File

@ -1,6 +1,6 @@
#!/bin/bash
set -exuo nounset
set -eux
cd "$(dirname "$0")"
# let's make sure we have an ssh keypair. We just use ~/.ssh/id_rsa
@ -44,20 +44,20 @@ elif [ "$VPS_HOSTING_TARGET" = lxd ]; then
ssh-keygen -f "$SSH_HOME/known_hosts" -R "$FQDN"
#check to ensure the MACVLAN interface has been set by the user
if [ -z "$DEV_MACVLAN_INTERFACE" ]; then
echo "ERROR: DEV_MACVLAN_INTERFACE has not been defined. Use '--macvlan-interface=eno1' for example."
if [ -z "$MACVLAN_INTERFACE" ]; then
echo "ERROR: MACVLAN_INTERFACE has not been defined. Use '--macvlan-interface=eno1' for example."
exit 1
fi
# let's first check to ensure there's a cert.tar.gz. We need a valid cert for testing.
if [ ! -f "$SITE_PATH/certs.tar.gz" ]; then
echo "ERROR: We need a valid cert for testing. Please use the '--app=certonly' first."
exit
echo "ERROR: We need a valid cert for testing."
exit 1
fi
# if the machine doesn't exist, we create it.
if ! lxc list --format csv | grep -q "$LXD_VM_NAME"; then
RUN_BACKUP=false
export RUN_BACKUP=false
# create a base image if needed and instantiate a VM.
./provision_lxc.sh

View File

@ -1,9 +1,10 @@
#!/bin/bash
set -exuo nounset
set -exu
cd "$(dirname "$0")"
if [ "$RUN_BACKUP" = true ]; then
# shellcheck disable=SC2029
ssh "$FQDN" "cd $REMOTE_HOME/btcpayserver-docker/; sudo bash -c ./btcpay-down.sh"
fi
@ -17,6 +18,7 @@ if [ "$UPDATE_BTCPAY" = true ]; then
fi
# run the update.
# shellcheck disable=SC2029
ssh "$FQDN" "cd $REMOTE_HOME/btcpayserver-docker/; sudo bash -c ./btcpay-update.sh"
else
@ -28,6 +30,7 @@ fi
# run a restoration if specified.
if [ "$RUN_RESTORE" = true ]; then
# shellcheck disable=SC2029
ssh "$FQDN" "cd $REMOTE_HOME/btcpayserver-docker/; sudo bash -c ./btcpay-down.sh"
./restore_btcpay.sh
fi
@ -38,9 +41,10 @@ if [ "$RECONFIGURE_BTCPAY_SERVER" = true ]; then
./run_btcpay_setup.sh
fi
if [ "$MIGRATE_BTCPAY_SERVER" = false ]; then
if [ "$MIGRATE_VPS" = false ]; then
# The default is to resume services, though admin may want to keep services off (eg., for a migration)
# we bring the services back up by default.
# shellcheck disable=SC2029
ssh "$FQDN" "cd $REMOTE_HOME/btcpayserver-docker/; sudo bash -c ./btcpay-up.sh"
# we wait for lightning to comone line too.

View File

@ -40,9 +40,9 @@ else
# restore the certs. If they don't exist in a backup we restore from SITE_PATH
if [ -f "$SITE_PATH/certs.tar.gz" ]; then
scp "$SITE_PATH/certs.tar.gz" "ubuntu@$FQDN:$REMOTE_HOME/certs.tar.gz"
ssh "$FQDN" sudo tar -xvf "$REMOTE_HOME/certs.tar.gz" -C /etc
ssh "$FQDN" "sudo tar -xvf $REMOTE_HOME/certs.tar.gz -C /etc"
else
echo "ERROR: Certificates do not exist locally. You need to obtain some, perhaps by running with '--app=certonly'."
echo "ERROR: Certificates do not exist locally."
exit 1
fi
fi

View File

@ -2,7 +2,7 @@
sudo apt-get update
sudo apt-get install -y wait-for-it dnsutils tor rsync sshfs
sudo apt-get install -y wait-for-it dnsutils rsync sshfs
if [ ! -f $(which lxd) ]; then
sudo snap install lxd

View File

@ -143,6 +143,6 @@ devices:
type: disk
enp5s0:
nictype: macvlan
parent: ${DEV_MACVLAN_INTERFACE}
parent: ${MACVLAN_INTERFACE}
type: nic
name: ${LXD_VM_NAME}

View File

@ -1,6 +1,6 @@
#!/bin/bash
set -euo nounset
set -eux
cd "$(dirname "$0")"

View File

@ -17,4 +17,3 @@ scp -r "$LOCAL_BACKUP_PATH/" "$FQDN:$REMOTE_HOME/backups/$APP_TO_DEPLOY"
# now we run duplicity to restore the archive.
ssh "$FQDN" sudo PASSPHRASE="$DUPLICITY_BACKUP_PASSPHRASE" duplicity --force restore "file://$REMOTE_BACKUP_PATH/" "$REMOTE_HOME/"
#ssh "$FQDN" sudo tar -xvf "$REMOTE_HOME/certs.tar.gz" -C /etc

View File

@ -59,6 +59,10 @@ DOCKER_YAML_PATH="$SITE_PATH/appstack.yml"
export DOCKER_YAML_PATH="$DOCKER_YAML_PATH"
# TODO add file existence check
if [ ! -f "$SITE_PATH/site_definition" ]; then
echo "ERROR: site_definition does not exist."
exit 1
fi
# shellcheck disable=SC1090
source "$SITE_PATH/site_definition"