Compare commits
17 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
dd446a753e
|
|||
|
19f09254e8
|
|||
|
55dc01a3b0
|
|||
|
edf6f9a227
|
|||
|
2aa01b3305
|
|||
|
683987fa74
|
|||
|
2a74a27858
|
|||
|
53f7287f3f
|
|||
|
b57d9cfb6b
|
|||
|
13ed119d53
|
|||
|
12860ee6cf
|
|||
|
d66f65f963
|
|||
|
2eeba0b2cc
|
|||
|
5d9ac88d92
|
|||
|
e7fdc1246e
|
|||
|
c0914ee45a
|
|||
|
cbc349719f
|
@ -18,7 +18,7 @@ ssh "$BTCPAY_SERVER_FQDN" "mkdir -p $REMOTE_BACKUP_PATH; cd $REMOTE_DATA_PATH/;
|
|||||||
sleep 10
|
sleep 10
|
||||||
|
|
||||||
# TODO enable encrypted archives
|
# TODO enable encrypted archives
|
||||||
# TODO switch to btcpay-backup.sh
|
# TODO switch to btcpay-backup.sh when on LXD fully.
|
||||||
scp ./remote_scripts/btcpay-backup.sh "$BTCPAY_SERVER_FQDN:$REMOTE_DATA_PATH/btcpay-backup.sh"
|
scp ./remote_scripts/btcpay-backup.sh "$BTCPAY_SERVER_FQDN:$REMOTE_DATA_PATH/btcpay-backup.sh"
|
||||||
ssh "$BTCPAY_SERVER_FQDN" "sudo cp $REMOTE_DATA_PATH/btcpay-backup.sh $BTCPAY_SERVER_APPPATH/btcpay-backup.sh && sudo chmod 0755 $BTCPAY_SERVER_APPPATH/btcpay-backup.sh"
|
ssh "$BTCPAY_SERVER_FQDN" "sudo cp $REMOTE_DATA_PATH/btcpay-backup.sh $BTCPAY_SERVER_APPPATH/btcpay-backup.sh && sudo chmod 0755 $BTCPAY_SERVER_APPPATH/btcpay-backup.sh"
|
||||||
ssh "$BTCPAY_SERVER_FQDN" "cd $REMOTE_DATA_PATH/; sudo BTCPAY_BASE_DIRECTORY=$REMOTE_DATA_PATH BTCPAY_DOCKER_COMPOSE=$REMOTE_DATA_PATH/btcpayserver-docker/Generated/docker-compose.generated.yml bash -c $BTCPAY_SERVER_APPPATH/btcpay-backup.sh"
|
ssh "$BTCPAY_SERVER_FQDN" "cd $REMOTE_DATA_PATH/; sudo BTCPAY_BASE_DIRECTORY=$REMOTE_DATA_PATH BTCPAY_DOCKER_COMPOSE=$REMOTE_DATA_PATH/btcpayserver-docker/Generated/docker-compose.generated.yml bash -c $BTCPAY_SERVER_APPPATH/btcpay-backup.sh"
|
||||||
|
|||||||
@ -26,13 +26,19 @@ if [ "$UPDATE_BTCPAY" = true ]; then
|
|||||||
elif [ "$RESTORE_BTCPAY" = true ]; then
|
elif [ "$RESTORE_BTCPAY" = true ]; then
|
||||||
# run the update.
|
# run the update.
|
||||||
ssh "$BTCPAY_SERVER_FQDN" "bash -c $BTCPAY_SERVER_APPPATH/btcpay-down.sh"
|
ssh "$BTCPAY_SERVER_FQDN" "bash -c $BTCPAY_SERVER_APPPATH/btcpay-down.sh"
|
||||||
sleep 15
|
sleep 25
|
||||||
|
|
||||||
./restore.sh
|
./restore.sh
|
||||||
|
|
||||||
BACKUP_BTCPAY=false
|
BACKUP_BTCPAY=false
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# if the script gets this far, then we grab a regular backup.
|
||||||
|
if [ "$BACKUP_BTCPAY" = true ]; then
|
||||||
|
# we just grab a regular backup
|
||||||
|
./backup_btcpay.sh
|
||||||
|
fi
|
||||||
|
|
||||||
# The default is to resume services, though admin may want to keep services off (eg., for a migration)
|
# The default is to resume services, though admin may want to keep services off (eg., for a migration)
|
||||||
# we bring the services back up by default.
|
# we bring the services back up by default.
|
||||||
ssh "$BTCPAY_SERVER_FQDN" "bash -c $BTCPAY_SERVER_APPPATH/btcpay-up.sh"
|
ssh "$BTCPAY_SERVER_FQDN" "bash -c $BTCPAY_SERVER_APPPATH/btcpay-up.sh"
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
set -e
|
set -eu
|
||||||
|
|
||||||
export NEXTCLOUD_FQDN="$NEXTCLOUD_HOSTNAME.$DOMAIN_NAME"
|
export NEXTCLOUD_FQDN="$NEXTCLOUD_HOSTNAME.$DOMAIN_NAME"
|
||||||
export BTCPAY_USER_FQDN="$BTCPAY_HOSTNAME_IN_CERT.$DOMAIN_NAME"
|
export BTCPAY_USER_FQDN="$BTCPAY_HOSTNAME_IN_CERT.$DOMAIN_NAME"
|
||||||
@ -19,6 +19,7 @@ SHASUM_OF_DOMAIN="$(echo -n "$DOMAIN_NAME" | sha256sum | awk '{print $1;}' )"
|
|||||||
export DOMAIN_IDENTIFIER="${SHASUM_OF_DOMAIN: -6}"
|
export DOMAIN_IDENTIFIER="${SHASUM_OF_DOMAIN: -6}"
|
||||||
echo "$DOMAIN_IDENTIFIER" > "$SITE_PATH/domain_id"
|
echo "$DOMAIN_IDENTIFIER" > "$SITE_PATH/domain_id"
|
||||||
|
|
||||||
|
SITE_LANGUAGE_CODES=en
|
||||||
export LANGUAGE_CODE_COUNT=$(("$(echo "$SITE_LANGUAGE_CODES" | tr -cd , | wc -c)"+1))
|
export LANGUAGE_CODE_COUNT=$(("$(echo "$SITE_LANGUAGE_CODES" | tr -cd , | wc -c)"+1))
|
||||||
|
|
||||||
STACK_NAME="$DOMAIN_IDENTIFIER-en"
|
STACK_NAME="$DOMAIN_IDENTIFIER-en"
|
||||||
|
|||||||
2
lnplay
2
lnplay
@ -1 +1 @@
|
|||||||
Subproject commit e9a18f9385414c1dc34381f39c2709cf115c907f
|
Subproject commit 0a3562e4f2d477cdae17e8f675b4319aa0b07cf1
|
||||||
@ -27,12 +27,8 @@ export NEXTCLOUD_MYSQL_ROOT_PASSWORD=
|
|||||||
export GITEA_MYSQL_ROOT_PASSWORD=
|
export GITEA_MYSQL_ROOT_PASSWORD=
|
||||||
export DUPLICITY_BACKUP_PASSPHRASE=
|
export DUPLICITY_BACKUP_PASSPHRASE=
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
DEFAULT_DB_IMAGE="mariadb:10.11.2-jammy"
|
DEFAULT_DB_IMAGE="mariadb:10.11.2-jammy"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# run the docker stack.
|
# run the docker stack.
|
||||||
export GHOST_IMAGE="ghost:5.53.3"
|
export GHOST_IMAGE="ghost:5.53.3"
|
||||||
|
|
||||||
@ -54,6 +50,5 @@ export GITEA_DB_IMAGE="$DEFAULT_DB_IMAGE"
|
|||||||
|
|
||||||
export NOSTR_RELAY_IMAGE="scsibug/nostr-rs-relay"
|
export NOSTR_RELAY_IMAGE="scsibug/nostr-rs-relay"
|
||||||
|
|
||||||
|
|
||||||
export OTHER_SITES_LIST=
|
export OTHER_SITES_LIST=
|
||||||
export BTCPAY_ALT_NAMES=
|
export BTCPAY_ALT_NAMES=
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
set -exu
|
set -eu
|
||||||
cd "$(dirname "$0")"
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
APP=
|
APP=
|
||||||
|
|||||||
@ -3,7 +3,7 @@
|
|||||||
set -e
|
set -e
|
||||||
|
|
||||||
# let's do a refresh of the certificates. Let's Encrypt will not run if it's not time.
|
# let's do a refresh of the certificates. Let's Encrypt will not run if it's not time.
|
||||||
docker pull certbot/certbot:latest
|
docker pull -q certbot/certbot:latest
|
||||||
|
|
||||||
# iterate over each domain and call certbot
|
# iterate over each domain and call certbot
|
||||||
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
||||||
@ -15,7 +15,7 @@ for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
|||||||
source "$SITE_PATH/site.conf"
|
source "$SITE_PATH/site.conf"
|
||||||
source ../domain_env.sh
|
source ../domain_env.sh
|
||||||
|
|
||||||
# with the incus side, we are trying to expose ALL OUR services from one IP address, which terminates
|
# with the lxd side, we are trying to expose ALL OUR services from one IP address, which terminates
|
||||||
# at a cachehing reverse proxy that runs nginx.
|
# at a cachehing reverse proxy that runs nginx.
|
||||||
|
|
||||||
ssh "$PRIMARY_WWW_FQDN" sudo mkdir -p "$REMOTE_DATA_PATH_LETSENCRYPT/$DOMAIN_NAME/_logs"
|
ssh "$PRIMARY_WWW_FQDN" sudo mkdir -p "$REMOTE_DATA_PATH_LETSENCRYPT/$DOMAIN_NAME/_logs"
|
||||||
|
|||||||
12
www/go.sh
12
www/go.sh
@ -84,7 +84,17 @@ fi
|
|||||||
|
|
||||||
# generate the certs and grab a backup
|
# generate the certs and grab a backup
|
||||||
if [ "$RUN_CERT_RENEWAL" = true ] && [ "$RESTORE_CERTS" = false ] && [ "$STACKS_STILL_RUNNING" = false ]; then
|
if [ "$RUN_CERT_RENEWAL" = true ] && [ "$RESTORE_CERTS" = false ] && [ "$STACKS_STILL_RUNNING" = false ]; then
|
||||||
./generate_certs.sh
|
echo "SKIPPING CERT GENERATION"
|
||||||
|
#./generate_certs.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
if [ "$RESTORE_WWW" = true ]; then
|
||||||
|
APP_LIST="letsencrypt ghost gitea nostr"
|
||||||
|
for APP in $APP_LIST; do
|
||||||
|
export APP="$APP"
|
||||||
|
./restore_path.sh
|
||||||
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# nginx gets deployed first since it "owns" the docker networks of downstream services.
|
# nginx gets deployed first since it "owns" the docker networks of downstream services.
|
||||||
|
|||||||
@ -3,6 +3,13 @@
|
|||||||
set -eu
|
set -eu
|
||||||
cd "$(dirname "$0")"
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
|
# these variable are used by both backup/restore scripts.
|
||||||
|
export REMOTE_BACKUP_PATH="$REMOTE_BACKUP_PATH/www/$APP/$DOMAIN_IDENTIFIER"
|
||||||
|
export REMOTE_SOURCE_BACKUP_PATH="$REMOTE_DATA_PATH/$APP/$DOMAIN_NAME"
|
||||||
|
|
||||||
|
export LOCAL_BACKUP_PATH="$SITE_PATH/backups/www/$APP"
|
||||||
|
mkdir -p "$LOCAL_BACKUP_PATH"
|
||||||
|
|
||||||
FILE_COUNT="$(find "$LOCAL_BACKUP_PATH" -type f | wc -l)"
|
FILE_COUNT="$(find "$LOCAL_BACKUP_PATH" -type f | wc -l)"
|
||||||
if [ "$FILE_COUNT" = 0 ]; then
|
if [ "$FILE_COUNT" = 0 ]; then
|
||||||
exit 0
|
exit 0
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
set -exu
|
set -eu
|
||||||
cd "$(dirname "$0")"
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
# this scripts brings down the docker stacks on www
|
# this scripts brings down the docker stacks on www
|
||||||
@ -23,7 +23,7 @@ for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
|||||||
STACK_NAME="$DOMAIN_IDENTIFIER-$APP-$LANGUAGE_CODE"
|
STACK_NAME="$DOMAIN_IDENTIFIER-$APP-$LANGUAGE_CODE"
|
||||||
|
|
||||||
if docker stack list --format "{{.Name}}" | grep -q "$STACK_NAME"; then
|
if docker stack list --format "{{.Name}}" | grep -q "$STACK_NAME"; then
|
||||||
docker stack rm "$STACK_NAME"
|
docker stack rm "$STACK_NAME" > /dev/null
|
||||||
sleep 2
|
sleep 2
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -45,7 +45,7 @@ done
|
|||||||
|
|
||||||
# remove the nginx stack
|
# remove the nginx stack
|
||||||
if docker stack list --format "{{.Name}}" | grep -q reverse-proxy; then
|
if docker stack list --format "{{.Name}}" | grep -q reverse-proxy; then
|
||||||
docker stack rm reverse-proxy
|
docker stack rm reverse-proxy > /dev/null
|
||||||
|
|
||||||
sleep 10
|
sleep 10
|
||||||
fi
|
fi
|
||||||
|
|||||||
@ -4,7 +4,7 @@ set -eu
|
|||||||
cd "$(dirname "$0")"
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
|
|
||||||
docker pull "$GHOST_IMAGE"
|
docker pull -q "$GHOST_IMAGE"
|
||||||
|
|
||||||
DEPLOY_STACK=false
|
DEPLOY_STACK=false
|
||||||
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
||||||
|
|||||||
@ -4,8 +4,8 @@ set -eu
|
|||||||
cd "$(dirname "$0")"
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
|
|
||||||
docker pull "$GITEA_IMAGE"
|
docker pull -q "$GITEA_IMAGE"
|
||||||
docker pull "$GITEA_DB_IMAGE"
|
docker pull -q "$GITEA_DB_IMAGE"
|
||||||
|
|
||||||
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
||||||
export DOMAIN_NAME="$DOMAIN_NAME"
|
export DOMAIN_NAME="$DOMAIN_NAME"
|
||||||
|
|||||||
@ -4,7 +4,7 @@ set -eu
|
|||||||
cd "$(dirname "$0")"
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
|
|
||||||
docker pull "$NEXTCLOUD_IMAGE"
|
docker pull -q "$NEXTCLOUD_IMAGE"
|
||||||
|
|
||||||
|
|
||||||
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
||||||
|
|||||||
@ -251,6 +251,7 @@ EOL
|
|||||||
|
|
||||||
# Route everything to the real BTCPay server
|
# Route everything to the real BTCPay server
|
||||||
location / {
|
location / {
|
||||||
|
#proxy_pass http://${BTCPAY_SERVER_FQDN//./-}.lxd:80;
|
||||||
proxy_pass http://10.10.10.66:80;
|
proxy_pass http://10.10.10.66:80;
|
||||||
proxy_set_header Host \$http_host;
|
proxy_set_header Host \$http_host;
|
||||||
proxy_set_header X-Forwarded-Proto \$scheme;
|
proxy_set_header X-Forwarded-Proto \$scheme;
|
||||||
|
|||||||
@ -3,7 +3,7 @@
|
|||||||
set -e
|
set -e
|
||||||
cd "$(dirname "$0")"
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
docker pull "$NGINX_IMAGE"
|
docker pull -q "$NGINX_IMAGE"
|
||||||
|
|
||||||
#https://github.com/fiatjaf/expensive-relay
|
#https://github.com/fiatjaf/expensive-relay
|
||||||
# NOSTR RELAY WHICH REQUIRES PAYMENTS.
|
# NOSTR RELAY WHICH REQUIRES PAYMENTS.
|
||||||
|
|||||||
@ -3,7 +3,7 @@
|
|||||||
set -eu
|
set -eu
|
||||||
cd "$(dirname "$0")"
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
docker pull "$NOSTR_RELAY_IMAGE"
|
docker pull -q "$NOSTR_RELAY_IMAGE"
|
||||||
|
|
||||||
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
|
||||||
export DOMAIN_NAME="$DOMAIN_NAME"
|
export DOMAIN_NAME="$DOMAIN_NAME"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user