diff --git a/defaults.sh b/defaults.sh index b3e7c11..5831135 100644 --- a/defaults.sh +++ b/defaults.sh @@ -2,7 +2,7 @@ set -eu -export DEPLOY_WWW_SERVER=true +export DEPLOY_WWW_SERVER=false export DEPLOY_BTCPPAY_SERVER=false export DEPLOY_UMBREL_VPS=false @@ -44,8 +44,8 @@ export SMTP_PORT="587" export AWS_REGION="us-east-1" # AMI NAME: -# ubuntu-minimal/images/hvm-ssd/ubuntu-hirsute-21.04-amd64-minimal-20211130-907a40d2-dca2-4750-b073-b3254c031ab6 -export AWS_AMI_ID="ami-080435381cbbb5b9b" +# ubuntu-minimal/images/hvm-ssd/ubuntu-impish-21.10-amd64-minimal-20220308-f7c42f71-5c9c-40c0-b808-ada8557fe9a2 +export AWS_AMI_ID="ami-0ab880898e027d4c1" WWW_INSTANCE_TYPE="t2.micro" BTCPAY_INSTANCE_TYPE="t2.medium" @@ -120,7 +120,6 @@ fi export SITE_PATH="$SITE_PATH" export BTC_CHAIN="$BTC_CHAIN" -export DEPLOY_BTCPAY_SERVER=false # if we're running aws/public, we enable nginx caching since it's a public site. if [ "$VPS_HOSTING_TARGET" = aws ]; then @@ -132,12 +131,12 @@ DEFAULT_DB_IMAGE="mariadb:10.6.5" export ENABLE_NGINX_CACHING="$ENABLE_NGINX_CACHING" # run the docker stack. -export GHOST_IMAGE="ghost:4.32.0" +export GHOST_IMAGE="ghost:4.44.0" export GHOST_DB_IMAGE="$DEFAULT_DB_IMAGE" -export NGINX_IMAGE="nginx:1.21.4" -export NEXTCLOUD_IMAGE="nextcloud:23.0.0" +export NGINX_IMAGE="nginx:1.21.6" +export NEXTCLOUD_IMAGE="nextcloud:23.0.2" export NEXTCLOUD_DB_IMAGE="$DEFAULT_DB_IMAGE" -export MATRIX_IMAGE="matrixdotorg/synapse:v1.49.0" -export MATRIX_DB_IMAGE="postgres:13.4" +export MATRIX_IMAGE="matrixdotorg/synapse:v1.52.0" +export MATRIX_DB_IMAGE="postgres:13.6" export GITEA_IMAGE="gitea/gitea:latest" export GITEA_DB_IMAGE="$DEFAULT_DB_IMAGE" diff --git a/deploy.sh b/deploy.sh index be2890a..b295131 100755 --- a/deploy.sh +++ b/deploy.sh @@ -3,7 +3,7 @@ set -exuo nounset cd "$(dirname "$0")" -USER_DELETE_MACHINE=false +MIGRATE_VPS=false DOMAIN_NAME= VPS_HOSTING_TARGET=lxd RUN_CERT_RENEWAL=true @@ -15,7 +15,10 @@ MIGRATE_BTCPAY_SERVER=false RECONFIGURE_BTCPAY_SERVER=false BTCPAY_ADDITIONAL_HOSTNAMES= LXD_DISK_TO_USE= -DEV_BTCPAY_MAC_ADDRESS= +DEPLOY_BTCPAY_SERVER=false +REDEPLOY_STACK=false +MACVLAN_INTERFACE= + for i in "$@"; do case $i in @@ -39,8 +42,8 @@ for i in "$@"; do USER_NO_BACKUP=true shift ;; - --delete) - USER_DELETE_MACHINE=true + --migrate) + MIGRATE_VPS=true shift ;; --storage-backend=*) @@ -79,6 +82,7 @@ export BTC_CHAIN="$BTC_CHAIN" export UPDATE_BTCPAY="$UPDATE_BTCPAY" export MIGRATE_BTCPAY_SERVER="$MIGRATE_BTCPAY_SERVER" export RECONFIGURE_BTCPAY_SERVER="$RECONFIGURE_BTCPAY_SERVER" +export MACVLAN_INTERFACE="$MACVLAN_INTERFACE" # # first of all, if there are uncommited changes, we quit. You better stash your work yo! # if git update-index --refresh| grep -q "needs update"; then @@ -108,7 +112,8 @@ for APP_TO_DEPLOY in btcpay www umbrel; do # skip if the server config is set to not deploy. if [ "$APP_TO_DEPLOY" = www ]; then - FQDN="$WWW_HOSTNAME.$DOMAIN_NAME" + VPS_HOSTNAME="$WWW_HOSTNAME" + MAC_ADDRESS_TO_PROVISION="$WWW_MAC_ADDRESS" if [ "$DEPLOY_WWW_SERVER" = false ]; then continue fi @@ -123,6 +128,9 @@ for APP_TO_DEPLOY in btcpay www umbrel; do fi fi + export MAC_ADDRESS_TO_PROVISION="$MAC_ADDRESS_TO_PROVISION" + export VPS_HOSTNAME="$VPS_HOSTNAME" + export FQDN="$VPS_HOSTNAME.$DOMAIN_NAME" # generate the docker yaml and nginx configs. ./stub_docker_yml.sh @@ -143,7 +151,9 @@ for APP_TO_DEPLOY in btcpay www umbrel; do if [ "$MACHINE_EXISTS" = true ]; then # we delete the machine if the user has directed us to - if [ "$USER_DELETE_MACHINE" = true ]; then + if [ "$MIGRATE_VPS" = true ]; then + + # run the domain_init based on user input. if [ "$USER_NO_BACKUP" = true ]; then echo "Machine exists. We don't need to back it up because the user has directed --no-backup." @@ -160,6 +170,7 @@ for APP_TO_DEPLOY in btcpay www umbrel; do fi elif [ "$VPS_HOSTING_TARGET" = lxd ]; then lxc delete --force "$LXD_VM_NAME" + USER_RUN_RESTORE=true fi # Then we run the script again to re-instantiate a new VPS, restoring all user data @@ -178,7 +189,7 @@ for APP_TO_DEPLOY in btcpay www umbrel; do RUN_RESTORE="$USER_RUN_RESTORE" RUN_BACKUP="$RUN_BACKUP" RUN_SERVICES=true ./domain_init.sh fi else - if [ "$USER_DELETE_MACHINE" = true ]; then + if [ "$MIGRATE_VPS" = true ]; then echo "INFO: User has indicated to delete the machine, but it doesn't exist. Going to create it anyway." fi diff --git a/domain_init.sh b/domain_init.sh index da18d44..65ff50c 100755 --- a/domain_init.sh +++ b/domain_init.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -exuo nounset +set -eux cd "$(dirname "$0")" # let's make sure we have an ssh keypair. We just use ~/.ssh/id_rsa @@ -44,20 +44,20 @@ elif [ "$VPS_HOSTING_TARGET" = lxd ]; then ssh-keygen -f "$SSH_HOME/known_hosts" -R "$FQDN" #check to ensure the MACVLAN interface has been set by the user - if [ -z "$DEV_MACVLAN_INTERFACE" ]; then - echo "ERROR: DEV_MACVLAN_INTERFACE has not been defined. Use '--macvlan-interface=eno1' for example." + if [ -z "$MACVLAN_INTERFACE" ]; then + echo "ERROR: MACVLAN_INTERFACE has not been defined. Use '--macvlan-interface=eno1' for example." exit 1 fi # let's first check to ensure there's a cert.tar.gz. We need a valid cert for testing. if [ ! -f "$SITE_PATH/certs.tar.gz" ]; then - echo "ERROR: We need a valid cert for testing. Please use the '--app=certonly' first." - exit + echo "ERROR: We need a valid cert for testing." + exit 1 fi # if the machine doesn't exist, we create it. if ! lxc list --format csv | grep -q "$LXD_VM_NAME"; then - RUN_BACKUP=false + export RUN_BACKUP=false # create a base image if needed and instantiate a VM. ./provision_lxc.sh diff --git a/go_btcpay.sh b/go_btcpay.sh index 11eea5b..3c8bd6c 100755 --- a/go_btcpay.sh +++ b/go_btcpay.sh @@ -1,9 +1,10 @@ #!/bin/bash -set -exuo nounset +set -exu cd "$(dirname "$0")" if [ "$RUN_BACKUP" = true ]; then + # shellcheck disable=SC2029 ssh "$FQDN" "cd $REMOTE_HOME/btcpayserver-docker/; sudo bash -c ./btcpay-down.sh" fi @@ -17,6 +18,7 @@ if [ "$UPDATE_BTCPAY" = true ]; then fi # run the update. + # shellcheck disable=SC2029 ssh "$FQDN" "cd $REMOTE_HOME/btcpayserver-docker/; sudo bash -c ./btcpay-update.sh" else @@ -28,6 +30,7 @@ fi # run a restoration if specified. if [ "$RUN_RESTORE" = true ]; then + # shellcheck disable=SC2029 ssh "$FQDN" "cd $REMOTE_HOME/btcpayserver-docker/; sudo bash -c ./btcpay-down.sh" ./restore_btcpay.sh fi @@ -38,9 +41,10 @@ if [ "$RECONFIGURE_BTCPAY_SERVER" = true ]; then ./run_btcpay_setup.sh fi -if [ "$MIGRATE_BTCPAY_SERVER" = false ]; then +if [ "$MIGRATE_VPS" = false ]; then # The default is to resume services, though admin may want to keep services off (eg., for a migration) # we bring the services back up by default. + # shellcheck disable=SC2029 ssh "$FQDN" "cd $REMOTE_HOME/btcpayserver-docker/; sudo bash -c ./btcpay-up.sh" # we wait for lightning to comone line too. diff --git a/go_www.sh b/go_www.sh index ff8f90f..eae4db3 100755 --- a/go_www.sh +++ b/go_www.sh @@ -40,9 +40,9 @@ else # restore the certs. If they don't exist in a backup we restore from SITE_PATH if [ -f "$SITE_PATH/certs.tar.gz" ]; then scp "$SITE_PATH/certs.tar.gz" "ubuntu@$FQDN:$REMOTE_HOME/certs.tar.gz" - ssh "$FQDN" sudo tar -xvf "$REMOTE_HOME/certs.tar.gz" -C /etc + ssh "$FQDN" "sudo tar -xvf $REMOTE_HOME/certs.tar.gz -C /etc" else - echo "ERROR: Certificates do not exist locally. You need to obtain some, perhaps by running with '--app=certonly'." + echo "ERROR: Certificates do not exist locally." exit 1 fi fi diff --git a/install.sh b/install.sh index 6643b4a..c225639 100755 --- a/install.sh +++ b/install.sh @@ -2,7 +2,7 @@ sudo apt-get update -sudo apt-get install -y wait-for-it dnsutils tor rsync sshfs +sudo apt-get install -y wait-for-it dnsutils rsync sshfs if [ ! -f $(which lxd) ]; then sudo snap install lxd diff --git a/lxc_profile.yml b/lxc_profile.yml index 0063812..3cc5f4a 100644 --- a/lxc_profile.yml +++ b/lxc_profile.yml @@ -143,6 +143,6 @@ devices: type: disk enp5s0: nictype: macvlan - parent: ${DEV_MACVLAN_INTERFACE} + parent: ${MACVLAN_INTERFACE} type: nic name: ${LXD_VM_NAME} diff --git a/provision_vps.sh b/provision_vps.sh index 58ab794..b56c5c6 100755 --- a/provision_vps.sh +++ b/provision_vps.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -euo nounset +set -eux cd "$(dirname "$0")" diff --git a/restore_www.sh b/restore_www.sh index 1fd352d..32ab1eb 100755 --- a/restore_www.sh +++ b/restore_www.sh @@ -17,4 +17,3 @@ scp -r "$LOCAL_BACKUP_PATH/" "$FQDN:$REMOTE_HOME/backups/$APP_TO_DEPLOY" # now we run duplicity to restore the archive. ssh "$FQDN" sudo PASSPHRASE="$DUPLICITY_BACKUP_PASSPHRASE" duplicity --force restore "file://$REMOTE_BACKUP_PATH/" "$REMOTE_HOME/" -#ssh "$FQDN" sudo tar -xvf "$REMOTE_HOME/certs.tar.gz" -C /etc diff --git a/shared.sh b/shared.sh index 4377daa..e824ed7 100755 --- a/shared.sh +++ b/shared.sh @@ -59,6 +59,10 @@ DOCKER_YAML_PATH="$SITE_PATH/appstack.yml" export DOCKER_YAML_PATH="$DOCKER_YAML_PATH" # TODO add file existence check +if [ ! -f "$SITE_PATH/site_definition" ]; then + echo "ERROR: site_definition does not exist." + exit 1 +fi # shellcheck disable=SC1090 source "$SITE_PATH/site_definition"