forked from ss/sovereign-stack
Minor updates to control.
This commit is contained in:
parent
3f94dbb62a
commit
806794c308
@ -31,11 +31,11 @@ fi
|
||||
# if [ "$VPS_HOSTING_TARGET" != lxd ]; then
|
||||
|
||||
|
||||
# really we should change this if clause to some thing like
|
||||
# "if the perimeter firewall allows port 80/443, then go ahead."
|
||||
# really we should change this if clause to some thing like
|
||||
# "if the perimeter firewall allows port 80/443, then go ahead."
|
||||
if [ "$RUN_CERT_RENEWAL" = true ]; then
|
||||
./generate_certs.sh
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$RUN_BACKUP" = true ]; then
|
||||
./backup_www.sh
|
||||
|
@ -2,12 +2,6 @@
|
||||
|
||||
set -eux
|
||||
|
||||
# check to ensure the admin has specified a MACVLAN interface
|
||||
if [ -z "$MACVLAN_INTERFACE" ]; then
|
||||
echo "ERROR: MACVLAN_INTERFACE not defined in project."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# The base VM image.
|
||||
BASE_LXC_IMAGE="ubuntu/22.04/cloud"
|
||||
|
||||
@ -24,7 +18,7 @@ export SSH_AUTHORIZED_KEY="$SSH_AUTHORIZED_KEY"
|
||||
envsubst < ./lxc_profile.yml > "$SITE_PATH/cloud-init-$APP_TO_DEPLOY.yml"
|
||||
|
||||
# configure the profile with our generated cloud-init.yml file.
|
||||
lxc profile edit "$LXD_VM_NAME" < "$SITE_PATH/cloud-init-$APP_TO_DEPLOY.yml"
|
||||
cat "$SITE_PATH/cloud-init-$APP_TO_DEPLOY.yml" | lxc profile edit "$LXD_VM_NAME"
|
||||
|
||||
function wait_for_lxc_ip {
|
||||
|
||||
|
@ -41,7 +41,6 @@ if [ "$APP_TO_DEPLOY" = www ] || [ "$APP_TO_DEPLOY" = certonly ]; then
|
||||
docker-machine create --driver amazonec2 \
|
||||
--amazonec2-open-port 80 \
|
||||
--amazonec2-open-port 443 \
|
||||
--amazonec2-open-port 8448 \
|
||||
--amazonec2-access-key "$AWS_ACCESS_KEY" \
|
||||
--amazonec2-secret-key "$AWS_SECRET_ACCESS_KEY" \
|
||||
--amazonec2-region "$AWS_REGION" \
|
||||
@ -70,7 +69,7 @@ elif [ "$APP_TO_DEPLOY" = btcpay ]; then
|
||||
|
||||
fi
|
||||
|
||||
docker-machine scp "$SITE_PATH/authorized_keys" "$FQDN:$REMOTE_HOME/authorized_keys"
|
||||
docker-machine scp "$LXD_REMOTE_PATH/authorized_keys" "$FQDN:$REMOTE_HOME/authorized_keys"
|
||||
docker-machine ssh "$FQDN" "cat $REMOTE_HOME/authorized_keys >> $REMOTE_HOME/.ssh/authorized_keys"
|
||||
|
||||
# we have to ensure ubuntu is able to do sudo less docker commands.
|
||||
|
@ -41,12 +41,14 @@ export BTCPAY_ENABLE_SSH=true
|
||||
|
||||
cd btcpayserver-docker
|
||||
|
||||
# run fast_sync if it's not been done before.
|
||||
if [ ! -f /home/ubuntu/fast_sync_completed ]; then
|
||||
if [ "${BTC_CHAIN}" != regtest ]; then
|
||||
# run fast_sync if it's not been done before.
|
||||
if [ ! -f /home/ubuntu/fast_sync_completed ]; then
|
||||
cd ./contrib/FastSync
|
||||
./load-utxo-set.sh
|
||||
touch /home/ubuntu/fast_sync_completed
|
||||
cd -
|
||||
fi
|
||||
fi
|
||||
|
||||
# provision the btcpay server
|
||||
|
@ -33,7 +33,6 @@ cat >>"$DOCKER_YAML_PATH" <<EOL
|
||||
- ${REMOTE_HOME}/ghost_site:/var/lib/ghost/content
|
||||
environment:
|
||||
- url=https://${FQDN}
|
||||
- mail__from="${MAIL_FROM}"
|
||||
- mail__options__service=SMTP
|
||||
- mail__transport=SMTP
|
||||
- mail__options__host=${SMTP_SERVER}
|
||||
@ -189,7 +188,6 @@ cat >>"$DOCKER_YAML_PATH" <<EOL
|
||||
- ${REMOTE_HOME}/tor_ghost:/var/lib/ghost/content
|
||||
environment:
|
||||
- url=https://${ONION_ADDRESS}
|
||||
- mail__from=${MAIL_FROM}
|
||||
- mail__options__service=SMTP
|
||||
- mail__transport=SMTP
|
||||
- mail__options__host=${SMTP_SERVER}
|
||||
@ -217,20 +215,6 @@ cat >>"$DOCKER_YAML_PATH" <<EOL
|
||||
ports:
|
||||
- 0.0.0.0:443:443
|
||||
- 0.0.0.0:80:80
|
||||
- 0.0.0.0:8448:8448
|
||||
networks:
|
||||
- ghost-net
|
||||
EOL
|
||||
|
||||
|
||||
# NGINX required
|
||||
cat >>"$DOCKER_YAML_PATH" <<EOL
|
||||
nginx:
|
||||
image: ${NGINX_IMAGE}
|
||||
ports:
|
||||
- 0.0.0.0:443:443
|
||||
- 0.0.0.0:80:80
|
||||
- 0.0.0.0:8448:8448
|
||||
networks:
|
||||
- ghost-net
|
||||
EOL
|
||||
@ -262,7 +246,7 @@ fi
|
||||
# the rest of the nginx config
|
||||
cat >>"$DOCKER_YAML_PATH" <<EOL
|
||||
volumes:
|
||||
- /etc/letsencrypt:/etc/letsencrypt:ro
|
||||
- ${REMOTE_HOME}/letsencrypt:/etc/letsencrypt:ro
|
||||
configs:
|
||||
- source: nginx-config
|
||||
target: /etc/nginx/nginx.conf
|
||||
|
Loading…
Reference in New Issue
Block a user