Update to latest project head.
This commit is contained in:
parent
88291a2ee0
commit
68f487a5dc
@ -1,3 +1,3 @@
|
|||||||
# Documentation
|
# Documentation
|
||||||
|
|
||||||
All documentation for this project can be found at [sovereign-stack.org](https://www.sovereign-stack.org).
|
All documentation for this project can be found at [sovereign-stack.org](https://www.sovereign-stack.org). To get started with this code, check out [this post](https://www.sovereign-stack.org/get/).
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
# https://www.sovereign-stack.org/ss-down/
|
# https://www.sovereign-stack.org/ss-down/
|
||||||
|
|
||||||
set -eu
|
set -exu
|
||||||
cd "$(dirname "$0")"
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
if lxc remote get-default -q | grep -q "local"; then
|
if lxc remote get-default -q | grep -q "local"; then
|
||||||
@ -15,6 +15,7 @@ OTHER_SITES_LIST=
|
|||||||
SKIP_BTCPAYSERVER=false
|
SKIP_BTCPAYSERVER=false
|
||||||
SKIP_WWW=false
|
SKIP_WWW=false
|
||||||
SKIP_CLAMSSERVER=false
|
SKIP_CLAMSSERVER=false
|
||||||
|
BACKUP_WWW_APPS=true
|
||||||
|
|
||||||
# grab any modifications from the command line.
|
# grab any modifications from the command line.
|
||||||
for i in "$@"; do
|
for i in "$@"; do
|
||||||
@ -77,6 +78,14 @@ for VIRTUAL_MACHINE in $SERVERS; do
|
|||||||
if lxc list | grep -q "$LXD_NAME"; then
|
if lxc list | grep -q "$LXD_NAME"; then
|
||||||
bash -c "./stop.sh --server=$VIRTUAL_MACHINE"
|
bash -c "./stop.sh --server=$VIRTUAL_MACHINE"
|
||||||
|
|
||||||
|
if [ "$VIRTUAL_MACHINE" = www ] && [ "$BACKUP_WWW_APPS" = true ]; then
|
||||||
|
APP_LIST="letsencrypt ghost nextcloud gitea nostr"
|
||||||
|
echo "INFO: Backing up WWW apps."
|
||||||
|
for APP in $APP_LIST; do
|
||||||
|
bash -c "$(pwd)/project/www/backup_www.sh --app=$APP"
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
lxc stop "$LXD_NAME"
|
lxc stop "$LXD_NAME"
|
||||||
|
|
||||||
lxc delete "$LXD_NAME"
|
lxc delete "$LXD_NAME"
|
||||||
|
@ -1 +1 @@
|
|||||||
Subproject commit 56e0e057a612fce1150c36b29932c2e6ccf64542
|
Subproject commit 9eceb40dba3946011723321d059614c9d9acf8fe
|
@ -4,7 +4,6 @@
|
|||||||
set -e
|
set -e
|
||||||
cd "$(dirname "$0")"
|
cd "$(dirname "$0")"
|
||||||
|
|
||||||
|
|
||||||
PURGE_LXD=false
|
PURGE_LXD=false
|
||||||
|
|
||||||
# grab any modifications from the command line.
|
# grab any modifications from the command line.
|
||||||
@ -72,9 +71,10 @@ if [ "$PURGE_LXD" = true ]; then
|
|||||||
# done
|
# done
|
||||||
# done
|
# done
|
||||||
|
|
||||||
if lxc storage list --format csv | grep -q ss-base; then
|
echo "WARNING: ss-basae NOT DELETED. NEED TO TEST THIS SCRIPT"
|
||||||
lxc storage delete ss-base
|
# if lxc storage list --format csv | grep -q ss-base; then
|
||||||
fi
|
# lxc storage delete ss-base
|
||||||
|
# fi
|
||||||
|
|
||||||
CURRENT_REMOTE="$(lxc remote get-default)"
|
CURRENT_REMOTE="$(lxc remote get-default)"
|
||||||
if ! lxc remote get-default | grep -q "local"; then
|
if ! lxc remote get-default | grep -q "local"; then
|
||||||
|
4
deployment/restore.sh
Executable file
4
deployment/restore.sh
Executable file
@ -0,0 +1,4 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -exu
|
||||||
|
|
@ -53,7 +53,12 @@ if [ "$SERVER_TO_STOP" = www ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$SERVER_TO_STOP" = btcpayserver ]; then
|
if [ "$SERVER_TO_STOP" = btcpayserver ]; then
|
||||||
|
if wait-for-it -t 5 "$BTCPAY_SERVER_FQDN":22; then
|
||||||
ssh "$BTCPAY_SERVER_FQDN" "bash -c $BTCPAY_SERVER_APPPATH/btcpay-down.sh"
|
ssh "$BTCPAY_SERVER_FQDN" "bash -c $BTCPAY_SERVER_APPPATH/btcpay-down.sh"
|
||||||
|
else
|
||||||
|
echo "ERROR: the remote BTCPAY Server is not available on ssh."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$SERVER_TO_STOP" = clamsserver ]; then
|
if [ "$SERVER_TO_STOP" = clamsserver ]; then
|
||||||
|
@ -38,13 +38,13 @@ OTHER_SITES_LIST=
|
|||||||
PRIMARY_DOMAIN=
|
PRIMARY_DOMAIN=
|
||||||
RUN_CERT_RENEWAL=true
|
RUN_CERT_RENEWAL=true
|
||||||
SKIP_BASE_IMAGE_CREATION=false
|
SKIP_BASE_IMAGE_CREATION=false
|
||||||
|
RESTORE_WWW=false
|
||||||
RESTORE_CERTS=false
|
RESTORE_CERTS=false
|
||||||
BACKUP_CERTS=true
|
BACKUP_CERTS=true
|
||||||
BACKUP_BTCPAY=true
|
BACKUP_BTCPAY=true
|
||||||
SKIP_BTCPAYSERVER=false
|
SKIP_BTCPAYSERVER=false
|
||||||
SKIP_WWW=false
|
SKIP_WWW=false
|
||||||
SKIP_CLAMSSERVER=false
|
SKIP_CLAMSSERVER=false
|
||||||
BACKUP_WWW_APPS=true
|
|
||||||
BACKUP_BTCPAY_ARCHIVE_PATH=
|
BACKUP_BTCPAY_ARCHIVE_PATH=
|
||||||
RESTORE_BTCPAY=false
|
RESTORE_BTCPAY=false
|
||||||
UPDATE_BTCPAY=false
|
UPDATE_BTCPAY=false
|
||||||
@ -62,6 +62,10 @@ for i in "$@"; do
|
|||||||
RESTORE_CERTS=true
|
RESTORE_CERTS=true
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
|
--restore-wwwserver)
|
||||||
|
RESTORE_WWW=true
|
||||||
|
shift
|
||||||
|
;;
|
||||||
--restore-btcpay)
|
--restore-btcpay)
|
||||||
RESTORE_BTCPAY=true
|
RESTORE_BTCPAY=true
|
||||||
shift
|
shift
|
||||||
@ -124,6 +128,7 @@ fi
|
|||||||
export REGISTRY_DOCKER_IMAGE="registry:2"
|
export REGISTRY_DOCKER_IMAGE="registry:2"
|
||||||
export BACKUP_CERTS="$BACKUP_CERTS"
|
export BACKUP_CERTS="$BACKUP_CERTS"
|
||||||
export RESTORE_BTCPAY="$RESTORE_BTCPAY"
|
export RESTORE_BTCPAY="$RESTORE_BTCPAY"
|
||||||
|
export RESTORE_WWW="$RESTORE_WWW"
|
||||||
export BACKUP_BTCPAY="$BACKUP_BTCPAY"
|
export BACKUP_BTCPAY="$BACKUP_BTCPAY"
|
||||||
export RUN_CERT_RENEWAL="$RUN_CERT_RENEWAL"
|
export RUN_CERT_RENEWAL="$RUN_CERT_RENEWAL"
|
||||||
export REMOTE_NAME="$REMOTE_NAME"
|
export REMOTE_NAME="$REMOTE_NAME"
|
||||||
@ -131,7 +136,6 @@ export REMOTE_PATH="$REMOTES_PATH/$REMOTE_NAME"
|
|||||||
export USER_SAYS_YES="$USER_SAYS_YES"
|
export USER_SAYS_YES="$USER_SAYS_YES"
|
||||||
export BACKUP_BTCPAY_ARCHIVE_PATH="$BACKUP_BTCPAY_ARCHIVE_PATH"
|
export BACKUP_BTCPAY_ARCHIVE_PATH="$BACKUP_BTCPAY_ARCHIVE_PATH"
|
||||||
export RESTORE_CERTS="$RESTORE_CERTS"
|
export RESTORE_CERTS="$RESTORE_CERTS"
|
||||||
export BACKUP_WWW_APPS="$BACKUP_WWW_APPS"
|
|
||||||
|
|
||||||
# todo convert this to Trezor-T
|
# todo convert this to Trezor-T
|
||||||
SSH_PUBKEY_PATH="$SSH_HOME/id_rsa.pub"
|
SSH_PUBKEY_PATH="$SSH_HOME/id_rsa.pub"
|
||||||
@ -430,25 +434,26 @@ if [ "$SKIP_CLAMSSERVER" = false ]; then
|
|||||||
if [ -n "$CLAMS_SERVER_MAC_ADDRESS" ]; then
|
if [ -n "$CLAMS_SERVER_MAC_ADDRESS" ]; then
|
||||||
export DOCKER_HOST="ssh://ubuntu@$CLAMS_SERVER_FQDN"
|
export DOCKER_HOST="ssh://ubuntu@$CLAMS_SERVER_FQDN"
|
||||||
|
|
||||||
# enable docker swarm mode so we can support docker stacks.
|
|
||||||
if docker info | grep -q "Swarm: inactive"; then
|
|
||||||
docker swarm init
|
|
||||||
fi
|
|
||||||
|
|
||||||
# set the active env to our CLAMS_FQDN
|
# set the active env to our CLAMS_FQDN
|
||||||
cat >./project/clams-server/active_env.txt <<EOL
|
cat >./project/clams-server/active_env.txt <<EOL
|
||||||
${CLAMS_SERVER_FQDN}
|
${CLAMS_SERVER_FQDN}
|
||||||
EOL
|
EOL
|
||||||
|
|
||||||
|
CLAMS_ENV_FILE=./project/clams-server/environments/"$CLAMS_SERVER_FQDN"
|
||||||
|
|
||||||
|
# only stub out the file if it doesn't exist. otherwise we leave it be.
|
||||||
|
if [ ! -f "$CLAMS_ENV_FILE" ]; then
|
||||||
# and we have to set our environment file as well.
|
# and we have to set our environment file as well.
|
||||||
cat > ./project/clams-server/environments/"$CLAMS_SERVER_FQDN" <<EOL
|
cat > "$CLAMS_ENV_FILE" <<EOL
|
||||||
DOCKER_HOST=ssh://ubuntu@${CLAMS_SERVER_FQDN}
|
DOCKER_HOST=ssh://ubuntu@${CLAMS_SERVER_FQDN}
|
||||||
DOMAIN_NAME=${PRIMARY_DOMAIN}
|
DOMAIN_NAME=${PRIMARY_DOMAIN}
|
||||||
ENABLE_TLS=true
|
ENABLE_TLS=true
|
||||||
BTC_CHAIN=${BITCOIN_CHAIN}
|
BTC_CHAIN=${BITCOIN_CHAIN}
|
||||||
CLN_COUNT=5
|
CLN_COUNT=200
|
||||||
CHANNEL_SETUP=prism
|
CHANNEL_SETUP=none
|
||||||
CLAMS_SERVER_PATH=${SITES_PATH}/${PRIMARY_DOMAIN}/clamsserver
|
CLAMS_SERVER_PATH=${SITES_PATH}/${PRIMARY_DOMAIN}/clamsserver
|
||||||
EOL
|
EOL
|
||||||
|
fi
|
||||||
|
|
||||||
bash -c "./project/clams-server/up.sh -y"
|
bash -c "./project/clams-server/up.sh -y"
|
||||||
fi
|
fi
|
||||||
|
@ -1,89 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -eu
|
|
||||||
cd "$(dirname "$0")"
|
|
||||||
|
|
||||||
. ./target.sh
|
|
||||||
|
|
||||||
# check if there are any uncommited changes. It's dangerous to
|
|
||||||
# alter production systems when you have commits to make or changes to stash.
|
|
||||||
if git update-index --refresh | grep -q "needs update"; then
|
|
||||||
echo "ERROR: You have uncommited changes! You MUST commit or stash all changes to continue."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "WARNING: this script backs up your existing remote and saves all data locally in the SSME."
|
|
||||||
echo " Then, all your VMs are destroyed on the remote resulting is destruction of user data."
|
|
||||||
echo " But then we re-create everything using the new codebase, then restore user data to the"
|
|
||||||
echo " newly provisioned VMs."
|
|
||||||
|
|
||||||
RESPONSE=
|
|
||||||
read -r -p "Are you sure you want to continue (y/n): ": RESPONSE
|
|
||||||
if [ "$RESPONSE" != "y" ]; then
|
|
||||||
echo "STOPPING."
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
. ./deployment_defaults.sh
|
|
||||||
|
|
||||||
. ./remote_env.sh
|
|
||||||
|
|
||||||
. ./project_env.sh
|
|
||||||
|
|
||||||
# Check to see if any of the VMs actually don't exist.
|
|
||||||
# (we only migrate instantiated vms)
|
|
||||||
for VM in www btcpayserver; do
|
|
||||||
LXD_NAME="$VM-${DOMAIN_NAME//./-}"
|
|
||||||
|
|
||||||
# if the VM doesn't exist, the we emit an error message and hard quit.
|
|
||||||
if ! lxc list --format csv | grep -q "$LXD_NAME"; then
|
|
||||||
echo "ERROR: there is no VM named '$LXD_NAME'. You probably need to run ss-up again."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
BTCPAY_RESTORE_ARCHIVE_PATH="$SITES_PATH/$PRIMARY_DOMAIN/backups/btcpayserver/$(date +%s).tar.gz"
|
|
||||||
echo "INFO: The BTCPAY_RESTORE_ARCHIVE_PATH for this migration will be: $BTCPAY_RESTORE_ARCHIVE_PATH"
|
|
||||||
|
|
||||||
|
|
||||||
# first, let's grab the GIT commit from the remote machine.
|
|
||||||
export DOMAIN_NAME="$PRIMARY_DOMAIN"
|
|
||||||
export SITE_PATH="$SITES_PATH/$PRIMARY_DOMAIN"
|
|
||||||
|
|
||||||
# source the site path so we know what features it has.
|
|
||||||
source "$SITE_PATH/site.conf"
|
|
||||||
source ./project/domain_env.sh
|
|
||||||
|
|
||||||
# now we want to switch the git HEAD of the project subdirectory to the
|
|
||||||
# version of code that was last used
|
|
||||||
GIT_COMMIT_ON_REMOTE_HOST="$(ssh ubuntu@$WWW_FQDN docker info | grep -o 'PROJECT_COMMIT=[a-zA-Z0-9]*' | cut -d'=' -f2)"
|
|
||||||
cd project/
|
|
||||||
echo "INFO: switch the 'project' repo to commit prior commit '$GIT_COMMIT_ON_REMOTE_HOST'"
|
|
||||||
echo " This allows Sovereign Stack to can grab a backup using the version of the code"
|
|
||||||
echo " that was used when the deployment was created."
|
|
||||||
git checkout "$GIT_COMMIT_ON_REMOTE_HOST"
|
|
||||||
cd -
|
|
||||||
|
|
||||||
# run deploy which backups up everything, but doesnt restart any services.
|
|
||||||
bash -c "./up.sh --stop --backup-archive-path=$BTCPAY_RESTORE_ARCHIVE_PATH --backup-www --backup-btcpayserver --skip-base-image"
|
|
||||||
|
|
||||||
# call the down script (be default it is non-destructuve of user data.)
|
|
||||||
./down.sh
|
|
||||||
|
|
||||||
|
|
||||||
# next we switch back to the current version of Sovereign Stack scripts for bringin up the new version.
|
|
||||||
cd project/
|
|
||||||
echo "INFO: switching the 'project' repo back to the most recent commit '$TARGET_PROJECT_GIT_COMMIT'"
|
|
||||||
echo " That way new deployments will be instantiated using the latest codebase."
|
|
||||||
git checkout "$TARGET_PROJECT_GIT_COMMIT"
|
|
||||||
cd -
|
|
||||||
|
|
||||||
|
|
||||||
# TODO we can do some additional logic here. FOr example if the user wants to provide a source/target project/remote,
|
|
||||||
# we can backup the source remote+project and restore it to the target remote+project. This will facilitate cross-device migrations
|
|
||||||
|
|
||||||
# However, if the source and target project/remote are the same, we don't really
|
|
||||||
# need to do any restorations (or backups for that matter, though we still grab one);
|
|
||||||
# we simply mount the existing data. That's the more common case where the user is simply upgrading the system in-place.
|
|
||||||
|
|
||||||
./up.sh
|
|
@ -1,13 +1,12 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
alias ss-help='cat /home/ubuntu/sovereign-stack/deployment/help.txt'
|
||||||
alias ss-up='/home/ubuntu/sovereign-stack/deployment/up.sh $@'
|
|
||||||
alias ss-remote='/home/ubuntu/sovereign-stack/deployment/remote.sh $@'
|
|
||||||
alias ss-show='/home/ubuntu/sovereign-stack/deployment/show.sh $@'
|
alias ss-show='/home/ubuntu/sovereign-stack/deployment/show.sh $@'
|
||||||
alias ss-reset='/home/ubuntu/sovereign-stack/deployment/reset.sh $@'
|
alias ss-remote='/home/ubuntu/sovereign-stack/deployment/remote.sh $@'
|
||||||
alias ss-update='/home/ubuntu/sovereign-stack/deployment/update.sh $@'
|
alias ss-up='/home/ubuntu/sovereign-stack/deployment/up.sh $@'
|
||||||
alias ss-down='/home/ubuntu/sovereign-stack/deployment/down.sh $@'
|
alias ss-down='/home/ubuntu/sovereign-stack/deployment/down.sh $@'
|
||||||
|
alias ss-reset='/home/ubuntu/sovereign-stack/deployment/reset.sh $@'
|
||||||
alias ss-stop='/home/ubuntu/sovereign-stack/deployment/stop.sh $@'
|
alias ss-stop='/home/ubuntu/sovereign-stack/deployment/stop.sh $@'
|
||||||
alias ss-start='/home/ubuntu/sovereign-stack/deployment/start.sh $@'
|
alias ss-start='/home/ubuntu/sovereign-stack/deployment/start.sh $@'
|
||||||
alias ss-help='cat /home/ubuntu/sovereign-stack/deployment/help.txt'
|
alias ss-restore='/home/ubuntu/sovereign-stack/deployment/restore.sh $@'
|
||||||
|
|
||||||
alias ll='ls -lah'
|
alias ll='ls -lah'
|
Loading…
Reference in New Issue
Block a user